void/setup
2024-11-29 03:15:53 -05:00

267 lines
12 KiB
Bash
Executable File

#!/bin/bash
# void setup script - developed by acidvegas (https://git.acid.vegas/void)
# note: After importing keys: printf "FINGERPRINTHERE:6:" | gpg --import-ownertrust
set -xev
# Configuration
ARCH=x86_64 # x86_64 or x86_64-musl
CPU=intel # amd or intel (blank for none)
DISPLAY_SERVER=xorg # xorg or blank for none
GFX_DRIVER=intel # amd, intel, or nvidia (blank for none)
PI=0 # 0 for desktop, 1 for Raspberry Pi
REMOTE=dropbear # dropbear or ssh (blank for none)
USERNAME=acidvegas
WIFI_DEV=wlan0
GIT_URL="https://raw.githubusercontent.com/acidvegas/void/master"
setup_root() {
setup_packages
useradd -m -s /bin/bash $USERNAME && gpasswd -a $USERNAME wheel && passwd $USERNAME
gpasswd -a $USERNAME _incus && gpasswd -a $USERNAME _incus-admin # Typically incus & incus-admin but void uses the underscore prefix
for item in 6x11 7x12 7x14; do
wget -O /usr/share/kbd/consolefonts/ohsnap${item}r.psfu $GIT_URL/font/ohsnap${item}r.psfu
done
#printf "\nnohook resolv.conf\n" >> /etc/dhcpcd.conf
echo "CGROUP_MODE=\"unified\"" >> /etc/rc.conf
echo "proc /proc proc defaults,hidepid=2 0 0" >> /etc/fstab && mount -o remount /proc
printf "set boldtext\nset minibar\nset nohelp\nset nowrap\nset quickblank\nset tabsize 4\nunbind ^J main\nset selectedcolor black,red\ninclude \"/usr/share/nano/*.nanorc\"\n" > /etc/nanorc
printf "\nexport HISTFILE=/dev/null\nexport LESSHISTFILE=/dev/null\nexport PYTHONHISTFILE=/dev/null\n" >> /etc/profile
printf "#\!/bin/sh\nclear && (echo && printf \" E N T E R T H E V O I D\n" && echo) | nms -af red\n" > /etc/profile.d/motd.sh
printf "\nFONT=\"ohsnap6x11r\"\n" >> /etc/rc.conf
printf "Defaults lecture = always\nDefaults lecture_file = /etc/sudoers.d/sudoers.lecture\nroot ALL=(ALL) ALL\n%%wheel ALL=(ALL) ALL\n" > /etc/sudoers
printf "\n\033[1m \033[32m\"Bee\" careful \033[34m__\n \033[32mwith sudo! \033[34m// \ \n \\\\\\_/ \033[33m//\n \033[35m''-.._.-''-.._.. \033[33m-(||)(')\n '''\033[0m\n" > /etc/sudoers.d/sudoers.lecture
printf "\nhsts=0\n" >> /etc/wgetrc
# For Drevo Calibur V2 FN key fix
#echo 0 | sudo pkexec tee /sys/module/hid_apple/parameters/fnmode
if [ $REMOTE = "dropbear" ]; then
LOCAL_IP=$(ip addr show $WIFI_DEV | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1)
RND_PORT=$(shuf -i 10000-65535 -n 1)
xbps-install -y dropbear
printf '#!/bin/sh\nexec 2>&1\n[ -r conf ] && . ./conf\nexec dropbear -p $LOCAL_IP:$RND_PORT -w -s -R -F' > /etc/sv/dropbear/run
fi
# Need to optionally enable dhcp and wpa_supplicant incase we are using ethernet
for item in dhcpcd incus incus-user socklog-unix nanoklogd wpa_supplicant; do
ln -sfv /etc/sv/$item /var/service # Use /etc/runit/runsvdir/default/ instead of /var/service if in a chroot environemnt
done
}
setup_nonfree() {
xbps-install -Suy void-repo-nonfree
if [ $CPU = "intel" ]; then
xbps-install -y intel-ucode linux-firmware-intel
elif [ $CPU = "amd" ]; then
xbps-install -y linux-firmware-amd
fi
if [ $DISPLAY_SERVER = "xorg" ]; then
if [ $GFX_DRIVER = "intel" ]; then
xbps-install -y mesa-dri vulkan-loader mesa-vulkan-intel intel-video-accel
elif [ $GFX_DRIVER = "amd" ]; then
xbps-install -y mesa-dri vulkan-loader mesa-vulkan-radeon radeon-video-accel # Un-tested
elif [ $GFX_DRIVER = "nvidia" ]; then
xbps-install -y nvidia nvidia-libs
fi
fi
xbps-reconfigure -f linux
}
setup_packages() {
setup_nonfree
if [ $DISPLAY_SERVER = "xorg" ]; then
#xbps-install -y mesa-dri # Raspberry Pi
xbps-install -y xorg libX11 libX11-devel libXft libXft-devel libXinerama libXinerama-devel libXrandr libXrandr-devel arandr xrandr brightnessctl
xbps-install -y alacritty dmenu dunst firefox pinentry-dmenu redshift scrot unclutter xclip
