mirror of
https://github.com/tommytran732/Linux-Setup-Scripts
synced 2024-11-13 21:41:33 -05:00
Compare commits
9 Commits
9f89e65e0d
...
f8705da2e4
Author | SHA1 | Date | |
---|---|---|---|
f8705da2e4 | |||
7add135aea | |||
c338042055 | |||
b93eba253a | |||
002eeae36f | |||
d6f6b008d6 | |||
f49621029c | |||
e4f8c7a167 | |||
c5cbbc6c7a |
@ -33,13 +33,16 @@ OPTIONS="-F 1"' | sudo tee /etc/sysconfig/chronyd
|
|||||||
|
|
||||||
sudo systemctl restart chronyd
|
sudo systemctl restart chronyd
|
||||||
|
|
||||||
# Setup Firewalld
|
# Setup Networking
|
||||||
sudo firewall-cmd --permanent --remove-port=1025-65535/udp
|
echo -e '[device]\nwifi.scan-rand-mac-address=yes\n\n[connection]\nwifi.cloned-mac-address=random\nethernet.cloned-mac-address=random' | sudo tee /etc/NetworkManager/conf.d/99-random-mac.conf
|
||||||
sudo firewall-cmd --permanent --remove-port=1025-65535/tcp
|
echo -e '[main]\nhostname-mode=none' | sudo tee /etc/NetworkManager/conf.d/01-transient-hostname.conf
|
||||||
sudo firewall-cmd --permanent --remove-service=mdns
|
sudo nmcli general reload conf
|
||||||
sudo firewall-cmd --permanent --remove-service=ssh
|
sudo hostnamectl hostname 'localhost'
|
||||||
sudo firewall-cmd --permanent --remove-service=samba-client
|
sudo hostnamectl --transient hostname ''
|
||||||
|
sudo firewall-cmd --set-default-zone=block
|
||||||
|
sudo firewall-cmd --permanent --add-service=dhcpv6-client
|
||||||
sudo firewall-cmd --reload
|
sudo firewall-cmd --reload
|
||||||
|
sudo firewall-cmd --lockdown-on
|
||||||
|
|
||||||
# Harden SSH
|
# Harden SSH
|
||||||
echo "GSSAPIAuthentication no" | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
|
echo "GSSAPIAuthentication no" | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
|
||||||
@ -72,9 +75,12 @@ org/gnome/desktop/media-handling/automount-open' | sudo tee /etc/dconf/db/local.
|
|||||||
|
|
||||||
sudo dconf update
|
sudo dconf update
|
||||||
|
|
||||||
|
# Setup ZRAM
|
||||||
|
echo -e '[zram0]\nzram-size = min(ram, 8192)\ncompression-algorithm = zstd' | sudo tee /etc/systemd/zram-generator.conf
|
||||||
|
|
||||||
# Speed up DNF
|
# Speed up DNF
|
||||||
echo 'fastestmirror=1' | sudo tee -a /etc/dnf/dnf.conf
|
echo -e 'fastestmirror=1\nmax_parallel_downloads=10\ndeltarpm=False\ndefaultyes=True\ninstall_weak_deps=False\ncountme=False' | sudo tee -a /etc/dnf/dnf.conf
|
||||||
echo 'countme=false' | sudo tee -a /etc/dnf/dnf.conf
|
sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/*
|
||||||
|
|
||||||
# Update packages and firmware
|
# Update packages and firmware
|
||||||
sudo dnf upgrade -y
|
sudo dnf upgrade -y
|
||||||
@ -108,13 +114,10 @@ sudo dnf -y remove fedora-bookmarks fedora-chromium-config firefox mozilla-files
|
|||||||
lvm2 rng-tools thermald *perl* yajl
|
lvm2 rng-tools thermald *perl* yajl
|
||||||
|
|
||||||
# Disable openh264 repo
|
# Disable openh264 repo
|
||||||
sudo dnf config-manager --set-disabled fedora-cisco-openh264 -y
|
sudo dnf config-manager --set-disabled fedora-cisco-openh264
|
||||||
|
|
||||||
# Install packages that I use
|
# Install packages that I use
|
||||||
sudo dnf -y install gnome-console git-core flat-remix-theme gnome-shell-extension-appindicator gnome-shell-extension-blur-my-shell gnome-shell-extension-background-logo gnome-shell-extension-dash-to-dock gnome-shell-extension-no-overview tuned
|
sudo dnf -y install gnome-console git-core gnome-shell-extension-appindicator gnome-shell-extension-blur-my-shell gnome-shell-extension-background-logo gnome-shell-extension-dash-to-dock gnome-shell-extension-no-overview
|
||||||
|
|
||||||
# Setup tuned
|
|
||||||
sudo tuned-adm profile latency-performance
|
|
||||||
|
|
||||||
# Enable auto TRIM
|
# Enable auto TRIM
|
||||||
sudo systemctl enable fstrim.timer
|
sudo systemctl enable fstrim.timer
|
||||||
@ -131,23 +134,4 @@ sudo echo "UUID=${PARTITIONUUID} /btrfs_pool btrfs subvolid=5,ssd,
|
|||||||
sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
|
sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
|
||||||
sudo dnf -y install timeshift
|
sudo dnf -y install timeshift
|
||||||
|
|
||||||
# andomize MAC address
|
|
||||||
sudo bash -c 'cat > /etc/NetworkManager/conf.d/00-macrandomize.conf' <<-'EOF'
|
|
||||||
[device]
|
|
||||||
wifi.scan-rand-mac-address=yes
|
|
||||||
|
|
||||||
[connection]
|
|
||||||
wifi.cloned-mac-address=random
|
|
||||||
ethernet.cloned-mac-address=random
|
|
||||||
EOF
|
|
||||||
|
|
||||||
# Disable transient hostname
|
|
||||||
sudo bash -c 'cat > /etc/NetworkManager/conf.d/00-macrandomize.conf' <<-'EOF'
|
|
||||||
[main]
|
|
||||||
hostname-mode=none
|
|
||||||
EOF
|
|
||||||
|
|
||||||
sudo systemctl restart NetworkManager
|
|
||||||
sudo hostnamectl hostname "localhost"
|
|
||||||
|
|
||||||
## The script is done. You can also remove gnome-terminal since gnome-console will replace it.
|
## The script is done. You can also remove gnome-terminal since gnome-console will replace it.
|
||||||
|
@ -57,6 +57,10 @@ sudo curl https://gitlab.com/divested/brace/-/raw/master/brace/usr/lib/systemd/s
|
|||||||
sudo systemctl daemon-reload
|
sudo systemctl daemon-reload
|
||||||
sudo systemctl restart irqbalance
|
sudo systemctl restart irqbalance
|
||||||
|
|
||||||
|
# Setup dnf
|
||||||
|
echo -e 'fastestmirror=1\nmax_parallel_downloads=10\ndeltarpm=False\ndefaultyes=True\ninstall_weak_deps=False\ncountme=False' | sudo tee -a /etc/dnf/dnf.conf
|
||||||
|
sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/*
|
||||||
|
|
||||||
# Setup unbound
|
# Setup unbound
|
||||||
|
|
||||||
sudo dnf install unbound -y
|
sudo dnf install unbound -y
|
||||||
|
Loading…
Reference in New Issue
Block a user