From 076eb0043269342a6ad7345200848a9f975f3531 Mon Sep 17 00:00:00 2001 From: acidvegas Date: Mon, 21 Oct 2024 14:46:35 -0400 Subject: [PATCH] Updated --- enterthevoid | 4 +- enterthezoid | 10 ++-- scripts/vps | 142 --------------------------------------------------- setup | 12 +++-- 4 files changed, 14 insertions(+), 154 deletions(-) delete mode 100755 scripts/vps diff --git a/enterthevoid b/enterthevoid index 4543736..1df651d 100755 --- a/enterthevoid +++ b/enterthevoid @@ -145,10 +145,10 @@ setup_chroot() { useradd -m -s /bin/bash $USERNAME && passwd $USERNAME && gpasswd -a $USERNAME wheel ln -sf /usr/share/zoneinfo/$TIMEZONE /etc/localtime - ln -sf /etc/sv/dhcpcd /etc/runit/runsvdir/default/ + #ln -sf /etc/sv/dhcpcd /etc/runit/runsvdir/default/ hwclock --systohc printf "$HOSTNAME\n" > /etc/hostname - printf "HOSTNAME=\"$HOSTNAME\"\nHARDWARECLOCK=\"UTC\"\nTIMEZONE=\"$TIMEZONE\"\nKEYMAP=us\n" > /etc/rc.conf + printf "HOSTNAME=\"$HOSTNAME\"\nHARDWARECLOCK=\"UTC\"\nTIMEZONE=\"$TIMEZONE\"\nKEYMAP=us\nCGROUP_MODE=\"unified\"\n" > /etc/rc.conf if [ $ARCH = 'x86_64' ]; then printf "en_US.UTF-8 UTF-8\n" > /etc/default/libc-locales diff --git a/enterthezoid b/enterthezoid index fbc7e89..9afe283 100755 --- a/enterthezoid +++ b/enterthezoid @@ -86,11 +86,7 @@ setup_chroot() { hwclock --systohc printf "$HOSTNAME\n" > /etc/hostname - # CGROUP_MODE="unified" is required on Void to fix a bug with incus expecting systemd (https://github.com/lxc/incus/issues/625#issuecomment-2153154219) - # Temporary solution: - # mkdir /sys/fs/cgroup/systemd - # mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd - printf "HOSTNAME=\"$HOSTNAME\"\nHARDWARECLOCK=\"UTC\"\nTIMEZONE=\"America/New_York\"\nKEYMAP=us\nCGROUP_MODE=\"unified\"" > /etc/rc.conf + printf "HOSTNAME=\"$HOSTNAME\"\nHARDWARECLOCK=\"UTC\"\nTIMEZONE=\"America/New_York\"\nKEYMAP=us\n" > /etc/rc.conf printf "en_US.UTF-8 UTF-8\nen_US ISO-8859-1\n" > /etc/default/libc-locales xbps-reconfigure -f glibc-locales @@ -123,7 +119,7 @@ setup_chroot() { printf "\"Boot default\" \"quiet loglevel=0 zbm.skip\"\n\"Boot to menu\" \"quiet loglevel=0 zbm.show\"\n" > /boot/efi/EFI/ZBM/refind_linux.conf mkdir -p /boot/efi/EFI/BOOT - mvrefind /boot/efi/EFI/refind /boot/efi/EFI/BOOT + mvrefind /boot/efi/EFI/refind /boot/efi/EFI/BOOT temp=$(mktemp -d) wget -O $temp/latest.tar.gz https://get.zfsbootmenu.org/latest.tar.gz tar xvf $temp/latest.tar.gz -C $temp/ @@ -149,4 +145,4 @@ case "$1" in chroot) setup_chroot ;; final) umount -n -R /mnt; zpool export zroot; reboot ;; *) printf "usage: $0 [zfs|chroot|final]\n"; exit 1 ;; -esac \ No newline at end of file +esac diff --git a/scripts/vps b/scripts/vps deleted file mode 100755 index d6871ad..0000000 --- a/scripts/vps +++ /dev/null @@ -1,142 +0,0 @@ -#!