#!/bin/bash # void setup script - developed by acidvegas (https://git.acid.vegas/void) # note: After importing keys: printf "FINGERPRINTHERE:6:" | gpg --import-ownertrust set -xev # Configuration ARCH=x86_64 # x86_64 or x86_64-musl CPU=intel # amd or intel (blank for none) DISPLAY_SERVER=xorg # xorg or blank for none GFX_DRIVER=intel # amd, intel, or nvidia (blank for none) PI=0 # 0 for desktop, 1 for Raspberry Pi REMOTE=dropbear # dropbear or ssh (blank for none) USERNAME=acidvegas WIFI_DEV=wlan0 GIT_URL="https://raw.githubusercontent.com/acidvegas/void/master" setup_root() { setup_packages useradd -m -s /bin/bash $USERNAME && gpasswd -a $USERNAME wheel && passwd $USERNAME gpasswd -a $USERNAME _incus && gpasswd -a $USERNAME _incus-admin # Typically incus & incus-admin but void uses the underscore prefix for item in 6x11 7x12 7x14; do wget -O /usr/share/kbd/consolefonts/ohsnap${item}r.psfu $GIT_URL/font/ohsnap${item}r.psfu done #printf "\nnohook resolv.conf\n" >> /etc/dhcpcd.conf echo "CGROUP_MODE=\"unified\"" >> /etc/rc.conf echo "proc /proc proc defaults,hidepid=2 0 0" >> /etc/fstab && mount -o remount /proc printf "set boldtext\nset minibar\nset nohelp\nset nowrap\nset quickblank\nset tabsize 4\nunbind ^J main\nset selectedcolor black,red\ninclude \"/usr/share/nano/*.nanorc\"\n" > /etc/nanorc printf "\nexport HISTFILE=/dev/null\nexport LESSHISTFILE=/dev/null\nexport PYTHONHISTFILE=/dev/null\n" >> /etc/profile printf "#\!/bin/sh\nclear && (echo && printf \" E N T E R T H E V O I D\n" && echo) | nms -af red\n" > /etc/profile.d/motd.sh printf "\nFONT=\"ohsnap6x11r\"\n" >> /etc/rc.conf printf "Defaults lecture = always\nDefaults lecture_file = /etc/sudoers.d/sudoers.lecture\nroot ALL=(ALL) ALL\n%%wheel ALL=(ALL) ALL\n" > /etc/sudoers printf "\n\033[1m \033[32m\"Bee\" careful \033[34m__\n \033[32mwith sudo! \033[34m// \ \n \\\\\\_/ \033[33m//\n \033[35m''-.._.-''-.._.. \033[33m-(||)(')\n '''\033[0m\n" > /etc/sudoers.d/sudoers.lecture printf "\nhsts=0\n" >> /etc/wgetrc # For Drevo Calibur V2 FN key fix #echo 0 | sudo pkexec tee /sys/module/hid_apple/parameters/fnmode if [ $REMOTE = "dropbear" ]; then LOCAL_IP=$(ip addr show $WIFI_DEV | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1) RND_PORT=$(shuf -i 10000-65535 -n 1) xbps-install -y dropbear printf '#!/bin/sh\nexec 2>&1\n[ -r conf ] && . ./conf\nexec dropbear -p $LOCAL_IP:$RND_PORT -w -s -R -F' > /etc/sv/dropbear/run fi # Need to optionally enable dhcp and wpa_supplicant incase we are using ethernet for item in dhcpcd incus incus-user socklog-unix nanoklogd wpa_supplicant; do ln -sfv /etc/sv/$item /var/service # Use /etc/runit/runsvdir/default/ instead of /var/service if in a chroot environemnt done } setup_nonfree() { xbps-install -Suy void-repo-nonfree if [ $CPU = "intel" ]; then xbps-install -y intel-ucode linux-firmware-intel elif [ $CPU = "amd" ]; then xbps-install -y linux-firmware-amd fi if [ $DISPLAY_SERVER = "xorg" ]; then if [ $GFX_DRIVER = "intel" ]; then xbps-install -y mesa-dri vulkan-loader mesa-vulkan-intel intel-video-accel elif [ $GFX_DRIVER = "amd" ]; then xbps-install -y mesa-dri vulkan-loader mesa-vulkan-radeon radeon-video-accel # Un-tested elif [ $GFX_DRIVER = "nvidia" ]; then xbps-install -y nvidia nvidia-libs fi fi xbps-reconfigure -f linux } setup_packages() { setup_nonfree if [ $DISPLAY_SERVER = "xorg" ]; then #xbps-install -y mesa-dri # Raspberry Pi xbps-install -y xorg libX11 libX11-devel libXft libXft-devel libXinerama libXinerama-devel libXrandr libXrandr-devel arandr xrandr brightnessctl xbps-install -y alacritty dmenu dunst firefox pinentry-dmenu redshift scrot unclutter xclip xbps-install -y ohsnap-font font-unifont-bdf freefont-ttf noto-fonts-ttf noto-fonts-ttf-extra noto-fonts-cjk noto-fonts-emoji # These fonts give you the most unicode support coverage (noto) fi # Development if [ $ARCH = 'x86_64' ]; then xbps-install -y gcc fi xbps-install -y cargo checkbashisms go make patch pkg-config python3 python3-pip xbps-install -y ansible aws-cli python3-aiodns python3-aiofiles python3-aiohttp python3-boto3 python3-Flask terraform xbps-install -y bluetuith # Essentials xbps-install -y curl dropbear git jq openssh progress rsync socklog-void tmux tor tree unzip whois zip xbps-install -y tailscale wireguard wireguard-tools wireproxy xbps-install -y python3-zulip zulip-desktop zulip-term # Raspberry Pi specific #xbps-install -y rng-tools && ln -sfv /etc/sv/rngd /var/service/ && sv up rngd xbps-install -y fzf glow gotify-cli gnupg2-scdaemon lxc incus incus-client incus-tools lazygit oath-toolkit websocat #xbps-install -y earlyoom && ln -sfv /etc/sv/earlyoom /var/service/ # Alternatives xbps-install -y bat btop delta duf exa procs xsv # Fun xbps-install -y asciiquarium chess-tui cmatrix no-more-secrets tuimoji tty-solitaire # Audio #xbps-install -y alsa-utils cmus ffmpeg id3v2 eyeD3 spotify-tui youtube-dl # Revamp audio setup at some point # Hardware xbps-install -y bluetuith gpsd # Recon xbps-install -y aircrack-ng bettercap bandwhich bpfmon ettercap ghidra kismet masscan mitmproxy strace tcpdump termshark wireshark wuzz # Radio #xbps-install -y airspy chirp CubicSDR gnuradio gqrx inspectrum librtlsdr rtl-sdr rx_tools SoapyRTLSDR SDRPlusPlus } setup_configs() { mkdir -p $HOME/.config/alacritty && wget -O $HOME/.config/alacritty/alacritty.toml $GIT_URL/config/alacritty/alacritty.toml mkdir -p $HOME/.config/cmus && wget -O $HOME/.config/cmus/autosave $GIT_URL/config/cmus/autosave mkdir -p $HOME/.config/dunst && wget -O $HOME/.config/dunst/dunstrc $GIT_URL/config/dunst/dunstrc mkdir -p $HOME/.config/git && wget -O $HOME/.config/git/config $GIT_URL/config/git/config mkdir -p $HOME/.config/tmux && wget -O $HOME/.config/tmux/tmux.conf $GIT_URL/config/tmux/tmux.conf mkdir -p $HOME/.config/X11 && wget -O $HOME/.config/X11/xinitrc $GIT_URL/config/X11/xinitrc sed -i "s|/dev/sda2|$(df $HOME | awk 'NR==2 {print $1}')|" $HOME/.config/tmux/tmux.conf mkdir -p $HOME/.local/share/bash for item in bash_aliases bash_functions bash_fun bash_recon; do wget -O $HOME/.local/share/bash/$item $GIT_URL/local/share/bash/$item done wget -O $HOME/.bashrc $GIT_URL/.bashrc echo "history -c && clear && reset" > $HOME/.bash_logout mkdir -p $HOME/.local/share/gnupg && wget -O $HOME/.local/share/gnupg/gpg.conf $GIT_URL/local/share/gnupg/gpg.conf printf "pinentry-program /usr/bin/pinentry-curses\ndefault-cache-ttl 3600" > $HOME/.local/share/gnupg/gpg-agent.conf chmod 700 $HOME/.local/share/gnupg && chmod 600 $HOME/.local/share/gnupg/* mkdir -p $HOME/.local/bin/scripts for SCRIPT in cmus-now gitremote irc-post-commit-hook mutag pmf shotz statusbar todo; do wget -O $HOME/.local/bin/scripts/$SCRIPT $GIT_URL/scripts/$SCRIPT done wget -O $HOME/.local/bin/scripts/dbc https://raw.githubusercontent.com/acidvegas/dbc/main/dbc wget -O $HOME/.local/bin/scripts/pass https://raw.githubusercontent.com/acidvegas/pass/main/pass chmod +x $HOME/.local/bin/scripts/* mkdir -p $HOME/.local/share/fonts && wget -O $HOME/.local/share/fonts/BlockZone.ttf $GIT_URL/font/BlockZone.ttf && fc-cache -f -v mkdir -p $HOME/.config/pip && printf "[global]\nbreak-system-packages = true" > ~/.config/pip/pip.conf } setup_fun() { BUILD=$HOME/dev/build mkdir -p $BUILD wget -O $HOME/.local/bin/scripts/irc2ansi.py https://raw.githubusercontent.com/internet-relay-chat/archive/master/art/irc2ansi.py wget -O $HOME/.local/bin/scripts/bomber $GIT_URL/scripts/bomber && chmod +x $HOME/.local/bin/scripts/bomber wget -O $HOME/.local/bin/scripts/pipes