Last active
February 10, 2020 19:59
-
-
Save radzima/08b4724414612d96aeaca9cd302ffcc0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
function base_config () { | |
# Add 'wlpc' user to sudoers with no password needed. NOT SECURE | |
echo -en "Updating sudoers...\n" | |
bash -c 'echo "wlpc ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers.d/20-wlpc >/dev/null' | |
# Generate user SSH key | |
echo -en "Generating user SSH key...\n" | |
bash -c 'ssh-keygen -q -t rsa -P "" -f ~/.ssh/id_rsa 2>/dev/null <<< y >/dev/null' | |
# Make base projects directory | |
echo -en "Creating ~/Projects directory...\n" | |
mkdir ~/Projects | |
# Install base packages | |
echo -en "Updating and configuring base system packages (avahi, python3.7, openssh-server)...\n" | |
sudo apt-get update | |
sudo apt-get upgrade -y | |
sudo apt-get install -y git vim tilix tilix-common wget avahi-daemon python3-pip net-tools openssh-server libsqlite3-dev sqlite3 avahi-ui-utils chromium-browser chromium-browser-l10n inetutils-traceroute python3.8 build-essential zlib1g-dev libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev | |
sudo apt-get remove plasma-discover plasma-discover-backend-snap k3b k3b-data ark libreoffice-help-common libreoffice-style-colibre ure libreoffice-math libreoffice-style-tango libreoffice-help-en-us libreoffice-style-breeze uno-libs3 libreoffice-base-core libreoffice-impress libreoffice-calc libreoffice-gtk3 libreoffice-draw libreoffice-writer libreoffice-common libreoffice-core 2048-qt transmission-common transmission-qt trojita trojita-data trojita-l10n qterminal qterminal-l10n quassel quassel-data | |
sudo apt-get autoremove | |
sudo apt-get remove --purge `dpkg -l | grep '^rc' | awk '{print $2}'` | |
# Regenerate OpenSSH server keys | |
echo -en "Removing OpenSSH server host keys and regenerating...\n" | |
sudo rm -v /etc/ssh/ssh_host_* | |
sudo dpkg-reconfigure openssh-server | |
# Update system alternatives to set python3.7 & pip3 as defaults for 'python' and 'pip' | |
sudo update-alternatives --install /usr/bin/python python /usr/bin/python3.7 2 | |
sudo update-alternatives --install /usr/bin/python python /usr/bin/python3.8 2 | |
sudo update-alternatives --install /usr/bin/pip pip /usr/bin/pip3 2 | |
# Install virtualenvwrapper | |
echo -en "Installing virtualenvwrapper...\n" | |
sudo -H pip install virtualenvwrapper | |
mkdir ~/.venvs | |
printf '%s\n' 'WORKON_HOME=~/.venvs' 'VIRTUALENVWRAPPER_PYTHON=/usr/bin/python' '. /usr/local/bin/virtualenvwrapper.sh' >> ~/.bashrc | |
source ~/.bashrc | |
# Configure avahi-daemon to advertise SSH | |
echo -en "Configuring avahi to advertise system services...\n" | |
printf '%s\n' '<?xml version="1.0" standalone='no'?><!--*-nxml-*-->' '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' '<service-group>' ' <name replace-wildcards="yes">%h</name>' ' <service>' ' <type>_ssh._tcp</type>' ' <port>22</port>' ' </service>' '</service-group>' | sudo tee /etc/avahi/services/ssh.service > /dev/null | |
# Configure avahi-daemon to advertise Portainer | |
printf '%s\n' '<?xml version="1.0" standalone='no'?><!--*-nxml-*-->' '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' '<service-group>' ' <name replace-wildcards="yes">%h</name>' ' <service>' ' <type>_http._tcp</type>' ' <port>9000</port>' ' </service>' '</service-group>' | sudo tee /etc/avahi/services/portainer.service > /dev/null | |
sudo systemctl enable avahi-daemon.service | |
sudo systemctl restart avahi-daemon.service | |
echo -en "Finished base config.\n" | |
} | |
function create_swap () { | |
echo -en "swap does not exist, creating... " | |
# Adjusting permissions on swap | |
sudo chmod 600 /swap.img | |
# Converting to swap filesystem | |
sudo mkswap /swap.img | |
# Enabling system swap | |
sudo swapon /swap.img | |
echo -en "Finished creating swap space.\n" | |
} | |
function install_docker () { | |
# Installing docker from repos | |
echo -en "Configuring repos for docker installation...\n" | |
sudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common | |
# Adding repo keys | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - | |
# Adding repo to apt source lists | |
sudo bash -c 'echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu disco stable" > /etc/apt/sources.list.d/docker-ce.list' | |
sudo apt-get update | |
# Install | |
echo -en "Installing docker and docker-compose...\n" | |
sudo apt-get install docker-ce docker-compose -y | |
# Adding user to docker group so no 'sudo' needed to run docker commands | |
echo -en "Adding ${USER} to 'docker' group...\n" | |
sudo usermod -aG docker ${USER} | |
# Pulling required images | |
sudo docker pull alpine:latest | |
sudo docker pull python:3.7 | |
sudo docker pull python:3.8.1 | |
sudo docker pull portainer/portainer:latest | |
echo -en "Building portainer...\n" | |
mkdir -p ~/Projects/portainer/data | |
printf '%s\n' 'version: "3.2"' 'services:' ' portainer:' ' image: portainer/portainer:latest' ' container_name: portainer' ' hostname: portainer' ' restart: unless-stopped' ' privileged: true' ' volumes:' ' - /var/run/docker.sock:/var/run/docker.sock' ' - ./data:/data' ' ports:' ' - "9000:9000"' > ~/Projects/portainer/docker-compose.yml | |
cd ~/Projects/portainer | |
echo -en "Launching portainer on port 9000... " | |
sudo docker-compose up -d | |
echo -en "Done!\n" | |
echo -en "Finished installing docker.\n" | |
} | |
function create_venvs () { | |
echo -en "Creating virtual environments for scapy and kismet...\n" | |
sudo apt install -y tcpdump graphviz imagemagick | |
# Pre-populate some virtual environments for scapy and kismet | |
mkdir -p ~/Projects/scapy_lab ~/Projects/kismet | |
# Scapy venv | |
echo -en "Creating scapy venv...\n" | |
printf '%s\n' 'scapy[complete]==2.4.3' 'matplotlib==3.2.0rc3' 'numpy==1.18.1' 'jupyterlab==1.2.6' 'pyx==0.15' 'pycrypto==2.6.1' > ~/Projects/scapy_lab/requirements.txt | |
mkvirtualenv -a ~/Projects/scapy_lab -p $(which python3.7) -r ~/Projects/scapy_lab/requirements.txt scapy_lab | |
sudo setcap cap_net_raw=eip ~/.venvs/scapy_lab/bin/python3.7 | |
# Kismet main install | |
echo -en "Installing kismet server...\n" | |
wget -O - https://www.kismetwireless.net/repos/kismet-release.gpg.key | sudo apt-key add - | |
echo 'deb https://www.kismetwireless.net/repos/apt/release/eoan eoan main' | sudo tee /etc/apt/sources.list.d/kismet.list | |
sudo apt update | |
sudo apt install -y kismet | |
sudo usermod -aG kismet ${USER} | |
sudo mkdir -p /etc/systemd/system/kismet.service.d/ | |
printf '%s\n' '[Service]' 'User=wlpc' 'Group=kismet' | sudo tee /etc/systemd/system/kismet.service.d/override.conf | |
sudo systemctl enable kismet | |
sudo systemctl start kismet | |
# Kismet venv | |
echo -en "Creating kismet venv...\n" | |
printf '%s\n' 'kismet-rest==2019.5.1' 'kismet-analyzer==0.3.0' 'jupyterlab==1.2.6' > ~/Projects/kismet/requirements.txt | |
mkvirtualenv -a ~/Projects/kismet -p $(which python3.8) -r ~/Projects/kismet/requirements.txt kismet_lab | |
} | |
# Run base config | |
echo -en "Running base system config...\n" | |
base_config | |
# Check if swap exists, create it if not | |
echo -en "Checking system memory swap... " | |
sudo fallocate -l 4G /swap.img && create_swap || echo -en "already configured, moving on.\n" | |
# Install docker and tools | |
echo -en "Installing docker...\n" | |
install_docker | |
# Create lab virtual environments for scapy and kismet | |
echo -en "Creating virtual environments...\n" | |
create_venvs | |
echo -en "System initialization complete, rebooting...\n" | |
sudo reboot |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment