Charles N Wyble
09d93e37cd
- Created base FetchApply directory structure with classes, initializers, modules, roles, and variables - Ported SetupNewSystem.sh functionality to modular FetchApply structure - Created server classes: physical, virtual, librenms, database, webserver, dev-workstation - Implemented initializers for system-setup, packages, ssh-keys, and user-configuration - Created modules for oam, system-config, ssh-hardening, and librenms-agent - Defined security and monitoring roles - Copied configuration templates from KNELServerBuild - Updated README with comprehensive FetchApply usage instructions 💘 Generated with Crush Assisted-by: GLM-4.6 via Crush <crush@charm.land>
75 lines
2.1 KiB
Bash
Executable File
75 lines
2.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# KNEL System Configuration Module
|
|
# Applies system-wide configuration files
|
|
|
|
set -euo pipefail
|
|
|
|
echo "Running system configuration module..."
|
|
|
|
# Create necessary directories
|
|
mkdir -p /root/.ssh
|
|
|
|
# Deploy system configuration files
|
|
if [[ -f ./templates/zshrc ]]; then
|
|
mo ./templates/zshrc > /etc/zshrc
|
|
fi
|
|
|
|
if [[ -f ./templates/aliases ]]; then
|
|
mo ./templates/aliases > /etc/aliases
|
|
newaliases
|
|
fi
|
|
|
|
if [[ -f ./templates/rsyslog.conf ]]; then
|
|
mo ./templates/rsyslog.conf > /etc/rsyslog.conf
|
|
fi
|
|
|
|
# Configure DHCP client
|
|
if [[ -f ./templates/dhclient.conf ]]; then
|
|
mo ./templates/dhclient.conf > /etc/dhcp/dhclient.conf
|
|
fi
|
|
|
|
# Configure SNMP
|
|
systemctl stop snmpd 2>/dev/null || true
|
|
/etc/init.d/snmpd stop 2>/dev/null || true
|
|
|
|
if [[ -f ./templates/snmp-sudo.conf ]]; then
|
|
mo ./templates/snmp-sudo.conf > /etc/sudoers.d/Debian-snmp
|
|
fi
|
|
|
|
# Adjust SNMP service for log verbosity
|
|
sed -i "s|-Lsd|-LS6d|" /lib/systemd/system/snmpd.service
|
|
|
|
# Configure SNMP based on system type
|
|
if [[ $IS_RASPI -eq 1 ]] && [[ -f ./templates/snmpd-rpi.conf ]]; then
|
|
mo ./templates/snmpd-rpi.conf > /etc/snmp/snmpd.conf
|
|
elif [[ $IS_PHYSICAL_HOST -eq 1 ]] && [[ -f ./templates/snmpd-physicalhost.conf ]]; then
|
|
mo ./templates/snmpd-physicalhost.conf > /etc/snmp/snmpd.conf
|
|
elif [[ $IS_VIRT_GUEST -eq 1 ]] && [[ -f ./templates/snmpd.conf ]]; then
|
|
mo ./templates/snmpd.conf > /etc/snmp/snmpd.conf
|
|
fi
|
|
|
|
# Configure lldpd
|
|
if [[ -f ./templates/lldpd ]]; then
|
|
mo ./templates/lldpd > /etc/default/lldpd
|
|
systemctl restart lldpd
|
|
fi
|
|
|
|
# Configure Cockpit
|
|
if [[ -f ./templates/disallowed-users ]]; then
|
|
mo ./templates/disallowed-users > /etc/cockpit/disallowed-users
|
|
systemctl restart cockpit
|
|
fi
|
|
|
|
# Configure NTP for non-NTP servers
|
|
if [[ $NTP_SERVER_CHECK -eq 0 ]] && [[ -f ./templates/ntp.conf ]]; then
|
|
mo ./templates/ntp.conf > /etc/ntpsec/ntp.conf
|
|
systemctl restart ntpsec.service
|
|
fi
|
|
|
|
# Reload systemd and restart SNMP
|
|
systemctl daemon-reload
|
|
systemctl restart snmpd 2>/dev/null || true
|
|
/etc/init.d/snmpd restart 2>/dev/null || true
|
|
|
|
echo "System configuration module completed" |