diff --git a/pre/config.json b/config.json similarity index 100% rename from pre/config.json rename to config.json diff --git a/post/run.sh b/postinst.sh similarity index 77% rename from post/run.sh rename to postinst.sh index f229a54..e1f0b90 100644 --- a/post/run.sh +++ b/postinst.sh @@ -1,22 +1,28 @@ #!/bin/bash -echo "THIS SCRIPT IS BROKEN" -exit 1 - -REPO=https://git.xo.nl/marcel/archlinux +REPO=https://git.xo.nl/marcel GREEN='\033[0;32m' RED='\033[0;31m' NOCOL='\033[0m' +NAME=null +PASS=null + +echo "GIT Username: " +read NAME +echo -s "GIT Password: " +read -s PASS + echo -ne "${GREEN}Enter system hostname...${NOCOL}" read NEWNAME hostnamectl set-hostname $NEWNAME + echo -e "${GREEN}Setting remote control requirements...${NOCOL}" groupadd admins useradd -g admins -m -r -c "System administrator" sysadmin echo "%admins ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/admins mkdir -p /home/sysadmin/.ssh chmod 700 /home/sysadmin/.ssh -curl -so /home/sysadmin/.ssh/authorized_keys $REPO/raw/branch/master/post/ansible.pub +curl -u $NAME:$PASS -so /home/sysadmin/.ssh/authorized_keys $REPO/secrets/raw/branch/main/users/ansible.pub chown -R sysadmin:admins /home/sysadmin/.ssh echo -e "${GREEN}Switching to LTS Kernel...${NOCOL}" @@ -29,8 +35,8 @@ sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config sed -i 's/PermitRootLogin without-password/PermitRootLogin no/' /etc/ssh/sshd_config echo -e "${GREEN}Configuring default firewall...${NOCOL}" -curl -so /etc/iptables/iptables.rules $REPO/raw/branch/master/post/iptables.rules -curl -so /etc/iptables/ip6tables.rules $REPO/raw/branch/master/post/ip6tables.rules +curl -u $USER:$PASS -so /etc/iptables/iptables.rules $REPO/secrets/raw/branch/main/iptables/iptables.rules +curl -u $USER:$PASS -so /etc/iptables/ip6tables.rules $REPO/secrets/raw/branch/main/iptables/ip6tables.rules echo -e "${GREEN}Install minimal required packages...${NOCOL}" pacman --noconfirm -S cronie rsync iftop htop bash-completion iotop lsof screen fastfetch neovim man-db inetutils base-devel git @@ -47,7 +53,7 @@ echo "fastfetch" > /etc/profile.d/fastfetch.sh chmod +x /etc/profile.d/fastfetch.sh echo -e "${GREEN}Install deployment script...${NOCOL}" -curl -so /usr/local/bin/deploy https://git.xo.nl/marcel/deploy/raw/branch/master/deploy.sh +curl -so /usr/local/bin/deploy $REPO/deploy/raw/branch/master/deploy.sh chown root:root /usr/local/bin/deploy chmod ug+x /usr/local/bin/deploy diff --git a/pre/run.sh b/pre/run.sh deleted file mode 100644 index 36530c8..0000000 --- a/pre/run.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -echo "THIS SCRIPT IS BROKEN" -exit 1 - -REPO=https://git.xo.nl/marcel/archlinux - -curl -O $REPO/raw/branch/master/pre/users.crypt -gpg --output users.json --decrypt users.crypt - -if test -s ./users.json; -then - archinstall --config $REPO/raw/master/pre/config.json --creds ./users.json --silent - reboot -else - echo "users.json not found in current directory or file is empty" - exit 1 -fi diff --git a/preinst.sh b/preinst.sh new file mode 100644 index 0000000..1d6dfa0 --- /dev/null +++ b/preinst.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +REPO=https:/git.xo.nl/marcel +NAME=null +PASS=null + +echo "GIT username: " +read NAME +echo -s "GIT password: " +read -s PASS +curl -u $NAME:$PASS -O $REPO/secrets/raw/branch/main/users/users.crypt +gpg --output users.json --decrypt users.crypt +if test -s ./users.json +then + archinstall --config $REPO/archinstall/raw/master/config.json --creds ./users.json --silent + reboot +else + echo "users.json not found in current directory or file is empty" + exit 1 +fi