install.sh - Skygist

Revízió cc8064115e40e649aa38d0029bd3992d4df75e9c

install.sh · 20 KiB · Bash Eredeti

#!/bin/bash set -e # Цвета для вывода ANSI_RED=$(tput -Txterm setaf 1) ANSI_GREEN=$(tput -Txterm setaf 2) ANSI_YELLOW=$(tput -Txterm setaf 3) ANSI_RESET=$(tput -Txterm sgr0) # ==================== ФУНКЦИИ ==================== # Проверка прав root check_root() { if [ "$EUID" -ne 0 ]; then echo -e "${ANSI_RED}Ошибка: скрипт должен запускаться от root${ANSI_RESET}" exit 1 fi } # Запрос имени хоста ask_hostname() { local current_hostname=$(hostname) read -e -p "${ANSI_YELLOW}Введите имя хоста: (текущее: $current_hostname) ${ANSI_RESET}" -i "${current_hostname}" NEW_HOSTNAME echo "$NEW_HOSTNAME" } # Запрос - создавать ли пользователя ask_create_user() { local choice echo -e "${ANSI_YELLOW}Создать нового пользователя? (y/n):${ANSI_RESET}" read -p "Create user [Y/N]? " choice if [[ "$choice" =~ ^[Yy]$ ]]; then CREATE_USER="yes" else CREATE_USER="no" fi } # Запрос имени пользователя ask_username() { local username echo -e "${ANSI_YELLOW}Введите имя нового пользователя:${ANSI_RESET}" >&2 read -p "Username: " username if [ -z "$username" ]; then echo -e "${ANSI_RED}Имя пользователя не может быть пустым.${ANSI_RESET}" >&2 exit 1 fi echo "$username" } # Запрос пароля ask_password() { local username=$1 local user_pass echo -e "${ANSI_YELLOW}Введите пароль для пользователя $username:${ANSI_RESET}" >&2 read -s -p "Password: " user_pass echo >&2 if [ -z "$user_pass" ]; then echo -e "${ANSI_RED}Пароль не может быть пустым.${ANSI_RESET}" >&2 exit 1 fi echo "$user_pass" } # Запрос настройки прокси ask_proxy() { echo -e "\n${ANSI_YELLOW}Использовать прокси-сервер apt-cacher-ng? (y/n):${ANSI_RESET}" read -p "Use proxy? " USE_PROXY if [[ "$USE_PROXY" =~ ^[Yy]$ ]]; then echo -e "${ANSI_YELLOW}Введите URL прокси-сервера (например: http://192.168.111.87:3142):${ANSI_RESET}" read -e -p "Proxy URL: " -i "http://192.168.111.87:3142" PROXY_URL if [ -n "$PROXY_URL" ]; then configure_proxy "$PROXY_URL" else echo -e "${ANSI_RED}URL прокси не введен, пропускаем${ANSI_RESET}" fi fi } # Настройка прокси для apt configure_proxy() { local proxy_url=$1 echo -e "${ANSI_GREEN}Настройка прокси для apt...${ANSI_RESET}" cat > /etc/apt/apt.conf.d/02aptproxy << EOF Acquire::http::proxy "$proxy_url"; Acquire::ftp::proxy "$proxy_url"; EOF echo -e "${ANSI_GREEN}Прокси настроен в /etc/apt/apt.conf.d/02aptproxy${ANSI_RESET}" } # Установка имени хоста set_hostname() { local hostname=$1 echo -e "\n${ANSI_GREEN}=== Установка имени хоста: $hostname ===${ANSI_RESET}" hostnamectl set-hostname "$hostname" if grep -q "^127.0.1.1" /etc/hosts; then sed -i "s/^127.0.1.1.*/127.0.1.1\t$hostname/" /etc/hosts else echo "127.0.1.1\t$hostname" >> /etc/hosts fi echo -e "${ANSI_GREEN}Имя хоста установлено.${ANSI_RESET}" } # Добавление репозитория MEPHI add_mephi_repository() { . /etc/os-release 2>/dev/null || { echo "Failed to determine release"; exit 1; } [ -z "$VERSION_CODENAME" ] && echo "VERSION_CODENAME not found" && exit 1 local conf_file="/etc/apt/sources.list.d/debian_mephi.list" if grep -qs "mirror.mephi.ru.*$VERSION_CODENAME" "$conf_file" 2>/dev/null; then echo -e "Repository for $VERSION_CODENAME already exists in $conf_file" else echo -e "Adding repository for Debian $VERSION_CODENAME" cat >> "$conf_file" << EOF # Added $(date '+%Y-%m-%d') deb http://mirror.mephi.ru/debian/ $VERSION_CODENAME main non-free-firmware deb-src http://mirror.mephi.ru/debian/ $VERSION_CODENAME main non-free-firmware EOF echo "Repository added, updating package list..." apt update fi } # Обновление системы update_system() { echo -e "${ANSI_GREEN}=== Обновление системы ===${ANSI_RESET}" apt update apt -y upgrade } # Установка пакетов install_packages() { local packages=( pv nano curl wget sudo lsb-release iptables unzip pigz zstd ncdu gdu screen tmux lynx htop btop iftop mtr ioping git jq yq pwgen bind9-dnsutils net-tools ssh-audit cloud-guest-utils qemu-guest-agent console-setup ) echo -e "${ANSI_GREEN}Installing packages...${ANSI_RESET}" apt-get update apt-get install -y "${packages[@]}" } # Настройка SSH configure_ssh() { echo -e "${ANSI_GREEN}Allowing SSH root login${ANSI_RESET}" sed -i 's/^.*PermitRootLogin.*$/PermitRootLogin yes/' /etc/ssh/sshd_config systemctl restart sshd echo -e "${ANSI_GREEN}Ok.