xbps-install -y ohsnap-font font-unifont-bdf freefont-ttf noto-fonts-ttf noto-fonts-ttf-extra noto-fonts-cjk noto-fonts-emoji # These fonts give you the most unicode support coverage (noto)
fi
# Development
if [ $ARCH = 'x86_64' ]; then
xbps-install -y gcc
fi
xbps-install -y cargo checkbashisms go make patch pkg-config python3 python3-pip
xbps-install -y ansible aws-cli python3-aiodns python3-aiofiles python3-aiohttp python3-boto3 python3-Flask terraform
xbps-install -y bluetuith
# Essentials
xbps-install -y curl dropbear git jq openssh progress rsync socklog-void tmux tor tree unzip whois zip
xbps-install -y tailscale wireguard wireguard-tools wireproxy
xbps-install -y python3-zulip zulip-desktop zulip-term
# Raspberry Pi specific
#xbps-install -y rng-tools && ln -sfv /etc/sv/rngd /var/service/ && sv up rngd
xbps-install -y fzf glow gotify-cli gnupg2-scdaemon lxc incus incus-client incus-tools lazygit oath-toolkit websocat
#xbps-install -y earlyoom && ln -sfv /etc/sv/earlyoom /var/service/
# Alternatives
xbps-install -y bat btop delta duf exa procs xsv
# Fun
xbps-install -y asciiquarium chess-tui cmatrix no-more-secrets tuimoji tty-solitaire
# Audio
#xbps-install -y alsa-utils cmus ffmpeg id3v2 eyeD3 spotify-tui youtube-dl # Revamp audio setup at some point
# Hardware
xbps-install -y bluetuith gpsd
# Recon
xbps-install -y aircrack-ng bettercap bandwhich bpfmon ettercap ghidra kismet masscan mitmproxy strace tcpdump termshark wireshark wuzz
# Radio
#xbps-install -y airspy chirp CubicSDR gnuradio gqrx inspectrum librtlsdr rtl-sdr rx_tools SoapyRTLSDR SDRPlusPlus
}
setup_configs() {
mkdir -p $HOME/.config/alacritty && wget -O $HOME/.config/alacritty/alacritty.toml $GIT_URL/config/alacritty/alacritty.toml
mkdir -p $HOME/.config/cmus && wget -O $HOME/.config/cmus/autosave $GIT_URL/config/cmus/autosave
mkdir -p $HOME/.config/dunst && wget -O $HOME/.config/dunst/dunstrc $GIT_URL/config/dunst/dunstrc
mkdir -p $HOME/.config/git && wget -O $HOME/.config/git/config $GIT_URL/config/git/config
mkdir -p $HOME/.config/tmux && wget -O $HOME/.config/tmux/tmux.conf $GIT_URL/config/tmux/tmux.conf
mkdir -p $HOME/.config/X11 && wget -O $HOME/.config/X11/xinitrc $GIT_URL/config/X11/xinitrc
sed -i "s|/dev/sda2|$(df $HOME | awk 'NR==2 {print $1}')|" $HOME/.config/tmux/tmux.conf
mkdir -p $HOME/.local/share/bash
for item in bash_aliases bash_functions bash_fun bash_recon; do
wget -O $HOME/.local/share/bash/$item $GIT_URL/local/share/bash/$item
done
wget -O $HOME/.bashrc $GIT_URL/.bashrc
echo "history -c && clear && reset" > $HOME/.bash_logout
mkdir -p $HOME/.local/share/gnupg && wget -O $HOME/.local/share/gnupg/gpg.conf $GIT_URL/local/share/gnupg/gpg.conf
printf "pinentry-program /usr/bin/pinentry-curses\ndefault-cache-ttl 3600" > $HOME/.local/share/gnupg/gpg-agent.conf
chmod 700 $HOME/.local/share/gnupg && chmod 600 $HOME/.local/share/gnupg/*
mkdir -p $HOME/.local/bin/scripts
for SCRIPT in cmus-now gitremote irc-post-commit-hook mutag pmf shotz statusbar todo; do
wget -O $HOME/.local/bin/scripts/$SCRIPT $GIT_URL/scripts/$SCRIPT
done
wget -O $HOME/.local/bin/scripts/dbc https://raw.githubusercontent.com/acidvegas/dbc/main/dbc
wget -O $HOME/.local/bin/scripts/pass https://raw.githubusercontent.com/acidvegas/pass/main/pass
chmod +x $HOME/.local/bin/scripts/*
mkdir -p $HOME/.local/share/fonts && wget -O $HOME/.local/share/fonts/BlockZone.ttf $GIT_URL/font/BlockZone.ttf && fc-cache -f -v
mkdir -p $HOME/.config/pip && printf "[global]\nbreak-system-packages = true" > ~/.config/pip/pip.conf
}
setup_fun() {
BUILD=$HOME/dev/build
mkdir -p $BUILD
wget -O $HOME/.local/bin/scripts/irc2ansi.py https://raw.githubusercontent.com/internet-relay-chat/archive/master/art/irc2ansi.py
wget -O $HOME/.local/bin/scripts/bomber $GIT_URL/scripts/bomber && chmod +x $HOME/.local/bin/scripts/bomber
