2024-11-16 12:41:50 +01:00
#!/usr/bin/env bash
set -euo pipefail
2024-11-16 14:16:16 +01:00
GREEN = '\033[1;32m'
NC = '\033[0m'
2024-11-24 11:55:21 +01:00
apt_packages = (
atop
autossh
bat
borgbackup
borgmatic
build-essential
calibre
cmake
curl
2024-11-24 13:18:57 +01:00
direnv
2024-11-24 11:55:21 +01:00
duf
emacs
firewalld
fzf
git
git-core
golang
hdparm
htop
hugo
jc
jq
lsd
lynx
2024-12-22 16:24:58 +01:00
maim
2024-11-24 11:55:21 +01:00
neovim
nmap
nodejs
npm
papirus-icon-theme
parallel
pipx
prometheus-node-exporter
python3-dev
python3-pip
2024-11-24 11:57:10 +01:00
python3-poetry
2024-11-24 11:55:21 +01:00
ripgrep
2024-12-22 16:24:58 +01:00
rofi
2024-11-24 11:55:21 +01:00
rsync
rsyslog
shfmt
shellcheck
tcpdump
tealdeer
trash-cli
2024-11-24 12:44:25 +01:00
unzip
2024-11-24 11:55:21 +01:00
w3m
wget
wireshark
2024-12-22 16:24:58 +01:00
xclip
2024-11-24 12:44:25 +01:00
zip
2024-11-24 11:55:21 +01:00
zsh
)
2024-11-16 14:16:16 +01:00
2024-11-24 11:55:21 +01:00
dnf_packages = (
2024-11-16 12:41:50 +01:00
age
atop
autossh
bat
borgbackup
borgmatic
btrfs-assistant
calibre
cmake
curl
diff-so-fancy
2024-11-16 14:16:16 +01:00
direnv
2024-11-16 12:41:50 +01:00
duf
emacs
ethtool
eza
fastfetch
fd-find
2024-12-22 16:24:58 +01:00
flatpak
2024-11-16 12:41:50 +01:00
fzf
git
git-core
golang
hdparm
htop
hugo
jc
jq
just
lagrange
ldns
libtool
2024-11-24 11:55:21 +01:00
lsd
2024-11-16 12:41:50 +01:00
lsof
lynx
2024-12-22 16:24:58 +01:00
maim
2024-11-16 12:41:50 +01:00
neovim
nmap
node-exporter
nodejs
nu
2024-11-16 14:16:16 +01:00
parallel
2024-11-16 12:41:50 +01:00
pipx
poetry
python3-devel
python3-pip
qbittorrent
ripgrep
2024-12-22 16:24:58 +01:00
rofi
2024-11-16 12:41:50 +01:00
rsync
rsyslog
shfmt
ShellCheck
tcpdump
tealdeer
trash-cli
vlc
w3m
wireshark
2024-12-22 16:24:58 +01:00
xclip
xfce4-docklike-plugin
xfce4-genmon-plugin
xfce4-weather-plugin
2024-11-16 12:41:50 +01:00
zsh
)
copr_repos = (
atim/starship
hyperreal/better_fonts
varlad/yazi
varlad/zellij
)
flatpak_packages = (
com.discordapp.Discord
com.github.tchx84.Flatseal
2024-12-22 16:24:58 +01:00
im.riot.Riot
2024-11-16 12:41:50 +01:00
io.podman_desktop.PodmanDesktop
)
pipx_packages = (
"black"
"bpython"
"isort"
"pyright"
2024-11-24 11:55:21 +01:00
"uv"
2024-11-16 12:41:50 +01:00
)
services_enable = (
atop.service
atopacct.service
atop-rotate.timer
2024-11-24 11:55:21 +01:00
firewalld.service
2024-11-16 12:41:50 +01:00
prometheus-node-exporter.service
rsyslog.service
2024-12-22 16:24:58 +01:00
systemd-networkd.service
2024-11-16 12:41:50 +01:00
tailscaled.service
)
services_disable = (
avahi-daemon.service
2024-11-16 14:16:16 +01:00
avahi-daemon.socket
2024-11-16 12:41:50 +01:00
bluetooth.service
cups.service
cups-browsed.service
NetworkManager.service
)
2024-11-16 14:16:16 +01:00
function action_label( ) {
2024-11-16 12:41:50 +01:00
echo ""
2024-11-16 14:16:16 +01:00
echo -e " ${ GREEN } --> ${ 1 } ... ${ NC } "
}
2024-11-24 11:55:21 +01:00
install_makedeb_prebuilt_packages( ) {
wget -qO - 'https://proget.makedeb.org/debian-feeds/prebuilt-mpr.pub' | gpg --dearmor | sudo tee /usr/share/keyrings/prebuilt-mpr-archive-keyring.gpg 1>/dev/null
echo " deb [arch=all, $( dpkg --print-architecture) signed-by=/usr/share/keyrings/prebuilt-mpr-archive-keyring.gpg] https://proget.makedeb.org prebuilt-mpr $( lsb_release -cs) " | sudo tee /etc/apt/sources.list.d/prebuilt-mpr.list
sudo apt update
sudo apt dist-upgrade -y
sudo apt install just
}
# interactive
install_starship( ) {
2024-11-24 12:06:58 +01:00
if ! test -f " $( command -v starship) " ; then
curl -sS https://starship.rs/install.sh | sh
fi
2024-11-24 11:55:21 +01:00
