diff --git a/lib/functions.sh b/lib/functions.sh index d960c93..5115f04 100644 --- a/lib/functions.sh +++ b/lib/functions.sh @@ -110,7 +110,7 @@ function prepare_nftables() { function miaou_init() { # shellcheck source=/dev/null - [[ -f /opt/debian-bash/lib/functions.sh ]] && source /opt/debian-bash/lib/functions.sh + [[ -f /opt/miaou-bash/lib/functions.sh ]] && source /opt/miaou-bash/lib/functions.sh # shellcheck source=/dev/null . "$MIAOU_BASEDIR/lib/functions.sh" @@ -215,7 +215,7 @@ function container_exists() { lxc list "$1" -c n -f csv | grep -q "^$1\$" } -# build debian image with prebuild debian-bash and various useful settings +# build debian image with prebuild miaou-bash and various useful settings # ARG1=release [bullseye, buster] function build_miaou_image() { local RELEASE="$1" @@ -230,7 +230,7 @@ function build_miaou_image() { echo "building lxc image <$IMAGE_LABEL> ... " echo "image will reuse same local repository <$DEB_REPOSITORY>" creation_date=$(date +%s) - sudo /opt/debian-bash/tools/idem_apt_install debootstrap + sudo /opt/miaou-bash/tools/idem_apt_install debootstrap cat </etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). @@ -418,26 +421,24 @@ function env_or_ask { fi } -# install_debian_bash() # grab and install related project -function install_debian_bash() { - local PREFIX="debian-bash:install" - if [[ ! -d /opt/debian-bash ]]; then +function install_miaou_bash() { + local PREFIX="miaou-bash:install" + if [[ ! -d /opt/miaou-bash ]]; then echo "installing curl wget commands ..." apt install -y curl wget - echo "installing debian-bash..." - curl https://git.artcode.re/pvincent/debian-bash/raw/branch/master/install.sh | sudo bash -s -- --host - export PATH=$PATH:/opt/debian-bash/tools/ + echo "installing miaou-bash..." + curl https://git.artcode.re/miaou/miaou-bash/raw/branch/main/install.sh | sudo bash -s -- --host + export PATH=$PATH:/opt/miaou-bash/tools/ echo "OK" else - # /opt/debian-bash/tools/debian_bash_upgrade - echo "addon already installed!" + echo "addon already installed!" fi # shellcheck source=/dev/null source /etc/bash.bashrc - sudo /opt/debian-bash/tools/idem_apt_install bash-completion + sudo /opt/miaou-bash/tools/idem_apt_install bash-completion } function add_toolbox_sudoers { @@ -463,7 +464,7 @@ function prepare_toolbox() { curl -sSf https://sh.rustup.rs | sh -s -- -y # shellcheck source=/dev/null source "$HOME/.cargo/env" - /opt/debian-bash/tools/append_or_replace "^PATH=\$PATH:\$HOME/\\.cargo/bin" "PATH=\$PATH:\$HOME/.cargo/bin" ~/.bashrc + /opt/miaou-bash/tools/append_or_replace "^PATH=\$PATH:\$HOME/\\.cargo/bin" "PATH=\$PATH:\$HOME/.cargo/bin" ~/.bashrc PREFIX="" echo "OK" else echo "command already installed!" @@ -490,7 +491,7 @@ function prepare_toolbox() { echo -n "installing alias ... " if [ ! -f "/TOOLBOX/rg" ]; then - sudo /opt/debian-bash/tools/idem_apt_install ripgrep + sudo /opt/miaou-bash/tools/idem_apt_install ripgrep sudo ln /usr/bin/rg /TOOLBOX/ PREFIX="" echo "successfully installed" else @@ -499,7 +500,7 @@ function prepare_toolbox() { echo -n "installing alias ... " if [ ! -f "/TOOLBOX/ag" ]; then - sudo /opt/debian-bash/tools/idem_apt_install silversearcher-ag + sudo /opt/miaou-bash/tools/idem_apt_install silversearcher-ag sudo ln /usr/bin/ag /TOOLBOX/ PREFIX="" echo "successfully installed" else @@ -541,7 +542,7 @@ function prepare_toolbox() { echo -n "installing ... " if [ ! -f "/TOOLBOX/ncdu" ]; then - sudo /opt/debian-bash/tools/idem_apt_install ncdu + sudo /opt/miaou-bash/tools/idem_apt_install ncdu sudo cp /usr/bin/ncdu /TOOLBOX/ncdu PREFIX="" echo "successfully installed" else @@ -550,7 +551,7 @@ function prepare_toolbox() { echo -n "installing ... " if [ ! -f "/TOOLBOX/unzip" ]; then - sudo /opt/debian-bash/tools/idem_apt_install unzip + sudo /opt/miaou-bash/tools/idem_apt_install unzip sudo cp /usr/bin/unzip /TOOLBOX/unzip PREFIX="" echo "successfully installed" else @@ -559,7 +560,7 @@ function prepare_toolbox() { echo -n "installing ... " if [ ! -f "/TOOLBOX/tree" ]; then - sudo /opt/debian-bash/tools/idem_apt_install tree + sudo /opt/miaou-bash/tools/idem_apt_install tree sudo cp /bin/tree /TOOLBOX/tree PREFIX="" echo "successfully installed" else @@ -568,7 +569,7 @@ function prepare_toolbox() { echo -n "installing ... " if [ ! -f "/TOOLBOX/duf" ]; then - VERSION=$(/opt/debian-bash/tools/wget_semver github muesli/duf) + VERSION=$(/opt/miaou-bash/tools/wget_semver github muesli/duf) VERSION_WITHOUT_V=${VERSION#v} wget -O /tmp/duf.deb "https://github.com/muesli/duf/releases/download/${VERSION}/duf_${VERSION_WITHOUT_V}_linux_amd64.deb" sudo dpkg -i /tmp/duf.deb @@ -601,7 +602,7 @@ function prepare_toolbox() { function install_mandatory_commands() { local PREFIX="mandatory:commands" - sudo /opt/debian-bash/tools/idem_apt_install dnsutils build-essential curl mariadb-client postgresql-client + sudo /opt/miaou-bash/tools/idem_apt_install dnsutils build-essential curl mariadb-client postgresql-client if ! exist_command tera; then echo "installing ..." diff --git a/lib/harden.sh b/lib/harden.sh index a14a3b4..9b524bf 100755 --- a/lib/harden.sh +++ b/lib/harden.sh @@ -87,7 +87,7 @@ function prepare_proxy() { if ! grep -Eq "^precedence ::ffff:0:0/96.*" /etc/gai.conf; then echo "prefer ipv4 ..." - sudo /opt/debian-bash/tools/append_or_replace "^precedence ::ffff:0:0/96.*" "precedence ::ffff:0:0/96 100" /etc/gai.conf + sudo /opt/miaou-bash/tools/append_or_replace "^precedence ::ffff:0:0/96.*" "precedence ::ffff:0:0/96 100" /etc/gai.conf echo "OK" else echo "ipv4 already prefered!" @@ -95,7 +95,7 @@ function prepare_proxy() { if ! grep -Eq "^net.ipv4.ip_forward=1" /etc/sysctl.conf; then echo "allow forwarding from kernel ..." - sudo /opt/debian-bash/tools/append_or_replace "^net.ipv4.ip_forward=1.*" "net.ipv4.ip_forward=1" /etc/sysctl.conf + sudo /opt/miaou-bash/tools/append_or_replace "^net.ipv4.ip_forward=1.