From 8bbf328bb4c1708924ff0a98552d0488260e7977 Mon Sep 17 00:00:00 2001 From: borekon Date: Mon, 14 Mar 2022 12:50:56 +0100 Subject: [PATCH] Update setup.sh --- setup.sh | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 87 insertions(+), 3 deletions(-) diff --git a/setup.sh b/setup.sh index a29c981..7228072 100644 --- a/setup.sh +++ b/setup.sh @@ -1,10 +1,18 @@ #!/bin/bash +RED="31" +GREEN="32" +BOLDGREEN="\e[1;${GREEN}m" +ITALICGREEN="\e[3;${GREEN}m" +ITALICRED="\e[3;${RED}m" +ENDCOLOR="\e[0m" +WEBMIN=0 +PIHOLE=0 if [ "$(whoami)" != "root" ]; then SUDO=sudo fi #Installs sury's php repository ${SUDO} apt update -${SUDO} apt -y install apt-transport-https lsb-release ca-certificates vim sudo perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python curl certbot shared-mime-info fail2ban unzip git +${SUDO} apt -y install apt-transport-https lsb-release ca-certificates vim sudo perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python curl certbot shared-mime-info fail2ban unzip git gpg ${SUDO} curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg ${SUDO} sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list' ${SUDO} apt update @@ -16,7 +24,7 @@ case ${answer:0:1} in read -p "Should I add the new user to sudo group?(y/n)? " answer case ${answer:0:1} in y|Y ) - ${SUDO} usermod -aG sudo USERNAME + ${SUDO} usermod -aG sudo $USERNAME echo Done ;; * ) @@ -27,4 +35,80 @@ case ${answer:0:1} in * ) echo Ok, continuing.... ;; -esac \ No newline at end of file +esac +echo -e "${ITALICGREEN}Configuring timezone to Madrid....${ENDCOLOR}" +echo 'Europe/Madrid' | ${SUDO} tee /etc/timezone > /dev/null && ${SUDO} dpkg-reconfigure -f noninteractive tzdata > /dev/null +read -p "Install webmin?(y/n)" answer +case ${answer:0:1} in + y|Y ) + ${SUDO} sh -c 'echo "deb https://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list' + wget https://download.webmin.com/jcameron-key.asc + ${SUDO} sudo gpg --dearmor jcameron-key.asc + rm jcameron-key.asc + ${SUDO} apt update && ${SUDO} apt install webmin && WEBMIN=1 + pause + ;; + * ) + echo -e Webmin "${RED}NOT${ENDCOLOR}" installed + ;; +esac +read -p "Install pihole?(y/n)" answer +case ${answer:0:1} in + y|Y ) + git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole + cd "Pi-hole/automated install/" + bash basic-install.sh + pihole -a -p + pause + ;; + * ) + echo -e PiHole "${RED}NOT${ENDCOLOR}" installed + ;; +esac +if [[ $WEBMIN != 0 ]] + then + echo -e "${ITALICGREEN}Stopping Webmin${ENDCOLOR}" + ${SUDO} systemctl stop webmin + ${SUDO} certbot certonly --standalone + ${SUDO} cat /etc/letsencrypt/live/$HOSTNAME/privkey.pem /etc/letsencrypt/live/$HOSTNAME/cert.pem | ${SUDO} tee /etc/letsencrypt/live/$HOSTNAME/combined.pem + rm /etc/webmin/miniserv.pem + ${SUDO} ln -s /etc/letsencrypt/live/$HOSTNAME/combined.pem /etc/webmin/miniserv.pem + ${SUDO} systemctl start webmin + else + echo No +fi +if [[ -d "/etc/lighttpd" ]] + then + read -p "Request let\'s encrypt certificate for lighttpd(y/n)" answer + case ${answer:0:1} in + y|Y ) + echo -e "${ITALICGREEN}Stopping lighttpd${ENDCOLOR}" + ${SUDO} systemctl stop lighttpd + ${SUDO} echo '# /usr/share/doc/lighttpd/ssl.txt' > /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo '$SERVER["socket"] == "0.0.0.0:443" {' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.engine = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo " ssl.pemfile = \"/etc/letsencrypt/live/$HOSTNAME/combined.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo " ssl.ca-file = \"/etc/letsencrypt/live/$HOSTNAME/fullchain.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.honor-cipher-order = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.use-sslv2 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.use-sslv3 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo '$HTTP["scheme"] == "http" {' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' $HTTP["host"] =~ ".*" {' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' url.redirect = ("^/admin/.*" => "https://%0$0")' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' }' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/ + ${SUDO} systemctl start lighttpd + ;; + * ) + echo -e SSL certificate was "${RED}NOT${ENDCOLOR}" installed + ;; + esac + + + echo Si + else + echo No +fi \ No newline at end of file