Skip to content

Instantly share code, notes, and snippets.

@plowsec

plowsec/setup_arch1.sh

Last active August 20, 2023 16:48
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save plowsec/57bc9c1ee6d584102fe556d233de2643 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save plowsec/57bc9c1ee6d584102fe556d233de2643 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
setup_arch1.sh
#!/bin/bash
set -x
set -e
echo "Don't forget to save the credentials that I will generate for you"
# Test to see if user is running with root privileges.
if [[ "${UID}" -ne 0 ]]
then
echo 'Must execute with root' >&2
exit 1
fi
pacman -Sy tmux pacman archlinux-keyring
if [[ "$TERM" =~ "screen".* ]]; then
echo "We are in TMUX!"
else
echo 'Must be in tmux' >&2
exit 1
fi
# generate root password
NEWROOTPW=$(xxd -l28 -ps /dev/urandom);
STANDARD_USER=tars
timedatectl set-ntp true
timedatectl set-timezone Europe/Berlin
echo "root:$NEWROOTPW" | chpasswd
# Ensure system is up to date
pacman -Syu --noconfirm
pacman -S --noconfirm git sudo vim openssh ufw tmux python python-pip zsh zsh-autosuggestions mosh bat ripgrep
echo " [Match]
Name=enp1s0
[Network]
DHCP=yes
" > /etc/systemd/network/enp1s0.network
systemctl enable systemd-networkd
systemctl enable systemd-resolved
systemctl start systemd-resolved
ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
echo "-A INPUT -p udp --dport 60000:61000 -j ACCEPT" > /etc/iptables.firewall.rules
echo -e "%wheel ALL=(ALL) ALL" > /etc/sudoers.d/99_wheel
# Enable Firewall
ufw enable
# configure the firewall
#yes y | ufw allow ssh
#yes y | ufw allow 60000:61000/udp
# Disabling root login
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config
locale-gen UTF-8
useradd --create-home -G wheel -s /bin/zsh $STANDARD_USER
mkdir -p /opt/bb
chmod -R 750 /opt/bb
chown -R "$STANDARD_USER":"$STANDARD_USER" /opt/bb
# generate password
NEWPW=$(xxd -l28 -ps /dev/urandom);
echo -n "auto-generated password for user $STANDARD_USER: $NEWPW"
echo "$STANDARD_USER:$NEWPW" | chpasswd
cd /home/$STANDARD_USER/
tee -a .zshrc << END
# Created by newuser for 5.9
source /usr/share/zsh/plugins/zsh-autosuggestions/zsh-autosuggestions.zsh
alias l="ls -lsaht"
alias tmux-new="tmux new -s"
alias tmux-attach="tmux attach -t"
alias rg="rg -M 100"
alias recent="ls -lsaht | head -10"
alias search="history | grep"
alias -g NUL="> /dev/null 2>&1"
alias size="du -sh *"
alias diskspace='du -d 1 -h'
alias cdk="cd /opt/bb/captena-bot-kiril/captenabot"
alias cdv="cd /opt/bb/captena-bot/captenabot"
PROMPT='%F{cyan}%m:%F{yellow} %T %B%30<..<%~%b %(!.#.>) '
HISTFILE=~/.zsh_history
HISTSIZE=10000
SAVEHIST=10000
setopt appendhistory
EDITOR=vim
autoload -U up-line-or-beginning-search
autoload -U down-line-or-beginning-search
zle -N up-line-or-beginning-search
zle -N down-line-or-beginning-search
bindkey "^[[A" up-line-or-beginning-search
bindkey "^[[B" down-line-or-beginning-search
END
chown "$STANDARD_USER":"$STANDARD_USER" /home/$STANDARD_USER/.zshrc
cd "/home/$STANDARD_USER"
echo "source /usr/share/zsh/plugins/zsh-autosuggestions/zsh-autosuggestions.zsh" >> .zshrc
python3 -m pip install numpy
su $STANDARD_USER
tee -a ~/.tmux.conf << END
cat .tmux.conf
set -g mouse on
set-option -sg escape-time 10
set -g mouse-select-pane on
set -g mouse-select-window on
set -g history-limit 100000000
set-option -g repeat-time 50
set -g default-terminal "screen-256color"
set -sg escape-time 0
set -g display-panes-time 5000
END
# on client:
echo "Run ssh-copy-id on your client to setup SSH keys"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment