cvrolf/60-vm-configure.sh

## 60-vm-configure.sh
#@RunAs: Open a Terminal with user ubuntu @ VM*****

###
### Bash Shell behavior
#   @doc -e Exit immediately if a command returns a non-zero status.
#   @doc -u Treat unset variables and parameters other than the special parameters ‘@’ or ‘*’ as an error when performing parameter expansion.
#   @doc -x Print a trace of commands after they are expanded and before they are executed.
set -u
set -x

###
### Global vars
MYDOMAIN="myvmtest"
MYIPADDRESS=192.168.122.102
MYMACADDRESS=52:54:00:ff:ff:66

###
### Check you are on the correct host: VM (not the Host Machine)
hostname
whoami
if [ "`hostname`" != "${MYDOMAIN}" ]; then
    echo "ABORT. This is not a session on the VM ${MYDOMAIN}"
    sleep 10
    exit 1
else
    echo "OK. This is a session on the VM ${MYDOMAIN}"
fi

##
## Ubuntu Hostname (a FQDN not needed for a local VM).
MYFILE=/etc/hostname
cat > ${MYFILE} <<ENDOFTEXTBLOCK
#
# /etc/hostname: local hostname config file
#
# Line Format: 1 line
##RHMOD Just declare the hostname. The FQDN name (hostname+domain) is not needed/possible for this VM
${MYDOMAIN}
ENDOFTEXTBLOCK
cat ${MYFILE}

##
## Ubuntu /etc/hosts
MYFILE=/etc/hosts
cat > ${MYFILE} <<ENDOFTEXTBLOCK
    #
    # /etc/hosts: static lookup table for host names
    #
    # Line Format: <unique-ip-address> <FQDN hostname.domain.org> <1..n aliases, typically hostnames>

    ##RHMOD REPLACE the whole file content

    ##RHMOD Loopback for localhost is always required.
    127.0.0.1 localhost

    ##RHMOD Rules:
    ##RHMOD - Only one line per IP address!
    ##RHMOD - If you have several network interfaces (LAN, WLAN) then minimally mention the LAN IP.
    ##RHMOD - The default line is <192.168.0.95 s3black.infozine.be s3black> when you have a STATIC IP on a LOCAL NETWORK. Define explicitly the local IP address and the matching FQDN and hostname
    ##RHMOD - The default line is <127.0.0.1 s3black.infozine.be s3black> when you have a DYNAMIC IP on a LOCAL NETWORK.
    ##RHMOD - Optionally add other alias(es) for an IP address ON THE SAME LINE.
    ###RHMOD ***SPECIAL for VM myvmtest: OK no FQDN available***
    192.168.122.102 ${MYDOMAIN}

    ##RHMOD Comment out the DEFAULT line <127.0.0.1 s3...> It WILL cause Hadoop problems
    #####127.0.0.1 ${MYDOMAIN}

    ##RHMOD Comment out the DEFAULT line <127.0.1.1 s3...> It WILL cause loopback problems and Hadoop problems
    #####127.0.1.1 ${MYDOMAIN}

    # The following lines are desirable for IPv6 capable hosts
    ::1     ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
ENDOFTEXTBLOCK
cat ${MYFILE}

##
## SSH Server configuration
mkdir ~/tmp
cd ~/tmp
MYFILE=/etc/ssh/sshd_config
MYBACKUPFILE=~/--etc--ssh--sshd_config.backup
if [ ! -f ${MYBACKUPFILE} ]; then
    echo "OK. Making backup..."
    cp --verbose ${MYFILE} ${MYBACKUPFILE}
else
    echo "OK. Backup file already exists ${MYBACKUPFILE} :)"
fi
if [ ! -f ${MYFILE} ]; then
    echo "ERROR. Cannot find file ${MYFILE}"
else
    sed --in-place --expression 's/^#LogLevel INFO/\n##RHMOD\nLogLevel VERBOSE\n/' ${MYFILE}
    echo "###RHMOD Append @ end" >> ${MYFILE}
    echo "UseDNS no" >> ${MYFILE}
    echo "ClientAliveInterval 900" >> ${MYFILE}

    grep "Port 22" ${MYFILE}                    && echo "OK" || echo "NOT OK"
    grep "LogLevel VERBOSE" ${MYFILE}           && echo "OK" || echo "NOT OK"
    grep "UseDNS no" ${MYFILE}                  && echo "OK" || echo "NOT OK"
    grep "ClientAliveInterval 900" ${MYFILE}    && echo "OK" || echo "NOT OK"