}
2024-11-16 14:16:16 +01:00
function install_packages( ) {
action_label "INSTALLING PACKAGES"
2024-11-24 11:55:21 +01:00
if test -f /etc/debian_version; then
sudo apt install -y " ${ apt_packages [@] } "
install_makedeb_prebuilt_packages
install_starship
2024-11-24 13:18:57 +01:00
install_zellij
2024-11-24 11:55:21 +01:00
fi
if test -f /etc/redhat-release; then
sudo dnf install -y " ${ dnf_packages [@] } "
install_devel_groups
enable_copr_repos
install_copr_packages
install_rpmfusion_repos
install_rpmfusion_packages
fi
2024-11-16 12:41:50 +01:00
}
function install_devel_groups( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING DEVELOPMENT GROUPS"
2024-11-16 12:41:50 +01:00
sudo dnf install -y '@c-development' '@development-tools' '@container-management'
}
function enable_copr_repos( ) {
2024-11-16 14:16:16 +01:00
action_label "ENABLING COPR REPOS"
2024-11-16 12:41:50 +01:00
for repo in " ${ copr_repos [@] } " ; do sudo dnf copr enable -y " $repo " ; done
}
# Depends: enable_copr_repos
function install_copr_packages( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING COPR PACKAGES"
2024-11-16 12:41:50 +01:00
sudo dnf install -y starship fontconfig-font-replacements yazi zellij
}
function install_rpmfusion_repos( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING RPMFUSION REPOS"
2024-11-16 12:41:50 +01:00
sudo dnf install -y " https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release- $( rpm -E %fedora) .noarch.rpm " " https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release- $( rpm -E %fedora) .noarch.rpm "
}
# Depends: install_rpmfusion_repos
function install_rpmfusion_packages( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING RPMFUSION PACKAGES"
2024-11-16 12:41:50 +01:00
sudo dnf install -y --allowerasing ffmpeg-libs
}
2024-11-24 13:18:57 +01:00
install_zellij( ) {
if test -f /etc/debian_version; then
curl -s https://api.github.com/repos/zellij-org/zellij/releases/latest | grep "browser_download_url" | grep " zellij- $( uname -m) -unknown-linux-musl.tar.gz " | cut -d : -f 2,3 | tr -d '"' | wget -qi -
curl -s https://api.github.com/repos/zellij-org/zellij/releases/latest | grep "browser_download_url" | grep " zellij- $( uname -m) -unknown-linux-musl.sha256sum " | cut -d : -f 2,3 | tr -d '"' | wget -qi -
tar xvf " zellij- $( uname -m) -unknown-linux-musl.tar.gz "
if [ $( sha256sum -c " zellij- $( uname -m) -unknown-linux-musl.sha256sum " | head -n 1 | awk '{print $2}' ) = "OK" ] ; then
sudo mv zellij /usr/local/bin
fi
rm -v zellij*
fi
}
2024-11-16 12:41:50 +01:00
function install_charm_packages( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING CHARM PACKAGES"
2024-11-24 11:55:21 +01:00
if test -f /etc/debian_version; then
2024-11-24 13:18:57 +01:00
curl -s https://api.github.com/repos/charmbracelet/gum/releases/latest | grep "browser_download_url.*deb" | grep " $( dpkg --print-architecture) " | cut -d : -f 2,3 | tr -d '"' | wget -qi -
curl -s https://api.github.com/repos/charmbracelet/gum/releases/latest | grep "browser_download_url" | grep "checksums.txt" | head -n 1 | cut -d : -f 2,3 | tr -d '"' | wget -qi -
2024-12-22 16:24:58 +01:00
if [ " $( grep $( dpkg --print-architecture) .deb checksums.txt | sha256sum -c | head -n 1 | awk '{print $2}' ) " = "OK" ] ; then
2024-11-24 13:18:57 +01:00
sudo dpkg -i gum*.deb
sudo apt -f install
fi
2024-11-24 12:48:39 +01:00
rm -v gum*
2024-11-24 13:18:57 +01:00
rm -v checksums.txt
2024-11-24 11:55:21 +01:00
fi
if test -f /etc/redhat-release; then
2024-12-22 16:24:58 +01:00
