progress snapshot

2026-01-21 08:33:09 -05:00
parent 6c96f3c549
commit 1339705f9d
20 changed files with 3387 additions and 46 deletions
--- a/config/user-environment.sh
+++ b/config/user-environment.sh
@@ -0,0 +1,397 @@
+# Football System User Environment Configuration
+# Sets up minimal UI with Remmina auto-start
+
+# Create user directories with proper permissions
+mkdir -p /home/user/.config/{icewm,remmina,autostart}
+mkdir -p /home/user/.local/share/applications
+mkdir -p /home/user/.local/bin
+
+# IceWM configuration
+cat > /home/user/.config/icewm/prefoverence << 'EOF'
+# Football System - IceWM Minimal Configuration
+# Focused on security and simplicity
+
+# Theme and appearance
+ThemeName="win95Classic"
+TitleBarHeight=20
+BorderSizeX=2
+BorderSizeY=2
+DlgBorderSizeX=2
+DlgBorderSizeY=2
+
+# Window behavior
+AutoRaise=0
+ClickToFocus=1
+FocusOnAppRaise=1
+RaiseOnFocus=0
+RaiseOnClickClient=1
+PassFirstClickToClient=1
+ShowTaskBar=1
+TaskBarAtTop=0
+TaskBarShowWorkspaces=0
+TaskBarShowWindowList=1
+
+# Program menu restrictions
+ShowProgramsMenu=1
+ShowThemesMenu=0
+ShowHelpMenu=0
+ShowLogoutMenu=1
+ShowLogoutSubMenu=0
+ShowAboutMenu=0
+ShowRunMenu=0
+
+# Desktop restrictions
+DesktopBackgroundCenter=0
+DesktopBackgroundScaled=1
+DesktopBackgroundColor="rgb:40/40/40"
+ShowDesktopBackgroundPixmap=1
+
+# Input settings
+Win95Keys=0
+ModSuperIsCtrlAlt=0
+UseMouseWheel=1
+
+# Security restrictions
+DisableRealDragAndDrop=1
+AllowFullscreen=0
+ConfirmLogout=1
+
+# Window placement
+SmartPlacement=1
+CenterTransients=1
+CenterLarge=0
+
+# Resource limits
+IconPath="/usr/share/icons:/usr/share/pixmaps"
+LookAndFeel=win95
+
+# Menu security
+MenuFile=/home/user/.config/icewm/menu
+ProgramsFile=/home/user/.config/icewm/programs
+EOF
+
+# IceWM programs menu (restricted)
+cat > /home/user/.config/icewm/programs << 'EOF'
+# Football System - Restricted Programs Menu
+
+# Application launcher
+prog Terminal terminal "xterm"
+prog File Manager filemanager "pcmanfm"
+
+# System applications
+prog Remmina remmina "remmina"
+prog Network Status netstatus "xterm -e 'nmcli dev status'"
+
+# System information
+prog System Info sysinfo "xterm -e 'uname -a; df -h; free -m'"
+prog Verification verify "xterm -e '/usr/local/bin/verify-system.sh'"
+
+# Power management
+prog Logout logout "icewm --shutdown"
+prog Reboot reboot "sudo reboot"
+prog Shutdown shutdown "sudo shutdown -h now"
+EOF
+
+# IceWM menu (minimal and secure)
+cat > /home/user/.config/icewm/menu << 'EOF'
+# Football System - Minimal Menu
+
+menufile programs
+separator
+
+# Security tools
+menu Security {
+    prog System Status status "xterm -e 'systemctl status'"
+    prog Security Audit audit "xterm -e 'sudo aide --check'"
+    prog Log Monitor logmon "xterm -e 'sudo journalctl -f'"
+}
+separator
+
+# Network
+menu Network {
+    prog VPN Status vpn "xterm -e 'wg show'"
+    prog Network Info netinfo "xterm -e 'ip addr show'"
+}
+separator
+
+# Logout menu
+menu Logout {
+    prog Lock Screen lock "xlock"
+    prog Logout logout "icewm --shutdown"
+    prog Reboot reboot "sudo reboot"
+    prog Shutdown shutdown "sudo shutdown -h now"
+}
+EOF
+
+# Remmina desktop entry for autostart
