Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/bin/sh
#
# Ausführen um Raspbian (oder ein anderes Debian) zu einem Anzeiger für IServ
# zu konfigurieren.
# Superuser Rechte holen.
if [ $(id -u) -ne 0 ]; then
echo Superuser Rechte nötig.
exit 1
fi
# Installieren einiger Basispakete.
dpkg --status console-data tzdata ntp locales whiptail dnsutils lsb-release keyboard-configuration > /dev/null
if [ $? -ne 0 ]; then
apt-get update
apt-get -y install console-data tzdata ntp locales whiptail dnsutils lsb-release keyboard-configuration
fi
# Tastaturlayout konfigurieren.
dpkg --status console-data tzdata locales > /dev/null
if [ $? -eq 0 ]; then
dpkg-reconfigure console-data tzdata locales
dpkg-reconfigure keyboard-configuration
invoke-rc.d keyboard-setup start
fi
# SSH Hostschlüssel neu generieren.
whiptail --defaultno --yesno "SSH Hostschlüssel neu generieren?" 8 50
if [ $? -eq 0 ]; then
rm /etc/ssh/ssh_host_dsa_key
rm /etc/ssh/ssh_host_ecdsa_key.pub
rm /etc/ssh/ssh_host_dsa_key.pub
rm /etc/ssh/ssh_host_rsa_key
rm /etc/ssh/ssh_host_ecdsa_key
rm /etc/ssh/ssh_host_rsa_key.pub
dpkg-reconfigure openssh-server
fi
# Netzwerkinformationen holen.
GATEWAY=$(route -n|grep "UG"|grep -v "UGH"|cut -f 10 -d " ")
DOMAIN=$(dig -x $GATEWAY +short | sed 's/\.$//')
# Hostnamen setzen.
HOSTNAME=$(whiptail --inputbox "Hostnamen setzen:" 8 50 "$(hostname --short).$DOMAIN" 3>&1 1>&2 2>&3)
if [ "$HOSTNAME" != "" ]; then
echo "$HOSTNAME" > /etc/hostname
fi
# Passwörter setzen.
PASSWORD=$(whiptail --passwordbox "Passwort setzen:" 8 50 3>&1 1>&2 2>&3)
if [ "$PASSWORD" != "" ]; then
PASSWORD_REPEAT=$(whiptail --passwordbox "Passwort wiederholen:" 8 50 3>&1 1>&2 2>&3)
if [ $? -eq 0 ]; then
if [ "$PASSWORD" != "$PASSWORD_REPEAT" ]; then
whiptail --msgbox "Passwörter stimmen nicht überein." 8 50
exit
fi
echo "root:$PASSWORD" | chpasswd
echo "pi:$PASSWORD" | chpasswd
fi
fi
# Logs in RAM schreiben, um SD Karte zu schonen.
grep -q /var /etc/fstab
if [ $? -eq 1 ]; then
whiptail --defaultno --yesno "Ramdisk für /var/log? Logs gehen beim Neustarten verloren." 8 50
if [ $? -eq 0 ]; then
echo "tmpfs /var/log tmpfs defaults,size=100M 0 0" >> /etc/fstab
fi
fi
# Schlüssel für das Paketarchiv hinzufügen.
cat <<EOF | apt-key add -
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (GNU/Linux)
mQENBFKrY90BCACxKpsTNXH0pcvgQWjBIohw9AkiaeyFro3EnmEFlggRnkUmffA6
KsDXSndLA0+os9BgSZ484vFp6HBz4Qih7kHehTAo3fnyurHAq5cPsmfjoI+dzPVk
D65uSXQ6woa2MK7MJ3/LGm6EDTFuz3QaINq6u+ZY1HIJDotRSfPDIRt1HUm9I/Zd
sa6dyFNHkom5vPB96H5tejYosg5U4547zZH/GdGqH/MIPGEBjoysWDJZuezXbCzN
xz+g+xPQBLeSuOBsvZGpmdy3QkarOUWOM30/4kGLOQSRIsdRUvhxhRIQuADEW/Ae
U2p0dgF97fTrykUik1OEi3uC3bXx/Hj3l5ibABEBAAG0YUFkbWlucyAoQWRtaW5p
c3RyYXRvcmVuIGRlcyBUaWxtYW4tUmllbWVuc2NobmVpZGVyLUd5bW5hc2l1bXMg
T3N0ZXJvZGUpIDxhZG1pbnNAaXNlcnYtdHJnLW9oYS5kZT6JATgEEwECACIFAlKr
Y90CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJENrUgnGvTIqDSeUIAItr
ybtYWX02W+jtetLAMKGnHCQ0UPJHmHpUbuquoJL9tkXYd2M2+tjkUIR8rDjl46LX
ov12grkmeOGtzdztQiUf9nl1D08npEVa/S457sWHndm9SSCTMYC0IBpLxCOL93vi
nguuInuKK8LmhemHmjUf8MR+s0QlckDtZqheHTB4NB7/NWN5Ick0m64V6njswzBN
3sTK0ODYRJsTXXiyJ9e8C68OkZNA/w/xoWdDtugQPeOJE0wFq7YWRgUT7dbNWgVj
34XBWotL4u0dxikoK1iWCFgmrE8SAMqB07TPnzF6QApxyfQC8oxA2jnEXfkAEHvx
odCNR/XpEL5fWv2DtA65AQ0EUqtj3QEIALlKlpkP3mNsPbdJAJKTfr9jlb/U0uLq
b0nzwgFvbVV4x6d5Ub5idxNxNRNafsq9Ry0LjifvxeUrmMq2E2ybVRVkyZcNP4xz
q8gerPh0GvMJcQ0dLjqgDLuRZWFKg44jSrTx4t8HcZ1naPaRGBqKl3J7tVjZWKu6
fbBJ9TmfymRu0ahWseOBpXNE0dlGIDOrt9Y3u7R1f8yfsup12iDIEkmIDtQygmFL
UmVNgJ+Et4qkHVENXXMZT00UI13RSa0wT6XKSfMVFUkeTDfml1yDUN8/rH17fUcP
qNZXf/5oX6W4TMzT5JbAE+9AXNYpEOB/1dRXI/Bi1OmGI8wB+gQSX5cAEQEAAYkB
HwQYAQIACQUCUqtj3QIbDAAKCRDa1IJxr0yKgyeMB/kBQ+4gdwk90QqcGJo5VnuX
r1a767bWI9gdWhsrQJDIp3630AfrOoxXSFwvc3401rOmxyvr7CU8g5SVm2TSo3Fw
uw1F2BLfpIXczd4GvyGwW7oQ763vHRQH1kYiPNYfejKP14MusFQVLoQAHxXu3So2
IdJ4ECmCn15/8cUvYBvp0RSs71D5F4Cz189ssnwTFrvhIaS5490BMChGnVJCbX3e
5xXZgVeTiHm2/J3RJDXg8wR0jPTydACIQ/QpQUViD8dn2Qsv95DH5vwFRaaTqdh1
hnf0V0RwSe5ZSebnK8RcFaklKnJkkaRF78iheu28X+hqXvoWgww7xRiNZYjkN8kl
=VVT/
-----END PGP PUBLIC KEY BLOCK-----
EOF
# Paketarchiv eintragen.
DEBIAN_CODENAME=$(lsb_release --short --codename)
mkdir -p /etc/apt/sources.list.d/
cat <<EOF > /etc/apt/sources.list.d/display-kiosk.list
deb http://iserv-trg-oha.de/apt/ $DEBIAN_CODENAME main
#deb-src http://iserv-trg-oha.de/apt/ $DEBIAN_CODENAME main
EOF
# Paketlisten aktualisieren.
apt-get update
# Display manager nodm installieren.
whiptail --yesno "Display manager nodm installieren?" 8 50
if [ $? -eq 0 ]; then
apt-get -y install xorg nodm
echo "/usr/sbin/nodm" > /etc/X11/default-display-manager
sed /etc/default/nodm -i -e "s/\(NODM_ENABLED *= *\).*/\1true/"
# Login Eingabeaufforderung anpassen.
cat <<EOF > /etc/issue
Zum Kiosk:
==========
------ ----- ----
| Strg | und | Alt | und | F7 | drücken
------ ----- ----
Wartungskonsole:
================
EOF
fi
# Paket display-kiosk installieren.
apt-get -y install display-kiosk ca-certificates x11-xserver-utils
# 0.4.0 for jessie is the first release to support media types.
case "$DEBIAN_CODENAME" in
"jessie" )
TVMODE="--media tv "
;;
* )
TVMODE=""
;;
esac
# Anzeigeprogramm konfigurieren.
if [ -z "$DOMAIN" ]; then
BASEURL=http://$GATEWAY
else
BASEURL=https://$DOMAIN
fi
DEFAULT_CONFIG="--hide-cursor --hide-status --hide-toolbar --auto-reload 600 $BASEURL/idesk/infodisplay/"
TEMPLATE=$(whiptail --radiolist "Vorgegebene Konfigurationen:" 12 60 4 info "Normaler Anzeiger" 1 scrolling "Scrollender Anzeiger" 0 kiosk "Bedienbarer Anzeiger" 0 idesk "IDesk" 0 3>&1 1>&2 2>&3)
case "$TEMPLATE" in
"info" )
CONFIG="$TVMODE$DEFAULT_CONFIG"
;;
"scrolling" )
CONFIG="$TVMODE--hide-cursor --hide-status --hide-toolbar --auto-reload 600 --auto-scroll $BASEURL/idesk/infodisplay/"
;;
"kiosk" )
CONFIG="--hide-toolbar --prevent-close --auto-reload 90 $BASEURL/idesk/infodisplay/"
;;
"idesk" )
CONFIG="--reset-text='Abmelden nicht vergessen' --prevent-close --auto-reload 90 $BASEURL/idesk/"
;;
* )
CONFIG=$(whiptail --inputbox "Eigene Konfiguration (siehe man display-kiosk):" 8 78 -- "$DEFAULT_CONFIG" 3>&1 1>&2 2>&3)
if [ $? -ne 0 ]; then
CONFIG=$DEFAULT_CONFIG
fi
;;
