From 1f7435e436f5a1fa392ce972eeae2111325af661 Mon Sep 17 00:00:00 2001 From: Xavier Petit Date: Mon, 29 Apr 2019 02:34:18 +0100 Subject: [PATCH] Add Ubuntu installation scripts --- scripts/bash_tweaks.sh | 59 ++++++++ scripts/clean.sh | 55 ++++++++ scripts/common_packages.txt | 64 +++++++++ scripts/dconfig.txt | 131 ++++++++++++++++++ scripts/firewall.sh | 15 ++ scripts/fx.sh | 9 ++ scripts/go.sh | 24 ++++ scripts/grub.sh | 25 ++++ scripts/install_client.sh | 89 ++++++++++++ scripts/nodejs.sh | 10 ++ scripts/set.sh | 34 +++++ scripts/ssh.sh | 25 ++++ scripts/sublime.sh | 17 +++ scripts/system/etc/gdm3/PostLogin/Default | 73 ++++++++++ scripts/system/etc/gdm3/PostSession/Default | 25 ++++ .../system/etc/udev/rules.d/10-local.rules | 1 + scripts/system/usr/local/bin/lock_screen | 13 ++ scripts/system/usr/local/bin/suspend_session | 13 ++ .../share/applications/lock_screen.desktop | 8 ++ .../applications/suspend_session.desktop | 8 ++ .../usr/share/initramfs-tools/hooks/copy_mkfs | 22 +++ .../scripts/init-premount/reformat | 20 +++ scripts/ubuntu_tweaks.sh | 116 ++++++++++++++++ scripts/vscode.sh | 35 +++++ 24 files changed, 891 insertions(+) create mode 100755 scripts/bash_tweaks.sh create mode 100755 scripts/clean.sh create mode 100644 scripts/common_packages.txt create mode 100644 scripts/dconfig.txt create mode 100755 scripts/firewall.sh create mode 100755 scripts/fx.sh create mode 100755 scripts/go.sh create mode 100755 scripts/grub.sh create mode 100755 scripts/install_client.sh create mode 100755 scripts/nodejs.sh create mode 100755 scripts/set.sh create mode 100755 scripts/ssh.sh create mode 100755 scripts/sublime.sh create mode 100755 scripts/system/etc/gdm3/PostLogin/Default create mode 100755 scripts/system/etc/gdm3/PostSession/Default create mode 100644 scripts/system/etc/udev/rules.d/10-local.rules create mode 100755 scripts/system/usr/local/bin/lock_screen create mode 100755 scripts/system/usr/local/bin/suspend_session create mode 100644 scripts/system/usr/share/applications/lock_screen.desktop create mode 100644 scripts/system/usr/share/applications/suspend_session.desktop create mode 100755 scripts/system/usr/share/initramfs-tools/hooks/copy_mkfs create mode 100755 scripts/system/usr/share/initramfs-tools/scripts/init-premount/reformat create mode 100755 scripts/ubuntu_tweaks.sh create mode 100755 scripts/vscode.sh diff --git a/scripts/bash_tweaks.sh b/scripts/bash_tweaks.sh new file mode 100755 index 00000000..f876ed3e --- /dev/null +++ b/scripts/bash_tweaks.sh @@ -0,0 +1,59 @@ +#!/bin/bash + +# Configure Terminal + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +# Makes bash case-insensitive +cat <> /etc/inputrc +set completion-ignore-case On +EOF + +# Enhance Linux prompt +cat < /etc/issue +Kernel build: \v +Kernel package: \r +Date: \d \t +IP address: \4 +Terminal: \l@\n.\O + +EOF + +# Enable Bash completion +apt-get -y install bash-completion + +cat <> /etc/bash.bashrc +if ! shopt -oq posix; then + if [ -f /usr/share/bash-completion/bash_completion ]; then + . /usr/share/bash-completion/bash_completion + elif [ -f /etc/bash_completion ]; then + . /etc/bash_completion + fi +fi +EOF + +# Set-up all users +for DIR in $(ls -1d /root /home/* 2>/dev/null || true) +do + # Hide login informations + touch $DIR/.hushlogin + + # Add convenient aliases & behaviors + cat <<-'EOF'>> $DIR/.bashrc + HISTCONTROL=ignoreboth + export HISTFILESIZE= + export HISTSIZE= + export HISTTIMEFORMAT="%F %T " + alias l="ls $LS_OPTIONS -al --si" + alias df="df --si" + alias du="du -cs --si" + alias free="free -h --si" + alias pstree="pstree -palU" + EOF + + # Fix rights + USR=$(echo "$DIR" | rev | cut -d/ -f1 | rev) + chown -R $USR:$USR $DIR +done diff --git a/scripts/clean.sh b/scripts/clean.sh new file mode 100755 index 00000000..21a0834f --- /dev/null +++ b/scripts/clean.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +# Clean system + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +# Purge useless packages +apt-get -y autoremove --purge +apt-get autoclean +apt-get clean +apt-get install + +rm -rf /root/.local + +# Remove connection logs +> /var/log/lastlog +> /var/log/wtmp +> /var/log/btmp + +# Remove machine ID +> /etc/machine-id + +# Remove logs +cd /var/log +rm -rf alternatives.log* +rm -rf apt/* +rm -rf auth.log +rm -rf dpkg.log* +rm -rf gpu-manager.log +rm -rf installer +rm -rf journal/d6e982aa8c9d4c1dbcbdcff195642300 +rm -rf kern.log +rm -rf syslog +rm -rf sysstat + +# Remove random seeds +rm -rf /var/lib/systemd/random-seed +rm -rf /var/lib/NetworkManager/secret_key + +# Remove network configs +rm -rf /etc/NetworkManager/system-connections/* +rm -rf /var/lib/bluetooth/* +rm -rf /var/lib/NetworkManager/* + +# Remove caches +rm -rf /var/lib/gdm3/.cache/* +rm -rf /root/.cache +rm -rf /home/student/.cache + +rm -rf /home/student/.sudo_as_admin_successful /home/student/.bash_logout + +rm -rf /tmp/* +rm -rf /tmp/.* || true diff --git a/scripts/common_packages.txt b/scripts/common_packages.txt new file mode 100644 index 00000000..2048b823 --- /dev/null +++ b/scripts/common_packages.txt @@ -0,0 +1,64 @@ +apache2-utils +apt-utils +arp-scan +autossh +bash-completion +binutils +build-essential +console-data +console-setup +cron +curl +dialog +dmidecode +dnsutils +file +firmware-linux-nonfree +git +hdparm +iftop +ifupdown +iotop +iptables +iputils-ping +isc-dhcp-client +isc-dhcp-common +jq +less +linux-headers-amd64 +linux-image-amd64 +lm-sensors +locales +lsb-release +lshw +lsof +lzop +man +mc +mdadm +moreutils +nano +net-tools +nmap +ntpdate +nvme-cli +pciutils +psmisc +python +python3 +rsync +rsyslog +ssh +stress +sudo +sysstat +telnet +tig +traceroute +tree +tzdata +unzip +usbutils +wget +zerofree +zip diff --git a/scripts/dconfig.txt b/scripts/dconfig.txt new file mode 100644 index 00000000..3057624f --- /dev/null +++ b/scripts/dconfig.txt @@ -0,0 +1,131 @@ +[org/gnome/desktop/calendar] +show-weekdate=true + +[org/gnome/desktop/wm/preferences] +resize-with-right-button=true + +[org/gnome/desktop/peripherals/keyboard] +delay=uint32 350 + +[desktop/ibus/panel/emoji] +unicode-hotkey=@as [] +hotkey=@as [] + +[org/gnome/desktop/peripherals/touchpad] +two-finger-scrolling-enabled=true +disable-while-typing=false + +[org/gnome/login-screen] +enable-smartcard-authentication=false +enable-fingerprint-authentication=false + +[org/gnome/desktop/privacy] +report-technical-problems=false +remember-recent-files=false + +[org/gnome/desktop/screensaver] +lock-enabled=false + +[org/gnome/desktop/search-providers] +disable-external=true + +[org/gnome/desktop/interface] +gtk-im-module='gtk-im-context-simple' +clock-show-seconds=true +enable-animations=false +cursor-blink=false +clock-show-weekday=true +gtk-theme='Yaru-dark' + +[org/gnome/terminal/legacy] +menu-accelerator-enabled=false + +[org/gnome/desktop/media-handling] +automount-open=false +automount=false +autorun-never=true + +[org/gnome/terminal/legacy/keybindings] +reset-and-clear='l' + +[org/gnome/terminal/legacy/profiles:/:b1dcc9dd-5262-4d8d-a863-c897e6d979b9] +allow-bold=false +default-size-rows=48 +bold-is-bright=true +audible-bell=false +scrollback-lines=2147483647 +cursor-shape='ibeam' +default-size-columns=160 + +[org/gnome/desktop/background] +show-desktop-icons=false + +[org/gnome/desktop/peripherals/mouse] +accel-profile='flat' + +[org/gnome/settings-daemon/plugins/color] +night-light-enabled=true +night-light-schedule-automatic=true + +[org/gnome/desktop/lockdown] +disable-print-setup=true +disable-printing=true +disable-user-switching=true +user-administration-disabled=true + +[org/gnome/settings-daemon/plugins/media-keys] +custom-keybindings=['/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/'] +screensaver='' + +[org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0] +binding='l' +command='lock_screen' +name='Lock screen' + +[org/gnome/settings-daemon/plugins/smartcard] +active=false + +[org/gnome/settings-daemon/plugins/remote-display] +active=false + +[org/gnome/settings-daemon/plugins/sharing] +active=false + +[org/gnome/settings-daemon/plugins/screensaver-proxy] +active=false + +[org/gnome/settings-daemon/plugins/gsdwacom] +active=false + +[org/gnome/settings-daemon/plugins/power] +sleep-inactive-ac-type='nothing' +sleep-inactive-ac-timeout=0 + +[org/gnome/shell] +enable-hot-corners=true +favorite-apps=['firefox.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Terminal.desktop', 'sublime_text.desktop', 'vscodium.desktop', 'org.gnome.Calculator.desktop', 'gnome-control-center.desktop', 'org.gnome.tweaks.desktop', 'lock_screen.desktop', 'suspend_session.desktop', 'yelp.desktop'] + +[org/gnome/system/location] +enabled=false + +[org/gnome/desktop/session] +idle-delay=uint32 0 + +[org/gnome/mutter] +center-new-windows=true + +[org/gnome/calculator] +source-currency='' +source-units='degree' +button-mode='advanced' +word-size=64 +show-zeroes=false +base=10 +angle-units='degrees' +accuracy=9 +show-thousands=false +window-position=(1906, 826) +refresh-interval=604800 +target-units='radian' +number-format='fixed' +target-currency='' diff --git a/scripts/firewall.sh b/scripts/firewall.sh new file mode 100755 index 00000000..78f1f66e --- /dev/null +++ b/scripts/firewall.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +# Install firewall + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +SSH_PORT=${1:-521} + +apt-get -y install ufw + +ufw logging off +ufw allow in "$SSH_PORT"/tcp +ufw --force enable diff --git a/scripts/fx.sh b/scripts/fx.sh new file mode 100755 index 00000000..07f724c2 --- /dev/null +++ b/scripts/fx.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +# Install FX: command-line JSON processing tool (https://github.com/antonmedv/fx) + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +npm install -g fx diff --git a/scripts/go.sh b/scripts/go.sh new file mode 100755 index 00000000..d9409459 --- /dev/null +++ b/scripts/go.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +# Install Go + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +apt-get -y install golang + +# Set-up all users +for DIR in $(ls -1d /root /home/* 2>/dev/null || true) +do + # Add convenient aliases & behaviors + cat <<-'EOF'>> $DIR/.bashrc + GOPATH=$HOME/go + PATH=$PATH:$GOPATH/bin + alias gobuild='CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w"' + EOF + + # Fix rights + USR=$(echo "$DIR" | rev | cut -d/ -f1 | rev) + chown -R $USR:$USR $DIR +done diff --git a/scripts/grub.sh b/scripts/grub.sh new file mode 100755 index 00000000..ad767811 --- /dev/null +++ b/scripts/grub.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +# Install Grub + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +DISK=$1 + +apt-get -y install grub-efi-amd64 + +sed -i -e 's/message=/message_null=/g' /etc/grub.d/10_linux + +cat <> /etc/default/grub +GRUB_TIMEOUT=0 +GRUB_RECORDFAIL_TIMEOUT=0 +GRUB_TERMINAL=console +GRUB_DISTRIBUTOR=`` +GRUB_DISABLE_OS_PROBER=true +GRUB_DISABLE_SUBMENU=y +EOF + +update-grub +grub-install $DISK diff --git a/scripts/install_client.sh b/scripts/install_client.sh new file mode 100755 index 00000000..d78c2fc0 --- /dev/null +++ b/scripts/install_client.sh @@ -0,0 +1,89 @@ +#!