printf "[charm]\nname=Charm\nbaseurl=https://repo.charm.sh/yum/\nenabled=1\ngpgcheck=1\ngpgkey=https://repo.charm.sh/yum/gpg.key\n" | sudo tee /etc/yum.repos.d/charm.repo
2024-11-24 11:55:21 +01:00
sudo rpm --import https://repo.charm.sh/yum/gpg.key
sudo dnf install -y gum charm
fi
2024-11-16 12:41:50 +01:00
}
function install_tailscale( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING TAILSCALE"
2024-12-22 16:24:58 +01:00
sudo rm -v /etc/yum.repos.d/tailscale.repo
2024-11-16 12:41:50 +01:00
curl -fsSL https://tailscale.com/install.sh | sh
}
function enable_flathub( ) {
2024-11-16 14:16:16 +01:00
action_label "ENABLING FLATHUB"
2024-11-16 12:41:50 +01:00
flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
}
# Depends: enable_flathub
function install_flatpaks( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING FLATPAKS"
for pkg in " ${ flatpak_packages [@] } " ; do flatpak install flathub -y " $pkg " ; done
2024-11-16 12:41:50 +01:00
}
# Depends: install_packages
function install_pipx_packages( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING PIPX PACKAGES"
2024-11-16 12:41:50 +01:00
for pkg in " ${ pipx_packages [@] } " ; do pipx install " $pkg " ; done
2024-11-16 14:16:16 +01:00
pipx install ansible --include-deps
2024-11-16 12:41:50 +01:00
}
function setup_networkd_conf( ) {
2024-11-16 14:16:16 +01:00
action_label "SETTING UP SYSTEMD-NETWORKD CONFIG"
2024-11-16 12:41:50 +01:00
echo ' [ Match]
Name = eno1
[ Network]
DHCP = yes
2024-11-16 14:16:16 +01:00
#DNS=100.100.100.100
2024-11-16 12:41:50 +01:00
DNSSEC = allow-downgrade
[ DHCPv4]
UseDNS = no' | sudo tee /etc/systemd/network/eno1.network
}
# After: setup_networkd_conf
function setup_resolv_conf( ) {
2024-11-16 14:16:16 +01:00
action_label "SETTING UP RESOLV CONF"
2024-11-16 12:41:50 +01:00
sudo rm -v /etc/resolv.conf
sudo ln -sf /var/run/systemd/resolve/resolv.conf /etc/resolv.conf
sudo systemctl restart systemd-resolved
}
# Depends: enable_tailscale
function setup_rsyslog_conf( ) {
2024-11-16 14:16:16 +01:00
action_label "SETTING UP RSYSLOG"
2024-12-22 16:24:58 +01:00
echo ' # Forward to main monitoring node (nas-aux.lyrebird-marlin.ts.net)
*.* action( type = "omfwd" target = "100.86.148.42" port = "514" protocol = "tcp"
2024-11-16 12:41:50 +01:00
action.resumeRetryCount= "100"
queue.type= "linkedList" queue.size= "10000" ) ' | sudo tee /etc/rsyslog.d/00forward-to-nas.conf
}
# After: setup_networkd_conf
function disable_services( ) {
2024-11-16 14:16:16 +01:00
action_label "DISABLING SYSTEMD SERVICES"
2024-11-24 12:05:05 +01:00
for service in " ${ services_disable [@] } " ; do
if sudo systemctl is-active " $service " ; then
sudo systemctl disable --now " $service "
fi
done
2024-11-16 12:41:50 +01:00
}
# After:
# - setup_networkd_conf
# - install_packages
function enable_services( ) {
2024-11-16 14:16:16 +01:00
action_label "ENABLING SYSTEMD SERVICES"
2024-11-16 12:41:50 +01:00
for service in " ${ services_enable [@] } " ; do sudo systemctl enable --now " $service " ; done
2024-11-24 12:11:12 +01:00
if test -f /etc/debian_version; then
sudo systemctl enable --now ssh.service
elif test -f /etc/redhat-release; then
sudo systemctl enable --now sshd.service
fi
2024-11-16 12:41:50 +01:00
}
function disable_ipv6( ) {
2024-11-16 14:16:16 +01:00
action_label "DISABLING IPV6"
2024-11-24 11:55:21 +01:00
if test -f /etc/debian_version; then
if ! grep "net.ipv6.conf.all.disable_ipv6" /etc/sysctl.conf; then
echo "net.ipv6.conf.all.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
2024-11-24 12:15:15 +01:00
echo "net.ipv6.conf.lo.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
2024-11-24 11:55:21 +01:00
sudo sysctl -p
else
echo "IPv6 already disabled."
