mirror of
https://github.com/tommytran732/Linux-Setup-Scripts
synced 2024-11-24 10:11:34 -05:00
Compare commits
No commits in common. "f8705da2e461e19dd36770f9acdcd63c9cf5c8dd" and "9f89e65e0d4df7d5c6730ca1dfb29b592cf145d8" have entirely different histories.
f8705da2e4
...
9f89e65e0d
@ -33,16 +33,13 @@ OPTIONS="-F 1"' | sudo tee /etc/sysconfig/chronyd
|
|||||||
|
|
||||||
sudo systemctl restart chronyd
|
sudo systemctl restart chronyd
|
||||||
|
|
||||||
# Setup Networking
|
# Setup Firewalld
|
||||||
echo -e '[device]\nwifi.scan-rand-mac-address=yes\n\n[connection]\nwifi.cloned-mac-address=random\nethernet.cloned-mac-address=random' | sudo tee /etc/NetworkManager/conf.d/99-random-mac.conf
|
sudo firewall-cmd --permanent --remove-port=1025-65535/udp
|
||||||
echo -e '[main]\nhostname-mode=none' | sudo tee /etc/NetworkManager/conf.d/01-transient-hostname.conf
|
sudo firewall-cmd --permanent --remove-port=1025-65535/tcp
|
||||||
sudo nmcli general reload conf
|
sudo firewall-cmd --permanent --remove-service=mdns
|
||||||
sudo hostnamectl hostname 'localhost'
|
sudo firewall-cmd --permanent --remove-service=ssh
|
||||||
sudo hostnamectl --transient hostname ''
|
sudo firewall-cmd --permanent --remove-service=samba-client
|
||||||
sudo firewall-cmd --set-default-zone=block
|
|
||||||
sudo firewall-cmd --permanent --add-service=dhcpv6-client
|
|
||||||
sudo firewall-cmd --reload
|
sudo firewall-cmd --reload
|
||||||
sudo firewall-cmd --lockdown-on
|
|
||||||
|
|
||||||
# Harden SSH
|
# Harden SSH
|
||||||
echo "GSSAPIAuthentication no" | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
|
echo "GSSAPIAuthentication no" | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
|
||||||
@ -75,12 +72,9 @@ org/gnome/desktop/media-handling/automount-open' | sudo tee /etc/dconf/db/local.
|
|||||||
|
|
||||||
sudo dconf update
|
sudo dconf update
|
||||||
|
|
||||||
# Setup ZRAM
|
|
||||||
echo -e '[zram0]\nzram-size = min(ram, 8192)\ncompression-algorithm = zstd' | sudo tee /etc/systemd/zram-generator.conf
|
|
||||||
|
|
||||||
# Speed up DNF
|
# Speed up DNF
|
||||||
echo -e 'fastestmirror=1\nmax_parallel_downloads=10\ndeltarpm=False\ndefaultyes=True\ninstall_weak_deps=False\ncountme=False' | sudo tee -a /etc/dnf/dnf.conf
|
echo 'fastestmirror=1' | sudo tee -a /etc/dnf/dnf.conf
|
||||||
sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/*
|
echo 'countme=false' | sudo tee -a /etc/dnf/dnf.conf
|
||||||
|
|
||||||
# Update packages and firmware
|
# Update packages and firmware
|
||||||
sudo dnf upgrade -y
|
sudo dnf upgrade -y
|
||||||
@ -114,10 +108,13 @@ sudo dnf -y remove fedora-bookmarks fedora-chromium-config firefox mozilla-files
|
|||||||
lvm2 rng-tools thermald *perl* yajl
|
lvm2 rng-tools thermald *perl* yajl
|
||||||
|
|
||||||
# Disable openh264 repo
|
# Disable openh264 repo
|
||||||
sudo dnf config-manager --set-disabled fedora-cisco-openh264
|
sudo dnf config-manager --set-disabled fedora-cisco-openh264 -y
|
||||||
|
|
||||||
# Install packages that I use
|
# Install packages that I use
|
||||||
sudo dnf -y install gnome-console git-core gnome-shell-extension-appindicator gnome-shell-extension-blur-my-shell gnome-shell-extension-background-logo gnome-shell-extension-dash-to-dock gnome-shell-extension-no-overview
|
sudo dnf -y install gnome-console git-core flat-remix-theme gnome-shell-extension-appindicator gnome-shell-extension-blur-my-shell gnome-shell-extension-background-logo gnome-shell-extension-dash-to-dock gnome-shell-extension-no-overview tuned
|
||||||
|
|
||||||
|
# Setup tuned
|
||||||
|
sudo tuned-adm profile latency-performance
|
||||||
|
|
||||||
# Enable auto TRIM
|
# Enable auto TRIM
|
||||||
sudo systemctl enable fstrim.timer
|
sudo systemctl enable fstrim.timer
|
||||||
@ -134,4 +131,23 @@ sudo echo "UUID=${PARTITIONUUID} /btrfs_pool btrfs subvolid=5,ssd,
|
|||||||
sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
|
sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
|
||||||
sudo dnf -y install timeshift
|
sudo dnf -y install timeshift
|
||||||
|
|
||||||
|
# andomize MAC address
|
||||||
|
sudo bash -c 'cat > /etc/NetworkManager/conf.d/00-macrandomize.conf' <<-'EOF'
|
||||||
|
[device]
|
||||||
|
wifi.scan-rand-mac-address=yes
|
||||||
|
|
||||||
|
[connection]
|
||||||
|
wifi.cloned-mac-address=random
|
||||||
|
ethernet.cloned-mac-address=random
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Disable transient hostname
|
||||||
|
sudo bash -c 'cat > /etc/NetworkManager/conf.d/00-macrandomize.conf' <<-'EOF'
|
||||||
|
[main]
|
||||||
|
hostname-mode=none
|
||||||
|
EOF
|
||||||
|
|
||||||
|
sudo systemctl restart NetworkManager
|
||||||
|
sudo hostnamectl hostname "localhost"
|
||||||
|
|
||||||
## The script is done. You can also remove gnome-terminal since gnome-console will replace it.
|
## The script is done. You can also remove gnome-terminal since gnome-console will replace it.
|
||||||
|
@ -57,10 +57,6 @@ sudo curl https://gitlab.com/divested/brace/-/raw/master/brace/usr/lib/systemd/s
|
|||||||
sudo systemctl daemon-reload
|
sudo systemctl daemon-reload
|
||||||
sudo systemctl restart irqbalance
|
sudo systemctl restart irqbalance
|
||||||
|
|
||||||
# Setup dnf
|
|
||||||
echo -e 'fastestmirror=1\nmax_parallel_downloads=10\ndeltarpm=False\ndefaultyes=True\ninstall_weak_deps=False\ncountme=False' | sudo tee -a /etc/dnf/dnf.conf
|
|
||||||
sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/*
|
|
||||||
|
|
||||||
# Setup unbound
|
# Setup unbound
|
||||||
|
|
||||||
sudo dnf install unbound -y
|
sudo dnf install unbound -y
|
||||||
|
Loading…
Reference in New Issue
Block a user