58 lines
1.3 KiB
Bash
Executable File
58 lines
1.3 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
echo
|
|
echo " => Configuration"
|
|
echo
|
|
|
|
config_file="/etc/netig.conf"
|
|
|
|
# Skip if already configured
|
|
if [ -f $config_file ]; then
|
|
source $config_file
|
|
if [ $config = done ]; then
|
|
echo "Configuration already applied !"
|
|
exit
|
|
fi
|
|
fi
|
|
|
|
# Grub configuration
|
|
sed -i "s/GRUB_CMDLINE_LINUX_DEFAULT=\"quiet/& loglevel=3 nowatchdog/" /etc/default/grub
|
|
update-grub
|
|
|
|
# Server only configuration
|
|
if [ $profile = server ]; then
|
|
# Firewall basic configuration
|
|
ufw default deny incoming
|
|
ufw default allow outgoing
|
|
|
|
# Open needed ports
|
|
ports="ssh
|
|
http
|
|
https
|
|
imap
|
|
imaps
|
|
smtp
|
|
smtps"
|
|
for i in $ports
|
|
do
|
|
ufw allow $i
|
|
done
|
|
|
|
# SSH keys only
|
|
echo -e "# SSH keys only\nPasswordAuthentication no\nPubkeyAuthentication yes" > /etc/ssh/sshd_config.d/custom.conf
|
|
fi
|
|
|
|
# Desktop only configuration
|
|
if [ $profile = desktop ]; then
|
|
# Firewall configuration
|
|
ufw default deny incoming
|
|
ufw default allow outgoing
|
|
|
|
# Disable all managed interfaces excerpt loopback from /etc/network/interfaces file to allow NetworkManager to manage them
|
|
sed -i '/# The primary network interface/Q' /etc/network/interfaces
|
|
fi
|
|
|
|
# Remember configuration is applied
|
|
echo "config=done" > $config_file
|
|
chmod +x $config_file
|