britonad/do-bootstrap.sh

## do-bootstrap.sh
#!/bin/bash
# A simple boostrap script for Ubuntu 20.04 on DigitalOcean.

# Abort script at first error, when a command exits with non-zero status
# (except in until or while loops, if-tests, list constructs)
# https://www.tldp.org/LDP/abs/html/options.html
set -eu

# update repositories and install libraries
apt update && apt upgrade -y && apt install -y make git mosh pwgen htop lnav

# configure locale
locale-gen en_GB.UTF-8
locale-gen en_US.UTF-8

# creates a user and add to sudo group
echo "Enter your user name:"
read -r USER_NAME
adduser --disabled-password --gecos "" "${USER_NAME}"
usermod -aG sudo "${USER_NAME}"

# set a password
USER_PASSWORD="$(pwgen -r ',;' -s 25 -y)"
echo -e "Your password is \e[34m\"${USER_PASSWORD}\"\e[0m. \e[91mDON'T FORGET TO SAVE IT!\e[0m"
usermod --password "$(openssl passwd -1 "${USER_PASSWORD}")" "${USER_NAME}"

# sync root .ssh directory with vald user
rsync --archive --chown="${USER_NAME}":"${USER_NAME}" ~/.ssh "/home/${USER_NAME}"

# setup sshd
sed -i "0,/PermitRootLogin yes/s//PermitRootLogin no/" /etc/ssh/sshd_config
sed -i "0,/PasswordAuthentication no/s//PasswordAuthentication no/" /etc/ssh/sshd_config
sed -i "0,/#PermitEmptyPasswords no/s//PermitEmptyPasswords no/" /etc/ssh/sshd_config
systemctl restart ssh

# base firewall setup
ufw --force enable
ufw default deny incoming
ufw default allow outgoing
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow 60001/udp
ufw allow 22


#!/usr/bin/env sh
######################## Docker #########################################
#Update the apt package index and install packages to allow apt to use a
#repository over HTTPS
sudo apt-get update
sudo apt-get install -y \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg-agent \
    software-properties-common

# Add Docker’s official GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

# Set up the stable repository
sudo add-apt-repository -y \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"

# Update the apt package index, and install the latest version of Docker
# Engine and containerd
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io

# Create the docker group
sudo groupadd -f docker

# Add your user to the docker group
sudo usermod -aG docker "${USER_NAME}"

# Delete snap store
snap remove lxd
snap remove core20
apt purge -y snapd
rm -rf snap/

######################## Docker Compose #################################
# Download the current stable release of Docker Compose
sudo curl -L \
  "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" \
  -o /usr/local/bin/docker-compose

# Apply executable permissions to the binary
sudo chmod +x /usr/local/bin/docker-compose

# Create a symbolic link to Docker Compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

# Test installation
docker --version
docker-compose --version
	#!/bin/bash
	# A simple boostrap script for Ubuntu 20.04 on DigitalOcean.

	# Abort script at first error, when a command exits with non-zero status
	# (except in until or while loops, if-tests, list constructs)
	# https://www.tldp.org/LDP/abs/html/options.html
	set -eu

	# update repositories and install libraries
	apt update && apt upgrade -y && apt install -y make git mosh pwgen htop lnav

	# configure locale
	locale-gen en_GB.UTF-8
	locale-gen en_US.UTF-8

	# creates a user and add to sudo group
	echo "Enter your user name:"
	read -r USER_NAME
	adduser --disabled-password --gecos "" "${USER_NAME}"
	usermod -aG sudo "${USER_NAME}"

	# set a password
	USER_PASSWORD="$(pwgen -r ',;' -s 25 -y)"
	echo -e "Your password is \e[34m\"${USER_PASSWORD}\"\e[0m. \e[91mDON'T FORGET TO SAVE IT!\e[0m"
	usermod --password "$(openssl passwd -1 "${USER_PASSWORD}")" "${USER_NAME}"

	# sync root .ssh directory with vald user
	rsync --archive --chown="${USER_NAME}":"${USER_NAME}" ~/.ssh "/home/${USER_NAME}"

	# setup sshd
	sed -i "0,/PermitRootLogin yes/s//PermitRootLogin no/" /etc/ssh/sshd_config
	sed -i "0,/PasswordAuthentication no/s//PasswordAuthentication no/" /etc/ssh/sshd_config
	sed -i "0,/#PermitEmptyPasswords no/s//PermitEmptyPasswords no/" /etc/ssh/sshd_config
	systemctl restart ssh

	# base firewall setup
	ufw --force enable
	ufw default deny incoming
	ufw default allow outgoing
	ufw allow 80/tcp
	ufw allow 443/tcp
	ufw allow 60001/udp
	ufw allow 22


	#!/usr/bin/env sh
	######################## Docker #########################################
	#Update the apt package index and install packages to allow apt to use a
	#repository over HTTPS
	sudo apt-get update
	sudo apt-get install -y \
	apt-transport-https \
	ca-certificates \
	curl \
	gnupg-agent \
	software-properties-common

	# Add Docker’s official GPG key
	curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| sudo apt-key add -

	# Set up the stable repository
	sudo add-apt-repository -y \
	"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
	$(lsb_release -cs) \
	stable"

	# Update the apt package index, and install the latest version of Docker
	# Engine and containerd
	sudo apt-get update
	sudo apt-get install -y docker-ce docker-ce-cli containerd.io

	# Create the docker group
	sudo groupadd -f docker

	# Add your user to the docker group
	sudo usermod -aG docker "${USER_NAME}"

	# Delete snap store
	snap remove lxd
	snap remove core20
	apt purge -y snapd
	rm -rf snap/

	######################## Docker Compose #################################
	# Download the current stable release of Docker Compose
	sudo curl -L \
	"https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" \
	-o /usr/local/bin/docker-compose

	# Apply executable permissions to the binary
	sudo chmod +x /usr/local/bin/docker-compose

	# Create a symbolic link to Docker Compose
	sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

	# Test installation
	docker --version
	docker-compose --version