351 lines
12 KiB
Bash
Executable File
351 lines
12 KiB
Bash
Executable File
#!/bin/bash
|
||
# -----------------------------------------------------------
|
||
# this is a simple post-install script intended for a fedora
|
||
# installation workstation set-up
|
||
# there's a lot to be done yet...
|
||
# -----------------------------------------------------------
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# verify sufficient privileges before running the rest
|
||
# -----------------------------------------------------------
|
||
if [[ "$(id -u)" -ne 0 ]]; then
|
||
echo "[x] Run as root. Exiting."
|
||
exit 1
|
||
fi
|
||
|
||
# -----------------------------------------------------------
|
||
# stores current folder, expects it to be a non-privileged
|
||
# user's home (as you sudo-up, say, from your home before
|
||
# running this)
|
||
# -----------------------------------------------------------
|
||
tadyma=`pwd`
|
||
utils_fol=$tadyma/utils
|
||
# msfile location
|
||
msfC_file=/usr/share/applications/metasploit-framework.desktop
|
||
(xset r rate 217 87)
|
||
|
||
# -----------------------------------------------------------
|
||
# upgrade packages (clear cache also) before proceeding with
|
||
# any installations; enable testing repos to savor fresh juice
|
||
# -----------------------------------------------------------
|
||
dnf config-manager --set-enabled updates
|
||
dnf config-manager --set-enabled updates-testing
|
||
dnf --setopt deltarpm=true upgrade --refresh
|
||
|
||
# -----------------------------------------------------------
|
||
# install kernel-devel before anything else
|
||
dnf install -yy kernel-devel
|
||
|
||
# -----------------------------------------------------------
|
||
# enable rpmfusion-free repo
|
||
# -----------------------------------------------------------
|
||
dnf install -yy http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
|
||
dnf config-manager --set-enabled rpmfusion-free
|
||
|
||
# -----------------------------------------------------------
|
||
# zsh + oh-my-zsh + git + vim + rsync
|
||
# -----------------------------------------------------------
|
||
dnf install -yy zsh git vim rsync
|
||
#cd
|
||
#sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" &
|
||
#cd $tadyma
|
||
|
||
# -----------------------------------------------------------
|
||
# install the most important tools
|
||
# -----------------------------------------------------------
|
||
dnf install -yy \
|
||
htop whois screen feh scrot gpicview p7zip unar \
|
||
gnome-terminal tmux oathtool keepassxc \
|
||
gmrun redshift gparted ethtool tor privoxy \
|
||
xarchiver xfce4-settings screenfetch neofetch galculator \
|
||
lightdm light-locker gnome-disk-utility thunderbird firefox \
|
||
lightdm-gtk-greeter-settings notify-send libreoffice-core \
|
||
lxtask lxappearance lxdm lxpolkit volumeicon i3lock
|
||
# -----------------------------------------------------------
|
||
# install class2-importance tools
|
||
# -----------------------------------------------------------
|
||
dnf install -yy oggconvert pinta pdfmod youtube-dl gnome-calculator
|
||
|
||
# install vlc
|
||
|
||
# -----------------------------------------------------------
|
||
# thermal
|
||
# -----------------------------------------------------------
|
||
dnf install -yy tlp tlp-rdw
|
||
# -----------------------------------------------------------
|
||
# thinkpads only (additional batteries support, not needed here)
|
||
# -----------------------------------------------------------
|
||
#dnf install http://repo.linrunner.de/fedora/tlp/repos/releases/tlp-release.fc$(rpm -E %fedora).noarch.rpm
|
||
# akmod-tp_smapi (TLP repo) – optional ThinkPad only, tp-smapi is needed for battery charge thresholds, recalibration and specific status output of tlp-stat
|
||
# akmod-acpi_call (TLP repo) – optional ThinkPad only, acpi-call is needed for battery charge thresholds and recalibration on Sandy Bridge and newer models (X220/T420, X230/T430 et al.)