${ANSI_RESET}" } # Настройка таймзоны и локали configure_locale() { echo "tzdata tzdata/Areas select Europe" | debconf-set-selections echo "tzdata tzdata/Zones/Europe select Moscow" | debconf-set-selections DEBIAN_FRONTEND=noninteractive dpkg-reconfigure tzdata cat > /etc/locale.gen << EOF ru_RU.UTF-8 UTF-8 en_US.UTF-8 UTF-8 EOF locale-gen update-locale LANG=en_US.UTF-8 locale -a | grep -E "en_US|ru_RU" source /etc/default/locale dpkg-reconfigure console-setup dpkg-reconfigure keyboard-configuration } # Настройка journald configure_journald() { mkdir -p /etc/systemd/journald.conf.d cat > /etc/systemd/journald.conf.d/size.conf << EOF [Journal] SystemMaxUse=1G SystemMaxFileSize=50M MaxLevelStore=warning EOF systemctl restart systemd-journald } # Создание пользователя create_user() { local username=$1 local password=$2 useradd -m "$username" && echo "$username:$password" | chpasswd && passwd -e "$username" usermod -aG sudo "$username" touch "/home/$username/.Xauthority" chown "$username:$username" "/home/$username/.Xauthority" echo -e "${ANSI_GREEN}Пользователь $username с паролем '${ANSI_YELLOW}$password${ANSI_GREEN}' создан${ANSI_RESET}" } # Настройка истории для пользователя configure_user_history() { local username=$1 cat >> "/home/$username/.bashrc" << 'EOF' export HISTSIZE=10000 export HISTFILESIZE=50000 export HISTTIMEFORMAT="%F %T " export HISTCONTROL=ignoredups:ignorespace shopt -s histappend export PROMPT_COMMAND="history -a; history -c; history -r; $PROMPT_COMMAND" export TERM=xterm-256color EOF chown "$username:$username" "/home/$username/.bashrc" } # Настройка истории для root configure_root_history() { cat >> /root/.bashrc << 'EOF' export HISTSIZE=10000 export HISTFILESIZE=50000 export HISTTIMEFORMAT="%F %T " export HISTCONTROL=ignoredups:ignorespace shopt -s histappend export PROMPT_COMMAND="history -a; history -c; history -r; $PROMPT_COMMAND" export TERM=xterm-256color EOF source /root/.bashrc } # Очистка документации git clean_git_docs() { rm -rf /usr/share/doc/git/RelNotes } # Финальное сообщение finish_setup() { echo -e "${ANSI_GREEN}=== Настройка завершена ===${ANSI_RESET}" } # Запись конфигурационного файла write_config_file() { local file_path=$1 local create_backup=${2:-true} # создать резервную копию? (по умолчанию true) echo -e "${ANSI_GREEN}=== Запись конфигурации в $file_path ===${ANSI_RESET}" # Создание резервной копии if [ "$create_backup" = true ] && [ -f "$file_path" ]; then local backup_path="${file_path}.backup.$(date +%Y%m%d_%H%M%S)" cp "$file_path" "$backup_path" echo -e "${ANSI_YELLOW}Создана резервная копия: $backup_path${ANSI_RESET}" fi # Создание директории, если её нет local dir_path=$(dirname "$file_path") if [ ! -d "$dir_path" ]; then mkdir -p "$dir_path" echo -e "${ANSI_YELLOW}Создана директория: $dir_path${ANSI_RESET}" fi # Чтение содержимого из heredoc cat > "$file_path" # Установка правильных прав (опционально) chmod 644 "$file_path" echo -e "${ANSI_GREEN}Файл успешно записан: $file_path${ANSI_RESET}" } make_motd_generator() { write_config_file "/etc/update-motd.d/99-mymotd-generator" false << 'EOF' #!/bin/bash # Text Color Variables http://misc.flogisoft.com/bash/tip_colors_and_formatting tcLtG="\033[00;37m" # LIGHT GRAY tcDkG="\033[01;30m" # DARK GRAY tcLtR="\033[01;31m" # LIGHT RED tcLtGRN="\033[01;32m" # LIGHT GREEN tcLtBL="\033[01;34m" # LIGHT BLUE tcLtP="\033[01;35m" # LIGHT PURPLE tcLtC="\033[01;36m" # LIGHT CYAN tcW="\033[01;37m" # WHITE tcRESET="\033[0m" tcORANGE="\033[38;5;209m" # Time of day HOUR=$(date +"%H") if [ $HOUR -lt 12 -a $HOUR -ge 0 ]; then TIME="morning" elif [ $HOUR -lt 17 -a $HOUR -ge 12 ]; then TIME="afternoon" else TIME="evening" fi # System uptime uptime=`cat /proc/uptime | cut -f1 -d.` upDays=$((uptime/60/60/24)) upHours=$((uptime/60/60%24)) upMins=$((uptime/60%60)) # System + Memory MEMORY_USED=`free -b | grep Mem | awk '{print $3/$2 * 100.0}'` SWAP_USED=`free -b | grep Swap | awk '{print $3/$2 * 100.0}'` NUM_PROCS=`ps aux | wc -l` # IP первого сетевого интерфейса LOCAL_IP=$(ip -4 addr show | grep -oP '(?<=inet\s)\d+\.\d+\.\d+\.\d+' | grep -v '^127\.' | head -n 1) # Имя сервера HOSTNAME=$(hostname) # ОS OS=$(grep PRETTY_NAME /etc/os-release | cut -d= -f2 | tr -d '"') # Пользователь USER_NAME=$(whoami) [ "$USER_NAME" = "root" ] && USER_NAME="${tcLtR}${USER_NAME}${tcRESET}" # Load average LOADAVG=$(awk '{print $1" "$2" "$3}' /proc/loadavg) SYS_LOADS=`cat /proc/loadavg | awk '{print $1}'` # RAM: всего и свободно (в мегабайтах) RAM_TOTAL=$(free -m | awk '/Mem:/ {print $2}') RAM_FREE=$(free -m | awk '/Mem:/ {print $7}') RAM_FREE_PCT=$(( RAM_FREE * 100 / RAM_TOTAL )) # Количество CPU CPU_COUNT=$(nproc) # Uptime UPTIME=$(uptime -p) # HDD: для корневого раздела / DISK_TOTAL_HUMAN=$(df -h / | awk 'NR==2 {print $2}') DISK_FREE_HUMAN=$(df -h / | awk 'NR==2 {print $4}') # Используем df без форматирования для процентов DISK_TOTAL=$(df -k / | awk 'NR==2 {print $2}') DISK_FREE=$(df -k / | awk 'NR==2 {print $4}') DISK_FREE_PCT=$(( DISK_FREE * 100 / DISK_TOTAL )) echo -e "$tcDkG ===============================================================" echo -e $tcLtG " Good $TIME! $tcORANGE $LOCAL_IP" echo -e $tcDkG "===============================================================" echo -e $tcLtG " - Hostname :$tcW ${HOSTNAME}" echo -e $tcLtG " - IP Address :$tcW ${LOCAL_IP:-N/A}" echo -e $tcLtG " - User :$tcW ${USER_NAME}" echo -e $tcLtG "===============================================================" echo -e $tcLtG " - OS Release :$tcW ${OS}" echo -e $tcLtG " - Kernel : `uname -a | awk '{print $1" "$3" "$12}'`" echo -e $tcLtG " - Users : Currently `users | wc -w` user(s) logged on" echo -e $tcLtG "===============================================================" echo -e $tcLtG " - Server Time : `date`" echo -e $tcLtG " - System load : ${SYS_LOADS} / ${NUM_PROCS} processes running" echo -e $tcLtG " - Load average : ${LOADAVG}" echo -e $tcLtG " - System uptime : ${upDays} days ${upHours} hours ${upMins} minutes" echo -e $tcLtG "===============================================================" echo -e $tcLtG " - CPU : ${CPU_COUNT} CPU" echo -e $tcLtG " - RAM : ${RAM_TOTAL} MB, ${RAM_FREE} MB (${RAM_FREE_PCT}%) free" echo -e $tcLtG " - HDD : ${DISK_TOTAL_HUMAN}, ${DISK_FREE_HUMAN} (${DISK_FREE_PCT}%) free" echo -e $tcLtG " - Swap used % : ${SWAP_USED}" echo -e $tcDkG "===============================================================" echo -e $tcRESET "" EOF write_config_file "/etc/issue" false << 'EOF' Debian GNU/Linux 12 \n \l Local IP: не доступен EOF } install_midnight_commanger() { apt-get -y install mc write_config_file "/root/.config/mc/ini" false << 'EOF' [Midnight-Commander] verbose=true shell_patterns=true auto_save_setup=true preallocate_space=false auto_menu=false use_internal_view=true use_internal_edit=false clear_before_exec=true confirm_delete=true confirm_overwrite=true confirm_execute=false confirm_history_cleanup=true confirm_exit=false confirm_directory_hotlist_delete=false confirm_view_dir=false safe_delete=false safe_overwrite=false use_8th_bit_as_meta=false mouse_move_pages_viewer=true mouse_close_dialog=false fast_refresh=false drop_menus=false wrap_mode=true old_esc_mode=true cd_symlinks=true show_all_if_ambiguous=false use_file_to_guess_type=true alternate_plus_minus=false only_leading_plus_minus=true show_output_starts_shell=false xtree_mode=false file_op_compute_totals=true classic_progressbar=true use_netrc=true ftpfs_always_use_proxy=false ftpfs_use_passive_connections=true ftpfs_use_passive_connections_over_proxy=false ftpfs_use_unix_list_options=true ftpfs_first_cd_then_ls=true ignore_ftp_chattr_errors=true editor_fill_tabs_with_spaces=false editor_return_does_auto_indent=false editor_backspace_through_tabs=false editor_fake_half_tabs=true editor_option_save_position=true editor_option_auto_para_formatting=false editor_option_typewriter_wrap=false editor_edit_confirm_save=true editor_syntax_highlighting=true editor_persistent_selections=true editor_drop_selection_on_copy=true editor_cursor_beyond_eol=false editor_cursor_after_inserted_block=false editor_visible_tabs=true editor_visible_spaces=true editor_line_state=false editor_simple_statusbar=false editor_check_new_line=false editor_show_right_margin=false editor_group_undo=true editor_state_full_filename=true editor_ask_filename_before_edit=false nice_rotating_dash=true shadows=true mcview_remember_file_position=false auto_fill_mkdir_name=true copymove_persistent_attr=true pause_after_run=1 mouse_repeat_rate=100 double_click_speed=250 old_esc_mode_timeout=1000000 max_dirt_limit=10 num_history_items_recorded=60 vfs_timeout=60 ftpfs_directory_timeout=900 ftpfs_retry_seconds=30 fish_directory_timeout=900 editor_tab_spacing=8 editor_word_wrap_line_length=72 editor_option_save_mode=0 editor_backup_extension=~ editor_filesize_threshold=64M editor_stop_format_chars=-+*\\,.;:&> mcview_eof= skin=modarcon16 filepos_max_saved_entries=1024 [Layout] output_lines=0 left_panel_size=86 top_panel_size=0 message_visible=false keybar_visible=true xterm_title=true command_prompt=true menubar_visible=true free_space=true horizontal_split=false vertical_equal=true horizontal_equal=true [Misc] timeformat_recent=%b %e %H:%M timeformat_old=%b %e %Y ftp_proxy_host=gate ftpfs_password=anonymous@ display_codepage=UTF-8 source_codepage=Other_8_bit autodetect_codeset= spell_language=en clipboard_store= clipboard_paste= [Colors] base_color= linux= color_terminals= xterm-256color= [Panels] show_mini_info=true kilobyte_si=false mix_all_files=false show_backups=true show_dot_files=true fast_reload=false fast_reload_msg_shown=false mark_moves_down=true reverse_files_only=true auto_save_setup_panels=false navigate_with_arrows=false panel_scroll_pages=true panel_scroll_center=false mouse_move_pages=true filetype_mode=true permission_mode=false torben_fj_mode=false quick_search_mode=2 select_flags=6 [Panelize] Find *.orig after patching=find . -name \\*.orig -print