archlinux/post/run.sh

#!/bin/bash

REPO=https://git.xoservice.nl/marcel/archlinux
GREEN='\033[0;32m'
RED='\033[0;31m'
NOCOL='\033[0m'
echo -ne "${GREEN}Enter system hostname...${NOCOL}"
read NEWNAME
hostnamectl set-hostname $NEWNAME
echo -e "${GREEN}Setting remote control requirements...${NOCOL}"
groupadd admins
useradd -g admins -m -r -c "System administrator" sysadmin
echo "%admins ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/admins
mkdir -p /home/sysadmin/.ssh
chmod 700 /home/sysadmin/.ssh
curl -so /home/sysadmin/.ssh/authorized_keys $REPO/raw/master/post/ansible.pub
chown -R sysadmin:admins /home/sysadmin/.ssh

echo -e "${GREEN}Disable root user SSH access...${NOCOL}"
sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
sed -i 's/PermitRootLogin without-password/PermitRootLogin no/' /etc/ssh/sshd_config

echo -e "${GREEN}Configuring and enabling default firewall...${NOCOL}"
curl -so /etc/iptables/iptables.rules $REPO/raw/master/post/iptables.rules
curl -so /etc/iptables/ip6tables.rules $REPO/raw/master/post/ip6tables.rules
systemctl enable iptables
systemctl enable ip6tables

echo -e "${GREEN}Install minimal required packages...${NOCOL}"
pacman --noconfirm -S cronie rsync iftop htop bash-completion iotop lsof screen neofetch neovim man-db inetutils base-devel git
ln -s /usr/bin/nvim /usr/bin/vi

echo -e "${GREEN}Setup motd default...${NOCOL}"
echo "" > /etc/motd
echo "neofetch" > /etc/profile.d/neofetch.sh
chmod +x /etc/profile.d/neofetch.sh

echo -e "${GREEN}Install deployment script...${NOCOL}"
curl -so /usr/local/bin/deploy https://git.xoservice.nl/marcel/deploy/raw/master/deploy.sh
chown root:root /usr/local/bin/deploy
chmod ug+x /usr/local/bin/deploy

echo -e "${GREEN}Optimizing makepkg settings...${NOCOL}"
sed -i 's/#MAKEFLAGS="-j2"/MAKEFLAGs="-j$(nproc)"/g' /etc/makepkg.conf
systemctl mask tmp.mount

echo -e "${RED}All done, reboot in 10 seconds...${NOCOL}"
sleep 10
reboot