|
@@ -1,27 +1,34 @@
|
|
|
#!/bin/bash
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
+Raspberry=false
|
|
|
|
|
+DeviceID=$(cat /etc/os-release | grep "^ID=" | cut -d "=" -f2)
|
|
|
|
|
+if [ "$DeviceID" == "raspbian" ]; then Raspberry=true; fi
|
|
|
|
|
+
|
|
|
echo "Updating System..."
|
|
echo "Updating System..."
|
|
|
apt update && apt upgrade -y
|
|
apt update && apt upgrade -y
|
|
|
|
|
+apt purge apparmor -y
|
|
|
|
|
+apt autoremove -y
|
|
|
|
|
|
|
|
echo "Installint NTP and SNMP Services..."
|
|
echo "Installint NTP and SNMP Services..."
|
|
|
-apt install ntp snmpd -y
|
|
|
|
|
-rm /etc/ntp.conf
|
|
|
|
|
|
|
+apt install chrony snmpd -y
|
|
|
|
|
+rm /etc/chrony/chrony.conf
|
|
|
rm /etc/snmp/snmpd.conf
|
|
rm /etc/snmp/snmpd.conf
|
|
|
|
|
|
|
|
###########################################################################
|
|
###########################################################################
|
|
|
echo "Configuration Services..."
|
|
echo "Configuration Services..."
|
|
|
-cat <<EOF > /etc/ntp.conf
|
|
|
|
|
-driftfile /var/lib/ntp/ntp.drift
|
|
|
|
|
-
|
|
|
|
|
-restrict default ignore
|
|
|
|
|
-restrict 127.0.0.1
|
|
|
|
|
-restrict ::1
|
|
|
|
|
-
|
|
|
|
|
-server ntp-nhi-strat1.klenzel.net iburst
|
|
|
|
|
-server ntp-hkl-strat1.klenzel.net iburst
|
|
|
|
|
-
|
|
|
|
|
-restrict ntp-nhi-strat1.klenzel.net noquery nomodify notrap
|
|
|
|
|
-restrict ntp-hkl-strat1.klenzel.net noquery nomodify notrap
|
|
|
|
|
|
|
+cat <<EOF > /etc/chrony/chrony.conf
|
|
|
|
|
+# NTP-Server
|
|
|
|
|
+server ntp-nhi-strat1.klenzel.net
|
|
|
|
|
+server ntp-hkl-strat1.klenzel.net
|
|
|
|
|
+
|
|
|
|
|
+###################################################
|
|
|
|
|
+# Sonstige Konfiguration
|
|
|
|
|
+driftfile /var/lib/chrony/drift
|
|
|
|
|
+makestep 1.0 3
|
|
|
|
|
+allow 127.0.0.1
|
|
|
|
|
+keyfile /etc/chrony.keys
|
|
|
|
|
+leapsectz right/UTC
|
|
|
|
|
+logdir /var/log/chrony
|
|
|
EOF
|
|
EOF
|
|
|
|
|
|
|
|
###########################################################################
|
|
###########################################################################
|
|
@@ -30,11 +37,13 @@ cat <<EOF > /etc/snmp/snmpd.conf
|
|
|
createUser KlenzelSNMP SHA "klen-ke93jg-zel" DES
|
|
createUser KlenzelSNMP SHA "klen-ke93jg-zel" DES
|
|
|
rouser KlenzelSNMP
|
|
rouser KlenzelSNMP
|
|
|
agentAddress udp:161,udp6:161
|
|
agentAddress udp:161,udp6:161
|
|
|
-
|
|
|
|
|
-extend .1.3.6.1.4.1.2021.8.4 cpu_temp /scripts/snmp_temp/snmp_temp.sh cpu
|
|
|
|
|
-extend .1.3.6.1.4.1.2021.8.5 gpu_temp /scripts/snmp_temp/snmp_temp.sh gpu
|
|
|
|
|
EOF
|
|
EOF
|
|
|
|
|
|
|
|
|
|
+if [ $Raspberry ]; then
|
|
|
|
|
+ echo "extend .1.3.6.1.4.1.2021.8.4 cpu_temp /scripts/snmp_temp/snmp_temp.sh cpu" >> /etc/snmp/snmpd.conf
|
|
|
|
|
+ echo "extend .1.3.6.1.4.1.2021.8.5 gpu_temp /scripts/snmp_temp/snmp_temp.sh gpu" >> /etc/snmp/snmpd.conf
|
|
|
|
|
+fi
|
|
|
|
|
+
|
|
|
###########################################################################
|
|
###########################################################################
|
|
|
|
|
|
|
|
cat <<EOF >> /etc/rsyslog.conf
|
|
cat <<EOF >> /etc/rsyslog.conf
|
|
@@ -49,20 +58,22 @@ echo "Configuration SSH-Daemon..."
|
|
|
sed -i 's@#Port 22@Port 4711@g' /etc/ssh/sshd_config
|
|
sed -i 's@#Port 22@Port 4711@g' /etc/ssh/sshd_config
|
|
|
sed -i 's@#PermitRootLogin prohibit-password@PermitRootLogin yes@g' /etc/ssh/sshd_config
|
|
sed -i 's@#PermitRootLogin prohibit-password@PermitRootLogin yes@g' /etc/ssh/sshd_config
|
|
|
|
|
|
|
|
-usermod -aG video Debian-snmp
|
|
|
|
|
|
|
+if [ $Raspberry ]; then
|
|
|
|
|
+ usermod -aG video Debian-snmp
|
|
|
|
|
+fi
|
|
|
|
|
|
|
|
echo "Enabling and restarting nessasary Services..."
|
|
echo "Enabling and restarting nessasary Services..."