Find SUID and SGID programs=find . \$ \\( -perm -04000 -a -perm /011 \$ -o \$ -perm -02000 -a -perm /01 \$ \\) -print Find rejects after patching=find . -name \\*.rej -print Modified git files=git ls-files --modified EOF write_config_file "/root/.config/mc/panels.ini" false << 'EOF' [New Left Panel] display=listing reverse=false case_sensitive=true exec_first=false sort_order=name list_mode=full brief_cols=2 user_format=half type name | size | owner user_status0=half type name | size | perm user_status1=half type name | size | perm user_status2=half type name | size | perm user_status3=half type name | size | perm user_mini_status=false filter_flags=7 list_format=user [New Right Panel] display=listing reverse=false case_sensitive=true exec_first=false sort_order=name list_mode=full brief_cols=2 user_format=half type name | size | owner user_status0=half type name | size | perm user_status1=half type name | size | perm user_status2=half type name | size | perm user_status3=half type name | size | perm user_mini_status=false filter_flags=7 list_format=user [Dirs] current_is_left=false other_dir=/root EOF } # Обновление GPG ключей Debian fix_debian_keys() { echo -e "${ANSI_GREEN}=== Исправление GPG-ключей Debian ===${ANSI_RESET}" # 1. Полностью удаляем кэш списков пакетов rm -rf /var/lib/apt/lists/* # 2. Удаляем старые проблемные ключи из trusted.gpg.d и связки apt-key rm -f /etc/apt/trusted.gpg.d/*54404762BBB6E853* \ /etc/apt/trusted.gpg.d/*6ED0E7B82643E131* 2>/dev/null || true apt-key del 54404762BBB6E853 2>/dev/null || true apt-key del 6ED0E7B82643E131 2>/dev/null || true # 3. Очищаем кэш apt apt-get clean # 4. Принудительно переустанавливаем пакет с ключами (без проверки подписи) apt-get install --reinstall -y --allow-unauthenticated debian-archive-keyring # 5. Если прокси-сервер используется, настраиваем переменные окружения для gpg if [ -n "$PROXY_URL" ]; then export http_proxy="$PROXY_URL" export https_proxy="$PROXY_URL" fi # 6. Пытаемся получить ключи напрямую с keyserver (альтернативный источник) echo "Получение свежих ключей с keyserver..." gpg --keyserver keyserver.ubuntu.com --recv-keys 54404762BBB6E853 6ED0E7B82643E131 2>/dev/null || \ gpg --keyserver pgp.mit.edu --recv-keys 54404762BBB6E853 6ED0E7B82643E131 2>/dev/null || \ gpg --keyserver keys.openpgp.org --recv-keys 54404762BBB6E853 6ED0E7B82643E131 2>/dev/null || true # 7. Экспортируем ключи в директорию apt (если были получены) gpg --export 54404762BBB6E853 > /etc/apt/trusted.gpg.d/debian-security-automatic.gpg 2>/dev/null || true gpg --export 6ED0E7B82643E131 > /etc/apt/trusted.gpg.d/debian-archive-automatic.gpg 2>/dev/null || true # 8. Снова очищаем списки и обновляем rm -rf /var/lib/apt/lists/* apt-get update --allow-insecure-repositories || true echo -e "${ANSI_GREEN}Ключи обновлены.${ANSI_RESET}" } # ==================== ОСНОВНАЯ ЛОГИКА ==================== main() { # check_root echo -e "${ANSI_GREEN}=== Настройка системы ===${ANSI_RESET}" NEW_HOSTNAME=$(ask_hostname) ask_create_user echo $CREATE_USER if [ "$CREATE_USER" = "yes" ]; then NEW_USER=$(ask_username) USER_PASS=$(ask_password "$NEW_USER") create_user "$NEW_USER" "$USER_PASS" configure_user_history "$NEW_USER" fi ask_proxy # Выполнение настроек configure_root_history fix_debian_keys set_hostname "$NEW_HOSTNAME" add_mephi_repository update_system install_packages configure_ssh configure_locale configure_journald clean_git_docs make_motd_generator install_midnight_commanger finish_setup } # Запуск главной функции main "$@"

1	#!/bin/bash
2
3	set -e
4
5	# Цвета для вывода
6	ANSI_RED=$(tput -Txterm setaf 1)
7	ANSI_GREEN=$(tput -Txterm setaf 2)
8	ANSI_YELLOW=$(tput -Txterm setaf 3)
9	ANSI_RESET=$(tput -Txterm sgr0)
10
11	# ==================== ФУНКЦИИ ====================
12
13	# Проверка прав root
14	check_root() {
15	if [ "$EUID" -ne 0 ]; then
16	echo -e "${ANSI_RED}Ошибка: скрипт должен запускаться от root${ANSI_RESET}"
17	exit 1
18	fi
19	}
20
21	# Запрос имени хоста
22	ask_hostname() {
23	local current_hostname=$(hostname)
24	read -e -p "${ANSI_YELLOW}Введите имя хоста: (текущее: $current_hostname) ${ANSI_RESET}" -i "${current_hostname}" NEW_HOSTNAME
25	echo "$NEW_HOSTNAME"
26	}
27
28	# Запрос - создавать ли пользователя
29	ask_create_user() {
30	local choice
31	echo -e "${ANSI_YELLOW}Создать нового пользователя? (y/n):${ANSI_RESET}"
32	read -p "Create user [Y/N]? " choice
33	if [[ "$choice" =~ ^[Yy]$ ]]; then
34	CREATE_USER="yes"
35	else
36	CREATE_USER="no"
37	fi
38	}
39
40	# Запрос имени пользователя
41	ask_username() {
42	local username
43	echo -e "${ANSI_YELLOW}Введите имя нового пользователя:${ANSI_RESET}" >&2
44	read -p "Username: " username
45	if [ -z "$username" ]; then
46	echo -e "${ANSI_RED}Имя пользователя не может быть пустым.${ANSI_RESET}" >&2