/bin/bash -# enter the void (vps) - developed by acidvegas (https://git.acid.vegas/void) - -# Notes: -# MUSL builds for Void Linux are having an issue where `su` is segfaulting or returning "Bad address" -# -# Bootstrap: -# xbps-install -Su && xbps-install -u xbps && xbps-install wget nano && wget https://git.supernets.org/acidvegas/void/raw/branch/master/scripts/vps && chmod +x vps && ./vps root - -set -xev - -# Configuration -ARCH=x86_64 # x86_64 or x86_64-musl -DRIVE=/dev/vda -SSH_KEY="ssh-ed25519 REDACTED acidvegas@paloalto" -SWAP_SIZE=$((1 * 1024)) # 1GB -TIMEZONE="America/New_York" -USERNAME=supernets - -# Let's dynamically set the hostname so we don't have to hardcode it -echo "Hostname:" -read HOSTNAME - -setup_root() { - xbps-install -y parted - wipefs -a -f $DRIVE - parted --script $DRIVE mklabel msdos - parted --script $DRIVE mkpart primary ext4 1MiB 100% - parted --script $DRIVE set 1 boot on - mkfs.ext4 ${DRIVE}1 - mkdir -p /mnt - mount ${DRIVE}1 /mnt - mkdir -p /mnt/var/db/xbps/keys - cp /var/db/xbps/keys/* /mnt/var/db/xbps/keys/ - REPO=https://repo-default.voidlinux.org/current - [ $ARCH = 'x86_64-musl' ] && REPO=$REPO/musl - XBPS_ARCH=$ARCH xbps-install -y -S -r /mnt -R "$REPO" base-system linux - cp vps /mnt/root/ - xchroot /mnt /bin/bash -} - -setup_chroot() { - passwd - - xbps-install -u xbps - xbps-remove -y base-system openssh - xbps-install -Syu curl dropbear git htop incus incus-client incus-tools iptables nano net-tools runit-iptables tmux socklog-void wget - - # Set up networking - IP_ADDR=$(ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1) - GATEWAY=$(ip route show default | awk '/default/ {print $3}') - printf "ip link set eth0 up\nip addr add ${IP_ADDR}/24 dev eth0\nip route add default via $GATEWAY\n" > /etc/rc.local - printf "printf \"nameserver 208.67.222.222\\\nnameserver 208.67.220.220\\\nnameserver 2620:119:35::35\\\nnameserver 2620:119:53::53\" > /etc/resolv.conf" >> /etc/rc.local - - echo "$HOSTNAME" > /etc/hostname - echo 'export PS1="\e[38;5;237m\T\e[0m \e[38;5;196m\u@\h\e[0m \e[38;5;226m\w\e[0m : "' > /root/.bashrc - printf "set boldtext\nset minibar\nset nohelp\nset nowrap\nset quickblank\nset tabsize 4\nunbind ^J main\nset selectedcolor black,red\ninclude \"/usr/share/nano/*.nanorc\"\n" > /etc/nanorc - printf "\nexport HISTFILE=/dev/null\nexport LESSHISTFILE=/dev/null\nexport PYTHONHISTFILE=/dev/null\n" >> /etc/profile - printf "Defaults lecture = always\nDefaults lecture_file = /etc/sudoers.d/sudoers.lecture\nroot ALL=(ALL) ALL\n%%wheel ALL=(ALL) ALL\n" > /etc/sudoers - printf "\n\033[1m \033[32m\"Bee\" careful \033[34m__\n \033[32mwith sudo! \033[34m// \ \n \\\\\\_/ \033[33m//\n \033[35m''-.._.-''-.._.. \033[33m-(||)(')\n '''\033[0m\n" > /etc/sudoers.d/sudoers.lecture - printf '#!