wcypierre/debian_setup.sh

## debian_setup.sh
#!/bin/bash
# Made for Debian 7 with CLI
apt-get remove --purge apache2 xinetd samba bind bind9 -y;
apt-get update -y;
service apache2 stop;
rm /etc/init.d/apache2;
sleep 2;
apt-get install dialog -y;
dpkg-reconfigure locales;
apt-get install g++-4.7 g++-4.6 g++-4.4 g++ gcc clang -y;
#apt-get install gdb valgrind kmtrace mutextrace -y;
sleep 2;
#apt-get install styx lemon doxygen colorgcc colormake cppcheck cpputest cproto libboost-all-dev libboost-dev libboost-chrono-dev astyle bcpp ccache cccc ccbuild cloc cmake automake -y;
sleep 2;
#apt-get install stl-manual manpages-posix manpages-posix-dev -y;
apt-get install sudo and aptitude -y;
apt-get install debconf autoconf binutils bison debhelper -y;
#apt-get install cpulimit htop ioping iotop -y;
apt-get install vim nano emacs -y;
apt-get install git git-core -y;
#apt-get install zsh csh rsh -y;
#apt-get install bashdb bc bash-completion -y;
#apt-get install unrar p7zip-full -y;
#apt-get install curl -y;
#apt-get install lynx -y;
apt-get install python python3 python-support python-pip -y;
apt-get install makejail fakeroot -y;
apt-get install php5-fpm nginx fail2ban zendframework php-apc php5-cli php5-curl phpunit -y;
#apt-get remove --purge mysql-server* mysql-client* -y;

mkdir -p /var/chroot/sshd/;
makejail /usr/share/doc/makejail/examples/sshd.py;
cd ~/;
wget https://gist.github.com/wcypierre/6095848/raw/6fbc059fe95fe6d605ab7c9ada8e27a1a71c3da9/bin_lib_copy.sh;
sh ./bin_lib_copy.sh ssh
wget https://gist.github.com/wcypierre/6136797/raw/66fa8e35f4d27321628f4cec836395a4949a2aa8/sshd_config_client
wget https://gist.github.com/wcypierre/6136792/raw/cf1d920f9e0981ae2420d198f8afbac54548b1f2/sshd_config_host
cp sshd_config_host /etc/ssh/sshd_config
cp sshd_config_client /var/chroot/sshd/etc/ssh/sshd_config
cp /etc/passwd /var/chroot/sshd/etc/passwd;
cp /etc/group /var/chroot/sshd/etc/group;
cp /etc/shadow /var/chroot/sshd/etc/shadow;
mkdir -p /var/chroot/sshd/home;
mkdir -p /var/chroot/sshd/proc;
mount -t proc proc /var/chroot/sshd/proc;
echo "proc-ssh /var/chroot/sshd/proc  proc none 0 0" >> /etc/fstab
wget https://gist.github.com/wcypierre/6138295/raw/fd0b9b5b09deb33b0f598d9cb765488507f9b5dc/ssh-chroot
cp ssh-chroot /etc/init.d/ssh-chroot
chmod 700 /etc/init.d/ssh-chroot
echo "-a /var/chroot/sshd/dev/log" >> /etc/default/syslogd
cp /etc/pam.d/common-* /var/chroot/sshd/etc/pam.d/
ssh-keygen -A
cp /etc/ssh/ssh_host_key /var/chroot/sshd/etc/ssh/ssh_host_key
cp /etc/ssh/ssh_host_key.pub /var/chroot/sshd/etc/ssh/ssh_host_key.pub
cp /etc/ssh/ssh_host_dsa_key /var/chroot/sshd/etc/ssh/ssh_host_dsa_key
cp /etc/ssh/ssh_host_rsa_key.pub /var/chroot/sshd/etc/ssh/ssh_host_rsa_key.pub
cp /etc/ssh/ssh_host_ecdsa_key /var/chroot/sshd/etc/ssh/ssh_host_ecdsa_key
cp /etc/ssh/ssh_host_ecdsa_key.pub /var/chroot/sshd/etc/ssh/ssh_host_ecdsa_key.pub
echo "session required pam_chroot.so" >> /etc/pam.d/ssh
/etc/init.d/ssh-chroot restart
/etc/init.d/ssh-chroot restart
/etc/init.d/ssh-chroot restart
/etc/init.d/ssh restart

echo "When you want to add user, you need to copy /etc/{passwd, group, shadow} to /var/chroot/sshd/{passwd, group, shadow}"
echo "vm.swappiness=30" >> /etc/sysctl.conf;

