KNEL/KNELServerBuild
2
0
Fork 0
Code Pull Requests Actions Packages Releases 1 Activity

refactor. much cleaner.

Browse Source
This commit is contained in:
Charles N Wyble
2025-06-23 13:30:38 -05:00
parent d78409315f
commit 459da206bf
1 changed files with 43 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

149
newSrv.sh
View File

@@ -8,18 +8,9 @@
# Start actual script logic here... # Start actual script logic here...
function pi-detect() #################
{ #Global variables
#################
if [ -f /sys/firmware/devicetree/base/model ] ; then
export IS_RASPI="1"
fi
if [ ! -f /sys/firmware/devicetree/base/model ] ; then
export IS_RASPI="0"
fi
}
export SUBODEV_CHECK export SUBODEV_CHECK
SUBODEV_CHECK="$(getent passwd|grep -c subodev)" SUBODEV_CHECK="$(getent passwd|grep -c subodev)"
@@ -28,88 +19,48 @@ export LOCALUSER_CHECK
LOCALUSER_CHECK="$(getent passwd|grep -c localuser)" LOCALUSER_CHECK="$(getent passwd|grep -c localuser)"
function global-configureAptRepos() function pi-detect()
{ {
if [ -f /sys/firmware/devicetree/base/model ] ; then
export IS_RASPI="1"
fi
echo "Now running $FUNCNAME...." if [ ! -f /sys/firmware/devicetree/base/model ] ; then
export IS_RASPI="0"
curl https://raw.githubusercontent.com/webmin/webmin/master/webmin-setup-repo.sh > /tmp/webmin-setup.sh fi
sh /tmp/webmin-setup.sh -f && rm -f /tmp/webmin-setup.sh
echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" > /etc/apt/sources.list.d/cisofy-lynis.list
curl --silent --insecure -s https://packages.cisofy.com/keys/cisofy-software-public.key | apt-key add -
echo "Completed running $FUNCNAME"
} }
function global-shellScripts() function global-oam()
{ {
echo Now running "$FUNCNAME"....
echo "Now running $FUNCNAME...."
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/distro > /usr/local/bin/distro && chmod +x /usr/local/bin/distro curl --silent https://dl.knownelement.com/FetchApplyDistPoint/distro > /usr/local/bin/distro && chmod +x /usr/local/bin/distro
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/up2date.sh > /usr/local/bin/up2date.sh && chmod +x /usr/local/bin/up2date.sh curl --silent https://dl.knownelement.com/FetchApplyDistPoint/up2date.sh > /usr/local/bin/up2date.sh && chmod +x /usr/local/bin/up2date.sh
echo "Completed running $FUNCNAME"
}
function global-profileScripts()
{
echo "Now running $FUNCNAME...."
#curl --silent https://dl.knownelement.com/FetchApplyDistPoint/profiled-tsys-shell.sh > /etc/profile.d/tsys-shell.sh
#curl --silent https://dl.knownelement.com/FetchApplyDistPoint/profiled-tmux.sh > /etc/profile.d/tmux.sh
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/tsys-zshrc > /etc/zshrc
echo "Completed running $FUNCNAME"
}
function global-oam()
{
echo "Now running $FUNCNAME...."
rm -rf /usr/local/librenms-agent rm -rf /usr/local/librenms-agent
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/librenms.tar.gz > /usr/local/librenms.tar.gz curl --silent https://dl.knownelement.com/FetchApplyDistPoint/librenms.tar.gz > /usr/local/librenms.tar.gz
cd /usr/local && tar xfz librenms.tar.gz && rm -f /usr/local/librenms.tar.gz cd /usr/local && tar xfz librenms.tar.gz && rm -f /usr/local/librenms.tar.gz
cd - cd - || exit
echo "Completed running $FUNCNAME" echo Completed running "$FUNCNAME"
} }
if [[ ! -f /root/ntpserver ]]; then
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/ntp.conf > /etc/ntp.conf
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes -o Dpkg::Options::="--force-confold" install ntp ntpdate
systemctl stop ntp && ntpdate pool.ntp.org && systemctl start ntp
fi
function global-systemServiceConfigurationFiles() function global-systemServiceConfigurationFiles()
{ {
echo "Now running $FUNCNAME...." echo "Now running $FUNCNAME...."
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/tsys-zshrc > /etc/zshrc
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/aliases > /etc/aliases
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/rsyslog.conf > /etc/rsyslog.conf
export ROOT_SSH_DIR="/root/.ssh" export ROOT_SSH_DIR="/root/.ssh"
export LOCALUSER_SSH_DIR="/home/localuser/.ssh" export LOCALUSER_SSH_DIR="/home/localuser/.ssh"
export SUBODEV_SSH_DIR="/home/subodev/.ssh" export SUBODEV_SSH_DIR="/home/subodev/.ssh"
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/aliases > /etc/aliases
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/rsyslog.conf > /etc/rsyslog.conf
if [ ! -d $ROOT_SSH_DIR ]; then if [ ! -d $ROOT_SSH_DIR ]; then
mkdir /root/.ssh/ mkdir /root/.ssh/
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/ssh-authorized-keys > /root/.ssh/authorized_keys \ curl --silent https://dl.knownelement.com/FetchApplyDistPoint/ssh-authorized-keys > /root/.ssh/authorized_keys \
@@ -118,9 +69,6 @@ if [ ! -d $ROOT_SSH_DIR ]; then
