diff --git a/BashScripts/README.md b/BashScripts/README.md index 8da364f..eb0aef8 100644 --- a/BashScripts/README.md +++ b/BashScripts/README.md @@ -12,6 +12,12 @@ sudo su -c "bash <(wget -qO- https://git.myspace.nu/MySpace/Docs/raw/branch/mast sudo su -c "bash <(wget -qO- https://git.myspace.nu/MySpace/Docs/raw/branch/master/BashScripts/install-mysql.sh)" ``` +## Install UFW (and disable iptables) + +```bash +sudo su -c "bash <(wget -qO- https://git.myspace.nu/MySpace/Docs/raw/branch/master/BashScripts/install-ufw.sh)" +``` + ## Install Bind ```bash diff --git a/BashScripts/install-apache.sh b/BashScripts/install-apache.sh index 39cd218..d5605f9 100644 --- a/BashScripts/install-apache.sh +++ b/BashScripts/install-apache.sh @@ -9,7 +9,7 @@ mkdir /home/$REALUSER/www 2>>install.log & #apt install docker.io -# apt update 2>>install.log && +apt update -qq 2>>install.log apt install apache2 -y 2>>install.log && apt install samba -y 2>>install.log && diff --git a/BashScripts/install-mysql.sh b/BashScripts/install-mysql.sh index f3769f3..e575074 100644 --- a/BashScripts/install-mysql.sh +++ b/BashScripts/install-mysql.sh @@ -20,10 +20,10 @@ fi read -e -p "Enter desired root password:" ROOTPASSWORD if mysql -e "SELECT user,host FROM mysql.user WHERE host = '192.168.%.%';" | grep -q 'root'; then echo "Altering root user with password $ROOTPASSWORD" - mysql -e "ALTER USER 'root'@'192.168.%.%' IDENTIFIED BY '$ROOTPASSWORD';" + mysql -e "ALTER USER 'root'@'192.168.%.%' IDENTIFIED WITH mysql_native_password BY '$ROOTPASSWORD';" else echo "Adding root user with password $ROOTPASSWORD" - mysql -e "CREATE USER 'root'@'192.168.%.%' IDENTIFIED BY '$ROOTPASSWORD';" + mysql -e "CREATE USER 'root'@'192.168.%.%' IDENTIFIED WITH mysql_native_password BY '$ROOTPASSWORD';" fi mysql -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.%.%' WITH GRANT OPTION;" mysql -e "FLUSH PRIVILEGES;" diff --git a/BashScripts/install-ubuntu-dc.sh b/BashScripts/install-ubuntu-dc.sh index f7d4b7d..d84fc31 100644 --- a/BashScripts/install-ubuntu-dc.sh +++ b/BashScripts/install-ubuntu-dc.sh @@ -8,6 +8,8 @@ if [[ $EUID -ne 0 ]]; then fi REALUSER=$(logname) +apt update -qq 2>>install.log + IP=$(ip route get 8.8.8.8 | sed -n '/src/{s/.*src *\([^ ]*\).*/\1/p;q}') GATEWAY=$(/sbin/ip route | awk '/default/ { print $3 }') OS_VERSION=$(grep -oP 'VERSION_ID="\K[\d.]+' /etc/os-release) diff --git a/BashScripts/install-ufw.sh b/BashScripts/install-ufw.sh new file mode 100644 index 0000000..2625f09 --- /dev/null +++ b/BashScripts/install-ufw.sh @@ -0,0 +1,41 @@ +# Install using: sudo su -c "bash <(wget -qO- /url/to/install-ufw.sh)" + +# Make sure script is ran as root +if [[ $EUID -ne 0 ]]; then + exec sudo /bin/bash "$0" "$@" +fi +REALUSER=$(logname) + +apt update -qq 2>>install.log + +iptables --list >/dev/null 2>&1 && ( + echo "Disabling iptables..." + # Accept all traffic first to avoid ssh lockdown via iptables firewall rules # + iptables -P INPUT ACCEPT + iptables -P FORWARD ACCEPT + iptables -P OUTPUT ACCEPT + # Flush All Iptables Chains/Firewall rules # + iptables -F + # Delete all Iptables Chains # + iptables -X + # Flush all counters too # + iptables -Z + # Flush and delete all nat and mangle # + iptables -t nat -F + iptables -t nat -X + iptables -t mangle -F + iptables -t mangle -X + iptables -t raw -F + iptables -t raw -X +) + +ufw status >/dev/null 2>&1 || ( + echo "Installing UFW..." + apt install ufw -y 2>>install.log + ufw default allow outgoing 2>>install.log + ufw default deny incoming 2>>install.log + ufw allow ssh 2>>install.log + ufw enable 2>>install.log +) + +echo 'Installation complete' \ No newline at end of file