various improvements
This commit is contained in:
julien
@@ -4,7 +4,31 @@ echo
|
|||||||
echo " => Configuration"
|
echo " => Configuration"
|
||||||
echo
|
echo
|
||||||
|
|
||||||
|
if [ $profile = server ]; then
|
||||||
|
# Firewall basic configuration
|
||||||
|
ufw default deny incoming
|
||||||
|
ufw default allow outgoing
|
||||||
|
|
||||||
|
# Open needed ports
|
||||||
|
ports="ssh
|
||||||
|
http
|
||||||
|
https
|
||||||
|
imap
|
||||||
|
imaps
|
||||||
|
smtp
|
||||||
|
smtps"
|
||||||
|
|
||||||
|
for i in $ports
|
||||||
|
do
|
||||||
|
ufw allow $i
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
if [ $profile = desktop ]; then
|
if [ $profile = desktop ]; then
|
||||||
|
# Firewall configuration
|
||||||
|
ufw default deny incoming
|
||||||
|
ufw default allow outgoing
|
||||||
|
|
||||||
# Disable all managed interfaces excerpt loopback from /etc/network/interfaces file to allow NetworkManager to manage them
|
# Disable all managed interfaces excerpt loopback from /etc/network/interfaces file to allow NetworkManager to manage them
|
||||||
sed -i '/# The primary network interface/Q' /etc/network/interfaces
|
sed -i '/# The primary network interface/Q' /etc/network/interfaces
|
||||||
fi
|
fi
|
||||||
|
|||||||
@@ -6,18 +6,17 @@ echo
|
|||||||
|
|
||||||
dpkg -s docker-ce > /dev/null 2>&1
|
dpkg -s docker-ce > /dev/null 2>&1
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
# Add Docker's official GPG key
|
# Add Docker's official GPG key:
|
||||||
mkdir -p /etc/apt/keyrings
|
install -m 0755 -d /etc/apt/keyrings
|
||||||
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg --yes
|
curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
|
||||||
chmod a+rx /etc/apt/keyrings
|
chmod a+r /etc/apt/keyrings/docker.asc
|
||||||
chmod a+r /etc/apt/keyrings/docker.gpg
|
|
||||||
|
|
||||||
# Add the repository to Apt sources
|
# Add the repository to Apt sources:
|
||||||
echo \
|
echo \
|
||||||
"deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bullseye stable" \
|
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
|
||||||
| tee /etc/apt/sources.list.d/docker.list > /dev/null
|
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
|
||||||
|
tee /etc/apt/sources.list.d/docker.list > /dev/null
|
||||||
apt-get update
|
apt-get update
|
||||||
|
|
||||||
# Install packages
|
# Install packages
|
||||||
apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y
|
apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
|
||||||
fi
|
fi
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ echo
|
|||||||
|
|
||||||
dpkg -s ufw > /dev/null 2>&1
|
dpkg -s ufw > /dev/null 2>&1
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
|
# Install and enable UFW
|
||||||
apt-get install ufw -y
|
apt-get install ufw -y
|
||||||
ufw enable
|
ufw enable
|
||||||
fi
|
fi
|
||||||
|
|||||||
@@ -4,7 +4,8 @@ echo
|
|||||||
echo " => Packages"
|
echo " => Packages"
|
||||||
echo
|
echo
|
||||||
|
|
||||||
base="curl
|
base="ca-certificates
|
||||||
|
curl
|
||||||
git
|
git
|
||||||
htop
|
htop
|
||||||
tree
|
tree
|
||||||
|
|||||||
Reference in New Issue
Block a user