    # Remove deprecated configurations (they were dumped in syslog)
    sed --in-place --expression '/^KeyRegenerationInterval/d' ${MYFILE}  && echo "OK" || echo "NOT OK"
    sed --in-place --expression '/^RSAAuthentication/d' ${MYFILE}  && echo "OK" || echo "NOT OK"
    sed --in-place --expression '/^RhostsRSAAuthentication/d' ${MYFILE}  && echo "OK" || echo "NOT OK"
    sed --in-place --expression '/^ServerKeyBits/d' ${MYFILE}  && echo "OK" || echo "NOT OK"

    service ssh restart; ss -lnp | grep sshd;
fi

##
## Make sudo more flexible
MYSNIPPET=~/visudo-snippet
cat > ${MYSNIPPET} <<ENDOFTEXTBLOCK

    ###RHMOD APPEND this.
    ###RHMOD Custom setup for this Ubuntu Desktop server!
    ## My old version:
    ## ubuntu  ALL=(ALL:ALL) ALL
    ## New version whereby no password is asked when executing 'sudo' (asking=annoying when using a local VM!)
    ubuntu ALL=(ALL:ALL) NOPASSWD: ALL
ENDOFTEXTBLOCK
cat ${MYSNIPPET} | EDITOR='tee -a' visudo

## FIX Grub2 boot loader: avoid the Plymouthd splash screen crashes at boot-time
##   @bug If you set the display resolution higher than the default (1024x768) in the Ubuntu Desktop Settings, which I do later on, then the boot sequence hangs at the Ubuntu splash screen (cause: plymouthd daemon).
##   @tip You can change the Grub2 settings temporarily at boot-time: Press the SHIFT key to interrupt whils the grub is loading. Then press 'e' for edit and remove "quiet splash".
cd ~/tmp
MYFILE=/etc/default/grub
MYBACKUPFILE=~/--etc--default--grub.backup
if [ ! -f ${MYBACKUPFILE} ]; then
    echo "OK. Making backup..."
    cp --verbose ${MYFILE} ${MYBACKUPFILE}
else
    echo "OK. Backup file already exists :) ${MYBACKUPFILE}"
fi
if [ ! -f ${MYFILE} ]; then
    echo "ERROR. Cannot find file ${MYFILE}"
else
    sed --in-place \
        --expression 's/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/\n##RHMOD Fix crash in ubuntu splash plymouthd\nGRUB_CMDLINE_LINUX_DEFAULT="vt.handoff=7"\n/'  \
        ${MYFILE}
    cat ${MYFILE}
    grep 'GRUB_CMDLINE_LINUX_DEFAULT="vt.handoff=7"' ${MYFILE}      && echo "OK" || echo "NOT OK"
    update-grub
fi

##
## ENABLE the motherboard speaker
#   @doc https://wiki.archlinux.org/index.php/PC_speaker
MYFILE=/etc/modprobe.d/blacklist.conf
grep 'pcspk' ${MYFILE}
sed --in-place --expression "s/^blacklist pcspkr/##RHMOD Whitelist the PC speaker module so it can do beeps for me\n#####blacklist pcspkr/g"  \
    ${MYFILE}
grep '#####blacklist pcspkr' ${MYFILE} && echo "OK" || echo "NOT OK"

##
## Install SPICE VM Agent
#@doc SPICE = remote access to virtual machines. The recommended extra Spice agent works with the Spice protocol to offer a better guest console experience.
apt --yes install spice-vdagent

##
## Remove ufw (unnecessary in a NAT-based VM)
apt --yes remove ufw

##
## Remove AppArmor (more of a burden then a good thing)
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt --yes remove apparmor apparmor-utils

##
## Install GENERAL PURPOSE PACKAGES.
apt --yes install apt-show-versions curl dos2unix git htop landscape-common lm-sensors mc screen smem tree

##
## Install the Gnome Tweak tool
#   @doc Not used yet but might become interesting in the future.
apt --yes install gnome-tweak-tool
	#@RunAs: Open a Terminal with user ubuntu @ VM*****

