tweaks

README.md

@@ -1,8 +1,5 @@
 Server Setup Script
 =====================
 
-#Setup#
+#Use#
 wget -qO - https://code.totosearch.org/Sean/ServerSetup/raw/branch/master/setup.sh | sudo bash
-
-#Maintenance#
-wget -qO - https://code.totosearch.org/Sean/ServerSetup/raw/branch/master/maintenance.sh | sudo bash

maintenance.sh

@@ -1,67 +0,0 @@
-#! /bin/bash
-
-echo ""
-echo "Updating local packages..."
-errors=`apt-add-repository universe >/dev/null 2>/dev/null && apt-get update 2>&1 >/dev/null && apt-get install -y zfs-initramfs`
-if [ "$?" = "0" ]; then
-	echo "Done."
-else
-	echo "Failed to add universal repository, update apt repository - $errors"
-	exit 1
-fi
-
-echo ""
-echo "Importing boot pool and main OS pool..."
-errors=$(zpool export -a 2>&1 1>/dev/null && zpool import -N -R /mnt rpool 2>&1 1>/dev/null && zpool import -N -R /mnt bpool 2>&1 1>/dev/null && zfs mount rpool/ROOT/ubuntu 2>&1 1>/dev/null) 
-# && zfs mount -a 2>&1 1>/dev/null
-if [ "$?" = "0" ]; then
-	echo "Done."
-else
-	echo "Failed to mount bpool or rpool - $errors"
-	exit 2
-fi
-
-
-echo ""
-echo "Binding mounts..."
-errors=`mount --rbind /dev /mnt/dev 2>&1 1>/dev/null && mount --rbind /proc /mnt/proc 2>&1 1>/dev/null && mount --rbind /sys /mnt/sys 2>&1 1>/dev/null`
-if ! [ "$?" = "0" ]; then
-	echo "Failed to bind mounts - $errors"
-	exit 4
-fi
-echo "Done."
-
-echo ""
-echo "Entering chroot, type \"exit\" to leave..."
-echo ""
-
-echo "#!/bin/bash" > /mnt/maintenance.sh
-chmod +x /mnt/maintenance.sh
-echo "zfs mount -a && mount /boot" >> /mnt/maintenance.sh
-echo "/bin/bash" >> /mnt/maintenance.sh
-echo "umount /boot" >> /mnt/maintenance.sh
-echo "zfs umount -a" >> /mnt/maintenance.sh
-
-chroot /mnt /maintenance.sh --login < /dev/tty
-
-rm /mnt/maintenance.sh
-
-if ! [ "$?" = "0" ]; then
-	echo "Chroot failed with an error"
-	exit $?
-fi
-
-
-
-echo ""
-echo "Unbinding mounts..."
-errors=`mount | grep -v zfs | tac | awk '/\\/mnt/ {print \$3}' | xargs -i{} umount -lf \{\} 2>&1 1>/dev/null && zpool export -a 2>&1 1>/dev/null`
-if ! [ "$?" = "0" ]; then
-	echo "Failed to unbind mounts - $errors"
-	exit 4
-fi
-echo "Done."
-echo ""
-
-
-exit 0

setup.sh

@@ -2,7 +2,7 @@
 
 echo ""
 echo "Updating local packages..."
-errors=`apt-add-repository universe >/dev/null 2>&1 1>/dev/null && apt update 2>&1 >/dev/null`
+errors=`apt-add-repository universe >/dev/null 2>/dev/null && apt update 2>&1 >/dev/null`
 if [ "$?" = "0" ]; then
 	echo "Done."
 else
@@ -58,12 +58,7 @@ swapspace=$(($swapspace * `getconf PAGESIZE`))
 # 20% swap space with 2G minimum
 if [ "$swapspace" -lt "2048000" ]; then swapspace="2048000" ; fi
 
-nics=`dialog --separate-output --no-cancel --no-items --title "Bridged network devices" --checklist "Select the network devices to be bridged to bridge - select none for no bridge:" $height $width ${window}$nicdevices 2>&1 1>/dev/tty`
-if [ -z "$nics" ]; then 
-	bridgedevice=`dialog --no-cancel --no-items --title "Configure network devices" --radiolist "NO BRIDGE MODE!\nSelect the network device to configure:" $height $width ${window}$nicdevices 2>&1 1>/dev/tty`
-else
-	bridgedevice="br0"
-fi
+nics=`dialog --separate-output --no-cancel --no-items --title "Bridged network devices" --checklist "Select the network devices to be bridged to br0:" $height $width ${window}$nicdevices 2>&1 1>/dev/tty`
 networktype=`dialog --no-items --no-cancel --title "Network type" --radiolist "Select the network type:" 9 40 2 dhcp off static off 2>&1 1>/dev/tty`
 if [ "$networktype" = "static" ]; then
 	address=""; while [ -z "$address" ]; do address=`dialog --no-cancel --inputbox "IP Address:" 8 40 2>&1 >/dev/tty`; done
@@ -340,7 +335,7 @@ echo "cp /usr/share/zoneinfo/$timezone /etc/localtime" >> /mnt/setup-chroot.sh
 echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
 