/bin/bash + +# Configure Z01 client + +# Log stdout & stderr +exec > >(tee -i /tmp/install_client.log) +exec 2>&1 + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +# Set root password +passwd root + +# Remove user password +passwd -d student +cp /etc/shadow /etc/shadow- + +SSH_PORT=521 +DISK=$(lsblk -o tran,kname,hotplug,type,fstype -pr | + grep -e nvme -e sata | + grep '0 disk' | + cut -d' ' -f2 | + sort | + head -n1) + +apt-get update +apt-get -y upgrade +apt-get -y autoremove --purge + +. bash_tweaks.sh +. ssh.sh +. firewall.sh +. ubuntu_tweaks.sh +. grub.sh "$DISK" +. go.sh +. nodejs.sh +. fx.sh +. sublime.sh +. vscode.sh + +# Install additional packages +PKGS=" +emacs +f2fs-tools +golang-mode +vim +xfsprogs +" + +apt-get -y install $PKGS + +# Remove fsck because the system partition will be read-only (overlayroot) +rm /usr/share/initramfs-tools/hooks/fsck + +# Copy system files + +cp -r system /tmp +cd /tmp/system +sed -i -e "s|::DISK::|$DISK|g" etc/udev/rules.d/10-local.rules + +# Fourth local partition +PART=$(lsblk -o tran,kname,hotplug,type,fstype -pr | + grep -v usb | + grep '0 part' | + cut -d' ' -f2 | + sort | + head -n4 | + tail -n1) +sed -i -e "s|::PART::|$PART|g" usr/share/initramfs-tools/scripts/init-premount/reformat + +apt-get -y install overlayroot +echo overlayroot=\"device:dev=$DISK,recurse=0\" >> /etc/overlayroot.conf + +# Fix permissions +find . -type d -exec chmod 755 {} \; +find . -type f -exec chmod 644 {} \; +find . -type f -exec /bin/sh -c "file {} | grep -q 'shell script' && chmod +x {}" \; +cp --preserve=mode -RT . / + +cd $SCRIPT_DIR +rm -rf /tmp/system + +update-initramfs -u + +apt-get -y purge sudo + +. clean.sh diff --git a/scripts/nodejs.sh b/scripts/nodejs.sh new file mode 100755 index 00000000..c08f012a --- /dev/null +++ b/scripts/nodejs.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +# Install Node.js + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +curl -sL https://deb.nodesource.com/setup_10.x | bash - +apt-get -y install nodejs diff --git a/scripts/set.sh b/scripts/set.sh new file mode 100755 index 00000000..690e3018 --- /dev/null +++ b/scripts/set.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +# Set scripting variables + +# Treat unset variables as an error when substituting. +set -u + +# Exit immediately if a command exits with a non-zero status. +set -e + +# Set the variable corresponding to the return value of a pipeline is the status +# of the last command to exit with a non-zero status, or zero if no command +# exited with a non-zero status +set -o pipefail + +# Separate tokens on newlines only +IFS=' +' + +# The value of this parameter is expanded like PS1 and the expanded value is the +# prompt printed before the command line is echoed when the -x option is set +# (see The Set Builtin). The first character of the expanded value is replicated +# multiple times, as necessary, to indicate multiple levels of indirection. +# \D{%F %T} prints date like this : 2019-12-31 23:59:59 +PS4='-\D{%F %T} ' + +# Print commands and their arguments as they are executed. +set -x + +# Skip dialogs during apt-get install commands +export DEBIAN_FRONTEND=noninteractive # DEBIAN_PRIORITY=critical + +export LC_ALL=C LANG=C +export SHELL=/bin/bash diff --git a/scripts/ssh.sh b/scripts/ssh.sh new file mode 100755 index 00000000..3e0a5677 --- /dev/null +++ b/scripts/ssh.