*" "net.ipv4.ip_forward=1" /etc/sysctl.conf sudo sysctl -p echo "OK" else @@ -163,7 +163,7 @@ function mailer_alert() { done echo "installing ..." - sudo /opt/debian-bash/tools/idem_apt_install msmtp msmtp-mta mailutils bsd-mailx + sudo /opt/miaou-bash/tools/idem_apt_install msmtp msmtp-mta mailutils bsd-mailx echo "OK" echo "configuring " @@ -232,7 +232,7 @@ function alert_at_ssh_password() { echo "installing alert_at_ssh_password..." sudo cp "$MIAOU_BASEDIR/templates/hardened/pam/alert_ssh_password.sh" /usr/local/bin/ sudo chmod 700 /usr/local/bin/alert_ssh_password.sh - sudo /opt/debian-bash/tools/append_or_replace "^session optional pam_exec.so /usr/local/bin/alert_ssh_password.sh" "session optional pam_exec.so /usr/local/bin/alert_ssh_password.sh" /etc/pam.d/sshd + sudo /opt/miaou-bash/tools/append_or_replace "^session optional pam_exec.so /usr/local/bin/alert_ssh_password.sh" "session optional pam_exec.so /usr/local/bin/alert_ssh_password.sh" /etc/pam.d/sshd echo "OK" else echo "alert_at_ssh_password already enabled!" @@ -243,7 +243,7 @@ function customize_motd { local PREFIX="harden:motd:customize" if [[ ! -f /etc/update-motd.d/80-users ]]; then echo "customizing motd..." - sudo /opt/debian-bash/tools/idem_apt_install figlet lsb-release + sudo /opt/miaou-bash/tools/idem_apt_install figlet lsb-release sudo rm -f /etc/motd sudo mkdir -p /etc/update-motd.d sudo rm -f /etc/update-motd.d/* @@ -274,7 +274,7 @@ PREFIX="harden" : $PREFIX sudo_required -install_debian_bash +install_miaou_bash install_mandatory_commands prepare_config_hardened set_current_user diff --git a/lib/images/bullseye-miaou.sh b/lib/images/bullseye-miaou.sh index cfffb38..4af5c9a 100755 --- a/lib/images/bullseye-miaou.sh +++ b/lib/images/bullseye-miaou.sh @@ -8,7 +8,7 @@ function init_strict() { # shellcheck source=/dev/null source "$MIAOU_DIR/lib/functions.sh" # shellcheck source=/dev/null - source "/opt/debian-bash/lib/functions.sh" + source "/opt/miaou-bash/lib/functions.sh" trap 'trap_error $? $LINENO $BASH_LINENO "$BASH_COMMAND" $(printf "::%s" ${FUNCNAME[@]})' ERR } diff --git a/lib/images/buster-miaou.sh b/lib/images/buster-miaou.sh index 6731c6a..9fbb137 100755 --- a/lib/images/buster-miaou.sh +++ b/lib/images/buster-miaou.sh @@ -8,7 +8,7 @@ function init_strict() { # shellcheck source=/dev/null source "$MIAOU_DIR/lib/functions.sh" # shellcheck source=/dev/null - source "/opt/debian-bash/lib/functions.sh" + source "/opt/miaou-bash/lib/functions.sh" trap 'trap_error $? $LINENO $BASH_LINENO "$BASH_COMMAND" $(printf "::%s" ${FUNCNAME[@]})' ERR } diff --git a/lib/install.sh b/lib/install.sh index 04c1687..52543a2 100755 --- a/lib/install.sh +++ b/lib/install.sh @@ -38,7 +38,7 @@ function prepare_lxd { echo "user <$USER> already belongs to group !" fi - sudo /opt/debian-bash/tools/idem_apt_install lxd btrfs-progs + sudo /opt/miaou-bash/tools/idem_apt_install lxd btrfs-progs # test lxdbr0 if ! lxc network info lxdbr0 &>/dev/null; then @@ -181,7 +181,7 @@ function set_alias { function miaou_evalfrombashrc() { local PREFIX="miaou:bashrc" output=$( - /opt/debian-bash/tools/append_or_replace \ + /opt/miaou-bash/tools/append_or_replace \ "^eval \"\\$\($MIAOU_BASEDIR/lib/install.sh