add stuff
This commit is contained in:
Oscar Tsalapatis
parent
c12f4044da
commit
b50c5a394b
|
|
@ -1,13 +1,19 @@
|
|||
#!/bin/sh
|
||||
echo "Packages"
|
||||
yum update -y
|
||||
yum install -y vim git zsh curl wget sudo policycoreutils-python
|
||||
|
||||
# sanoid
|
||||
yum install -y perl-Config-IniFiles perl-Data-Dumper perl-Capture-Tiny lzop mbuffer mhash pv
|
||||
|
||||
cat << EOT >> /etc/sudoers
|
||||
#
|
||||
# configured by the script
|
||||
#
|
||||
Defaults rootpw
|
||||
EOT
|
||||
|
||||
# PACKAGES
|
||||
echo "Setting up packages..."
|
||||
cp /etc/apt/sources.list /etc/apt/sources.list.backup
|
||||
cat /etc/apt/sources.list.backup | sed -E 's/deb(.*)/deb\1 contrib non-free/g' > /etc/apt/sources.list
|
||||
|
||||
apt-get update
|
||||
apt-get upgrade
|
||||
apt-get install -y vim git wget curl sudo
|
||||
|
||||
# SSH KEY
|
||||
mkdir /home/quackerd/.ssh
|
||||
|
|
@ -19,8 +25,40 @@ chown quackerd:quackerd /home/quackerd/.ssh/authorized_keys
|
|||
chmod 700 /home/quackerd/.ssh
|
||||
chmod 644 /home/quackerd/.ssh/authorized_keys
|
||||
|
||||
# DOCKER
|
||||
echo "Setting up docker..."
|
||||
yum-config-manager \
|
||||
--add-repo \
|
||||
https://download.docker.com/linux/centos/docker-ce.repo
|
||||
yum update
|
||||
yum install -y docker
|
||||
systemctl enable docker
|
||||
systemctl start docker
|
||||
|
||||
curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
|
||||
chmod +x /usr/local/bin/docker-compose
|
||||
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
|
||||
|
||||
# KVM
|
||||
yum -y groupinstall 'Virtualization Host'
|
||||
yum install -y virt-manager xauth
|
||||
systemctl start libvirtd
|
||||
systemctl enable libvirtd
|
||||
|
||||
# zfs
|
||||
yum install -y http://download.zfsonlinux.org/epel/zfs-release.el7_6.noarch.rpm
|
||||
yum update
|
||||
|
||||
# cockpit
|
||||
yum -y install cockpit
|
||||
systemctl enable cockpit
|
||||
systemctl start cockpit
|
||||
# disable root for cockpit
|
||||
sed -i '1s/^/auth requisite pam_succeed_if.so uid >= 1000\n/' /etc/pam.d/cockpit
|
||||
|
||||
# SSHD
|
||||
echo "Setting up sshd..."
|
||||
semanage port -a -t ssh_port_t -p tcp 77
|
||||
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
|
||||
cat /etc/ssh/sshd_config.backup | \
|
||||
sed -E 's/#+PermitRootLogin.*/PermitRootLogin no/g' | \
|
||||
|
|
@ -39,32 +77,16 @@ Match address 129.97.75.0/24
|
|||
PasswordAuthentication yes
|
||||
|
||||
EOT
|
||||
systemctl restart sshd
|
||||
|
||||
# DOCKER
|
||||
echo "Setting up docker..."
|
||||
apt-get install -y \
|
||||
apt-transport-https \
|
||||
ca-certificates \
|
||||
curl \
|
||||
gnupg2 \
|
||||
software-properties-common
|
||||
|
||||
add-apt-repository \
|
||||
"deb [arch=amd64] https://download.docker.com/linux/debian \
|
||||
$(lsb_release -cs) \
|
||||
stable"
|
||||
|
||||
apt-get update
|
||||
apt-get install docker-ce docker-compose
|
||||
systemctl enable docker
|
||||
systemctl start docker
|
||||
|
||||
# KVM
|
||||
apt -y install qemu-kvm libvirt-daemon bridge-utils virtinst libvirt-daemon-system virt-manager
|
||||
|
||||
# zfs
|
||||
apt -y install zfs-dkms
|
||||
|
||||
# cockpit
|
||||
apt -y install cockpit
|
||||
# firewall
|
||||
echo "Setting up firewall..."
|
||||
cp /usr/lib/firewalld/services/ssh.xml /etc/firewalld/services/ssh.xml
|
||||
cat /usr/lib/firewalld/services/ssh.xml | sed -E 's/port=\".*\"(.*)/port=\"77\"\1/g' > /etc/firewalld/services/ssh.xml
|
||||
firewall-cmd --reload
|
||||
firewall-cmd --permanent --add-service=ssh --add-service=http --add-service=https
|
||||
firewall-cmd --permanent --remove-service=dhcpv6-client
|
||||
firewall-cmd --reload
|
||||
|
||||
echo "=========================================================================="
|
||||
echo "ZFS KABI-tracking requires manual configuration"
|
||||
Loading…
Reference in New Issue