	###
	### Bash Shell behavior
	# @doc -e Exit immediately if a command returns a non-zero status.
	# @doc -u Treat unset variables and parameters other than the special parameters ‘@’ or ‘*’ as an error when performing parameter expansion.
	# @doc -x Print a trace of commands after they are expanded and before they are executed.
	set -u
	set -x

	###
	### Global vars
	MYDOMAIN="myvmtest"
	MYIPADDRESS=192.168.122.102
	MYMACADDRESS=52:54:00:ff:ff:66

	###
	### Check you are on the correct host: VM (not the Host Machine)
	hostname
	whoami
	if [ "`hostname`" != "${MYDOMAIN}" ]; then
	echo "ABORT. This is not a session on the VM ${MYDOMAIN}"
	sleep 10
	exit 1
	else
	echo "OK. This is a session on the VM ${MYDOMAIN}"
	fi

	##
	## Ubuntu Hostname (a FQDN not needed for a local VM).
	MYFILE=/etc/hostname
	cat > ${MYFILE} <<ENDOFTEXTBLOCK
	#
	# /etc/hostname: local hostname config file
	#
	# Line Format: 1 line
	##RHMOD Just declare the hostname. The FQDN name (hostname+domain) is not needed/possible for this VM
	${MYDOMAIN}
	ENDOFTEXTBLOCK
	cat ${MYFILE}

	##
	## Ubuntu /etc/hosts
	MYFILE=/etc/hosts
	cat > ${MYFILE} <<ENDOFTEXTBLOCK
	#
	# /etc/hosts: static lookup table for host names
	#
	# Line Format: <unique-ip-address> <FQDN hostname.domain.org> <1..n aliases, typically hostnames>

	##RHMOD REPLACE the whole file content

	##RHMOD Loopback for localhost is always required.
	127.0.0.1 localhost

	##RHMOD Rules:
	##RHMOD - Only one line per IP address!
	##RHMOD - If you have several network interfaces (LAN, WLAN) then minimally mention the LAN IP.
	##RHMOD - The default line is <192.168.0.95 s3black.infozine.be s3black> when you have a STATIC IP on a LOCAL NETWORK. Define explicitly the local IP address and the matching FQDN and hostname
	##RHMOD - The default line is <127.0.0.1 s3black.infozine.be s3black> when you have a DYNAMIC IP on a LOCAL NETWORK.
	##RHMOD - Optionally add other alias(es) for an IP address ON THE SAME LINE.
	###RHMOD *SPECIAL for VM myvmtest: OK no FQDN available*
	192.168.122.102 ${MYDOMAIN}

	##RHMOD Comment out the DEFAULT line <127.0.0.1 s3...> It WILL cause Hadoop problems
	#####127.0.0.1 ${MYDOMAIN}

	##RHMOD Comment out the DEFAULT line <127.0.1.1 s3...> It WILL cause loopback problems and Hadoop problems
	#####127.0.1.1 ${MYDOMAIN}

	# The following lines are desirable for IPv6 capable hosts
	::1 ip6-localhost ip6-loopback
	fe00::0 ip6-localnet
	ff00::0 ip6-mcastprefix
	ff02::1 ip6-allnodes
	ff02::2 ip6-allrouters
	ENDOFTEXTBLOCK
	cat ${MYFILE}

	##
	## SSH Server configuration
	mkdir ~/tmp
	cd ~/tmp
	MYFILE=/etc/ssh/sshd_config
	MYBACKUPFILE=~/--etc--ssh--sshd_config.backup
	if [ ! -f ${MYBACKUPFILE} ]; then
	echo "OK. Making backup..."
	cp --verbose ${MYFILE} ${MYBACKUPFILE}
	else
	echo "OK. Backup file already exists ${MYBACKUPFILE} :)"
	fi
	if [ ! -f ${MYFILE} ]; then
	echo "ERROR. Cannot find file ${MYFILE}"
	else
	sed --in-place --expression 's/^#LogLevel INFO/\n##RHMOD\nLogLevel VERBOSE\n/' ${MYFILE}
	echo "###RHMOD Append @ end" >> ${MYFILE}
	echo "UseDNS no" >> ${MYFILE}
	echo "ClientAliveInterval 900" >> ${MYFILE}

	grep "Port 22" ${MYFILE} && echo "OK" \|\| echo "NOT OK"
	grep "LogLevel VERBOSE" ${MYFILE} && echo "OK" \|\| echo "NOT OK"
	grep "UseDNS no" ${MYFILE} && echo "OK" \|\| echo "NOT OK"
	grep "ClientAliveInterval 900" ${MYFILE} && echo "OK" \|\| echo "NOT OK"

