dotfiles/setup-env/fedora-setup.sh

351 lines
12 KiB
Bash
Raw Permalink Normal View History

#!/bin/bash
# -----------------------------------------------------------
2019-10-16 14:31:12 +02:00
# this is a simple post-install script intended for a fedora
# installation workstation set-up
# there's a lot to be done yet...
# -----------------------------------------------------------
# -----------------------------------------------------------
# verify sufficient privileges before running the rest
# -----------------------------------------------------------
if [[ "$(id -u)" -ne 0 ]]; then
echo "[x] Run as root. Exiting."
exit 1
fi
# -----------------------------------------------------------
# stores current folder, expects it to be a non-privileged
# user's home (as you sudo-up, say, from your home before
# running this)
# -----------------------------------------------------------
tadyma=`pwd`
utils_fol=$tadyma/utils
# msfile location
msfC_file=/usr/share/applications/metasploit-framework.desktop
(xset r rate 217 87)
# -----------------------------------------------------------
# upgrade packages (clear cache also) before proceeding with
# any installations; enable testing repos to savor fresh juice
# -----------------------------------------------------------
dnf config-manager --set-enabled updates
dnf config-manager --set-enabled updates-testing
dnf --setopt deltarpm=true upgrade --refresh
# -----------------------------------------------------------
# install kernel-devel before anything else
dnf install -yy kernel-devel
# -----------------------------------------------------------
# enable rpmfusion-free repo
# -----------------------------------------------------------
dnf install -yy http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
dnf config-manager --set-enabled rpmfusion-free
# -----------------------------------------------------------
# zsh + oh-my-zsh + git + vim + rsync
# -----------------------------------------------------------
dnf install -yy zsh git vim rsync
2019-10-16 14:31:12 +02:00
#cd
#sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" &
#cd $tadyma
# -----------------------------------------------------------
# install the most important tools
# -----------------------------------------------------------
2019-10-16 14:31:12 +02:00
dnf install -yy \
htop whois screen feh scrot gpicview p7zip unar \
gnome-terminal tmux oathtool keepassxc \
gmrun redshift gparted ethtool tor privoxy \
xarchiver xfce4-settings screenfetch neofetch galculator \
lightdm light-locker gnome-disk-utility thunderbird firefox \
lightdm-gtk-greeter-settings notify-send libreoffice-core \
lxtask lxappearance lxdm lxpolkit volumeicon i3lock
# -----------------------------------------------------------
# install class2-importance tools
# -----------------------------------------------------------
2019-10-16 14:31:12 +02:00
dnf install -yy oggconvert pinta pdfmod youtube-dl gnome-calculator
# install vlc
# -----------------------------------------------------------
# thermal
# -----------------------------------------------------------
dnf install -yy tlp tlp-rdw
# -----------------------------------------------------------
# thinkpads only (additional batteries support, not needed here)
# -----------------------------------------------------------
#dnf install http://repo.linrunner.de/fedora/tlp/repos/releases/tlp-release.fc$(rpm -E %fedora).noarch.rpm
# akmod-tp_smapi (TLP repo) – optional ThinkPad only, tp-smapi is needed for battery charge thresholds, recalibration and specific status output of tlp-stat
# akmod-acpi_call (TLP repo) – optional ThinkPad only, acpi-call is needed for battery charge thresholds and recalibration on Sandy Bridge and newer models (X220/T420, X230/T430 et al.)
