install.sh 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. #!/bin/sh
  2. # bachir soussi chiadmi
  3. #
  4. # http://www.pontikis.net/blog/debian-9-stretch-rc3-web-server-setup-php7-mariadb
  5. # http://web-74.com/blog/reseaux/gerer-le-deploiement-facilement-avec-git/
  6. #
  7. echo -e '\033[35m
  8. ____ __ _ _____
  9. / __ \___ / /_ (_)___ _____ / ___/___ ______ _____ _____
  10. / / / / _ \/ __ \/ / __ `/ __ \ \__ \/ _ \/ ___/ | / / _ \/ ___/
  11. / /_/ / __/ /_/ / / /_/ / / / / ___/ / __/ / | |/ / __/ /
  12. /_____/\___/_.___/_/\__,_/_/ /_/ /____/\___/_/ |___/\___/_/
  13. \033[0m'
  14. echo -e "\033[35;1mThis script has been tested only on Linux Debian 10 \033[0m"
  15. if [ "$EUID" -ne 0 ]; then
  16. echo "Please run as root"
  17. exit
  18. fi
  19. echo -n "Should we start? [Y|n] "
  20. read yn
  21. yn=${yn:-y}
  22. if [ "$yn" != "y" ]; then
  23. echo "aborting script!"
  24. exit
  25. fi
  26. # get the current position
  27. _cwd="$(pwd)"
  28. . bin/upgrade.sh
  29. . bin/misc.sh
  30. . bin/firewall.sh
  31. . bin/fail2ban.sh
  32. . bin/knockd.sh
  33. . bin/user.sh
  34. . bin/email.sh
  35. while [ "$securssh" != "yes" ] && [ "$securssh" != "no" ]
  36. do
  37. echo -n "Securing ssh (disabling root login)? [yes|no] "
  38. read securssh
  39. # securssh=${securssh:-y}
  40. done
  41. if [ "$securssh" = "yes" ]; then
  42. . bin/ssh.sh
  43. else
  44. echo 'root user can still conect through ssh'
  45. fi
  46. echo -n "Should we install ftp server? [Y|n] "
  47. read yn
  48. yn=${yn:-y}
  49. if [ "$yn" = "y" ]; then
  50. . bin/ftp.sh
  51. else
  52. echo 'ftp server not installed'
  53. fi
  54. while [ "$lemp" != "yes" ] && [ "$lemp" != "no" ]
  55. do
  56. echo -n "Should we install lemp ? [yes|no] "
  57. read lemp
  58. done
  59. if [ "$lemp" = "yes" ]; then
  60. . bin/lemp.sh
  61. else
  62. echo 'lemp server not installed'
  63. fi
  64. while [ "$_install_vhost" != "yes" ] && [ "$_install_vhost" != "no" ]
  65. do
  66. echo -n "Should we install a vhost ? [yes|no] "
  67. read _install_vhost
  68. done
  69. if [ "$_install_vhost" = "yes" ]; then
  70. . bin/vhost.sh
  71. else
  72. echo 'no vhost installed'
  73. fi
  74. while [ "$_install_zabbix_agent" != "yes" ] && [ "$_install_zabbix_agent" != "no" ]
  75. do
  76. echo -n "Should we install zabbix-agent ? [yes|no] "
  77. read _install_zabbix_agent
  78. done
  79. if [ "$_install_zabbix_agent" = "yes" ]; then
  80. . bin/zabbix.sh
  81. else
  82. echo 'zabbix-agent not installed'
  83. fi
  84. while [ "$_install_urbackup" != "yes" ] && [ "$_install_urbackup" != "no" ]
  85. do
  86. echo -n "Should we install urbackup client ? [yes|no] "
  87. read _install_urbackup
  88. done
  89. if [ "$_install_urbackup" = "yes" ]; then
  90. . bin/urbackup.sh
  91. else
  92. echo 'urbackup client not installed'
  93. fi
  94. # ./install.sh: line 109: bin/dotfiles.sh: No such file or directory
  95. . bin/dotfiles.sh
  96. # . bin/autoupdate.sh
  97. # echo -e '\033[35m
  98. # ______________ _______
  99. # /_ __/ ____/ |/ / __ \
  100. # / / / __/ / /|_/ / /_/ /
  101. # / / / /___/ / / / ____/
  102. # /_/ /_____/_/ /_/_/
  103. # \033[0m'
  104. # function check_tmp_secured {
  105. # temp1=`grep -w "/var/tempFS /tmp ext3 loop,nosuid,noexec,rw 0 0" /etc/fstab | wc -l`
  106. # temp2=`grep -w "tmpfs /tmp tmpfs rw,noexec,nosuid 0 0" /etc/fstab | wc -l`
  107. # if [ $temp1 -gt 0 ] || [ $temp2 -gt 0 ]; then
  108. # return 1
  109. # else
  110. # return 0
  111. # fi
  112. # } # End function check_tmp_secured
  113. # function secure_tmp_tmpfs {
  114. # cp /etc/fstab /etc/fstab.bak
  115. # # Backup /tmp
  116. # cp -Rpf /tmp /tmpbackup
  117. # rm -rf /tmp
  118. # mkdir /tmp
  119. # mount -t tmpfs -o rw,noexec,nosuid tmpfs /tmp
  120. # chmod 1777 /tmp
  121. # echo "tmpfs /tmp tmpfs rw,noexec,nosuid 0 0" >> /etc/fstab
  122. # # Restore /tmp
  123. # cp -Rpf /tmpbackup/* /tmp/ >/dev/null 2>&1
  124. # #Remove old tmp dir
  125. # rm -rf /tmpbackup
  126. # # Backup /var/tmp and link it to /tmp
  127. # mv /var/tmp /var/tmpbackup
  128. # ln -s /tmp /var/tmp
  129. # # Copy the old data back
  130. # cp -Rpf /var/tmpold/* /tmp/ >/dev/null 2>&1
  131. # # Remove old tmp dir
  132. # rm -rf /var/tmpbackup
  133. # echo -e "\033[35;1m /tmp and /var/tmp secured using tmpfs. \033[0m"
  134. # } # End function secure_tmp_tmpfs
  135. # check_tmp_secured
  136. # if [ $? = 0 ]; then
  137. # secure_tmp_tmpfs
  138. # else
  139. # echo -e "\033[35;1mFunction canceled. /tmp already secured. \033[0m"
  140. # fi
  141. # TODO add warning message on ssh connection if system needs updates
  142. # TODO install and configure tmux
  143. echo -e '\033[35m
  144. __
  145. ___ ____ ____/ /
  146. / _ \/ __ \/ __ /
  147. / __/ / / / /_/ /
  148. \___/_/ /_/\__,_/
  149. \033[0m'
  150. echo -e "\033[35;1m* * script done * * \033[0m"