WiS/RPS-Client
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases 12 Activity

Compare commits

base: WiS:v1.6
Branches Tags
WiS:stable
WiS:latest WiS:v2.0 WiS:v1.8 WiS:v1.7 WiS:v1.6 WiS:v1.5 WiS:v1.4 WiS:v1.3 WiS:v1.2 WiS:v1.1 WiS:v1.0 WiS:v0.1
...
compare: WiS:v1.8
Branches Tags
WiS:stable
WiS:latest WiS:v2.0 WiS:v1.8 WiS:v1.7 WiS:v1.6 WiS:v1.5 WiS:v1.4 WiS:v1.3 WiS:v1.2 WiS:v1.1 WiS:v1.0 WiS:v0.1

4 Commits
v1.6 ... v1.8

Author SHA1 Message Date
Tim Eertmoed
c8f88bb40a install.sh aktualisiert 2024-11-11 17:37:44 +01:00
Tim Eertmoed
18cd5a388d install.sh aktualisiert 2024-11-09 22:13:38 +01:00
Tim Eertmoed
4547c21cba install.sh aktualisiert 2024-11-08 12:46:38 +01:00
Tim Eertmoed
61a4fabac9 install.sh aktualisiert 2024-11-08 12:40:54 +01:00
1 changed files with 57 additions and 60 deletions
Expand all files Collapse all files