47	exit 1
48	fi
49	echo "$username"
50	}
51
52	# Запрос пароля
53	ask_password() {
54	local username=$1
55	local user_pass
56	echo -e "${ANSI_YELLOW}Введите пароль для пользователя $username:${ANSI_RESET}" >&2
57	read -s -p "Password: " user_pass
58	echo >&2
59	if [ -z "$user_pass" ]; then
60	echo -e "${ANSI_RED}Пароль не может быть пустым.${ANSI_RESET}" >&2
61	exit 1
62	fi
63	echo "$user_pass"
64	}
65
66	# Запрос настройки прокси
67	ask_proxy() {
68	echo -e "\n${ANSI_YELLOW}Использовать прокси-сервер apt-cacher-ng? (y/n):${ANSI_RESET}"
69	read -p "Use proxy? " USE_PROXY
70	if [[ "$USE_PROXY" =~ ^[Yy]$ ]]; then
71	echo -e "${ANSI_YELLOW}Введите URL прокси-сервера (например: http://192.168.111.87:3142):${ANSI_RESET}"
72	read -e -p "Proxy URL: " -i "http://192.168.111.87:3142" PROXY_URL
73	if [ -n "$PROXY_URL" ]; then
74	configure_proxy "$PROXY_URL"
75	else
76	echo -e "${ANSI_RED}URL прокси не введен, пропускаем${ANSI_RESET}"
77	fi
78	fi
79	}
80
81	# Настройка прокси для apt
82	configure_proxy() {
83	local proxy_url=$1
84	echo -e "${ANSI_GREEN}Настройка прокси для apt...${ANSI_RESET}"
85	cat > /etc/apt/apt.conf.d/02aptproxy << EOF
86	Acquire::http::proxy "$proxy_url";
87	Acquire::ftp::proxy "$proxy_url";
88	EOF
89	echo -e "${ANSI_GREEN}Прокси настроен в /etc/apt/apt.conf.d/02aptproxy${ANSI_RESET}"
90	}
91
92	# Установка имени хоста
93	set_hostname() {
94	local hostname=$1
95	echo -e "\n${ANSI_GREEN}=== Установка имени хоста: $hostname ===${ANSI_RESET}"
96	hostnamectl set-hostname "$hostname"
97	if grep -q "^127.0.1.1" /etc/hosts; then
98	sed -i "s/^127.0.1.1.*/127.0.1.1\t$hostname/" /etc/hosts
99	else
100	echo "127.0.1.1\t$hostname" >> /etc/hosts
101	fi
102	echo -e "${ANSI_GREEN}Имя хоста установлено.${ANSI_RESET}"
103	}
104
105	# Добавление репозитория MEPHI
106	add_mephi_repository() {
107	. /etc/os-release 2>/dev/null \|\| { echo "Failed to determine release"; exit 1; }
108	[ -z "$VERSION_CODENAME" ] && echo "VERSION_CODENAME not found" && exit 1
109
110	local conf_file="/etc/apt/sources.list.d/debian_mephi.list"
111
112	if grep -qs "mirror.mephi.ru.*$VERSION_CODENAME" "$conf_file" 2>/dev/null; then
113	echo -e "Repository for $VERSION_CODENAME already exists in $conf_file"
114	else
115	echo -e "Adding repository for Debian $VERSION_CODENAME"
116	cat >> "$conf_file" << EOF
117
118	# Added $(date '+%Y-%m-%d')
119	deb http://mirror.mephi.ru/debian/ $VERSION_CODENAME main non-free-firmware
120	deb-src http://mirror.mephi.ru/debian/ $VERSION_CODENAME main non-free-firmware
121	EOF
122	echo "Repository added, updating package list..."
123	apt update
124	fi
125	}
126
127	# Обновление системы
128	update_system() {
129	echo -e "${ANSI_GREEN}=== Обновление системы ===${ANSI_RESET}"
130	apt update
131	apt -y upgrade
132	}
133
134	# Установка пакетов
135	install_packages() {
136	local packages=(
137	pv nano curl wget sudo lsb-release iptables
138	unzip pigz zstd
139	ncdu gdu
140	screen tmux lynx
141	htop btop iftop mtr ioping
142	git jq yq pwgen
143	bind9-dnsutils net-tools ssh-audit
144	cloud-guest-utils qemu-guest-agent
145	console-setup
146	)
147
148	echo -e "${ANSI_GREEN}Installing packages...${ANSI_RESET}"
149	apt-get update
150	apt-get install -y "${packages[@]}"
151	}
152
153	# Настройка SSH
154	configure_ssh() {
155	echo -e "${ANSI_GREEN}Allowing SSH root login${ANSI_RESET}"
156	sed -i 's/^.PermitRootLogin.$/PermitRootLogin yes/' /etc/ssh/sshd_config
157	systemctl restart sshd
158	echo -e "${ANSI_GREEN}Ok.${ANSI_RESET}"
159	}
160
161	# Настройка таймзоны и локали
162	configure_locale() {
163	echo "tzdata tzdata/Areas select Europe" \| debconf-set-selections
164	echo "tzdata tzdata/Zones/Europe select Moscow" \| debconf-set-selections
165	DEBIAN_FRONTEND=noninteractive dpkg-reconfigure tzdata
166
167	cat > /etc/locale.gen << EOF
168	ru_RU.UTF-8 UTF-8
169	en_US.UTF-8 UTF-8
170	EOF
171
172	locale-gen
173	update-locale LANG=en_US.UTF-8
174	locale -a \| grep -E "en_US\|ru_RU"
175	source /etc/default/locale
176
177	dpkg-reconfigure console-setup
178	dpkg-reconfigure keyboard-configuration
179	}
180
181	# Настройка journald
182	configure_journald() {
183	mkdir -p /etc/systemd/journald.conf.d
184	cat > /etc/systemd/journald.conf.d/size.conf << EOF
185	[Journal]
186	SystemMaxUse=1G
187	SystemMaxFileSize=50M
188	MaxLevelStore=warning
189	EOF
190
191	systemctl restart systemd-journald
192	}
193
194	# Создание пользователя
195	create_user() {
196	local username=$1
197	local password=$2
198
199	useradd -m "$username" && echo "$username:$password" \| chpasswd && passwd -e "$username"
200	usermod -aG sudo "$username"
201
202	touch "/home/$username/.Xauthority"
203	chown "$username:$username" "/home/$username/.Xauthority"
204
