Lewati ke isi

Memulai awal CentOS 7 cloud server pada DigitalOcean

PRIVATE_KEY=""
PUBLIC_KEY=""
SERVER_IP_ADDRESS=""
SERVER_USER=""
#
ssh -v -i ~/.ssh/$PRIVATE_KEY root@$SERVER_IP_ADDRESS
#
cat << EOF >> ~/.bashrc
#
# Fix bash locale ssh session
#
export LANGUAGE=en_US.UTF-8
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
EOF
#
passwd
yum -y update ; yum -y upgrade
# adduser $SERVER_USER ; passwd $SERVER_USER
# gpasswd -a $SERVER_USER wheel
# # ssh-copy-id -i ~/.ssh/$PRIVATE_KEY $SERVER_USER@$SERVER_IP_ADDRESS
# su - $SERVER_USER
# mkdir .ssh
# chmod 700 .ssh
# echo $PUBLIC_KEY > .ssh/authorized_keys
# chmod 600 .ssh/authorized_keys
# exit
# cp /etc/ssh/sshd_config{,.orig}
# # sed -i -r 's/^#?(Port) 22/\1 8022/' /etc/ssh/sshd_config
# echo "PermitRootLogin no" >> /etc/ssh/sshd_config
# echo "Port 8022" >> /etc/ssh/sshd_config
# systemctl reload sshd
# echo "$SERVER_USER ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/$SERVER_USER
#
yum -y update ; yum -y upgrade
yum -y install \
    epel-release \
    firewalld \
    fail2ban-firewalld \
    git \
    htop \
    nano \
    ntp \
    screen \
    tree \
    vim \
    zsh
#
# curl -sSL http://agent.digitalocean.com/install.sh | sh
#
sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions
git clone https://github.com/zsh-users/zsh-completions ~/.oh-my-zsh/custom/plugins/zsh-completions
git clone https://github.com/scopatz/nanorc.git ~/.nano
cat ~/.nano/nanorc >> ~/.nanorc
sed -e '/plugins/ s/^#*/#/' -i ~/.zshrc
sed -e '/source/ s/^#*/#/' -i ~/.zshrc
# sed -e 's/robbyrussell/bira/' ~/.zshrc
cat << EOF >> ~/.zshrc
#
plugins=(
  colored-man-pages
  colorize
  command-not-found
  common-aliases
  git
  sudo
  systemd
  vim
  yum
  zsh-syntax-highlighting
  zsh-completions
)

source \$ZSH/oh-my-zsh.sh
EOF
#
nano ~/.zshrc
#
systemctl start firewalld
systemctl status firewalld
firewall-cmd --permanent --remove-service=ssh
firewall-cmd --permanent --add-port={22/tcp,80/tcp,443/tcp}
systemctl reload firewalld
systemctl enable firewalld
#
timedatectl set-timezone Asia/Jakarta
systemctl start ntpd
systemctl enable ntpd
systemctl status ntpd