rigwild/install.sh

## install.sh
#!/bin/bash

# Check if script is ran by root user -> exit
if [[ $EUID -eq 0 ]]; then echo "This script should not be ran by root!"; exit 1; fi

# Stop script on error
set -e
set -o pipefail

sudo apt update
sudo apt upgrade -y

# Install common packages
sudo apt install -y \
  linux-generic \
  build-essential \
  apt-transport-https \
  ca-certificates \
  curl \
  gnupg-agent \
  jq \
  bat \
  software-properties-common \
  fail2ban \
  git \
  htop

# Install Node.js
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt install -y nodejs

# Install yarn
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt update && sudo apt -y install yarn

# Install pnpm
curl -fsSL https://get.pnpm.io/install.sh | sh -
source ~/.bashrc

# Install PM2 and zx
pnpm i -g pm2 zx

# Install Redis
sudo apt install -y redis-server
sudo sed -i -e 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
sudo systemctl restart redis.service

# Configure fail2ban
awk '{ printf "# "; print; }' /etc/fail2ban/jail.conf | sudo tee /etc/fail2ban/jail.local
sudo sed -i -e 's/maxretry = 5/maxretry = 3/g' /etc/fail2ban/jail.conf
sudo sed -i -e 's/# \[sshd\]/# \[sshd-example-jail\]/g' /etc/fail2ban/jail.conf
sudo sed -i -e 's/\[sshd\]/\[sshd\]\nenabled = true/g' /etc/fail2ban/jail.conf
sudo sed -i -e 's/findtime  = 10m/findtime  = 15m/g' /etc/fail2ban/jail.conf
sudo service fail2ban restart

# Configure SSH
# Change SSH port from 22 to 2222
sudo sed -i -e 's/#Port 22/Port 2222\n#Port 22/g' /etc/ssh/sshd_config
# Disable SSH password login
sudo sed -i -e 's/#PasswordAuthentication yes/PasswordAuthentication no\n#PasswordAuthentication yes/g' /etc/ssh/sshd_config
sudo service sshd restart

# Add 2 GB of swap
sudo fallocate -l 2G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo cp /etc/fstab /etc/fstab.bak
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab

# Finalize setup
echo 'alias bat=batcat' >> ~/.bashrc
echo 'alias ll="ls -al"' >> ~/.bashrc
echo 'cd /var/www' >> ~/.bashrc
sudo mkdir /var/www
sudo chown -R $UID:$UID /var/www

source  ~/.bashrc
	#!/bin/bash

	# Check if script is ran by root user -> exit
	if [[ $EUID -eq 0 ]]; then echo "This script should not be ran by root!"; exit 1; fi

	# Stop script on error
	set -e
	set -o pipefail

	sudo apt update
	sudo apt upgrade -y

	# Install common packages
	sudo apt install -y \
	linux-generic \
	build-essential \
	apt-transport-https \
	ca-certificates \
	curl \
	gnupg-agent \
	jq \
	bat \
	software-properties-common \
	fail2ban \
	git \
	htop

	# Install Node.js
	curl -fsSL https://deb.nodesource.com/setup_18.x \| sudo -E bash -
	sudo apt install -y nodejs

	# Install yarn
	curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg \| gpg --dearmor \| sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
	echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" \| sudo tee /etc/apt/sources.list.d/yarn.list
	sudo apt update && sudo apt -y install yarn

	# Install pnpm
	curl -fsSL https://get.pnpm.io/install.sh \| sh -
	source ~/.bashrc

	# Install PM2 and zx
	pnpm i -g pm2 zx

	# Install Redis
	sudo apt install -y redis-server
	sudo sed -i -e 's/supervised no/supervised systemd/g' /etc/redis/redis.conf
	sudo systemctl restart redis.service

	# Configure fail2ban
	awk '{ printf "# "; print; }' /etc/fail2ban/jail.conf \| sudo tee /etc/fail2ban/jail.local
	sudo sed -i -e 's/maxretry = 5/maxretry = 3/g' /etc/fail2ban/jail.conf
	sudo sed -i -e 's/# \[sshd\]/# \[sshd-example-jail\]/g' /etc/fail2ban/jail.conf
	sudo sed -i -e 's/\[sshd\]/\[sshd\]\nenabled = true/g' /etc/fail2ban/jail.conf
	sudo sed -i -e 's/findtime = 10m/findtime = 15m/g' /etc/fail2ban/jail.conf
	sudo service fail2ban restart

	# Configure SSH
	# Change SSH port from 22 to 2222
	sudo sed -i -e 's/#Port 22/Port 2222\n#Port 22/g' /etc/ssh/sshd_config
	# Disable SSH password login
	sudo sed -i -e 's/#PasswordAuthentication yes/PasswordAuthentication no\n#PasswordAuthentication yes/g' /etc/ssh/sshd_config
	sudo service sshd restart

	# Add 2 GB of swap
	sudo fallocate -l 2G /swapfile
	sudo chmod 600 /swapfile
	sudo mkswap /swapfile
	sudo swapon /swapfile
	sudo cp /etc/fstab /etc/fstab.bak
	echo '/swapfile none swap sw 0 0' \| sudo tee -a /etc/fstab

	# Finalize setup
	echo 'alias bat=batcat' >> ~/.bashrc
	echo 'alias ll="ls -al"' >> ~/.bashrc
	echo 'cd /var/www' >> ~/.bashrc
	sudo mkdir /var/www
	sudo chown -R $UID:$UID /var/www

	source ~/.bashrc