esac
cat <<EOF > /root/.xsession
# Disable screen blanking.
xset s off
xset s noblank
xset -dpms
# Wait a few seconds for gateway to be reachable.
pings=0
while [ \$pings -lt 5 ]; do
ping -c1 $GATEWAY &> /dev/null && break
sleep 1
pings=\`expr \$pings + 1\`
done
# Start display kiosk.
exec /usr/bin/display-kiosk $CONFIG
EOF
# Firewall iptables und fail2ban installieren.
whiptail --yesno "Firewall iptables und fail2ban installieren?" 8 50
if [ $? -eq 0 ]; then
apt-get -y install iptables fail2ban
fi
# Nagios NRPE Server installieren.
NAGIOS_SERVER=$(whiptail --inputbox "Nagios Server:" 8 50 "$GATEWAY" 3>&1 1>&2 2>&3)
if [ $? -eq 0 ]; then
apt-get -y install nagios-nrpe-server nagios-plugins-basic libnagios-plugin-perl
cat <<EOF > /etc/nagios/nrpe.d/display-kiosk.cfg
allowed_hosts=127.0.0.1,$NAGIOS_SERVER
command[check_display_kiosk]=/usr/lib/nagios/plugins/check_procs -C display-kiosk -w 1:1 -c 1:
command[check_apt]=/usr/lib/nagios/plugins/check_apt --timeout=25
command[check_temperature]=/usr/local/lib/nagios/plugins/check_temperature -w 55 -c 60
EOF
mkdir -p /usr/local/lib/nagios/plugins
cat <<EOF > /usr/local/lib/nagios/plugins/check_temperature
#!/usr/bin/perl
#
# Copyright (c) 2014 Niklas Fiekas <niklas.fiekas@tu-clausthal.de>
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
use strict;
use Nagios::Plugin;
my \$np = Nagios::Plugin->new(
usage => "Usage: %s [-w <warning>] [-c <critical>]",
version => '0.1',
url => 'https://gist.github.com/niklasf/3e6704459fa5fd44a2aa',
blurb => 'Checks the temperature of thermal_zone0.',
);
\$np->add_arg(
spec => 'warning|w=s',
help => '-w, --warning=RANGE'
);
\$np->add_arg(
spec => 'critical|c=s',
help => '-c, --critical=RANGE'
);
\$np->getopts;
unless (-e '/sys/class/thermal/thermal_zone0/temp') {
\$np->nagios_die('/sys/class/thermal/thermal_zone0/temp not found');
}
my \$max_temp;
my \$max_zone;
my \$max_code = OK;
for (my \$zone = 0; -e "/sys/class/thermal/thermal_zone\$zone/temp"; \$zone++) {
open my \$file, '<', "/sys/class/thermal/thermal_zone\$zone/temp" or
\$np->nagios_die("Could not open /sys/class/thermal/thermal_zone\$zone/temp");
my \$temp = int(<\$file>) / 1000.0;
close \$file;
if (\$zone == 0 || \$temp > \$max_temp) {
\$max_temp = \$temp;
\$max_zone = \$zone;
}
\$np->add_perfdata(
label => "thermal_zone\$zone",
value => \$temp,
warning => \$np->opts->warning,
critical => \$np->opts->critical,
);
my \$code = \$np->check_threshold(
check => \$temp,
warning => \$np->opts->warning,
critical => \$np->opts->critical,
);
\$max_code = \$max_code > \$code ? \$max_code : \$code;
}
\$np->nagios_exit(\$max_code, "Maximum temperature is \$max_temp C in thermal_zone\$max_zone");
EOF
chmod +x /usr/local/lib/nagios/plugins/check_temperature
invoke-rc.d nagios-nrpe-server restart
fi
# cron-apt installieren.
whiptail --yesno "Paketlisten automatisch aktualisieren?" 8 50
if [ $? -eq 0 ]; then
apt-get -y install anacron cron-apt
fi
# HDMI hotplugging erzwingen.
if [ -f /boot/config.txt ]; then
sed /boot/config.txt -i -e "s/^.*hdmi_force_hotplug=.*/hdmi_force_hotplug=1/"
fi
# Neustarten.
whiptail --yesno "Fertig. Neustarten?" 8 50
if [ $? -eq 0 ]; then
reboot
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment