Charles N Wyble
09d93e37cd
- Created base FetchApply directory structure with classes, initializers, modules, roles, and variables - Ported SetupNewSystem.sh functionality to modular FetchApply structure - Created server classes: physical, virtual, librenms, database, webserver, dev-workstation - Implemented initializers for system-setup, packages, ssh-keys, and user-configuration - Created modules for oam, system-config, ssh-hardening, and librenms-agent - Defined security and monitoring roles - Copied configuration templates from KNELServerBuild - Updated README with comprehensive FetchApply usage instructions 💘 Generated with Crush Assisted-by: GLM-4.6 via Crush <crush@charm.land>
125 lines
2.2 KiB
Bash
Executable File
125 lines
2.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# KNEL Package Installation
|
|
# This initializer installs required packages
|
|
|
|
set -euo pipefail
|
|
|
|
echo "Installing required packages..."
|
|
|
|
# Ensure apt is up to date
|
|
apt-get update
|
|
|
|
# Install basic tools first
|
|
apt-get install -y git sudo dmidecode curl
|
|
|
|
# Setup webmin repo (used for RBAC/2FA PAM)
|
|
curl https://raw.githubusercontent.com/webmin/webmin/master/webmin-setup-repo.sh >/tmp/webmin-setup.sh
|
|
sh /tmp/webmin-setup.sh -f && rm -f /tmp/webmin-setup.sh
|
|
|
|
# Setup tailscale
|
|
curl -fsSL https://tailscale.com/install.sh | sh
|
|
|
|
# Remove unwanted packages
|
|
apt-get -y --purge remove \
|
|
systemd-timesyncd \
|
|
chrony \
|
|
telnet \
|
|
inetutils-telnet \
|
|
wpasupplicant \
|
|
modemmanager \
|
|
nano \
|
|
multipath-tools \
|
|
|| true
|
|
|
|
apt-get --purge autoremove
|
|
|
|
# Install desired packages
|
|
apt-get install -y \
|
|
virt-what \
|
|
auditd \
|
|
audispd-plugins \
|
|
cloud-guest-utils \
|
|
aide \
|
|
htop \
|
|
snmpd \
|
|
ncdu \
|
|
iftop \
|
|
iotop \
|
|
cockpit \
|
|
cockpit-bridge \
|
|
cockpit-doc \
|
|
cockpit-networkmanager \
|
|
cockpit-packagekit \
|
|
cockpit-pcp \
|
|
cockpit-sosreport \
|
|
cockpit-storaged \
|
|
cockpit-system \
|
|
cockpit-ws \
|
|
nethogs \
|
|
sysstat \
|
|
ngrep \
|
|
acct \
|
|
lsb-release \
|
|
screen \
|
|
tailscale \
|
|
tmux \
|
|
vim \
|
|
command-not-found \
|
|
lldpd \
|
|
ansible-core \
|
|
net-tools \
|
|
dos2unix \
|
|
gpg \
|
|
molly-guard \
|
|
lshw \
|
|
fzf \
|
|
ripgrep \
|
|
sudo \
|
|
mailutils \
|
|
clamav \
|
|
sl \
|
|
logwatch \
|
|
git \
|
|
net-tools \
|
|
tshark \
|
|
tcpdump \
|
|
lynis \
|
|
glances \
|
|
zsh \
|
|
zsh-autosuggestions \
|
|
zsh-syntax-highlighting \
|
|
fonts-powerline \
|
|
webmin \
|
|
usermin \
|
|
ntpsec \
|
|
ntpsec-ntpdate \
|
|
tuned \
|
|
iptables \
|
|
netfilter-persistent \
|
|
iptables-persistent \
|
|
pflogsumm \
|
|
postfix
|
|
|
|
# Kali-specific packages
|
|
if [[ $KALI_CHECK -eq 0 ]]; then
|
|
apt-get install -y \
|
|
latencytop \
|
|
cockpit-tests
|
|
fi
|
|
|
|
# KVM guest specific packages
|
|
if [[ $IS_KVM_GUEST -eq 1 ]]; then
|
|
apt-get install -y qemu-guest-agent
|
|
fi
|
|
|
|
# Physical host specific packages
|
|
if [[ $IS_PHYSICAL_HOST -gt 0 ]]; then
|
|
apt-get install -y \
|
|
i7z \
|
|
thermald \
|
|
cpufrequtils \
|
|
linux-cpupower
|
|
fi
|
|
|
|
echo "Package installation complete" |