# kernel-devel (Fedora repo) – optional, needed for the akmod packages above
#dnf install akmod-tp_smapi akmod-acpi_call kernel-devel
# -----------------------------------------------------------
# set up python environment - TO DO
# -----------------------------------------------------------
#dnf install python python3 \
#ipython
# python env
#virtualenv utils/venv
#source utils/venv/bin/activate
#virtualenv --clear
#virtualenv --clear /utils/venv
#rmvirtualenv utils/venv
# -----------------------------------------------------------
# install openh264 for video support, see:
# https://fedoraproject.org/wiki/OpenH264
# https://ask.fedoraproject.org/en/question/95637/h264-videos-not-working-in-firefox/
# https://ask.fedoraproject.org/en/question/120605/video-problems-on-firefox-on-fedora-28/
# https://www.youtube.com/html5
dnf install -yy gstreamer1-plugin-openh264 mozilla-openh264
dnf install -yy ffmpeg-libs compat-ffmpeg28
#dnf groupupdate -yy multimedia
# -----------------------------------------------------------
# install additional packages
# -----------------------------------------------------------
dnf install -yy flatpak
# -----------------------------------------------------------
# much fun
# -----------------------------------------------------------
dnf install -yy cmatrix
#espeak fortune-mod banner dog
# -----------------------------------------------------------
# nw-sec
# -----------------------------------------------------------
dnf install -yy nmap aircrack-ng nethogs iptraf-ng wireshark nmap-ncat
# -----------------------------------------------------------
# create a directory for utils in user's home
# -----------------------------------------------------------
#mkdir $utils_fol
#cd $utils_fol
# hashcat
#git clone https://github.com/hashcat/hashcat.git
# John-the-Ripper
#git clone https://github.com/magnumripper/JohnTheRipper.git -b bleeding-jumbo john
# -----------------------------------------------------------
# metasploit framework - [!] add metasploit-framework.desktop to /usr/share/applications
# for metasploit to be accessible to all root users, install it in root's home
# -----------------------------------------------------------
##cd /root
##curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall -y
### next step expects metasploit .desktop file to be present in relative root dir
##cp metasploit-framework.desktop $msfC_file && chmod 0644 $msfC_file
##unset msfC_file
cd $utils_fol
2019-10-16 14:31:12 +02:00
su $SUDO_USER sh -c '
# mitmproxy
#pip3 install mitmproxy
# setoolkit
#sudo dnf install git python-pexpect python-pefile python-crypto pyOpenSSL
2019-10-16 14:31:12 +02:00
git clone https://github.com/trustedsec/social-engineer-toolkit/ set/
# sdtool
2019-10-16 14:31:12 +02:00
git clone https://github.com/BertoldVdb/sdtool.git
# int0x80
2019-10-16 14:31:12 +02:00
git clone https://github.com/int0x80/anti-forensics.git
git clone https://github.com/int0x80/windows.git
git clone https://github.com/int0x80/SweetSecurity.git
git clone https://github.com/int0x80/1337-Noms-The-Hacker-Cookbook.git
git clone https://github.com/int0x80/Packt-Publishing-Free-Learning.git
git clone https://github.com/int0x80/killallthehumans.git
git clone https://github.com/int0x80/githump.git
git clone https://github.com/int0x80/reversing.git
git clone https://github.com/int0x80/blog.git
git clone https://github.com/int0x80/iot-stuff.git
git clone https://github.com/int0x80/notes.git
git clone https://github.com/int0x80/dotfiles.git
# vermaden scripts
# git clone https://github.com/vermaden/scripts.git $HOME/utils/vermaden-scripts
2019-10-16 14:31:12 +02:00
'
