debian wheezy update and basic server setup script

wheezy.sh

#!/bin/bash

# Text color variables
txtund=$(tput sgr 0 1)          # Underline
txtbld=$(tput bold)             # Bold
bldred=${txtbld}$(tput setaf 1) #  red
bldblu=${txtbld}$(tput setaf 4) #  blue
bldwht=${txtbld}$(tput setaf 7) #  white
txtrst=$(tput sgr0)             # Reset
info=${bldwht}*${txtrst}        # Feedback
pass=${bldblu}*${txtrst}
warn=${bldred}*${txtrst}
ques=${bldblu}?${txtrst}

if [[ $(id -u) -ne 0 ]] ; then
    echo "Please run this script with root privilegues!" ;
    exit 2 ;
fi

DEBIAN_OK=`cat /etc/debian_version`

if [[ "$DEBIAN_OK" = "" ]] ; then
  echo "This is not a debian server...";
  exit;
fi

dpkg-reconfigure locales

read -p "Please enter the server hostname (e.g. server123)? " HOSTNAME
CHECK=`echo $HOSTNAME | grep -E "[^[:alnum:]\-]"`
if [[ "$CHECK" != "" ]] ; then
  echo "$HOSTNAME is not a valid hostname!" ;
  exit 2;
fi

read -p "Please enter the server domain name (mydomain.com)? " FQDNNAME
CHECK=`echo $FQDNNAME | grep -E "[^[:alnum:]\-\.-]"`
if [[ "$CHECK" != "" ]] ; then
  echo "$FQDNNAME is no valid domain name!" ;
  exit 2;
fi

FQDNNAME="$HOSTNAME.$FQDNNAME"

read -p "So the server name should be $HOSTNAME ($FQDNNAME) (y/n)? " DOIT

if [[ "$DOIT" != "j" && "$DOIT" != "y" ]] ; then
    echo "Aborted!" ;
    exit 0 ;
fi

read -p "Do you want to use the <stable> or <testing> distribution? [stable] " DISTRIB

if [[ "$DISTRIB" = "" ]] ; then
  DISTRIB="stable" ;
fi

if [[ "$DISTRIB" != "testing" && "$DISTRIB" != "stable" ]] ; then
    echo "aborted!" ;
    exit 0 ;
fi

read -p "We will install lots of packages now! Shall we start (y/n)? " DOIT

if [[ "$DOIT" != "j" && "$DOIT" != "y" ]] ; then
    echo "Aborted." ;
    exit 0 ;
fi

SERVERIP=`ifconfig | grep -i 'inet addr:' | sed -r "s/.*inet\s+addr:\s*([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)\s+.*/\1.\2.\3.\4/" | grep -v 'addr:127.0.' | head -n 1`

OK="no"

while [[ "$OK" = "no" ]] ; do
  read -p "Main-IP of the server (has to be set up in ifconfig already) [$SERVERIP]: " SETSERVERIP ;
  if [[ "$SETSERVERIP" = "" ]] ; then
      SETSERVERIP="$SERVERIP" ;
  fi
  CHECK=`ifconfig | grep ":$SETSERVERIP "`;
  if [[ "$CHECK" = "" ]] ; then
    echo "$warn IP not found in ifconfig" ;
  else
    OK="yes" ;
  fi
done

SERVERIP="$SETSERVERIP" ;

printr "\n$info Setting hostname: \n"
cp /etc/hosts /etc/hosts.save
cp /etc/hostname /etc/hostname.save
if [[ -e /etc/mailname ]] ; then
  cp /etc/mailname /etc/mailname.save ;
fi

