bash_bootstrap/bootstrap.sh

#!/bin/bash
set -euo pipefail

# Check for root privileges
if [ "$(id -u)" -ne 0 ]; then
    echo "[✗] Dieses Skript muss als root ausgeführt werden." >&2
    exit 1
fi

# Prompt for username input
read -p "Bitte geben Sie den Benutzernamen ein: " USERNAME

# Check if the username is not empty
if [ -z "$USERNAME" ]; then
    echo "[✗] Kein Benutzername eingegeben." >&2
    exit 1
fi

SSH_KEY_URL="https://skulldev.de/Skull-IT/trusted-ssh-keys/raw/branch/main/trusted-ssh-keys"

# Set SSH directory based on username
if [ "$USERNAME" = "root" ]; then
    SSH_DIR="/root/.ssh"
else
    SSH_DIR="/home/$USERNAME/.ssh"
fi

# Update package list and install necessary packages
echo "[+] Updating package list and installing essential packages..."
apt-get update
apt-get install -y wget openssh-server

# Setting up SSH directory and authorized keys
echo "[+] Setting up SSH directory..."
mkdir -p "$SSH_DIR"
wget -O "$SSH_DIR/authorized_keys" "$SSH_KEY_URL"
chown -R "$USERNAME:$USERNAME" "$SSH_DIR"
chmod 700 "$SSH_DIR"
chmod 600 "$SSH_DIR/authorized_keys"

# Configure SSH server to allow public key authentication
echo "[+] Configuring SSH server..."
SSH_CONFIG="/etc/ssh/sshd_config"
sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/' "$SSH_CONFIG"
sed -i 's/^PubkeyAuthentication no/PubkeyAuthentication yes/' "$SSH_CONFIG"
sed -i 's/^#AuthorizedKeysFile/AuthorizedKeysFile/' "$SSH_CONFIG"
sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/' "$SSH_CONFIG"

# Restart SSH service to apply changes
systemctl restart ssh

# Adding user to sudo group
echo "[+] Adding user to sudo group..."
apt-get install -y sudo
usermod -aG sudo "$USERNAME"

# Configuring passwordless sudo for the user
echo "[+] Configuring passwordless sudo for $USERNAME..."
echo "$USERNAME ALL=(ALL) NOPASSWD:ALL" | tee "/etc/sudoers.d/$USERNAME" > /dev/null
chmod 440 "/etc/sudoers.d/$USERNAME"

# Setting timezone
echo "[+] Setting timezone to Europe/Berlin..."
apt-get install -y tzdata
ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime

echo "[✓] Bootstrap complete."
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00			`#!/bin/bash`
			`set -euo pipefail`

bootstrap.sh aktualisiert add sudo requirements 2025-04-09 15:11:49 +00:00			`# Check for root privileges`
			`if [ "$(id -u)" -ne 0 ]; then`
bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`echo "[✗] Dieses Skript muss als root ausgeführt werden." >&2`
bootstrap.sh aktualisiert add sudo requirements 2025-04-09 15:11:49 +00:00			`exit 1`
			`fi`

bootstrap.sh aktualisiert Change to userinput 2025-06-12 19:29:44 +00:00			`# Prompt for username input`
			`read -p "Bitte geben Sie den Benutzernamen ein: " USERNAME`

			`# Check if the username is not empty`
			`if [ -z "$USERNAME" ]; then`
			`echo "[✗] Kein Benutzername eingegeben." >&2`
			`exit 1`
			`fi`

bootstrap.sh aktualisiert 2025-06-11 17:12:16 +00:00			`SSH_KEY_URL="https://skulldev.de/Skull-IT/trusted-ssh-keys/raw/branch/main/trusted-ssh-keys"`
bootstrap.sh aktualisiert change correct root behavior 2025-06-14 12:23:55 +00:00
			`# Set SSH directory based on username`
			`if [ "$USERNAME" = "root" ]; then`
			`SSH_DIR="/root/.ssh"`
			`else`
			`SSH_DIR="/home/$USERNAME/.ssh"`
			`fi`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00
bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`# Update package list and install necessary packages`
bootstrap.sh aktualisiert 2025-06-11 17:12:16 +00:00			`echo "[+] Updating package list and installing essential packages..."`
bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`apt-get update`
bootstrap.sh aktualisiert edit ssh_config file 2025-06-12 19:43:32 +00:00			`apt-get install -y wget openssh-server`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00
bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`# Setting up SSH directory and authorized keys`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00			`echo "[+] Setting up SSH directory..."`
			`mkdir -p "$SSH_DIR"`
bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`wget -O "$SSH_DIR/authorized_keys" "$SSH_KEY_URL"`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00			`chown -R "$USERNAME:$USERNAME" "$SSH_DIR"`
			`chmod 700 "$SSH_DIR"`
			`chmod 600 "$SSH_DIR/authorized_keys"`

bootstrap.sh aktualisiert edit ssh_config file 2025-06-12 19:43:32 +00:00			`# Configure SSH server to allow public key authentication`
			`echo "[+] Configuring SSH server..."`
			`SSH_CONFIG="/etc/ssh/sshd_config"`
			`sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/' "$SSH_CONFIG"`
			`sed -i 's/^PubkeyAuthentication no/PubkeyAuthentication yes/' "$SSH_CONFIG"`
			`sed -i 's/^#AuthorizedKeysFile/AuthorizedKeysFile/' "$SSH_CONFIG"`
			`sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/' "$SSH_CONFIG"`

			`# Restart SSH service to apply changes`
			`systemctl restart ssh`

bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`# Adding user to sudo group`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00			`echo "[+] Adding user to sudo group..."`
bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`apt-get install -y sudo`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00			`usermod -aG sudo "$USERNAME"`

bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`# Configuring passwordless sudo for the user`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00			`echo "[+] Configuring passwordless sudo for $USERNAME..."`
bootstrap.sh aktualisiert Change to userinput 2025-06-12 19:29:44 +00:00			`echo "$USERNAME ALL=(ALL) NOPASSWD:ALL" \| tee "/etc/sudoers.d/$USERNAME" > /dev/null`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00			`chmod 440 "/etc/sudoers.d/$USERNAME"`

bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`# Setting timezone`
bootstrap.sh hinzugefügt First init 2025-04-06 11:21:13 +00:00			`echo "[+] Setting timezone to Europe/Berlin..."`
bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`apt-get install -y tzdata`
			`ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime`
bootstrap.sh aktualisiert Add sleep for wating of the release og the dpkg lock-frontend 2025-04-06 11:29:19 +00:00
bootstrap.sh aktualisiert 2025-06-11 17:17:28 +00:00			`echo "[✓] Bootstrap complete."`