post-install-script/setup-debian-oict.sh at main · Sentello/post-install-script · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
#!/bin/bash
# Spported OS: Debian 10/11, Ubuntu 20.04
# Post install script ver. 1.0
# INSTRUCTIONS FOR USE:
# 1. Copy this shell script to your /home directory or the /tmp directory.
# 2. Make it executable with the following command:
#      chmod a+x setup-debian-oict.sh
# 3. Execute the script as a sudo user:
#      sudo ./setup-debian-oict.sh


if [[ $EUID -ne 0 ]]; then
   	echo "This script must be run as root"
   	exit 1
else
	#Update and Upgrade
	echo "Updating and Upgrading"
	apt-get update && apt-get upgrade -y &&	apt-get install open-vm-tools

	apt-get install dialog
	cmd=(dialog --separate-output --checklist "Please, select what do you want to do:" 22 76 16)
	options=(1 "Set resolv.conf and /etc/hosts" on    # any option can be set to "off"
			2 "Set NTP" on
			3 "Set hostname" on
			4 "Set SSH to permit root and SSH keys only" on
			5 "Install FreeIPA client" on
			6 "Set FreeIPA client" on
			7 "Reboot server" on)

		choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty)
		clear
		for choice in $choices
		do
		    case $choice in
			1)
				# Set resolv.conf
				echo "Setting /etc/resolv.conf"
				echo "domain tux.oict.cz" > /etc/resolv.conf
				echo "search tux.oict.cz" >> /etc/resolv.conf
				echo "nameserver 10.130.101.8" >> /etc/resolv.conf
				echo "nameserver 10.130.101.9" >> /etc/resolv.conf

				# Edit /etc/hosts
				echo "Setting /etc/hosts"
				echo "# FreeIPA Servers" >> /etc/hosts
				echo "10.130.101.8 ipa.tux.oict.cz ipa" >> /etc/hosts
				echo "10.130.101.9 ipa2.tux.oict.cz ipa2" >> /etc/hosts
				echo "10.130.101.10 ipa3.tux.oict.cz ipa3" >> /etc/hosts
				;;
			2)
				# Install NTP
				echo "Setting NTP client"
				apt remove -y ntp ntpdate
				timedatectl set-timezone Europe/Prague
				timedatectl
				systemctl enable systemd-timesyncd

				cp /etc/systemd/timesyncd.conf /etc/systemd/timesyncd.conf.bak
				> /etc/systemd/timesyncd.conf
				echo $'[Time]\nNTP=ntp1.oict.cz\nNTP=ntp2.oict.cz' > /etc/systemd/timesyncd.conf
				systemctl restart systemd-timesyncd
				timedatectl timesync-status
				;;
			3)
				# Set hostname
				curhostname=$(cat /etc/hostname)

				# Display current hostname
				echo "Current hostname: '$curhostname'"

				# Set $newhostname as new hostname
				echo "Enter new hostname: "
				read newhostname

				# Change the hostname in /etc/hostname, /etc/hosts files and hostnamectl
				sed -i "s/$curhostname/$newhostname/g" /etc/hostname
				sed -i "s/$curhostname/$newhostname/g" /etc/hosts
				hostnamectl set-hostname $newhostname

				# Display new hostname
				echo "New hostname: $newhostname"
				;;
    			4)
				# Permit Root login:
				echo "Permit root login"
				sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config && \

				# Only SSH keys:
				echo "Setting to accept only SSH keys"
				sed -i 's/#PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config && \
				systemctl reload ssh
				echo "Finished with setup"
				;;

			5)
				# Install FreeIPA
				echo "
				######################################################################################################
						Do you want to install FreeIPA? If so type y / If you dont want to install enter n
				######################################################################################################
				"
				read $ipa

				if [[ $ipa -eq "y" ]] || [[ $ipa -eq "yes" ]]; then
					apt -y update && apt -y upgrade && apt -y install freeipa-client && \
					apt -y autoremove && apt -y clean

				echo "
				#####################################################################################################
								  FreeIPA has been installed
				#####################################################################################################
				"
				echo "FreeIPA version:"
					ipa --version

				else
					echo "FreeIPA was not installed"

				fi
				;;

			6)
				# Set FreeIPA
				ipa-client-install --mkhomedir --no-ntp
				;;
			7)
				# Reboot the system
				read -s -n 1 -p "Press any key to reboot!"
				echo ""
				echo "Okey, Rebooting"
				sleep 5
				reboot now
				;;
	    esac
	done
fi