fi
2024-11-24 12:42:40 +01:00
elif test -f /etc/redhat-release; then
if ! sudo grep "ipv6.disable=1" /boot/grub2/grub.cfg; then
sudo grubby --args= ipv6.disable= 1 --update-kernel= ALL
sudo grub2-mkconfig -o /boot/grub2/grub.cfg
else
echo "IPv6 already disabled."
fi
2024-11-16 12:41:50 +01:00
fi
}
function build_bat_cache( ) {
2024-11-16 14:16:16 +01:00
action_label "BUILDING BAT CACHE"
2024-11-24 11:55:21 +01:00
if test -f /etc/debian_version; then
batcat cache --build
elif test -f /etc/redhat-release; then
bat cache --build
fi
2024-11-16 12:41:50 +01:00
}
# Depends: install_packages
function update_tealdeer_cache( ) {
2024-11-16 14:16:16 +01:00
action_label "UPDATING TEALDEER CACHE"
2024-11-16 12:41:50 +01:00
tldr --update
}
2024-11-16 14:16:16 +01:00
# Depends: install_tailscale
2024-11-16 12:41:50 +01:00
function setup_firewalld( ) {
2024-11-16 14:16:16 +01:00
action_label "SETTING UP FIREWALLD"
2024-11-16 12:41:50 +01:00
if ! sudo firewall-cmd --get-zones | grep "tailnet" ; then
sudo firewall-cmd --permanent --new-zone= tailnet
sudo firewall-cmd --permanent --zone= tailnet --add-interface= tailscale0
sudo firewall-cmd --permanent --zone= tailnet --add-port= 1025-65535/tcp
sudo firewall-cmd --permanent --zone= tailnet --add-port= 1025-65535/udp
sudo firewall-cmd --permanent --zone= tailnet --add-service= ssh
else
echo "firewalld tailnet zone already configured"
fi
2024-11-24 11:55:21 +01:00
if test -f /etc/debian_version; then
sudo firewall-cmd --permanent --zone= public --remove-service= { dhcpv6-client,samba-client}
elif test -f /etc/redhat-release; then
sudo firewall-cmd --permanent --zone= FedoraWorkstation --remove-service= { dhcpv6-client,samba-client}
fi
2024-11-16 12:41:50 +01:00
sudo firewall-cmd --reload
}
function install_rclone( ) {
2024-11-16 14:16:16 +01:00
action_label "INSTALLING LATEST RCLONE"
2024-11-16 12:41:50 +01:00
curl https://rclone.org/install.sh | sudo bash
command -v rclone
}
install_packages
install_charm_packages
install_tailscale
2024-11-24 11:55:21 +01:00
if test -f /etc/redhat-release; then
enable_flathub
install_flatpaks
setup_networkd_conf
fi
2024-11-16 12:41:50 +01:00
install_pipx_packages
setup_resolv_conf
setup_rsyslog_conf
disable_services
enable_services
disable_ipv6
build_bat_cache
update_tealdeer_cache
setup_firewalld
install_rclone
2024-11-16 14:16:16 +01:00
action_label "DONE SETTING UP ALL THE THINGS ^_^"