-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathLinode-Bash-Library
More file actions
executable file
·212 lines (179 loc) · 6.4 KB
/
Linode-Bash-Library
File metadata and controls
executable file
·212 lines (179 loc) · 6.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
#!/bin/bash
#
# StackScript Bash Library
# Inspired by the Linode StackScript Bash Library Copyright (c) 2010 Linode LLC / Christopher S. Aker <caker@linode.com>
#
###########################################################
# system
###########################################################
function system_update() {
echo "### Begin system_update"
apt update
apt -q -y install aptitude
DEBIAN_FRONTEND=noninteractive aptitude -y safe-upgrade
echo "### End system_update"
}
export -f system_update
function get_ubuntu_codename() {
echo "$(lsb_release -c | cut -f2)"
}
export -f get_ubuntu_codename
function system_primary_ip() {
echo $(ip addr show eth0 | fgrep " inet " | egrep -o "(?[[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}" | head -1)
}
export -f system_primary_ip
function install_system_utils() {
echo "### Begin install_system_utils"
aptitude -y install build-essential tree htop apt-transport-https ca-certificates curl gnupg lsb-release jq
echo "### End install_system_utils"
}
export -f install_system_utils
function restart_services() {
echo "### Begin restart_services"
for service in $(ls /tmp/restart-* | cut -d- -f2-10); do
systemctl restart $service
rm -f /tmp/restart-$service
done
echo "### End restart_services"
}
export -f restart_services
###########################################################
# docker
###########################################################
function install_docker_engine() {
echo "### Begin install docker_engine"
echo "### add docker GPG key"
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "### add docker repo"
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(get_ubuntu_codename) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
echo "### install docker engine"
aptitude -y install docker-ce docker-ce-cli containerd.io
echo "### End install docker_engine"
}
export -f install_docker_engine
function install_docker_compose() {
echo "### Begin install docker_compose"
VERSION=$(curl --silent https://api.github.com/repos/docker/compose/releases/latest | jq .name -r)
curl -L "https://github.com/docker/compose/releases/download/$VERSION/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
echo "### End install docker_compose"
}
export -f install_docker_compose
###########################################################
# users
###########################################################
function add_sudo_user() {
echo "### Begin add_sudo_user"
USERNAME="$1"
USERPASS="$2"
if [ -z "$USERNAME" ] || [ -z "$USERPASS" ]; then
echo "No new username and/or password entered"
return 1;
fi
echo "### Added user $USERNAME"
echo "### Added user $USERPASS"
adduser $USERNAME --disabled-password --gecos ""
echo "$USERNAME:$USERPASS" | chpasswd
usermod -aG sudo $USERNAME
echo "### End add_sudo_user"
}
export -f add_sudo_user
function user_add_pubkey() {
echo "### Begin user_add_pubkey"
USERNAME="$1"
USERPUBKEY="$2"
if [ -z "$USERNAME" ] || [ -z "$USERPUBKEY" ]; then
echo "Must provide a username and a pubkey"
return 1;
fi
mkdir -p /home/$USERNAME/.ssh
echo "$USERPUBKEY" >> /home/$USERNAME/.ssh/authorized_keys
chown -R "$USERNAME":"$USERNAME" /home/$USERNAME/.ssh
echo "### End user_add_pubkey"
}
export -f user_add_pubkey
function user_setup_shell() {
echo "### Begin user_setup_shell"
USERNAME="$1"
wget -O "/home/$USERNAME/.bash_aliases" https://raw.githubusercontent.com/furnox/Linode-StackScripts/master/.bash_aliases
wget -O "/home/$USERNAME/.bash_functions" https://raw.githubusercontent.com/furnox/Linode-StackScripts/master/.bash_functions
chown "$USERNAME:$USERNAME" "/home/$USERNAME/.bash_aliases" "/home/$USERNAME/.bash_functions"
echo "### End user_setup_shell"
}
export -f user_setup_shell
###########################################################
# sshd
###########################################################
function secure_sshd() {
echo "### Begin secure_sshd"
echo "
# StashScript settings
PermitRootLogin no
PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
UsePAM no
X11Forwarding no
PrintMotd yes
" >> /etc/ssh/sshd_config.d/stackscript.conf
touch /tmp/restart-sshd
echo "### End secure_sshd"
}
export -f secure_sshd
function set_sshd_port() {
echo "### Begin set_sshd_port"
PORT="$1"
echo "Port $1" >> /etc/ssh/sshd_config
touch /tmp/restart-sshd
echo "### End set_sshd_port"
}
export -f set_sshd_port
###########################################################
# apache
###########################################################
function apache_install() {
echo "### Begin apache_install"
aptitude -y install apache2
echo "### End apache_install"
}
export -f apache_install
###########################################################
# nginx
###########################################################
function nginx_install() {
echo "### Begin nginx_install"
add-apt-repository -y ppa:nginx/stable
apt update
apt install -y nginx
echo "### End nginx_install"
}
export -f nginx_install
###########################################################
# php
###########################################################
function php_install() {
echo "### Begin php_install"
aptitude -y install php7.4 php7.4-mysql libapache2-mod-php7.4
touch /tmp/restart-apache2
echo "### End php_install"
}
export -f php_install
###########################################################
# mysql-server
###########################################################
function mysql_install() {
echo "### Begin mysql_install"
ROOTPASSWD="$1"
if [ -z "$ROOTPASSWD" ]; then
echo "Need the root password"
return 1;
fi
echo "mysql-server mysql-server/root_password password $ROOTPASSWD" | debconf-set-selections
echo "mysql-server mysql-server/root_password_again password $ROOTPASSWD" | debconf-set-selections
aptitude -y install mysql-server mysql-client
echo "Sleeping while MySQL starts up for the first time..."
sleep 5
echo "### End mysql_install"
}
export -f mysql_install