|
||
# kernel-devel (Fedora repo) – optional, needed for the akmod packages above
|
||
#dnf install akmod-tp_smapi akmod-acpi_call kernel-devel
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# set up python environment - TO DO
|
||
# -----------------------------------------------------------
|
||
#dnf install python python3 \
|
||
#ipython
|
||
# python env
|
||
|
||
#virtualenv utils/venv
|
||
#source utils/venv/bin/activate
|
||
#virtualenv --clear
|
||
#virtualenv --clear /utils/venv
|
||
#rmvirtualenv utils/venv
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# install openh264 for video support, see:
|
||
# https://fedoraproject.org/wiki/OpenH264
|
||
# https://ask.fedoraproject.org/en/question/95637/h264-videos-not-working-in-firefox/
|
||
# https://ask.fedoraproject.org/en/question/120605/video-problems-on-firefox-on-fedora-28/
|
||
# https://www.youtube.com/html5
|
||
dnf install -yy gstreamer1-plugin-openh264 mozilla-openh264
|
||
dnf install -yy ffmpeg-libs compat-ffmpeg28
|
||
#dnf groupupdate -yy multimedia
|
||
|
||
# -----------------------------------------------------------
|
||
# install additional packages
|
||
# -----------------------------------------------------------
|
||
dnf install -yy flatpak
|
||
|
||
# -----------------------------------------------------------
|
||
# much fun
|
||
# -----------------------------------------------------------
|
||
dnf install -yy cmatrix
|
||
#espeak fortune-mod banner dog
|
||
|
||
# -----------------------------------------------------------
|
||
# nw-sec
|
||
# -----------------------------------------------------------
|
||
dnf install -yy nmap aircrack-ng nethogs iptraf-ng wireshark nmap-ncat
|
||
|
||
# -----------------------------------------------------------
|
||
# create a directory for utils in user's home
|
||
# -----------------------------------------------------------
|
||
#mkdir $utils_fol
|
||
#cd $utils_fol
|
||
|
||
# hashcat
|
||
#git clone https://github.com/hashcat/hashcat.git
|
||
|
||
# John-the-Ripper
|
||
#git clone https://github.com/magnumripper/JohnTheRipper.git -b bleeding-jumbo john
|
||
|
||
# -----------------------------------------------------------
|
||
# metasploit framework - [!] add metasploit-framework.desktop to /usr/share/applications
|
||
# for metasploit to be accessible to all root users, install it in root's home
|
||
# -----------------------------------------------------------
|
||
##cd /root
|
||
##curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall -y
|
||
### next step expects metasploit .desktop file to be present in relative root dir
|
||
##cp metasploit-framework.desktop $msfC_file && chmod 0644 $msfC_file
|
||
##unset msfC_file
|
||
|
||
cd $utils_fol
|
||
|
||
su $SUDO_USER sh -c '
|
||
# mitmproxy
|
||
#pip3 install mitmproxy
|
||
|
||
# setoolkit
|
||
#sudo dnf install git python-pexpect python-pefile python-crypto pyOpenSSL
|
||
git clone https://github.com/trustedsec/social-engineer-toolkit/ set/
|
||
|
||
# sdtool
|
||
git clone https://github.com/BertoldVdb/sdtool.git
|
||
|
||
# int0x80
|
||
git clone https://github.com/int0x80/anti-forensics.git
|
||
git clone https://github.com/int0x80/windows.git
|
||
git clone https://github.com/int0x80/SweetSecurity.git
|
||
git clone https://github.com/int0x80/1337-Noms-The-Hacker-Cookbook.git
|
||
git clone https://github.com/int0x80/Packt-Publishing-Free-Learning.git
|
||
git clone https://github.com/int0x80/killallthehumans.git
|
||
git clone https://github.com/int0x80/githump.git
|
||
git clone https://github.com/int0x80/reversing.git
|
||
git clone https://github.com/int0x80/blog.git
|
||
git clone https://github.com/int0x80/iot-stuff.git
|
||
git clone https://github.com/int0x80/notes.git
|
||
git clone https://github.com/int0x80/dotfiles.git
|
||
|
||
|
||
# vermaden scripts
|
||
# git clone https://github.com/vermaden/scripts.git $HOME/utils/vermaden-scripts
|
||
'