shellenv\)\"$" \ "eval \"\$($MIAOU_BASEDIR/lib/install.sh shellenv)\"" \ "$HOME/.bashrc" diff --git a/recipes/dolibarr/crud.sh b/recipes/dolibarr/crud.sh index 72bd080..4a6a217 100755 --- a/recipes/dolibarr/crud.sh +++ b/recipes/dolibarr/crud.sh @@ -39,7 +39,7 @@ function _create() { set -Eeuo pipefail echo "install latest release ... " cd /var/www - PATH="\$PATH:/opt/debian-bash/tools" + PATH="\$PATH:/opt/miaou-bash/tools" VERSION="\$(wget_semver github Dolibarr/dolibarr)" if [[ ! -f "dolibarr-\$VERSION.tgz" ]]; then wget_release github Dolibarr/dolibarr diff --git a/recipes/dolibarr/install.sh b/recipes/dolibarr/install.sh index 6aa2efe..c1ebef9 100755 --- a/recipes/dolibarr/install.sh +++ b/recipes/dolibarr/install.sh @@ -34,7 +34,7 @@ function install() { apt update apt install -y $MANDATORY_PACKAGES_STRING cd /var/www - PATH="\$PATH:/opt/debian-bash/tools" + PATH="\$PATH:/opt/miaou-bash/tools" VERSION="\$(wget_semver github Dolibarr/dolibarr)" if [[ ! -f "dolibarr-\$VERSION.tgz" ]]; then wget_release github Dolibarr/dolibarr diff --git a/recipes/mariadb/install.sh b/recipes/mariadb/install.sh index 8129fe6..9a3e6ce 100755 --- a/recipes/mariadb/install.sh +++ b/recipes/mariadb/install.sh @@ -30,7 +30,7 @@ function install() { PREFIX="recipe:mariadb:install" : $PREFIX - sudo /opt/debian-bash/tools/idem_apt_install mariadb-client + sudo /opt/miaou-bash/tools/idem_apt_install mariadb-client echowarn "initializing ..." launch_container "$CONTAINER" build_device_backup @@ -38,16 +38,16 @@ function install() { lxc exec "$CONTAINER" -- bash </dev/null - . /opt/debian-bash/lib/functions.sh + . /opt/miaou-bash/lib/functions.sh apt update && apt dist-upgrade -y - /opt/debian-bash/tools/idem_apt_install mariadb-server automysqlbackup + /opt/miaou-bash/tools/idem_apt_install mariadb-server automysqlbackup echo "change bind-adress" - /opt/debian-bash/tools/append_or_replace "^bind-address.*$" "bind-address = 0.0.0.0" /etc/mysql/mariadb.conf.d/50-server.cnf + /opt/miaou-bash/tools/append_or_replace "^bind-address.*$" "bind-address = 0.0.0.0" /etc/mysql/mariadb.conf.d/50-server.cnf systemctl restart mariadb.service function systemctl-exists() ([ \$(systemctl list-unit-files "\${1}*" | wc -l) -gt 3 ]) systemctl-exists exim4.service && systemctl stop exim4.service && systemctl disable exim4.service - /opt/debian-bash/tools/append_or_replace "^BACKUPDIR=.*$" "BACKUPDIR=\"/mnt/BACKUP/mariadb\"" /etc/default/automysqlbackup + /opt/miaou-bash/tools/append_or_replace "^BACKUPDIR=.*$" "BACKUPDIR=\"/mnt/BACKUP/mariadb\"" /etc/default/automysqlbackup exit 0 EOF echo DONE diff --git a/recipes/odoo12/install.sh b/recipes/odoo12/install.sh index bc13aab..87a87b1 100755 --- a/recipes/odoo12/install.sh +++ b/recipes/odoo12/install.sh @@ -108,7 +108,7 @@ function install() { fi echo "community-color change to $BACKGROUND_COLOR" - /opt/debian-bash/tools/append_or_replace "^.*o-community-color:.*" "\\\\\\\$o-community-color: $BACKGROUND_COLOR;" /home/odoo/odoo12/addons/web/static/src/scss/primary_variables.scss + /opt/miaou-bash/tools/append_or_replace "^.