Last active
April 9, 2024 13:19
-
-
Save shawngmc/bcdf9ed0761dd26470aca96e38e77b07 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| sudo apt-get update | |
| sudo apt-get upgrade | |
| # Install mailutils for email access | |
| sudo apt-get install mailutils | |
| # Install prereqs for dpkg over https | |
| sudo apt-get install apt-transport-https ca-certificates curl software-properties-common | |
| # Add docker repo | |
| curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - | |
| sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | |
| # Remove old docker | |
| sudo apt-get remove docker docker-engine docker.iosudo apt-get remove docker docker-engine docker.iosudo apt-get remove docker docker-engine docker.io | |
| # Install Docker CE | |
| sudo apt-get update | |
| sudo apt-get install docker-ce | |
| sudo docker run hello-world | |
| # TODO: Configure Auto Security updates via | |
| # https://websiteforstudents.com/setup-automatic-security-updates-on-ubuntu-18-04-lts-beta-server/ | |
| # Setup reboot email via: | |
| # https://askubuntu.com/questions/524692/unattended-upgrades-mail-only-on-error-or-reboot | |
| # Setup gmail acct via | |
| # https://www.linode.com/docs/email/postfix/configure-postfix-to-send-mail-using-gmail-and-google-apps-on-debian-or-ubuntu/ | |
| # (Requires google 'less secure app' access' - replace with a docker container?) | |
| # Fix docker permissions | |
| sudo usermod -aG docker $USER | |
| # Create docker socket file | |
| echo "[Unit]" >> docker-tcp.socket | |
| echo "Description=Docker Socket for the API" >> docker-tcp.socket | |
| echo "[Socket]" >> docker-tcp.socket | |
| echo "ListenStream=2375" >> docker-tcp.socket | |
| echo "BindIPv6Only=both" >> docker-tcp.socket | |
| echo "Service=docker.service" >> docker-tcp.socket | |
| echo "[Install]" >> docker-tcp.socket | |
| echo "WantedBy=sockets.target" >> docker-tcp.socket | |
| # Set up remote docker | |
| sudo mv docker-tcp.socket /etc/systemd/system/docker-tcp.socket | |
| sudo systemctl enable docker-tcp.socket | |
| sudo systemctl enable docker.socket | |
| sudo systemctl stop docker | |
| sudo systemctl start docker-tcp.socket | |
| sudo systemctl start docker | |
| docker -H tcp://127.0.0.1:2375 ps | |
| # Set up authorized_keys, id_rsa.pub, id_rsa | |
| # pull id_rsa, id_rsa.pub | |
| # copy id_rsa.pub to authorized_keys | |
| # ssh perms check | |
| chmod 700 ~/.ssh | |
| chmod 600 ~/.ssh/authorized_keys | |
| chown $USER:$USER ~/.ssh -R | |
| sudo echo "AuthorizedKeysFile %h/.ssh/authorized_keys" >> /etc/ssh/sshd_config | |
| sudo service ssh restart | |
| # (Everything above this done on Maersk) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment