This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| GREEN='\033[0;32m' | |
| RED='\033[0;33m' | |
| NC='\033[0m' | |
| os=$(lsb_release -is) | |
| version=$(lsb_release -rs) | |
| clear | |
| echo -e ${GREEN} | |
| echo -e 'This script will setup your server.' | |
| echo -e ${NC} | |
| if [[ $EUID -ne 0 ]]; then | |
| echo -e "${RED}This script must be run as root${NC}" 1>&2 | |
| exit 1 | |
| fi | |
| function menu { | |
| echo "" | |
| echo "What do you want to do?" | |
| echo " 1) Setup everything." | |
| echo " 2) Setup basic tools." | |
| echo " 3) Setup iptables and ip-edit." | |
| echo " 4) Setup openssh with akmey and fail2ban." | |
| echo " 5) Exit" | |
| echo "" | |
| while [[ $OPTION != "1" && $OPTION != "2" && $OPTION != "3" && $OPTION != "4" && $OPTION != "5" ]]; do | |
| read -p "Select an option [1-5]: " OPTION | |
| done | |
| case $OPTION in | |
| 1) | |
| setup_all | |
| exit | |
| ;; | |
| 2) | |
| setup_basic | |
| exit | |
| ;; | |
| 3) | |
| setup_ip | |
| exit | |
| ;; | |
| 4) | |
| setup_ssh | |
| exit | |
| ;; | |
| 5) | |
| exit | |
| ;; | |
| esac | |
| } | |
| function setup_ip { | |
| echo -e ${GREEN}'Setup iptables.'${NC} | |
| apt install iptables-persistent -y | |
| cd /usr/sbin | |
| wget https://gist.github.com/skid9000/742674c776418bca265c000082f9a52c/raw/58c16de803a01cef866bcb14c5494d71af994cfa/ip4-edit | |
| wget https://gist.github.com/skid9000/83d4210a677a47d3cc1796340de4651b/raw/e0273ddd9c53b5ab62f0a6ca012d732431b69396/ip6-edit | |
| chmod +x ip4-edit ; chmod +x ip6-edit | |
| touch /etc/iptables/rules.v4.bak /etc/iptables/rules.v4.bak.bak /etc/iptables/rules.v6.bak /etc/iptables/rules.v6.bak.bak | |
| cd /etc/iptables | |
| rm rules.v4 rules.v6 | |
| wget https://gist.github.com/skid9000/ab4d2f30e2b9435f197814cc8e31e628/raw/79b8b98a7dbb09ec123add706b3f588627295a4c/rules.v4 | |
| wget https://gist.github.com/skid9000/7d9e5a1b7181d1b0cfba8f6fabc4616a/raw/528b4d767c79e7e6030b71f4b4181eea80649796/rules.v6 | |
| echo -e "${GREEN}Is your ssh port 44322? [y/N] ${NC}"; read -r response | |
| response=${response,,} | |
| if [[ "$response" =~ ^(no|n)$ ]] ; then | |
| echo "What's your ssh port then ?"; read -r response | |
| response=${response,,} | |
| sed -i "s|44322|$response|" /etc/iptables/rules.v4 | |
| sed -i "s|44322|$response|" /etc/iptables/rules.v6 | |
| fi | |
| iptables-restore -c < /etc/iptables/rules.v4 | |
| ip6tables-restore -c < /etc/iptables/rules.v6 | |
| echo -e "${GREEN}Iptables, done.${NC}" | |
| } | |
| function setup_basic { | |
| echo -e "${GREEN}Setup basic tools..." | |
| echo -e "Updating system...${NC}" | |
| apt update ; apt full-upgrade -y | |
| echo -e "${GREEN}Updating complete...${NC}" | |
| echo "" | |
| echo -e "${GREEN}Installing Htop, Dfc, tuptime, dnsutils, wget and curl... Proceed? [y/N] ${NC}"; read -r response | |
| response=${response,,} | |
| if [[ "$response" =~ ^(yes|y)$ ]] ; then | |
| apt install htop dfc tuptime dnsutils wget curl -y | |
| fi | |
| echo "" | |
| echo -e "${GREEN}Installing Git and Build-Essentials... Proceed? [y/N] ${NC}"; read -r response | |
| response=${response,,} | |
| if [[ "$response" =~ ^(yes|y)$ ]] ; then | |
| apt install git build-essential -y | |
| fi | |
| } | |
| function setup_ssh { | |
| echo -e "${GREEN}Setup openssh, fail2ban and akmey...${NC}" | |
| apt install openssh-server fail2ban | |
| cd /etc/fail2ban | |
| rm jail.conf | |
| wget https://gist.github.com/skid9000/f2c892f0cff0a8b6d7223b218921f759/raw/cd61ab7e4cda344857a351e3ed99349ad0ec72b7/jail.conf | |
| cd /etc/ssh | |
| rm sshd_config | |
| wget https://gist.github.com/skid9000/756dd02881ad1e0e64c5c3cf8bc10a12/raw/f6a306820b35e590f4e436e0378234b0ab861d1c/sshd_config | |
| echo -e "${GREEN}Do you want to use 44322 as your ssh port? [y/N] ${NC}"; read -r response | |
| response=${response,,} | |
| if [[ "$response" =~ ^(no|n)$ ]] ; then | |
| echo "What's your future ssh port then ?"; read -r response | |
| response=${response,,} | |
| sed -i "s|44322|$response|" /etc/iptables/jail.conf | |
| sed -i "s|44322|$response|" /etc/iptables/jail.conf | |
| sed -i "s|44322|$response|" /etc/iptables/jail.conf | |
| sed -i "s|44322|$response|" /etc/iptables/jail.conf | |
| sed -i "s|44322|$response|" /etc/ssh/sshd_config | |
| fi | |
| systemctl restart sshd fail2ban | |
| cd /usr/local/bin | |
| wget https://github.com/akmey/akmey-client/releases/download/$(curl --silent https://api.github.com/repos/akmey/akmey-client/releases/latest|grep tag_name|cut -c 16-|sed 's/.\{2\}$//')/akmey-client-linux-amd64 -O akmey | |
| chmod +x akmey | |
| cd ~ | |
| } | |
| function setup_all { | |
| setup_basic | |
| setup_ssh | |
| setup_ip | |
| } | |
| echo -e "${GREEN}It seems that you are running" $os $version ${NC} | |
| echo -e "${GREEN}Is it correct? [y/N] ${NC}"; read -r response | |
| response=${response,,} | |
| if [[ "$response" =~ ^(yes|y)$ ]] ; then | |
| menu | |
| fi | |
| if [[ "$response" =~ ^(no|n)$ ]] ; then | |
| exit 1 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
owo