1
0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-11-09 03:31:33 -05:00

Compare commits

..

5 Commits

Author SHA1 Message Date
ba6116bf6f
Remove unnecessary command
Signed-off-by: Tommy <contact@tommytran.io>
2024-07-09 22:46:07 -07:00
d434af04b4
Not overwrite USERGROUP_ENAB on anything but Ubuntu
The nonsense with umask is introduced by Canonical's infinite wisdom: https://git.launchpad.net/ubuntu/+source/pam/tree/debian/patches/pam_umask_usergroups_from_login.defs.patch?h=ubuntu/noble
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583958
We don't need to break sensible distributions because of Ubuntu nonsenses

Signed-off-by: Tommy <contact@tommytran.io>
2024-07-09 15:07:40 -07:00
mce0
4809dcb4ce
Fix typo and notices (#15)
* Fix typo in Fedora-Server-40.sh

Signed-off-by: mce0 <contact@mce0.dev>

* Fix notices in Fedora-Server-40.sh

Signed-off-by: mce0 <contact@mce0.dev>

---------

Signed-off-by: mce0 <contact@mce0.dev>
2024-07-08 11:10:27 -07:00
9f429d1b75
Remove unnecessary groups
Signed-off-by: Tommy <contact@tommytran.io>
2024-07-05 14:30:48 -07:00
55c1da3f33
Clarify Drupal documentation
Signed-off-by: Tommy <contact@tommytran.io>
2024-07-03 13:37:23 -07:00
5 changed files with 9 additions and 10 deletions

View File

@ -39,7 +39,6 @@ sudo systemctl mask kdump.service
umask 077 umask 077
sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs
sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs
sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs
sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc
# Make home directory private # Make home directory private
@ -48,7 +47,7 @@ sudo chmod 700 /home/*
# Setup NTS # Setup NTS
sudo rm -rf /etc/chrony.conf sudo rm -rf /etc/chrony.conf
unpriv curl -s https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf | sudo tee /etc/chrony.conf > /dev/null unpriv curl -s https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf | sudo tee /etc/chrony.conf > /dev/null
sudp chmod 644 /etc/chrony.conf sudo chmod 644 /etc/chrony.conf
unpriv curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/sysconfig/chronyd | sudo tee /etc/sysconfig/chronyd > /dev/null unpriv curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/sysconfig/chronyd | sudo tee /etc/sysconfig/chronyd > /dev/null
sudo chmod 544 /etc/sysconfig/chronyd sudo chmod 544 /etc/sysconfig/chronyd
@ -182,7 +181,7 @@ sudo systemctl restart irqbalance
# Setup notices # Setup notices
unpriv curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/issue | sudo tee /etc/issue > /dev/null unpriv curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/issue | sudo tee /etc/issue > /dev/null
sudo chmod 644 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/issue sudo chmod 644 /etc/issue
unpriv curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/issue | sudo tee /etc/issue.net > /dev/null unpriv curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/issue | sudo tee /etc/issue.net > /dev/null
sudo chmod 644 /etc/issue.net sudo chmod 644 /etc/issue.net

View File

@ -39,7 +39,6 @@ sudo systemctl mask kdump.service
umask 077 umask 077
sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs
sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs
sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs
sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc
# Make home directory private # Make home directory private
@ -134,6 +133,9 @@ unpriv curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Script
sudo chmod 644 /etc/dnf/dnf.conf sudo chmod 644 /etc/dnf/dnf.conf
sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/* sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/*
# Remove unwanted groups
sudo dnf -y group remove 'Container Management' 'Desktop accessibility' 'Firefox Web Browser' 'Guest Desktop Agents' 'LibreOffice' 'Printing Support'
# Remove firefox packages # Remove firefox packages
sudo dnf -y remove fedora-bookmarks fedora-chromium-config firefox mozilla-filesystem sudo dnf -y remove fedora-bookmarks fedora-chromium-config firefox mozilla-filesystem

View File

@ -85,9 +85,6 @@ curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/
mkdir -p /etc/systemd/coredump.conf.d mkdir -p /etc/systemd/coredump.conf.d
curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/systemd/coredump.conf.d/disable.conf | tee /etc/systemd/coredump.conf.d/disable.conf > /dev/null curl -s https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/systemd/coredump.conf.d/disable.conf | tee /etc/systemd/coredump.conf.d/disable.conf > /dev/null
# Harden SSH
sed -i 's/#GSSAPIAuthentication no/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
# Setup automatic updates # Setup automatic updates
mkdir -p /etc/systemd/system/pve-daily-update.service.d mkdir -p /etc/systemd/system/pve-daily-update.service.d

View File

@ -34,7 +34,6 @@ sudo systemctl mask kdump.service
umask 077 umask 077
sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs
sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs
sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs
sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc
# Make home directory private # Make home directory private

View File

@ -106,6 +106,8 @@ server {
} }
``` ```
**Notes**: `listen 443 quic reuseport;` is only needed once. If you plan to have multiple vhosts on this setup with SSL, consider making a dedicated vhost for this config so that it is nicer and easier to manage. An example can be found [here](https://github.com/TommyTran732/NGINX-Configs/blob/main/etc/nginx/conf.d/sites_default_quic.conf).
## Setup the Database for Drupal ## Setup the Database for Drupal
As root, log into MariaDB: As root, log into MariaDB:
@ -122,7 +124,7 @@ GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORA
exit exit
``` ```
## Install drupal ## Configure Drupal
Go to drupal.yourdomain.tld and follow the prompts. Go to drupal.yourdomain.tld and follow the prompts.