MySpace/Docs
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add UFW bash installation script

Browse Source
This commit is contained in:
Johan 2022-12-22 08:25:34 +01:00
parent 8f69ccf45b
commit 32afd217a9
5 changed files with 52 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
BashScripts/README.md
View File

@ -12,6 +12,12 @@ sudo su -c "bash <(wget -qO- https://git.myspace.nu/MySpace/Docs/raw/branch/mast
sudo su -c "bash <(wget -qO- https://git.myspace.nu/MySpace/Docs/raw/branch/master/BashScripts/install-mysql.sh)" sudo su -c "bash <(wget -qO- https://git.myspace.nu/MySpace/Docs/raw/branch/master/BashScripts/install-mysql.sh)"
``` ```
## Install UFW (and disable iptables)
```bash
sudo su -c "bash <(wget -qO- https://git.myspace.nu/MySpace/Docs/raw/branch/master/BashScripts/install-ufw.sh)"
```
## Install Bind ## Install Bind
```bash ```bash

2
BashScripts/install-apache.sh
View File

@ -9,7 +9,7 @@ mkdir /home/$REALUSER/www 2>>install.log &
#apt install docker.io #apt install docker.io
# apt update 2>>install.log && apt update -qq 2>>install.log
apt install apache2 -y 2>>install.log && apt install apache2 -y 2>>install.log &&
apt install samba -y 2>>install.log && apt install samba -y 2>>install.log &&

4
BashScripts/install-mysql.sh
View File

@ -20,10 +20,10 @@ fi
read -e -p "Enter desired root password:" ROOTPASSWORD read -e -p "Enter desired root password:" ROOTPASSWORD
if mysql -e "SELECT user,host FROM mysql.user WHERE host = '192.168.%.%';" | grep -q 'root'; then if mysql -e "SELECT user,host FROM mysql.user WHERE host = '192.168.%.%';" | grep -q 'root'; then
echo "Altering root user with password $ROOTPASSWORD" echo "Altering root user with password $ROOTPASSWORD"
mysql -e "ALTER USER 'root'@'192.168.%.%' IDENTIFIED BY '$ROOTPASSWORD';" mysql -e "ALTER USER 'root'@'192.168.%.%' IDENTIFIED WITH mysql_native_password BY '$ROOTPASSWORD';"
else else
echo "Adding root user with password $ROOTPASSWORD" echo "Adding root user with password $ROOTPASSWORD"
mysql -e "CREATE USER 'root'@'192.168.%.%' IDENTIFIED BY '$ROOTPASSWORD';" mysql -e "CREATE USER 'root'@'192.168.%.%' IDENTIFIED WITH mysql_native_password BY '$ROOTPASSWORD';"
fi fi
mysql -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.%.%' WITH GRANT OPTION;" mysql -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.%.%' WITH GRANT OPTION;"
mysql -e "FLUSH PRIVILEGES;" mysql -e "FLUSH PRIVILEGES;"

2
BashScripts/install-ubuntu-dc.sh
View File

@ -8,6 +8,8 @@ if [[ $EUID -ne 0 ]]; then
fi fi
REALUSER=$(logname) REALUSER=$(logname)
apt update -qq 2>>install.log
IP=$(ip route get 8.8.8.8 | sed -n '/src/{s/.*src *\([^ ]*\).*/\1/p;q}') IP=$(ip route get 8.8.8.8 | sed -n '/src/{s/.*src *\([^ ]*\).*/\1/p;q}')
GATEWAY=$(/sbin/ip route | awk '/default/ { print $3 }') GATEWAY=$(/sbin/ip route | awk '/default/ { print $3 }')
OS_VERSION=$(grep -oP 'VERSION_ID="\K[\d.]+' /etc/os-release) OS_VERSION=$(grep -oP 'VERSION_ID="\K[\d.]+' /etc/os-release)

41
BashScripts/install-ufw.sh Normal file
View File

@ -0,0 +1,41 @@
# Install using: sudo su -c "bash <(wget -qO- /url/to/install-ufw.sh)"
# Make sure script is ran as root
if [[ $EUID -ne 0 ]]; then
exec sudo /bin/bash "$0" "$@"
fi
REALUSER=$(logname)
apt update -qq 2>>install.log
iptables --list >/dev/null 2>&1 && (
echo "Disabling iptables..."
# Accept all traffic first to avoid ssh lockdown via iptables firewall rules #
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# Flush All Iptables Chains/Firewall rules #
iptables -F
# Delete all Iptables Chains #
iptables -X
# Flush all counters too #
iptables -Z
# Flush and delete all nat and mangle #
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t raw -F
iptables -t raw -X
)
ufw status >/dev/null 2>&1 || (
echo "Installing UFW..."
apt install ufw -y 2>>install.log
ufw default allow outgoing 2>>install.log
ufw default deny incoming 2>>install.log
ufw allow ssh 2>>install.log
ufw enable 2>>install.log
)
echo 'Installation complete'