alecthegeek/ConfigPocketPC

## ConfigPocketPC
#!/bin/bash

# Set up my PocketCHIP (Debian Linux)
# NB It's recommended you set up ssh key auth before running this script

# Extra tools --  edit this to suite what you want on your CHIP
OPTIONAL_PACKAGES="vim-gtk git build-essential python-serial arduino arduino-mk"

# Update
# 1st lets fix an occasional but obscure problem during upgrade
sudo rm -rf /var/lib/apt/lists/*

sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get dist-upgrade -y

# Need some tools
sudo apt-get install -y locales silversearcher-ag openssh-server $OPTIONAL_PACKAGES

# Clean up
sudo apt-get autoremove
sudo apt-get autoclean

# Let's configure international settings 1st
sudo dpkg-reconfigure locales
sudo dpkg-reconfigure tzdata

# Security set-up
# Note: do not run `sudo usermod -s /usr/sbin/nologin root` as it disables `sudo -i`

# Lock root account
sudo passwd -l root

# and let's be paranoid and disable root login via ssh as well
sudo sed -ri -e 's/^[# ]*PermitRootLogin.*$/PermitRootLogin no/' /etc/ssh/sshd_config


# Now let's fix the username and password defaults
echo
echo For security purposes you should now change the default password on your CHIP
echo
passwd  < /dev/tty
echo

# Change the default user name
echo You should now change the default user name on your chip -- Feel free to use your own name
echo Note: Must be a single word, lower case recommended
echo
read -rp "Please enter the new user name "  NEW_USER < /dev/tty

# Make all these changes under a single sudo session -- must be all done at once
 cat <<'EOF' | sudo bash -s $USER $NEW_USER $HOME
    for i in /etc/group /etc/passwd /etc/sudoers /etc/shadow ; do
       sed -ri -e '/\b'$1'\b/s/\b'$1'\b/'$2'/g' $i
    done


    # Not currently needed (Dec/16) but will probably come in a future relese
    if [[ -f /etc/sudoers.d/010_${1}-nopasswd ]] ; then
        mv /etc/sudoers.d/010_${1}-nopasswd /etc/sudoers.d/010_${2}-nopasswd
        sed -ri -e '/\b'$1'\b/s/\b'$1'\b/'$2'/g' /etc/sudoers.d/010_$2-nopasswd
    fi
    # Rename home directory
    mv $3 /home/$2

    # There are a few config files with the default username hard coded
    sed -ri -e "/User=$1/s//User=$2/"  $(ag -l "User=$1"  /etc/)

    sed -ri -e  "/autologin-user=$1/s//autologin-user=$2/" /etc/lightdm/lightdm.conf

EOF

# Networking changes
# Change the hostname

echo
echo We are now now going to change the default hostname on your CHIP. Please enter a single word that only contains
echo lower case letters, numbers and \"-\". It must start with a lower case letter.
echo
read -rp "Please enter the new host name "  NEW_HOSTNAME < /dev/tty


cat <<'EOF' | sudo bash -s $NEW_HOSTNAME
  # Must do this 1st
  sed -i -re 's/^(..*)'$(hostname)'(.*)$/\1'$1'\2/' /etc/hosts

  hostname $1
  echo $1 > /etc/hostname
  invoke-rc.d hostname.sh start
  invoke-rc.d networking force-reload
  invoke-rc.d avahi-daemon force-reload
  systemctl daemon-reload
EOF


echo
cat <<'EOF'
If you have installed a public ssh key on your CHIP you can now disable password access
Before answering yes to the next question please make sure you have installed the key correctly
and can succesfully login using the ssh key (i.e. you are not prompted for a password). If
you say yes to the next question and don't have a working ssh key you will need to reflash your CHIP.

Note: You can "hop over" to another terminal session to install and test the key now if you want.
EOF

echo
read -rp "Please confirm you have installed your ssh public key on the PocketCHIP [N/y]? "  < /dev/tty
echo

if [[ "$REPLY" =~ ^[Yy]$ ]] ; then
# Disable password access via ssh. You should have installed an ssh public key 1st!
  sudo sed -ri -e 's/^[# ]*PasswordAuthentication.*$/PasswordAuthentication no/' /etc/ssh/sshd_config
  echo You can now access this device as $NEW_USER@$(hostname).local using ssh keys only
else
  echo You can now access this device as $NEW_USER@$(hostname).local using you new password
fi

sudo service sshd restart
	#!/bin/bash

	# Set up my PocketCHIP (Debian Linux)
	# NB It's recommended you set up ssh key auth before running this script

	# Extra tools -- edit this to suite what you want on your CHIP
	OPTIONAL_PACKAGES="vim-gtk git build-essential python-serial arduino arduino-mk"

