Skip to content

Instantly share code, notes, and snippets.

@dwallraff
Last active January 22, 2024 19:43
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save dwallraff/67e42c33d43ec52be3dbc2449bd9aaf2 to your computer and use it in GitHub Desktop.
Save dwallraff/67e42c33d43ec52be3dbc2449bd9aaf2 to your computer and use it in GitHub Desktop.
Crostini penguin bootstrap script -- curl -sL dwallraff.com/bootstrap | bash
#! /usr/bin/env bash
#-- Dave Wallraff
# First things first, I'm the realest...
### bootstrap crostini container
# curl -sL dwallraff.com/bootstrap | bash
# wrap in a function for curl|bash
do_stuff() {
######
## Prep and upgrade apt repos
######
sudo apt update --allow-releaseinfo-change -y
######
## Add other repos and tools
######
DEBIAN_VER="$(grep VERSION= /etc/os-release | awk -F "[()]" '{print $2}')"
export DEBIAN_VER
# vs-code
wget -O- https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
echo "deb https://packages.microsoft.com/repos/vscode stable main" | sudo tee /etc/apt/sources.list.d/vscode.list
# signal
wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg
sudo mv -f signal-desktop-keyring.gpg /usr/share/keyrings/
echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' | sudo tee /etc/apt/sources.list.d/signal-xenial.list
# 1Password
curl -sS https://downloads.1password.com/linux/keys/1password.asc | sudo gpg --batch --yes --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/$(dpkg --print-architecture) stable main" | sudo tee /etc/apt/sources.list.d/1password.list
sudo mkdir -p /etc/debsig/policies/AC2D62742012EA22/
curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol | sudo tee /etc/debsig/policies/AC2D62742012EA22/1password.pol
sudo mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22
curl -sS https://downloads.1password.com/linux/keys/1password.asc | sudo gpg --batch --yes --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg
######
## Install tools
######
export DEBIAN_FRONTEND=noninteractive
#https://www.linuxuprising.com/2019/06/fix-missing-gpg-key-apt-repository.html
sudo apt update 2>&1 1>/dev/null | sed -ne 's/.*NO_PUBKEY //p' | while read -r key; do if ! [[ ${keys[*]} =~ $key ]]; then sudo apt-key adv --keyserver https://keyserver.ubuntu.com --recv-keys "$key"; keys+=("$key"); fi; done
sudo apt update --fix-missing -y
sudo apt dist-upgrade -y
# apt install the things
sudo apt install -y \
1password-cli \
apt-transport-https \
autoconf \
bison \
build-essential \
bzip2 \
ca-certificates \
cmake \
code \
conntrack \
coreutils \
curl \
dnsutils \
file \
git \
git-lfs \
gnome-keyring \
gnupg2 \
hping3 \
httpie \
img2pdf \
iperf \
iputils-ping \
iputils-tracepath \
jq \
less \
libffi-dev \
libgdbm-dev \
libkrb5-3 \
libnss3 \
libopengl0 \
libncurses5-dev \
libreadline-dev \
libsecret-1-0 \
libssl-dev \
lsof \
man \
mosh \
mtr \
netcat \
nmap \
ocrmypdf \
openssl \
python3 \
python3-pip \
screen \
signal-desktop \
software-properties-common \
tcpdump \
tmate \
traceroute \
unzip \
vim \
wget \
whois \
zlib1g \
zlib1g-dev
######
## Software not in repos
######
# shell check
cd /usr/local/bin && sudo wget -O shellcheck.tar.xz \
"$(curl -s https://api.github.com/repos/koalaman/shellcheck/releases/latest \
| jq --raw-output '.assets[] | .browser_download_url' | grep --color=never linux.x86)" && sudo xz -d shellcheck.tar.xz \
&& sudo tar xf shellcheck.tar --wildcards --strip-components 1 shellcheck*/shellcheck && sudo rm shellcheck.tar \
&& sudo chmod +x shellcheck
# rMAPI
cd /usr/local/bin && sudo wget -O rmapi.tar.gz \
"$(curl -s https://api.github.com/repos/juruen/rmapi/releases/latest \
| jq --raw-output '.assets[] | .browser_download_url' | grep --color=never linux)" \
&& sudo tar xzf rmapi.tar.gz && sudo rm rmapi.tar.gz \
&& sudo chmod +x rmapi
# calibre
wget -nv -O- https://download.calibre-ebook.com/linux-installer.sh | sudo sh /dev/stdin
# docker cli
TEMP=$(mktemp -d)
cd "$TEMP" || return
DOCKER_VER=$(curl https://download.docker.com/linux/static/stable/x86_64/index.html | grep -v rootless | grep docker | sort -ru | head -n 1 | sed -n 's/.*href="\([^"]*\).*/\1/p')
wget -O docker.tgz https://download.docker.com/linux/static/stable/x86_64/"$DOCKER_VER"
tar xzvf docker.tgz
chmod +x docker/docker
sudo mv docker/docker /usr/local/bin/.
# kubectl cli
cd /usr/local/bin \
&& sudo curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \
&& sudo chmod +x kubectl
### cleanup
sudo apt update && sudo apt upgrade -y
sudo apt autoremove
sudo sh -c 'echo "" > /etc/motd'
sudo rm -f /etc/update-motd.d/10-uname 2> /dev/null || true
######
## Clone my stuffs
######
if [ ! -d ~/code/dotfiles ]; then
git clone https://github.com/dwallraff/dotfiles ~/code/dotfiles
cd ~/code/dotfiles || return
git remote set-url origin git@github.com:dwallraff/dotfiles.git
fi
if [ ! -d ~/code/dwallraff.github.io ]; then
git clone https://github.com/dwallraff/dwallraff.github.io ~/code/dwallraff.github.io
cd ~/code/dwallraff.github.io || return
git remote set-url origin git@github.com:dwallraff/dwallraff.github.io.git
fi
if [ ! -d ~/code/calibre-config ]; then
git clone https://github.com/dwallraff/calibre-config ~/code/calibre-config
cd ~/code/calibre-config || return
git lfs install
git remote set-url origin git@github.com:dwallraff/calibre-config
fi
cd ~ || return
######
## Link stuffs up
######
mkdir -p ~/.ssh/configs
mkdir -p ~/.gnupg
mkdir -p ~/code/work
mkdir -p ~/.config
chmod 700 ~/.gnupg
ln -snf ~/code/dotfiles/bashrc ~/.bashrc
ln -snf ~/code/dotfiles/vimrc ~/.vimrc
ln -snf ~/code/dotfiles/screenrc ~/.screenrc
ln -snf ~/code/dotfiles/gitconfig ~/.gitconfig
ln -snf ~/code/dotfiles/gitconfig_work ~/code/work/.gitconfig
ln -snf ~/code/dotfiles/authorized_keys ~/.ssh/authorized_keys
ln -snf ~/code/dotfiles/ssh_config ~/.ssh/config
ln -snf ~/code/dotfiles/ssh_config_includes/* ~/.ssh/configs
ln -snf /mnt/chromeos/MyFiles/ ~/MyFiles
ln -snf /mnt/chromeos/GoogleDrive/MyDrive/ ~/GoogleDrive
ln -snf /mnt/chromeos/GoogleDrive/MyDrive/books/library ~/library
ln -snf ~/code/calibre-config ~/.config/calibre
# Add public key to keychain
gpg --recv 86E3A6538517BCC6F7140CF926E38F79A25C6B83
echo -e "5\ny\n" | gpg --command-fd 0 --expert --edit-key 86E3A6538517BCC6F7140CF926E38F79A25C6B83 trust
#####
## Start crostini SSH server
#####
if [ -f /etc/ssh/sshd_not_to_be_run ]; then
sudo mv /etc/ssh/sshd_not_to_be_run /etc/ssh/sshd_to_be_run
fi
sudo sed -i '/#PasswordAuthentication yes/ c\PasswordAuthentication no' /etc/ssh/sshd_config
sudo systemctl restart ssh
}
do_stuff
######
## Afterwords
######
# Termina Color Scheme backup
cat << 'EOF' > ~/termina_config_backup.json
{
"magic": "nassh-prefs",
"version": 1,
"nassh": {
"profile-ids": [
{
"id": "4998",
"json": {
"description": "localhost",
"username": "dwallraff",
"hostname": "penguin.linux.test",
"port": 22,
"nassh-options": "--ssh-agent=gsc",
"argstr": "-A"
}
},
{
"id": "1026",
"json": {
"description": "pi-hole",
"username": "pi",
"hostname": "192.168.86.32",
"port": 22
}
}
],
"welcome/notes-version": 137,
"welcome/show-count": 10
},
"hterm": {
"default": {
"audible-bell-sound": "",
"background-color": "#fdf6e3",
"cursor-color": "rgba(101, 123, 131, 0.5)",
"color-palette-overrides": [
"#073642",
"#dc322f",
"#859900",
"#b58900",
"#268bd2",
"#d33682",
"#2aa198",
"#eee8d5",
"#002b36",
"#cb4b16",
"#586e75",
"#657b83",
"#839496",
"#6c71c4",
"#93a1a1",
"#fdf6e3"
],
"use-default-window-copy": true,
"ctrl-c-copy": true,
"ctrl-v-paste": true,
"enable-bold": true,
"enable-bold-as-bright": false,
"environment": {
"TERM": "xterm-16color"
},
"font-family": "\"Source Code Pro\", monospace",
"font-size": 14,
"font-smoothing": "subpixel-antialiased",
"foreground-color": "#657b83",
"keybindings-os-defaults": true,
"pass-ctrl-n": true,
"pass-ctrl-t": true,
"pass-ctrl-tab": true,
"pass-ctrl-w": true,
"user-css": "http://fonts.googleapis.com/css?family=Source+Code+Pro"
}
}
}
EOF
# Restoration instructions
cat << 'EOF' > ~/README.txt
If this is a completely new install:
## Restore settings to Termina
-----
- Right-click Secure Shell app icon
- Select options
- Restore backup
- Select termina_config_backup.json
- Create shortcut
- triple dot -> More tools -> Create shortcut -> New window
EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment