DEROO/DebianTweaks
1
0
Fork 0
Code Pull Requests Actions Activity

Update DebianTweaks.sh

Browse Source
This commit is contained in:
Thomas de Roo
2023-09-01 13:35:22 +02:00
parent 21169c33a4
commit c60fca2a93
1 changed files with 22 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
DebianTweaks.sh
View File

@@ -1,27 +1,32 @@
#!/bin/bash #!/bin/bash
echo "--------------------"
#Set the correct mailer fqdn echo Set the correct mailer fqdn
echo $(hostname -f) > /etc/mailname echo $(hostname -f) > /etc/mailname
# Forward mail to root echo "--------------------"
echo Forward mail to root
echo root: thomas@de-roo.org >> /etc/aliases echo root: thomas@de-roo.org >> /etc/aliases
/usr/bin/newaliases /usr/bin/newaliases
#Add mailto address in crontab echo "--------------------"
echo Add mailto address in crontab
awk '/PATH=\/usr\/local\/sbin:\/usr\/local\/bin:\/sbin:\/bin:\/usr\/sbin:\/usr\/bin/ { print; print "MAILTO=thomas@de-roo.org"; next }1' /etc/crontab > /tmp/crontab.temp awk '/PATH=\/usr\/local\/sbin:\/usr\/local\/bin:\/sbin:\/bin:\/usr\/sbin:\/usr\/bin/ { print; print "MAILTO=thomas@de-roo.org"; next }1' /etc/crontab > /tmp/crontab.temp
cat /tmp/crontab.temp > /etc/crontab cat /tmp/crontab.temp > /etc/crontab
rm /tmp/crontab.temp rm /tmp/crontab.temp
#Better logon-message echo "--------------------"
echo Better logon-message
figlet $(hostname)>/etc/motd figlet $(hostname)>/etc/motd
#Apt Updates echo "--------------------"
echo Apt Updates
curl https://git.de-roo.org/DEROO/apt-update/raw/branch/main/apt-update.sh -o /usr/local/bin/apt-update.sh curl https://git.de-roo.org/DEROO/apt-update/raw/branch/main/apt-update.sh -o /usr/local/bin/apt-update.sh
chmod a+x /usr/local/bin/apt-update.sh chmod a+x /usr/local/bin/apt-update.sh
echo 0 0 * * * root /usr/local/bin/apt-update.sh >> /etc/crontab echo 0 0 * * * root /usr/local/bin/apt-update.sh >> /etc/crontab
#SNMP things. N.B.: replace VULHIERDELOCATIEIN later echo "--------------------"
echo SNMP things. N.B.: replace VULHIERDELOCATIEIN later
cat > /etc/snmp/snmpd.conf << 'EOF' cat > /etc/snmp/snmpd.conf << 'EOF'
sysLocation VULHIERDELOCATIEIN sysLocation VULHIERDELOCATIEIN
sysContact Thomas de Roo <thomas@de-roo.org> sysContact Thomas de Roo <thomas@de-roo.org>
@@ -49,7 +54,8 @@ echo @reboot root chmod 444 /sys/devices/virtual/dmi/id/product_serial >> /etc/c
chmod 444 /sys/devices/virtual/dmi/id/product_serial chmod 444 /sys/devices/virtual/dmi/id/product_serial
systemctl restart snmpd systemctl restart snmpd
# Debian Trixie apt sources echo "--------------------"
echo Debian Trixie apt sources
cat > /etc/apt/sources.list << "EOF" cat > /etc/apt/sources.list << "EOF"
deb http://deb.debian.org/debian trixie main contrib non-free non-free-firmware deb http://deb.debian.org/debian trixie main contrib non-free non-free-firmware
deb-src http://deb.debian.org/debian trixie main contrib non-free non-free-firmware deb-src http://deb.debian.org/debian trixie main contrib non-free non-free-firmware
@@ -71,14 +77,16 @@ deb [arch=amd64] http://packages.microsoft.com/repos/code stable main
EOF EOF
apt install gnupg -y apt install gnupg -y
# Chrome echo Chrome
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4EB27DB2A3B88B8B apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4EB27DB2A3B88B8B
# Microsoft echo Microsoft
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys EB3E94ADBE1229CF apt-key adv --keyserver keyserver.ubuntu.com --recv-keys EB3E94ADBE1229CF
# Multimedia echo Multimedia
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5C808C2B65558117 apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5C808C2B65558117
ln -s /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d/ ln -s /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d/
# osquery
echo "--------------------"
echo osquery
mkdir -p /etc/apt/keyrings mkdir -p /etc/apt/keyrings
curl -L https://pkg.osquery.io/deb/pubkey.gpg | sudo tee /etc/apt/keyrings/osquery.asc curl -L https://pkg.osquery.io/deb/pubkey.gpg | sudo tee /etc/apt/keyrings/osquery.asc
cat >> /etc/apt/sources.list.d/osquery.list << "EOF" cat >> /etc/apt/sources.list.d/osquery.list << "EOF"
@@ -124,7 +132,8 @@ EOF
systemctl enable osqueryd systemctl enable osqueryd
systemctl start osqueryd systemctl start osqueryd
# Wazuh agent echo "--------------------"
echo Wazuh agent
curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg
echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
apt update apt update