171 lines
5.1 KiB
Bash
171 lines
5.1 KiB
Bash
#!/bin/bash
|
|
|
|
# Script to update a RHEL-based Linux system, set the timezone, change the hostname,
|
|
# add a limited user account, modify sshd_config settings, and optionally install Docker CE
|
|
|
|
# Variables
|
|
timezone="America/New_York"
|
|
sshd_config="/etc/ssh/sshd_config"
|
|
|
|
# Function to prompt for hostname
|
|
prompt_for_hostname() {
|
|
read -p "Please enter the desired hostname: " hostname
|
|
}
|
|
|
|
# Function to add hostname and IP to /etc/hosts
|
|
update_hosts_file() {
|
|
local ip_address
|
|
ip_address=$(hostname -I | awk '{print $1}')
|
|
echo "Updating /etc/hosts with IP $ip_address and hostname $hostname..."
|
|
|
|
# Check if the entry already exists
|
|
if grep -q "$ip_address" /etc/hosts; then
|
|
echo "Entry for $ip_address already exists in /etc/hosts."
|
|
sed -i "s/.*$hostname/$ip_address $hostname/" /etc/hosts
|
|
else
|
|
echo "$ip_address $hostname" >> /etc/hosts
|
|
echo "Added $ip_address $hostname to /etc/hosts."
|
|
fi
|
|
}
|
|
|
|
# Function to prompt for Docker installation
|
|
prompt_for_docker_install() {
|
|
read -p "Would you like to install Docker CE? (y/n): " install_docker
|
|
if [[ "$install_docker" =~ ^[Yy]$ ]]; then
|
|
install_docker
|
|
else
|
|
echo "Skipping Docker installation."
|
|
fi
|
|
}
|
|
|
|
# Function to install Docker
|
|
install_docker() {
|
|
echo "Installing Docker CE..."
|
|
curl -fsSL https://get.docker.com -o get-docker.sh
|
|
sh get-docker.sh
|
|
|
|
# Start and enable Docker service
|
|
systemctl start docker
|
|
systemctl enable docker
|
|
echo "Docker installation complete."
|
|
}
|
|
|
|
# Function to create a limited user account
|
|
create_user_account() {
|
|
read -p "Please enter the username for the new user account: " username
|
|
read -sp "Please enter the password for the new user account: " password
|
|
echo
|
|
|
|
# Create the user and add to the wheel group
|
|
if id "$username" &>/dev/null; then
|
|
echo "User $username already exists."
|
|
else
|
|
useradd -m -G wheel "$username"
|
|
echo "$username:$password" | chpasswd
|
|
echo "User $username created and added to the wheel group."
|
|
|
|
# Check if Docker is installed and add the user to the docker group
|
|
if command -v docker &> /dev/null; then
|
|
usermod -aG docker "$username"
|
|
echo "User $username added to the docker group."
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# Check if the script is run as root
|
|
if [ "$(id -u)" -ne 0 ]; then
|
|
echo "This script must be run as root. Please use sudo or switch to root."
|
|
exit 1
|
|
fi
|
|
|
|
# Update the package manager
|
|
echo "Updating package manager..."
|
|
if command -v dnf &> /dev/null; then
|
|
dnf -y makecache
|
|
elif command -v yum &> /dev/null; then
|
|
yum -y makecache
|
|
else
|
|
echo "Neither dnf nor yum found. This script only works on RHEL-based distributions."
|
|
exit 1
|
|
fi
|
|
|
|
# Upgrade installed packages
|
|
echo "Upgrading installed packages..."
|
|
if command -v dnf &> /dev/null; then
|
|
dnf -y upgrade
|
|
elif command -v yum &> /dev/null; then
|
|
yum -y update
|
|
fi
|
|
|
|
# Change the timezone
|
|
echo "Setting timezone to $timezone..."
|
|
timedatectl set-timezone "$timezone"
|
|
|
|
# Change the hostname
|
|
prompt_for_hostname
|
|
echo "Setting hostname to $hostname..."
|
|
hostnamectl set-hostname "$hostname"
|
|
|
|
# Update /etc/hosts
|
|
update_hosts_file
|
|
|
|
# Create a limited user account
|
|
create_user_account
|
|
|
|
# Modify sshd_config
|
|
echo "Modifying SSH configuration..."
|
|
if [ -f "$sshd_config" ]; then
|
|
# Set PermitRootLogin to no
|
|
sed -i 's/^PermitRootLogin .*/PermitRootLogin no/' "$sshd_config" || echo "PermitRootLogin no" >> "$sshd_config"
|
|
|
|
# Set PasswordAuthentication to no
|
|
if grep -q '^#PasswordAuthentication' "$sshd_config"; then
|
|
sed -i 's/^#PasswordAuthentication.*/PasswordAuthentication no/' "$sshd_config"
|
|
else
|
|
sed -i 's/^PasswordAuthentication .*/PasswordAuthentication no/' "$sshd_config" || echo "PasswordAuthentication no" >> "$sshd_config"
|
|
fi
|
|
|
|
# Ensure AddressFamily inet is set
|
|
if grep -q '^#AddressFamily' "$sshd_config"; then
|
|
sed -i 's/^#AddressFamily.*/AddressFamily inet/' "$sshd_config"
|
|
else
|
|
sed -i 's/^AddressFamily .*/AddressFamily inet/' "$sshd_config" || echo "AddressFamily inet" >> "$sshd_config"
|
|
fi
|
|
else
|
|
echo "sshd_config file not found. Exiting."
|
|
exit 1
|
|
fi
|
|
|
|
# Get the IP address of the machine
|
|
ip_address=$(hostname -I | awk '{print $1}')
|
|
|
|
# Prompt the user to copy their public key
|
|
echo "Please copy your public SSH key to the server using the following command:"
|
|
echo "ssh-copy-id $username@$ip_address"
|
|
|
|
# Wait until the authorized_keys file is no longer empty
|
|
echo "Waiting for your public key to be copied..."
|
|
while true; do
|
|
if [ -s "/home/$username/.ssh/authorized_keys" ]; then
|
|
echo "Public key has been successfully copied."
|
|
break
|
|
fi
|
|
sleep 2
|
|
done
|
|
|
|
# Restart SSH service to apply changes
|
|
echo "Restarting SSH service..."
|
|
systemctl restart sshd
|
|
|
|
# Prompt for Docker installation
|
|
prompt_for_docker_install
|
|
|
|
# Clean up
|
|
echo "Cleaning up..."
|
|
if command -v dnf &> /dev/null; then
|
|
dnf -y autoremove
|
|
elif command -v yum &> /dev/null; then
|
|
yum -y autoremove
|
|
fi
|
|
|
|
echo "System update complete! Timezone set to $timezone, hostname set to $hostname, limited user created, sshd_config modified, and Docker installation completed if selected." |