+cat > /home/user/.config/autostart/remmina.desktop << 'EOF'
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=Remmina
+Comment=Remote Desktop Client
+Exec=remmina
+Icon=remmina
+Terminal=false
+Categories=Network;RemoteAccess;
+X-GNOME-Autostart-enabled=true
+EOF
+
+# Desktop entry for system verification
+cat > /home/user/.local/share/applications/verify-system.desktop << 'EOF'
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=System Verification
+Comment=Verify Football Secure Access System
+Exec=xterm -e '/usr/local/bin/verify-system.sh'
+Icon=security-high
+Terminal=true
+Categories=System;Security;
+EOF
+
+# Desktop entry for network status
+cat > /home/user/.local/share/applications/network-status.desktop << 'EOF'
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=Network Status
+Comment=Check Network Connectivity
+Exec=xterm -e 'nmcli dev status; echo ""; echo "VPN Status:"; wg show'
+Icon=network-idle
+Terminal=true
+Categories=System;Network;
+EOF
+
+# Create xinitrc for IceWM session
+cat > /home/user/.xinitrc << 'EOF'
+#!/bin/bash
+# Football System - X Session Initialization
+
+# Set environment variables
+export XDG_CONFIG_HOME=/home/user/.config
+export XDG_DATA_HOME=/home/user/.local/share
+export XDG_CACHE_HOME=/home/user/.cache
+
+# Security settings
+xhost +local: || true
+
+# Load X resources (if any)
+[ -f /home/user/.Xresources ] && xrdb /home/user/.Xresources
+
+# Set desktop background (minimal)
+xsetroot -solid "#282828"
+
+# Start IceWM
+exec icewm-session
+EOF
+
+# Create bash_profile for console sessions
+cat > /home/user/.bash_profile << 'EOF'
+# Football System - User Shell Configuration
+
+# Prompt
+PS1='[\\u@\\h \\W]\\$ '
+
+# Security aliases
+alias ll='ls -la --color=auto'
+alias la='ls -a --color=auto'
+alias vi='vim'
+alias diff='colordiff'
+
+# System information
+alias sysinfo='echo "=== System Information ==="; uname -a; echo ""; df -h; echo ""; free -m'
+alias secstatus='echo "=== Security Status ==="; systemctl status auditd rsyslog; echo ""; wg show'
+
+# Quick access to verification
+alias verify='/usr/local/bin/verify-system.sh'
+alias checksec='sudo aide --check'
+
+# Network aliases
+alias netstat='nmcli dev status'
+alias vpnstat='wg show'
+
+# Security reminder
+echo "Football Secure Access System v2.1"
+echo "Type 'verify' to run system verification"
+echo "Type 'sysinfo' for system information"
+echo ""
+
+# Check if this is a graphical session
+if [ "$DISPLAY" ]; then
+    echo "Graphical session detected. Remmina will auto-start."
+fi
+EOF
+
+# Create .bashrc for interactive shells
+cat > /home/user/.bashrc << 'EOF'
+# Football System - Interactive Shell Configuration
+
+# Source bash_profile
+[ -f /home/user/.bash_profile ] && . /home/user/.bash_profile
+
+# Interactive shell settings
+set -o vi
+export HISTCONTROL=ignoreboth
+export HISTSIZE=1000
+export HISTFILESIZE=2000
+
+# Completions
+if [ -f /etc/bash_completion ]; then
+    . /etc/bash_completion
+fi
+
+# Enable color support
+if [ -x /usr/bin/dircolors ]; then
+    eval "$(dircolors -b)"
+fi
+
+# Color aliases
+alias grep='grep --color=auto'
+alias fgrep='fgrep --color=auto'
+alias egrep='egrep --color=auto'
+alias ls='ls --color=auto'
+EOF
+
+# Security-focused .Xresources (minimal)
