2021-03-04 12:42:35 +01:00
#!/usr/bin/env sh
# author: Daniel Sommer <daniel.sommer@velvettear.de>
# license: MIT
# variables
swappiness = "25"
tmpfs_size = "1G"
repository_protocol = "https"
2023-08-30 14:15:49 +02:00
repository_version = "v3.18"
2021-03-04 12:42:35 +01:00
# execution
printf "|>> executing alpine install script...\n"
[ [ " $INSTALL_USERNAME " ] ] && printf " |> username set to ' $INSTALL_USERNAME ' via environment variable'...\n " && user = " $INSTALL_USERNAME "
if [ [ ! " $user " ] ] ; then
read -p "|> enter your desired username: " user
[ [ ! " $user " ] ] && printf "|> error: no username entered\n" && exit 1
fi
[ [ " $INSTALL_PASSWORD " ] ] && printf " |> password set to ' $( printf " $INSTALL_PASSWORD \n " | sed "s/./\*/g" ) ' via environment variable'...\n " && password = " $INSTALL_PASSWORD "
if [ [ ! " $password " ] ] ; then
read -s -p " |> enter the password for ' $user ': " password && printf "\n"
[ [ ! " $password " ] ] && printf "|> error: no password entered\n" && exit 1
read -s -p "|> confirm the password: " password_confirmation && printf "\n"
[ [ " $password_confirmation " != " $password " ] ] && printf "|> error: passwords do not match\n" && exit 1
fi
2021-10-15 15:59:47 +02:00
[ [ " $repository_protocol " ] ] && printf "|> setting protocol for all repositories to '" $repository_protocol "'\n" && sed -i " s/http:/ $repository_protocol :/g " "/etc/apk/repositories"
2021-10-15 15:56:21 +02:00
[ [ " $repository_version " ] ] && printf "|> setting version for all repositories to '" $repository_version "'\n" && sed -i " s/\/v.*\//\/ $repository_version \//g " "/etc/apk/repositories"
2021-03-04 12:42:35 +01:00
printf "|> updating packages...\n"
apk update --progress
printf "|> upgrading installed packages...\n"
apk upgrade --progress --no-cache
printf "|> installing base packages...\n"
apk add --force-refresh --no-cache --progress \
sudo \
tzdata \
zsh \
htop \
iotop \
iftop \
neovim \
curl \
wget \
git \
unzip \
rsync \
dropbear \
openssh-client \
2023-10-05 14:33:18 +02:00
rxvt-unicode-terminfo \
kitty-terminfo
2021-03-04 12:42:35 +01:00
read -p "|> enter additional packages to install: " packages
2021-03-04 13:07:17 +01:00
[ [ " $packages " ] ] && packages = " $( printf " $packages " | tr '\n' ' ' ) " && apk add --force-refresh --no-cache --progress $packages
2021-03-04 12:42:35 +01:00
printf "|> setting timezone...\n"
setup-timezone -z "Europe/Berlin"
printf "|> changing shell from 'ash' to 'zsh'...\n"
sed -i "s/\/bin\/ash/\/bin\/zsh/g" "/etc/passwd"
printf " |> creating user ' $user '...\n "
adduser -D -G users -s "/bin/zsh" " $user "
printf " |> setting password for user ' $user '...\n "
echo -e " $password \n $password " | passwd " $user "
printf " |> adding user ' $user ' to group 'disk'...\n " && addgroup " $user " disk
printf " |> adding user ' $user ' to group 'lp'...\n " && addgroup " $user " lp
printf " |> adding user ' $user ' to group 'wheel'...\n " && addgroup " $user " wheel
printf " |> adding user ' $user ' to group 'floppy'...\n " && addgroup " $user " floppy
printf " |> adding user ' $user ' to group 'audio'...\n " && addgroup " $user " audio
printf " |> adding user ' $user ' to group 'cdrom'...\n " && addgroup " $user " cdrom
printf " |> adding user ' $user ' to group 'dialout'...\n " && addgroup " $user " dialout
printf " |> adding user ' $user ' to group 'tape'...\n " && addgroup " $user " tape
printf " |> adding user ' $user ' to group 'video'...\n " && addgroup " $user " video
printf " |> adding user ' $user ' to group 'netdev'...\n " && addgroup " $user " netdev
printf " |> adding user ' $user ' to group 'games'...\n " && addgroup " $user " games
printf " |> adding user ' $user ' to group 'cdrw'...\n " && addgroup " $user " cdrw
printf " |> adding user ' $user ' to group 'usb'...\n " && addgroup " $user " usb