205	echo -e "${ANSI_GREEN}Пользователь $username с паролем '${ANSI_YELLOW}$password${ANSI_GREEN}' создан${ANSI_RESET}"
206	}
207
208	# Настройка истории для пользователя
209	configure_user_history() {
210	local username=$1
211	cat >> "/home/$username/.bashrc" << 'EOF'
212	export HISTSIZE=10000
213	export HISTFILESIZE=50000
214	export HISTTIMEFORMAT="%F %T "
215	export HISTCONTROL=ignoredups:ignorespace
216	shopt -s histappend
217	export PROMPT_COMMAND="history -a; history -c; history -r; $PROMPT_COMMAND"
218	export TERM=xterm-256color
219	EOF
220	chown "$username:$username" "/home/$username/.bashrc"
221	}
222
223	# Настройка истории для root
224	configure_root_history() {
225	cat >> /root/.bashrc << 'EOF'
226	export HISTSIZE=10000
227	export HISTFILESIZE=50000
228	export HISTTIMEFORMAT="%F %T "
229	export HISTCONTROL=ignoredups:ignorespace
230	shopt -s histappend
231	export PROMPT_COMMAND="history -a; history -c; history -r; $PROMPT_COMMAND"
232	export TERM=xterm-256color
233	EOF
234	source /root/.bashrc
235	}
236
237	# Очистка документации git
238	clean_git_docs() {
239	rm -rf /usr/share/doc/git/RelNotes
240	}
241
242	# Финальное сообщение
243	finish_setup() {
244	echo -e "${ANSI_GREEN}=== Настройка завершена ===${ANSI_RESET}"
245	}
246
247	# Запись конфигурационного файла
248	write_config_file() {
249	local file_path=$1
250	local create_backup=${2:-true} # создать резервную копию? (по умолчанию true)
251
252	echo -e "${ANSI_GREEN}=== Запись конфигурации в $file_path ===${ANSI_RESET}"
253
254	# Создание резервной копии
255	if [ "$create_backup" = true ] && [ -f "$file_path" ]; then
256	local backup_path="${file_path}.backup.$(date +%Y%m%d_%H%M%S)"
257	cp "$file_path" "$backup_path"
258	echo -e "${ANSI_YELLOW}Создана резервная копия: $backup_path${ANSI_RESET}"
259	fi
260
261	# Создание директории, если её нет
262	local dir_path=$(dirname "$file_path")
263	if [ ! -d "$dir_path" ]; then
264	mkdir -p "$dir_path"
265	echo -e "${ANSI_YELLOW}Создана директория: $dir_path${ANSI_RESET}"
266	fi
267
268	# Чтение содержимого из heredoc
269	cat > "$file_path"
270
271	# Установка правильных прав (опционально)
272	chmod 644 "$file_path"
273
274	echo -e "${ANSI_GREEN}Файл успешно записан: $file_path${ANSI_RESET}"
275	}
276
277	make_motd_generator() {
278	write_config_file "/etc/update-motd.d/99-mymotd-generator" false << 'EOF'
279	#!/bin/bash
280
281	# Text Color Variables http://misc.flogisoft.com/bash/tip_colors_and_formatting
282	tcLtG="\033[00;37m" # LIGHT GRAY
283	tcDkG="\033[01;30m" # DARK GRAY
284	tcLtR="\033[01;31m" # LIGHT RED
285	tcLtGRN="\033[01;32m" # LIGHT GREEN
286	tcLtBL="\033[01;34m" # LIGHT BLUE
287	tcLtP="\033[01;35m" # LIGHT PURPLE
288	tcLtC="\033[01;36m" # LIGHT CYAN
289	tcW="\033[01;37m" # WHITE
290	tcRESET="\033[0m"
291	tcORANGE="\033[38;5;209m"
292
293	# Time of day
294	HOUR=$(date +"%H")
295	if [ $HOUR -lt 12 -a $HOUR -ge 0 ]; then TIME="morning"
296	elif [ $HOUR -lt 17 -a $HOUR -ge 12 ]; then TIME="afternoon"
297	else TIME="evening"
298	fi
299
300	# System uptime
301	uptime=`cat /proc/uptime \| cut -f1 -d.`
302	upDays=$((uptime/60/60/24))
303	upHours=$((uptime/60/60%24))
304	upMins=$((uptime/60%60))
305
306	# System + Memory
307	MEMORY_USED=`free -b \| grep Mem \| awk '{print $3/$2 * 100.0}'`
308	SWAP_USED=`free -b \| grep Swap \| awk '{print $3/$2 * 100.0}'`
309	NUM_PROCS=`ps aux \| wc -l`
310
311	# IP первого сетевого интерфейса
312	LOCAL_IP=$(ip -4 addr show \| grep -oP '(?<=inet\s)\d+\.\d+\.\d+\.\d+' \| grep -v '^127\.' \| head -n 1)
313
314	# Имя сервера
315	HOSTNAME=$(hostname)
316
317	# ОS
318	OS=$(grep PRETTY_NAME /etc/os-release \| cut -d= -f2 \| tr -d '"')
319
320	# Пользователь
321	USER_NAME=$(whoami)
322	[ "$USER_NAME" = "root" ] && USER_NAME="${tcLtR}${USER_NAME}${tcRESET}"
323
324	# Load average
325	LOADAVG=$(awk '{print $1" "$2" "$3}' /proc/loadavg)
326	SYS_LOADS=`cat /proc/loadavg \| awk '{print $1}'`
327
328	# RAM: всего и свободно (в мегабайтах)
329	RAM_TOTAL=$(free -m \| awk '/Mem:/ {print $2}')
330	RAM_FREE=$(free -m \| awk '/Mem:/ {print $7}')
331	RAM_FREE_PCT=$(( RAM_FREE * 100 / RAM_TOTAL ))
332
333	# Количество CPU
334	CPU_COUNT=$(nproc)
335
336	# Uptime
337	UPTIME=$(uptime -p)
338
339	# HDD: для корневого раздела /
340	DISK_TOTAL_HUMAN=$(df -h / \| awk 'NR==2 {print $2}')
341	DISK_FREE_HUMAN=$(df -h / \| awk 'NR==2 {print $4}')
342
343	# Используем df без форматирования для процентов
344	DISK_TOTAL=$(df -k / \| awk 'NR==2 {print $2}')
345	DISK_FREE=$(df -k / \| awk 'NR==2 {print $4}')
346	DISK_FREE_PCT=$(( DISK_FREE * 100 / DISK_TOTAL ))
347
348	echo -e "$tcDkG ==============================================================="
349	echo -e $tcLtG " Good $TIME! $tcORANGE $LOCAL_IP"
350	echo -e $tcDkG "==============================================================="
