Work_Archive/VPS-scripts_UBU-Backup-SRV
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
Files
770ddea9defe3722f5bc667b2a1347b91b1c4129
VPS-scripts_UBU-Backup-SRV/setup.sh
Bram Prieshof 770ddea9de Fixed ssh so X11 shoud work out of the box
2020-07-01 12:41:52 +02:00

68 lines
2.6 KiB
Bash
Raw Blame History

mrepo=https://git.ictmaatwerk.com/VPS-scripts/UBU-Backup-SRV
mbranch=master
#install needed packages
apt install rssh vsftpd openssh-server git fail2ban -y
apt-get install --no-install-recommends eiciel x11-common -y
#Setup groups
groupadd sftpusers
groupadd ftpusers
groupadd BCKviewer
groupadd BCKadmin
#setup Folders
mkdir -p /backups/ftp/
mkdir -p /backups/sftp/
mkdir -p /vhome
mkdir /tools
#setup tools
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/Tools/aclutil -O /tools/aclutil
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/Tools/adduserutil -O /tools/adduserutil
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/Tools/deluserutil -O /tools/deluserutil
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/Tools/ez-aclutil -O /tools/ez-aclutil
chmod 700 /tools/deluserutil
chmod 700 /tools/adduserutil
chmod 700 /tools/aclutil
chmod 700 /tools/ez-aclutil
#SSH Config
sed -i -e '/Subsystem\ssftp/c\Subsystem sftp internal-sftp' /etc/ssh/sshd_config
curl --silent --show-error "$mrepo"/raw/branch/"$mbranch"/config/sshd_append.conf >>/etc/ssh/sshd_config
#rssh Config
curl --silent --show-error "$mrepo"/raw/branch/"$mbranch"/config/rssh_append.conf >>/etc/rssh.conf
#vsftp Config
openssl req -new -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem -subj "/C=NL/ST=Gelderland/L=Arnhem/O=ICT Maatwerk B.V./CN=$(hostname -f)"
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/vsftpd.conf -O /etc/vsftpd.conf
#sudo Config
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/sudo.conf -O /etc/sudoers.d/BCKadmin
#Setup grequalizer
git clone https://github.com/lpirl/grequalizer.git /opt/grequalizer
mkdir /opt/grequalizer/conf/
echo "/opt/grequalizer" > /opt/grequalizer/conf/files_to_chroots.txt
echo "/usr/bin/rsync" > /opt/grequalizer/conf/binaries_to_chroots.txt
echo "/usr/bin/rssh" >> /opt/grequalizer/conf/binaries_to_chroots.txt
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/grequalizer-sftp.conf -O /opt/grequalizer/conf/grequalizer-sftp.conf
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/grequalizer-ftp.conf -O /opt/grequalizer/conf/grequalizer-ftp.conf
#UFW Config
##FTP
ufw allow 20:21/tcp
ufw allow 30000:31000/tcp
#SSH/SFTP
ufw limit 22/tcp
echo "y" | ufw enable
#F2B Config
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/fail2ban/jail.local -O /etc/fail2ban/jail.local
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/fail2ban/jail-vsftp.local -O /etc/fail2ban/jail.d/vsftp.local
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/fail2ban/filter-vsftpd.local -O /etc/fail2ban/filter.d/vsftpd.local
#Restarting and enableing services
systemctl enable vsftpd sshd fail2ban
systemctl restart vsftpd sshd fail2ban
Reference in New Issue View Git Blame Copy Permalink