'grundinstallation.sh' ändern

grundinstallation.sh

@@ -1,27 +1,34 @@
 #!/bin/bash
 
+Raspberry=false
+DeviceID=$(cat /etc/os-release | grep "^ID=" | cut -d "=" -f2)
+if [ "$DeviceID" == "raspbian" ]; then Raspberry=true; fi
+
 echo "Updating System..."
 apt update && apt upgrade -y
+apt purge apparmor -y
+apt autoremove -y
 
 echo "Installint NTP and SNMP Services..."
-apt install ntp snmpd -y
-rm /etc/ntp.conf
+apt install chrony snmpd -y
+rm /etc/chrony/chrony.conf
 rm /etc/snmp/snmpd.conf
 
 ###########################################################################
 echo "Configuration Services..."
-cat <<EOF > /etc/ntp.conf
-driftfile /var/lib/ntp/ntp.drift
-
-restrict default ignore
-restrict 127.0.0.1
-restrict ::1
-
-server ntp-nhi-strat1.klenzel.net iburst
-server ntp-hkl-strat1.klenzel.net iburst
-
-restrict ntp-nhi-strat1.klenzel.net noquery nomodify notrap
-restrict ntp-hkl-strat1.klenzel.net noquery nomodify notrap
+cat <<EOF > /etc/chrony/chrony.conf
+# NTP-Server
+server ntp-nhi-strat1.klenzel.net
+server ntp-hkl-strat1.klenzel.net
+
+###################################################
+# Sonstige Konfiguration
+driftfile /var/lib/chrony/drift
+makestep 1.0 3
+allow 127.0.0.1
+keyfile /etc/chrony.keys
+leapsectz right/UTC
+logdir /var/log/chrony
 EOF
 
 ###########################################################################
@@ -30,11 +37,13 @@ cat <<EOF > /etc/snmp/snmpd.conf
 createUser   KlenzelSNMP SHA "klen-ke93jg-zel"  DES
 rouser       KlenzelSNMP
 agentAddress udp:161,udp6:161
-
-extend .1.3.6.1.4.1.2021.8.4 cpu_temp /scripts/snmp_temp/snmp_temp.sh cpu
-extend .1.3.6.1.4.1.2021.8.5 gpu_temp /scripts/snmp_temp/snmp_temp.sh gpu
 EOF
 
+if [ $Raspberry ]; then
+	echo "extend .1.3.6.1.4.1.2021.8.4 cpu_temp /scripts/snmp_temp/snmp_temp.sh cpu" >> /etc/snmp/snmpd.conf
+	echo "extend .1.3.6.1.4.1.2021.8.5 gpu_temp /scripts/snmp_temp/snmp_temp.sh gpu" >> /etc/snmp/snmpd.conf
+fi
+
 ###########################################################################
 
 cat <<EOF >> /etc/rsyslog.conf
@@ -49,20 +58,22 @@ echo "Configuration SSH-Daemon..."
 sed -i 's@#Port 22@Port 4711@g' /etc/ssh/sshd_config
 sed -i 's@#PermitRootLogin prohibit-password@PermitRootLogin yes@g' /etc/ssh/sshd_config
 
-usermod -aG video Debian-snmp
+if [ $Raspberry ]; then
+	usermod -aG video Debian-snmp
+fi
 
 echo "Enabling and restarting nessasary Services..."
-/bin/systemctl enable ntp
-/bin/systemctl restart ntp
+/bin/systemctl enable chrony
+/bin/systemctl restart chrony
 /bin/systemctl enable snmpd
 /bin/systemctl restart snmpd
 /bin/systemctl restart rsyslog.service
-/bin/systemctl restart  sshd
+/bin/systemctl restart sshd
 
 echo "Writing SSH-Keys..."
 mkdir /root/.ssh
 touch /root/.ssh/authorized_keys
 sed -i '/backuppc$/d' /root/.ssh/authorized_keys
 echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsBRdbMZqVK9kZ0o7XnkFWNcwGDt6BHSoVElo++Q+zElL8rj/E0fTcBmqbG+Xu+cvhDTThugjg/kzj6wK3x8rupE+Zc+B6FmncEl8aN1VcPBIQzmplGOkaMWBSPtj6v0Yjfq4yj35xEL5wYHwZR9mC6ZBDPrBCAuaUX00buP95e4XjKLmhZElKkZDsIBuMvEmj68UOMnmsd1Kyx7LUaWMswcEDFOAHbl013qAiB0mKAViYvSie69g5P1UruZ6uHhe4htnFHJhfV/p5ZGv75jq/+Y82kEqdCB0iDE3VMFru7p6rPiF1xGjNNZooyKXtVpi7/1xBqNg/m4o8kDmrY+fEXJwXoABaLOjRDH6jUnZHxQNw+5ko/mfOlWBw72EvKvbyBcbU7HIO45MF8iXMREhxpbVAUOiBF+qqjOj0ktM+CYFJV2soAQ7Dt8zXr/H/xC0veU/pCiNz4sbsCDXws9ZwrKn14jdDUbNNo/Ax96nIbvu0WC9Dr6Tw27juq1NC/sCz67fdLM6RRakx452I+ejRKdYG/pmw9ACuHOeTW7StZjUy1iIdYBghPhnDv/iWEUwZHp++RprqEH68rAXHuoFjffzF9o2DG5tkE2k02kFbcrCzyRQRVCBHOpCcyQr/ywpKRkcJFdslBjrAcDzUui0Vs0HSr/cZUjNYx0VXHydYRw== backuppc" >> /root/.ssh/authorized_keys
-
+echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClwNvLcpeFCnKyoEfPyCqJpmdw5c4OKEj/9uApbNBQa3gBWc91suIrMBO8hNSCD65J8fblWUhc1itA+VkBQxbZU6HDXu4xfWBROsJRGYn9Y/i7TbYz57j3LDVS2Ks3kT5cCJdLk/L9Fk05Q+tYpIH7mhxRcdjgr/tmppzaVaTFltCNcgaWhHH7oR2VBiGy6FCNS1Mhk8O4ic5o3PtQix43CZPk7kSIKX1YHHz4HQ4UNjr/T0/MSUBDItl4rKozLe6trSmobHCepXmVpg8mibVEAk3FG6So73xoXeohkdhLGyA9Zakzm+VmBycMSuWphDmspMFGIKprnL1lxnPUHLj5 root@nhi-00-sl-ihms" >> /root/.ssh/authorized_keys
 echo "Done, exiting..."