WiS/RPS-Client
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases 12 Activity
Files
e35bbc7d779cec5c46b6f1a65879d85f28da5eb5
RPS-Client/install.sh
Tim Eertmoed e35bbc7d77 install.sh aktualisiert
2024-10-29 15:21:54 +01:00

143 lines
7.9 KiB
Bash
Raw Blame History

#!/bin/bash
RED='\033[0;31m'
GREEN='\033[0;32m'
NC='\033[0m' # No Color
clear
# Function to print status with a checkmark
print_status() {
echo -e "${GREEN}${NC} ${1} completed."
}
echo -e "${RED}${NC} Starting System Update..."
sudo apt update >>/var/log/install 2>&1 && print_status "System Update"
sudo apt upgrade -y >>/var/log/install 2>&1 && print_status "System Upgrade"
sudo apt dist-upgrade -y >>/var/log/install 2>&1 && print_status "System Dist-Upgrade"
sudo apt autoremove -y >>/var/log/install 2>&1 && print_status "Autoremove"
sudo apt clean >>/var/log/install 2>&1 && print_status "Clean"
rm -rf /var/lib/apt/lists/* "Clear cache"
echo -e "${RED}${NC} Installing required packages..."
sudo apt install --no-install-recommends xserver-xorg x11-xserver-utils xinit chromium-browser fonts-noto-color-emoji nfs-common watchdog xdotool rsync -y >>/var/log/install 2>&1 && print_status "Required packages installed"
sudo apt install realvnc-vnc-server overlayroot -y >>/var/log/install 2>&1 && print_status "VNC and Overlayroot installed"
echo -e "${RED}${NC} Configuring VNC..."
sudo systemctl enable vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC service enabled"
sudo systemctl start vncserver-x11-serviced.service >>/var/log/install 2>&1 && print_status "VNC service started"
CONFIG_FILE="/root/.vnc/config.d/vncserver-x11"
if [ ! -d "$(dirname "$CONFIG_FILE")" ]; then
mkdir -p "$(dirname "$CONFIG_FILE")"
echo -e "${RED}${NC} Created directory for VNC config."
fi
read -p "Do you want to set a VNC password? (y/n): " -r
if [[ $REPLY =~ ^[Yy](e[Ss]?)?$ ]]; then
vncpasswd
echo -e "${GREEN}${NC} VNC password has been set."
else
echo -e "${RED}${NC} No VNC password will be set."
fi
if [ "$(vncpasswd -o)" = 'none' ]; then
echo "Authentication=None" >> "$CONFIG_FILE"
echo "Geometry=1920x1080" >> "$CONFIG_FILE"
echo "# Version 1.0:" >> "$CONFIG_FILE"
echo "# Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspbian as custom PXE init script." >> "$CONFIG_FILE"
echo -e "${RED}${NC} VNC config set to no authentication with geometry 1920x1080."
else
echo "Authentication=VNC" >> "$CONFIG_FILE"
echo "Geometry=1920x1080" >> "$CONFIG_FILE"
echo "# Version 1.0:" >> "$CONFIG_FILE"
echo "# Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspbian as custom PXE init script." >> "$CONFIG_FILE"
echo -e "${RED}${NC} VNC password is set. Authentication will be required."
fi
echo -e "${GREEN}${NC} VNC configuration updated with geometry 1920x1080."
sudo raspi-config nonint do_vnc 0 >>/var/log/install 2>&1 && print_status "VNC enabled in raspi-config"
echo -e "${GREEN}${NC} VNC configuration completed. You can connect using a VNC viewer."
echo -e "${RED}${NC} Creating user 'loginuser'..."
sudo adduser --disabled-password --gecos "" loginuser >>/var/log/install 2>&1 && print_status "User 'loginuser' created"
echo -e "${RED}${NC} Setting permissions for 'loginuser'..."
sudo tee /etc/sudoers.d/loginuser >/dev/null << 'EOF'
loginuser ALL=(ALL) NOPASSWD: /usr/bin/systemctl start watchdog, /usr/bin/systemctl stop watchdog, /usr/bin/systemctl restart watchdog
loginuser ALL=(ALL) NOPASSWD: /usr/bin/systemctl stop watchdog-monitor
loginuser ALL=(ALL) NOPASSWD: /usr/bin/cat /var/lib/dhcp/*
loginuser ALL=(ALL) NOPASSWD: /usr/bin/cp /etc/watchdog.conf /etc/watchdog.conf.bak
loginuser ALL=(ALL) NOPASSWD: /usr/bin/tee /etc/watchdog.conf, /usr/bin/tee -a /etc/watchdog.conf
loginuser ALL=(ALL) NOPASSWD: /usr/bin/sed -i
loginuser ALL=(ALL) NOPASSWD: /usr/bin/sed -r 's/[x]+/,/g'
loginuser ALL=(ALL) NOPASSWD: /usr/bin/fbset -s
loginuser ALL=(ALL) NOPASSWD: /usr/bin/hostnamectl set-hostname
loginuser ALL=(ALL) NOPASSWD: /usr/sbin/dhclient eth0
loginuser ALL=(ALL) NOPASSWD: /usr/sbin/reboot
EOF
sudo usermod -aG video loginuser >>/var/log/install 2>&1 && print_status "Permissions for 'loginuser' set"
echo -e "${RED}${NC} Disabling root login..."