|
||
cd $tadyma
|
||
|
||
# -----------------------------------------------------------
|
||
# ibus - typing
|
||
#imsettings-switch
|
||
#ibus-setup ibus-daemon
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# youtube-dl
|
||
#youtube-dl -v --user-agent -- --prefer-free-formats <yt link>
|
||
# convert it later with oggconvert
|
||
|
||
# -----------------------------------------------------------
|
||
# nmcli
|
||
#nmcli device wifi rescan
|
||
#nmcli device wifi list
|
||
#nmcli con up free
|
||
|
||
# -----------------------------------------------------------
|
||
#dnf install -yy xed nemo nemo-desktop
|
||
|
||
# -----------------------------------------------------------
|
||
# flatpak
|
||
# add flathub repo; profit
|
||
#flatpak --user remote-add flathub https://flathub.org/repo/flathub.flatpakrepo
|
||
# install sweet stuff...
|
||
#flatpak install --user https://www.flathub.org/repo/appstream/org.signal.Signal.flatpakref
|
||
#flatpak install --user https://flathub.org/repo/appstream/com.discordapp.Discord.flatpakref
|
||
|
||
# HW video decode support for Intel integrated graphics in fedora
|
||
# rpm-fusion needs to be installed beforehand
|
||
dnf install -yy libva-intel-driver
|
||
|
||
# ---------------------------------
|
||
# graphics
|
||
# lspci -k | grep -A 2 -E "(VGA|3D)"
|
||
# inxi -b
|
||
|
||
# so that flashtool would work, add user (fedora) to group dialout
|
||
#adduser fedora dialout
|
||
gpasswd -a $SUDO_USER dialout
|
||
|
||
# no-more-secrets
|
||
#cd $utils_fol
|
||
#git clone https://github.com/bartobri/no-more-secrets.git
|
||
#cd ./no-more-secrets
|
||
#make nms
|
||
#make sneakers
|
||
#sudo make install
|
||
#systemctl list-units --type=target | nms
|
||
|
||
|
||
# ----------------------
|
||
# at
|
||
#at = "systemctl suspend" -t 13:37 Thu
|
||
|
||
# ----------------------
|
||
# shred
|
||
#shred -n 2 -zuv $( find . -xdev -type f -exec ls {} \; | tail -100)
|
||
|
||
# ----------------------
|
||
# netstat
|
||
#netstat -anp|more
|
||
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# misc - mostly not in fedora repos
|
||
# -----------------------------------------------------------
|
||
# https://atom.io
|
||
#atom
|
||
rpm --import https://packagecloud.io/AtomEditor/atom/gpgkey
|
||
sh -c 'echo -e "[Atom]\nname=Atom Editor\nbaseurl=https://packagecloud.io/AtomEditor/atom/el/7/\$basearch\nenabled=1\ngpgcheck=0\nrepo_gpgcheck=1\ngpgkey=https://packagecloud.io/AtomEditor/atom/gpgkey" > /etc/yum.repos.d/atom.repo'
|
||
dnf install -yy atom
|
||
#dnf install atom-beta
|
||
|
||
|
||
# ----------- D O C K E R ------------------
|
||
# to be configured...
|
||
|
||
|
||
# adding repo necessary, see https://www.virualbox.org
|
||
#virtualbox
|
||
# see https://www.torproject.org
|
||
#tor-browser
|
||
# see https://www.mega.nz
|
||
#mega-sync
|
||
# adding repo necessary, see https://www.vivaldi.com
|
||
#vivaldi-stable
|
||
#https://help.vivaldi.com/article/html5-proprietary-media-on-linux/
|
||
|
||
# to be configured also^...
|
||
|
||
# pulls a ton of KDE deps
|
||
#kdeconnect-indicator kdeconnectd
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# openbox
|
||
# -----------------------------------------------------------
|
||
# ./config/openbox/helper.sh
|
||
#
|
||
# https://github.com/vermaden/scripts.git
|
||
|
||
# we might need these for (maybe not) window pausing
|
||
# dnf install -yy xprop xdotool zenity xbindkeys
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# change plymouth theme
|
||
# -----------------------------------------------------------
|
||
#plymouth-set-default-theme -R details # sets it to "details" and rebuilds initrd
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# zswap
|
||
# -----------------------------------------------------------
|
||
# add "zswap/enabled=1" at the and of the line "GRUB_CMDLINE_LINUX.."
|
||
|
||
# -----------------------------------------------------------
|
||
# configure zram
|
||
# -----------------------------------------------------------
|
||
#dnf install -yy zram
|
||
#modprobe zram
|
||
# getconf _NPROCESSORS_ONLN # number of compressing threads == no. cpu cores
|
||
# cat /sys/block/zram0/max_comp_streams
|
||
# grep MemTotal /proc/meminfo | grep -E --only-matching '[[:digit:]]+' # mem KiB
|
||
# cat /sys/block/zram0/disksize
|
||
systemctl start zram.service
|
||
# echo "2010222K" > /sys/block/zram0/disksize # create a 2GiB zswap device
|
||
# mkswap /dev/zram0 # format as swap
|
||
# swapon -p 100 /dev/zram0 # turn zram swap on
|
||
# systemctl enable zram-swap.service
|
||
# systemctl start zram-swap.service
|
||
|
||
|
||
# decrease swappiness - use more ram - temporary solution
|
||
#sudo sysctl vm.swappiness = 20
|
||
# current swappiness level
|
||
#cat /proc/sys/vm/swappiness
|
||
# permanent solution
|
||
echo "vm.swappiness = 7" >> /etc/sysctl.conf
|
||
|
||
|
||
systemctl disable ModemManager.service
|
||
systemctl disable plymouth-quit-wait.service
|
||
systemctl disable plymouth-start.service
|
||
#systemctl disable livesys-late.service
|
||
systemctl disable plymouth-read-write.service
|
||
|
||
|
||
# -----------------------------------------------------------
|
||
# headless
|
||
# -----------------------------------------------------------
|
||
# to be configured...
|
||
|
||
# kickstart
|
||
# https://docs.fedoraproject.org/en-US/fedora/f29/install-guide/advanced/Kickstart_Installations/#chap-kickstart-installations
|
||
|
||
# vnc
|
||
# https://docs.fedoraproject.org/en-US/fedora/f29/install-guide/advanced/VNC_Installations/#chap-vnc-installations
|
||
|
||
|
||
# -------------------------------------------------------------
|
||
# "file" hashes generation based on a wordlist of supposed pwds
|
||
# dunno why I'm doing this
|
||
#while read line \
|
||
#do\
|
||
# echo -e " `mkpasswd --method=\$\6\$ ` < $line " >> filehashes ; \
|
||
#done < file
|
||
|