netig/netbian
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
julien
2026-01-14 13:05:05 +01:00
commit 1a02980bbc
7 changed files with 343 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
README.md Executable file
View File

@@ -0,0 +1,49 @@
# NETbian
Debian 13 NETig configuration for `server`, `desktop` or `full-desktop` profiles.
What it does :
* Update the system
* Install a firewall
* Install a set of packages accordingly to the selected profile
* Add a ZRAM
* Apply any needed system configuration for your profile
What it doesn't :
* Add `contrib` nor `non-free` repositories
* Add server [maintenance scripts](https://git.netig.net/netig/srv-scripts)
* Configure the desktop for you
## Prerequisites
A fresh Debian 13 install without `Debian desktop environment` nor any desktop installed.
## Usage
> Warning ! The `server` profile will disable passwords SSH connection in favor of SSH keys, make sure to `ssh-copy-id` your key before rebooting the server.
Downlad and extract the archive :
```
# cd /tmp
# wget https://git.netig.net/netig/netbian/archive/main.tar.gz
# tar -xvzf main.tar.gz
# cd netbian/
```
And then run the `./run.sh` script, choose your profile and reboot the machine once done.
## Tips
### Docker Rootless mode
If you want to use Docker as normal user first disable the system-wide Docker daemon :
```
# systemctl disable --now docker.service docker.socket
# rm /var/run/docker.sock
```
Install the `uidmap` package, then run `dockerd-rootless-setuptool.sh install` as a non-root user to set up the daemon.
## Links
* [Official Debian website](https://www.debian.org/index.html)

38
modules.sh Executable file
View File

@@ -0,0 +1,38 @@
#!/bin/bash
source $config_file
# Modules for each profile
if [ $profile = server ]; then
modules="pkgs.sh
docker.sh
zram.sh
config.sh"
fi
if [ $profile = desktop ]; then
modules="pkgs.sh
zram.sh
config.sh"
fi
if [ $profile = full-desktop ]; then
modules="pkgs.sh
docker.sh
zram.sh
config.sh"
fi
# Modules execution
for i in $modules
do
modules/$i
done
# End message
echo
echo " => End"
echo
echo "Successfully completed !"
echo

48
modules/config.sh Executable file
View File

@@ -0,0 +1,48 @@
#!/bin/bash
source $config_file
echo
echo " => Configuration"
echo
# Check config
if [ ! -z $config ]; then
echo "Configuration already applied."
exit
fi
# Enable firewall
ufw enable
ufw default deny incoming
ufw default allow outgoing
# Grub configuration
sed -i "s/GRUB_CMDLINE_LINUX_DEFAULT=\"quiet/& loglevel=3 nowatchdog/" /etc/default/grub
update-grub
# Server only configuration
if [ $profile = server ]; then
# Firewall configuration
ports="ssh
http
https
imap
imaps
smtp
smtps"
for i in $ports
do
ufw allow $i
done
# SSH keys only
echo -e "# SSH keys only\nPasswordAuthentication no\nPubkeyAuthentication yes" > /etc/ssh/sshd_config.d/custom.conf
fi
# Desktop only configuration
if [ $profile = desktop ]; then
# Disable all managed interfaces excerpt loopback from /etc/network/interfaces file to allow NetworkManager to manage them
sed -i '/# The primary network interface/Q' /etc/network/interfaces
fi

49
modules/docker.sh Executable file
View File

@@ -0,0 +1,49 @@
#!/bin/bash
echo
echo " => Docker"
echo
# Check for Docker
pkgs="docker-ce
docker-ce-cli
containerd.io
docker-buildx-plugin
docker-compose-plugin"
for pkg in $pkgs
do
dpkg-query -W -f='${Status}' $pkg 2>&1 | grep -q " installed"
if [ $? -ne 0 ]; then
installed=false
fi
done
if [ -z $installed ]; then
echo "Docker found."
exit
fi
# Install needed packages
pkgs="ca-certificates
curl"
for pkg in $pkgs
do
dpkg-query -W -f='${Status}' $pkg 2>&1 | grep -q " installed"
if [ $? -ne 0 ]; then
apt-get install $pkg -y
fi
done
# Add Docker's official GPG key:
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
# Install packages
apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y

72
modules/pkgs.sh Executable file
View File

@@ -0,0 +1,72 @@
#!/bin/bash
source $config_file
echo
echo " => Packages"
echo
# Localization
if [ $profile = desktop ] || [ $profile = full-desktop ]; then
echo "What is your language code for localization packages ? (eg. de, en-gb, fr)"
read -p "> " lang
fi
# Packages sets by profile
base="git
htop
rsync
tree
ufw"
server=""
desktop="gnome-core gnome-console
gnome-shell-extension-caffeine
gnome-shell-extension-tiling-assistant
gnome-themes-extra
gnome-tweaks
gufw
papirus-icon-theme"
applications="firefox-esr
firefox-esr-l10n-$lang
gimp
libreoffice
libreoffice-gnome
libreoffice-l10n-$lang"
if [ $profile = server ]; then
pkgs="$base
$server"
fi
if [ $profile = desktop ]; then
pkgs="$base
$desktop"
fi
if [ $profile = full-desktop ]; then
pkgs="$base
$desktop
$applications"
fi
# Check updates
apt-get update && apt-get upgrade -y
echo
# Install packages
for pkg in $pkgs
do
dpkg-query -W -f='${Status}' $pkg 2>&1 | grep -q " installed"
if [ $? -ne 0 ]; then
installed=false
fi
done
if [ ! -z $installed ]; then
apt-get install $pkgs -y
else
echo "All packages are already installed."
fi

23
modules/zram.sh Executable file
View File

@@ -0,0 +1,23 @@
#!/bin/bash
echo
echo " => ZRAM"
echo
# Check for zram
pkg=zram-tools
dpkg-query -W -f='${Status}' $pkg 2>&1 | grep -q " installed"
if [ $? -eq 0 ]; then
echo "ZRAM found."
exit
fi
# Install zram
apt-get install zram-tools -y
# Configure zram
sed -i '/#ALGO=lz4/s/^#//g' /etc/default/zramswap
sed -i '/#PERCENT=50/s/^#//g' /etc/default/zramswap
sed -i 's/ALGO=lz4/ALGO=zstd/g' /etc/default/zramswap
systemctl restart zramswap.service

64
run.sh Executable file
View File

@@ -0,0 +1,64 @@
#!/bin/bash
# If root
ID=$(id -u)
if [ "$ID" -ne 0 ]
then
echo
echo "Please run as root !"
exit
fi
# Check network
if ! ping -q -c 3 -W 5 kernel.org >/dev/null
then
echo
echo "The network is down, check your connection."
exit
fi
# Welcome message
echo
echo "Welcome to NETbian Debian post-installation script !"
echo
echo " => Profile selection"
echo
# Configuration file
export config_file="/etc/netbian.conf"
# Check for existing config
if [ -f $config_file ]; then
source $config_file
if [ ! -z $profile ]; then
echo "Profile is already set as $profile."
export config=done
./modules.sh
exit
fi
fi
# Profile selection
while true
do
echo "Do you want to install the server, desktop or full-desktop profile ? (server/desktop/full-desktop)"
read -p "> " answer
echo "profile=$answer" > $config_file
chmod +x $config_file
case $answer in
server)
break
;;
desktop)
break
;;
full-desktop)
break
;;
* )
echo "Please answer server/desktop/full-desktop."
;;
esac
done
./modules.sh