-
Notifications
You must be signed in to change notification settings - Fork 1
/
pifiles.sh
executable file
·172 lines (157 loc) · 6.37 KB
/
pifiles.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
#!/usr/bin/env bash
set -eo pipefail
# Add Docker repository
if [ ! -f /etc/apt/sources.list.d/docker.list ]; then
curl -fsSL https://download.docker.com/linux/raspbian/gpg | sudo apt-key add -
echo "deb [arch=armhf] https://download.docker.com/linux/raspbian stretch stable" | sudo tee /etc/apt/sources.list.d/docker.list
fi
# Update package lists
sudo apt-get update -y
sudo apt-get upgrade -y
sudo apt-get dist-upgrade -y
# Install packages
sudo apt-get install -y docker-ce git vim unattended-upgrades apt-listchanges
# Add user to docker group
if ! groups "$(whoami)" | grep -Fq docker; then
sudo gpasswd -a "$(whoami)" docker
RESTART_REQUIRED="true"
fi
# Set timezone
sudo timedatectl set-timezone "America/Los_Angeles"
# Use CloudFlare DNS servers
if ! grep -qF -- "static domain_name_servers=1.1.1.1 1.0.0.1" /etc/dhcpcd.conf; then
echo "static domain_name_servers=1.1.1.1 1.0.0.1" | sudo tee -a /etc/dhcpcd.conf
fi
# Configure unattended upgrades
if [ -f /etc/apt/apt.conf.d/50unattended-upgrades ]; then
# Specify which packages can be updated
# shellcheck disable=SC1004
sudo sed -i.bak '/^\s*Unattended-Upgrade::Origins-Pattern [{]\s*$/,/^[}][;]\s*$/c\
Unattended-Upgrade::Origins-Pattern {\
"origin=Debian,codename=${distro_codename},label=Debian-Security";\
"origin=Raspbian,codename=${distro_codename},label=Raspbian";\
"origin=Raspberry Pi Foundation,codename=${distro_codename},label=Raspberry Pi Foundation";\
"origin=Docker,codename=${distro_codename},label=Docker CE";\
};' /etc/apt/apt.conf.d/50unattended-upgrades
sudo rm /etc/apt/apt.conf.d/50unattended-upgrades.bak
# Reboot automatically
sudo sed -i 's/^\/\/Unattended-Upgrade::Automatic-Reboot "false";/Unattended-Upgrade::Automatic-Reboot "true";/g' /etc/apt/apt.conf.d/50unattended-upgrades
sudo sed -i 's/^\/\/Unattended-Upgrade::Automatic-Reboot-Time "02:00";/Unattended-Upgrade::Automatic-Reboot-Time "02:00";/g' /etc/apt/apt.conf.d/50unattended-upgrades
# Autoremove dependencies
sudo sed -i 's/^\/\/Unattended-Upgrade::Remove-Unused-Dependencies "false";/Unattended-Upgrade::Remove-Unused-Dependencies "true";/g' /etc/apt/apt.conf.d/50unattended-upgrades
fi
if [ ! -f /etc/apt/apt.conf.d/20auto-upgrades ]; then
# Update package lists and packages
sudo tee /etc/apt/apt.conf.d/20auto-upgrades << EOF
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
EOF
fi
# Setup SmartGlass
if [ -f "${HOME}/.smartglass/tokens.json" ]; then
if [ "$(docker ps --filter name=smartglass -q)" ]; then
docker stop smartglass
docker rm smartglass
fi
docker pull smockle/xbox-smartglass-rest-python
docker run -d \
--restart=unless-stopped \
--name=smartglass \
-p 5557:5557 \
-v "${HOME}/.smartglass":/root/.local/share/xbox \
smockle/xbox-smartglass-rest-python
else
echo "Missing SmartGlass configuration. Skipping SmartGlass setup."
fi
# Setup Home Assistant
if [ -f "${HOME}/.homeassistant/configuration.yaml" ]; then
if [ "$(docker ps --filter name=homeassistant -q)" ]; then
docker stop homeassistant
docker rm homeassistant
fi
docker pull homeassistant/raspberrypi3-homeassistant
docker run --init -d \
--restart=unless-stopped \
--net=host \
--name=homeassistant \
--device=/dev/ttyUSB0 \
--device=/dev/ttyUSB1 \
-e PUID=1000 \
-e PGID=1000 \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/.homeassistant":/config \
homeassistant/raspberrypi3-homeassistant
else
echo "Missing Home Assistants configuration. Skipping Home Assistant setup."
fi
# Setup Homebridge
if [ -f "${HOME}/.homebridge/config.json" ]; then
if [ "$(docker ps --filter name=homebridge -q)" ]; then
docker stop homebridge
docker rm homebridge
fi
docker pull oznu/homebridge:raspberry-pi
docker run -d \
--restart=unless-stopped \
--net=host \
--name=homebridge \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=America/Los_Angeles \
-v "${HOME}/.homebridge":/homebridge \
oznu/homebridge:raspberry-pi
else
echo "Missing Homebridge configuration. Skipping Homebridge setup."
fi
# Setup DDNS53
if [ -f "${HOME}/.ddns53/env" ]; then
if [ "$(docker ps --filter name=ddns53 -q)" ]; then
docker stop ddns53
docker rm ddns53
fi
docker pull smockle/ddns53:latest
docker run -d \
--restart=unless-stopped \
--name=ddns53 \
--env-file="${HOME}/.ddns53/env" \
smockle/ddns53:latest
else
echo "Missing ddns53 configuration. Skipping ddns53 setup."
fi
# Setup strongSwan
if [ -f "${HOME}/.strongswan/env" ]; then
if [ "$(docker ps --filter name=strongswan -q)" ]; then
docker stop strongswan
docker rm strongswan
fi
docker pull smockle/alpine-strongswan:latest
docker run -d \
--restart=unless-stopped \
--cap-add=NET_ADMIN \
--net=host \
--name=strongswan \
--env-file="${HOME}/.strongswan/env" \
-e PUID=1000 \
-e PGID=1000 \
-v "${HOME}/.strongswan/config/strongswan.conf":/etc/strongswan.conf \
-v "${HOME}/.strongswan/config/ipsec.conf":/etc/ipsec.conf \
-v "${HOME}/.strongswan/config/ipsec.secrets":/etc/ipsec.secrets \
-v "${HOME}/.strongswan/config/ipsec.d":/etc/ipsec.d \
smockle/alpine-strongswan
sudo sed -i -E '/^(#)?( )?net\.ipv4\.ip_forward( )?=( )?[01]/d' /etc/sysctl.conf
sudo sed -i -E '/^(#)?( )?net\.ipv6\.conf\.all\.forwarding( )?=( )?[01]/d' /etc/sysctl.conf
sudo sed -i -E '/^(#)?( )?net\.ipv6\.conf\.all\.proxy_ndp( )?=( )?[01]/d' /etc/sysctl.conf
sudo sed -i -E '/^(#)?( )?net\.ipv6\.conf\.all\.accept_ra( )?=( )?[012]/d' /etc/sysctl.conf
echo "net.ipv4.ip_forward=1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding=1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.all.proxy_ndp=1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.all.accept_ra=2" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf
sudo iptables -A FORWARD -j ACCEPT
else
echo "Missing strongSwan configuration. Skipping strongSwan setup."
fi
if [ -n "${RESTART_REQUIRED}" ]; then
echo "Pi setup is almost complete. Pi will reboot in 10 seconds to complete setup. Press ^C to cancel reboot."
sleep 10 && sudo reboot &
fi