add stuff
This commit is contained in:
parent
c12f4044da
commit
b50c5a394b
|
@ -1,13 +1,19 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
echo "Packages"
|
||||||
|
yum update -y
|
||||||
|
yum install -y vim git zsh curl wget sudo policycoreutils-python
|
||||||
|
|
||||||
|
# sanoid
|
||||||
|
yum install -y perl-Config-IniFiles perl-Data-Dumper perl-Capture-Tiny lzop mbuffer mhash pv
|
||||||
|
|
||||||
|
cat << EOT >> /etc/sudoers
|
||||||
|
#
|
||||||
|
# configured by the script
|
||||||
|
#
|
||||||
|
Defaults rootpw
|
||||||
|
EOT
|
||||||
|
|
||||||
# PACKAGES
|
|
||||||
echo "Setting up packages..."
|
|
||||||
cp /etc/apt/sources.list /etc/apt/sources.list.backup
|
|
||||||
cat /etc/apt/sources.list.backup | sed -E 's/deb(.*)/deb\1 contrib non-free/g' > /etc/apt/sources.list
|
|
||||||
|
|
||||||
apt-get update
|
|
||||||
apt-get upgrade
|
|
||||||
apt-get install -y vim git wget curl sudo
|
|
||||||
|
|
||||||
# SSH KEY
|
# SSH KEY
|
||||||
mkdir /home/quackerd/.ssh
|
mkdir /home/quackerd/.ssh
|
||||||
|
@ -19,8 +25,40 @@ chown quackerd:quackerd /home/quackerd/.ssh/authorized_keys
|
||||||
chmod 700 /home/quackerd/.ssh
|
chmod 700 /home/quackerd/.ssh
|
||||||
chmod 644 /home/quackerd/.ssh/authorized_keys
|
chmod 644 /home/quackerd/.ssh/authorized_keys
|
||||||
|
|
||||||
|
# DOCKER
|
||||||
|
echo "Setting up docker..."
|
||||||
|
yum-config-manager \
|
||||||
|
--add-repo \
|
||||||
|
https://download.docker.com/linux/centos/docker-ce.repo
|
||||||
|
yum update
|
||||||
|
yum install -y docker
|
||||||
|
systemctl enable docker
|
||||||
|
systemctl start docker
|
||||||
|
|
||||||
|
curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
|
||||||
|
chmod +x /usr/local/bin/docker-compose
|
||||||
|
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
|
||||||
|
|
||||||
|
# KVM
|
||||||
|
yum -y groupinstall 'Virtualization Host'
|
||||||
|
yum install -y virt-manager xauth
|
||||||
|
systemctl start libvirtd
|
||||||
|
systemctl enable libvirtd
|
||||||
|
|
||||||
|
# zfs
|
||||||
|
yum install -y http://download.zfsonlinux.org/epel/zfs-release.el7_6.noarch.rpm
|
||||||
|
yum update
|
||||||
|
|
||||||
|
# cockpit
|
||||||
|
yum -y install cockpit
|
||||||
|
systemctl enable cockpit
|
||||||
|
systemctl start cockpit
|
||||||
|
# disable root for cockpit
|
||||||
|
sed -i '1s/^/auth requisite pam_succeed_if.so uid >= 1000\n/' /etc/pam.d/cockpit
|
||||||
|
|
||||||
# SSHD
|
# SSHD
|
||||||
echo "Setting up sshd..."
|
echo "Setting up sshd..."
|
||||||
|
semanage port -a -t ssh_port_t -p tcp 77
|
||||||
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
|
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
|
||||||
cat /etc/ssh/sshd_config.backup | \
|
cat /etc/ssh/sshd_config.backup | \
|
||||||
sed -E 's/#+PermitRootLogin.*/PermitRootLogin no/g' | \
|
sed -E 's/#+PermitRootLogin.*/PermitRootLogin no/g' | \
|
||||||
|
@ -39,32 +77,16 @@ Match address 129.97.75.0/24
|
||||||
PasswordAuthentication yes
|
PasswordAuthentication yes
|
||||||
|
|
||||||
EOT
|
EOT
|
||||||
|
systemctl restart sshd
|
||||||
|
|
||||||
# DOCKER
|
# firewall
|
||||||
echo "Setting up docker..."
|
echo "Setting up firewall..."
|
||||||
apt-get install -y \
|
cp /usr/lib/firewalld/services/ssh.xml /etc/firewalld/services/ssh.xml
|
||||||
apt-transport-https \
|
cat /usr/lib/firewalld/services/ssh.xml | sed -E 's/port=\".*\"(.*)/port=\"77\"\1/g' > /etc/firewalld/services/ssh.xml
|
||||||
ca-certificates \
|
firewall-cmd --reload
|
||||||
curl \
|
firewall-cmd --permanent --add-service=ssh --add-service=http --add-service=https
|
||||||
gnupg2 \
|
firewall-cmd --permanent --remove-service=dhcpv6-client
|
||||||
software-properties-common
|
firewall-cmd --reload
|
||||||
|
|
||||||
add-apt-repository \
|
|
||||||
"deb [arch=amd64] https://download.docker.com/linux/debian \
|
|
||||||
$(lsb_release -cs) \
|
|
||||||
stable"
|
|
||||||
|
|
||||||
apt-get update
|
|
||||||
apt-get install docker-ce docker-compose
|
|
||||||
systemctl enable docker
|
|
||||||
systemctl start docker
|
|
||||||
|
|
||||||
# KVM
|
|
||||||
apt -y install qemu-kvm libvirt-daemon bridge-utils virtinst libvirt-daemon-system virt-manager
|
|
||||||
|
|
||||||
# zfs
|
|
||||||
apt -y install zfs-dkms
|
|
||||||
|
|
||||||
# cockpit
|
|
||||||
apt -y install cockpit
|
|
||||||
|
|
||||||
|
echo "=========================================================================="
|
||||||
|
echo "ZFS KABI-tracking requires manual configuration"
|
Loading…
Reference in New Issue