351	echo -e $tcLtG " - Hostname :$tcW ${HOSTNAME}"
352	echo -e $tcLtG " - IP Address :$tcW ${LOCAL_IP:-N/A}"
353	echo -e $tcLtG " - User :$tcW ${USER_NAME}"
354	echo -e $tcLtG "==============================================================="
355	echo -e $tcLtG " - OS Release :$tcW ${OS}"
356	echo -e $tcLtG " - Kernel : `uname -a \| awk '{print $1" "$3" "$12}'`"
357	echo -e $tcLtG " - Users : Currently `users \| wc -w` user(s) logged on"
358	echo -e $tcLtG "==============================================================="
359	echo -e $tcLtG " - Server Time : `date`"
360	echo -e $tcLtG " - System load : ${SYS_LOADS} / ${NUM_PROCS} processes running"
361	echo -e $tcLtG " - Load average : ${LOADAVG}"
362	echo -e $tcLtG " - System uptime : ${upDays} days ${upHours} hours ${upMins} minutes"
363	echo -e $tcLtG "==============================================================="
364	echo -e $tcLtG " - CPU : ${CPU_COUNT} CPU"
365	echo -e $tcLtG " - RAM : ${RAM_TOTAL} MB, ${RAM_FREE} MB (${RAM_FREE_PCT}%) free"
366	echo -e $tcLtG " - HDD : ${DISK_TOTAL_HUMAN}, ${DISK_FREE_HUMAN} (${DISK_FREE_PCT}%) free"
367	echo -e $tcLtG " - Swap used % : ${SWAP_USED}"
368	echo -e $tcDkG "==============================================================="
369	echo -e $tcRESET ""
370	EOF
371
372	write_config_file "/etc/issue" false << 'EOF'
373	Debian GNU/Linux 12 \n \l
374
375	Local IP: не доступен
376	EOF
377	}
378
379	install_midnight_commanger() {
380	apt-get -y install mc
381
382	write_config_file "/root/.config/mc/ini" false << 'EOF'
383	[Midnight-Commander]
384	verbose=true
385	shell_patterns=true
386	auto_save_setup=true
387	preallocate_space=false
388	auto_menu=false
389	use_internal_view=true
390	use_internal_edit=false
391	clear_before_exec=true
392	confirm_delete=true
393	confirm_overwrite=true
394	confirm_execute=false
395	confirm_history_cleanup=true
396	confirm_exit=false
397	confirm_directory_hotlist_delete=false
398	confirm_view_dir=false
399	safe_delete=false
400	safe_overwrite=false
401	use_8th_bit_as_meta=false
402	mouse_move_pages_viewer=true
403	mouse_close_dialog=false
404	fast_refresh=false
405	drop_menus=false
406	wrap_mode=true
407	old_esc_mode=true
408	cd_symlinks=true
409	show_all_if_ambiguous=false
410	use_file_to_guess_type=true
411	alternate_plus_minus=false
412	only_leading_plus_minus=true
413	show_output_starts_shell=false
414	xtree_mode=false
415	file_op_compute_totals=true
416	classic_progressbar=true
417	use_netrc=true
418	ftpfs_always_use_proxy=false
419	ftpfs_use_passive_connections=true
420	ftpfs_use_passive_connections_over_proxy=false
421	ftpfs_use_unix_list_options=true
422	ftpfs_first_cd_then_ls=true
423	ignore_ftp_chattr_errors=true
424	editor_fill_tabs_with_spaces=false
425	editor_return_does_auto_indent=false
426	editor_backspace_through_tabs=false
427	editor_fake_half_tabs=true
428	editor_option_save_position=true
429	editor_option_auto_para_formatting=false
430	editor_option_typewriter_wrap=false
431	editor_edit_confirm_save=true
432	editor_syntax_highlighting=true
433	editor_persistent_selections=true
434	editor_drop_selection_on_copy=true
435	editor_cursor_beyond_eol=false
436	editor_cursor_after_inserted_block=false
437	editor_visible_tabs=true
438	editor_visible_spaces=true
439	editor_line_state=false
440	editor_simple_statusbar=false
441	editor_check_new_line=false
442	editor_show_right_margin=false
443	editor_group_undo=true
444	editor_state_full_filename=true
445	editor_ask_filename_before_edit=false
446	nice_rotating_dash=true
447	shadows=true
448	mcview_remember_file_position=false
449	auto_fill_mkdir_name=true
450	copymove_persistent_attr=true
451	pause_after_run=1
452	mouse_repeat_rate=100
453	double_click_speed=250
454	old_esc_mode_timeout=1000000
455	max_dirt_limit=10
456	num_history_items_recorded=60
457	vfs_timeout=60
458	ftpfs_directory_timeout=900
459	ftpfs_retry_seconds=30
460	fish_directory_timeout=900
461	editor_tab_spacing=8
462	editor_word_wrap_line_length=72
463	editor_option_save_mode=0
464	editor_backup_extension=~
465	editor_filesize_threshold=64M
466	editor_stop_format_chars=-+*\\,.;:&>
467	mcview_eof=
468	skin=modarcon16
469
470	filepos_max_saved_entries=1024
471
472	[Layout]
473	output_lines=0
474	left_panel_size=86
475	top_panel_size=0
476	message_visible=false
477	keybar_visible=true
478	xterm_title=true
479	command_prompt=true
480	menubar_visible=true
481	free_space=true
482	horizontal_split=false
483	vertical_equal=true
484	horizontal_equal=true
485
486	[Misc]
487	timeformat_recent=%b %e %H:%M
488	timeformat_old=%b %e %Y
489	ftp_proxy_host=gate
490	ftpfs_password=anonymous@
491	display_codepage=UTF-8
492	source_codepage=Other_8_bit
493	autodetect_codeset=
494	spell_language=en
495	clipboard_store=
496	clipboard_paste=
