Added setup scripts

Putty tutorial in progress
4 years ago · 874d2903c3
parent 660dc0c69e
commit 874d2903c3
4 changed files with 138 additions and 0 deletions
--- a/setup/part-1-ubuntu-initial-setup.sh
+++ b/setup/part-1-ubuntu-initial-setup.sh
@ -0,0 +1,92 @@
+#!/bin/bash
+set -euo pipefail
+
+########################
+### SCRIPT VARIABLES ###
+########################
+
+# Name of the user to create and grant sudo privileges
+USERNAME=yourusername
+RACKNERDHOSTNAME=hostnameyouwant
+
+# Whether to copy over the root user's `authorized_keys` file to the new sudo
+# user.
+COPY_AUTHORIZED_KEYS_FROM_ROOT=false
+
+# Additional public keys to add to the new sudo user
+# OTHER_PUBLIC_KEYS_TO_ADD=(
+#     "ssh-rsa AAAAB..."
+#     "ssh-rsa AAAAB..."
+# )
+
+#This is my public key insert your own public key here
+OTHER_PUBLIC_KEYS_TO_ADD=(
+		"ssh-rsa AAAAB3NzaC1S1eqP9n9bAmxw1X3CGP1DM7cJPssLZVB1oA/m6AswYbLl2Un0hzKrQUXK4HPpMn2mzUn3JuyBfHSGDkmpWAa5XQRdARdN0DeUm7Qyu463jRD/QI7Zkft4CxG5H4YTud3Gn2QzpZy3eoDf1tNhxA03xNCkDJ2FS2p11Ov/dxnmCbOBfpxDm1neYZWhcDVimweCFSmZrx62I+Z2jXFIjEQ9caHFCSXyRtVHbpFK0M0LATuTt61mvlBT7WLA0iHwcpj17V0I0As8AtOaoyPuFtGPPVnMPm77nCnrn0VEfDZsb9aGt8BmcUHKSWF+dQAH5tAR42GfSmvTAYABEh7RmBPaRiNvSClZ7QGHkHAi== 96:2c:83:0f:2c:48:fc:cc:fa:89:28:98:4d:f1:91:e6 rsa-key-20200223"
+)
+
+####################
+### SCRIPT LOGIC ###
+####################
+
+# Add sudo user and grant privileges
+useradd --create-home --shell "/bin/bash" --groups sudo "${USERNAME}"
+
+# Check whether the root account has a real password set
+encrypted_root_pw="$(grep root /etc/shadow | cut --delimiter=: --fields=2)"
+
+if [ "${encrypted_root_pw}" != "*" ]; then
+    # Transfer auto-generated root password to user if present
+    # and lock the root account to password-based access
+    echo "${USERNAME}:${encrypted_root_pw}" | chpasswd --encrypted
+    passwd --lock root
+else
+    # Delete invalid password for user if using keys so that a new password
+    # can be set without providing a previous value
+    passwd --delete "${USERNAME}"
+fi
+
+# Expire the sudo user's password immediately to force a change
+# chage --lastday 0 "${USERNAME}"
+
+# Create SSH directory for sudo user
+home_directory="$(eval echo ~${USERNAME})"
+mkdir --parents "${home_directory}/.ssh"
+
+# Copy `authorized_keys` file from root if requested
+if [ "${COPY_AUTHORIZED_KEYS_FROM_ROOT}" = true ]; then
+    cp /root/.ssh/authorized_keys "${home_directory}/.ssh"
+fi
+
+# Add additional provided public keysex
+for pub_key in "${OTHER_PUBLIC_KEYS_TO_ADD[@]}"; do
+    echo "${pub_key}" >> "${home_directory}/.ssh/authorized_keys"
+done
+
+# Adjust SSH configuration ownership and permissions
+chmod 0700 "${home_directory}/.ssh"
+chmod 0600 "${home_directory}/.ssh/authorized_keys"
+chown --recursive "${USERNAME}":"${USERNAME}" "${home_directory}/.ssh"
+
+# Disable root SSH login with password. 2nd line disables PasswordAuthentication for sudo user
+sed --in-place 's/^PermitRootLogin.*/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
+sed --in-place 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
+if sshd -t -q; then
+    systemctl restart sshd
+fi
+
+# Add exception for SSH and then enable UFW firewall
+#ufw allow OpenSSH
+#ufw --force enable
+
+# Make sudo user  passwordless sudo
+echo "${USERNAME} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
+
+# RackNerd Fix hostname issue
+hostnamectl set-hostname $RACKNERDHOSTNAME
+
+# Change Time Zone to PST
+timedatectl set-timezone America/Los_Angeles
+
+# RackNerd Fix hostname issue continued
+# Open the /etc/hosts file and change the old hostname to the new one.
+# This one is more complicated to automate so do this manually.
--- a/setup/part-2-docker-scripts.sh
+++ b/setup/part-2-docker-scripts.sh
@ -0,0 +1,25 @@
+#!/bin/bash
+set -euo pipefail
+
+########################
+### SCRIPT VARIABLES ###
+########################
+
+# Name of the user to create and grant sudo privileges
+USERNAME=yourusername
+
+# Change Time Zone to PST
+timedatectl set-timezone America/Los_Angeles
+
+apt update
+apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
+apt update
+apt-cache policy docker-ce
+apt install docker-ce
+systemctl status docker
+usermod -aG docker ${USERNAME}
+
+curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+chmod +x /usr/local/bin/docker-compose
--- a/tutorial/README.md
+++ b/tutorial/README.md
@ -0,0 +1,21 @@
+This guide was written for Windows Users using PuTTY
+
+In order to setup SSH access to a linux machine by keys you need to paste in the public key on the linux machine in a file located in /home/yourusername/.ssh/authorized_keys 
+
+To get that public key you need to generate a private key first.
+
+It’s important that you don’t share your private key. Your public key can be shared without any issues. You only need one private key to SSH to multiple machines.
+
+
+## 1.0 Best Practices
+Only use one private key per physical machine. Public key however can be on many Linux machines. If you have a Desktop and a Laptop for example. They both should have their own private keys. However their public keys should be on each of the Linux machines you want to access.
+
+
+## 1.1 Generating Public Private Key Pair
+
+Download putty somewhere on the Internet and install it. Personally I use ninite.com, check PuTTY, download, then run the installer.
+
+After putty is installed search for PutTTYgen in Windows and run it.
+
+
+
--- a/tutorial/search-putty-gen.png
+++ b/tutorial/search-putty-gen.png