fatalerrors/init.sh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

bump to version 0.99.18

Browse Source
This commit is contained in:
fatalerrors
2022-06-24 17:52:17 +02:00
parent e8c6f46572
commit da37fd3bae
52 changed files with 1268 additions and 435 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
modules/authnz.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Add local or remote users
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -13,14 +13,14 @@
# * KDC_SERVER: Kerberos domain controler KADM_SERVER
# * KADM_SERVER: Administrative Kerberos KADM_SERVER
# * BASE_DC: Domain in LDAP format
# * LDAP_SERVER: LDAP server
# * LDAP_SERVER: LDAP server name or address
# * REMOTE_USERS: List of remote users to add
# * LOCAL_USERS: List of local users to create
# * REMOVE_USERS: List of username to remove
# * DEFAULT_SHELL: The shell to use when creating new users
# ------------------------------------------------------------------------------
export VER_authnz=0.2.1
export VER_authnz=0.2.2
export DEP_authnz="upgrade_dist"
# Users (from Ldap)
@@ -35,7 +35,7 @@ add_remote_user()
echo "+$1::::::" >> /etc/passwd
prnt I "User $1 added to passwd..."
fi
if [[ $(grep "^+$1:" /etc/passwd) ]]; then
if [[ $(grep "^+$1:" /etc/shadow) ]]; then
prnt W "The remote user $1 is already connectable, nothing to do in shadow."
else
echo "+$1::::::::" >> /etc/shadow
@@ -47,8 +47,11 @@ add_remote_user()
remove_user()
{
if [[ $(grep "^$1:" /etc/{passwd,shadow,group,gshadow}) ]]; then
# Using sed is more universal than any distro commands
# Using sed is more universal than any distro commands - local case
sed -i -e "/^$1:/d" /etc/{passwd,shadow,group,gshadow}
elif [[ $(grep "^+$1:" /etc/{passwd,shadow,group,gshadow}) ]]; then
# remote case
sed -i -e "/^+$1:/d" /etc/{passwd,shadow,group,gshadow}
else
prnt W "User $1 don't exists in auth files, nothing to do."
fi
@@ -73,8 +76,8 @@ create_local_user()
# Authentication
authnz()
{
backup_dist /etc/passwd /etc/shadow /etc/group
tag_file /etc/passwd /etc/shadow /etc/group
backup_dist /etc/{passwd,shadow,group,gshadow}
tag_file /etc/{passwd,shadow,group,gshadow}
for usr in $REMOVE_USERS; do
prnt I "Removing user $usr..."
remove_user $usr
@@ -111,14 +114,13 @@ authnz()
done
fi
if [[ -z $LOCAL_USERS ]]; then
return 0
if [[ -n $LOCAL_USERS ]]; then
for usr in $LOCAL_USERS; do
prnt I "Creating user $usr..."
create_local_user $usr
done
fi
for usr in $LOCAL_USERS; do
prnt I "Creating user $usr..."
create_local_user $usr
done
NEED_REBOOT=true
}

13
modules/conf_locale.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Configure locale
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -11,7 +11,7 @@
# * LOCALESET: List of locale that will be supported by system
# * SYSLOCALE: Default system wide locale
#
# Both case will be formated in that way (with exemple for French:
# Both case will be formated in that way (with exemple for French):
# fr_FR.UTF-8
# ^ ^ ^
# | | |
@@ -20,7 +20,7 @@
# Character table (ISO or UTF)
# ------------------------------------------------------------------------------
export VER_conf_locale="0.1.5"
export VER_conf_locale="0.1.6"
conf_locale()
{
@@ -50,15 +50,16 @@ conf_locale()
locale-gen
prnt I "Defining system language..."
[[ -z $SYSLOCALE ]] &&
if [[ -z $SYSLOCALE ]]; then
export SYSLOCALE=C
fi
local sys_fname=/etc/default/locale
backup_dist $sys_fname
tag_file $sys_fname
echo "LANG=$SYSLOCALE" >> $sys_fname
# We define all LC_* but LC_ALL as recommended by GNU
# We define all LC_* but not LC_ALL as recommended by GNU
for cfg in ADDRESS IDENTIFICATION MEASUREMENT MONETARY NAME NUMERIC PAPER \
TELEPHONE TIME; do
echo "LC_$cfg=$SYSLOCALE" >> $sys_fname
@@ -68,7 +69,7 @@ conf_locale()
precheck_conf_locale()
{
if [[ -z $LOCALESET ]]; then
prnt W "No locales definition!"
prnt W "No locales definition! No locale other than C will be avialable!"
else
prnt m "Available locales will be: $LOCALESET"
fi

