@ -2,7 +2,7 @@
echo "" echo ""
echo "Updating local packages..." echo "Updating local packages..."
errors = ` apt-add-repository universe >/dev/null 2>/dev/null && apt update 2>& 1 >/dev/null` errors = ` apt-add-repository universe >/dev/null 2>& 1 1>&& apt update 2>& 1 >/dev/null`
if [ " $? " = "0" ] ; then if [ " $? " = "0" ] ; then
echo "Done."
echo "Done."
else else
@ -58,7 +58,12 @@ swapspace=$(($swapspace * `getconf PAGESIZE`))
# 20% swap space with 2G minimum # 20% swap space with 2G minimum
if [ " $swapspace " -lt "2048000" ] ; then swapspace = "2048000" ; fi if [ " $swapspace " -lt "2048000" ] ; then swapspace = "2048000" ; fi
nics = ` dialog --separate-output --no-cancel --no-items --title "Bridged network devices" --checklist "Select the network devices to be bridged to br0:" $height $width ${ window } $nicdevices 2>& 1 1>/dev/tty` nics = ` dialog --separate-output --no-cancel --no-items --title "Bridged network devices" --checklist "Select the network devices to be bridged to bridge - select none for no bridge:" $height $width ${ window } $nicdevices 2>& 1 1>/dev/tty`
if [ -z " $nics " ] ; then
bridgedevice = ` dialog --no-cancel --no-items --title "Configure network devices" --radiolist "NO BRIDGE MODE!\nSelect the network device to configure:" $height $width ${ window } $nicdevices 2>& 1 1>/dev/tty`
else
bridgedevice = "br0"
fi
networktype = ` dialog --no-items --no-cancel --title "Network type" --radiolist "Select the network type:" 9 40 2 dhcp off static off 2>& 1 1>/dev/tty` networktype = ` dialog --no-items --no-cancel --title "Network type" --radiolist "Select the network type:" 9 40 2 dhcp off static off 2>& 1 1>/dev/tty`
if [ " $networktype " = "static" ] ; then if [ " $networktype " = "static" ] ; then
address = "" ; while [ -z " $address " ] ; do address = ` dialog --no-cancel --inputbox "IP Address:" 8 40 2>& 1 >/dev/tty` ; done
address = "" ; while [ -z " $address " ] ; do address = ` dialog --no-cancel --inputbox "IP Address:" 8 40 2>& 1 >/dev/tty` ; done
@ -335,7 +340,7 @@ echo "cp /usr/share/zoneinfo/$timezone /etc/localtime" >> /mnt/setup-chroot.sh
echo "echo \"Done.\"" >> /mnt/setup-chroot.shecho "echo \"Done.\"" >> /mnt/setup-chroot.sh
echo "echo \"\"" >> /mnt/setup-chroot.shecho "echo \"\"" >> /mnt/setup-chroot.sh
echo "echo \"Installing linux image, ifupdown dnsutils nfs-kernel-server apparmor-profiles vim, libvirt-bin, bridge-utils, net-tools, bash, screen, tmux, zfs-initramfs, dosfstools, mailutils, ssmtp, openssh-server, ufw, docker.io, sharutils...\"" >> /mnt/setup-chroot.shecho "echo \"Installing linux image, ifupdown , dnsutils, nfs-kernel-server, apparmor-profiles, vim, libvirt-bin, bridge-utils, net-tools, bash, screen, tmux, zfs-initramfs, dosfstools, mailutils, ssmtp, openssh-server, ufw, docker.io, sharutils...\"" >> /mnt/setup-chroot.sh
echo "errors=\$(DEBCONF_FRONTEND='noninteractive' apt install -y --no-install-recommends linux-image-generic 2>&1 1>/dev/null && apt purge -y netplan 2>&1 1>/dev/null && apt autoremove -y 2>&1 1>/dev/null && DEBCONF_FRONTEND='noninteractive' apt install -y ifupdown efibootmgr htop iotop smartmontools dnsutils nfs-kernel-server apparmor-profiles vim libvirt-bin bridge-utils net-tools bash screen tmux zfs-initramfs dosfstools mailutils ssmtp openssh-server ufw docker.io sharutils 2>&1 1>/dev/null)" >> /mnt/setup-chroot.shecho "errors=\$(DEBCONF_FRONTEND='noninteractive' apt install -y --no-install-recommends linux-image-generic 2>&1 1>/dev/null && apt purge -y netplan 2>&1 1>/dev/null && apt autoremove -y 2>&1 1>/dev/null && DEBCONF_FRONTEND='noninteractive' apt install -y ifupdown efibootmgr htop iotop smartmontools dnsutils nfs-kernel-server apparmor-profiles vim libvirt-bin bridge-utils net-tools bash screen tmux zfs-initramfs dosfstools mailutils ssmtp openssh-server ufw docker.io sharutils 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