cd /usr/;
git clone https://github.com/wcypierre/GateOne.git
cd /usr/GateOne/;
pip install tornado stdeb slimit cssmin
python setup.py install
cd /opt/gateone/;
./gateone.py &

cd /etc/fail2ban/action.d/
rm sendmail-whois-lines.conf
wget https://gist.github.com/wcypierre/6145883/raw/7c7a9764fa7f51f9922d3bdd6bfd07296819d2f0/sendmail-whois-lines.conf
cd /etc/fail2ban;
rm jail.conf
wget https://gist.github.com/wcypierre/6145891/raw/3b05db2d85d60502015b1aafedda174b3cb24236/jail.conf

groupadd chroot

cd /usr/bin
wget https://gist.github.com/wcypierre/6146014/raw/85149dfeac7b62822d10216d4b75c0c2ba828bd8/user_add.sh

rm /etc/nginx/sites-available/default
cd /etc/nginx/sites-available/;
wget https://gist.github.com/wcypierre/6146312/raw/4031e22b7376c00b70c566b3b5457628832e9fd6/default

cd /etc/php5/fpm/;
rm php.ini;
wget https://gist.github.com/wcypierre/6146337/raw/f734c7cc3a76c6a00b66e63561f0a51c05da6c15/php.ini

service apache2 stop;
sleep 2;
service nginx restart;
service php5-fpm restart;

# Copy xterm to enable nano
mkdir -p /var/chroot/sshd/etc/terminfo/x
cp /lib/terminfo/x/* /var/chroot/sshd/etc/terminfo/x/
service ssh-chroot restart
service ssh-chroot restart

echo "TMOUT=1440
readonly TMOUT
export TMOUT" >> /etc/profile.d/autologout.sh

echo "deb http://dl.ajaxplorer.info/repos/apt stable main
deb-src http://dl.ajaxplorer.info/repos/apt stable main" >> /etc/apt/sources.list

apt-get update -y; apt-get install ajaxplorer -y;

cp /usr/share/doc/ajaxplorer/apache2.sample.conf /etc/apache2/sites-enabled/ajaxplorer.conf

# edit /opt/gateone/settings/50limits.conf
	#!/bin/bash
	# Made for Debian 7 with CLI
	apt-get remove --purge apache2 xinetd samba bind bind9 -y;
	apt-get update -y;
	service apache2 stop;
	rm /etc/init.d/apache2;
	sleep 2;
	apt-get install dialog -y;
	dpkg-reconfigure locales;
	apt-get install g++-4.7 g++-4.6 g++-4.4 g++ gcc clang -y;
	#apt-get install gdb valgrind kmtrace mutextrace -y;
	sleep 2;
	#apt-get install styx lemon doxygen colorgcc colormake cppcheck cpputest cproto libboost-all-dev libboost-dev libboost-chrono-dev astyle bcpp ccache cccc ccbuild cloc cmake automake -y;
	sleep 2;
	#apt-get install stl-manual manpages-posix manpages-posix-dev -y;
	apt-get install sudo and aptitude -y;
	apt-get install debconf autoconf binutils bison debhelper -y;
	#apt-get install cpulimit htop ioping iotop -y;
	apt-get install vim nano emacs -y;
	apt-get install git git-core -y;
	#apt-get install zsh csh rsh -y;
	#apt-get install bashdb bc bash-completion -y;
	#apt-get install unrar p7zip-full -y;
	#apt-get install curl -y;
	#apt-get install lynx -y;
	apt-get install python python3 python-support python-pip -y;
	apt-get install makejail fakeroot -y;
	apt-get install php5-fpm nginx fail2ban zendframework php-apc php5-cli php5-curl phpunit -y;
	#apt-get remove --purge mysql-server* mysql-client* -y;