sudo tee /etc/ssh/sshd_config >/dev/null << 'EOF'
PermitRootLogin no
EOF
sudo passwd -l root >>/var/log/install 2>&1 && print_status "Root login disabled"
echo -e "${RED}${NC} Copy requiered files..."
declare -A files=(
["./rps-client/boot/ro-root.sh"]="/boot/ro-root.sh"
["./rps-client/boot/firmware/ro-root.sh"]="/boot/firmware/ro-root.sh"
["./rps-client/etc/dhcp/dhclient.conf"]="/etc/dhcp/dhclient.conf"
["./rps-client/etc/systemd/system/hostname.service"]="/etc/systemd/system/hostname.service"
["./rps-client/etc/systemd/system/watchdog-monitor.service"]="/etc/systemd/system/watchdog-monitor.service"
["./rps-client/etc/systemd/system/chromium-monitor.service"]="/etc/systemd/system/chromium-monitor.service"
["./rps-client/etc/systemd/system/getty@tty1.service.d/override.conf"]="/etc/systemd/system/getty@tty1.service.d/override.conf"
["./rps-client/etc/chromium/policies/managed/disable_password_saving.json"]="/etc/chromium/policies/managed/disable_password_saving.json"
["./rps-client/home/loginuser/.bash_profile"]="/home/loginuser/.bash_profile"
["./rps-client/home/loginuser/.xinitrc"]="/home/loginuser/.xinitrc"
["./rps-client/home/wis/.ssh/id_rsa.pub"]="/home/wis/.ssh/id_rsa.pub"
["./rps-client/root/remove_unused_kernel.sh"]="/root/remove_unused_kernel.sh"
["./rps-client/root/.vnc/config.d/vncserver-x11"]="/root/.vnc/config.d/vncserver-x11"
["./rps-client/usr/bin/custom/hostname"]="/usr/bin/custom/hostname"
["./rps-client/usr/bin/custom/chromium-monitor"]="/usr/bin/custom/chromium-monitor"
["./rps-client/usr/bin/custom/watchdog-monitor"]="/usr/bin/custom/watchdog-monitor"
)
RSYNC_OPTS="-a --numeric-ids --info=progress2 --no-owner --no-group"
for src in "${!files[@]}"; do
dst="${files[$src]}"
echo "Copying $src to $dst..."
sudo rsync $RSYNC_OPTS "$src" "$dst" >>/var/log/install 2>&1 && print_status "$src copied to $dst"
done
echo -e "${GREEN}${NC} All required files copied"
echo -e "${RED}${NC} Setting file permissions..."
sudo chown loginuser:loginuser -R /home/loginuser >>/var/log/install 2>&1 && print_status "File permissions set"
echo -e "${RED}${NC} Creating log files..."
sudo touch /var/log/watchdog.log /var/log/chromium-monitor.log /var/log/hostname.log >>/var/log/install 2>&1 && print_status "Log files created"
sudo chown loginuser:loginuser /var/log/watchdog.log /var/log/chromium-monitor.log /var/log/hostname.log >>/var/log/install 2>&1 && print_status "Ownership set for log files"
sudo chmod 777 /var/log/watchdog.log /var/log/chromium-monitor.log /var/log/hostname.log >>/var/log/install 2>&1 && print_status "Permissions set for log files"
sudo chmod +x /usr/bin/custom/* >>/var/log/install 2>&1 && print_status "Permissions set for script files"
echo -e "${RED}${NC} Enabling services..."
sudo systemctl daemon-reload >>/var/log/install 2>&1 && print_status "Daemon reloaded"
sudo systemctl enable hostname watchdog chromium-monitor vncserver-x11-serviced.service getty@tty1 >>/var/log/install 2>&1 && print_status "Services enabled"
sudo systemctl restart getty@tty1 >>/var/log/install 2>&1 && print_status "getty service restarted"
echo -e "${RED}${NC} Do you want to clean up unused kernels? (yes/y/ye to proceed):"
read -r clean_kernels
if [[ "$clean_kernels" =~ ^[Yy](e[Ss]?)?$ ]]; then
echo -e "${RED}${NC} Cleaning up unused kernels..."
sudo bash /root/remove_unused_kernel.sh -u -e >>/var/log/install 2>&1 && print_status "Unused kernels cleaned up"
else
echo -e "${RED}${NC} Skipping unused kernel cleanup."
fi
echo -e "${RED}${NC} Cleaning up installer..."
sudo rm -rf ./rps-client >>/var/log/install 2>&1 && print_status "Installer cleaned up"
echo -e "${GREEN}${NC} Installation complete. Press any key to reboot..."
read -n 1 -s
sudo reboot
# Version 1.2:
# Created 2024 by Tim Eertmoed, Christian Hampp @ WiS IT-Solutions GmbH, Germany to work on Raspian as custom pxe init script.
Reference in New Issue View Git Blame Copy Permalink