From 04fd34d738b87e762b1fc48e47687efe6c00d93e Mon Sep 17 00:00:00 2001 From: Tommy Date: Thu, 16 May 2024 22:36:29 -0700 Subject: [PATCH] Add ZRAM config Signed-off-by: Tommy --- fedora-gnome/fedora-gnome.sh | 3 +++ fedora-minimal/fedora-minimal.sh | 9 ++++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/fedora-gnome/fedora-gnome.sh b/fedora-gnome/fedora-gnome.sh index 039e646..45edcb4 100644 --- a/fedora-gnome/fedora-gnome.sh +++ b/fedora-gnome/fedora-gnome.sh @@ -68,6 +68,9 @@ unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/Tomm sudo dconf update umask 077 +# Setup ZRAM +unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/systemd/zram-generator.conf | sudo tee /etc/systemd/zram-generator.conf + # Setup DNF unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/dnf/dnf.conf | sudo tee /etc/dnf/dnf.conf sudo sed -i 's/^metalink=.*/&\&protocol=https/g' /etc/yum.repos.d/* diff --git a/fedora-minimal/fedora-minimal.sh b/fedora-minimal/fedora-minimal.sh index 6daacee..eaed71d 100644 --- a/fedora-minimal/fedora-minimal.sh +++ b/fedora-minimal/fedora-minimal.sh @@ -27,6 +27,10 @@ echo 'umask 077' | tee -a /etc/bashrc systemctl disable --now systemd-timesyncd systemctl mask systemd-timesyncd +# Harden SSH +curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | tee /etc/ssh/ssh_config.d/10-custom.conf +chmod 644 /etc/ssh/ssh_config.d/10-custom.conf + # Security kernel settings curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/Kicksecure/security-misc/master/etc/modprobe.d/30_security-misc.conf | tee /etc/modprobe.d/30_security-misc.conf chmod 644 /etc/modprobe.d/30_security-misc.conf @@ -42,9 +46,8 @@ chmod 644 /etc/sysctl.d/30_security-misc_kexec-disable.conf # dracut -f sysctl -p -# Harden SSH -curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | tee /etc/ssh/ssh_config.d/10-custom.conf -chmod 644 /etc/ssh/ssh_config.d/10-custom.conf +# Setup ZRAM +unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/systemd/zram-generator.conf | sudo tee /etc/systemd/zram-generator.conf # Setup hardened_malloc dnf install 'https://divested.dev/rpm/fedora/divested-release-20231210-2.noarch.rpm' -y