*o-community-color:.*" "\\\\\\\$o-community-color: $BACKGROUND_COLOR;" /home/odoo/odoo12/addons/web/static/src/scss/primary_variables.scss EOT mkdir -p /etc/odoo12 diff --git a/recipes/odoo15/install.sh b/recipes/odoo15/install.sh index 0f89643..391baa4 100755 --- a/recipes/odoo15/install.sh +++ b/recipes/odoo15/install.sh @@ -92,7 +92,7 @@ function install() { echo "git odoo15 already downloaded!" fi echo "community-color change to $BACKGROUND_COLOR" - /opt/debian-bash/tools/append_or_replace "^.*o-community-color:.*" "\\\\\\\$o-community-color: $BACKGROUND_COLOR !default;" /home/odoo/odoo15/addons/web/static/src/legacy/scss/primary_variables.scss + /opt/miaou-bash/tools/append_or_replace "^.*o-community-color:.*" "\\\\\\\$o-community-color: $BACKGROUND_COLOR !default;" /home/odoo/odoo15/addons/web/static/src/legacy/scss/primary_variables.scss EOT mkdir -p /etc/odoo15 diff --git a/recipes/postgresql/install.sh b/recipes/postgresql/install.sh index 24fc4f7..b51b904 100755 --- a/recipes/postgresql/install.sh +++ b/recipes/postgresql/install.sh @@ -29,8 +29,8 @@ function install() { set -Eeuo pipefail apt update - . /opt/debian-bash/lib/functions.sh - /opt/debian-bash/tools/idem_apt_install postgresql + . /opt/miaou-bash/lib/functions.sh + /opt/miaou-bash/tools/idem_apt_install postgresql echo -n "start postgresql now..." PG_VERSION=\$(pg_lsclusters -h | cut -d' ' -f1) @@ -40,8 +40,8 @@ function install() { function systemctl-exists() ([ \$(systemctl list-unit-files "\${1}*" | wc -l) -gt 3 ]) systemctl-exists exim4.service && systemctl disable exim4.service - /opt/debian-bash/tools/append_or_replace "^listen_addresses = .*$" "listen_addresses = '0.0.0.0'" /etc/postgresql/\$PG_VERSION/main/postgresql.conf - /opt/debian-bash/tools/append_or_replace "^host.*all.*all.*$BRIDGE_SUBNET.*md5" "host\tall\t\tall\t\t$BRIDGE_SUBNET\t\tmd5" /etc/postgresql/\$PG_VERSION/main/pg_hba.conf + /opt/miaou-bash/tools/append_or_replace "^listen_addresses = .*$" "listen_addresses = '0.0.0.0'" /etc/postgresql/\$PG_VERSION/main/postgresql.conf + /opt/miaou-bash/tools/append_or_replace "^host.*all.*all.*$BRIDGE_SUBNET.*md5" "host\tall\t\tall\t\t$BRIDGE_SUBNET\t\tmd5" /etc/postgresql/\$PG_VERSION/main/pg_hba.conf systemctl restart postgresql.service EOF diff --git a/scripts/db-maria b/scripts/db-maria index 1ed5887..967ddae 100755 --- a/scripts/db-maria +++ b/scripts/db-maria @@ -46,7 +46,7 @@ use() { create() { # shellcheck disable=SC1091 - source /opt/debian-bash/lib/functions.sh + source /opt/miaou-bash/lib/functions.sh # shellcheck disable=SC2034 mapfile -t DBs < <(list) diff --git a/scripts/db-psql b/scripts/db-psql index 8b1743e..3809009 100755 --- a/scripts/db-psql +++ b/scripts/db-psql @@ -52,7 +52,7 @@ use() { create() { echo >&2 "about to create to <${DB_NAME}> ..." - source /opt/debian-bash/lib/functions.sh + source /opt/miaou-bash/lib/functions.sh local DBs=($(list)) if ! $(containsElement DBs $DB_NAME); then local SQL="CREATE USER \\\\\\\"$DB_NAME\\\\\\\" WITH