echo 'if ! [ \"$?\" = \"0\" ]; then ' >> /mnt/setup-chroot.shecho 'if ! [ \"$?\" = \"0\" ]; then ' >> /mnt/setup-chroot.sh
@ -493,27 +498,6 @@ echo "chown -R ${admin}:${admin} \"/home/${admin}\"/.ssh" >> /mnt/setup-chroot.s
echo "HOME=\"/root\"" >> /mnt/setup-chroot.shecho "HOME=\"/root\"" >> /mnt/setup-chroot.sh
echo " HOSTNAME=\" $hostname \" " >> /mnt/setup-chroot.shecho " HOSTNAME=\" $hostname \" " >> /mnt/setup-chroot.sh
echo "echo \"FromLineOverride=YES\" > /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
echo "echo \"root=admin\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
echo " echo \"hostname= ${ fqdn } \" >> /etc/ssmtp/ssmtp.conf " >> /mnt/setup-chroot.sh
echo " echo \"AuthUser= ${ email } \" >> /etc/ssmtp/ssmtp.conf " >> /mnt/setup-chroot.sh
echo " echo \"AuthPass= ${ emailpassword } \" >> /etc/ssmtp/ssmtp.conf " >> /mnt/setup-chroot.sh
echo " echo \"mailhub= ${ smtp } \" >> /etc/ssmtp/ssmtp.conf " >> /mnt/setup-chroot.sh
echo "echo \"UseSTARTTLS=YES\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
echo " echo \"root: ${ admins } \" >> /etc/ssmtp/revaliases " >> /mnt/setup-chroot.sh
echo " chfn -f ' ${ email } ' root " >> /mnt/setup-chroot.sh
echo "echo \"\"" >> /mnt/setup-chroot.sh
echo "echo \"Sending SSH key via e-mail...\"" >> /mnt/setup-chroot.sh
if [ " $networktype " = "dhcp" ] ; then
connection = "`hostname -I` (`wget -qO - ifconfig.me`)"
else
connection = " $address "
fi
echo " serverinfo=\`cat \"/home/ ${ admin } /.ssh/id_rsa\"\` " >> /mnt/setup-chroot.sh
echo " serverinfo=\"Server available at $connection \\n\\n\$serverinfo\"; echo -e \"\$serverinfo\" | mail -s \" $hostname SSH key\" -r \" ${ email } \" \"\`cat /admins\`\" " >> /mnt/setup-chroot.sh
echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
errors = ` chmod +x /mnt/setup-chroot.sh 2>& 1 1>/dev/null` errors = ` chmod +x /mnt/setup-chroot.sh 2>& 1 1>/dev/null`
if ! [ " $? " = "0" ] ; then if ! [ " $? " = "0" ] ; then
echo " Failed to set execution permission on chroot script - $errors "
echo " Failed to set execution permission on chroot script - $errors "
@ -552,6 +536,27 @@ echo " exit 122">> /mnt/setup-chroot.sh
echo "fi" >> /mnt/setup-chroot.shecho "fi" >> /mnt/setup-chroot.sh
echo "echo \"Done.\"" >> /mnt/setup-chroot.shecho "echo \"Done.\"" >> /mnt/setup-chroot.sh
echo "echo \"\"" >> /mnt/setup-chroot.sh
echo "echo \"Sending SSH key via e-mail...\"" >> /mnt/setup-chroot.sh
if [ " $networktype " = "dhcp" ] ; then
connection = "`hostname -I` (`wget -qO - ifconfig.me`)"
else
connection = " $address "
fi
echo "echo \"FromLineOverride=YES\" > /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
echo "echo \"root=admin\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
echo " echo \"hostname= ${ fqdn } \" >> /etc/ssmtp/ssmtp.conf " >> /mnt/setup-chroot.sh
echo " echo \"AuthUser= ${ email } \" >> /etc/ssmtp/ssmtp.conf " >> /mnt/setup-chroot.sh
echo " echo \"AuthPass= ${ emailpassword } \" >> /etc/ssmtp/ssmtp.conf " >> /mnt/setup-chroot.sh
echo " echo \"mailhub= ${ smtp } \" >> /etc/ssmtp/ssmtp.conf " >> /mnt/setup-chroot.sh
echo "echo \"UseSTARTTLS=YES\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
echo " echo \"root: ${ admins } \" >> /etc/ssmtp/revaliases " >> /mnt/setup-chroot.sh
echo " chfn -f ' ${ email } ' root " >> /mnt/setup-chroot.sh
echo " serverinfo=\`cat \"/home/ ${ admin } /.ssh/id_rsa\"\` " >> /mnt/setup-chroot.sh
echo " serverinfo=\"Server available at $connection \\n\\n\$serverinfo\"; echo -e \"\$serverinfo\" | mail -s \" $hostname SSH key\" -r \" ${ email } \" \"\`cat /admins\`\" " >> /mnt/setup-chroot.sh
echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
echo "exit 0" >> /mnt/setup-chroot.shecho "exit 0" >> /mnt/setup-chroot.sh
@ -574,29 +579,31 @@ echo ""
echo "Writing network interfaces file..." echo "Writing network interfaces file..."
