From cd2b3aafbaba6cb6834ee87b2f403907624349db Mon Sep 17 00:00:00 2001
From: Valentin <valentin@figureslibres.io>
Date: Fri, 23 Feb 2024 15:01:45 +0100
Subject: [PATCH] installation de caddy dans le script install

---
 README.md  |  2 +-
 install.sh | 34 ++++++++++++++++++++++++++++++++--
 2 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index ac13fa5..2e51479 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@ On a fresh install as root user
 
 2. Install git
 
-`apt install git -y`
+`apt install -y git`
 
 3. Download and make the instal script executable
 
diff --git a/install.sh b/install.sh
index 4b555e1..b567859 100644
--- a/install.sh
+++ b/install.sh
@@ -23,7 +23,8 @@ fi
 echo "Generate and store the password somewhere safe"
 read -s -p "Enter password: " password
 echo
-useradd -m "$username" 
+useradd -m "$username"
+chsh -s /bin/bash $username
 echo "$username:$password" | chpasswd
 
 usermod -aG sudo $username
@@ -39,4 +40,33 @@ echo "Setup SSH"
 touch /etc/ssh/sshd_config.d/custom.conf
 echo "PermitRootLogin no" >> /etc/ssh/sshd_config.d/custom.conf
 echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config.d/custom.conf
-systemctl reload ssh
\ No newline at end of file
+systemctl reload ssh
+
+#
+# FIREWALL AND FAIL2BAN
+#
+
+echo "Setup Firewall and Fail2Ban"
+apt install -y ufw fail2ban
+systemctl enable fail2ban
+ufw allow ssh
+ufw allow http
+ufw allow https
+
+#
+# TODO : ZABBIX AND URBACKUP
+#
+
+echo "TODO : Zabbix and Urbackup"
+
+#
+# CADDY
+#
+
+echo "Install Caddy Webserver"
+apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-stable.list
+apt update
+apt install -y caddy
+caddy run
\ No newline at end of file