printf "|> modifying sudoers...\n"
2022-08-22 11:24:56 +02:00
sed -i "s/# %wheel ALL=(ALL:ALL) ALL/%wheel ALL=(ALL:ALL) ALL/" "/etc/sudoers"
2021-03-04 12:42:35 +01:00
printf "|> disabling root login via ssh...\n"
sed -i "s/DROPBEAR_OPTS.*/DROPBEAR_OPTS=\"-w\"/" "/etc/conf.d/dropbear"
[ [ -r " $HOME /.ssh/authorized_keys " ] ] && printf " |> moving authorized ssh keys from ' $USER ' to ' $user '...\n " && mkdir -p " /home/ $user /.ssh " & > /dev/null && mv " $HOME /.ssh/authorized_keys " " /home/ $user /.ssh/authorized_keys " && chown -R " $user " :users " /home/ $user /.ssh "
printf "|> creating dropbear keys...\n"
mkdir -p "/etc/dropbear" & > /dev/null
dropbearkey -t "rsa" -s "4096" -f "/etc/dropbear/dropbear_rsa_host_key"
dropbearkey -t "dss" -s "1024" -f "/etc/dropbear/dropbear_dss_host_key"
dropbearkey -t "ecdsa" -s "521" -f "/etc/dropbear/dropbear_ecdsa_host_key"
printf "|> enabling and starting dropbear...\n"
rc-update add "dropbear"
rc-service "dropbear" restart
[ [ " $swappiness " ] ] && printf "|> tuning swappiness...\n" && printf "vm.swappiness=" $swappiness "" > "/etc/sysctl.d/99-swappiness.conf"
printf "|> cleaning '/etc/fstab'...\n"
rm -rf "/etc/fstab"
touch "/etc/fstab"
options = "defaults,noatime"
[ [ " $tmpfs_size " ] ] && options = " $options ,size= $tmpfs_size "
printf "|> setting up '/var/cache' as tmpfs...\n" && rm -rf "/var/cache/*" & > /dev/null && printf " cache\t/var/cache\ttmpfs\t $options 0 0\n " >> "/etc/fstab"
printf "|> setting up '/var/log' as tmpfs...\n" && rm -rf "/var/log/*" & > /dev/null && printf " logs\t/var/log\ttmpfs\t $options 0 0\n " >> "/etc/fstab"
printf "|> setting up '/tmp' as tmpfs...\n" && rm -rf "/tmp/*" & > /dev/null && printf " tmp\t/tmp\ttmpfs\t $options ,mode=1777 0 0\n " >> "/etc/fstab"
2023-10-05 13:18:48 +02:00
printf "|> setting up '/root/.cache' as tmpfs...\n" && rm -rf "/root/.cache/*" & > /dev/null && printf " root-cache\t/root/.cache\ttmpfs\t $options 0 0\n " >> "/etc/fstab"
printf " |> setting up '/home/ $user /.cache' as tmpfs...\n " && rm -rf " /home/ $user /.cache/* " & > /dev/null && printf " user-cache\t/home/ $user /.cache\ttmpfs\t $options 0 0\n " >> "/etc/fstab"
printf "|> modifying '/etc/init.d/localmount'...\n"
sed -i 's/keyword -docker -jail -lxc -prefix -systemd-nspawn -vserver/keyword -docker -jail -prefix -systemd-nspawn -vserver/' "/etc/init.d/localmount"
2021-03-04 12:42:35 +01:00
printf "|> remounting '/etc/fstab' entries...\n"
mount -a
printf "|> customizing environment...\n"
2021-03-15 02:43:46 +01:00
git clone -b "lxc-alpine" "https://git.velvettear.de/velvettear/etc.git" "/etc/velvettear"
2021-03-04 12:42:35 +01:00
chown -R " $user " :users "/etc/velvettear"
ln -s "/etc/velvettear/shell/zshrc.sh" " /home/ $user /.zshrc "
ln -s "/etc/velvettear/shell/zshrc_root.sh" "/root/.zshrc"
ln -s "/etc/velvettear/shell/zprofile" " /home/ $user /.zprofile "
ln -s "/etc/velvettear/shell/zprofile" "/root/.zprofile"
2021-04-14 10:21:15 +02:00
printf "|> removing motd...\n"
rm -f "/etc/motd"
2021-03-04 12:42:35 +01:00
printf "|>> alpine install script finished!\n"
printf " |>> remote access: 'ssh $user @ $( ip -f inet -o address | awk '/eth0/ {print $4}' | cut -d "/" -f1) '\n "
read -p "|> would you like to delete the install script? [YES/no] " prompt
[ [ " $prompt " ] ] && prompt = " $( printf " $prompt " | tr "[:lower:]" ) "
[ [ ! " $prompt " ] ] || [ [ " $prompt " = = "y" ] ] || [ [ "prompt" = = "yes" ] ] && printf " |> deleting script ' $0 '...\n " && rm -f " $0 "
read -p "|> would you like to reboot now? [YES/no] " prompt
[ [ " $prompt " ] ] && prompt = " $( printf $prompt | tr "[:lower:]" ) "
[ [ ! " $prompt " ] ] || [ [ " $prompt " = = "y" ] ] || [ [ " $prompt " = = "yes" ] ] && printf "|> rebooting now!\n" && reboot