macaddr = $( echo $hostname | md5sum| sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/' ) macaddr = $( echo $hostname | md5sum| sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/' )
mkdir -p /mnt/etc/network && mkdir -p /mnt/etc/network/interfaces.d
mkdir -p /mnt/etc/network && mkdir -p /mnt/etc/network/interfaces.d
echo " auto lo br0" > /mnt/etc/network/interfaces.d/br0 echo " auto lo $bridgedevice " > /mnt/etc/network/interfaces.d/$bridgedevice
echo "iface lo inet loopback" >> /mnt/etc/network/interfaces.d/br0 echo "iface lo inet loopback" >> /mnt/etc/network/interfaces.d/$bridgedevice
niclist = "" niclist = ""
for nic in ` echo " $nics " ` ; do for nic in ` echo " $nics " ` ; do
echo " iface ${ nic } inet manual " >> /mnt/etc/network/interfaces.d/br0
echo " iface ${ nic } inet manual " >> /mnt/etc/network/interfaces.d/$bridgedevice
niclist = " $niclist $nic "
niclist = " $niclist $nic "
done done
if [ " $networktype " = "dhcp" ] ; then if [ " $networktype " = "dhcp" ] ; then
echo " iface br0 inet dhcp" >> /mnt/etc/network/interfaces.d/br0
echo " iface $bridgedevice inet dhcp " >> /mnt/etc/network/interfaces.d/$bridgedevice
else else
echo " iface br0 inet static" >> /mnt/etc/network/interfaces.d/br0
echo " iface $bridgedevice inet static " >> /mnt/etc/network/interfaces.d/$bridgedevice
echo " address $address " >> /mnt/etc/network/interfaces.d/br0
echo " address $address " >> /mnt/etc/network/interfaces.d/$bridgedevice
echo " netmask $subnet " >> /mnt/etc/network/interfaces.d/br0
echo " netmask $subnet " >> /mnt/etc/network/interfaces.d/$bridgedevice
echo " gateway $gateway " >> /mnt/etc/network/interfaces.d/br0
echo " gateway $gateway " >> /mnt/etc/network/interfaces.d/$bridgedevice
sed -ir " s/^#DNS=.*/DNS= ${ dns1 } /g " /mnt/etc/systemd/resolved.conf
sed -ir " s/^#DNS=.*/DNS= ${ dns1 } /g " /mnt/etc/systemd/resolved.conf
if ! [ -z " $dns2 " ] ; then sed -ir " s/^#FallbackDNS=.*/FallbackDNS= ${ dns2 } /g " /mnt/etc/systemd/resolved.conf ; fi
if ! [ -z " $dns2 " ] ; then sed -ir " s/^#FallbackDNS=.*/FallbackDNS= ${ dns2 } /g " /mnt/etc/systemd/resolved.conf ; fi
fi fi
#echo " bridge_hw $macaddr" >> /mnt/etc/network/interfaces.d/br0 #echo " bridge_hw $macaddr" >> /mnt/etc/network/interfaces.d/br0
echo " dns-nameservers 127.0.0.53" >> /mnt/etc/network/interfaces.d/br0echo " dns-nameservers 127.0.0.53" >> /mnt/etc/network/interfaces.d/$bridgedevice
echo " bridge_waitport 0" >> /mnt/etc/network/interfaces.d/br0if [ " $bridgedevice " = "br0" ] ; then
echo " bridge_fd 0" >> /mnt/etc/network/interfaces.d/br0echo " bridge_waitport 0" >> /mnt/etc/network/interfaces.d/$bridgedevice
echo " bridge_ports ${ niclist } " >> /mnt/etc/network/interfaces.d/br0echo " bridge_fd 0" >> /mnt/etc/network/interfaces.d/$bridgedevice
echo " bridge_stp on" >> /mnt/etc/network/interfaces.d/br0echo " bridge_ports ${ niclist } " >> /mnt/etc/network/interfaces.d/$bridgedevice
echo " bridge_stp on" >> /mnt/etc/network/interfaces.d/$bridgedevice
fi
echo "source-directory /etc/network/interfaces.d" > /mnt/etc/network/interfacesecho "source-directory /etc/network/interfaces.d" > /mnt/etc/network/interfaces
echo "Done." echo "Done."
@ -604,7 +611,7 @@ echo "Done."
echo "" echo ""
echo "Opening SSH port on firewall..." echo "Opening SSH port on firewall..."
sed -ir 's/### RULES ###/### RULES ###\n-A ufw-user-input - i br0 - p tcp --dport 22 -j ACCEPT/g' /mnt/etc/ufw/user.rules 2>& 1 1>/dev/null
sed -ir 's/### RULES ###/### RULES ###\n-A ufw-user-input - p tcp --dport 22 -j ACCEPT/g' /mnt/etc/ufw/user.rules 2>& 1 1>/dev/null
echo "Done." echo "Done."
# commented out for debugging # commented out for debugging
echo "" echo ""
sean
sean