12
modules/conf_mail.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Mail system
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -13,24 +13,24 @@
# * MAIL_RELAY: Name of the mail relay server
# ------------------------------------------------------------------------------
export VER_conf_mail="0.0.6"
export VER_conf_mail="0.0.7"
export DEP_conf_mail="upgrade_dist"
conf_mail()
{
prnt I "Installation de postfix..."
prnt I "Installing postfix..."
pkginst postfix
local pfmain="/etc/postfix/main.cf"
prnt I "Configuration de postfix..."
prnt I "Configuring postfix..."
install_file postfix/main.cf $pfmain
tag_file $pfmain
sed -i -e "s/@HOSTNAME@/$HOSTNAME/" -e "s/@REALM@/$REALM/" \
-e "s/@MAIL_RELAY@/$MAIL_RELAY/" $pfmain
tag_file /etc/mailname
echo $HOSTNAME.$REALM > /etc/mailname
tag_file /etc/mailname
svc_restart postfix
}
@@ -38,7 +38,7 @@ conf_mail()
precheck_conf_mail()
{
if [[ -z $REALM ]]; then
prnt E "Aucun domaine principal renseigné."
prnt E "No main domain configured, can't continue."
die 158
fi
file_must_exists postfix/main.cf

20
modules/conf_network.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Configure network
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -111,8 +111,17 @@ precheck_conf_network()
prnt W "No IPv4 interfaces to configure."
else
for iface in $IPV4_IFACES; do
if [[ ! -d /sys/class/net/$iface ]]; then
prnt E "The iface $iface, asked to configure, do not exist!"
die 175
else
if [[ $(grep "up" /sys/class/net/$iface/operstate) ]]; then
prnt W "The IPv4 iface $iface, is already configured, a reboot will be required."
fi
fi
if [[ -z $(eval echo \$NET4_MODE_$iface) ]]; then
prnt E "Interfaces $iface have no mode set!"
die 175
else
case $(eval echo \$NET4_MODE_$iface) in
"static")
@@ -140,8 +149,17 @@ precheck_conf_network()
prnt W "No IPv6 interfaces to configure."
else
for iface in $IPV6_IFACES; do
if [[ ! -d /sys/class/net/$iface ]]; then
prnt E "The iface $iface, asked to configure, do not exist!"
die 175
else
if [[ $(grep "up" /sys/class/net/$iface/operstate) ]]; then
prnt W "The IPv6 iface $iface, is already configured, a reboot will be required."
fi
fi
if [[ -z $(eval echo \$NET6_MODE_$iface) ]]; then
prnt E "Interfaces $iface have no mode set!"
die 175
else
case $(eval echo \$NET6_MODE_$iface) in
"static")

8
modules/conf_ntp.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Configure NTP
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -11,13 +11,13 @@
# * NTPSERVERS: list of NTP servers
# ------------------------------------------------------------------------------
export VER_conf_ntp="0.1.5"
export VER_conf_ntp="0.1.6"
export DEP_conf_ntp=""
conf_ntp()
{
if [[ $(pidof systemd) ]]; then
prnt I "Désactivation de Systemd-timesyncd..."
prnt I "Disabling Systemd-timesyncd..."
systemctl disable systemd-timesyncd || true
fi
@@ -26,7 +26,7 @@ conf_ntp()
prnt I "Stopping service ntp..."
svc_stop ntp
prnt I "Installation du fichier de configuration de NTP."
prnt I "Installing NTP configuration file..."
local dest="/etc/ntp.conf.work"
backup_dist /etc/ntp.conf
tag_file $dest