/bin/sh\nexec 2>&1\n[ -r conf ] && . ./conf\nexec dropbear -K 0 -p %s -R -w -t -T 1 -F 2>&1\n' "$(shuf -i 10000-65534 -n 1)" > /etc/sv/dropbear/run - echo "hsts=0" >> /etc/wgetrc - >/var/log/lastlog && chattr +i /var/log/lastlog - - # Enable services (Using the runit dir because the system is not running yet) - ln -s /etc/sv/socklog-unix/ /etc/runit/runsvdir/default/ - ln -s /etc/sv/nanoklogd/ /etc/runit/runsvdir/default/ - ln -s /etc/sv/dropbear/ /etc/runit/runsvdir/default/ - ln -s /etc/sv/incus /etc/runit/runsvdir/default/ - ln -s /etc/sv/incus-user /etc/runit/runsvdir/default/ - ln -s /usr/share/zoneinfo/$TIMEZONE /etc/localtime - - touch /swapfile - dd if=/dev/zero of=/swapfile bs=1M count=${SWAP_SIZE} status=progress - chmod 0600 /swapfile - mkswap /swapfile && swapon /swapfile - - hwclock --systohc - chsh -s /bin/bash - - useradd -m -s /bin/bash $USERNAME && passwd $USERNAME - gpasswd -a $USERNAME _incus - gpasswd -a $USERNAME _incus-admin - printf "root:1000000:65536\n$USERNAME:165536:65536" > /etc/subgid - printf "root:1000000:65536\n$USERNAME:165536:65536" > /etc/subuid - cp vps /home/$USERNAME/ && chown $USERNAME:$USERNAME /home/$USERNAME/vps - - if [ ! $ARCH = 'x86_64-musl' ]; then - xbps-reconfigure -f glibc-locales - fi - - # Setup fstab - echo "UUID=$(blkid -s UUID -o value ${DRIVE}1) / ext4 rw,errors=remount-ro,noatime 0 1" > /etc/fstab - echo "tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0" >> /etc/fstab - echo "/swapfile none swap sw 0 0" >> /etc/fstab - echo "proc /proc proc defaults,hidepid=2 0 0" >> /etc/fstab - mount -o remount /proc - - # Add the official SuperNETs seal of HARD FUCKIGN CORE INTERNET USAGE into the MOTD - { - echo -e "" - echo -e " \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;103m \033[37;101m \033[37;103m \033[37;101m \033[37;103m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e "\033[37;104m \033[37;101m \033[37;103m \033[37;101m \033[37;103m \033[37;101m \033[37;103m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e "\033[37;104m \033[37;101m \033[37;103m \033[37;101m \033[37;103m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;103m \033[37;101m \033[37;103m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;103m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;103m \033[37;101m \033[37;103m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;103m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;103m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e " \033[37;104m \033[37;101m \033[37;104m \033[0m \033[0m" - echo -e "┏┓┳┳┏┓┏┓┳┓ \033[37;104m \033[37;101m \033[37;104m \033[0m ┳┓┏┓┏┳┓┏┓" - echo -e "┗┓┃┃┣┛┣ ┣┫ \033[37;104m \033[0m ┃┃┣ ┃ ┗┓" - echo -e "┗┛┗┛┻ ┗┛┛┗ \033[37;104m \033[0m\033[0m ┛┗┗┛ ┻ ┗┛" - echo -e "" - } > /etc/motd - - # Set up user SSH keys - mkdir -p /home/$USERNAME/.ssh - echo "$SSH_KEY" > /home/$USERNAME/.ssh/authorized_keys - chmod 700 $HOME/.ssh && chown -R $USERNAME:$USERNAME /home/$USERNAME/.ssh - chmod 400 $HOME/.ssh/authorized_keys && chattr +i $HOME/.ssh/authorized_keys && chattr +i $HOME/.ssh - - xbps-install -Sy grub - grub-install $DRIVE - grub-mkconfig -o /boot/grub/grub.cfg - - xbps-reconfigure -fa -} - - -setup_user() { - echo 'export PS1="\e[38;5;237m\T\e[0m \e[38;5;196m\u@\h\e[0m \e[38;5;226m\w\e[0m : "' > ~/.bashrc -} - - -[ $1 = "root" ] && setup_root -[ $1 = "chroot" ] && setup_chroot -[ $1 = "user" ] && setup_user \ No newline