	# Update
	# 1st lets fix an occasional but obscure problem during upgrade
	sudo rm -rf /var/lib/apt/lists/*

	sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get dist-upgrade -y

	# Need some tools
	sudo apt-get install -y locales silversearcher-ag openssh-server $OPTIONAL_PACKAGES

	# Clean up
	sudo apt-get autoremove
	sudo apt-get autoclean

	# Let's configure international settings 1st
	sudo dpkg-reconfigure locales
	sudo dpkg-reconfigure tzdata

	# Security set-up
	# Note: do not run `sudo usermod -s /usr/sbin/nologin root` as it disables `sudo -i`

	# Lock root account
	sudo passwd -l root

	# and let's be paranoid and disable root login via ssh as well
	sudo sed -ri -e 's/^[# ]PermitRootLogin.$/PermitRootLogin no/' /etc/ssh/sshd_config


	# Now let's fix the username and password defaults
	echo
	echo For security purposes you should now change the default password on your CHIP
	echo
	passwd < /dev/tty
	echo

	# Change the default user name
	echo You should now change the default user name on your chip -- Feel free to use your own name
	echo Note: Must be a single word, lower case recommended
	echo
	read -rp "Please enter the new user name " NEW_USER < /dev/tty

	# Make all these changes under a single sudo session -- must be all done at once
	cat <<'EOF' \| sudo bash -s $USER $NEW_USER $HOME
	for i in /etc/group /etc/passwd /etc/sudoers /etc/shadow ; do
	sed -ri -e '/\b'$1'\b/s/\b'$1'\b/'$2'/g' $i
	done


	# Not currently needed (Dec/16) but will probably come in a future relese
	if [[ -f /etc/sudoers.d/010_${1}-nopasswd ]] ; then
	mv /etc/sudoers.d/010_${1}-nopasswd /etc/sudoers.d/010_${2}-nopasswd
	sed -ri -e '/\b'$1'\b/s/\b'$1'\b/'$2'/g' /etc/sudoers.d/010_$2-nopasswd
	fi
	# Rename home directory
	mv $3 /home/$2

	# There are a few config files with the default username hard coded
	sed -ri -e "/User=$1/s//User=$2/" $(ag -l "User=$1" /etc/)

	sed -ri -e "/autologin-user=$1/s//autologin-user=$2/" /etc/lightdm/lightdm.conf

	EOF

	# Networking changes
	# Change the hostname

	echo
	echo We are now now going to change the default hostname on your CHIP. Please enter a single word that only contains
	echo lower case letters, numbers and \"-\". It must start with a lower case letter.
	echo
	read -rp "Please enter the new host name " NEW_HOSTNAME < /dev/tty


	cat <<'EOF' \| sudo bash -s $NEW_HOSTNAME
	# Must do this 1st
	sed -i -re 's/^(..)'$(hostname)'(.)$/\1'$1'\2/' /etc/hosts

	hostname $1
	echo $1 > /etc/hostname
	invoke-rc.d hostname.sh start
	invoke-rc.d networking force-reload
	invoke-rc.d avahi-daemon force-reload
	systemctl daemon-reload
	EOF


	echo
	cat <<'EOF'
	If you have installed a public ssh key on your CHIP you can now disable password access
	Before answering yes to the next question please make sure you have installed the key correctly
	and can succesfully login using the ssh key (i.e. you are not prompted for a password). If
	you say yes to the next question and don't have a working ssh key you will need to reflash your CHIP.

	Note: You can "hop over" to another terminal session to install and test the key now if you want.
	EOF

	echo
	read -rp "Please confirm you have installed your ssh public key on the PocketCHIP [N/y]? " < /dev/tty
	echo

	if [[ "$REPLY" =~ ^[Yy]$ ]] ; then
	# Disable password access via ssh. You should have installed an ssh public key 1st!
	sudo sed -ri -e 's/^[# ]PasswordAuthentication.$/PasswordAuthentication no/' /etc/ssh/sshd_config
	echo You can now access this device as $NEW_USER@$(hostname).local using ssh keys only
	else
	echo You can now access this device as $NEW_USER@$(hostname).local using you new password
	fi

	sudo service sshd restart