CHECK=`grep "$SERVERIP" /etc/hosts`
if [[ "$CHECK" = "" ]] ; then
  echo "$SERVERIP    $FQDNNAME    $HOSTNAME" >> /etc/hosts ;
else
  sed -i -r "s/^[^0-9]*$SERVERIP\s+.*$/$SERVERIP    $FQDNNAME    $HOSTNAME/" /etc/hosts ;
fi

echo "$HOSTNAME" > /etc/hostname
echo "$FQDNNAME" > /etc/mailname
hostname $HOSTNAME
/etc/init.d/hostname.sh start

printf "\n$info Updating apt-get:\n"
apt-get update

apt-get -q -y --force-yes install bc

printf "\n$info Backup sources.list:\n"
cp /etc/apt/sources.list /etc/apt/sources.list.save ;

printf "\n$info Update sources.list:\n"
cat > /etc/apt/sources.list << EOF

#Testing
deb http://ftp.lt.debian.org/debian/ testing main contrib non-free
deb-src http://ftp.lt.debian.org/debian/ testing main contrib non-free

#Testing Security  http://secure-testing-master.debian.net/
deb http://security.debian.org wheezy/updates main contrib non-free
deb-src http://security.debian.org wheezy/updates main contrib non-free

#Testing Proposed Updates
deb http://ftp.lt.debian.org/debian/ testing-proposed-updates main contrib non-free
deb-src http://ftp.lt.debian.org/debian/ testing-proposed-updates main contrib non-free

EOF



DONE="no" ;
STEP=1 ;
while [[ "$DONE" = "no" && "$STEP" -lt "7" ]] ; do
  STEP=`echo "$STEP + 1" | bc`;
  echo "STEP: $STEP";
  ## update apt
  CHECK=`apt-get update -qq 2>&1 | grep -E "^W:" | grep 'NO_PUBKEY'`;
  echo "CHECK: $CHECK";
  if [[ "$CHECK" != "" ]] ; then
    PUBKEY=`echo "$CHECK" | sed -r "s/.*(NO_PUBKEY)\s+([0-9a-zA-Z]+)(\s+|$).*/\2/" | head -n 1` ;
    echo "PUBKEY: $PUBKEY";
    CHECK=`echo "$PUBKEY" | grep -E "[^A-Za-z0-9]"`
    echo "CHECK2: $CHECK";
    if [[ "$CHECK" = "" ]] ; then
        echo "Importiere Public key $PUBKEY." ;
        gpg --keyserver pgp.mit.edu --recv "$PUBKEY";
        gpg --export --armor "$PUBKEY" | apt-key add - ;
    fi
  else
    DONE="yes" ;
  fi
done

apt-get -q -y dist-upgrade


## check for ssh option
printf "\n\n$info Fixing ssh options...\n\n"
CHECK=`grep -e '^SSHD_OOM_ADJUST=-17' /etc/default/ssh`
if [[ "$CHECK" != "" ]] ; then
  sed -i s/SSHD_OOM_ADJUST=-17/#SSHD_OOM_ADJUST=-17/ /etc/default/ssh;
  echo "unset SSHD_OOM_ADJUST" >> /etc/default/ssh ;
fi

## adding user deploy
printf "\n\n$info Adding user deploy...\n\n"
useradd deploy
mkdir -p /home/deploy
mkdir -p /home/deploy/.ssh
chmod 700 /home/deploy/.ssh
touch /home/deploy/.ssh/authorized_keys
chmod 400 /home/deploy/.ssh/authorized_keys
chown deploy:deploy /home/deploy -R
sudo usermod -aG sudo deploy
perl -p -i.old -e "s/PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config
service ssh restart

printf "\n\n$info Installing puppet...\n\n"

apt-get -y install ruby rubygems
gem install --no-rdoc --no-ri puppet

printf "\n\n$info Installing other packages...\n\n"

apt-get install fail2ban zsh nano vim binutils unzip bzip2 arj unrar vim git

#apt-get -q -y install ssh openssh-server ntp ntpdate postfix binutils sudo unzip bzip2 arj lzop cabextract apt-listchanges daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl libexpat1 ssl-cert exec mcrypt imagemagick

printf "\n\nRemoving unneeded services...\n\n"

update-rc.d -f exim remove
update-inetd --remove daytime
update-inetd --remove telnet
update-inetd --remove time
update-inetd --remove finger
update-inetd --remove talk
update-inetd --remove ntalk
update-inetd --remove ftp
update-inetd --remove discard

printf "\n\n$info Remove apache...\n\n"

apt-get --purge remove apache2 apache2-doc apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common