From 8c86f71718b6fe639b133879e4afe835ab9210d1 Mon Sep 17 00:00:00 2001
From: velvettear <daniel.sommer@velvettear.de>
Date: Sun, 11 Apr 2021 23:47:00 +0200
Subject: [PATCH] added debian install script

---
 README.md         |   8 ++-
 debian_install.sh | 135 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 141 insertions(+), 2 deletions(-)
 create mode 100755 debian_install.sh

diff --git a/README.md b/README.md
index 2b187ec..f44eb11 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,11 @@
 
 install scripts for linux containers (lxc)    
 
-## alpine_install.sh  
-basic, somewhat interactive installer for alpine linux based containers
+## *_install.sh  
+basic, somewhat interactive installer for linux containers (lxc)
 
+### alpine linux
 `wget https://git.velvettear.de/velvettear/lxc/raw/branch/master/alpine_install.sh -O install.sh && chmod +x install.sh && ./install.sh`
+
+### debian linux
+`wget https://git.velvettear.de/velvettear/lxc/raw/branch/master/debian_install.sh -O install.sh && chmod +x install.sh && ./install.sh`
diff --git a/debian_install.sh b/debian_install.sh
new file mode 100755
index 0000000..3614375
--- /dev/null
+++ b/debian_install.sh
@@ -0,0 +1,135 @@
+#!/usr/bin/env bash
+
+# author:   Daniel Sommer <daniel.sommer@velvettear.de>
+# license:  MIT
+
+# variables 
+swappiness="25"
+tmpfs_size="1G"
+
+# execution
+printf "|>> executing debian install script...\n"
+
+[[ "$INSTALL_USERNAME" ]] && printf "|> username set to '$INSTALL_USERNAME' via environment variable'...\n" && user="$INSTALL_USERNAME"
+if [[ ! "$user" ]]; then
+    read -p "|> enter your desired username: " user                                                                                                                                       
+    [[ ! "$user" ]] && printf "|> error: no username entered\n" && exit 1                                                                                                  
+fi
+
+[[ "$INSTALL_PASSWORD" ]] && printf "|> password set to '$(printf "$INSTALL_PASSWORD\n" | sed "s/./\*/g")' via environment variable'...\n" && password="$INSTALL_PASSWORD"
+if [[ ! "$password" ]]; then
+    read -s -p "|> enter the password for '$user': " password && printf "\n"                                                                                                                 
+    [[ ! "$password" ]] && printf "|> error: no password entered\n" && exit 1                                                                                              
+    read -s -p "|> confirm the password: " password_confirmation && printf "\n"                                                                                       
+    [[ "$password_confirmation" != "$password" ]] && printf "|> error: passwords do not match\n" && exit 1
+fi
+
+printf "|> removing motd...\n"
+rm -f "/etc/motd"
+
+printf "|> updating packages...\n"
+apt-get update -y
+
+printf "|> upgrading installed packages...\n"
+apt-get upgrade -y
+
+printf "|> installing base packages...\n"
+apt-get install -y \
+    sudo \
+    tzdata \
+    zsh \
+    htop \
+    iotop \
+    iftop \
+    neovim \
+    curl \
+    wget \
+    git \
+    unzip \
+    rsync \
+    dropbear \
+    openssh-client \
+    rxvt-unicode-terminfo
+
+read -p "|> enter additional packages to install: " packages
+[[ "$packages" ]] && packages="$(printf "$packages" | tr '\n' ' ')" && apt-get install -y $packages
+
+printf "|> setting timezone...\n"
+rm -f "/etc/localtime"
+ln -s "/usr/share/zoneinfo/Europe/Berlin" "/etc/localtime"
+
+printf "|> changing shell from 'ash' to 'zsh'...\n"
+sed -i "s/\/bin\/bash/\/bin\/zsh/g" "/etc/passwd"
+
+printf "|> creating user '$user'...\n"
+useradd -m -g users -s "/bin/zsh" "$user"
+
+printf "|> setting password for user '$user'...\n"
+echo -e "$password\n$password" | passwd "$user"
+
+printf "|> adding user '$user' to group 'disk'...\n" && addgroup "$user" disk
