-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun-setup
executable file
·70 lines (52 loc) · 2.28 KB
/
run-setup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
#!/bin/bash
set -eu
# First check if we have a valid config file that stores username and email address
# If we do not, then we will prompt user and create it
configFile=/home/$USER/.linux-setup.conf
function promptUserForSetupInfo() {
read -p 'Enter Author Name for Git: ' gitUsername
read -p 'Enter Email Address: ' gitEmail
echo ""
echo ""
echo "Answers cached in: $configFile, and will not be reprompted"
echo "Delete the cached file to be reprompted"
echo ""
echo ""
echo "git_user=$gitUsername" > $configFile
echo "git_email=$gitEmail" >> $configFile
}
if [ ! -f "$configFile" ] || ! grep -q "git_user" $configFile || ! grep -q "git_email" $configFile; then
promptUserForSetupInfo
fi
hash ansible-playbook 2> /dev/null || sudo apt install ansible -y
gitUsername=$(grep "git_user" $configFile | sed 's/.*=//')
gitEmail=$(grep "git_email" $configFile | sed 's/.*=//')
if [ -z $gitUsername ] || [ -z "$gitEmail" ]; then
echo "Error reading Git author name and email from file: $configFile"
echo "Try deleting that file and re-running this script to recreate it."
exit 1
fi
echo "Type in your password to allow sudo commands to be run:"
sudo echo "[OK] sudo access is granted"
# Disables kernel addresses from being visible to anyone, even root
sudo sed -i 's/\(kernel.kptr_restrict = \).*/\12/' /etc/sysctl.d/10-kernel-hardening.conf
# set all desktop start up to not be hidden
sudo sed -i 's/NoDisplay=true/NoDisplay=false/g' /etc/xdg/autostart/*.desktop
# disallow ssh password login
sudo sed -i 's/^#\(.*PasswordAuthentication\) .*/\1 no/' /etc/ssh/ssh_config
# make sure grub menu always displays on startup
# Helps ensure that we can always enter 'recovery' mode if we need it
sudo sed -i 's/^GRUB_TIMEOUT_STYLE=.*/GRUB_TIMEOUT_STYLE=menu/' /etc/default/grub
sudo sed -i 's/^GRUB_TIMEOUT=.*/GRUB_TIMEOUT=5/' /etc/default/grub
# cleanup boiler plate directories
rm -rf ~/Documents/ ~/Music/ ~/Pictures/ ~/Public/ ~/Templates/ ~/Videos/
if [ ! -d ~/.scm_breeze/ ]; then
git clone [email protected]:scmbreeze/scm_breeze.git ~/.scm_breeze
fi
~/.scm_breeze/install.sh
ANSIBLE_CONFIG=./ansible/ansible.cfg ansible-playbook \
--inventory "localhost," \
--connection local \
--extra-vars "git_author_name=$gitUsername" \
--extra-vars "git_email=$gitEmail" \
ansible/system-setup.yml