Disassembler/Spotter-VM
1
0
Fork 0
Code Issues 78 Pull Requests Actions Packages Projects Releases Wiki Activity
d557b33906
Spotter-VM/basic.sh

90 lines
2.7 KiB
Bash
Raw Blame History

#!/bin/bash
SOURCE_DIR=$(realpath $(dirname "${0}"))
# Uninstall unnecessary packages
apt-get -y purge bsdmainutils dictionaries-common emacsen-common gnupg gnupg-agent iamerican ibritish ienglish-common installation-report ispell laptop-detect nano os-prober pinentry-curses task-english tasksel tasksel-data wamerican
# Install useful packages
apt-get -y --no-install-recommends install ca-certificates openssl sudo unzip
######
# OpenSSH
#####
# Install OpenSSH server
apt-get -y --no-install-recommends install openssh-server
# Copy authorized_keys
cp ${SOURCE_DIR}/basic/root/.ssh/authorized_keys /root/.ssh/authorized_keys
#####
# System boot
#####
# Rename encrypted partition
sed -i 's/sda2_crypt/system/' /etc/crypttab
dmsetup rename sda2_crypt system
# Suppress warnings during boot
cp ${SOURCE_DIR}/basic/usr/share/initramfs-tools/scripts/local-top/lvm2 /usr/share/initramfs-tools/scripts/local-top/lvm2
cp ${SOURCE_DIR}/basic/usr/share/initramfs-tools/scripts/local-top/cryptroot /usr/share/initramfs-tools/scripts/local-top/cryptroot
# Set GRUB options
cp ${SOURCE_DIR}/basic/etc/default/grub /etc/default/grub
# Set legal banner with URL + latin2 character set
cp ${SOURCE_DIR}/basic/etc/default/console-setup /etc/default/console-setup
cp ${SOURCE_DIR}/basic/etc/issue /etc/issue
# Forbid login on tty1, disable tty2-6
cp ${SOURCE_DIR}/basic/lib/systemd/system/getty@.service /lib/systemd/system/getty@.service
systemctl mask getty-static
# Update initramfs and GRUB
update-initramfs -u
update-grub
#####
# Nginx + uWSGI
#####
# Install packages
apt-get -y --no-install-recommends install nginx-light uwsgi uwsgi-plugin-python
# Create a self-signed certificate
openssl req -x509 -new -out /etc/ssl/certs/services.pem -keyout /etc/ssl/private/services.key -nodes -days 3654 -subj "/C=CZ/CN=$(hostname -f)"
chmod 640 /etc/ssl/private/services.key
# Create Diffie-Hellman param
openssl dhparam -out /etc/ssl/dhparam.pem 2048
chmod 640 /etc/ssl/dhparam.pem
# Modify default nginx site
mkdir /etc/nginx/apps-available /etc/nginx/apps-enabled
mkdir /srv/portal
cp ${SOURCE_DIR}/basic/etc/nginx/sites-available/default /etc/nginx/sites-available/default
cp ${SOURCE_DIR}/basic/srv/portal/index.html /srv/portal/index.html
chown -R www-data:www-data /srv/portal
# Restart
systemctl restart nginx
#####
# PostgreSQL + PostGIS
#####
# Install packages
apt-get -y --no-install-recommends -y install postgresql-9.6 postgresql-9.6-postgis
# Configure
cp ${SOURCE_DIR}/basic/etc/postgresql/9.6/main/postgresql.conf /etc/postgresql/9.6/main/postgresql.conf
cp ${SOURCE_DIR}/basic/etc/postgresql/9.6/main/pg_hba.conf /etc/postgresql/9.6/main/pg_hba.conf
# Restart
systemctl restart postgresql
Reference in New Issue View Git Blame Copy Permalink