Mikubill · September 7, 2021 12:11
diff --git a/init-alpine.sh b/init-alpine.sh
 #!/bin/sh

 set -e
 command_exists() {
 	command -v "$@" > /dev/null 2>&1
 }

 user="$(id -un 2>/dev/null || true)"
 # username="neko-$(tr -dc 0-9a-f </dev/urandom | head -c 2)"
 # original="$(hostname)"
 sh_c='sh -c'
 if [ "$user" != 'root' ]; then
 	if command_exists sudo; then
 		sh_c='sudo -E sh -c'
 	elif command_exists su; then
 		sh_c='su -c'
 	else
 		cat >&2 <<-'EOF'
 		Error: this installer needs the ability to run commands as root.
 		We are unable to find either "sudo" or "su" available to make this happen.
 		EOF
 		exit 1
 	fi
 fi

 # init_docker() {
 # 	$sh_c curl -Ls https://get.docker.com | sh
 # 	curl -Lo /usr/local/bin/docker-compose https://github.com/docker/compose/releases/latest/download/docker-compose-Linux-x86_64
 # 	chmod +x /usr/local/bin/docker-compose
 # }
  
 set -x

 # init
 cd ~
 $sh_c 'apk update -qq >/dev/null'
 $sh_c 'apk upgrade -qq >/dev/null'
 $sh_c 'apk add -qq curl zsh git vim htop nload busybox >/dev/null'

 mkdir -p .zsh .config .ssh
 [ ! -d ~/.zsh/zsh-autosuggestions ] && git clone https://github.com/zsh-users/zsh-autosuggestions ~/.zsh/zsh-autosuggestions >/dev/null
 [ ! -d ~/.zsh/zsh-syntax-highlighting ] && git clone https://github.com/zsh-users/zsh-syntax-highlighting ~/.zsh/zsh-syntax-highlighting >/dev/null 
 echo "HISTFILE=~/.zsh_history\nHISTSIZE=10000\nSAVEHIST=10000\nsetopt SHARE_HISTORY\n" >> .zshrc
 echo "source ~/.zsh/zsh-autosuggestions/zsh-autosuggestions.zsh" >> .zshrc
 echo "source ~/.zsh/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh" >> .zshrc

 chmod 700 ~/.ssh

 $sh_c 'echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf'
 $sh_c 'echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf'
 $sh_c "sed -i 's/^#PubkeyAuthentication\s\+yes/PubkeyAuthentication yes/' /etc/ssh/sshd_config"
 $sh_c "sed -i 's/^PasswordAuthentication\s\+yes/PasswordAuthentication no/' /etc/ssh/sshd_config"
 $sh_c "sed -i 's/^#ClientAliveInterval\s\+0/ClientAliveInterval 30/' /etc/ssh/sshd_config"
 $sh_c "sed -i 's/^#ClientAliveCountMax\s\+3/ClientAliveCountMax 3/' /etc/ssh/sshd_config"
 $sh_c "sed -i 's/^#PubkeyAuthentication\s\+yes/PubkeyAuthentication yes/' /etc/ssh/sshd_config"
 $sh_c "sed -i 's/^#PermitRootLogin\s\+prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config"
 $sh_c "sed -i 's/^#StrictModes\s\+yes/StrictModes yes/' /etc/ssh/sshd_config"
 $sh_c "sed -i 's/^#MaxAuthTries\s\+6/MaxAuthTries 6/' /etc/ssh/sshd_config"
 echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFoSZ2Rl49OtKKBgQF3pGfOnZL59N9pAnoSM2nMTwX5x hinako' >> ~/.ssh/authorized_keys


 $sh_c "curl -Ls https://github.com/starship/starship/releases/latest/download/starship-x86_64-unknown-linux-musl.tar.gz | tar xz -C /usr/local/bin"
 echo "$(starship init zsh)" >> .zshrc
 $sh_c "sed -i 's/\/root:\/bin\/ash/\/root:\/bin\/zsh/' /etc/passwd"

 # $sh_c "hostname $username"
 # $sh_c "chmod 777 /etc/hostname /etc/hosts"
 # $sh_c "sed -i \"s/$original/$username/g\" /etc/hosts"
 # $sh_c "echo \"$username\" > /etc/hostname"
 # $sh_c "chmod 644 /etc/hostname /etc/hosts"

 pwd="$(cat /proc/sys/kernel/random/uuid || true)"
 [ ! -z "$pwd" ] && $sh_c "echo root:$pwd | chpasswd"

 $sh_c 'apk add wireguard-tools-wg -qq >/dev/null'