|
|
|
-/bin/systemctl enable ntp
|
|
|
|
|
-/bin/systemctl restart ntp
|
|
|
|
|
|
|
+/bin/systemctl enable chrony
|
|
|
|
|
+/bin/systemctl restart chrony
|
|
|
/bin/systemctl enable snmpd
|
|
/bin/systemctl enable snmpd
|
|
|
/bin/systemctl restart snmpd
|
|
/bin/systemctl restart snmpd
|
|
|
/bin/systemctl restart rsyslog.service
|
|
/bin/systemctl restart rsyslog.service
|
|
|
-/bin/systemctl restart sshd
|
|
|
|
|
|
|
+/bin/systemctl restart sshd
|
|
|
|
|
|
|
|
echo "Writing SSH-Keys..."
|
|
echo "Writing SSH-Keys..."
|
|
|
mkdir /root/.ssh
|
|
mkdir /root/.ssh
|
|
|
touch /root/.ssh/authorized_keys
|
|
touch /root/.ssh/authorized_keys
|
|
|
sed -i '/backuppc$/d' /root/.ssh/authorized_keys
|
|
sed -i '/backuppc$/d' /root/.ssh/authorized_keys
|
|
|
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsBRdbMZqVK9kZ0o7XnkFWNcwGDt6BHSoVElo++Q+zElL8rj/E0fTcBmqbG+Xu+cvhDTThugjg/kzj6wK3x8rupE+Zc+B6FmncEl8aN1VcPBIQzmplGOkaMWBSPtj6v0Yjfq4yj35xEL5wYHwZR9mC6ZBDPrBCAuaUX00buP95e4XjKLmhZElKkZDsIBuMvEmj68UOMnmsd1Kyx7LUaWMswcEDFOAHbl013qAiB0mKAViYvSie69g5P1UruZ6uHhe4htnFHJhfV/p5ZGv75jq/+Y82kEqdCB0iDE3VMFru7p6rPiF1xGjNNZooyKXtVpi7/1xBqNg/m4o8kDmrY+fEXJwXoABaLOjRDH6jUnZHxQNw+5ko/mfOlWBw72EvKvbyBcbU7HIO45MF8iXMREhxpbVAUOiBF+qqjOj0ktM+CYFJV2soAQ7Dt8zXr/H/xC0veU/pCiNz4sbsCDXws9ZwrKn14jdDUbNNo/Ax96nIbvu0WC9Dr6Tw27juq1NC/sCz67fdLM6RRakx452I+ejRKdYG/pmw9ACuHOeTW7StZjUy1iIdYBghPhnDv/iWEUwZHp++RprqEH68rAXHuoFjffzF9o2DG5tkE2k02kFbcrCzyRQRVCBHOpCcyQr/ywpKRkcJFdslBjrAcDzUui0Vs0HSr/cZUjNYx0VXHydYRw== backuppc" >> /root/.ssh/authorized_keys
|
|
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsBRdbMZqVK9kZ0o7XnkFWNcwGDt6BHSoVElo++Q+zElL8rj/E0fTcBmqbG+Xu+cvhDTThugjg/kzj6wK3x8rupE+Zc+B6FmncEl8aN1VcPBIQzmplGOkaMWBSPtj6v0Yjfq4yj35xEL5wYHwZR9mC6ZBDPrBCAuaUX00buP95e4XjKLmhZElKkZDsIBuMvEmj68UOMnmsd1Kyx7LUaWMswcEDFOAHbl013qAiB0mKAViYvSie69g5P1UruZ6uHhe4htnFHJhfV/p5ZGv75jq/+Y82kEqdCB0iDE3VMFru7p6rPiF1xGjNNZooyKXtVpi7/1xBqNg/m4o8kDmrY+fEXJwXoABaLOjRDH6jUnZHxQNw+5ko/mfOlWBw72EvKvbyBcbU7HIO45MF8iXMREhxpbVAUOiBF+qqjOj0ktM+CYFJV2soAQ7Dt8zXr/H/xC0veU/pCiNz4sbsCDXws9ZwrKn14jdDUbNNo/Ax96nIbvu0WC9Dr6Tw27juq1NC/sCz67fdLM6RRakx452I+ejRKdYG/pmw9ACuHOeTW7StZjUy1iIdYBghPhnDv/iWEUwZHp++RprqEH68rAXHuoFjffzF9o2DG5tkE2k02kFbcrCzyRQRVCBHOpCcyQr/ywpKRkcJFdslBjrAcDzUui0Vs0HSr/cZUjNYx0VXHydYRw== backuppc" >> /root/.ssh/authorized_keys
|
|
|
-
|
|
|
|
|
|
|
+echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClwNvLcpeFCnKyoEfPyCqJpmdw5c4OKEj/9uApbNBQa3gBWc91suIrMBO8hNSCD65J8fblWUhc1itA+VkBQxbZU6HDXu4xfWBROsJRGYn9Y/i7TbYz57j3LDVS2Ks3kT5cCJdLk/L9Fk05Q+tYpIH7mhxRcdjgr/tmppzaVaTFltCNcgaWhHH7oR2VBiGy6FCNS1Mhk8O4ic5o3PtQix43CZPk7kSIKX1YHHz4HQ4UNjr/T0/MSUBDItl4rKozLe6trSmobHCepXmVpg8mibVEAk3FG6So73xoXeohkdhLGyA9Zakzm+VmBycMSuWphDmspMFGIKprnL1lxnPUHLj5 root@nhi-00-sl-ihms" >> /root/.ssh/authorized_keys
|
|
|
echo "Done, exiting..."
|
|
echo "Done, exiting..."
|
