#!/usr/bin/env bash # Turn off selinux setenforce 0 sed -i s/^SELINUX=.*$/SELINUX=disabled/ /etc/selinux/config # Get rid of cockpit systemctl stop cockpit systemctl disable cockpit # Update all system packages dnf update -y # Install a few extras dnf install -y vim git # Set time and hostname timedatectl set-ntp on timedatectl set-timezone America/Denver hostnamectl set-hostname fedora.jthan.io # Create normal user, make sudoer, and add ssh keys useradd -m jonathan usermod -a -G wheel jonathan mkdir /home/jonathan/.ssh chmod 700 /home/jonathan/.ssh touch /home/jonathan/.ssh/authorized_keys chmod 600 /home/jonathan/.ssh/authorized_keys curl -sL https://github.com/jrdemasi.keys >> /home/jonathan/.ssh/authorized_keys curl -sL https://git.jthan.io/configs/plain/dotfiles/.vimrc > /home/jonathan/.vimrc chown -R jonathan:jonathan /home/jonathan # Run ssh secure curl -sL https://git.square-r00t.net/OpTools/plain/aif/scripts/post/sshsecure.py | python3 # Install kopia and start backing up important dirs rpm --import https://kopia.io/signing-key cat < /root/bin/backup_etc.sh export KOPIA_PASSWORD="ThisIsNotSecure" kopia repository connect filesystem --path /root/etc_backups kopia snapshot create /etc kopia maintenance run --full kopia repository disconnect EOF cat < /root/bin/backup_jonathan_home.sh export KOPIA_PASSWORD="ThisIsNotSecure" kopia repository connect filesystem --path /root/jonathan_home_backups kopia snapshot create /home/jonathan kopia maintenance run --full kopia repository disconnect EOF chmod +x /root/bin/backup_* crontab -l > /root/crontab_new echo "*/15 * * * * /root/bin/backup_etc.sh ; /root/bin/backup_jonathan_home.sh" >> crontab_new crontab crontab_new rm -rf /root/crontab_new # Couple of small finishing touches, ish curl -sL https://git.jthan.io/configs/plain/dotfiles/.vimrc > /root/.vimrc # Reboot to apply updates, ssh config changes, etc. reboot