deployment-dcdn/install.sh

89 lines
2.2 KiB
Bash
Raw Normal View History

2024-02-23 14:28:42 +01:00
#!/bin/bash
2024-02-23 15:38:12 +01:00
RED='\033[1;31m'
BOLD='\033[1m'
RESET='\033[0m'
echo -e "${RED}${BOLD}Deployment Debian + Caddy + Directus + Nuxt${RESET}"
2024-02-23 14:28:42 +01:00
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit
fi
#
# USER
#
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Create a user ? (y/n) ${RESET}"
read answer
2024-02-23 15:14:36 +01:00
if [[ "$answer" == "y" ]]; then
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Create user${RESET}"
2024-02-23 14:28:42 +01:00
2024-02-23 15:14:36 +01:00
read -p "Enter username: " username
2024-02-23 14:28:42 +01:00
2024-02-23 15:14:36 +01:00
if id "$username" &>/dev/null; then
echo "User '$username' already exists."
exit 1
fi
2024-02-23 14:28:42 +01:00
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Generate and store the password somewhere safe${RESET}"
2024-02-23 15:14:36 +01:00
read -s -p "Enter password: " password
echo
useradd -m "$username"
chsh -s /bin/bash $username
echo "$username:$password" | chpasswd
2024-02-23 14:28:42 +01:00
2024-02-23 15:14:36 +01:00
usermod -aG sudo $username
2024-02-23 14:28:42 +01:00
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}User '$username' created with password successfully.${RESET}"
2024-02-23 15:14:36 +01:00
fi
2024-02-23 14:28:42 +01:00
#
# SSH
#
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Setup SSH ? (y/n) ${RESET}"
read answer
2024-02-23 15:14:36 +01:00
if [[ "$answer" == "y" ]]; then
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Setup SSH${RESET}"
2024-02-23 15:14:36 +01:00
touch /etc/ssh/sshd_config.d/custom.conf
echo "PermitRootLogin no" >> /etc/ssh/sshd_config.d/custom.conf
echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config.d/custom.conf
systemctl reload ssh
fi
#
# FIREWALL AND FAIL2BAN
#
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Setup Firewall and Fail2ban ? (y/n) ${RESET}"
read answer
2024-02-23 15:14:36 +01:00
if [[ "$answer" == "y" ]]; then
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Setup Firewall and Fail2ban${RESET}"
2024-02-23 15:14:36 +01:00
apt install -y ufw fail2ban
systemctl enable fail2ban
ufw allow ssh
ufw allow http
ufw allow https
fi
#
# TODO : ZABBIX AND URBACKUP
#
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}TODO : Zabbix and Urbackup${RESET}"
#
# CADDY
#
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Install Caddy webserver ? (y/n) ${RESET}"
read answer
2024-02-23 15:14:36 +01:00
if [[ "$answer" == "y" ]]; then
2024-02-23 15:38:12 +01:00
echo -e "${RED}${BOLD}Install Caddy Webserver${RESET}"
2024-02-23 15:14:36 +01:00
apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-stable.list
apt update
apt install -y caddy
2024-02-23 15:38:12 +01:00
fi