fi fi
if [ "$LOCALUSER_CHECK" = 1 ]; then if [ "$LOCALUSER_CHECK" = 1 ]; then
chsh -s "$(which zsh)" localuser
if [ ! -d $LOCALUSER_SSH_DIR ]; then if [ ! -d $LOCALUSER_SSH_DIR ]; then
mkdir -p /home/localuser/.ssh/ mkdir -p /home/localuser/.ssh/
fi fi
@@ -128,13 +76,9 @@ chsh -s "$(which zsh)" localuser
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/ssh-authorized-keys > /home/localuser/.ssh/authorized_keys \ curl --silent https://dl.knownelement.com/FetchApplyDistPoint/ssh-authorized-keys > /home/localuser/.ssh/authorized_keys \
&& chown localuser /home/localuser/.ssh/authorized_keys \ && chown localuser /home/localuser/.ssh/authorized_keys \
&& chmod 400 /home/localuser/.ssh/authorized_keys && chmod 400 /home/localuser/.ssh/authorized_keys
fi fi
if [ "$SUBODEV_CHECK" = 1 ]; then if [ "$SUBODEV_CHECK" = 1 ]; then
chsh -s "$(which zsh)" subodev
if [ ! -d $SUBODEV_SSH_DIR ]; then if [ ! -d $SUBODEV_SSH_DIR ]; then
mkdir /home/subodev/.ssh/ mkdir /home/subodev/.ssh/
fi fi
@@ -146,20 +90,21 @@ curl --silent https://dl.knownelement.com/FetchApplyDistPoint/ssh-authorized-key
fi fi
echo "Completed running $FUNCNAME" echo "Completed running $FUNCNAME"
} }
function global-installPackages() function global-installPackages()
{ {
echo "Now running $FUNCNAME...." echo "Now running $FUNCNAME...."
# # Setup webmin repo, used for RBAC/2fa PAM
#Ensure system time is correct, otherwise can't install packages...
#
curl https://raw.githubusercontent.com/webmin/webmin/master/webmin-setup-repo.sh > /tmp/webmin-setup.sh
sh /tmp/webmin-setup.sh -f && rm -f /tmp/webmin-setup.sh
# Setup lynis repo, used for sec ops/compliance
echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" > /etc/apt/sources.list.d/cisofy-lynis.list
curl --silent --insecure -s https://packages.cisofy.com/keys/cisofy-software-public.key | apt-key add -
# #
#Patch the system #Patch the system
@@ -227,8 +172,12 @@ iotop \
tuned \ tuned \
cockpit \ cockpit \
telnet \ telnet \
ntpdate \
ntp \
postfix postfix
apt-file update
#Coming soon, ifdef for physical host perf setting/tuning #Coming soon, ifdef for physical host perf setting/tuning
# Physical host packages # Physical host packages
# i7z # i7z
@@ -268,18 +217,26 @@ postfix
#https://www.digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-ubuntu-18-04 #https://www.digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-ubuntu-18-04
echo "Completed running $FUNCNAME" echo "Completed running $FUNCNAME"
} }
function global-postPackageConfiguration() function global-postPackageConfiguration()
{ {
echo "Now running $FUNCNAME...." echo "Now running $FUNCNAME...."
chsh -s $(which zsh) root chsh -s $(which zsh) root
if [ "$LOCALUSER_CHECK" = 1 ]; then
chsh -s "$(which zsh)" localuser
fi
if [ "$SUBODEV_CHECK" = 1 ]; then
chsh -s "$(which zsh)" localuser
fi
###Post package deployment bits ###Post package deployment bits
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/ntp.conf > /etc/ntp.conf
curl --silent https://dl.knownelement.com/FetchApplyDistPoint/snmp-sudo.conf > /etc/sudoers.d/Debian-snmp curl --silent https://dl.knownelement.com/FetchApplyDistPoint/snmp-sudo.conf > /etc/sudoers.d/Debian-snmp
systemctl stop snmpd && /etc/init.d/snmpd stop systemctl stop snmpd && /etc/init.d/snmpd stop
sed -i "s|-Lsd|-LS6d|" /lib/systemd/system/snmpd.service sed -i "s|-Lsd|-LS6d|" /lib/systemd/system/snmpd.service
@@ -301,33 +258,13 @@ systemctl restart postfix
/usr/sbin/accton on /usr/sbin/accton on
echo "Completed running $FUNCNAME" echo "Completed running $FUNCNAME"
} }
##################################################
# Things todo on all TSYS systems
##################################################
#################################################################################################### ####################################################################################################
#Download configs and support bits to onfigure things in the TSYS standard model # RUn the various functions in the correct order
#################################################################################################### ####################################################################################################
global-configureAptRepos
global-shellScripts
global-profileScripts
global-oam global-oam
global-systemServiceConfigurationFiles
####################################################################################################
#Install packages and preserve existing configs...
####################################################################################################
global-installPackages global-installPackages
global-postPackageConfiguration global-systemServiceConfigurationFiles
global-postPackageConfiguration
###
# Jetson nano
###