85 lines
1.8 KiB
Bash
85 lines
1.8 KiB
Bash
|
#!/bin/bash
|
||
|
|
||
|
set -ex
|
||
|
|
||
|
version="${1}"
|
||
|
[[ -z "${version}" ]] && version="${hostname#*-}"
|
||
|
|
||
|
if [[ $EUID -ne 0 ]]; then
|
||
|
echo "This script must be run as root" 1>&2
|
||
|
sudo "$0" "$1" "$2" "$3" "$4" "$5" "$6" "$7" "$8" "$9"
|
||
|
exit 0
|
||
|
else
|
||
|
echo "Als ROOT angemeldet!!!"
|
||
|
fi
|
||
|
echo "Als root Angemeldet"
|
||
|
|
||
|
if [ -z "${hostname}" ]; then
|
||
|
if [ -f "/usr/bin/systemctl" ]; then
|
||
|
if [ -f "/etc/hostname.example" ]; then
|
||
|
hostname="$(cat /etc/hostname.example)"
|
||
|
else
|
||
|
cp /etc/hostname /etc/hostname.example
|
||
|
hostname="$(cat /etc/hostname)"
|
||
|
fi
|
||
|
else
|
||
|
if ! [ -f "/etc/conf.d/hostname.example" ]; then
|
||
|
cp /etc/conf.d/hostname /etc/conf.d/hostname.example
|
||
|
fi
|
||
|
temphostname="$(cat /etc/conf.d/hostname.example)"
|
||
|
#hostname="${temphostname%?}"
|
||
|
hostname="${temphostname:10:$((${#temphostname})) - 11}"
|
||
|
fi
|
||
|
fi
|
||
|
|
||
|
function makesshsecure() {
|
||
|
|
||
|
#sshd -T |grep permitrootlogin
|
||
|
|
||
|
sed -e 's|PermitRootLogin=.*$|PermitRootLogin=\ no|' -i /etc/ssh/sshd_config
|
||
|
sed -e 's|Port=.*$|Port=\ 2020|' -i /etc/ssh/sshd_config
|
||
|
|
||
|
systemctl restart sshd.service
|
||
|
|
||
|
cat /etc/services
|
||
|
}
|
||
|
|
||
|
function makesshsecure() {
|
||
|
apt install tcpd -y
|
||
|
|
||
|
nano -w /etc/hosts.allow
|
||
|
|
||
|
nano -w /etc/hosts.deny
|
||
|
}
|
||
|
|
||
|
function makeiptables() {
|
||
|
|
||
|
apt install iptables-persistent
|
||
|
|
||
|
iptables-save > /etc/iptables/rules.v4
|
||
|
ip6tables-save > /etc/iptables/rules.v6
|
||
|
}
|
||
|
|
||
|
function makefail2ban() {
|
||
|
apt install fail2ban
|
||
|
|
||
|
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
|
||
|
|
||
|
nano -w /etc/fail2ban/jail.local
|
||
|
|
||
|
systemctl restart fail2ban.service
|
||
|
}
|
||
|
|
||
|
function makeuser() {
|
||
|
echo "%wheel ALL=(ALL)" >> /etc/sudoers
|
||
|
adduser user1 wheel
|
||
|
}
|
||
|
|
||
|
makesshsecure
|
||
|
sleep 1
|
||
|
makeiptables
|
||
|
sleep 1
|
||
|
makefail2ban
|
||
|
sleep 1
|
||
|
makeuser
|