#!/bin/bash set -e # install.sh # This script installs my basic setup for a debian machine USERNAME=fschl SUDO="sudo" check_root() { # We need root rights at some point if [ "$(whoami)" != "root" ]; then if ! which $SUDO >/dev/null; then echo "ERROR: $0 is not run as root and $SUDO is not available" >&2 exit 1 fi else SUDO="" # We're already root fi } apt_sources() { # http://deb.debian.org/ ddist=$1 DIST="${ddist:-stable}" allowed_dists=("testing stable stretch buster") if [ ! ${DIST} in "${allowed_dists[@]}" ]; then echo "... $DIST was not in allowed dists... setting to stable" DIST="stable" fi echo "writing /etc/apt/sources.list..." echo "using ${DIST}" cat <<-EOF > /etc/apt/sources.list deb http://deb.debian.org/debian ${DIST} main deb-src http://deb.debian.org/debian ${DIST} main deb http://deb.debian.org/debian-security/ ${DIST}/updates main deb-src http://deb.debian.org/debian-security/ ${DIST}/updates main deb http://deb.debian.org/debian ${DIST}-updates main deb-src http://deb.debian.org/debian ${DIST}-updates main EOF } base_applications() { echo "update and installing baseapps..." $SUDO apt update $SUDO apt upgrade DEBIAN_FRONTEND=noninteractive $SUDO apt install -y \ apt-transport-https \ automake \ bash-completion \ bmon \ bzip2 \ ca-certificates \ cmake \ coreutils \ cryptsetup \ curl \ dnsutils \ gcc \ git \ gnupg \ gnupg-agent \ gnupg2 \ grep \ htop \ iotop \ locales \ make \ mount \ net-tools \ rsync \ ssh \ sudo \ tar \ tmux \ tree \ unzip \ vim \ vpnc \ vpnc-scripts \ zip \ --no-install-recommends echo "... DONE... cleaning up\n\n" $SUDO apt autoremove $SUDO apt autoclean $SUDO apt clean } install_server_base() { echo "update and installing server base tools..." DEBIAN_FRONTEND=noninteractive apt update apt install -y \ fail2ban \ logwatch \ unattended-upgrades \ --no-install-recommends echo "... DONE... cleaning up\n\n" apt autoremove apt autoclean apt clean echo "setting up logwatch..." echo "... TODO require email to be set as parameter" echo "... TODO require email to be set as parameter" cat <<-EOF > /etc/cron.daily/00logwatch /usr/sbin/logwatch --output mail --mailto you@example.com --detail high EOF echo " ... DONE" # TODO: is this really needed? or default behavior anyway? echo "set unattended upgrades..." cat <<-EOF > /etc/apt/apt.conf.d/10periodic APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Download-Upgradeable-Packages "1"; APT::Periodic::AutocleanInterval "7"; APT::Periodic::Unattended-Upgrade "1"; EOF echo " ... DONE" } no_suspend() { # https://wiki.debian.org/SystemdSuspendSedation $SUDO sed -i "s/HandleLidSwitch=.*/HandleLidSwitch=ignore/" /etc/systemd/logind.conf $SUDO sed -i "s/HandleLidSwitchDocked=.*/HandleLidSwitchDocked=ignore/" /etc/systemd/logind.conf $SUDO sed -i "s/IdleActionSec=.*/IdleActionSec=90min/" /etc/systemd/logind.conf # turn off screen blanking # https://www.raspberrypi.org/forums/viewtopic.php?f=66&t=18200&sid=135af53eb82496bc64f4c0eefbc86d2c&start=25 # http://raspberrypi.stackexchange.com/questions/752/how-do-i-prevent-the-screen-from-going-blank xset s noblank $SUDO systemctl restart systemd-logind.service } install_nvidia_docker() { # get latest driver from https://www.nvidia.com/object/unix.html # https://github.com/NVIDIA/nvidia-docker/wiki/Installation-(version-2.0)#prerequisites curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | \ sudo tee /etc/apt/sources.list.d/nvidia-docker.list sudo apt-get update # Install nvidia-docker2 and reload the Docker daemon configuration sudo apt-get install -y nvidia-docker2 sudo pkill -SIGHUP dockerd } install_latex() { apt update apt install -y \ evince \ texlive \ texlive-bibtex-extra \ texlive-lang-english \ texlive-lang-german \ texlive-latex-extra \ texlive-latex-recommended \ texlive-pictures \ --no-install-recommends } install_i3() { echo "update and installing i3wm and some tools..." # check if CJK and other eastern letters are displayed correctly: # https://meta.wikimedia.org/wiki/List_of_Wikipedias # tlp: Advanced Linux Power Management # http://linrunner.de/en/tlp/docs/tlp-linux-advanced-power-management.html # deb http://repo.linrunner.de/debian sid main # add the tlp apt-repo gpg key # apt-key adv --keyserver pool.sks-keyservers.net --recv-keys CD4E8809 DEBIAN_FRONTEND=noninteractive # TODO add non-free to apt/sources.list apt update apt install -y \ alsa-utils \ aspell \ aspell-de \ aspell-en \ emacs \ feh \ firefox-esr \ firmware-iwlwifi \ firmware-linux-nonfree \ firmware-realtek \ fonts-font-awesome \ fonts-noto \ fonts-noto-cjk \ fswebcam \ gimp \ i3 \ i3lock \ i3lock-fancy \ i3status \ keepassxc \ libreoffice-calc \ libreoffice-impress \ libreoffice-l10n-de \ libreoffice-l10n-en-gb \ libreoffice-writer \ network-manager-gnome \ network-manager-vpnc \ network-manager-vpnc-gnome \ nextcloud-desktop \ ntfs-3g \ nmap \ pulseaudio \ remmina \ rxvt-unicode-256color \ scrot \ shotwell \ slim \ thunderbird \ thunderbird-l10n-de \ thunderbird-l10n-en-gb \ vlc \ xclip \ xorg \ --no-install-recommends echo "... DONE... cleaning up\n\n" apt autoremove apt autoclean apt clean TARGET="/home/$USERNAME/.emacs.d" git clone https://github.com/syl20bnr/spacemacs "${TARGET}" # rm -rf "${TARGET}"/private/snippets # git clone https://github.com/AndreaCrotti/yasnippet-snippets "${TARGET}"/private/yas-snippets # ln -s "${TARGET}"/private/yas-snips/snippets "${TARGET}"/private/snippets/ no_suspend echo "... setting capslock to control" sed -i "s/^XKBOPTIONS=.*/XKBOPTIONS=\"ctrl:nocaps\"/" /etc/default/keyboard } install_docker() { # https://docs.docker.com/install/linux/docker-ce/debian/#install-using-the-repository # bad experiences with static binaries... # https://docs.docker.com/engine/installation/binaries/#install-static-binaries echo "installing docker binary Version $VERS ..." # https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount apt install -y \ apt-transport-https \ ca-certificates \ curl \ gnupg2 \ software-properties-common \ --no-install-recommends curl -fsSL https://download.docker.com/linux/debian/gpg | $SUDO apt-key add - # add docker apt repo cat <<-EOF > /etc/apt/sources.list.d/docker.list deb [arch=amd64] https://download.docker.com/linux/debian buster stable # deb [arch=amd64] https://download.docker.com/linux/debian buster test # deb [arch=amd64] https://download.docker.com/linux/debian buster nightly EOF apt update apt install -y \ docker-ce \ --no-install-recommends addgroup ${USERNAME} docker docker version docker info } install_compose() { # https://github.com/docker/compose/releases # btw: *not* for raspbian! you got 3 choices: hypriot, install via pip or build yourself # https://www.berthon.eu/2017/getting-docker-compose-on-raspberry-pi-arm-the-easy-way/ VERS="1.24.1" FILE="docker-compose-$(uname -s)-$(uname -m)" echo "installing docker-compose $VERS ... curling from github" curl -SL "https://github.com/docker/compose/releases/download/${VERS}/${FILE}" -o /tmp/${FILE} curl -SL "https://github.com/docker/compose/releases/download/${VERS}/${FILE}.sha256" -o /tmp/${FILE}.sha256 if [ ! $(cat /tmp/${FILE}.sha256 | sha256sum -c -) ]; then echo "... checksum failed... stopping" exit 1; fi chmod +x /tmp/${FILE} mv /tmp/${FILE} /usr/bin/docker-compose rm /tmp/${FILE}.sha256 echo "... done" /usr/bin/docker-compose version } install_virtualbox() { # https://wiki.debian.org/VirtualBox#Installation_of_non-free_edition apt install -y \ apt-transport-https \ ca-certificates \ curl \ gnupg2 \ software-properties-common \ --no-install-recommends curl -fsSL https://download.docker.com/linux/debian/gpg | $SUDO apt-key add - # add docker apt repo cat <<-EOF > /etc/apt/sources.list.d/docker.list deb [arch=amd64] https://download.docker.com/linux/debian stretch stable # deb [arch=amd64] https://download.docker.com/linux/debian stretch test # deb [arch=amd64] https://download.docker.com/linux/debian stretch nightly EOF apt update apt install -y \ docker-ce \ --no-install-recommends groupadd docker addgroup ${USERNAME} docker docker version docker info } get_dotfiles() { ( # git clone https://gitlab.com/fschl/dotfiles.git "/home/$USERNAME/dotfiles" # cd "/home/$USERNAME/dotfiles" && make # TODO: propbably dont really need the whole repo git clone https://gitlab.com/fschl/dockerfiles.git "/home/$USERNAME/dockerfiles" ) } # install/update golang from source install_golang() { export GO_VERSION=1.13.0 export GO_SRC=/usr/local/go # if we are passing the version if [[ ! -z "$1" ]]; then export GO_VERSION=$1 fi # subshell because we `cd` ( curl -sSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | $SUDO tar -v -C /usr/local -xz ) # get commandline tools ( set -x set +e go get github.com/golang/lint/golint go get golang.org/x/tools/cmd/cover go get golang.org/x/review/git-codereview go get -u -v github.com/rogpeppe/godef go get -u -v golang.org/x/tools/cmd/guru go get -u -v golang.org/x/tools/cmd/gorename go get -u -v golang.org/x/tools/cmd/goimports go get github.com/mdempsky/gocode #done ) } get_public_go_projects() { ( aliases=( Masterminds/glide onsi/ginkgo onsi/gomega gogits/gogs fschl/CompileDaemon ) for project in "${aliases[@]}"; do owner=$(dirname "$project") repo=$(basename "$project") if [[ -d "${HOME}/${repo}" ]]; then rm -rf "${HOME}/${repo}" fi mkdir -p "${GOPATH}/src/github.com/${owner}" if [[ ! -d "${GOPATH}/src/github.com/${project}" ]]; then ( # clone the repo cd "${GOPATH}/src/github.com/${owner}" git clone "https://github.com/${project}.git" # fix the remote path, since our gitconfig will make it git@ cd "${GOPATH}/src/github.com/${project}" git remote set-url origin "https://github.com/${project}.git" ) else echo "found ${project} already in gopath" fi # make sure we create the right git remotes # if [[ "$owner" != "fschl" ]]; then # ( # cd "${GOPATH}/src/github.com/${project}" # git remote set-url --push origin no_push # git remote add jfrazelle "https://github.com/fschl/${repo}.git" # ) # fi # create the alias # ln -snvf "${GOPATH}/src/github.com/${project}" "${HOME}/${repo}" done # create symlinks from personal projects to # the ${HOME} directory projectsdir=$GOPATH/src/gitlab.com/fschl base=$(basename "$projectsdir") find "$projectsdir" -maxdepth 1 -not -name "$base" -type d -print0 | while read -d '' -r dir; do base=$(basename "$dir") ln -snvf "$dir" "${HOME}/${base}" done ) } if [ -f "./get_private_stuff.sh" ]; then source get_private_stuff.sh fi main() { local cmd=$1 if [[ -z "$cmd" ]]; then echo "Usage: \n base | desktop | server | dotfiles | update-docker | go" fi case "$cmd" in base) # apt_sources buster base_applications install_docker install_compose ;; dotfiles) get_dotfiles ;; server) install_server_base ;; desktop) # apt_sources buster base_applications install_docker install_compose install_i3 if [ -f "./get_private_stuff.sh" ]; then source get_private_stuff.sh fi ;; latex) install_latex ;; update-docker) # install_docker install_compose ;; go) install_golang # get_public_go_projects ;; esac } main "$@"