2024-02-23 14:28:42 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
2024-02-23 15:38:12 +01:00
|
|
|
RED='\033[1;31m'
|
|
|
|
|
BOLD='\033[1m'
|
|
|
|
|
RESET='\033[0m'
|
|
|
|
|
|
|
|
|
|
echo -e "${RED}${BOLD}Deployment Debian + Caddy + Directus + Nuxt${RESET}"
|
2024-02-23 14:28:42 +01:00
|
|
|
|
|
|
|
|
if [ "$EUID" -ne 0 ]; then
|
|
|
|
|
echo "Please run as root"
|
|
|
|
|
exit
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# USER
|
|
|
|
|
#
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Create a user ? (y/n) ${RESET}"
|
|
|
|
|
read answer
|
2024-02-23 15:14:36 +01:00
|
|
|
if [[ "$answer" == "y" ]]; then
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Create user${RESET}"
|
2024-02-23 14:28:42 +01:00
|
|
|
|
2024-02-23 15:14:36 +01:00
|
|
|
read -p "Enter username: " username
|
2024-02-23 14:28:42 +01:00
|
|
|
|
2024-02-23 15:14:36 +01:00
|
|
|
if id "$username" &>/dev/null; then
|
|
|
|
|
echo "User '$username' already exists."
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
2024-02-23 14:28:42 +01:00
|
|
|
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Generate and store the password somewhere safe${RESET}"
|
2024-02-23 15:14:36 +01:00
|
|
|
read -s -p "Enter password: " password
|
|
|
|
|
echo
|
|
|
|
|
useradd -m "$username"
|
|
|
|
|
chsh -s /bin/bash $username
|
|
|
|
|
echo "$username:$password" | chpasswd
|
2024-02-23 14:28:42 +01:00
|
|
|
|
2024-02-23 15:14:36 +01:00
|
|
|
usermod -aG sudo $username
|
2024-02-23 14:28:42 +01:00
|
|
|
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}User '$username' created with password successfully.${RESET}"
|
2024-02-23 15:14:36 +01:00
|
|
|
fi
|
2024-02-23 14:28:42 +01:00
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# SSH
|
|
|
|
|
#
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Setup SSH ? (y/n) ${RESET}"
|
|
|
|
|
read answer
|
2024-02-23 15:14:36 +01:00
|
|
|
if [[ "$answer" == "y" ]]; then
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Setup SSH${RESET}"
|
2024-02-23 15:14:36 +01:00
|
|
|
|
|
|
|
|
touch /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
|
echo "PermitRootLogin no" >> /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
|
echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
|
systemctl reload ssh
|
|
|
|
|
fi
|
2024-02-23 15:01:45 +01:00
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# FIREWALL AND FAIL2BAN
|
|
|
|
|
#
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Setup Firewall and Fail2ban ? (y/n) ${RESET}"
|
|
|
|
|
read answer
|
2024-02-23 15:14:36 +01:00
|
|
|
if [[ "$answer" == "y" ]]; then
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Setup Firewall and Fail2ban${RESET}"
|
2024-02-23 15:14:36 +01:00
|
|
|
apt install -y ufw fail2ban
|
|
|
|
|
systemctl enable fail2ban
|
|
|
|
|
ufw allow ssh
|
|
|
|
|
ufw allow http
|
|
|
|
|
ufw allow https
|
|
|
|
|
fi
|
2024-02-23 15:01:45 +01:00
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# TODO : ZABBIX AND URBACKUP
|
|
|
|
|
#
|
|
|
|
|
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}TODO : Zabbix and Urbackup${RESET}"
|
2024-02-23 15:01:45 +01:00
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# CADDY
|
|
|
|
|
#
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Install Caddy webserver ? (y/n) ${RESET}"
|
|
|
|
|
read answer
|
2024-02-23 15:14:36 +01:00
|
|
|
if [[ "$answer" == "y" ]]; then
|
2024-02-23 15:38:12 +01:00
|
|
|
echo -e "${RED}${BOLD}Install Caddy Webserver${RESET}"
|
2024-02-23 15:14:36 +01:00
|
|
|
apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
|
|
|
|
|
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
|
|
|
|
|
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-stable.list
|
|
|
|
|
apt update
|
|
|
|
|
apt install -y caddy
|
2024-02-23 15:38:12 +01:00
|
|
|
fi
|
|
|
|
|
|
