hargup · November 5, 2024 15:46
diff --git a/gistfile1.txt b/gistfile1.txt
 #!/bin/bash

 # Exit on any error
 set -e

 # Function to print status messages
 print_status() {
    echo "→ $1"
 }

 # Update system
 print_status "Updating system packages..."
 sudo apt-get update
 sudo apt-get upgrade -y

 # Install essential packages
 print_status "Installing essential packages..."
 sudo apt-get install -y \
    curl \
    wget \
    git \
    unzip \
    build-essential \
    python3-pip \
    python3-venv \
    software-properties-common \
    apt-transport-https \
    ca-certificates \
    gnupg \
    lsb-release

 # Install Docker
 print_status "Installing Docker..."
 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
 echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
 sudo apt-get update
 sudo apt-get install -y docker-ce docker-ce-cli containerd.io

 # Install Node.js and npm
 print_status "Installing Node.js and npm..."
 curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
 sudo apt-get install -y nodejs

 # Install bun
 print_status "Installing bun..."
 curl -fsSL https://bun.sh/install | bash

 # Create devops user
 print_status "Creating devops user..."
 sudo useradd -m -s /bin/bash devops
 sudo usermod -aG sudo devops
 sudo usermod -aG docker devops

 # Setup SSH directory for devops user
 print_status "Setting up SSH for devops user..."
 sudo mkdir -p /home/devops/.ssh
 sudo cp ~/.ssh/authorized_keys /home/devops/.ssh/ 2>/dev/null || echo "No SSH keys found to copy"
 sudo chown -R devops:devops /home/devops/.ssh
 sudo chmod 700 /home/devops/.ssh
 sudo chmod 600 /home/devops/.ssh/authorized_keys

 # Configure npm for global packages without sudo
 print_status "Configuring npm for global packages without sudo..."
 sudo mkdir -p /home/devops/.npm-global
 sudo chown -R devops:devops /home/devops/.npm-global

 # Switch to devops user to configure npm and pip
 sudo -u devops bash << 'EOF'
 echo 'export PATH="/home/devops/.npm-global/bin:$PATH"' >> /home/devops/.bashrc
 echo 'export NPM_CONFIG_PREFIX="/home/devops/.npm-global"' >> /home/devops/.bashrc

 # Configure pip for user installations
 mkdir -p /home/devops/.local/bin
 echo 'export PATH="/home/devops/.local/bin:$PATH"' >> /home/devops/.bashrc

 # Configure git
 git config --global user.email "[email protected]"
 git config --global user.name "Harsh Gupta"

 # Setup some useful git aliases
 git config --global alias.co checkout
 git config --global alias.br branch
 git config --global alias.ci commit
 git config --global alias.st status
 EOF

 # Additional security configurations
 print_status "Configuring additional security settings..."

 # Disable password authentication for SSH (uncomment if desired)
 # sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
 # sudo systemctl restart sshd

 # Configure UFW firewall
 sudo ufw allow OpenSSH
 sudo ufw enable

 # Create swap file if none exists
 if [ ! -f /swapfile ]; then
    print_status "Creating swap file..."
    sudo fallocate -l 4G /swapfile
    sudo chmod 600 /swapfile
    sudo mkswap /swapfile
    sudo swapon /swapfile
    echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
 fi

 # Final system update
 print_status "Running final system update..."
 sudo apt-get update
 sudo apt-get upgrade -y
 sudo apt-get autoremove -y

 print_status "Setup complete! Additional steps you might want to consider:"
 echo "1. Review and customize SSH configuration in /etc/ssh/sshd_config"
 echo "2. Set up automatic security updates"
 echo "3. Configure backup solution"
 echo "4. Set up monitoring tools"
 echo "5. Review and adjust firewall rules as needed"
 echo "6. Set a secure password for the devops user: sudo passwd devops"
	#!/bin/bash

	# Exit on any error
	set -e

	# Function to print status messages
	print_status() {
	echo "→ $1"
	}

	# Update system
	print_status "Updating system packages..."
	sudo apt-get update
	sudo apt-get upgrade -y

	# Install essential packages
	print_status "Installing essential packages..."
	sudo apt-get install -y \
	curl \
	wget \
	git \
	unzip \
	build-essential \
	python3-pip \
	python3-venv \
	software-properties-common \
	apt-transport-https \
	ca-certificates \
	gnupg \
	lsb-release

	# Install Docker
	print_status "Installing Docker..."
	curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
	echo \
	"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
	$(lsb_release -cs) stable" \| sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
	sudo apt-get update
	sudo apt-get install -y docker-ce docker-ce-cli containerd.io

	# Install Node.js and npm
	print_status "Installing Node.js and npm..."
	curl -fsSL https://deb.nodesource.com/setup_20.x \| sudo -E bash -
	sudo apt-get install -y nodejs

	# Install bun
	print_status "Installing bun..."
	curl -fsSL https://bun.sh/install \| bash

	# Create devops user
	print_status "Creating devops user..."
	sudo useradd -m -s /bin/bash devops
	sudo usermod -aG sudo devops
	sudo usermod -aG docker devops

	# Setup SSH directory for devops user
	print_status "Setting up SSH for devops user..."
	sudo mkdir -p /home/devops/.ssh
	sudo cp ~/.ssh/authorized_keys /home/devops/.ssh/ 2>/dev/null \|\| echo "No SSH keys found to copy"
	sudo chown -R devops:devops /home/devops/.ssh
	sudo chmod 700 /home/devops/.ssh
	sudo chmod 600 /home/devops/.ssh/authorized_keys

	# Configure npm for global packages without sudo
	print_status "Configuring npm for global packages without sudo..."
	sudo mkdir -p /home/devops/.npm-global
	sudo chown -R devops:devops /home/devops/.npm-global

	# Switch to devops user to configure npm and pip
	sudo -u devops bash << 'EOF'
	echo 'export PATH="/home/devops/.npm-global/bin:$PATH"' >> /home/devops/.bashrc
	echo 'export NPM_CONFIG_PREFIX="/home/devops/.npm-global"' >> /home/devops/.bashrc

	# Configure pip for user installations
	mkdir -p /home/devops/.local/bin
	echo 'export PATH="/home/devops/.local/bin:$PATH"' >> /home/devops/.bashrc

	# Configure git
	git config --global user.email "[email protected]"
	git config --global user.name "Harsh Gupta"

	# Setup some useful git aliases
	git config --global alias.co checkout
	git config --global alias.br branch
	git config --global alias.ci commit
	git config --global alias.st status
	EOF

	# Additional security configurations
	print_status "Configuring additional security settings..."

	# Disable password authentication for SSH (uncomment if desired)
	# sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
	# sudo systemctl restart sshd

	# Configure UFW firewall
	sudo ufw allow OpenSSH
	sudo ufw enable

	# Create swap file if none exists
	if [ ! -f /swapfile ]; then
	print_status "Creating swap file..."
	sudo fallocate -l 4G /swapfile
	sudo chmod 600 /swapfile
	sudo mkswap /swapfile
	sudo swapon /swapfile
	echo '/swapfile none swap sw 0 0' \| sudo tee -a /etc/fstab
	fi

	# Final system update
	print_status "Running final system update..."
	sudo apt-get update
	sudo apt-get upgrade -y
	sudo apt-get autoremove -y

	print_status "Setup complete! Additional steps you might want to consider:"
	echo "1. Review and customize SSH configuration in /etc/ssh/sshd_config"
	echo "2. Set up automatic security updates"
	echo "3. Configure backup solution"
	echo "4. Set up monitoring tools"
	echo "5. Review and adjust firewall rules as needed"
	echo "6. Set a secure password for the devops user: sudo passwd devops"