#!/bin/bash
set -e
if [ "$(id -u)" = "0" ]; then
echo "You probably don't want to run this as root!"
echo "Do this first:"
echo "adduser caspervk"
echo "adduser caspervk sudo"
exit 1
fi
# Packages
sudo apt update
sudo apt upgrade -y
sudo apt install -y \
openssh-server \
git \
curl \
wget \
dnsutils \
rsync \
htop \
tmux \
ufw \
vnstat \
ntp \
pwgen
# SSH
sudo sed -i 's/#Port 22/Port 222/' /etc/ssh/sshd_config
sudo systemctl restart sshd
ssh-keygen -t ed25519
ln -sr authorized_keys ~/.ssh/authorized_keys
ln -sr ssh_config ~/.ssh/config
# Git
ln -sr .gitconfig ~/.gitconfig
read -p "Git email: " email # avoid web scraping of email address
sed -i "s/<EMAIL>/$email/" .gitconfig
# Firewall
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 222/tcp comment "sshd"
sudo ufw enable
sudo ufw status