119 lines
3.5 KiB
Bash
119 lines
3.5 KiB
Bash
#!/bin/bash
|
|
|
|
# Update and isntall the packages unsed in my homelab
|
|
# run "curl -L https://johnhgaunt.com/update.sh | bash" as root to use this script
|
|
# wget -O - https://johnhgaunt.com/update.sh | bash
|
|
|
|
GAUNT_CA_CERT_NAME="GauntDC01-CA.crt"
|
|
|
|
# need to be root
|
|
if [ "$EUID" -ne 0 ]; then
|
|
echo "Please run as root"
|
|
exit
|
|
fi
|
|
|
|
# ensure the lsb_release is installed
|
|
# Debian and Ubuntu have it preinstaled already, CentOS needs to have it installed
|
|
type lsb_release >/dev/null 2>&1 || yum install -y redhat-lsb
|
|
|
|
# get OS ditro and version
|
|
OS=$(lsb_release -si)
|
|
OS_VER=$(lsb_release -sr)
|
|
|
|
# Debian OS
|
|
if [ ${OS} == 'Debian' ] || [ ${OS} == 'Ubuntu' ]; then
|
|
# upgrade all packages
|
|
apt update; apt upgrade -y
|
|
|
|
# install the apt-transport-https
|
|
apt install -y apt-transport-https wget gnupg2
|
|
|
|
# download the gpg key for PBIS-Open
|
|
wget -O - http://repo.pbis.beyondtrust.com/apt/RPM-GPG-KEY-pbis | apt-key add -
|
|
|
|
# download the repo for PBIS-Open for SSO and Domain
|
|
wget -O /etc/apt/sources.list.d/pbiso.list http://repo.pbis.beyondtrust.com/apt/pbiso.list
|
|
|
|
# update the list of available packages
|
|
apt update
|
|
|
|
# install the packages
|
|
apt install -y pbis-open sudo nano htop nload iperf iperf3 open-vm-tools unattended-upgrades unzip git nfs-common uptimed net-tools build-essential curl smartmontools
|
|
|
|
# remove unneeded packages
|
|
apt autoremove -y
|
|
|
|
# modify ssh to allow root login and then restart the service
|
|
sed --in-place "s/^.PermitRootLogin\ prohibit-password/PermitRootLogin\ yes/" /etc/ssh/sshd_config
|
|
systemctl restart sshd
|
|
|
|
# GauntDC01-CA
|
|
curl -o /usr/local/share/ca-certificates/${GAUNT_CA_CERT_NAME} https://johnhgaunt.com/${GAUNT_CA_CERT_NAME}
|
|
update-ca-certificates
|
|
|
|
# CentOS OS
|
|
elif [ ${OS} == 'CentOS' ]; then
|
|
# upgrade all packages
|
|
yum update -y
|
|
|
|
# install the epel for other packages and wget
|
|
yum install -y epel-release yum-utils
|
|
|
|
# download the repo for PBIS-Open for SSO and Domain
|
|
yum-config-manager --add-repo http://repo.pbis.beyondtrust.com/yum/pbiso.repo
|
|
|
|
# clean the yum cache
|
|
yum clean all
|
|
|
|
# install the packages
|
|
yum install -y pbis-open sudo nano htop nload iperf iperf3 bind-utils open-vm-tools yum-cron unzip nfs-utils git wget uptimed net-tools make smartmontools
|
|
|
|
# remove unneeded packages
|
|
yum autoremove -y
|
|
|
|
# modify yum-cron config to auto install security updates and enable/start the service
|
|
sed --in-place "s/^update_cmd\ =\ security/update_cmd\ =\ default/" /etc/yum/yum-cron.conf
|
|
sed --in-place "s/^apply_updates\ =\ no/apply_updates\ =\ yes/" /etc/yum/yum-cron.conf
|
|
systemctl enable yum-cron
|
|
systemctl restart yum-cron
|
|
|
|
# modify ssh to allow root login and then restart the service
|
|
sed --in-place "s/^#PermitRootLogin\ yes/PermitRootLogin\ yes/" /etc/ssh/sshd_config
|
|
systemctl restart sshd
|
|
|
|
# GauntDC01-CA
|
|
curl -o /etc/pki/ca-trust/source/anchors/${GAUNT_CA_CERT_NAME} https://johnhgaunt.com/${GAUNT_CA_CERT_NAME}
|
|
update-ca-trust
|
|
|
|
|
|
|
|
else
|
|
echo "Unable to determine linux distro"
|
|
exit
|
|
fi
|
|
|
|
|
|
# clone the homelab scripts for use later
|
|
if [ -d /opt/homelab-scripts ]; then
|
|
cd /opt/homelab-scripts
|
|
git pull
|
|
else
|
|
cd /opt
|
|
git clone https://git.johnhgaunt.com/jgaunt/homelab-scripts.git
|
|
fi
|
|
|
|
# install neofetch
|
|
if [ -d /opt/neofetch ]; then
|
|
cd /opt/neofetch
|
|
git pull
|
|
make install
|
|
else
|
|
cd /opt
|
|
git clone https://github.com/dylanaraps/neofetch.git
|
|
cd /opt/neofetch
|
|
make install
|
|
fi
|
|
|
|
# go to home directory
|
|
cd ~
|