49 lines
1.0 KiB
Bash
Executable File
49 lines
1.0 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
source $config_file
|
|
|
|
echo
|
|
echo " => Configuration"
|
|
echo
|
|
|
|
# Check config
|
|
if [ ! -z $config ]; then
|
|
echo "Configuration already applied."
|
|
exit
|
|
fi
|
|
|
|
# Enable firewall
|
|
ufw enable
|
|
ufw default deny incoming
|
|
ufw default allow outgoing
|
|
|
|
# Grub configuration
|
|
sed -i "s/GRUB_CMDLINE_LINUX_DEFAULT=\"quiet/& loglevel=3 nowatchdog/" /etc/default/grub
|
|
update-grub
|
|
|
|
# Server only configuration
|
|
if [ $profile = server ]; then
|
|
# Firewall configuration
|
|
ports="ssh
|
|
http
|
|
https
|
|
imap
|
|
imaps
|
|
smtp
|
|
smtps"
|
|
for i in $ports
|
|
do
|
|
ufw allow $i
|
|
done
|
|
|
|
# SSH keys only
|
|
echo -e "# SSH keys only\nPasswordAuthentication no\nPubkeyAuthentication yes" > /etc/ssh/sshd_config.d/custom.conf
|
|
fi
|
|
|
|
# Desktop only configuration
|
|
if [ $profile = desktop ]; then
|
|
# Disable all managed interfaces excerpt loopback from /etc/network/interfaces file to allow NetworkManager to manage them
|
|
sed -i '/# The primary network interface/Q' /etc/network/interfaces
|
|
fi
|
|
|