cd $tadyma
# -----------------------------------------------------------
# ibus - typing
#imsettings-switch
#ibus-setup ibus-daemon
# -----------------------------------------------------------
# youtube-dl
#youtube-dl -v --user-agent -- --prefer-free-formats <yt link>
# convert it later with oggconvert
# -----------------------------------------------------------
# nmcli
#nmcli device wifi rescan
#nmcli device wifi list
#nmcli con up free
# -----------------------------------------------------------
2019-10-16 14:31:12 +02:00
#dnf install -yy xed nemo nemo-desktop
# -----------------------------------------------------------
# flatpak
# add flathub repo; profit
#flatpak --user remote-add flathub https://flathub.org/repo/flathub.flatpakrepo
# install sweet stuff...
#flatpak install --user https://www.flathub.org/repo/appstream/org.signal.Signal.flatpakref
#flatpak install --user https://flathub.org/repo/appstream/com.discordapp.Discord.flatpakref
# HW video decode support for Intel integrated graphics in fedora
# rpm-fusion needs to be installed beforehand
dnf install -yy libva-intel-driver
# ---------------------------------
# graphics
# lspci -k | grep -A 2 -E "(VGA|3D)"
# inxi -b
# so that flashtool would work, add user (fedora) to group dialout
#adduser fedora dialout
2019-10-16 14:31:12 +02:00
gpasswd -a $SUDO_USER dialout
# no-more-secrets
#cd $utils_fol
#git clone https://github.com/bartobri/no-more-secrets.git
#cd ./no-more-secrets
#make nms
#make sneakers
#sudo make install
#systemctl list-units --type=target | nms
# ----------------------
# at
#at = "systemctl suspend" -t 13:37 Thu
# ----------------------
# shred
#shred -n 2 -zuv $( find . -xdev -type f -exec ls {} \; | tail -100)
# ----------------------
# netstat
#netstat -anp|more
# -----------------------------------------------------------
# misc - mostly not in fedora repos
# -----------------------------------------------------------
# https://atom.io
#atom
rpm --import https://packagecloud.io/AtomEditor/atom/gpgkey
sh -c 'echo -e "[Atom]\nname=Atom Editor\nbaseurl=https://packagecloud.io/AtomEditor/atom/el/7/\$basearch\nenabled=1\ngpgcheck=0\nrepo_gpgcheck=1\ngpgkey=https://packagecloud.io/AtomEditor/atom/gpgkey" > /etc/yum.repos.d/atom.repo'
dnf install -yy atom
#dnf install atom-beta
# ----------- D O C K E R ------------------
# to be configured...
# adding repo necessary, see https://www.virualbox.org
#virtualbox
# see https://www.torproject.org
#tor-browser
# see https://www.mega.nz
#mega-sync
# adding repo necessary, see https://www.vivaldi.com
#vivaldi-stable
#https://help.vivaldi.com/article/html5-proprietary-media-on-linux/
# to be configured also^...
# pulls a ton of KDE deps
#kdeconnect-indicator kdeconnectd
# -----------------------------------------------------------
# openbox
# -----------------------------------------------------------
# ./config/openbox/helper.sh
#
# https://github.com/vermaden/scripts.git
# we might need these for (maybe not) window pausing
# dnf install -yy xprop xdotool zenity xbindkeys
# -----------------------------------------------------------
# change plymouth theme
# -----------------------------------------------------------
2019-10-16 14:31:12 +02:00
#plymouth-set-default-theme -R details # sets it to "details" and rebuilds initrd
# -----------------------------------------------------------
# zswap
# -----------------------------------------------------------
# add "zswap/enabled=1" at the and of the line "GRUB_CMDLINE_LINUX.."
# -----------------------------------------------------------
# configure zram
# -----------------------------------------------------------
2019-10-16 14:31:12 +02:00
#dnf install -yy zram
#modprobe zram
# getconf _NPROCESSORS_ONLN # number of compressing threads == no. cpu cores
# cat /sys/block/zram0/max_comp_streams
# grep MemTotal /proc/meminfo | grep -E --only-matching '[[:digit:]]+' # mem KiB
# cat /sys/block/zram0/disksize
systemctl start zram.service
# echo "2010222K" > /sys/block/zram0/disksize # create a 2GiB zswap device
# mkswap /dev/zram0 # format as swap
# swapon -p 100 /dev/zram0 # turn zram swap on
# systemctl enable zram-swap.service
# systemctl start zram-swap.service
# decrease swappiness - use more ram - temporary solution
#sudo sysctl vm.swappiness = 20
# current swappiness level
#cat /proc/sys/vm/swappiness
# permanent solution
2019-10-16 14:31:12 +02:00
echo "vm.swappiness = 7" >> /etc/sysctl.conf
systemctl disable ModemManager.service
systemctl disable plymouth-quit-wait.service
systemctl disable plymouth-start.service
#systemctl disable livesys-late.service
systemctl disable plymouth-read-write.service
# -----------------------------------------------------------
# headless
# -----------------------------------------------------------
# to be configured...
# kickstart
# https://docs.fedoraproject.org/en-US/fedora/f29/install-guide/advanced/Kickstart_Installations/#chap-kickstart-installations
# vnc
# https://docs.fedoraproject.org/en-US/fedora/f29/install-guide/advanced/VNC_Installations/#chap-vnc-installations
# -------------------------------------------------------------
# "file" hashes generation based on a wordlist of supposed pwds
# dunno why I'm doing this
#while read line \
#do\
# echo -e " `mkpasswd --method=\$\6\$ ` < $line " >> filehashes ; \
#done < file