shell-scripte-code/server_optimize.sh

85 lines
1.8 KiB
Bash
Raw Normal View History

2019-08-05 12:38:40 +02:00
#!/bin/bash
set -ex
version="${1}"
[[ -z "${version}" ]] && version="${hostname#*-}"
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root" 1>&2
sudo "$0" "$1" "$2" "$3" "$4" "$5" "$6" "$7" "$8" "$9"
exit 0
else
echo "Als ROOT angemeldet!!!"
fi
echo "Als root Angemeldet"
if [ -z "${hostname}" ]; then
if [ -f "/usr/bin/systemctl" ]; then
if [ -f "/etc/hostname.example" ]; then
hostname="$(cat /etc/hostname.example)"
else
cp /etc/hostname /etc/hostname.example
hostname="$(cat /etc/hostname)"
fi
else
if ! [ -f "/etc/conf.d/hostname.example" ]; then
cp /etc/conf.d/hostname /etc/conf.d/hostname.example
fi
temphostname="$(cat /etc/conf.d/hostname.example)"
#hostname="${temphostname%?}"
hostname="${temphostname:10:$((${#temphostname})) - 11}"
fi
fi
function makesshsecure() {
#sshd -T |grep permitrootlogin
sed -e 's|PermitRootLogin=.*$|PermitRootLogin=\ no|' -i /etc/ssh/sshd_config
sed -e 's|Port=.*$|Port=\ 2020|' -i /etc/ssh/sshd_config
systemctl restart sshd.service
cat /etc/services
}
function makesshsecure() {
apt install tcpd -y
nano -w /etc/hosts.allow
nano -w /etc/hosts.deny
}
function makeiptables() {
apt install iptables-persistent
iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6
}
function makefail2ban() {
apt install fail2ban
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
nano -w /etc/fail2ban/jail.local
systemctl restart fail2ban.service
}
function makeuser() {
echo "%wheel ALL=(ALL)" >> /etc/sudoers
adduser user1 wheel
}
makesshsecure
sleep 1
makeiptables
sleep 1
makefail2ban
sleep 1
makeuser