1
0
mirror of https://github.com/tommytran732/QubesOS-Scripts synced 2024-11-25 02:51:33 -05:00

Compare commits

..

No commits in common. "2bae7cdc56792e4d5ae0a858d19cd9c7a35044ab" and "8ed948c0083cf431e45d976ac1051786755c3110" have entirely different histories.

2 changed files with 18 additions and 39 deletions

View File

@ -26,11 +26,11 @@ umask 077
echo 'umask 077' | sudo tee -a /etc/bash.bashrc
# Harden SSH
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | sudo tee /etc/ssh/ssh_config.d/10-custom.conf
sudo chmod 644 /etc/ssh/ssh_config.d/10-custom.conf
# Disable coredump
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/security/limits.d/30-disable-coredump.conf | sudo tee /etc/security/limits.d/30-disable-coredump.conf
unpriv curl https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/security/limits.d/30-disable-coredump.conf | sudo tee /etc/security/limits.d/30-disable-coredump.conf
# Setup dconf
umask 022
@ -56,38 +56,14 @@ sudo apt update -y
sudo apt full-upgrade -y
sudo apt autoremove -y
# Debloat
# Remove unnecessary stuff from the Qubes template
sudo apt purge gnome-software thunderbird keepassxc
# Remove Network + hardware tools packages
sudo apt purge -y cups* '*nfs*' rygel '*smtp*' '*telnet*'
# Remove support for some languages and spelling
sudo apt purge -y '*speech*'
# Remove codec + image + printers
sudo apt purge -y ImageMagick* sane* simple-scan
# Remove Active Directory + Sysadmin + reporting tools
sudo apt purge -y realmd
# Remove Gnome apps
sudo apt purge -y baobab chrome-gnome-shell eog gnome-calculator gnome-calendar gnome-characters gnome-clocks gnome-color-manager \
gnome-contacts gnome-disk-utility gnome-font-viewer gnome-logs gnome-maps gnome-music gnome-remote-desktop gnome-shell-extensions \
gnome-sound-recorder gnome-tweaks gnome-user-share gnome-weather totem
# Remove apps
sudo apt purge -y cheese evince evolution file-roller* firefox* libreoffice* seahorse synaptic* rhythmbox yelp
sudo apt purge -y system-config-printer* xsettingsd
sudo apt autoremove -y
sudo apt autoclean
# Adding KickSecure's repo
sudo http_proxy=http://127.0.0.1:8082 https_proxy=http://127.0.0.1:8082 extrepo enable kicksecure
# Debloat
sudo apt purge -y thunderbird emacs emacs-gtk emacs-bin-common emacs-common firefox* keepassxc cups* system-config-printer* xsettingsd yelp*
sudo apt autoremove -y
sudo apt autoclean
# Distribution morphing
sudo apt update
sudo apt install --no-install-recommends kicksecure-qubes-cli -y

View File

@ -90,16 +90,16 @@ echo 'XDG_CURRENT_DESKTOP=GNOME' | sudo tee -a /etc/environment
sudo dnf mark install flatpak gnome-menus qubes-menus
# Remove unnecessary stuff from the Qubes template
sudo dnf -y remove gnome-software httpd keepassxc thunderbird
sudo dnf -y remove gnome-software httpd keepassxc thunderbird rygel
# Remove firefox packages
sudo dnf -y remove fedora-bookmarks fedora-chromium-config firefox mozilla-filesystem
# Remove Network + hardware tools packages
sudo dnf -y remove avahi cifs* '*cups' dmidecode dnsmasq geolite2* mtr net-snmp-libs net-tools nfs-utils nmap-ncat nmap-ncat opensc openssh-server rsync rygel sgpio tcpdump teamd traceroute usb_modeswitch
sudo dnf -y remove '*cups' nmap-ncat nfs-utils nmap-ncat openssh-server net-snmp-libs net-tools opensc traceroute rsync tcpdump teamd geolite2* mtr dmidecode sgpio
# Remove support for some languages and spelling
sudo dnf -y remove '*anthy*' '*hangul*' ibus-typing-booster '*m17n*' '*pinyin*' '*speech*' texlive-libs words '*zhuyin*'
sudo dnf -y remove ibus-typing-booster '*speech*' '*zhuyin*' '*pinyin*' '*m17n*' '*hangul*' '*anthy*' words
# Remove codec + image + printers
sudo dnf -y remove openh264 ImageMagick* sane* simple-scan
@ -107,17 +107,20 @@ sudo dnf -y remove openh264 ImageMagick* sane* simple-scan
# Remove Active Directory + Sysadmin + reporting tools
sudo dnf -y remove 'sssd*' realmd cyrus-sasl-gssapi quota* dos2unix kpartx sos samba-client gvfs-smb
# Remove vm and virtual stuff
sudo dnf -y remove 'podman*' '*libvirt*' 'open-vm*' qemu-guest-agent 'hyperv*' spice-vdagent virtualbox-guest-additions vino xorg-x11-drv-vmware xorg-x11-drv-amdgpu
# Remove NetworkManager
sudo dnf -y remove NetworkManager-pptp-gnome NetworkManager-ssh-gnome NetworkManager-openconnect-gnome NetworkManager-openvpn-gnome NetworkManager-vpnc-gnome ppp* ModemManager
# Remove Gnome apps
sudo dnf remove -y baobab chrome-gnome-shell eog gnome-boxes gnome-calculator gnome-calendar gnome-characters gnome-classic* gnome-clocks gnome-color-manager gnome-connections \
gnome-contacts gnome-disk-utility gnome-font-viewer gnome-logs gnome-maps gnome-photos gnome-remote-desktop gnome-screenshot gnome-shell-extension-apps-menu \
gnome-shell-extension-background-logo gnome-shell-extension-launch-new-instance gnome-shell-extension-places-menu gnome-shell-extension-window-list gnome-text-editor \
gnome-themes-extra gnome-tour gnome-user* gnome-weather loupe snapshot totem
sudo dnf remove -y chrome-gnome-shell eog gnome-photos gnome-connections gnome-tour gnome-themes-extra gnome-screenshot gnome-remote-desktop gnome-font-viewer gnome-calculator gnome-calendar gnome-contacts \
gnome-maps gnome-weather gnome-logs gnome-boxes gnome-disk-utility gnome-clocks gnome-color-manager gnome-characters baobab totem \
gnome-shell-extension-background-logo gnome-shell-extension-apps-menu gnome-shell-extension-launch-new-instance gnome-shell-extension-places-menu gnome-shell-extension-window-list \
gnome-classic* gnome-user* gnome-text-editor loupe snapshot
# Remove apps
sudo dnf remove -y cheese evince file-roller* libreoffice* mediawriter rhythmbox yelp
sudo dnf remove -y rhythmbox yelp evince libreoffice* cheese file-roller* mediawriter
# Remove other packages
# We deviate from the script in TommyTran732/Linux-Setup-Scripts here, as removing yajl will break qubes integration.