Initial commit

2021-11-12 15:53:21 +01:00
commit 7654d8d787
3 changed files with 176 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,8 @@
+# ISO Server
+This is the ancestor of NAS Server. It was both an FTP Server anda web server providing ISO images or things like that
+over network. Moreover, it was administrated by OpenMediaVault.
+
+### Setup
+The setup takes place in two parts:
+* `setup1.sh` setups OMV on a blank Armbian and then reboot
+* `setup2.sh` then configures the system specificaly for the ISO server
--- a/setup1.sh
+++ b/setup1.sh
@@ -0,0 +1,59 @@
+#!/bin/bash
+
+# The purpose of this script is to setup OMV on a blank Armbian.
+# This script is to be run as root.
+
+# (Keep in mind that default root password is 1234)
+# Flash SBC's SD with Armbian and copy this script as well as setup2.sh (depending of usage) and conf-sync.sh to /root
+
+# YOU SHOULD REMOVE THIS SCRIPT AFTER SETUP
+
+# Functions
+init() {
+  echo "Starting initialization"
+  echo $hostname > /etc/hostname
+  sed -i -e "s/=default_hostname/$fqdn $hostname/g" /etc/hosts
+  localectl set-keymap $keymap
+  timedatectl set-timezone $timezone
+  systemctl disable apt-daily-upgrade.timer
+}
+
+install_packages() {
+  echo "Starting packages installation"
+  sed -i -e "s/$deb_apt_default_repo/$deb_apt_repo/g" /etc/apt/sources.list
+  apt update
+  apt upgrade -y
+  apt install -y vim tree tmux neofetch
+}
+
+install_omv() { # This step ends on a reboot, so we part the script here
+  wget $omv_install_script_link
+  chmod u+x $run_directory_path/install
+  bash $run_directory_path/install
+}
+
+# Only run if the user is root
+if [[ $USER != 'root' ]] ; then
+  echo "You must run this script as root!"
+  exit 1
+fi
+
+run_directory_path=$(pwd)
+
+# Set parameters
+default_hostname='odroidxu4'
+hostname='hk1'
+fqdn='hk1.kto.black'
+keymap='fr'
+timezone='Europe/Paris'
+deb_apt_default_repo='httpredir.debian.org'
+deb_apt_repo='ftp.fr.debian.org'
+omv_install_script_link='https://github.com/OpenMediaVault-Plugin-Developers/installScript/raw/master/install'
+
+# Main process
+# You should comment below what you do not want to happen
+init
+install_packages
+install_omv
+
+exit 0
--- a/setup2.sh
+++ b/setup2.sh
@@ -0,0 +1,109 @@
+#!/bin/bash
+
+# The purpose of this script is to setup our ISO server on a blank Armbian.
+# This script is to be run as root.
+# This script runs AFTER setup1.sh, which installs OMV and reboots the system
+
+# YOU SHOULD REMOVE THIS SCRIPT AFTER SETUP
+
+# Functions
+set_hostname() {
+  echo $fqdn > /etc/hostname
+}
+
+install_packages() { # TODO these packages do not seem to exist as of 2021/10/10
+  echo "Starting packages installation"
+  apt install -y openmediavault-luksencryption openmediavault-downloader
+}
+
+add_users() {
+  echo "Adding users"
+  useradd -N -g users -G sudo,ssh,openmediavault-admin -m -s /bin/bash $user
+  chmod 700 /home/$user
+}
+
+set_sudo_conf() { # TODO that doesn't seem to work
+  echo "Setting sudo configuration"
+  sed -i -e "s/%sudo   ALL=(ALL:ALL) ALL/%sudo   ALL=(ALL:ALL) NOPASSWD: ALL/g" /etc/sudoers
+}
+
+get_conf() {
+  echo "Getting configuration"
+  sudo -H -u $user mkdir $sync_directory_path
+  cp $run_directory_path/conf-sync.sh $sync_directory_path/
+  chown $user:users $sync_directory_path/conf-sync.sh
+  sudo -H -u $user chmod u+x $sync_directory_path/conf-sync.sh
+  sudo -H -u $user $sync_directory_path/conf-sync.sh
+}
+
+set_conf() {
+  echo "Setting configuration"
+  #sudo -H -u $user chmod uo+x $sync_directory_path/clean-cloud.sh $sync_directory_path/scan-to-cloud.sh
+  ln -s $sync_directory_path/*.service $systemd_units_path/
+  ln -s $sync_directory_path/*.timer $systemd_units_path/
+  #ln -s $sync_directory_path/*.socket $systemd_units_path/
+  #ln -s $sync_directory_path/*.mount $systemd_units_path/
+  #ln -s $sync_directory_path/*.path $systemd_units_path/
+  systemctl daemon-reload
+  systemctl enable conf-sync.timer
+}
+
+rcs_links() {
+  echo "Linking rcs"
+  rm /home/$user/.bashrc
+  rm /root/.bashrc
+  sudo -H -u $user ln -s $sync_directory_path/bashrc /home/$user/.bashrc
+  ln -s /home/$user/.bashrc /root/.bashrc
+  sudo -H -u $user ln -s $sync_directory_path/vimrc /home/$user/.vimrc
+  ln -s /home/$user/.vimrc /root/.vimrc
+}
+
+ssh_pubkey() {
+  echo "Getting SSH public key"
+  sudo -H -u $user mkdir /home/$user/.ssh
+  sudo -H -u $user wget -P /home/$user/.ssh $remote_pubkey_location/$remote_pubkey
+  sudo -H -u $user mv /home/$user/.ssh/$remote_pubkey /home/$user/.ssh/authorized_keys
+}
+
+# Only run if the user is root
+if [[ $USER != 'root' ]] ; then
+  echo "You must run this script as root!"
+  exit 1
+fi
+
+run_directory_path=$(pwd)
+
+# Set parameters
+fqdn='hk1.kto.black'
+user='alex'
+sync_directory_path="/home/$user/.sync"
+systemd_units_path='/etc/systemd/system'
+remote_pubkey_location='https://keys.kto.black'
+remote_pubkey='home.pub'
+
+# Main process
+# You should comment below what you do not want to happen
+set_hostname
+install_packages
+add_users
+set_sudo_conf
+get_conf
+set_conf
+rcs_links
+ssh_pubkey
+
+echo ""
+echo "We're all good here!"
+echo "You should now:"
+echo "* set $user's password"
+echo "* lock root and admin accounts"
+echo "* remove $run_directory_path content"
+echo "* reboot the SBC"
+echo "* go to http://$fqdn/ to set up Openmediavault"
+echo "* set up lighttpd"
+echo "And perhaps:"
+echo "* set htop at your convenience"
+echo "* use below commands to edit SSH config:"
+echo "    sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config"
+echo "    sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config" # NOTE This one is different from the others, because of OMV setup
+exit 0