+cat > /home/user/.Xresources << 'EOF'
+! Football System - Minimal X Resources
+
+! Basic font settings
+*font: -*-fixed-medium-r-*-*-13-*-*-*-*-*-iso8859-1
+*xfont: -*-fixed-medium-r-*-*-13-*-*-*-*-*-iso8859-1
+
+! Terminal settings
+*XTerm*background: #000000
+*XTerm*foreground: #ffffff
+*XTerm*font: -*-fixed-medium-r-*-*-13-*-*-*-*-*-iso8859-1
+
+! Security - disable screen saver
+!*XTerm*allowSendEvents: false
+
+! Enable numlock
+*numlock.on: true
+EOF
+
+# Remmina configuration template (secure defaults)
+cat > /home/user/.config/remmina/remmina.pref << 'EOF'
+[remmina_pref]
+use_remmina_crypt_password=1
+save_view_mode=1
+default_view_mode=3
+confirm_credential_saving=1
+ssh_tunnel_loopback=1
+disable_clipboard=0
+disallow_tunneling=0
+disable_automatic_reconnect=0
+disable_server_input=0
+disable_password_change=0
+disable_automatic_reconnect=0
+disable_clipboard=1
+confirm_credential_saving=1
+disable_menu_toolbar=1
+disable_tab_previews=0
+disable_quick_search=1
+disable_new_connections=0
+disable_profile_settings=0
+allow_multiple_masterpasswords=0
+remfile_v2_encryption=1
+SSH_private_key_file=/home/user/.ssh/id_rsa
+default_ssh_privatekey=/home/user/.ssh/id_rsa
+EOF
+
+# IceWM preferences file
+cat > /home/user/.config/icewm/preferences << 'EOF'
+# Football System - IceWM Preferences
+
+# Clock settings
+ClockTimeFormat="%H:%M"
+ClockDateFormat="%Y-%m-%d"
+ShowClock=1
+
+# Win95-like behavior
+Win95Keys=0
+ShowThemesMenu=0
+ShowHelpMenu=0
+ShowLogoutMenu=1
+ShowAboutMenu=0
+ShowRunMenu=0
+
+# Security settings
+ClickToFocus=1
+AutoRaise=0
+RaiseOnFocus=0
+DisableRealDragAndDrop=1
+AllowFullscreen=0
+ConfirmLogout=1
+
+# Workspace settings
+WorkspaceNames=" 1 "
+Workspace1Name="Main"
+ShowWorkspaces=0
+WorkspaceCount=1
+
+# Taskbar settings
+TaskBarShowWorkspaces=0
+TaskBarShowWindowList=1
+TaskBarShowAllWindows=0
+TaskBarShowApm=0
+TaskBarShowMailboxStatus=0
+TaskBarShowCPU=0
+TaskBarShowNetStatus=0
+
+# Input settings
+ModifierKeys="Super"
+UseMouseWheel=1
+
+# Focus behavior
+FocusOnAppRaise=1
+PassFirstClickToClient=1
+RaiseOnClickClient=1
+
+# Window placement
+SmartPlacement=1
+CenterTransients=1
+CenterLarge=0
+
+# Menu behavior
+MenuMouseTracking=1
+SubmenuOnDelay=1
+SubmenuDelay=200
+
+# Resource limits
+EdgeResistance=32
+EdgeThickness=1
+
+# Appearance
+TitleBarHeight=20
+BorderSizeX=2
+BorderSizeY=2
+DlgBorderSizeX=2
+DlgBorderSizeY=2
+
+# Colors
+ColorNormalTitleBar="rgb:C0/C0/C0"
+ColorActiveTitleBar="rgb:00/00/80"
+ColorNormalBorder="rgb:C0/C0/C0"
+ColorActiveBorder="rgb:00/00/80"
+EOF
+
+# Set proper permissions
+chown -R user:user /home/user/.config
+chown -R user:user /home/user/.local
+chown user:user /home/user/.xinitrc
+chown user:user /home/user/.bash_profile
+chown user:user /home/user/.bashrc
+chown user:user /home/user/.Xresources
+chmod 755 /home/user
+chmod 755 /home/user/.config
+chmod 755 /home/user/.local
+chmod 644 /home/user/.xinitrc
+chmod 644 /home/user/.bash_profile
+chmod 644 /home/user/.bashrc
+chmod 644 /home/user/.Xresources
+chmod +x /home/user/.config/autostart/remmina.desktop
+chmod +x /home/user/.local/share/applications/*.desktop
+
+echo "✅ User environment configured with IceWM and Remmina auto-start"