wget -O $HOME/.local/bin/scripts/pipes https://raw.githubusercontent.com/pipeseroni/pipes.sh/master/pipes.sh && chmod +x $HOME/.local/bin/scripts/pipes
git clone https://github.com/AngelJumbo/lavat.git $BUILD/lavat
sudo make -C $BUILD/lavat clean install
git clone https://github.com/lptstr/fire --recurse $BUILD/fire
sudo make -C $BUILD/fire clean install
git clone https://github.com/ricoriedel/wipe $BUILD/wipe
cargo build --release --manifest-path $BUILD/wipe/Cargo.toml # Need to install
git clone https://github.com/pythops/bouncinamation $BUILD/bouncinamation
cargo build --release --manifest-path $BUILD/bouncinamation/Cargo.toml # Need to install
go install github.com/maaslalani/confetty@latest # Animations
go install github.com/maxpaulus43/go-sweep@latest # Minesweeper
}
setup_builds() {
BUILD=$HOME/dev/build
mkdir -p $BUILD
git clone --depth 1 http://git.suckless.org/dwm $BUILD/dwm
wget -O $BUILD/dwm/config.h $GIT_URL/dwm/config.h
wget -O $BUILD/dwm/patch_nosquares.diff $GIT_URL/dwm/patch_nosquares.diff
wget -O $BUILD/dwm/patch_notitles.diff $GIT_URL/dwm/patch_notitles.diff
patch $BUILD/dwm/drw.c $BUILD/dwm/patch_nosquares.diff
patch $BUILD/dwm/dwm.c $BUILD/dwm/patch_notitles.diff
sudo make -C $BUILD/dwm clean install
}
setup_user_packages() {
VERSION=$(curl -s https://api.github.com/repos/boxdot/gurk-rs/releases/latest | jq -r .tag_name | cut -c2-)
wget -O $HOME/.local/bin/gurk https://github.com/boxdot/gurk-rs/releases/download/v${VERSION}/gurk-x86_64-unknown-linux-gnu.tar.gz
wget -O $HOME/.local/bin/cursor https://downloader.cursor.sh/linux/appImage/x64
chmod u+x $HOME/.local/bin/cursor
VERSION=$(curl -s https://api.github.com/repos/obsidianmd/obsidian-releases/releases/latest | jq -r .tag_name | cut -c2-)
wget -O $HOME/.local/bin/obsidian https://github.com/obsidianmd/obsidian-releases/releases/download/v${VERSION}/Obsidian-${VERSION}.AppImage
chmod u+x $HOME/.local/bin/obsidian
TEMP=$(mktemp -d)
wget -O $TEMP/zed.tar.gz https://zed.dev/api/releases/stable/latest/zed-linux-x86_64.tar.gz
tar -xzf $TEMP/zed.tar.gz -C $HOME/.local
ln -s $HOME/.local/zed.app/zed $HOME/.local/bin/zed
rm -rf $TEMP
mkdir -p $HOME/.config/pip
printf "[global]\nbreak-system-packages = true" > $HOME/.config/pip/pip.conf
pip install --user asyncwhois ecs elasticsearch meshtastic scalene
cargo install binsider csvlens git-dumper netscanner
go install -v github.com/nxtrace/NTrace-core@latest
go install -v github.com/projectdiscovery/asnmap/cmd/asnmap@latest
go install -v github.com/projectdiscovery/chaos-client/cmd/chaos@latest
go install -v github.com/projectdiscovery/cvemap/cmd/cvemap@latest
go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest
go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
go install -v github.com/projectdiscovery/katana/cmd/katana@latest
go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest
git clone https://github.com/blechschmidt/massdns.git $HOME/dev/git/mirror/massdns
make -C $HOME/dev/git/mirror/massdns && sudo make -C $HOME/dev/git/mirror/massdns install
}
[ "$#" -ne 1 ] && echo "usage: $0 [root|config|build|fun]" && exit 1
case "$1" in
root) setup_root ;;
config) setup_configs ;;
build) setup_builds ;;
fun) setup_fun ;;
*) echo "usage: $0 [root|config|build|fun]\n"; exit 1 ;;
esac
xbps-install -Syu && vkpurge rm all && xbps-install -y openssh
>/etc/ssh/sshd_config
printf "Port XXX\nAddressFamily inet\nListenAddress 0.0.0.0\nPasswordAuthentication no\nPrintMotd yes\nPrintLastLog no\nBanner none" > /etc/ssh/sshd_config
ln -s /etc/sv/sshd /var/service
nano /etc/ssh/sshd_config
sv restart sshd
printf "\nssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKoWLkmkbkwgivwqbzXBsIa8EbTGAEibGkX6CC/tiKZe admin@supernets.org" >> /home/acidvegas/.ssh/authorized_keys
chown acidvegas:acidvegas /home/acidvegas/.ssh/authorized_keys
chmod 400 /home/acidvegas/.ssh/authorized_keys