10
modules/conf_ssh.sh
View File

@@ -11,18 +11,18 @@
# none
# ------------------------------------------------------------------------------
export VER_conf_ssh="0.1.3"
export VER_conf_ssh="0.1.4"
export DEP_conf_ssh="upgrade_dist"
conf_ssh()
{
prnt I "Installation du serveur OpenSSH..."
prnt I "Installing OpenSSH server..."
pkginst openssh-server
prnt I "Arrêt du service SSH..."
prnt I "Stopping SSH server service..."
svc_stop ssh
prnt I "Installation des fichiers de configuration de SSH..."
prnt I "Installating OpenSSH configuration files..."
for f in /etc/ssh/ssh{,d}_config; do
backup_dist $f
install_file ssh/$(basename $f) $f
@@ -30,7 +30,7 @@ conf_ssh()
done
sed -i -e "s#@SSHD_PERMITROOT_RANGE@#$SSHD_PERMITROOT_RANGE#" /etc/ssh/sshd_config
prnt I "Démarrage du sevice ssh..."
prnt I "Starting SSH server service..."
svc_start ssh
}

8
modules/conf_syslog.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Configure Rsyslog
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -11,12 +11,12 @@
# * SYSLOG_SRV: the syslog server name
# ------------------------------------------------------------------------------
export VER_conf_syslog="0.0.4"
export VER_conf_syslog="0.0.5"
conf_syslog()
{
local syslogconf=/etc/rsyslog.conf
prnt I "Configuration de rsyslog..."
prnt I "Configuring rsyslog..."
backup_dist $syslogconf
install_file rsyslog.conf $syslogconf
tag_file $syslogconf
@@ -27,7 +27,7 @@ conf_syslog()
precheck_conf_syslog()
{
if [[ -z $SYSLOG_SRV ]]; then
prnt E "Undeclared syslog server name !"
prnt E "Undeclared syslog server name!"
die 181
else
file_must_exists rsyslog.conf

18
modules/create_vm.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Create VBox VM
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -11,13 +11,13 @@
# To be defined
# ------------------------------------------------------------------------------
export VER_create_vm="0.0.1"
export VER_create_vm="0.0.2"
export DEP_create_vm="upgrade_dist install_pkg"
create_vm()
{
if [[ $WITH_VM != "yes" ]]; then
prnt I "Cette machine n'est pas configurée pour la virtualisation, rien à faire."
prnt W "That computer is not configured for virtualisation, nothing to do."
return 0
fi
@@ -94,16 +94,16 @@ precheck_create_vm()
{
if [[ $WITH_VM == "yes" ]]; then
if [[ -z $VM_NAME ]]; then
prnt E "La machine virtuelle à créer doit avoir un nom."
prnt E "The virtual machine must have a name."
die 181
fi
if [[ -z VM_CPU || -z VM_MEM || -z VM_OS || -z VM_ROOT || \
-z VM_BOOT1 || -z VM_BOOT2 || -z VM_BOOT3 || -z VM_VID_MEM ||
-z VM_IF_BRIDGE || -z VM_DISK_SIZE ]]; then
prnt E "Une variable de description de la machine virtuelle n'est pas déclarée !"
prnt E "A necessary declaration for the virtual machine is absent!"
die 181
else
prnt I "La machine virtuelle \"$VM_NAME\" sera crée dans $VM_ROOT..."
prnt I "The virtual machine \"$VM_NAME\" will be created in $VM_ROOT..."
fi
local share= i=0 j=0
@@ -115,13 +115,13 @@ precheck_create_vm()
done
unset share
if [[ $i -eq $j ]]; then
prnt I "La machine virtuelle aura accès à $i répertoires de l'hôte."
prnt I "The virtual machine will access $i directories from the host."
else
prnt E "Le nombre de partage et de chemin à partager diffère !"
prnt E "The number of share and path to share is different!"
die 182
fi
else
prnt I "Aucune machine virtuelle à installer."
prnt I "No virtual machine to create."
fi
}

