267 lines
12 KiB
Bash
Executable File
267 lines
12 KiB
Bash
Executable File
#!/bin/bash
|
|
# void setup script - developed by acidvegas (https://git.acid.vegas/void)
|
|
|
|
# note: After importing keys: printf "FINGERPRINTHERE:6:" | gpg --import-ownertrust
|
|
|
|
set -xev
|
|
|
|
# Configuration
|
|
ARCH=x86_64 # x86_64 or x86_64-musl
|
|
CPU=intel # amd or intel (blank for none)
|
|
DISPLAY_SERVER=xorg # xorg or blank for none
|
|
GFX_DRIVER=intel # amd, intel, or nvidia (blank for none)
|
|
PI=0 # 0 for desktop, 1 for Raspberry Pi
|
|
REMOTE=dropbear # dropbear or ssh (blank for none)
|
|
USERNAME=acidvegas
|
|
WIFI_DEV=wlan0
|
|
|
|
|
|
GIT_URL="https://raw.githubusercontent.com/acidvegas/void/master"
|
|
|
|
setup_root() {
|
|
setup_packages
|
|
|
|
useradd -m -s /bin/bash $USERNAME && gpasswd -a $USERNAME wheel && passwd $USERNAME
|
|
gpasswd -a $USERNAME _incus && gpasswd -a $USERNAME _incus-admin # Typically incus & incus-admin but void uses the underscore prefix
|
|
|
|
for item in 6x11 7x12 7x14; do
|
|
wget -O /usr/share/kbd/consolefonts/ohsnap${item}r.psfu $GIT_URL/font/ohsnap${item}r.psfu
|
|
done
|
|
#printf "\nnohook resolv.conf\n" >> /etc/dhcpcd.conf
|
|
echo "CGROUP_MODE=\"unified\"" >> /etc/rc.conf
|
|
echo "proc /proc proc defaults,hidepid=2 0 0" >> /etc/fstab && mount -o remount /proc
|
|
printf "set boldtext\nset minibar\nset nohelp\nset nowrap\nset quickblank\nset tabsize 4\nunbind ^J main\nset selectedcolor black,red\ninclude \"/usr/share/nano/*.nanorc\"\n" > /etc/nanorc
|
|
printf "\nexport HISTFILE=/dev/null\nexport LESSHISTFILE=/dev/null\nexport PYTHONHISTFILE=/dev/null\n" >> /etc/profile
|
|
printf "#\!/bin/sh\nclear && (echo && printf \" E N T E R T H E V O I D\n" && echo) | nms -af red\n" > /etc/profile.d/motd.sh
|
|
printf "\nFONT=\"ohsnap6x11r\"\n" >> /etc/rc.conf
|
|
printf "Defaults lecture = always\nDefaults lecture_file = /etc/sudoers.d/sudoers.lecture\nroot ALL=(ALL) ALL\n%%wheel ALL=(ALL) ALL\n" > /etc/sudoers
|
|
printf "\n\033[1m \033[32m\"Bee\" careful \033[34m__\n \033[32mwith sudo! \033[34m// \ \n \\\\\\_/ \033[33m//\n \033[35m''-.._.-''-.._.. \033[33m-(||)(')\n '''\033[0m\n" > /etc/sudoers.d/sudoers.lecture
|
|
printf "\nhsts=0\n" >> /etc/wgetrc
|
|
|
|
# For Drevo Calibur V2 FN key fix
|
|
#echo 0 | sudo pkexec tee /sys/module/hid_apple/parameters/fnmode
|
|
|
|
if [ $REMOTE = "dropbear" ]; then
|
|
LOCAL_IP=$(ip addr show $WIFI_DEV | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1)
|
|
RND_PORT=$(shuf -i 10000-65535 -n 1)
|
|
xbps-install -y dropbear
|
|
printf '#!/bin/sh\nexec 2>&1\n[ -r conf ] && . ./conf\nexec dropbear -p $LOCAL_IP:$RND_PORT -w -s -R -F' > /etc/sv/dropbear/run
|
|
fi
|
|
|
|
# Need to optionally enable dhcp and wpa_supplicant incase we are using ethernet
|
|
for item in dhcpcd incus incus-user socklog-unix nanoklogd wpa_supplicant; do
|
|
ln -sfv /etc/sv/$item /var/service # Use /etc/runit/runsvdir/default/ instead of /var/service if in a chroot environemnt
|
|
done
|
|
}
|
|
|
|
|
|
setup_nonfree() {
|
|
xbps-install -Suy void-repo-nonfree
|
|
|
|
if [ $CPU = "intel" ]; then
|
|
xbps-install -y intel-ucode linux-firmware-intel