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +# Install OpenSSH + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +SSH_PORT=${1:-521} + +# Install dependencies +apt-get -y install ssh + +cat <> /etc/ssh/sshd_config +Port $SSH_PORT +PasswordAuthentication no +AllowUsers root +EOF + +mkdir -p /root/.ssh +chmod -f 700 /root/.ssh +# echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH30lZP4V26RVWWvAW91jM7UBSN68+xkuJc5cRionpMc' >> /root/.ssh/authorized_keys +chmod -f 600 /root/.ssh/authorized_keys || true + +systemctl restart sshd.service diff --git a/scripts/sublime.sh b/scripts/sublime.sh new file mode 100755 index 00000000..b79ee4b1 --- /dev/null +++ b/scripts/sublime.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# Install Sublime Text & Sublime Merge + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | apt-key add - +apt-get install -y apt-transport-https + +cat < /etc/apt/sources.list.d/sublime-text.list +deb https://download.sublimetext.com/ apt/stable/ +EOF + +apt-get update +apt-get install -y sublime-text sublime-merge libgtk2.0-0 diff --git a/scripts/system/etc/gdm3/PostLogin/Default b/scripts/system/etc/gdm3/PostLogin/Default new file mode 100755 index 00000000..2f709a79 --- /dev/null +++ b/scripts/system/etc/gdm3/PostLogin/Default @@ -0,0 +1,73 @@ +#!/bin/bash + +# Mount home as an overlay filesystem + +# Log stdout & stderr +exec > >(tee -i /tmp/gdm3_postlogin.log) +exec 2>&1 + +# Treat unset variables as an error when substituting. +set -u + +# Exit immediately if a command exits with a non-zero status. +set -e + +# Separate tokens on newlines only +IFS=' +' + +# The value of this parameter is expanded like PS1 and the expanded value is the +# prompt printed before the command line is echoed when the -x option is set +# (see The Set Builtin). The first character of the expanded value is replicated +# multiple times, as necessary, to indicate multiple levels of indirection. +# \D{%F %T} prints date like this : 2019-12-31 23:59:59 +PS4='-\D{%F %T} ' + +# Print commands and their arguments as they are executed. +set -x + +sleep 0.5 + +# Find the first removable F2FS partition +PART=$(lsblk -o tran,kname,hotplug,type,fstype -pr | + grep '1 part f2fs' | + cut -d' ' -f2 | + sort | + head -n1) + +# Make sure the mountpoints are free +( + lsof -t $HOME | xargs kill -9 + umount $HOME + umount /mnt +) || true + +if test "$PART" +then + mount -o noatime "$PART" /mnt +else + # No removable F2FS partition found, use the third local partition instead + PART=$(lsblk -o tran,kname,hotplug,type,fstype -pr | + grep -v usb | + grep '0 part' | + cut -d' ' -f2 | + sort | + head -n3 | + tail -n1) + + if test -z "$PART" + then + # No local partition found, error + exit 1 + fi + + # We don't care about data consistency since the partition is temporary + /sbin/mke2fs -t ext4 -O ^has_journal -F "$PART" + mount -o noatime,nobarrier "$PART" /mnt +fi + +USER_PATH=/mnt/.01/$USER +TEMP_PATH=/mnt/.01/tmp + +mkdir -p $USER_PATH $TEMP_PATH +mount -t overlay -o lowerdir=$HOME,upperdir=$USER_PATH,workdir=$TEMP_PATH overlay $HOME diff --git a/scripts/system/etc/gdm3/PostSession/Default b/scripts/system/etc/gdm3/PostSession/Default new file mode 100755 index 00000000..803df884 --- /dev/null +++ b/scripts/system/etc/gdm3/PostSession/Default @@ -0,0 +1,25 @@ +#!