+printf "|> adding user '$user' to group 'lp'...\n" && addgroup "$user" lp
+printf "|> adding user '$user' to group 'wheel'...\n" && addgroup "$user" wheel
+printf "|> adding user '$user' to group 'floppy'...\n" && addgroup "$user" floppy
+printf "|> adding user '$user' to group 'audio'...\n" && addgroup "$user" audio
+printf "|> adding user '$user' to group 'cdrom'...\n" && addgroup "$user" cdrom
+printf "|> adding user '$user' to group 'dialout'...\n" && addgroup "$user" dialout
+printf "|> adding user '$user' to group 'tape'...\n" && addgroup "$user" tape
+printf "|> adding user '$user' to group 'video'...\n" && addgroup "$user" video
+printf "|> adding user '$user' to group 'netdev'...\n" && addgroup "$user" netdev
+printf "|> adding user '$user' to group 'games'...\n" && addgroup "$user" games
+printf "|> adding user '$user' to group 'sudo'...\n" && addgroup "$user" sudo
+
+printf "|> modifying sudoers...\n"
+sed -i "s/# %sudo ALL=(ALL) ALL/%sudo ALL=(ALL) ALL/" "/etc/sudoers"
+
+#printf "|> disabling root login via ssh...\n"
+#sed -i "s/DROPBEAR_OPTS.*/DROPBEAR_OPTS=\"-w\"/" "/etc/conf.d/dropbear"
+
+[[ -r "$HOME/.ssh/authorized_keys" ]] && printf "|> moving authorized ssh keys from '$USER' to '$user'...\n" && mkdir -p "/home/$user/.ssh" &> /dev/null && mv "$HOME/.ssh/authorized_keys" "/home/$user/.ssh/authorized_keys" && chown -R "$user":users "/home/$user/.ssh"
+
+printf "|> creating dropbear keys...\n"
+mkdir -p "/etc/dropbear" &> /dev/null
+dropbearkey -t "rsa" -s "4096" -f "/etc/dropbear/dropbear_rsa_host_key"
+dropbearkey -t "dss" -s "1024" -f "/etc/dropbear/dropbear_dss_host_key"
+dropbearkey -t "ecdsa" -s "521" -f "/etc/dropbear/dropbear_ecdsa_host_key"
+
+printf "|> stopping and disabling sshd...\n"
+systemctl disable sshd --now
+
+printf "|> enabling and starting dropbear...\n"
+systemctl enable dropbear --now
+
+[[ "$swappiness" ]] && printf "|> tuning swappiness...\n" && printf "vm.swappiness="$swappiness"" > "/etc/sysctl.d/99-swappiness.conf"
+
+printf "|> cleaning '/etc/fstab'...\n"
+rm -rf "/etc/fstab"
+touch "/etc/fstab"
+
+options="defaults,noatime"
+[[ "$tmpfs_size" ]] && options="$options,size=$tmpfs_size"
+printf "|> setting up '/var/cache' as tmpfs...\n" && rm -rf "/var/cache/*" &> /dev/null && printf "cache\t/var/cache\ttmpfs\t$options 0 0\n" >> "/etc/fstab"
+printf "|> setting up '/var/log' as tmpfs...\n" && rm -rf "/var/log/*" &> /dev/null && printf "logs\t/var/log\ttmpfs\t$options 0 0\n" >> "/etc/fstab"
+printf "|> setting up '/tmp' as tmpfs...\n" && rm -rf "/tmp/*" &> /dev/null && printf "tmp\t/tmp\ttmpfs\t$options,mode=1777 0 0\n" >> "/etc/fstab"
+
+printf "|> remounting '/etc/fstab' entries...\n"
+mount -a
+
+printf "|> customizing environment...\n"                                                                        
+git clone -b "lxc-alpine" "https://git.velvettear.de/velvettear/etc.git" "/etc/velvettear"                             
+chown -R "$user":users "/etc/velvettear"
+ln -s "/etc/velvettear/shell/zshrc.sh" "/home/$user/.zshrc"
+ln -s "/etc/velvettear/shell/zshrc_root.sh" "/root/.zshrc"
+ln -s "/etc/velvettear/shell/zprofile" "/home/$user/.zprofile"
+ln -s "/etc/velvettear/shell/zprofile" "/root/.zprofile"
+
+printf "|>> debian install script finished!\n"
+printf "|>> remote access: 'ssh $user@$(ip -f inet -o address | awk '/eth0/ {print $4}' | cut -d "/" -f1)'\n"
+
+read -p "|> would you like to delete the install script? [YES/no] " prompt
+[[ "$prompt" ]] && prompt="$(printf "$prompt" | tr "[:lower:]")"
+[[ ! "$prompt" ]] || [[ "$prompt" == "y" ]] || [[ "prompt" == "yes" ]] && printf "|> deleting script '$0'...\n" && rm -f "$0"
+
+read -p "|> would you like to reboot now? [YES/no] " prompt
+[[ "$prompt" ]] && prompt="$(printf $prompt | tr "[:lower:]")"
+[[ ! "$prompt" ]] || [[ "$prompt" == "y" ]] || [[ "$prompt" == "yes" ]] && printf "|> rebooting now!\n" && reboot