|
|
elif [ $CPU = "amd" ]; then
|
|
xbps-install -y linux-firmware-amd
|
|
fi
|
|
|
|
if [ $DISPLAY_SERVER = "xorg" ]; then
|
|
if [ $GFX_DRIVER = "intel" ]; then
|
|
xbps-install -y mesa-dri vulkan-loader mesa-vulkan-intel intel-video-accel
|
|
elif [ $GFX_DRIVER = "amd" ]; then
|
|
xbps-install -y mesa-dri vulkan-loader mesa-vulkan-radeon radeon-video-accel # Un-tested
|
|
elif [ $GFX_DRIVER = "nvidia" ]; then
|
|
xbps-install -y nvidia nvidia-libs
|
|
fi
|
|
fi
|
|
|
|
xbps-reconfigure -f linux
|
|
}
|
|
|
|
|
|
setup_packages() {
|
|
setup_nonfree
|
|
|
|
if [ $DISPLAY_SERVER = "xorg" ]; then
|
|
#xbps-install -y mesa-dri # Raspberry Pi
|
|
xbps-install -y xorg libX11 libX11-devel libXft libXft-devel libXinerama libXinerama-devel libXrandr libXrandr-devel arandr xrandr brightnessctl
|
|
xbps-install -y alacritty dmenu dunst firefox pinentry-dmenu redshift scrot unclutter xclip
|
|
xbps-install -y ohsnap-font font-unifont-bdf freefont-ttf noto-fonts-ttf noto-fonts-ttf-extra noto-fonts-cjk noto-fonts-emoji # These fonts give you the most unicode support coverage (noto)
|
|
fi
|
|
|
|
# Development
|
|
if [ $ARCH = 'x86_64' ]; then
|
|
xbps-install -y gcc
|
|
fi
|
|
xbps-install -y cargo checkbashisms go make patch pkg-config python3 python3-pip
|
|
xbps-install -y ansible aws-cli python3-aiodns python3-aiofiles python3-aiohttp python3-boto3 python3-Flask terraform
|
|
xbps-install -y bluetuith
|
|
|
|
# Essentials
|
|
xbps-install -y curl dropbear git jq openssh progress rsync socklog-void tmux tor tree unzip whois zip
|
|
xbps-install -y tailscale wireguard wireguard-tools wireproxy
|
|
|
|
xbps-install -y python3-zulip zulip-desktop zulip-term
|
|
|
|
# Raspberry Pi specific
|
|
#xbps-install -y rng-tools && ln -sfv /etc/sv/rngd /var/service/ && sv up rngd
|
|
|
|
xbps-install -y fzf glow gotify-cli gnupg2-scdaemon lxc incus incus-client incus-tools lazygit oath-toolkit websocat
|
|
#xbps-install -y earlyoom && ln -sfv /etc/sv/earlyoom /var/service/
|
|
|
|
# Alternatives
|
|
xbps-install -y bat btop delta duf exa procs xsv
|
|
|
|
# Fun
|
|
xbps-install -y asciiquarium chess-tui cmatrix no-more-secrets tuimoji tty-solitaire
|
|
|
|
# Audio
|
|
#xbps-install -y alsa-utils cmus ffmpeg id3v2 eyeD3 spotify-tui youtube-dl # Revamp audio setup at some point
|
|
|
|
# Hardware
|
|
xbps-install -y bluetuith gpsd
|
|
|
|
# Recon
|
|
xbps-install -y aircrack-ng bettercap bandwhich bpfmon ettercap ghidra kismet masscan mitmproxy strace tcpdump termshark wireshark wuzz
|
|
|
|
# Radio
|
|
#xbps-install -y airspy chirp CubicSDR gnuradio gqrx inspectrum librtlsdr rtl-sdr rx_tools SoapyRTLSDR SDRPlusPlus
|
|
}
|
|
|
|
|
|
setup_configs() {
|
|
mkdir -p $HOME/.config/alacritty && wget -O $HOME/.config/alacritty/alacritty.toml $GIT_URL/config/alacritty/alacritty.toml
|
|
mkdir -p $HOME/.config/cmus && wget -O $HOME/.config/cmus/autosave $GIT_URL/config/cmus/autosave
|
|
mkdir -p $HOME/.config/dunst && wget -O $HOME/.config/dunst/dunstrc $GIT_URL/config/dunst/dunstrc
|
|
mkdir -p $HOME/.config/git && wget -O $HOME/.config/git/config $GIT_URL/config/git/config
|
|
mkdir -p $HOME/.config/tmux && wget -O $HOME/.config/tmux/tmux.conf $GIT_URL/config/tmux/tmux.conf
|
|
mkdir -p $HOME/.config/X11 && wget -O $HOME/.config/X11/xinitrc $GIT_URL/config/X11/xinitrc
|
|
|
|
sed -i "s|/dev/sda2|$(df $HOME | awk 'NR==2 {print $1}')|" $HOME/.config/tmux/tmux.conf
|
|
|
|
mkdir -p $HOME/.local/share/bash
|
|
for item in bash_aliases bash_functions bash_fun bash_recon; do
|
|
wget -O $HOME/.local/share/bash/$item $GIT_URL/local/share/bash/$item
|
|
done
|
|
wget -O $HOME/.bashrc $GIT_URL/.bashrc
|
|
echo "history -c && clear && reset" > $HOME/.bash_logout
|
|
|
|
mkdir -p $HOME/.local/share/gnupg && wget -O $HOME/.local/share/gnupg/gpg.conf $GIT_URL/local/share/gnupg/gpg.conf
|
|
printf "pinentry-program /usr/bin/pinentry-curses\ndefault-cache-ttl 3600" > $HOME/.local/share/gnupg/gpg-agent.conf
|
|
chmod 700 $HOME/.local/share/gnupg && chmod 600 $HOME/.local/share/gnupg/*
|
|
|
|
mkdir -p $HOME/.local/bin/scripts
|
|
for SCRIPT in cmus-now gitremote irc-post-commit-hook mutag pmf shotz statusbar todo; do
|
|
wget -O $HOME/.local/bin/scripts/$SCRIPT $GIT_URL/scripts/$SCRIPT
|
|
done
|
|
wget -O $HOME/.local/bin/scripts/dbc https://raw.githubusercontent.com/acidvegas/dbc/main/dbc
|
|
wget -O $HOME/.local/bin/scripts/pass https://raw.githubusercontent.com/acidvegas/pass/main/pass
|
|
chmod +x $HOME/.local/bin/scripts/*
|
|
|
|
mkdir -p $HOME/.local/share/fonts && wget -O $HOME/.local/share/fonts/BlockZone.ttf $GIT_URL/font/BlockZone.ttf && fc-cache -f -v
|
|
|
|
mkdir -p $HOME/.config/pip && printf "[global]\nbreak-system-packages = true" > ~/.config/pip/pip.conf
|
|
}
|
|
|
|
|
|
setup_fun() {
|
|
BUILD=$HOME/dev/build
|
|
mkdir -p $BUILD
|
|
|
|
wget -O $HOME/.local/bin/scripts/irc2ansi.py https://raw.githubusercontent.com/internet-relay-chat/archive/master/art/irc2ansi.py
|
|
wget -O $HOME/.local/bin/scripts/bomber $GIT_URL/scripts/bomber && chmod +x $HOME/.local/bin/scripts/bomber
|
|
wget -O $HOME/.local/bin/scripts/pipes https://raw.githubusercontent.com/pipeseroni/pipes.sh/master/pipes.sh && chmod +x $HOME/.local/bin/scripts/pipes
|
|
|
|
git clone https://github.com/AngelJumbo/lavat.git $BUILD/lavat
|
|
sudo make -C $BUILD/lavat clean install
|
|
|
|
git clone https://github.com/lptstr/fire --recurse $BUILD/fire
|
|
sudo make -C $BUILD/fire clean install
|
|
|
|
git clone https://github.com/ricoriedel/wipe $BUILD/wipe
|
|
cargo build --release --manifest-path $BUILD/wipe/Cargo.toml # Need to install
|
|
|
|
git clone https://github.com/pythops/bouncinamation $BUILD/bouncinamation
|
|
cargo build --release --manifest-path $BUILD/bouncinamation/Cargo.toml # Need to install
|
|
|
|
go install github.com/maaslalani/confetty@latest # Animations
|
|
go install github.com/maxpaulus43/go-sweep@latest # Minesweeper
|
|
}
|
|
|
|
|
|
setup_builds() {
|
|
BUILD=$HOME/dev/build
|
|
mkdir -p $BUILD
|
|
|
|
git clone --depth 1 http://git.suckless.org/dwm $BUILD/dwm
|
|
wget -O $BUILD/dwm/config.h $GIT_URL/dwm/config.h
|
|
wget -O $BUILD/dwm/patch_nosquares.diff $GIT_URL/dwm/patch_nosquares.diff
|
|
wget -O $BUILD/dwm/patch_notitles.diff $GIT_URL/dwm/patch_notitles.diff
|
|
patch $BUILD/dwm/drw.c $BUILD/dwm/patch_nosquares.diff
