val
/
deployment_ddcdn_multisite
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

first commit

This commit is contained in:
Valentin 2024-10-23 01:46:08 +02:00
commit ffe4d0181c
8 changed files with 113 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md Normal file
View File

@ -0,0 +1,2 @@
Deployment [**D**ebian](https://www.debian.org/) (os) + [**D**ocker](https://www.docker.com/) (containerization) + [**C**addy](https://caddyserver.com/) (webserver) + [**D**irectus](https://directus.io/) (cms) + [**N**uxt](https://nuxt.com/) (static front).

9
bin/first-install/add_swap.sh Normal file
View File

@ -0,0 +1,9 @@
#!/bin/bash
fallocate -l 2G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo '/swapfile none swap sw 0 0' | tee -a /etc/fstab
echo -e "${PURPLE}${BOLD}2G swapfile created${RESET}"

21
bin/first-install/create_user.sh Normal file
View File

@ -0,0 +1,21 @@
#!/bin/bash
echo -e "${PURPLE}${BOLD}Create user${RESET}"
read -p "Enter username: " username
if id "$username" &>/dev/null; then
echo "User '$username' already exists."
exit 1
fi
echo -e "${ORANGE}${BOLD}Generate and store the password somewhere safe${RESET}"
read -s -p "Enter password: " password
echo
useradd -m "$username"
chsh -s /bin/bash $username
echo "$username:$password" | chpasswd
usermod -aG sudo $username
echo -e "${PURPLE}${BOLD}User '$username' created with password successfully.${RESET}"

12
bin/first-install/setup_frewall_fail2ban.sh Normal file
View File

@ -0,0 +1,12 @@
#!/bin/bash
echo -e "${PURPLE}${BOLD}Setup Firewall and Fail2ban${RESET}"
install_pkg ufw
install_pkg fail2ban
systemctl enable fail2ban
get_ssh_port
ufw allow $ssh_port
ufw allow http
ufw allow https
echo -e "${PURPLE}Firewall and Fail2ban are setup${RESET}"

13
bin/first-install/setup_ssh.sh Normal file
View File

@ -0,0 +1,13 @@
#!/bin/bash
echo -e "${PURPLE}${BOLD}Setup SSH${RESET}"
ssh_port=$((RANDOM % (65536 - 1024 + 1) + 1024))
touch /etc/ssh/sshd_config.d/custom.conf
echo "PermitRootLogin no" >> /etc/ssh/sshd_config.d/custom.conf
echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config.d/custom.conf
echo "Port ${ssh_port}" >> /etc/ssh/sshd_config.d/custom.conf
systemctl reload ssh
echo -e "${ORANGE}${BOLD}Store the ssh port ${ssh_port} somewhere safe${RESET}"

34
bin/first_install.sh Normal file
View File

@ -0,0 +1,34 @@
#!/bin/bash
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit
fi
# USER
echo -e "${PURPLE}${BOLD}Create a user ? (y/N) ${RESET}"
read answer
if [[ "$answer" == "y" ]]; then
. first-install/create_user.sh
fi
# SSH
echo -e "${PURPLE}${BOLD}Setup SSH ? (y/N) ${RESET}"
read answer
if [[ "$answer" == "y" ]]; then
. first-install/setup_ssh.sh
fi
# SWAP
echo -e "${PURPLE}${BOLD}Add SWAP ? (y/N) ${RESET}"
read answer
if [[ "$answer" == "y" ]]; then
. first-install/add_swap.sh
fi
# FIREWALL AND FAIL2BAN
echo -e "${PURPLE}${BOLD}Setup Firewall and Fail2ban ? (y/N) ${RESET}"
read answer
if [[ "$answer" == "y" ]]; then
. first-install/setup_firewall_fail2ban.sh
fi

8
bin/variables.sh Normal file
View File

@ -0,0 +1,8 @@
#!/bin/bash
# Texts layout
PURPLE='\033[35m'
ORANGE='\033[33m'
BLUE='\033[34m'
BOLD='\033[1m'
RESET='\033[0m'

14
install.sh Normal file
View File

@ -0,0 +1,14 @@
#!/bin/bash
. bin/variables.sh
echo -e "${PURPLE}${BOLD}Deployment Debian + Caddy + Directus + Nuxt${RESET}"
if [ "$(dirname "$(readlink -f "$0")")" != "$(pwd)" ]; then
echo "Please run this script from its directory."
exit
fi
# First install, root only
echo -e "${PURPLE}${BOLD}First server installation${RESET}"
. bin/first_install.sh