My script for configuring a new Ubuntu Proxmox VM.

new-vps-script.sh

#!/bin/bash

# Function to generate a random port number excluding common ports
generate_random_port() {
    local port
    local common_ports=(22 80 443 8080 3306 5432 25 110 995 993 21 20 23 161 162 5060 5061)
    
    while true; do
        port=$((RANDOM % 65535 + 1))
        if [[ ! " ${common_ports[@]} " =~ " ${port} " ]]; then
            echo $port
            return
        fi
    done
}

# Ask for username input
read -p "Enter username: " username

# Check if user already exists
if id "$username" &>/dev/null; then
    echo "User $username already exists."
else
    # Add user with home directory
    sudo useradd -m $username

    # Change password for user
    sudo passwd $username

    # Add user to sudo group
    sudo usermod -aG sudo $username

    # Change terminal to bash
    sudo chsh -s /bin/bash $username
fi

# Create .ssh folder in user's home directory with proper permissions if it doesn't exist
if [ ! -d "/home/$username/.ssh" ]; then
    sudo mkdir -p /home/$username/.ssh
    sudo chmod 0700 /home/$username/.ssh
fi

# Create authorized_keys file with proper permissions if it doesn't exist
if [ ! -f "/home/$username/.ssh/authorized_keys" ]; then
    sudo touch /home/$username/.ssh/authorized_keys
    sudo chmod 0600 /home/$username/.ssh/authorized_keys
fi

# Ask for public key and append it to authorized_keys
read -p "Enter public SSH key: " ssh_key
echo $ssh_key | sudo tee -a /home/$username/.ssh/authorized_keys

# Generate a random port number excluding common ports
new_port=$(generate_random_port)

# Modify /etc/ssh/sshd_config
sudo sed -i 's/#\?Port 22/Port '"$new_port"'/g' /etc/ssh/sshd_config
sudo sed -i 's/#\?PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config
sudo sed -i 's/#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
sudo sed -i 's/#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config

# Find .conf file in /etc/ssh/sshd_config.d/ and edit PasswordAuthentication to no
sudo find /etc/ssh/sshd_config.d/ -name "*.conf" -exec sudo sed -i 's/#\?PasswordAuthentication.*/PasswordAuthentication no/g' {} \;

# Restart SSH service to apply changes
sudo service sshd restart

# Ask for new VM IP, VM MAC address, and Parent IP
read -p "Enter new VM IP: " vm_new_ip
read -p "Enter VM MAC address: " vm_macaddress
read -p "Enter Hypervisor IP: " parent_ip

# Remove the last octet of the parent IP
parent_ip_base=$(echo $parent_ip | sed 's/\.[0-9]*$//')

# Create the network configuration content
network_config=$(cat <<EOF
network:
  ethernets:
    ens18:
        dhcp4: true
        match:
          macaddress: $vm_macaddress
        set-name: ens18
        addresses:
           - $vm_new_ip/32
        nameservers:
           addresses:
             - 1.1.1.1
             - 8.8.8.8
           search: []
        routes:
            - to: 0.0.0.0/0
              via: $parent_ip_base.254
              on-link: true
        optional: true
  version: 2
EOF
)

# Output the network configuration to a file
network_config_file="/etc/netplan/00-installer-config.yaml"
echo "$network_config" | sudo tee $network_config_file

# Apply the new network configuration
sudo netplan apply

# Output the new SSH port
echo "The new SSH port is: $new_port"

echo "User $username has been created and configured."
echo "SSH configuration has been updated and SSH service restarted."
echo "Network configuration has been updated and applied."