	mkdir -p /var/chroot/sshd/;
	makejail /usr/share/doc/makejail/examples/sshd.py;
	cd ~/;
	wget https://gist.github.com/wcypierre/6095848/raw/6fbc059fe95fe6d605ab7c9ada8e27a1a71c3da9/bin_lib_copy.sh;
	sh ./bin_lib_copy.sh ssh
	wget https://gist.github.com/wcypierre/6136797/raw/66fa8e35f4d27321628f4cec836395a4949a2aa8/sshd_config_client
	wget https://gist.github.com/wcypierre/6136792/raw/cf1d920f9e0981ae2420d198f8afbac54548b1f2/sshd_config_host
	cp sshd_config_host /etc/ssh/sshd_config
	cp sshd_config_client /var/chroot/sshd/etc/ssh/sshd_config
	cp /etc/passwd /var/chroot/sshd/etc/passwd;
	cp /etc/group /var/chroot/sshd/etc/group;
	cp /etc/shadow /var/chroot/sshd/etc/shadow;
	mkdir -p /var/chroot/sshd/home;
	mkdir -p /var/chroot/sshd/proc;
	mount -t proc proc /var/chroot/sshd/proc;
	echo "proc-ssh /var/chroot/sshd/proc proc none 0 0" >> /etc/fstab
	wget https://gist.github.com/wcypierre/6138295/raw/fd0b9b5b09deb33b0f598d9cb765488507f9b5dc/ssh-chroot
	cp ssh-chroot /etc/init.d/ssh-chroot
	chmod 700 /etc/init.d/ssh-chroot
	echo "-a /var/chroot/sshd/dev/log" >> /etc/default/syslogd
	cp /etc/pam.d/common-* /var/chroot/sshd/etc/pam.d/
	ssh-keygen -A
	cp /etc/ssh/ssh_host_key /var/chroot/sshd/etc/ssh/ssh_host_key
	cp /etc/ssh/ssh_host_key.pub /var/chroot/sshd/etc/ssh/ssh_host_key.pub
	cp /etc/ssh/ssh_host_dsa_key /var/chroot/sshd/etc/ssh/ssh_host_dsa_key
	cp /etc/ssh/ssh_host_rsa_key.pub /var/chroot/sshd/etc/ssh/ssh_host_rsa_key.pub
	cp /etc/ssh/ssh_host_ecdsa_key /var/chroot/sshd/etc/ssh/ssh_host_ecdsa_key
	cp /etc/ssh/ssh_host_ecdsa_key.pub /var/chroot/sshd/etc/ssh/ssh_host_ecdsa_key.pub
	echo "session required pam_chroot.so" >> /etc/pam.d/ssh
	/etc/init.d/ssh-chroot restart
	/etc/init.d/ssh-chroot restart
	/etc/init.d/ssh-chroot restart
	/etc/init.d/ssh restart

	echo "When you want to add user, you need to copy /etc/{passwd, group, shadow} to /var/chroot/sshd/{passwd, group, shadow}"
	echo "vm.swappiness=30" >> /etc/sysctl.conf;

	cd /usr/;
	git clone https://github.com/wcypierre/GateOne.git
	cd /usr/GateOne/;
	pip install tornado stdeb slimit cssmin
	python setup.py install
	cd /opt/gateone/;
	./gateone.py &

	cd /etc/fail2ban/action.d/
	rm sendmail-whois-lines.conf
	wget https://gist.github.com/wcypierre/6145883/raw/7c7a9764fa7f51f9922d3bdd6bfd07296819d2f0/sendmail-whois-lines.conf
	cd /etc/fail2ban;
	rm jail.conf
	wget https://gist.github.com/wcypierre/6145891/raw/3b05db2d85d60502015b1aafedda174b3cb24236/jail.conf

	groupadd chroot

	cd /usr/bin
	wget https://gist.github.com/wcypierre/6146014/raw/85149dfeac7b62822d10216d4b75c0c2ba828bd8/user_add.sh

	rm /etc/nginx/sites-available/default
	cd /etc/nginx/sites-available/;
	wget https://gist.github.com/wcypierre/6146312/raw/4031e22b7376c00b70c566b3b5457628832e9fd6/default

	cd /etc/php5/fpm/;
	rm php.ini;
	wget https://gist.github.com/wcypierre/6146337/raw/f734c7cc3a76c6a00b66e63561f0a51c05da6c15/php.ini

	service apache2 stop;
	sleep 2;
	service nginx restart;
	service php5-fpm restart;

	# Copy xterm to enable nano
	mkdir -p /var/chroot/sshd/etc/terminfo/x
	cp /lib/terminfo/x/* /var/chroot/sshd/etc/terminfo/x/
	service ssh-chroot restart
	service ssh-chroot restart

	echo "TMOUT=1440
	readonly TMOUT
	export TMOUT" >> /etc/profile.d/autologout.sh

	echo "deb http://dl.ajaxplorer.info/repos/apt stable main
	deb-src http://dl.ajaxplorer.info/repos/apt stable main" >> /etc/apt/sources.list

	apt-get update -y; apt-get install ajaxplorer -y;

	cp /usr/share/doc/ajaxplorer/apache2.sample.conf /etc/apache2/sites-enabled/ajaxplorer.conf

	# edit /opt/gateone/settings/50limits.conf