at end of file diff --git a/setup b/setup index a14daec..4ef53ff 100755 --- a/setup +++ b/setup @@ -27,6 +27,7 @@ setup_root() { done printf "\nnohook resolv.conf\n" >> /etc/dhcpcd.conf #printf "\nipv4only\nnodhcp6\n" >> /etc/dhcpcd.conf # For fixing "dhcpcd: ipv6nd_sendadvertisement: Operation not permitted" error + echo "CGROUP_MODE=\"unified\"" >> /etc/rc.conf printf "nameserver 9.9.9.9\nnameserver149.112.112.112\nnameserver 2620:fe::fe\nnameserver 2620:fe::9" > /etc/resolv.conf echo "proc /proc proc defaults,hidepid=2 0 0" >> /etc/fstab && mount -o remount /proc printf "set boldtext\nset minibar\nset nohelp\nset nowrap\nset quickblank\nset tabsize 4\nunbind ^J main\nset selectedcolor black,red\ninclude \"/usr/share/nano/*.nanorc\"\n" > /etc/nanorc @@ -36,13 +37,16 @@ setup_root() { printf "Defaults lecture = always\nDefaults lecture_file = /etc/sudoers.d/sudoers.lecture\nroot ALL=(ALL) ALL\n%%wheel ALL=(ALL) ALL\n" > /etc/sudoers printf "\n\033[1m \033[32m\"Bee\" careful \033[34m__\n \033[32mwith sudo! \033[34m// \ \n \\\\\\_/ \033[33m//\n \033[35m''-.._.-''-.._.. \033[33m-(||)(')\n '''\033[0m\n" > /etc/sudoers.d/sudoers.lecture + # For Drevo Calibur V2 FN key fix + #echo 0 | sudo pkexec tee /sys/module/hid_apple/parameters/fnmode + if [ $REMOTE = "dropbear" ]; then LOCAL_IP=$(ip addr show $WIFI_DEV | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1) RND_PORT=$(shuf -i 10000-65535 -n 1) xbps-install -y dropbear printf '#!/bin/sh\nexec 2>&1\n[ -r conf ] && . ./conf\nexec dropbear -p $LOCAL_IP:$RND_PORT -w -s -R -F' > /etc/sv/dropbear/run fi - + printf "\nhsts=0\n" >> /etc/wgetrc for item in dhcpcd incus incus-user socklog-unix nanoklogd wpa_supplicant; do @@ -54,7 +58,6 @@ setup_root() { setup_nonfree() { xbps-install -Suy void-repo-nonfree - # Might need to `xbps-recorder -f` after this if [ $CPU = "intel" ]; then xbps-install -y intel-ucode linux-firmware-intel elif [ $CPU = "amd" ]; then @@ -101,7 +104,7 @@ setup_packages() { xbps-install -y curl dropbear git jq progress rsync socklog-void tmux tor tree unzip zip # Raspberry Pi specific - xbps-install -y rng-tools && ln -sfv /etc/sv/rngd /var/service/ && sv up rngd + #xbps-install -y rng-tools && ln -sfv /etc/sv/rngd /var/service/ && sv up rngd xbps-install -y bandwhich bpfmon glow gnupg2-scdaemon lxc incus incus-client incus-tools lazygit oath-toolkit websocat #xbps-install -y earlyoom && ln -sfv /etc/sv/earlyoom /var/service/ @@ -150,6 +153,9 @@ setup_configs() { wget -O $HOME/.scripts/dbc https://raw.githubusercontent.com/acidvegas/dbc/main/dbc && chmod +x $HOME/.scripts/dbc mkdir -p $HOME/.local/share/fonts && wget -O $HOME/.local/share/fonts/BlockZone.ttf $GIT_URL/font/BlockZone.ttf && fc-cache -f -v + + VERSION=$(curl -s https://api.github.com/repos/obsidianmd/obsidian-releases/releases/latest | jq -r .tag_name | cut -c2-) + wget -O $HOME/.local/bin/obsidian https://github.com/obsidianmd/obsidian-releases/releases/download/v${VERSION}/Obsidian-${VERSION}.AppImage }