/bin/bash + +# Log stdout & stderr +exec > >(tee -i /tmp/gdm3_postsession.log) +exec 2>&1 + +# Exit immediately if a command exits with a non-zero status. +set -e + +# The value of this parameter is expanded like PS1 and the expanded value is the +# prompt printed before the command line is echoed when the -x option is set +# (see The Set Builtin). The first character of the expanded value is replicated +# multiple times, as necessary, to indicate multiple levels of indirection. +# \D{%F %T} prints date like this : 2019-12-31 23:59:59 +PS4='-\D{%F %T} ' + +# Print commands and their arguments as they are executed. +set -x + +passwd -d $USER +sync +sleep 0.5 +lsof -t $HOME | xargs kill || true +umount -l $HOME +umount -l /mnt diff --git a/scripts/system/etc/udev/rules.d/10-local.rules b/scripts/system/etc/udev/rules.d/10-local.rules new file mode 100644 index 00000000..dc335275 --- /dev/null +++ b/scripts/system/etc/udev/rules.d/10-local.rules @@ -0,0 +1 @@ +KERNEL=="::DISK::*", ENV{UDISKS_IGNORE}="1" diff --git a/scripts/system/usr/local/bin/lock_screen b/scripts/system/usr/local/bin/lock_screen new file mode 100755 index 00000000..d4f63f24 --- /dev/null +++ b/scripts/system/usr/local/bin/lock_screen @@ -0,0 +1,13 @@ +#!/bin/bash + +# Exits if a command fails +set -e + +if passwd -S | grep NP +then + # No password set, so ask user to set one + gnome-terminal.real -t "⁣" --geometry=40x10 --wait -- passwd + sleep 1 +fi + +i3lock -c000000 diff --git a/scripts/system/usr/local/bin/suspend_session b/scripts/system/usr/local/bin/suspend_session new file mode 100755 index 00000000..021e8bf1 --- /dev/null +++ b/scripts/system/usr/local/bin/suspend_session @@ -0,0 +1,13 @@ +#!/bin/bash + +# Exits if a command fails +set -e + +if passwd -S | grep NP +then + # No password set, so ask user to set one + gnome-terminal.real -t "⁣" --geometry=40x10 --wait -- passwd + sleep 1 +fi + +systemctl suspend diff --git a/scripts/system/usr/share/applications/lock_screen.desktop b/scripts/system/usr/share/applications/lock_screen.desktop new file mode 100644 index 00000000..2ff2a328 --- /dev/null +++ b/scripts/system/usr/share/applications/lock_screen.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=Lock Screen +Comment=Sets a password if needed and then lock screen +Exec=/usr/local/bin/lock_screen +Icon=system-lock-screen +Terminal=false +Type=Application +StartupNotify=true diff --git a/scripts/system/usr/share/applications/suspend_session.desktop b/scripts/system/usr/share/applications/suspend_session.desktop new file mode 100644 index 00000000..4691bf3c --- /dev/null +++ b/scripts/system/usr/share/applications/suspend_session.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=Suspend session +Comment=Sets a password if needed and then suspend session +Exec=/usr/local/bin/suspend_session +Icon=media-playback-pause +Terminal=false +Type=Application +StartupNotify=true diff --git a/scripts/system/usr/share/initramfs-tools/hooks/copy_mkfs b/scripts/system/usr/share/initramfs-tools/hooks/copy_mkfs new file mode 100755 index 00000000..8f5f117f --- /dev/null +++ b/scripts/system/usr/share/initramfs-tools/hooks/copy_mkfs @@ -0,0 +1,22 @@ +#!/bin/sh + +set -e + +PREREQ="" + +prereqs () { + echo "${PREREQ}" +} + +case "${1}" in + prereqs) + prereqs + exit 0 + ;; +esac + +. /usr/share/initramfs-tools/hook-functions + +copy_exec /sbin/mke2fs /bin + +exit 0 diff --git a/scripts/system/usr/share/initramfs-tools/scripts/init-premount/reformat b/scripts/system/usr/share/initramfs-tools/scripts/init-premount/reformat new file mode 100755 index 00000000..4a04b992 --- /dev/null +++ b/scripts/system/usr/share/initramfs-tools/scripts/init-premount/reformat @@ -0,0 +1,20 @@ +#!/bin/sh + +PREREQ="" +prereqs() +{ + echo "$PREREQ" +} + +case $1 in +prereqs) + prereqs + exit 0 + ;; +esac + +. /scripts/functions + +/bin/mke2fs -F -t ext4 -O ^has_journal ::PART:: > /dev/null 2>&1 + +exit 0 diff --git a/scripts/ubuntu_tweaks.sh b/scripts/ubuntu_tweaks.sh new file mode 100755 index 00000000..bb388b27 --- /dev/null +++ b/scripts/ubuntu_tweaks.sh @@ -0,0 +1,116 @@ +#!