-
Notifications
You must be signed in to change notification settings - Fork 3
/
configure_debian.sh
executable file
·123 lines (96 loc) · 4.42 KB
/
configure_debian.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
CWD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
LOGFILE="/var/log/configure_linux.log"
SSH_PORT=2022
echo "Configurando repositorios repositorios..."
if grep "^9\." /etc/debian_version > /dev/null; then
echo "Debian 9 Detectado, configurando sources.list..."
cat > /etc/apt/sources.list << EOF
deb http://ftp.debian.org/debian stretch main
deb-src http://ftp.debian.org/debian stretch main
deb http://ftp.debian.org/debian-security/ stretch/updates main
deb-src http://ftp.debian.org/debian-security/ stretch/updates main
deb http://ftp.debian.org/debian stretch-updates main
deb-src http://ftp.debian.org/debian stretch-updates main
EOF
fi
echo "Actualizando SO e instalando paquetes básicos..."
apt update
DEBIAN_FRONTEND=noninteractive apt-get --yes -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" upgrade
DEBIAN_FRONTEND=noninteractive apt-get --yes -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" dist-upgrade
apt install ca-certificates -y
apt install screen ntpdate git -y
# CREANDO SWAP SI NO TIENE
if ! free | awk '/^Swap:/ {exit (!$2 || ($2<2194300))}'; then
echo "SWAP no detectada o menos de 2GB. Configurando..."
dd if=/dev/zero of=/swap count=4096 bs=1MiB
chmod 600 /swap
mkswap /swap
swapon /swap
echo "/swap swap swap sw 0 0" >> /etc/fstab
fi
echo "Configurando Red..."
echo "Reescribiendo /etc/resolv.conf..."
echo "nameserver 8.8.8.8" > /etc/resolv.conf # Google
echo "nameserver 8.8.4.4" >> /etc/resolv.conf # Google
echo "Configurando SSH..."
sed -i 's/^X11Forwarding.*/X11Forwarding no/' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i 's/PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i 's/#PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config
sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config
echo "Cambiando puerto SSH default 22 a $SSH_PORT..."
sed -i "s/^\(#\|\)Port.*/Port $SSH_PORT/" /etc/ssh/sshd_config
service sshd restart
echo "Configurando SSD (de poseer)..."
for DEVFULL in /dev/sg? /dev/sd?; do
DEV=$(echo "$DEVFULL" | cut -d'/' -f3)
if [ -f "/sys/block/$DEV/queue/rotational" ]; then
TYPE=$(grep "0" /sys/block/$DEV/queue/rotational > /dev/null && echo "SSD" || echo "HDD")
if [ "$TYPE" = "SSD" ]; then
cp /usr/share/doc/util-linux/examples/fstrim.service /etc/systemd/system
cp /usr/share/doc/util-linux/examples/fstrim.timer /etc/systemd/system
systemctl enable fstrim.timer
fi
fi
done
echo "Sincronizando fecha con pool.ntp.org..."
ntpdate 0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org 0.south-america.pool.ntp.org
if [ -f /usr/share/zoneinfo/America/Buenos_Aires ]; then
echo "Seteando timezone a America/Buenos_Aires..."
mv /etc/localtime /etc/localtime.old
ln -s /usr/share/zoneinfo/America/Buenos_Aires /etc/localtime
fi
echo "Seteando fecha del BIOS..."
hwclock -r
echo "Instalando CRON clean de Journal..."
echo "30 22 * * * root /bin/journalctl --vacuum-time=1d; /usr/sbin/service systemd-journald restart" > /etc/cron.d/clean_journal
service cron restart
# TAREAS POST-INSTALACION
for i in "$@"
do
case $i in
--notify-email=*)
EMAIL="${i#*=}"
echo "Avisando a $EMAIL..."
# ACTIVO EL ENVIO REMOTO
cp -af /etc/exim4/update-exim4.conf.conf /etc/exim4/update-exim4.conf.conf.bak
sed -i 's/dc_eximconfig_configtype=.*/dc_eximconfig_configtype=\x27internet\x27/' /etc/exim4/update-exim4.conf.conf
service exim4 restart
#cat "$LOGFILE" | sed ':a;N;$!ba;s/\n/<br>/g' | mailx -s "Servidor $(hostname -f) configurado con $(basename $0) $(echo -e "\nContent-Type: text/html")" -r "root@$(hostname -f) <root@$(hostname -f)>" "$EMAIL"
echo -e "From: $(hostname -f) <$(hostname -f)>\nSubject: Servidor $(hostname -f) configurado con $(basename $0)\nContent-Type: text/html\n\n $(cat "$LOGFILE" | sed ':a;N;$!ba;s/\n/<br>\n/g')" | sendmail "$EMAIL"
cp -af /etc/exim4/update-exim4.conf.conf.bak /etc/exim4/update-exim4.conf.conf
service exim4 restart
;;
esac
done
# DESACTIVAR MLOCATE
chmod -x /etc/cron.daily/mlocate
# DESACTIVAR SLEEP
systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target
# DESINSTALAR POSTFIX
apt remove postfix -y
history -c
echo "" > /root/.bash_history
echo "Finalizado!"