Compare commits
2 Commits
c1011e855e
...
1f2a762094
Author | SHA1 | Date |
---|---|---|
Oscar Tsalapatis | 1f2a762094 | |
Oscar Tsalapatis | f19ae5e43d |
|
@ -1,10 +1,10 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
echo "Packages"
|
# packages
|
||||||
yum update -y
|
yum update -y
|
||||||
yum install -y vim git zsh curl wget sudo policycoreutils-python
|
yum install -y vim git zsh curl wget sudo policycoreutils-python python3 epel-release
|
||||||
|
|
||||||
# sanoid
|
# sanoid and epel stuff
|
||||||
yum install -y perl-Config-IniFiles perl-Data-Dumper perl-Capture-Tiny lzop mbuffer mhash pv
|
yum install -y perl-Config-IniFiles perl-Data-Dumper perl-Capture-Tiny lzop mbuffer mhash pv python36-jinja2
|
||||||
|
|
||||||
cat << EOT >> /etc/sudoers
|
cat << EOT >> /etc/sudoers
|
||||||
#
|
#
|
||||||
|
@ -13,8 +13,6 @@ cat << EOT >> /etc/sudoers
|
||||||
Defaults rootpw
|
Defaults rootpw
|
||||||
EOT
|
EOT
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# SSH KEY
|
# SSH KEY
|
||||||
mkdir /home/quackerd/.ssh
|
mkdir /home/quackerd/.ssh
|
||||||
cat << EOT >> /home/quackerd/.ssh/authorized_keys
|
cat << EOT >> /home/quackerd/.ssh/authorized_keys
|
||||||
|
@ -46,7 +44,7 @@ systemctl start libvirtd
|
||||||
systemctl enable libvirtd
|
systemctl enable libvirtd
|
||||||
|
|
||||||
# zfs
|
# zfs
|
||||||
yum install -y http://download.zfsonlinux.org/epel/zfs-release.el7_6.noarch.rpm
|
yum install -y http://download.zfsonlinux.org/epel/zfs-release.el7_7.noarch.rpm
|
||||||
yum update
|
yum update
|
||||||
|
|
||||||
# cockpit
|
# cockpit
|
||||||
|
@ -61,11 +59,11 @@ echo "Setting up sshd..."
|
||||||
semanage port -a -t ssh_port_t -p tcp 77
|
semanage port -a -t ssh_port_t -p tcp 77
|
||||||
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
|
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
|
||||||
cat /etc/ssh/sshd_config.backup | \
|
cat /etc/ssh/sshd_config.backup | \
|
||||||
sed -E 's/#+PermitRootLogin.*/PermitRootLogin no/g' | \
|
sed -E 's/#* *PermitRootLogin.*/PermitRootLogin no/g' | \
|
||||||
sed -E 's/#+PasswordAuthentication.*/PasswordAuthentication no/g' | \
|
sed -E 's/#* *PasswordAuthentication.*/PasswordAuthentication no/g' | \
|
||||||
sed -E 's/#+ChallengeResponseAuthentication.*/ChallengeResponseAuthentication no/g' | \
|
sed -E 's/#* *ChallengeResponseAuthentication.*/ChallengeResponseAuthentication no/g' | \
|
||||||
sed -E 's/#+X11Forwarding.*/X11Forwarding yes/g' | \
|
sed -E 's/#* *X11Forwarding.*/X11Forwarding yes/g' | \
|
||||||
sed -E 's/#+Port .*/Port 77/g' > /etc/ssh/sshd_config
|
sed -E 's/#* *Port.*/Port 77/g' > /etc/ssh/sshd_config
|
||||||
|
|
||||||
cat << EOT >> /etc/ssh/sshd_config
|
cat << EOT >> /etc/ssh/sshd_config
|
||||||
|
|
||||||
|
@ -87,6 +85,3 @@ firewall-cmd --reload
|
||||||
firewall-cmd --permanent --add-service=ssh --add-service=http --add-service=https
|
firewall-cmd --permanent --add-service=ssh --add-service=http --add-service=https
|
||||||
firewall-cmd --permanent --remove-service=dhcpv6-client
|
firewall-cmd --permanent --remove-service=dhcpv6-client
|
||||||
firewall-cmd --reload
|
firewall-cmd --reload
|
||||||
|
|
||||||
echo "=========================================================================="
|
|
||||||
echo "ZFS KABI-tracking requires manual configuration"
|
|
||||||
|
|
Loading…
Reference in New Issue