Finish first draft of system

2024-05-24 08:29:43 -06:00 · 2024-05-24 08:29:43 -06:00 · ac063405b3
commit ac063405b3
parent 4cb04f2829
2 changed files with 90 additions and 24 deletions
--- a/InitMate.sh
+++ b/InitMate.sh
@ -1,18 +1,26 @@
 #!/bin/bash
 LOG_FILE="$(dirname "$0")/setup.log"
 # Log function
 log() {
    echo "$1" | tee -a "$LOG_FILE"
 }
 # Check if the script is run as root
 if [ "$EUID" -ne 0 ]; then
-    echo "Please run as root"
+    log "Please run as root"
    exit 1
 fi
 # Function to detect the OS and package manager
 detect_os() {
    if [[ -f /etc/os-release ]]; then
        # shellcheck source=/dev/null
        source /etc/os-release
        OS=$ID
    else
-        echo "Unable to detect the operating system. Please enter it manually (e.g., ubuntu, debian, centos):"
+        log "Unable to detect the operating system. Please enter it manually (e.g., ubuntu, debian, centos):"
        read -r OS
    fi
@ -24,24 +32,29 @@ detect_os() {
            PKG_MANAGER="yum"
            ;;
        *)
-            echo "Unknown operating system. Please enter the package manager (e.g., apt, yum):"
+            log "Unknown operating system. Please enter the package manager (e.g., apt, yum):"
            read -r PKG_MANAGER
            log "Please enter the command to update the package list (e.g., 'apt update && apt upgrade' or 'yum update'):"
            read -r UPDATE_CMD
            log "Please enter the command to install a package (e.g., 'apt install -y {package_name}' or 'yum install -y {package_name}'):"
            log "Do not include the {package_name} part, just the 'apt install -y' part"
            read -r INSTALL_CMD
            ;;
    esac
 }
 # Function to secure SSH
 secure_ssh() {
-    echo "Securing SSH..."
+    log "Securing SSH..."
    SSH_PORT=$((RANDOM % 64512 + 1024))
-    echo "New SSH port: $SSH_PORT"
+    log "New SSH port: $SSH_PORT"
    sed -i "s/#Port 22/Port $SSH_PORT/" /etc/ssh/sshd_config
    sed -i "s/PermitRootLogin yes/PermitRootLogin no/" /etc/ssh/sshd_config
    sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config
    sed -i "s/#PubkeyAuthentication yes/PubkeyAuthentication yes/" /etc/ssh/sshd_config
-    echo "Please enter your public key:"
+    log "Please enter your public key:"
    read -r PUBLIC_KEY
    mkdir -p ~/.ssh
@ -55,37 +68,40 @@ secure_ssh() {
 # Function to setup firewall
 setup_firewall() {
    if command -v ufw &>/dev/null; then
-        echo "UFW is already installed. Opening SSH port $SSH_PORT."
+        log "UFW is already installed. Opening SSH port $SSH_PORT."
        ufw allow "$SSH_PORT"/tcp
    elif command -v firewall-cmd &>/dev/null; then
-        echo "Firewalld is already installed. Opening SSH port $SSH_PORT."
+        log "Firewalld is already installed. Opening SSH port $SSH_PORT."
        firewall-cmd --permanent --add-port="$SSH_PORT"/tcp
        firewall-cmd --reload
    else
-        echo "No firewall detected. Do you want to install UFW? (yes/no)"
+        log "No firewall detected. Do you want to install UFW? (yes/no)"
        read -r INSTALL_UFW
        if [[ $INSTALL_UFW == "yes" ]]; then
            if [[ $PKG_MANAGER == "apt" ]]; then
                apt update && apt install -y ufw
            elif [[ $PKG_MANAGER == "yum" ]]; then
                yum install -y ufw
            else
                $UPDATE_CMD && $INSTALL_CMD ufw
            fi
            ufw allow "$SSH_PORT"/tcp
            ufw enable
        fi
    fi
-    echo "Do you want to open additional ports? (yes/no)"
+    log "Do you want to open additional ports? (yes/no)"
    read -r OPEN_PORTS
    if [[ $OPEN_PORTS == "yes" ]]; then
-        echo "Please enter the ports to open (comma-separated, e.g., 80,443,8080):"
+        log "Please enter the ports and protocols to open (comma-separated, e.g., 80/tcp,443/tcp,8080/udp):"
        read -r ADDITIONAL_PORTS
        IFS=',' read -r -a PORT_ARRAY <<< "$ADDITIONAL_PORTS"
-        for PORT in "${PORT_ARRAY[@]}"; do
+        for PORT_PROTOCOL in "${PORT_ARRAY[@]}"; do
            IFS='/' read -r PORT PROTOCOL <<< "$PORT_PROTOCOL"
            if command -v ufw &>/dev/null; then
-                ufw allow "$PORT"/tcp
+                ufw allow "$PORT/$PROTOCOL"
            elif command -v firewall-cmd &>/dev/null; then
-                firewall-cmd --permanent --add-port="$PORT"/tcp
+                firewall-cmd --permanent --add-port="$PORT/$PROTOCOL"
            fi
        done
        if command -v firewall-cmd &>/dev/null; then
@ -100,38 +116,63 @@ system_update() {
        apt update && apt upgrade -y
    elif [[ $PKG_MANAGER == "yum" ]]; then
        yum update -y
    else
        $UPDATE_CMD && $INSTALL_CMD upgrade -y
    fi
 }
 # Function to run additional setup
 run_additional_setup() {
    log "Do you want to run additional setup scripts? (yes/no)"
    read -r RUN_ADDITIONAL_SETUP
    if [[ $RUN_ADDITIONAL_SETUP == "yes" ]]; then
        SCRIPT_DIR=$(dirname "$0")
        if [[ -f "$SCRIPT_DIR/extender.sh" ]]; then
            bash "$SCRIPT_DIR/extender.sh" | tee -a "$LOG_FILE"
        else
            log "No extender.sh script found in the script directory."