497
498	[Colors]
499	base_color=
500	linux=
501	color_terminals=
502
503	xterm-256color=
504
505	[Panels]
506	show_mini_info=true
507	kilobyte_si=false
508	mix_all_files=false
509	show_backups=true
510	show_dot_files=true
511	fast_reload=false
512	fast_reload_msg_shown=false
513	mark_moves_down=true
514	reverse_files_only=true
515	auto_save_setup_panels=false
516	navigate_with_arrows=false
517	panel_scroll_pages=true
518	panel_scroll_center=false
519	mouse_move_pages=true
520	filetype_mode=true
521	permission_mode=false
522	torben_fj_mode=false
523	quick_search_mode=2
524	select_flags=6
525
526	[Panelize]
527	Find .orig after patching=find . -name \\.orig -print
528	Find SUID and SGID programs=find . \$ \\( -perm -04000 -a -perm /011 \$ -o \$ -perm -02000 -a -perm /01 \$ \\) -print
529	Find rejects after patching=find . -name \\*.rej -print
530	Modified git files=git ls-files --modified
531
532	EOF
533
534	write_config_file "/root/.config/mc/panels.ini" false << 'EOF'
535	[New Left Panel]
536	display=listing
537	reverse=false
538	case_sensitive=true
539	exec_first=false
540	sort_order=name
541	list_mode=full
542	brief_cols=2
543	user_format=half type name \| size \| owner
544	user_status0=half type name \| size \| perm
545	user_status1=half type name \| size \| perm
546	user_status2=half type name \| size \| perm
547	user_status3=half type name \| size \| perm
548	user_mini_status=false
549	filter_flags=7
550	list_format=user
551
552	[New Right Panel]
553	display=listing
554	reverse=false
555	case_sensitive=true
556	exec_first=false
557	sort_order=name
558	list_mode=full
559	brief_cols=2
560	user_format=half type name \| size \| owner
561	user_status0=half type name \| size \| perm
562	user_status1=half type name \| size \| perm
563	user_status2=half type name \| size \| perm
564	user_status3=half type name \| size \| perm
565	user_mini_status=false
566	filter_flags=7
567	list_format=user
568
569	[Dirs]
570	current_is_left=false
571	other_dir=/root
572	EOF
573	}
574
575	# Обновление GPG ключей Debian
576	fix_debian_keys() {
577	echo -e "${ANSI_GREEN}=== Исправление GPG-ключей Debian ===${ANSI_RESET}"
578
579	# 1. Полностью удаляем кэш списков пакетов
580	rm -rf /var/lib/apt/lists/*
581
582	# 2. Удаляем старые проблемные ключи из trusted.gpg.d и связки apt-key
583	rm -f /etc/apt/trusted.gpg.d/54404762BBB6E853 \
584	/etc/apt/trusted.gpg.d/6ED0E7B82643E131 2>/dev/null \|\| true
585	apt-key del 54404762BBB6E853 2>/dev/null \|\| true
586	apt-key del 6ED0E7B82643E131 2>/dev/null \|\| true
587
588	# 3. Очищаем кэш apt
589	apt-get clean
590
591	# 4. Принудительно переустанавливаем пакет с ключами (без проверки подписи)
592	apt-get install --reinstall -y --allow-unauthenticated debian-archive-keyring
593
594	# 5. Если прокси-сервер используется, настраиваем переменные окружения для gpg
595	if [ -n "$PROXY_URL" ]; then
596	export http_proxy="$PROXY_URL"
597	export https_proxy="$PROXY_URL"
598	fi
599
600	# 6. Пытаемся получить ключи напрямую с keyserver (альтернативный источник)
601	echo "Получение свежих ключей с keyserver..."
602	gpg --keyserver keyserver.ubuntu.com --recv-keys 54404762BBB6E853 6ED0E7B82643E131 2>/dev/null \|\| \
603	gpg --keyserver pgp.mit.edu --recv-keys 54404762BBB6E853 6ED0E7B82643E131 2>/dev/null \|\| \
604	gpg --keyserver keys.openpgp.org --recv-keys 54404762BBB6E853 6ED0E7B82643E131 2>/dev/null \|\| true
605
606	# 7. Экспортируем ключи в директорию apt (если были получены)
607	gpg --export 54404762BBB6E853 > /etc/apt/trusted.gpg.d/debian-security-automatic.gpg 2>/dev/null \|\| true
608	gpg --export 6ED0E7B82643E131 > /etc/apt/trusted.gpg.d/debian-archive-automatic.gpg 2>/dev/null \|\| true
609
610	# 8. Снова очищаем списки и обновляем
611	rm -rf /var/lib/apt/lists/*
612	apt-get update --allow-insecure-repositories \|\| true
613
614	echo -e "${ANSI_GREEN}Ключи обновлены.${ANSI_RESET}"
615	}
616
617	# ==================== ОСНОВНАЯ ЛОГИКА ====================
618
619	main() {
620	# check_root
621
622	echo -e "${ANSI_GREEN}=== Настройка системы ===${ANSI_RESET}"
623
624	NEW_HOSTNAME=$(ask_hostname)
625
626	ask_create_user
627
628	echo $CREATE_USER
629
630	if [ "$CREATE_USER" = "yes" ]; then
631	NEW_USER=$(ask_username)
632	USER_PASS=$(ask_password "$NEW_USER")
633	create_user "$NEW_USER" "$USER_PASS"
634	configure_user_history "$NEW_USER"
635	fi
636
637	ask_proxy
638
639	# Выполнение настроек
640	configure_root_history
641	fix_debian_keys
642	set_hostname "$NEW_HOSTNAME"
643	add_mephi_repository
644	update_system
645	install_packages
646	configure_ssh
647	configure_locale
648	configure_journald
649	clean_git_docs
650
651	make_motd_generator
652
653	install_midnight_commanger
654
655	finish_setup
656	}
657
658	# Запуск главной функции
659	main "$@"