Lewati ke isi

Do user data centos7

#!/bin/bash
set -eux

USERNAME=deploy
ENCRYPTED_ROOT_PW="$(grep root /etc/shadow | cut --delimiter=: --fields=2)"
HOME_DIRECTORY="$(eval echo /home/${USERNAME})"
FONTS_DIRECTORY=${HOME_DIRECTORY}/.local/share/fonts

yum update -y
yum install -y epel-release
yum install -y \
  fail2ban \
  git-core \
  htop \
  nano \
  screen \
  tree \
  unzip \
  wget \
  zsh

useradd --create-home --shell $(which zsh) --groups wheel "${USERNAME}"

echo "${USERNAME} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/${USERNAME}

if [ "${ENCRYPTED_ROOT_PW}" != "*" ]; then
    echo "${USERNAME}:${ENCRYPTED_ROOT_PW}" | chpasswd --encrypted
    passwd --lock root
else
    passwd --delete "${USERNAME}"
fi

chage --lastday 0 "${USERNAME}"

# Create SSH directory for sudo user
mkdir --parents "${HOME_DIRECTORY}/.ssh"

cp /root/.ssh/authorized_keys "${HOME_DIRECTORY}/.ssh"

# Adjust SSH configuration ownership and permissions
chmod 0700 "${HOME_DIRECTORY}/.ssh"
chmod 0600 "${HOME_DIRECTORY}/.ssh/authorized_keys"

# Bebersih
# TODO
yum clean all
yum autoremove -y

# Disable root SSH login with password
sed --in-place 's/^PermitRootLogin.*/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
if sshd -t -q; then
    systemctl restart sshd
fi

# Setel zona waktu ke Jakarta
timedatectl set-timezone Asia/Jakarta && timedatectl

# Pembaruan otomatis hanya untuk keamanan
# TODO

# oh-my-zsh on steroid
git clone https://github.com/ohmyzsh/ohmyzsh.git "${HOME_DIRECTORY}/.oh-my-zsh" && \
git clone https://github.com/zdharma/fast-syntax-highlighting.git  "${HOME_DIRECTORY}/.oh-my-zsh/custom/plugins/fast-syntax-highlighting" && \
git clone https://github.com/zsh-users/zsh-autosuggestions "${HOME_DIRECTORY}/.oh-my-zsh/custom/plugins/zsh-autosuggestions" && \
git clone https://github.com/zsh-users/zsh-completions "${HOME_DIRECTORY}/.oh-my-zsh/custom/plugins/zsh-completions" && \
git clone --depth=1 https://github.com/romkatv/powerlevel10k.git "${HOME_DIRECTORY}/.oh-my-zsh/custom/themes/powerlevel10k"
mkdir -p ${HOME_DIRECTORY}/.local/share/fonts && \
for mesloFonts in {'MesloLGS%20NF%20Regular','MesloLGS%20NF%20Bold','MesloLGS%20NF%20Italic','MesloLGS%20NF%20Bold%20Italic'}; do wget -P "$FONTS_DIRECTORY" https://github.com/romkatv/powerlevel10k-media/raw/master/$mesloFonts.ttf; done

cat << EOF > "${HOME_DIRECTORY}/.zshrc"
#
  export ZSH="${HOME_DIRECTORY}/.oh-my-zsh"
#
ZSH_THEME="powerlevel10k/powerlevel10k"
#
export LANGUAGE=en_US.UTF-8
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
#
plugins=(
  colored-man-pages
  colorize
  command-not-found
  common-aliases
  yum
  fast-syntax-highlighting
  git
  history
  sudo
  systemd
  yum
  zsh-autosuggestions
  zsh-completions
)

source \$ZSH/oh-my-zsh.sh
EOF

# HOME_DIRECTORY Permission
chown --recursive "${USERNAME}":"${USERNAME}" "${HOME_DIRECTORY}"

yum remove -y do-agent
curl -sSL https://repos.insights.digitalocean.com/install.sh | bash

Rujukan