        fi
    fi
 }
 # Main script execution
 detect_os
-echo "Detected OS: $OS, Package Manager: $PKG_MANAGER"
+log "Detected OS: $OS, Package Manager: $PKG_MANAGER"
-echo "Is this correct? (yes/no)"
+log "Is this correct? (yes/no)"
 read -r CONFIRM
 if [[ $CONFIRM != "yes" ]]; then
-    echo "Please enter the correct OS and package manager:"
+    log "Please enter the correct OS and package manager:"
    read -r OS PKG_MANAGER
    if [[ $PKG_MANAGER != "apt" && $PKG_MANAGER != "yum" ]]; then
        log "Please enter the command to update the package list (e.g., 'apt update' or 'yum update'):"
        read -r UPDATE_CMD
        log "Please enter the command to install a package (e.g., 'apt install -y' or 'yum install -y'):"
        read -r INSTALL_CMD
    fi
 fi
-echo "Do you want to secure SSH? (yes/no)"
+log "Do you want to secure SSH? (yes/no)"
 read -r SECURE_SSH
 if [[ $SECURE_SSH == "yes" ]]; then
    secure_ssh
 fi
-echo "Do you want to set up a firewall? (yes/no)"
+log "Do you want to set up a firewall? (yes/no)"
 read -r SETUP_FIREWALL
 if [[ $SETUP_FIREWALL == "yes" ]]; then
    setup_firewall
 fi
-echo "Do you want to perform a system update? (yes/no)"
+log "Do you want to perform a system update? (yes/no)"
 read -r UPDATE_SYSTEM
 if [[ $UPDATE_SYSTEM == "yes" ]]; then
    system_update
 fi
-echo "Setup complete. Summary of actions performed:"
+log "Setup complete. Summary of actions performed:"
-[[ $SECURE_SSH == "yes" ]] && echo "- SSH secured on port $SSH_PORT"
+[[ $SECURE_SSH == "yes" ]] && log "- SSH secured on port $SSH_PORT"
-[[ $SETUP_FIREWALL == "yes" ]] && echo "- Firewall configured with SSH port $SSH_PORT"
+[[ $SETUP_FIREWALL == "yes" ]] && log "- Firewall configured with SSH port $SSH_PORT"
-[[ $UPDATE_SYSTEM == "yes" ]] && echo "- System updated"
+[[ $UPDATE_SYSTEM == "yes" ]] && log "- System updated"
 # Run additional setup if requested
 run_additional_setup
--- a/extender.sh
+++ b/extender.sh
@ -0,0 +1,25 @@
 #!/bin/bash
 LOG_FILE="$(dirname "$0")/setup.log"
 # Log function
 log() {
    echo "$1" | tee -a "$LOG_FILE"
 }
 EXTENSIONS_DIR="$(dirname "$0")/extensions"
 # Check if the extensions directory exists and is not empty
 if [[ -d "$EXTENSIONS_DIR" && $(ls -A "$EXTENSIONS_DIR") ]]; then
    log "Running additional setup scripts from $EXTENSIONS_DIR..."
    for script in "$EXTENSIONS_DIR"/*; do
        if [[ -x "$script" ]]; then
            log "Running script: $script"
            bash "$script" | tee -a "$LOG_FILE"
        else
            log "Skipping non-executable script: $script"
        fi
    done
 else
    log "No additional setup scripts found in $EXTENSIONS_DIR. Skipping additional setup."
 fi