https://raw.githubusercontent.com/pipeseroni/pipes.sh/master/pipes.sh && chmod +x $HOME/.local/bin/scripts/pipes git clone https://github.com/AngelJumbo/lavat.git $BUILD/lavat sudo make -C $BUILD/lavat clean install git clone https://github.com/lptstr/fire --recurse $BUILD/fire sudo make -C $BUILD/fire clean install git clone https://github.com/ricoriedel/wipe $BUILD/wipe cargo build --release --manifest-path $BUILD/wipe/Cargo.toml # Need to install git clone https://github.com/pythops/bouncinamation $BUILD/bouncinamation cargo build --release --manifest-path $BUILD/bouncinamation/Cargo.toml # Need to install go install github.com/maaslalani/confetty@latest # Animations go install github.com/maxpaulus43/go-sweep@latest # Minesweeper } setup_builds() { BUILD=$HOME/dev/build mkdir -p $BUILD git clone --depth 1 http://git.suckless.org/dwm $BUILD/dwm wget -O $BUILD/dwm/config.h $GIT_URL/dwm/config.h wget -O $BUILD/dwm/patch_nosquares.diff $GIT_URL/dwm/patch_nosquares.diff wget -O $BUILD/dwm/patch_notitles.diff $GIT_URL/dwm/patch_notitles.diff patch $BUILD/dwm/drw.c $BUILD/dwm/patch_nosquares.diff patch $BUILD/dwm/dwm.c $BUILD/dwm/patch_notitles.diff sudo make -C $BUILD/dwm clean install } setup_user_packages() { VERSION=$(curl -s https://api.github.com/repos/boxdot/gurk-rs/releases/latest | jq -r .tag_name | cut -c2-) wget -O $HOME/.local/bin/gurk https://github.com/boxdot/gurk-rs/releases/download/v${VERSION}/gurk-x86_64-unknown-linux-gnu.tar.gz wget -O $HOME/.local/bin/cursor https://downloader.cursor.sh/linux/appImage/x64 chmod u+x $HOME/.local/bin/cursor VERSION=$(curl -s https://api.github.com/repos/obsidianmd/obsidian-releases/releases/latest | jq -r .tag_name | cut -c2-) wget -O $HOME/.local/bin/obsidian https://github.com/obsidianmd/obsidian-releases/releases/download/v${VERSION}/Obsidian-${VERSION}.AppImage chmod u+x $HOME/.local/bin/obsidian TEMP=$(mktemp -d) wget -O $TEMP/zed.tar.gz https://zed.dev/api/releases/stable/latest/zed-linux-x86_64.tar.gz tar -xzf $TEMP/zed.tar.gz -C $HOME/.local ln -s $HOME/.local/zed.app/zed $HOME/.local/bin/zed rm -rf $TEMP mkdir -p $HOME/.config/pip printf "[global]\nbreak-system-packages = true" > $HOME/.config/pip/pip.conf pip install --user asyncwhois ecs elasticsearch meshtastic scalene cargo install binsider csvlens git-dumper netscanner go install -v github.com/nxtrace/NTrace-core@latest go install -v github.com/projectdiscovery/asnmap/cmd/asnmap@latest go install -v github.com/projectdiscovery/chaos-client/cmd/chaos@latest go install -v github.com/projectdiscovery/cvemap/cmd/cvemap@latest go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest go install -v github.com/projectdiscovery/katana/cmd/katana@latest go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest git clone https://github.com/blechschmidt/massdns.git $HOME/dev/git/mirror/massdns make -C $HOME/dev/git/mirror/massdns && sudo make -C $HOME/dev/git/mirror/massdns install } [ "$#" -ne 1 ] && echo "usage: $0 [root|config|build|fun]" && exit 1 case "$1" in root) setup_root ;; config) setup_configs ;; build) setup_builds ;; fun) setup_fun ;; *) echo "usage: $0 [root|config|build|fun]\n"; exit 1 ;; esac xbps-install -Syu && vkpurge rm all && xbps-install -y openssh >/etc/ssh/sshd_config printf "Port XXX\nAddressFamily inet\nListenAddress 0.0.0.0\nPasswordAuthentication no\nPrintMotd yes\nPrintLastLog no\nBanner none" > /etc/ssh/sshd_config ln -s /etc/sv/sshd /var/service nano /etc/ssh/sshd_config sv restart sshd printf "\nssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKoWLkmkbkwgivwqbzXBsIa8EbTGAEibGkX6CC/tiKZe admin@supernets.org" >> /home/acidvegas/.ssh/authorized_keys chown acidvegas:acidvegas /home/acidvegas/.ssh/authorized_keys chmod 400 /home/acidvegas/.ssh/authorized_keys