-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathbootstrap.sh
More file actions
38 lines (28 loc) · 1.24 KB
/
bootstrap.sh
File metadata and controls
38 lines (28 loc) · 1.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#!/usr/bin/env bash
set -euo pipefail
if [ "$EUID" -ne 0 ]; then
echo "Run as root."
exit 1
fi
export DEBIAN_FRONTEND=noninteractive
PACKAGES=(sudo vim nano curl wget tree git htop rsync net-tools lm-sensors smartmontools ca-certificates openssh-server ufw fail2ban unattended-upgrades)
DOCKER_PACKAGES=(docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin)
ALL_PACKAGES=("${PACKAGES[@]}" "${DOCKER_PACKAGES[@]}")
apt-get update
apt-get install -y "${PACKAGES[@]}"
# Add Docker's official GPG key
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
# Refresh Apt again to include Docker repo
apt-get update
apt-get install -y "${DOCKER_PACKAGES[@]}"
echo "Installed: ${ALL_PACKAGES[*]}"
# Configure UFW
ufw allow ssh
ufw --force enable
ufw status verbose
# Configure unattended-upgrades
dpkg-reconfigure --priority=low unattended-upgrades