|
|
patch $BUILD/dwm/dwm.c $BUILD/dwm/patch_notitles.diff
|
|
sudo make -C $BUILD/dwm clean install
|
|
}
|
|
|
|
|
|
setup_user_packages() {
|
|
VERSION=$(curl -s https://api.github.com/repos/boxdot/gurk-rs/releases/latest | jq -r .tag_name | cut -c2-)
|
|
wget -O $HOME/.local/bin/gurk https://github.com/boxdot/gurk-rs/releases/download/v${VERSION}/gurk-x86_64-unknown-linux-gnu.tar.gz
|
|
|
|
wget -O $HOME/.local/bin/cursor https://downloader.cursor.sh/linux/appImage/x64
|
|
chmod u+x $HOME/.local/bin/cursor
|
|
|
|
VERSION=$(curl -s https://api.github.com/repos/obsidianmd/obsidian-releases/releases/latest | jq -r .tag_name | cut -c2-)
|
|
wget -O $HOME/.local/bin/obsidian https://github.com/obsidianmd/obsidian-releases/releases/download/v${VERSION}/Obsidian-${VERSION}.AppImage
|
|
chmod u+x $HOME/.local/bin/obsidian
|
|
|
|
TEMP=$(mktemp -d)
|
|
wget -O $TEMP/zed.tar.gz https://zed.dev/api/releases/stable/latest/zed-linux-x86_64.tar.gz
|
|
tar -xzf $TEMP/zed.tar.gz -C $HOME/.local
|
|
ln -s $HOME/.local/zed.app/zed $HOME/.local/bin/zed
|
|
rm -rf $TEMP
|
|
|
|
mkdir -p $HOME/.config/pip
|
|
printf "[global]\nbreak-system-packages = true" > $HOME/.config/pip/pip.conf
|
|
pip install --user asyncwhois ecs elasticsearch meshtastic scalene
|
|
|
|
cargo install binsider csvlens git-dumper netscanner
|
|
|
|
go install -v github.com/nxtrace/NTrace-core@latest
|
|
go install -v github.com/projectdiscovery/asnmap/cmd/asnmap@latest
|
|
go install -v github.com/projectdiscovery/chaos-client/cmd/chaos@latest
|
|
go install -v github.com/projectdiscovery/cvemap/cmd/cvemap@latest
|
|
go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest
|
|
go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
|
|
go install -v github.com/projectdiscovery/katana/cmd/katana@latest
|
|
go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest
|
|
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
|
|
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
|
|
go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest
|
|
|
|
git clone https://github.com/blechschmidt/massdns.git $HOME/dev/git/mirror/massdns
|
|
make -C $HOME/dev/git/mirror/massdns && sudo make -C $HOME/dev/git/mirror/massdns install
|
|
}
|
|
|
|
|
|
|
|
[ "$#" -ne 1 ] && echo "usage: $0 [root|config|build|fun]" && exit 1
|
|
|
|
case "$1" in
|
|
root) setup_root ;;
|
|
config) setup_configs ;;
|
|
build) setup_builds ;;
|
|
fun) setup_fun ;;
|
|
*) echo "usage: $0 [root|config|build|fun]\n"; exit 1 ;;
|
|
esac
|
|
|
|
|
|
|
|
xbps-install -Syu && vkpurge rm all && xbps-install -y openssh
|
|
>/etc/ssh/sshd_config
|
|
printf "Port XXX\nAddressFamily inet\nListenAddress 0.0.0.0\nPasswordAuthentication no\nPrintMotd yes\nPrintLastLog no\nBanner none" > /etc/ssh/sshd_config
|
|
ln -s /etc/sv/sshd /var/service
|
|
nano /etc/ssh/sshd_config
|
|
sv restart sshd
|
|
printf "\nssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKoWLkmkbkwgivwqbzXBsIa8EbTGAEibGkX6CC/tiKZe admin@supernets.org" >> /home/acidvegas/.ssh/authorized_keys
|
|
chown acidvegas:acidvegas /home/acidvegas/.ssh/authorized_keys
|
|
chmod 400 /home/acidvegas/.ssh/authorized_keys
|