diff options
| author | hitlerrip <git@hitler.rip> | 2025-08-05 17:59:18 +0200 |
|---|---|---|
| committer | hitlerrip <git@hitler.rip> | 2025-08-05 17:59:18 +0200 |
| commit | 82beff57670795171ab994c4c63ed861bc1fb3af (patch) | |
| tree | d6474cc252e62efda2f8fe7ba186b517d7e15ead | |
| parent | 32cd3778cd5b7d76dfd4f240108cedbf732db486 (diff) | |
| download | website-82beff57670795171ab994c4c63ed861bc1fb3af.tar.gz website-82beff57670795171ab994c4c63ed861bc1fb3af.tar.bz2 website-82beff57670795171ab994c4c63ed861bc1fb3af.zip | |
run.sh
finished initial version of `run.sh`
| -rw-r--r-- | README.md | 7 | ||||
| -rwxr-xr-x[-rw-r--r--] | run.sh | 195 |
2 files changed, 174 insertions, 28 deletions
@@ -30,13 +30,12 @@ custom directories are not supported yet. you will have to manually edit the bui ## To-Do -- run.sh - - title share options that link to id - add a copy button to code blocks - allow user to create directories - 404 page - -- style contact information +- git web ui +- auto deploy script +- database, php, npm for clicker game @@ -6,34 +6,181 @@ echo "# »» hitler.rip «« #" echo "####################" echo echo "[run] Note:" -echo "[run] this script assumes you already have an openssh server set up." +echo "[run] this script assumes you already have an openssh server set up properly." echo +echo "[run] installing base packages..." sudo apt update sudo apt upgrade -y +sudo apt install -y sudo vim git curl wget btop tmux +sudo usermod -aG sudo "$(whoami)" +sudo apt install -y nmap traceroute netcat-openbsd man man-db rsync ed bc unrar-free zip unzip lvm2 -sudo apt install -y sudo vim git curl wget btop - -# ADDITIONAL PACKAGES: -# lvm cryptsetup -# bind (nslookup) traceroute gnu-netcat -# man-pages man-db -# rsync -# ed bc -# nodejs npm -# unrar-free zip unzip -# smartmontools - -# WITH CONFIG: -# tmux -# my shell script -# fzf bat eza -# (vim btop) - -# ALSO: -# ufw -# fail2ban -# nginx +echo "[run] setting up classical vim..." +tee -a ~/.vimrc << END +syntax on +set number +set relativenumber +set tabstop=4 +set shiftwidth=4 +set hlsearch +set showmatch +set mouse=a +END -sudo usermod -aG sudo "$(whoami)" +echo "[run] setting up tmux..." +tee ~/.tmux.conf << EOF +unbind C-b +set-option -g prefix C-d +bind-key C-d send-prefix + +bind -n M-f detach +bind -n M-t kill-session +bind -n M-q kill-pane + +bind -n M-y split-window -h +bind -n M-x split-window -v +bind -n M-a select-pane -L +bind -n M-d select-pane -R +bind -n M-w select-pane -U +bind -n M-s select-pane -D +bind -nr M-h resize-pane -L 1 +bind -nr M-j resize-pane -D 1 +bind -nr M-k resize-pane -U 1 +bind -nr M-l resize-pane -R 1 +bind -nr M-Left resize-pane -L 1 +bind -nr M-Down resize-pane -D 1 +bind -nr M-Up resize-pane -U 1 +bind -nr M-Right resize-pane -R 1 +bind -n M-c swap-pane -D + +bind -n M-g prev +bind -n M-b next +bind -n M-v new-window + +bind -n M-e command-prompt -I '#W' { rename-window -- '%%' } +bind -n M-r command-prompt -I '#W' { select-pane -T '%%' } + +set -g base-index 1 +setw -g pane-base-index 1 +set-option -g allow-rename off +setw -g automatic-rename off +set -g renumber-windows on + +set -g pane-border-status top +set -g pane-border-format " [ ###P #T ] " +set -g pane-active-border-style "fg=magenta" + +set -g mouse on +set -g default-terminal "tmux-256color" + +set-window-option -g window-status-separator '' +set -gF window-status-format "#[bg=default,fg=white] ##I " +set -gF window-status-current-format "#[bg=magenta,fg=default] ##I " +set -gF status-style "bg=default,fg=white" + +set -g status-right-length 100 +set -g status-left-length 100 +set -g status-left "" +set -g status-right "" +set -g status-right "#[fg=white]#S #[fg=magenta]| #[fg=white]#(whoami)#[fg=magenta]@#[fg=white]#H #[fg=magenta]| %Y-%m-%d %H:%M" +EOF +tmux source ~/.tmux.conf + +echo "[run] installing server packages..." +sudo apt install -y ufw fail2ban +sudo ufw allow http +sudo ufw allow https +sudo ufw allow ssh +#sudo ufw allow 41641/udp # tailscale +#sudo ufw allow 1965/tcp # gemini +sudo ufw default deny incoming +sudo ufw default allow outgoing +sudo ufw enable +sudo systemctl enable ufw +sudo systemctl start ufw +sudo tee /etc/fail2ban/jail.local << EOF +[sshd] +enabled = true +filter = sshd +port = ssh +banaction = ufw +banaction_allports = ufw +bantime = -1 +maxretry = 3 +logpath = \$(sshd_log)s +backend = systemd +EOF +sudo systemctl enable fail2ban +sudo systemctl start fail2ban + +echo "[run] setting up nginx..." +sudo apt install -y nginx python3-certbot-nginx +sudo certbot --nginx + # web@hitler.rip + # Y + # N + # hitler.rip www.hitler.rip links.hitler.rip git.hitler.rip +sudo tee /etc/nginx/sites-available/default << EOF +server { + server_name hitler.rip www.hitler.rip links.hitler.rip; + + if (\$host = links.hitler.rip) { + return 301 https://hitler.rip/links$request_uri; + } + if (\$host = www.hitler.rip) { + return 301 https://hitler.rip$request_uri; + } + + if (\$host = git.hitler.rip) { + return 404; + } + + root /srv/web; + index index.html; + location / { + try_files $uri $uri/ =404; + } + listen [::]:443 ssl ipv6only=on; + listen 443 ssl; + ssl_certificate /etc/letsencrypt/live/hitler.rip/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/hitler.rip/privkey.pem; + include /etc/letsencrypt/options-ssl-nginx.conf; + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; +} + +server { + if (\$host = hitler.rip) { + return 301 https://hitler.rip$request_uri; + } + if (\$host = www.hitler.rip) { + return 301 https://hitler.rip$request_uri; + } + if (\$host = links.hitler.rip) { + return 301 https://hitler.rip/links$request_uri; + } + if (\$host = git.hitler.rip) { + return 301 https://git.hitler.rip$request_uri; + } + listen 80; + listen [::]:80; + serer_name hitler.rip www.hitler.rip links.hitler.rip git.hitler.rip; + return 301 https://hitler.rip$request_uri; +} +EOF +sudo mkdir -p /srv/web/ +sudo chown -R $(whoami) /srv/web/ +sudo systemctl restart nginx +sudo systemctl enable nginx +echo "[run] setting up git server..." +sudo adduser --shell $(which git-shell) git +sudo mkdir /home/git/.ssh/ +sudo cp ~/.ssh/authorized_keys /home/git/.ssh/ +sudo chown -R git /home/git/.ssh/ +sudo chmod 700 /home/git/.ssh/ +sudo chmod 600 /home/git/.ssh/authorized_keys +sudo mkdir -p /srv/git/ +sudo chown -R git /srv/git/ +sudo mkdir -p /srv/pgit/ +sudo chown -R git /srv/pgit/ |