Created
February 6, 2019 13:06
-
-
Save racheats/d5c1e222283db0c49f4355e6995b289f to your computer and use it in GitHub Desktop.
Prepare script for initialize ubuntu 16.04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
if [[ $EUID -ne 0 ]]; then | |
echo "Please run as root" | |
exit | |
fi | |
# update package | |
apt update -y | |
apt upgrade -y | |
# install additional package | |
apt install -y postfix whois ufw docker.io fail2ban logwatch unattended-upgrades hto | |
# install certbot | |
add-apt-repository -y ppa:certbot/certbot && \ | |
apt update -y && \ | |
apt install -y python-certbot-nginx | |
# add racheats user and assign sudo | |
useradd -p 123456 -d /home/racheats -m racheats | |
usermod -aG sudo racheats | |
usermod -aG docker $USER | |
# remove the root user | |
passwd -l root | |
# create new user group | |
groupadd webuser groupadd admin | |
# assign user to admin group | |
usermod -aG admin racheats | |
# allow ssh connection | |
ufw allow 22/tcp | |
# enable ufw | |
ufw enable | |
# secure tempfs | |
echo "mpfs /run/shm tmpfs defaults,noexec,nosuid 0 0" | sudo tee -a /etc/fstab | |
# restart the server | |
shutdown -r now | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment