rvanzon/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Install a basic Ubuntu server

Version 0.1
It does:

Changes the port of the SSH server.
Adds an admin user.
Adds the user to SUDO-ers and disables the need of a password.
Adds that SSH-port to UFW and enables it.
Updates repositories of apt-get

...more to come
Usage:
curl -sL "https://gist.githubusercontent.com/rvanzon/b64f8cd0b0a2897455c85f72cc9cb3d6/raw/server-install.sh" | bash -s SSH_PORT ADMIN_USER ADMIN_PASSWORD

Example:
curl -sL "https://gist.githubusercontent.com/rvanzon/b64f8cd0b0a2897455c85f72cc9cb3d6/raw/server-install.sh" | bash -s 22 admin verysecretpassword


## server-install.sh
#!/bin/bash

# Parameters
PORT=$1
ADMIN_USER=$2
ADMIN_PASSWORD=$3

# check variables
if [ -z "$PORT" ]; then
    echo -n "On wich port the SSH-server should listen [22]: "
    read PORT
fi

if [ -z "$PORT" ]; then
    PORT=22
fi

if [ -z "$ADMIN_USER" ]; then
    echo -n "Provide the username of the administrator [admin]: "
    read ADMIN_USER
fi

if [ -z "$ADMIN_USER" ]; then
    ADMIN_USER="admin"
fi

if [ -z "$ADMIN_PASSWORD" ]; then
    echo -n "Provide the password: "
    read ADMIN_PASSWORD
fi

if [ -z "$ADMIN_PASSWORD" ]; then
    echo "Aborting. Password is required."
    exit 1
fi


# Functions
append () {
    grep -q -F "$1" "$2" || echo "$1" >> "$2"
}

# change SSH port
append "Port $PORT" /etc/ssh/sshd_config
service ssh start

# add admin user
sudo su -c "useradd \"$ADMIN_USER\" -s /bin/bash -m"
echo "$ADMIN_USER:$ADMIN_PASSWORD" | chpasswd

# disable passwords for SUDO
cp /etc/sudoers /tmp/sudoers.bak
append "$ADMIN_USER ALL=(ALL) NOPASSWD:ALL" /tmp/sudoers.bak
visudo -cf /tmp/sudoers.bak
if [ $? -eq 0 ]; then
  cp /tmp/sudoers.bak /etc/sudoers
else
  echo "Could not modify /etc/sudoers file. Please do this manually."
fi

# setup firewall
ufw allow "$PORT"
ufw --force enable
ufw status

#update repositories
apt-get update
	#!/bin/bash

	# Parameters
	PORT=$1
	ADMIN_USER=$2
	ADMIN_PASSWORD=$3

	# check variables
	if [ -z "$PORT" ]; then
	echo -n "On wich port the SSH-server should listen [22]: "
	read PORT
	fi

	if [ -z "$PORT" ]; then
	PORT=22
	fi

	if [ -z "$ADMIN_USER" ]; then
	echo -n "Provide the username of the administrator [admin]: "
	read ADMIN_USER
	fi

	if [ -z "$ADMIN_USER" ]; then
	ADMIN_USER="admin"
	fi

	if [ -z "$ADMIN_PASSWORD" ]; then
	echo -n "Provide the password: "
	read ADMIN_PASSWORD
	fi

	if [ -z "$ADMIN_PASSWORD" ]; then
	echo "Aborting. Password is required."
	exit 1
	fi


	# Functions
	append () {
	grep -q -F "$1" "$2" \|\| echo "$1" >> "$2"
	}

	# change SSH port
	append "Port $PORT" /etc/ssh/sshd_config
	service ssh start

	# add admin user
	sudo su -c "useradd \"$ADMIN_USER\" -s /bin/bash -m"
	echo "$ADMIN_USER:$ADMIN_PASSWORD" \| chpasswd

	# disable passwords for SUDO
	cp /etc/sudoers /tmp/sudoers.bak
	append "$ADMIN_USER ALL=(ALL) NOPASSWD:ALL" /tmp/sudoers.bak
	visudo -cf /tmp/sudoers.bak
	if [ $? -eq 0 ]; then
	cp /tmp/sudoers.bak /etc/sudoers
	else
	echo "Could not modify /etc/sudoers file. Please do this manually."
	fi

	# setup firewall
	ufw allow "$PORT"
	ufw --force enable
	ufw status

	#update repositories
	apt-get update