53 lines
852 B
Bash
Executable file
53 lines
852 B
Bash
Executable file
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
if [ "$(id -u)" = "0" ]; then
|
|
echo "You probably don't want to run this as root!"
|
|
echo "Do this first:"
|
|
echo "adduser caspervk"
|
|
echo "adduser caspervk sudo"
|
|
exit 1
|
|
fi
|
|
|
|
|
|
# Packages
|
|
sudo apt update
|
|
sudo apt upgrade -y
|
|
sudo apt install -y \
|
|
openssh-server \
|
|
git \
|
|
curl \
|
|
wget \
|
|
dnsutils \
|
|
rsync \
|
|
htop \
|
|
tmux \
|
|
ufw \
|
|
vnstat \
|
|
ntp \
|
|
pwgen
|
|
|
|
|
|
# SSH
|
|
sed -i 's/#Port 22/Port 222/'
|
|
sudo systemctl restart sshd
|
|
|
|
ssh-keygen -t ed25519
|
|
ln -sr authorized_keys ~/.ssh/authorized_keys
|
|
ln -sr ssh_config ~/.ssh/config
|
|
|
|
|
|
# Git
|
|
ln -sr .gitconfig ~/.gitconfig
|
|
read -p "Git email: " email # avoid web scraping of email address
|
|
sed -i "s/<EMAIL>/$email/" .gitconfig
|
|
|
|
|
|
# Firewall
|
|
sudo ufw default deny incoming
|
|
sudo ufw default allow outgoing
|
|
sudo ufw allow 222/tcp comment "sshd"
|
|
sudo ufw enable
|
|
sudo ufw status
|