Fedora-Workstation-38.sh

@@ -33,16 +33,13 @@ OPTIONS="-F 1"' | sudo tee /etc/sysconfig/chronyd
 
 sudo systemctl restart chronyd
 
-# Setup Networking
-echo -e '[device]\nwifi.scan-rand-mac-address=yes\n\n[connection]\nwifi.cloned-mac-address=random\nethernet.cloned-mac-address=random' | sudo tee /etc/NetworkManager/conf.d/99-random-mac.conf
-echo -e '[main]\nhostname-mode=none' | sudo tee /etc/NetworkManager/conf.d/01-transient-hostname.conf
-sudo nmcli general reload conf
-sudo hostnamectl hostname 'localhost'
-sudo hostnamectl --transient hostname ''
-sudo firewall-cmd --set-default-zone=block
-sudo firewall-cmd --permanent --add-service=dhcpv6-client
+# Setup Firewalld
+sudo firewall-cmd --permanent --remove-port=1025-65535/udp
+sudo firewall-cmd --permanent --remove-port=1025-65535/tcp
+sudo firewall-cmd --permanent --remove-service=mdns
+sudo firewall-cmd --permanent --remove-service=ssh
+sudo firewall-cmd --permanent --remove-service=samba-client
 sudo firewall-cmd --reload
-sudo firewall-cmd --lockdown-on
 
 # Harden SSH
 echo "GSSAPIAuthentication no" | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
@@ -75,12 +72,9 @@ org/gnome/desktop/media-handling/automount-open' | sudo tee /etc/dconf/db/local.
 
 sudo dconf update
 
-# Setup ZRAM
-echo -e '[zram0]\nzram-size = min(ram, 8192)\ncompression-algorithm = zstd' | sudo tee /etc/systemd/zram-generator.conf
-
 # Speed up DNF
-echo -e 'fastestmirror=1\nmax_parallel_downloads=10\ndeltarpm=False\ndefaultyes=True\ninstall_weak_deps=False\ncountme=False' | sudo tee -a /etc/dnf/dnf.conf
-sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/*
+echo 'fastestmirror=1' | sudo tee -a /etc/dnf/dnf.conf
+echo 'countme=false' | sudo tee -a /etc/dnf/dnf.conf
 
 # Update packages and firmware
 sudo dnf upgrade -y
@@ -114,10 +108,13 @@ sudo dnf -y remove fedora-bookmarks fedora-chromium-config firefox mozilla-files
     lvm2 rng-tools thermald *perl* yajl
 
 # Disable openh264 repo
-sudo dnf config-manager --set-disabled fedora-cisco-openh264
+sudo dnf config-manager --set-disabled fedora-cisco-openh264 -y
 
 # Install packages that I use
-sudo dnf -y install gnome-console git-core gnome-shell-extension-appindicator gnome-shell-extension-blur-my-shell gnome-shell-extension-background-logo gnome-shell-extension-dash-to-dock gnome-shell-extension-no-overview
+sudo dnf -y install gnome-console git-core flat-remix-theme gnome-shell-extension-appindicator gnome-shell-extension-blur-my-shell gnome-shell-extension-background-logo gnome-shell-extension-dash-to-dock gnome-shell-extension-no-overview tuned
+
+# Setup tuned
+sudo tuned-adm profile latency-performance
 
 # Enable auto TRIM
 sudo systemctl enable fstrim.timer
@@ -134,4 +131,23 @@ sudo echo "UUID=${PARTITIONUUID} /btrfs_pool             btrfs   subvolid=5,ssd,
 sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
 sudo dnf -y install timeshift
 
+# andomize MAC address
+sudo bash -c 'cat > /etc/NetworkManager/conf.d/00-macrandomize.conf' <<-'EOF'
+[device]
+wifi.scan-rand-mac-address=yes
+
+[connection]
+wifi.cloned-mac-address=random
+ethernet.cloned-mac-address=random
+EOF
+
+# Disable transient hostname
+sudo bash -c 'cat > /etc/NetworkManager/conf.d/00-macrandomize.conf' <<-'EOF'
+[main]
+hostname-mode=none
+EOF
+
+sudo systemctl restart NetworkManager
+sudo hostnamectl hostname "localhost"
+
 ## The script is done. You can also remove gnome-terminal since gnome-console will replace it.

RHEL-Server-9.sh

@@ -57,10 +57,6 @@ sudo curl https://gitlab.com/divested/brace/-/raw/master/brace/usr/lib/systemd/s
 sudo systemctl daemon-reload
 sudo systemctl restart irqbalance
 
-# Setup dnf
-echo -e 'fastestmirror=1\nmax_parallel_downloads=10\ndeltarpm=False\ndefaultyes=True\ninstall_weak_deps=False\ncountme=False' | sudo tee -a /etc/dnf/dnf.conf
-sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/*
-
 # Setup unbound
 
 sudo dnf install unbound -y