dotfiles/install/common.sh

#!/bin/bash

set -e

if [ "$(id -u)" = "0" ]; then
   echo "You probably don't want to run this as root!"
   echo "Do this first:"
   echo "adduser caspervk"
   echo "adduser caspervk sudo"
   exit 1
fi


# Packages
sudo apt update
sudo apt upgrade -y
sudo apt install -y \
  openssh-server \
  git \
  curl \
  wget \
  dnsutils \
  rsync \
  htop \
  tmux \
  ufw \
  vnstat \
  ntp \
  pwgen


# SSH
sudo sed -i 's/#Port 22/Port 222/' /etc/ssh/sshd_config
sudo systemctl restart sshd

ssh-keygen -t ed25519
ln -sr authorized_keys ~/.ssh/authorized_keys
ln -sr ssh_config ~/.ssh/config


# Git
ln -sr .gitconfig ~/.gitconfig
read -p "Git email: " email  # avoid web scraping of email address
sed -i "s/<EMAIL>/$email/" .gitconfig


# Firewall
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 222/tcp comment "sshd"
sudo ufw enable
sudo ufw status