/bin/bash + +# Configure ubuntu desktop systems + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd "$SCRIPT_DIR" +. set.sh + +# Install dependencies +apt-get -y install lz4 + +# Change ext4 default mount options +sed -i -e 's/ errors=remount-ro/ noatime,nodelalloc,errors=remount-ro/g' /etc/fstab + +# Disable GTK hidden scroll bars +echo GTK_OVERLAY_SCROLLING=0 >> /etc/environment + +# Reveal boot messages +sed -i -e 's/TTYVTDisallocate=yes/TTYVTDisallocate=no/g' /etc/systemd/system/getty.target.wants/getty@tty1.service + +# Speedup boot +sed -i 's/MODULES=most/MODULES=dep/g' /etc/initramfs-tools/initramfs.conf +sed -i 's/COMPRESS=gzip/COMPRESS=lz4/g' /etc/initramfs-tools/initramfs.conf + +# Reveal autostart services +sed -i 's/NoDisplay=true/NoDisplay=false/g' /etc/xdg/autostart/*.desktop + +# Remove password complexity constraints +sed -i 's/ obscure / minlen=1 /g' /etc/pam.d/common-password + +# Remove splash screen (plymouth) and hide kernel output +sed -i 's/quiet splash/quiet vt.global_cursor_default=0 console=ttyS0/g' /etc/default/grub + +update-initramfs -u +update-grub + +# Disable swapfile +swapoff /swapfile || true +rm -f /swapfile +sed -i '/swapfile/d' /etc/fstab + +# Prevent gnome-shell segfault from happening +sed -i 's/#WaylandEnable=false/WaylandEnable=false/g' /etc/gdm3/custom.conf + +# Purge unused Ubuntu packages +PKGS=" +apport +bind9 +bolt +cups* +exim* +friendly-recovery +gnome-initial-setup +gnome-online-accounts +gnome-power-manager +gnome-software +gnome-software-common +memtest86+ +orca +popularity-contest +python3-update-manager +secureboot-db +spice-vdagent +ubuntu-report +ubuntu-software +unattended-upgrades +update-inetd +update-manager-core +update-notifier +update-notifier-common +whoopsie +xdg-desktop-portal +" + +apt-get -y purge $PKGS +apt-get -y autoremove --purge + +SERVICES=" +apt-daily-upgrade.timer +apt-daily.timer +console-setup.service +keyboard-setup.service +motd-news.timer +remote-fs.target +" +systemctl disable $SERVICES + +SERVICES=" +grub-common.service +NetworkManager-wait-online.service +plymouth-quit-wait.service +" +systemctl mask $SERVICES + +# Install packages +PKGS="$(cat common_packages.txt) +baobab +blender +chromium-browser +dconf-editor +firefox +gimp +gnome-calculator +gnome-system-monitor +gnome-tweaks +i3lock +mpv +zenity +" + +# Replace debian packages with ubuntu's +PKGS=${PKGS/linux-image-amd64/linux-image-generic} +PKGS=${PKGS/linux-headers-amd64/linux-headers-generic} +PKGS=${PKGS/firmware-linux-nonfree} + +apt-get -y install $PKGS diff --git a/scripts/vscode.sh b/scripts/vscode.sh new file mode 100755 index 00000000..cd2cd3ab --- /dev/null +++ b/scripts/vscode.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +# Install VSCode + +SCRIPT_DIR="$(cd -P "$(dirname "$BASH_SOURCE")" && pwd)" +cd $SCRIPT_DIR +. set.sh + +wget -qO - https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg | apt-key add - +echo 'deb https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/repos/debs/ vscodium main' > /etc/apt/sources.list.d/vscodium.list +apt-get update && apt-get -y install vscodium + +# Set-up all users +for DIR in $(ls -1d /home/* 2>/dev/null || true) +do + # Add convenient aliases & behaviors + mkdir -p $DIR/.config/VSCodium/User + cat <<-'EOF'> $DIR/.config/VSCodium/User/settings.json + { + "telemetry.enableCrashReporter": false, + "update.enableWindowsBackgroundUpdates": false, + "update.mode": "none", + "update.showReleaseNotes": false, + "extensions.autoCheckUpdates": false, + "extensions.autoUpdate": false, + "workbench.enableExperiments": false, + "workbench.settings.enableNaturalLanguageSearch": false, + "npm.fetchOnlinePackageInfo": false + } + EOF + + # Fix rights + USR=$(echo "$DIR" | rev | cut -d/ -f1 | rev) + chown -R $USR:$USR $DIR +done