 echo "echo \"\"" >> /mnt/setup-chroot.sh
-echo "echo \"Installing linux image, ifupdown, dnsutils, nfs-kernel-server, apparmor-profiles, vim, libvirt-bin, bridge-utils, net-tools, bash, screen, tmux, zfs-initramfs, dosfstools, mailutils, ssmtp, openssh-server, ufw, docker.io, sharutils...\"" >> /mnt/setup-chroot.sh
+echo "echo \"Installing linux image, ifupdown dnsutils nfs-kernel-server apparmor-profiles vim, libvirt-bin, bridge-utils, net-tools, bash, screen, tmux, zfs-initramfs, dosfstools, mailutils, ssmtp, openssh-server, ufw, docker.io, sharutils...\"" >> /mnt/setup-chroot.sh
 echo "errors=\$(DEBCONF_FRONTEND='noninteractive' apt install -y --no-install-recommends linux-image-generic 2>&1 1>/dev/null && apt purge -y netplan 2>&1 1>/dev/null && apt autoremove -y 2>&1 1>/dev/null && DEBCONF_FRONTEND='noninteractive' apt install -y ifupdown efibootmgr htop iotop smartmontools dnsutils nfs-kernel-server apparmor-profiles vim libvirt-bin bridge-utils net-tools bash screen tmux zfs-initramfs dosfstools mailutils ssmtp openssh-server ufw docker.io sharutils 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
 
 echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
@@ -498,6 +493,27 @@ echo "chown -R ${admin}:${admin} \"/home/${admin}\"/.ssh" >> /mnt/setup-chroot.s
 echo "HOME=\"/root\"" >> /mnt/setup-chroot.sh
 echo "HOSTNAME=\"$hostname\"" >> /mnt/setup-chroot.sh
 
+echo "echo \"FromLineOverride=YES\" > /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"root=admin\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"hostname=${fqdn}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"AuthUser=${email}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"AuthPass=${emailpassword}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"mailhub=${smtp}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"UseSTARTTLS=YES\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"root:${admins}\" >> /etc/ssmtp/revaliases" >> /mnt/setup-chroot.sh
+echo "chfn -f '${email}' root" >> /mnt/setup-chroot.sh
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Sending SSH key via e-mail...\"" >> /mnt/setup-chroot.sh
+if [ "$networktype" = "dhcp" ]; then 
+	connection="`hostname -I` (`wget -qO - ifconfig.me`)"
+else 
+	connection="$address"
+fi
+
+echo "serverinfo=\`cat \"/home/${admin}/.ssh/id_rsa\"\`" >>  /mnt/setup-chroot.sh
+echo "serverinfo=\"Server available at $connection\\n\\n\$serverinfo\"; echo -e \"\$serverinfo\" | mail -s \"$hostname SSH key\" -r \"${email}\" \"\`cat /admins\`\"" >> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
 errors=`chmod +x /mnt/setup-chroot.sh 2>&1 1>/dev/null`
 if ! [ "$?" = "0" ]; then
 	echo "Failed to set execution permission on chroot script - $errors"
@@ -536,27 +552,6 @@ echo "	exit 122">> /mnt/setup-chroot.sh
 echo "fi">> /mnt/setup-chroot.sh
 echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
 
-echo "echo \"\"" >> /mnt/setup-chroot.sh
-echo "echo \"Sending SSH key via e-mail...\"" >> /mnt/setup-chroot.sh
-if [ "$networktype" = "dhcp" ]; then 
-	connection="`hostname -I` (`wget -qO - ifconfig.me`)"
-else 
-	connection="$address"
-fi
-echo "echo \"FromLineOverride=YES\" > /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
-echo "echo \"root=admin\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
-echo "echo \"hostname=${fqdn}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
-echo "echo \"AuthUser=${email}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
-echo "echo \"AuthPass=${emailpassword}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
-echo "echo \"mailhub=${smtp}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
-echo "echo \"UseSTARTTLS=YES\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
-echo "echo \"root:${admins}\" >> /etc/ssmtp/revaliases" >> /mnt/setup-chroot.sh
-echo "chfn -f '${email}' root" >> /mnt/setup-chroot.sh
-echo "serverinfo=\`cat \"/home/${admin}/.ssh/id_rsa\"\`" >>  /mnt/setup-chroot.sh
-echo "serverinfo=\"Server available at $connection\\n\\n\$serverinfo\"; echo -e \"\$serverinfo\" | mail -s \"$hostname SSH key\" -r \"${email}\" \"\`cat /admins\`\"" >> /mnt/setup-chroot.sh
-echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
-
-
 echo "exit 0" >> /mnt/setup-chroot.sh
 