 # wg_key=$(wg genkey)
 # wg_pub=$(echo $wg_key | wg pubkey)
 # randint=$((RANDOM % 256))
 # itf=wg0
 # $sh_c "echo '[Interface]\nListenPort=2408\nPrivateKey=$wg_key\nAddress=10.10.3.$randint/32,fd02::$randint/128'" > /etc/wireguard/$itf.conf
 # $sh_c "echo '[Peer]\nPublicKey=I6fP5QQge7sF5zEoy+kH0a6zsX1NKskglhoY3Jt6d0c=\nAllowedIPs=10.10.3.2/32,fd02::3/128'" >> /etc/wireguard/$itf.conf
 # wg-quick up $itf
	#!/bin/sh

	set -e
	command_exists() {
	command -v "$@" > /dev/null 2>&1
	}

	user="$(id -un 2>/dev/null \|\| true)"
	# username="neko-$(tr -dc 0-9a-f </dev/urandom \| head -c 2)"
	# original="$(hostname)"
	sh_c='sh -c'
	if [ "$user" != 'root' ]; then
	if command_exists sudo; then
	sh_c='sudo -E sh -c'
	elif command_exists su; then
	sh_c='su -c'
	else
	cat >&2 <<-'EOF'
	Error: this installer needs the ability to run commands as root.
	We are unable to find either "sudo" or "su" available to make this happen.
	EOF
	exit 1
	fi
	fi

	# init_docker() {
	# $sh_c curl -Ls https://get.docker.com \| sh
	# curl -Lo /usr/local/bin/docker-compose https://github.com/docker/compose/releases/latest/download/docker-compose-Linux-x86_64
	# chmod +x /usr/local/bin/docker-compose
	# }

	set -x

	# init
	cd ~
	$sh_c 'apk update -qq >/dev/null'
	$sh_c 'apk upgrade -qq >/dev/null'
	$sh_c 'apk add -qq curl zsh git vim htop nload busybox >/dev/null'

	mkdir -p .zsh .config .ssh
	[ ! -d ~/.zsh/zsh-autosuggestions ] && git clone https://github.com/zsh-users/zsh-autosuggestions ~/.zsh/zsh-autosuggestions >/dev/null
	[ ! -d ~/.zsh/zsh-syntax-highlighting ] && git clone https://github.com/zsh-users/zsh-syntax-highlighting ~/.zsh/zsh-syntax-highlighting >/dev/null
	echo "HISTFILE=~/.zsh_history\nHISTSIZE=10000\nSAVEHIST=10000\nsetopt SHARE_HISTORY\n" >> .zshrc
	echo "source ~/.zsh/zsh-autosuggestions/zsh-autosuggestions.zsh" >> .zshrc
	echo "source ~/.zsh/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh" >> .zshrc

	chmod 700 ~/.ssh

	$sh_c 'echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf'
	$sh_c 'echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf'
	$sh_c "sed -i 's/^#PubkeyAuthentication\s\+yes/PubkeyAuthentication yes/' /etc/ssh/sshd_config"
	$sh_c "sed -i 's/^PasswordAuthentication\s\+yes/PasswordAuthentication no/' /etc/ssh/sshd_config"
	$sh_c "sed -i 's/^#ClientAliveInterval\s\+0/ClientAliveInterval 30/' /etc/ssh/sshd_config"
	$sh_c "sed -i 's/^#ClientAliveCountMax\s\+3/ClientAliveCountMax 3/' /etc/ssh/sshd_config"
	$sh_c "sed -i 's/^#PubkeyAuthentication\s\+yes/PubkeyAuthentication yes/' /etc/ssh/sshd_config"
	$sh_c "sed -i 's/^#PermitRootLogin\s\+prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config"
	$sh_c "sed -i 's/^#StrictModes\s\+yes/StrictModes yes/' /etc/ssh/sshd_config"
	$sh_c "sed -i 's/^#MaxAuthTries\s\+6/MaxAuthTries 6/' /etc/ssh/sshd_config"
	echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFoSZ2Rl49OtKKBgQF3pGfOnZL59N9pAnoSM2nMTwX5x hinako' >> ~/.ssh/authorized_keys


	$sh_c "curl -Ls https://github.com/starship/starship/releases/latest/download/starship-x86_64-unknown-linux-musl.tar.gz \| tar xz -C /usr/local/bin"
	echo "$(starship init zsh)" >> .zshrc
	$sh_c "sed -i 's/\/root:\/bin\/ash/\/root:\/bin\/zsh/' /etc/passwd"

	# $sh_c "hostname $username"
	# $sh_c "chmod 777 /etc/hostname /etc/hosts"
	# $sh_c "sed -i \"s/$original/$username/g\" /etc/hosts"
	# $sh_c "echo \"$username\" > /etc/hostname"
	# $sh_c "chmod 644 /etc/hostname /etc/hosts"

	pwd="$(cat /proc/sys/kernel/random/uuid \|\| true)"
	[ ! -z "$pwd" ] && $sh_c "echo root:$pwd \| chpasswd"

	$sh_c 'apk add wireguard-tools-wg -qq >/dev/null'

	# wg_key=$(wg genkey)
	# wg_pub=$(echo $wg_key \| wg pubkey)
	# randint=$((RANDOM % 256))
	# itf=wg0
	# $sh_c "echo '[Interface]\nListenPort=2408\nPrivateKey=$wg_key\nAddress=10.10.3.$randint/32,fd02::$randint/128'" > /etc/wireguard/$itf.conf
	# $sh_c "echo '[Peer]\nPublicKey=I6fP5QQge7sF5zEoy+kH0a6zsX1NKskglhoY3Jt6d0c=\nAllowedIPs=10.10.3.2/32,fd02::3/128'" >> /etc/wireguard/$itf.conf
	# wg-quick up $itf