From fd849ab258a97d00197ab133272cd4f1e694c102 Mon Sep 17 00:00:00 2001 From: kevinheyer Date: Sun, 6 Apr 2025 11:21:13 +0000 Subject: [PATCH] =?UTF-8?q?bootstrap.sh=20hinzugef=C3=BCgt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit First init --- bootstrap.sh | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 bootstrap.sh diff --git a/bootstrap.sh b/bootstrap.sh new file mode 100644 index 0000000..8cecd31 --- /dev/null +++ b/bootstrap.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +set -euo pipefail + +USERNAME="skulladmin" +SSH_KEY_URL="https://raw.githubusercontent.com/skulldev-de/kevinheyer/trusted-ssh-keys/main/trusted_ssh_keys" +SSH_DIR="/home/$USERNAME/.ssh" + +echo "[+] Creating user '$USERNAME' if it doesn't exist..." +if ! id "$USERNAME" &>/dev/null; then + useradd -m -s /bin/bash "$USERNAME" +fi + +echo "[+] Setting up SSH directory..." +mkdir -p "$SSH_DIR" +curl -fsSL "$SSH_KEY_URL" -o "$SSH_DIR/authorized_keys" +chown -R "$USERNAME:$USERNAME" "$SSH_DIR" +chmod 700 "$SSH_DIR" +chmod 600 "$SSH_DIR/authorized_keys" + +echo "[+] Adding user to sudo group..." +usermod -aG sudo "$USERNAME" + +echo "[+] Configuring passwordless sudo for $USERNAME..." +echo "$USERNAME ALL=(ALL) NOPASSWD:ALL" > "/etc/sudoers.d/$USERNAME" +chmod 440 "/etc/sudoers.d/$USERNAME" + +echo "[+] Disabling SSH root login..." +sed -i 's/^#*PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config +systemctl restart sshd + +echo "[+] Setting timezone to Europe/Berlin..." +timedatectl set-timezone Europe/Berlin + +echo "[+] Updating package list and installing essential packages..." +apt-get update -y +apt-get install -y sudo curl wget gnupg lsb-release software-properties-common + +echo "[✓] Bootstrap complete."