 
@@ -579,31 +574,29 @@ echo ""
 echo "Writing network interfaces file..."
 macaddr=$(echo $hostname|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/')
 mkdir -p /mnt/etc/network && mkdir -p /mnt/etc/network/interfaces.d
-echo "auto lo $bridgedevice" > /mnt/etc/network/interfaces.d/$bridgedevice
-echo "iface lo inet loopback" >> /mnt/etc/network/interfaces.d/$bridgedevice
+echo "auto lo br0" > /mnt/etc/network/interfaces.d/br0
+echo "iface lo inet loopback" >> /mnt/etc/network/interfaces.d/br0
 niclist=""
 for nic in `echo "$nics"`; do
-	echo "iface ${nic} inet manual" >> /mnt/etc/network/interfaces.d/$bridgedevice
+	echo "iface ${nic} inet manual" >> /mnt/etc/network/interfaces.d/br0
 	niclist="$niclist $nic"
 done
 if [ "$networktype" = "dhcp" ]; then
-	echo "iface $bridgedevice inet dhcp"  >> /mnt/etc/network/interfaces.d/$bridgedevice
+	echo "iface br0 inet dhcp"  >> /mnt/etc/network/interfaces.d/br0
 else
-	echo "iface $bridgedevice inet static"  >> /mnt/etc/network/interfaces.d/$bridgedevice
-	echo "        address $address" >> /mnt/etc/network/interfaces.d/$bridgedevice
-	echo "        netmask $subnet" >> /mnt/etc/network/interfaces.d/$bridgedevice
-	echo "        gateway $gateway" >> /mnt/etc/network/interfaces.d/$bridgedevice
+	echo "iface br0 inet static"  >> /mnt/etc/network/interfaces.d/br0
+	echo "        address $address" >> /mnt/etc/network/interfaces.d/br0
+	echo "        netmask $subnet" >> /mnt/etc/network/interfaces.d/br0
+	echo "        gateway $gateway" >> /mnt/etc/network/interfaces.d/br0
 	sed -ir "s/^#DNS=.*/DNS=${dns1}/g" /mnt/etc/systemd/resolved.conf
 	if ! [ -z "$dns2" ]; then sed -ir "s/^#FallbackDNS=.*/FallbackDNS=${dns2}/g" /mnt/etc/systemd/resolved.conf ; fi
 fi
 #echo "        bridge_hw $macaddr" >> /mnt/etc/network/interfaces.d/br0
-echo "        dns-nameservers 127.0.0.53" >> /mnt/etc/network/interfaces.d/$bridgedevice
-if [ "$bridgedevice" = "br0" ]; then
-echo "        bridge_waitport 0" >> /mnt/etc/network/interfaces.d/$bridgedevice
-echo "        bridge_fd 0" >> /mnt/etc/network/interfaces.d/$bridgedevice
-echo "        bridge_ports${niclist}" >> /mnt/etc/network/interfaces.d/$bridgedevice
-echo "        bridge_stp on" >> /mnt/etc/network/interfaces.d/$bridgedevice
-fi
+echo "        dns-nameservers 127.0.0.53" >> /mnt/etc/network/interfaces.d/br0
+echo "        bridge_waitport 0" >> /mnt/etc/network/interfaces.d/br0
+echo "        bridge_fd 0" >> /mnt/etc/network/interfaces.d/br0
+echo "        bridge_ports${niclist}" >> /mnt/etc/network/interfaces.d/br0
+echo "        bridge_stp on" >> /mnt/etc/network/interfaces.d/br0
 echo "source-directory /etc/network/interfaces.d" > /mnt/etc/network/interfaces
 echo "Done."
 
@@ -611,7 +604,7 @@ echo "Done."
 
 echo ""
 echo "Opening SSH port on firewall..."
-sed -ir 's/### RULES ###/### RULES ###\n-A ufw-user-input -p tcp --dport 22 -j ACCEPT/g' /mnt/etc/ufw/user.rules 2>&1 1>/dev/null
+sed -ir 's/### RULES ###/### RULES ###\n-A ufw-user-input -i br0 -p tcp --dport 22 -j ACCEPT/g' /mnt/etc/ufw/user.rules 2>&1 1>/dev/null
 echo "Done."
 # commented out for debugging
 echo ""