113
install.sh
View File

@@ -36,63 +36,9 @@ sudo raspi-config nonint do_locale "de_DE.UTF-8" "de_DE.UTF-8" >> /var/log/insta
sudo raspi-config nonint do_timezone "Europe/Berlin" >> /var/log/install 2>&1 && print_status "Timezone set to Europe/Berlin"
sudo raspi-config nonint do_boot_order 3 >> /var/log/install 2>&1 && print_status "Boot order set to network boot"
echo -e "${RED}${NC} Configuring VNC..." | tee -a /var/log/install
sudo systemctl enable vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC service enabled"
sudo systemctl start vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC service started"
CONFIG_FILE="/root/.vnc/config.d/vncserver-x11"
if [ ! -d "$(dirname "$CONFIG_FILE")" ]; then
mkdir -p "$(dirname "$CONFIG_FILE")"
echo -e "${GREEN}${NC} Created directory for VNC config." | tee -a /var/log/install
fi
read -p "Do you want to set a VNC password? (y/n): " -r
if [[ $REPLY =~ ^[Yy](e[Ss]?)?$ ]]; then
vncpasswd
echo -e "${GREEN}${NC} VNC password has been set." | tee -a /var/log/install
else
echo -e "${GREEN}${NC} No VNC password will be set." | tee -a /var/log/install
fi
if [ "$(vncpasswd -o)" = 'none' ]; then
echo "Authentication=None" >> "$CONFIG_FILE"
echo "Geometry=1920x1080" >> "$CONFIG_FILE"
echo "# Version 1.0:" >> "$CONFIG_FILE"
echo "# Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspbian as custom PXE init script." >> "$CONFIG_FILE"
print_status "VNC config set to no authentication with geometry 1920x1080." >> /var/log/install 2>&1
else
echo "Authentication=VNC" >> "$CONFIG_FILE"
echo "Geometry=1920x1080" >> "$CONFIG_FILE"
echo "# Version 1.0:" >> "$CONFIG_FILE"
echo "# Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspbian as custom PXE init script." >> "$CONFIG_FILE"
print_status "VNC password is set. Authentication will be required." >> /var/log/install 2>&1
fi
sudo raspi-config nonint do_vnc 0 >>/var/log/install 2>&1 && print_status "VNC enabled in raspi-config"
sudo systemctl unmask vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC unmask"
sudo systemctl enable vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC enabled systemctl"
echo -e "${RED}${NC} Creating user 'loginuser'..." | tee -a /var/log/install
sudo adduser --disabled-password --gecos "" loginuser >>/var/log/install 2>&1 && print_status "User 'loginuser' created"
echo -e "${RED}${NC} Setting permissions for 'loginuser'..." | tee -a /var/log/install
sudo tee /etc/sudoers.d/loginuser >/dev/null << 'EOF'
loginuser ALL=(ALL) NOPASSWD: /usr/bin/systemctl start watchdog, /usr/bin/systemctl stop watchdog, /usr/bin/systemctl restart watchdog
loginuser ALL=(ALL) NOPASSWD: /usr/bin/systemctl stop watchdog-monitor
loginuser ALL=(ALL) NOPASSWD: /usr/bin/cat /var/lib/dhcp/*
loginuser ALL=(ALL) NOPASSWD: /usr/bin/cp /etc/watchdog.conf /etc/watchdog.conf.bak
loginuser ALL=(ALL) NOPASSWD: /usr/bin/tee /etc/watchdog.conf, /usr/bin/tee -a /etc/watchdog.conf
loginuser ALL=(ALL) NOPASSWD: /usr/bin/sed -i
loginuser ALL=(ALL) NOPASSWD: /usr/bin/sed -r 's/[x]+/,/g'
loginuser ALL=(ALL) NOPASSWD: /usr/bin/fbset -s
loginuser ALL=(ALL) NOPASSWD: /usr/bin/hostnamectl set-hostname
loginuser ALL=(ALL) NOPASSWD: /usr/sbin/dhclient eth0
loginuser ALL=(ALL) NOPASSWD: /usr/sbin/reboot
EOF
sudo usermod -aG video loginuser >>/var/log/install 2>&1 && print_status "Permissions for 'loginuser' set"
echo -e "${RED}${NC} Disabling root login..." | tee -a /var/log/install
sudo tee /etc/ssh/sshd_config >/dev/null << 'EOF'
PermitRootLogin no
EOF
sudo passwd -l root >>/var/log/install 2>&1 && print_status "Root login disabled"
echo -e "${RED}${NC} Copy requiered files..." | tee -a /var/log/install
mkdir -p /etc/chromium/policies/managed /home/wis/.ssh /usr/bin/custom
declare -A files=(
@@ -120,6 +66,60 @@ for src in "${!files[@]}"; do
done
print_status "All files have been successfully copied"
echo -e "${RED}${NC} Configuring VNC..." | tee -a /var/log/install
sudo systemctl enable vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC service enabled"
sudo systemctl start vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC service started"
CONFIG_FILE="/root/.vnc/config.d/vncserver-x11"
if [ ! -d "$(dirname "$CONFIG_FILE")" ]; then
mkdir -p "$(dirname "$CONFIG_FILE")"
echo -e "${GREEN}${NC} Created directory for VNC config." | tee -a /var/log/install
fi
read -p "Do you want to set a VNC password? (y/n): " -r
if [[ $REPLY =~ ^[Yy](e[Ss]?)?$ ]]; then
vncpasswd
echo -e "${GREEN}${NC} VNC password has been set." | tee -a /var/log/install
else
echo -e "${GREEN}${NC} No VNC password will be set." | tee -a /var/log/install
fi
if [ "$(vncpasswd -o)" = 'none' ]; then
echo "Authentication=none" >> "$CONFIG_FILE"
echo "Geometry=1920x1080" >> "$CONFIG_FILE"
echo "# Version 1.0:" >> "$CONFIG_FILE"
echo "# Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspbian as custom PXE init script." >> "$CONFIG_FILE"
print_status "VNC config set to no authentication with geometry 1920x1080." >> /var/log/install 2>&1
else
echo "Authentication=none" >> "$CONFIG_FILE"
echo "Geometry=1920x1080" >> "$CONFIG_FILE"
echo "# Version 1.0:" >> "$CONFIG_FILE"
echo "# Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspbian as custom PXE init script." >> "$CONFIG_FILE"
print_status "VNC password is set. Authentication will be required." >> /var/log/install 2>&1
fi
sudo raspi-config nonint do_vnc 0 >>/var/log/install 2>&1 && print_status "VNC enabled in raspi-config"
sudo systemctl unmask vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC unmask"
sudo systemctl enable vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC enabled systemctl"
echo -e "${RED}${NC} Setting permissions for 'loginuser'..." | tee -a /var/log/install
sudo tee /etc/sudoers.d/loginuser >/dev/null << 'EOF'
loginuser ALL=(ALL) NOPASSWD: /usr/bin/systemctl stop chromium-monitor, /usr/bin/systemctl start chromium-monitor
loginuser ALL=(ALL) NOPASSWD: /usr/bin/systemctl stop watchdog-monitor, /usr/bin/systemctl start watchdog-monitor
loginuser ALL=(ALL) NOPASSWD: /usr/bin/cat /var/lib/dhcp/*
loginuser ALL=(ALL) NOPASSWD: /usr/bin/cp /etc/watchdog.conf /etc/watchdog.conf.bak
loginuser ALL=(ALL) NOPASSWD: /usr/bin/tee /etc/watchdog.conf, /usr/bin/tee -a /etc/watchdog.conf
loginuser ALL=(ALL) NOPASSWD: /usr/bin/sed -i
loginuser ALL=(ALL) NOPASSWD: /usr/bin/sed -r 's/[x]+/,/g'
loginuser ALL=(ALL) NOPASSWD: /usr/bin/fbset -s
loginuser ALL=(ALL) NOPASSWD: /usr/bin/hostnamectl set-hostname
loginuser ALL=(ALL) NOPASSWD: /usr/sbin/dhclient eth0
loginuser ALL=(ALL) NOPASSWD: /usr/sbin/reboot
EOF
sudo usermod -aG video loginuser >>/var/log/install 2>&1 && print_status "Permissions for 'loginuser' set"
echo -e "${RED}${NC} Disabling root login..." | tee -a /var/log/install
sudo tee /etc/ssh/sshd_config >/dev/null << 'EOF'
PermitRootLogin no
EOF
sudo passwd -l root >>/var/log/install 2>&1 && print_status "Root login disabled"
echo -e "${RED}${NC} Setting file permissions..." | tee -a /var/log/install
sudo chown loginuser:loginuser -R /home/loginuser >>/var/log/install 2>&1 && print_status "File permissions for 'loginuser' set"
sudo chown wis:wis -R /home/wis >>/var/log/install 2>&1 && print_status "File permissions for 'wis' set"
@@ -139,7 +139,7 @@ echo -e "${RED}→${NC} Do you want to clean up unused kernels? (y/n):" | tee -a
read -r clean_kernels
if [[ "$clean_kernels" =~ ^[Yy](e[Ss]?)?$ ]]; then
echo -e "${RED}${NC} Cleaning up unused kernels..." | tee -a /var/log/install
sudo bash /root/remove_unused_kernel.sh -u -e >>/var/log/install 2>&1 && print_status "Unused kernels cleaned up"
yes yes | head -n 2 | sudo bash /root/remove_unused_kernel.sh -u -e >>/var/log/install 2>&1 && print_status "Unused kernels cleaned up"
else
echo -e "${RED}${NC} Skipping unused kernel cleanup..." | tee -a /var/log/install
echo -e "${GREEN}${NC} Cleanup has been skipped" | tee -a /var/log/install
@@ -170,8 +170,5 @@ read -n 1 -s
sudo reboot
# Version 1.2:
# Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspian as custom pxe init script.