-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinit.sh
executable file
·131 lines (111 loc) · 4.18 KB
/
init.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# /bin/bash
# Sets the Keyboard layout
echo "Please enter keyboard layout chars. (e.g. de / gb)"
read keyboard_layout
keyboard_layout=$(echo "$keyboard_layout" | tr '[:upper:]' '[:lower:]')
keyboard_layout_cfg=/etc/default/keyboard
setxkbmap $keyboard_layout
sudo sed -i "s/^XKBLAYOUT=*.*/XKBLAYOUT=\"$keyboard_layout\" /" $keyboard_layout_cfg
# Enables SSH but avoids Root login via SSH
ssh_config=/etc/ssh/sshd_config
sudo sed -i "s/PermitRootLogin *.*/PermitRootLogin No/" $ssh_config
sudo systemctl enable ssh
sudo systemctl start ssh
echo "Enabled SSH"
# Ignore pings and broadcasts, this avoid intruders to ping for your ip
sysctl_config=/etc/sysctl.conf
ping_ignore_cmd=net.ipv4.icmp_echo_ignore_all
broadcast_ignore_cmd=net.ipv4.icmp_echo_ignore_broadcasts
if ! grep -q "^$ping_ignore_cmd" $sysctl_config
then
echo "$ping_ignore_cmd = 1" | sudo tee -a $sysctl_config > /dev/null
fi
if ! grep -q "^$broadcast_ignore_cmd" $sysctl_config
then
echo "$broadcast_ignore_cmd = 1" | sudo tee -a $sysctl_config > /dev/null
fi
# Creates a new user, because pi is the default user and should not be used.
# Remove the pi user after the reboot, so no one except you knows the users and passwords on your Raspberry Pi.
is_new_user=1
while [ $is_new_user -eq 1 ]
do
echo "Please enter a new username (Raspbian only supports lower case names)"
read username
if [ $(id -u $username > /dev/null 2>&1; echo $?) -eq 0 ];
then
echo "User already exists, do you want to enter a new username? (Y/N)"
read reenter
if [[ $reenter =~ ^[Nn]$ ]];
then
is_new_user=0
fi
else
sudo adduser $username
sudo adduser $username sudo
sudo cp -R /home/pi/* /home/$username
sudo chown -R $username:$username /home/$username
sudo sed -i "s/^ExecStart=-\/sbin\/agetty --autologin *.*/ExecStart=-\/sbin\/agetty --autologin $username --noclear %I \$TERM/" /etc/systemd/system/[email protected]
is_new_user=0
fi
done
# Disable autologin
# To enable autologin readd the user for GUI autologin and use the following symling:
# ln -fs /etc/systemd/system/[email protected] /etc/systemd/system/getty.target.wants/[email protected]
autologin_config=/etc/lightdm/lightdm.conf
sudo sed -i "s/^autologin-user=.*/autologin-user=/" $autologin_config
sudo ln -fs /lib/systemd/system/[email protected] /etc/systemd/system/getty.target.wants/[email protected]
# Just boot to the terminal, this would need less resources than a desktop environment.
# If you want switch back, use 'sudo systemctl set-default graphical.target'
echo "Do you want to boot only to the Terminal? (Y/N)"
read boot_terminal
if [[ $boot_terminal =~ ^[Yy]$ ]];
then
sudo systemctl set-default multi-user.target
fi
# Changes the Hostname of the Raspberry Pi
echo "Do you want to change the hostname? (Y/N)"
read change_hostname
if [[ $change_hostname =~ ^[Yy]$ ]];
then
hostname_config=/etc/hostname
echo "Please enter the new hostname"
read new_hostname
sudo sed -i "1s/.*/$new_hostname/" $hostname_config
fi
# Configures wifi.
# Stores an encrypted wifi password.
echo "Do you want to configure wifi? (Y/N)"
read use_wifi
if [[ $use_wifi =~ ^[Yy]$ ]];
then
echo "Please enter the wifi SSID"
read ssid
echo "Please enter the password for SSID $ssid"
read -s wifi_password
if [ -n $ssid ] && [ -n $wifi_password ];
then
wpa_cfg_file="/etc/wpa_supplicant/wpa_supplicant.conf"
sudo echo "" | sudo tee -a $wpa_cfg_file > /dev/null
sudo wpa_passphrase $ssid $wifi_password | sed '3d' | sudo tee -a $wpa_cfg_file > /dev/null
sudo ifdown wlan0
sudo ifup wlan0
fi
fi
# If there is a internet connection, install vim if it's not installed and update the Raspberry Pi afterwards.
if [ $(ping -c 1 www.google.de > /dev/null 2>&1; echo $?) == 0 ];
then
echo "Do you want to Reboot after the Update? (Y/N)"
read reboot
if [ $(dpkg-query -W -f='${Status}' vim 2>/dev/null | grep -c "ok installed") -eq 0 ];
then
sudo apt-get -y install vim
fi
sudo apt-get update
sudo apt-get -y dist-upgrade
if [[ $reboot =~ ^[Yy]$ ]];
then
sudo reboot
fi
else
echo "There is no internet available."
fi