	# Remove deprecated configurations (they were dumped in syslog)
	sed --in-place --expression '/^KeyRegenerationInterval/d' ${MYFILE} && echo "OK" \|\| echo "NOT OK"
	sed --in-place --expression '/^RSAAuthentication/d' ${MYFILE} && echo "OK" \|\| echo "NOT OK"
	sed --in-place --expression '/^RhostsRSAAuthentication/d' ${MYFILE} && echo "OK" \|\| echo "NOT OK"
	sed --in-place --expression '/^ServerKeyBits/d' ${MYFILE} && echo "OK" \|\| echo "NOT OK"

	service ssh restart; ss -lnp \| grep sshd;
	fi

	##
	## Make sudo more flexible
	MYSNIPPET=~/visudo-snippet
	cat > ${MYSNIPPET} <<ENDOFTEXTBLOCK

	###RHMOD APPEND this.
	###RHMOD Custom setup for this Ubuntu Desktop server!
	## My old version:
	## ubuntu ALL=(ALL:ALL) ALL
	## New version whereby no password is asked when executing 'sudo' (asking=annoying when using a local VM!)
	ubuntu ALL=(ALL:ALL) NOPASSWD: ALL
	ENDOFTEXTBLOCK
	cat ${MYSNIPPET} \| EDITOR='tee -a' visudo

	## FIX Grub2 boot loader: avoid the Plymouthd splash screen crashes at boot-time
	## @bug If you set the display resolution higher than the default (1024x768) in the Ubuntu Desktop Settings, which I do later on, then the boot sequence hangs at the Ubuntu splash screen (cause: plymouthd daemon).
	## @tip You can change the Grub2 settings temporarily at boot-time: Press the SHIFT key to interrupt whils the grub is loading. Then press 'e' for edit and remove "quiet splash".
	cd ~/tmp
	MYFILE=/etc/default/grub
	MYBACKUPFILE=~/--etc--default--grub.backup
	if [ ! -f ${MYBACKUPFILE} ]; then
	echo "OK. Making backup..."
	cp --verbose ${MYFILE} ${MYBACKUPFILE}
	else
	echo "OK. Backup file already exists :) ${MYBACKUPFILE}"
	fi
	if [ ! -f ${MYFILE} ]; then
	echo "ERROR. Cannot find file ${MYFILE}"
	else
	sed --in-place \
	--expression 's/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/\n##RHMOD Fix crash in ubuntu splash plymouthd\nGRUB_CMDLINE_LINUX_DEFAULT="vt.handoff=7"\n/' \
	${MYFILE}
	cat ${MYFILE}
	grep 'GRUB_CMDLINE_LINUX_DEFAULT="vt.handoff=7"' ${MYFILE} && echo "OK" \|\| echo "NOT OK"
	update-grub
	fi

	##
	## ENABLE the motherboard speaker
	# @doc https://wiki.archlinux.org/index.php/PC_speaker
	MYFILE=/etc/modprobe.d/blacklist.conf
	grep 'pcspk' ${MYFILE}
	sed --in-place --expression "s/^blacklist pcspkr/##RHMOD Whitelist the PC speaker module so it can do beeps for me\n#####blacklist pcspkr/g" \
	${MYFILE}
	grep '#####blacklist pcspkr' ${MYFILE} && echo "OK" \|\| echo "NOT OK"

	##
	## Install SPICE VM Agent
	#@doc SPICE = remote access to virtual machines. The recommended extra Spice agent works with the Spice protocol to offer a better guest console experience.
	apt --yes install spice-vdagent

	##
	## Remove ufw (unnecessary in a NAT-based VM)
	apt --yes remove ufw

	##
	## Remove AppArmor (more of a burden then a good thing)
	/etc/init.d/apparmor stop
	update-rc.d -f apparmor remove
	apt --yes remove apparmor apparmor-utils

	##
	## Install GENERAL PURPOSE PACKAGES.
	apt --yes install apt-show-versions curl dos2unix git htop landscape-common lm-sensors mc screen smem tree

	##
	## Install the Gnome Tweak tool
	# @doc Not used yet but might become interesting in the future.
	apt --yes install gnome-tweak-tool