BirkhoffLee/installDocker.sh

## installDocker.sh
#!/bin/bash

# Settings
USERNAME="docker"
SSH_PUBKEY="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClxraaf0yoYrLWhxD1gdFopR/20Z54spf4ecbAXTch42HLpMimFh18qNa4easbeP8SPjt94arV+BxHFmCaK41YsP1tJL/5I1DsnPyYew5ZJjWGBeGF7nMvht5ostKPOa+tpuQP/z5goE7gQxF+46nMnO2q7bHG4+6xl4fLq+yoWY8vpBgW6RUTPPExhHXaV+KxFBmroW1AXvcM2nxnrAQFcG6mvPhnIUpDjYtUvq48lch34MwuX+ckPYXCBinDTekS/ZV9/H4XjVsv/Uay3cAz5VG5SuwXsSCJfgMJFGw86wYRcFe401rnG1LnWJczHPCtzA6CuY25UdptcQYCH+lV birkhoff@Birkhoffs-MBPR.local"

# Check permissions
if [ "$EUID" -ne 0 ]
  then echo "Please run as root"
  exit
fi

# Update system & Install packages
apt-get update
apt-get upgrade -y
apt-get install unattended-upgrades curl fail2ban -y
# echo "LANG=en_US.UTF-8\nLC_ALL=en_US.UTF-8" > /etc/default/locale
echo "" > /etc/legal

# Create a group called nopwsudo,
# which allows nopassword-sudoing,
# and full root access.
groupadd nopwsudo
echo "%nopwsudo ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers
service sudo restart

# Create the docker user.
useradd -s /bin/bash $USERNAME

# Set the user's home directory up
mkdir /home/$USERNAME
mkdir /home/$USERNAME/.ssh
chmod 700 /home/$USERNAME/.ssh

# Add my SSH key to the user's ssh authorized keys
echo $SSH_PUBKEY > /home/$USERNAME/.ssh/authorized_keys
chmod 400 /home/$USERNAME/.ssh/authorized_keys

# Recursively set the user's home directory's contents' permissions
chown $USERNAME:$USERNAME /home/$USERNAME -R

# Add the user to the nopwsudo group
usermod -aG nopwsudo $USERNAME

# Install Docker
sudo -u $USERNAME curl -sSL https://get.docker.com/ | sh

# Prevent root logging in from SSH
#sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

# Force use Public Key authentication
#sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config

# Restart the SSH service
service ssh restart

# Automated security updates
echo 'APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";' > /etc/apt/apt.conf.d/10periodic

echo 'Unattended-Upgrade::Allowed-Origins {
    "Ubuntu lucid-security";
    //"Ubuntu lucid-updates";
};' > /etc/apt/apt.conf.d/50unattended-upgrades

# Clean downloaded archive files
sudo apt-get autoclean
sudo apt-get clean

# Login to Docker Hub
echo "If you wish to login to Docker Hub now, enter your Docker Hub username and password or press Ctrl + C."
sudo -u $USERNAME docker login

clear
echo "Completed"
	#!/bin/bash

	# Settings
	USERNAME="docker"
	SSH_PUBKEY="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClxraaf0yoYrLWhxD1gdFopR/20Z54spf4ecbAXTch42HLpMimFh18qNa4easbeP8SPjt94arV+BxHFmCaK41YsP1tJL/5I1DsnPyYew5ZJjWGBeGF7nMvht5ostKPOa+tpuQP/z5goE7gQxF+46nMnO2q7bHG4+6xl4fLq+yoWY8vpBgW6RUTPPExhHXaV+KxFBmroW1AXvcM2nxnrAQFcG6mvPhnIUpDjYtUvq48lch34MwuX+ckPYXCBinDTekS/ZV9/H4XjVsv/Uay3cAz5VG5SuwXsSCJfgMJFGw86wYRcFe401rnG1LnWJczHPCtzA6CuY25UdptcQYCH+lV birkhoff@Birkhoffs-MBPR.local"

	# Check permissions
	if [ "$EUID" -ne 0 ]
	then echo "Please run as root"
	exit
	fi

	# Update system & Install packages
	apt-get update
	apt-get upgrade -y
	apt-get install unattended-upgrades curl fail2ban -y
	# echo "LANG=en_US.UTF-8\nLC_ALL=en_US.UTF-8" > /etc/default/locale
	echo "" > /etc/legal

	# Create a group called nopwsudo,
	# which allows nopassword-sudoing,
	# and full root access.
	groupadd nopwsudo
	echo "%nopwsudo ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers
	service sudo restart

	# Create the docker user.
	useradd -s /bin/bash $USERNAME

	# Set the user's home directory up
	mkdir /home/$USERNAME
	mkdir /home/$USERNAME/.ssh
	chmod 700 /home/$USERNAME/.ssh

	# Add my SSH key to the user's ssh authorized keys
	echo $SSH_PUBKEY > /home/$USERNAME/.ssh/authorized_keys
	chmod 400 /home/$USERNAME/.ssh/authorized_keys

	# Recursively set the user's home directory's contents' permissions
	chown $USERNAME:$USERNAME /home/$USERNAME -R

	# Add the user to the nopwsudo group
	usermod -aG nopwsudo $USERNAME

	# Install Docker
	sudo -u $USERNAME curl -sSL https://get.docker.com/ \| sh

	# Prevent root logging in from SSH
	#sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

	# Force use Public Key authentication
	#sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config

	# Restart the SSH service
	service ssh restart

	# Automated security updates
	echo 'APT::Periodic::Update-Package-Lists "1";
	APT::Periodic::Download-Upgradeable-Packages "1";
	APT::Periodic::AutocleanInterval "7";
	APT::Periodic::Unattended-Upgrade "1";' > /etc/apt/apt.conf.d/10periodic

	echo 'Unattended-Upgrade::Allowed-Origins {
	"Ubuntu lucid-security";
	//"Ubuntu lucid-updates";
	};' > /etc/apt/apt.conf.d/50unattended-upgrades

	# Clean downloaded archive files
	sudo apt-get autoclean
	sudo apt-get clean

	# Login to Docker Hub
	echo "If you wish to login to Docker Hub now, enter your Docker Hub username and password or press Ctrl + C."
	sudo -u $USERNAME docker login

	clear
	echo "Completed"