-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
02-config.sh
142 lines (126 loc) · 4.59 KB
/
02-config.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
export ROOT_PARTITION='/dev/vda1'
export NET_IFACE='UNDETECTED_PLEASE_FILL_OUT'
export SSH_PORT='666'
export VPS_HOSTNAME='vps'
export ROOT_PASSWORD='r00tP4ssw0rd'
export ROOT_SHELL='/bin/zsh'
export USERNAME='vpsuser'
export USER_PASSWORD='us3rP4ssw0rd'
export USER_GROUPS=( wheel docker portage ) # user will be added to "users" group automatically, nonexistent groups will be ignored
export USER_SHELL='/bin/zsh'
export PORTAGE_PROFILE='default/linux/amd64/23.0/no-multilib/hardened'
export KERNEL_SOURCES='sys-kernel/vanilla-sources::gentoo'
export WORLD_PACKAGES=(
#app-admin/i2pd-tools::guru # NOTE: external repos will be automatically added
app-admin/logrotate::gentoo
app-admin/sudo::gentoo
app-admin/syslog-ng::gentoo
#app-antivirus/clamav::gentoo
#app-forensics/chkrootkit::gentoo
#app-misc/resolve-march-native::gentoo
app-misc/srm::gentoo
#app-arch/p7zip::gentoo
#app-containers/docker::gentoo
app-containers/podman::gentoo
#app-crypt/mkp224o::gentoo
app-editors/vim::gentoo
app-misc/colordiff::gentoo
app-misc/tmux::gentoo
app-portage/eix::gentoo
app-portage/emlop::gentoo
app-portage/gentoolkit::gentoo
app-shells/zsh::gentoo
#dev-debug/gdb::gentoo
dev-java/openjdk-bin::gentoo
dev-lang/ruby::gentoo
net-analyzer/mtr::gentoo
net-analyzer/netcat::gentoo
net-analyzer/netselect::gentoo
#net-analyzer/nmap::gentoo
net-analyzer/traceroute::gentoo
net-dns/bind-tools::gentoo
net-dns/dnscrypt-proxy::gentoo
net-firewall/iptables::gentoo
#net-firewall/ufw::gentoo
#net-libs/nodejs::gentoo
net-misc/autossh::gentoo
net-misc/ntp::gentoo
#net-misc/socat::gentoo
net-misc/telnet-bsd::gentoo
#net-p2p/rtorrent::gentoo
#net-proxy/tinyproxy::gentoo
#net-vpn/i2pd::gentoo
#net-vpn/tor::gentoo
sys-apps/hdparm::gentoo
#sys-devel/distcc::gentoo
sys-fs/ncdu::gentoo
sys-process/cronie::gentoo
sys-process/htop::gentoo
sys-process/iotop::gentoo
#www-servers/nginx::gentoo
)
export SKIP_PACKAGES=(
sys-devel/gcc # requires lots of memory
)
export ADD_TO_DEFAULT_RUNLEVEL=(
acpid
autofs
clamd
clamonacc
cronie
dnscrypt-proxy
docker
freshclam
local
netmount
ntp-client
rpc.statd
syslog-ng
)
function maybe_install_oh_my_zsh() {
which zsh && {
oh_my_zsh_install="https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh"
highlighting="git clone --depth=1 https://github.com/zsh-users/zsh-syntax-highlighting ~/.oh-my-zsh/custom/plugins/zsh-syntax-highlighting"
command_time="git clone --depth=1 https://github.com/popstas/zsh-command-time ~/.oh-my-zsh/custom/plugins/command-time"
sh -c "$(wget ${oh_my_zsh_install} -O -) ; ${highlighting} ; ${command_time}"
}
}
function pre_emerge_packages() {
# Run any commands before emerging system/world packages and before user creation, for instance:
eselect repository add alopatindev-overlay git https://github.com/alopatindev/gentoo-overlay-alopatindev
emaint sync -r alopatindev-overlay
ls -l /var/db/repos
}
function post_emerge_packages() {
mkdir -p /coredumps
chmod 700 /coredumps
which netselect && which nslookup && [ -e /etc/ntp.conf ] && {
# resolve IPs for ntp as reserve source of correct time.
# why? sometimes dnscrypt-proxy fails, this causes ntp failure, time might desynchronize,
# then dnscrypt never restores because it seems it needs actual time.
ntp_server_ips=()
for ntp_server in $(echo pool.ntp.org ; grep '^server ' /etc/ntp.conf | awk '{print $2}') ; do
ntp_server_ips+=( $(nslookup "${ntp_server}" | grep Address: | awk '{print $2}' | grep -v '#') )
done
fastest_ntp_server_ips=$(netselect -s 5 ${ntp_server_ips[@]} | awk '{print $2}' | tr '\n' ' ')
hourly="/etc/cron.hourly"
mkdir -p "${hourly}"
cron_script="${hourly}/ntpdate"
echo '#!/usr/bin/env bash' > "${cron_script}"
echo '' >> "${cron_script}"
echo "ntpdate -s -t60 ${fastest_ntp_server_ips}&& hwclock --systohc && logger 'time has been updated' || /etc/init.d/ntp-client restart" >> "${cron_script}"
chmod +x "${cron_script}"
}
maybe_install_oh_my_zsh
# touch /forcefsck
# chattr +i /forcefsck
#
# echo 'nameserver 127.0.0.1' > /etc/resolv.conf
# chattr +i /etc/resolv.conf
}
# this will run as USERNAME
function post_emerge_packages_user() {
git config --global user.name "${USERNAME}"
git config --global user.email "${USERNAME}@${VPS_HOSTNAME}"
maybe_install_oh_my_zsh
}