4
modules/hardenning_vm.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Hardenning for VM/Cloud kind of machine
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -11,7 +11,7 @@
# * WITH_ROUTING: if yes, kernel routing capabilities will not be disabled
# ------------------------------------------------------------------------------
export VER_vm_hardenning="0.0.1"
export VER_hardenning_vm="0.0.1"
vm_hardenning()
{

2
modules/install_chromium.sh
View File

@@ -3,7 +3,7 @@
# we need a special procedure to install Debian Buster version.
# Consequently that module is *Ubuntu centric.
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:

2
modules/install_desktop.sh
View File

@@ -2,7 +2,7 @@
# Install desktop environment -- Ubuntu only
# Debian version might ask for task-$FLAVOR
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:

2
modules/install_mkagent.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Install check_mk agent using xinetd superserver
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:

2
modules/install_pkg.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Install or remove packages
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:

7
modules/install_profile.sh
View File

@@ -8,11 +8,12 @@
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
export VER_install_profile="0.0.6"
export VER_install_profile="0.0.7"
export DEP_install_profile="install_pkg"
install_profile()
{
prnt I "Installing ansi_shadow font for figlet..."
install_file profile/ansi_shadow.flf /usr/share/figlet/ansi_shadow.flf
local usrlist="/root"
@@ -21,6 +22,7 @@ install_profile()
fi
for usr in $usrlist; do
prnt I "Installing profile for user $usr..."
backup_dist $usr/{.,}profile $usr/.bashrc
install_file profile/{{.,}profile,.bashrc} $usr/
tag_file $usr/{{.,}profile,.bashrc}
@@ -29,6 +31,7 @@ install_profile()
done
unset usrlist
prnt I "Installing motd..."
backup_dist /etc/motd
install_file profile/motd /etc/motd
tag_file /etc/motd
@@ -36,7 +39,7 @@ install_profile()
precheck_install_profile()
{
file_must_exists profile/{{.,}profile,.bashrc,.tmux/.tmux.conf{,.local}}
file_must_exists profile/{motd,{.,}profile,.bashrc,.tmux/.tmux.conf{,.local}}
}
export -f install_profile

5
modules/patch_snmp.sh
View File

@@ -1,19 +1,20 @@
# ------------------------------------------------------------------------------
# SNMP monitoring conf
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
export VER_patch_snmp="0.1.1"
export VER_patch_snmp="0.1.2"
export DEP_patch_snmp="install_pkg"
patch_snmp()
{
pkginst snmpd
prnt I "Configuring SNMP daemon..."
backup_dist /etc/snmp/snmpd.conf /etc/default/snmpd \
/lib/systemd/system/snmpd.service /etc/init.d/snmpd
install_file snmpd/snmpd.conf /etc/snmp/snmpd.conf

10
modules/select_system_proxy.sh
View File

@@ -1,24 +1,24 @@
# ------------------------------------------------------------------------------
# Set system wide proxy if on the good network
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
export VER_select_system_proxy="0.0.3"
export VER_select_system_proxy="0.0.5"
export DEP_select_system_proxy="upgrade_dist"
select_system_proxy()
{
if [[ -e /etc/apt/apt.conf.d/00proxy ]]; then
prnt I "Configuration proxy trouvé, on ajoute le switch."
if [[ -e /etc/apt/apt.conf.d/00proxy || -n $http_proxy ]]; then
prnt I "Proxy configuration found, adding the switcher for laptops."
backupdist /etc/rc.local
appendfile proxy.rc.local /etc/rc.local
else
prnt I "Pas de configurtion proxy, rien à faire."
prnt I "No proxy configuration set, nothing to do."
fi
NEED_REBOOT=true
}