PASSWORD '$DB_PASSWORD'" diff --git a/scripts/lxc-miaou-create b/scripts/lxc-miaou-create index 3fbc227..7387daa 100755 --- a/scripts/lxc-miaou-create +++ b/scripts/lxc-miaou-create @@ -105,8 +105,8 @@ EOF lxc config device add "$CONTAINER" SHARED disk source="$HOME/LXD/SHARED/$CONTAINER" path=/mnt/SHARED -q lxc config device add "$CONTAINER" TOOLBOX disk source=/TOOLBOX path=/TOOLBOX -q - lxc config device add "$CONTAINER" DEBIAN_BASH disk source=$(realpath /opt/debian-bash) path=/opt/debian-bash -q - lxc config set "$CONTAINER" environment.PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/debian-bash/tools:/TOOLBOX -q + lxc config device add "$CONTAINER" DEBIAN_BASH disk source=$(realpath /opt/miaou-bash) path=/opt/miaou-bash -q + lxc config set "$CONTAINER" environment.PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/miaou-bash/tools:/TOOLBOX -q if [[ "$OPTION_NESTING" == true ]]; then lxc config set $CONTAINER security.nesting true -q @@ -115,8 +115,8 @@ EOF lxc start "$CONTAINER" -q - # initializing debian-bash - lxc exec "$CONTAINER" -- /opt/debian-bash/init.sh + # initializing miaou-bash + lxc exec "$CONTAINER" -- /opt/miaou-bash/init.sh # default configuration files (btm,) lxc exec "$CONTAINER" -- mkdir -p /root/.config/bottom @@ -141,12 +141,12 @@ EOF if ! lxc exec "$CONTAINER" -- passwd -S "$miaou_user" | cut -d ' ' -f2 | grep -q ^P; then shadow_passwd=$(load_yaml_from_expanded credential.shadow) shadow_remainder=$(lxc exec "$CONTAINER" -- bash -c "grep $miaou_user /etc/shadow | cut -d':' -f3-") - lxc exec "$CONTAINER" -- /opt/debian-bash/tools/append_or_replace "^$miaou_user:.*:" "$miaou_user:$shadow_passwd:$shadow_remainder" /etc/shadow >/dev/null + lxc exec "$CONTAINER" -- /opt/miaou-bash/tools/append_or_replace "^$miaou_user:.*:" "$miaou_user:$shadow_passwd:$shadow_remainder" /etc/shadow >/dev/null fi fi if [[ "$OPTION_SSH" == true ]]; then - lxc exec "$CONTAINER" -- /opt/debian-bash/tools/idem_apt_install openssh-server + lxc exec "$CONTAINER" -- /opt/miaou-bash/tools/idem_apt_install openssh-server fi if [[ "$OPTION_SSH" == true && "$OPTION_SAMEUSER" == true ]]; then diff --git a/scripts/lxc-miaou-enable-ssh b/scripts/lxc-miaou-enable-ssh index ec8db1b..a1c819c 100755 --- a/scripts/lxc-miaou-enable-ssh +++ b/scripts/lxc-miaou-enable-ssh @@ -34,9 +34,9 @@ EOF miaou_user=$(whoami) shadow_passwd=$(load_yaml_from_expanded credential.shadow) shadow_remainder=$(lxc exec "$CONTAINER" -- bash -c "grep $SSH_USER /etc/shadow | cut -d':' -f3-") - lxc exec "$CONTAINER" -- /opt/debian-bash/tools/append_or_replace "^$SSH_USER:.*:" "$SSH_USER:$shadow_passwd:$shadow_remainder" /etc/shadow >/dev/null + lxc exec "$CONTAINER" -- /opt/miaou-bash/tools/append_or_replace "^$SSH_USER:.*:" "$SSH_USER:$shadow_passwd:$shadow_remainder" /etc/shadow >/dev/null - lxc exec "$CONTAINER" -- /opt/debian-bash/tools/idem_apt_install openssh-server + lxc exec "$CONTAINER" -- /opt/miaou-bash/tools/idem_apt_install openssh-server previous_users=($( lxc exec "$CONTAINER" -- bash <