dotfiles/scripts/install.sh

644 lines
18 KiB
Bash
Executable File

#!/bin/bash
set -e
# install.sh
# This script installs a basic setup for a debian machine
USERNAME=fschl
SUDO="sudo"
check_root() {
# We need root rights at some point
if [ "$(whoami)" != "root" ]; then
if ! which $SUDO >/dev/null; then
echo "ERROR: $0 is not run as root and $SUDO is not available" >&2
exit 1
fi
else
SUDO="" # We're already root
fi
}
apt_sources() {
# https://www.debian.org/releases/
ddist=$1
DIST="${ddist:-stable}"
allowed_dists=("testing stable buster bullseye")
if [ ! ${DIST} in "${allowed_dists[@]}" ]; then
echo "... $DIST was not in allowed dists... setting to stable"
DIST="stable"
fi
echo "writing /etc/apt/sources.list..."
echo "using ${DIST}"
cat <<-EOF > /etc/apt/sources.list
deb http://deb.debian.org/debian ${DIST} main
deb-src http://deb.debian.org/debian ${DIST} main
deb http://deb.debian.org/debian-security/ ${DIST}/updates main
deb-src http://deb.debian.org/debian-security/ ${DIST}/updates main
# backports for wireguard
# https://www.wireguard.com/install/
# https://backports.debian.org/Instructions/
deb http://deb.debian.org/debian buster-backports main
deb http://deb.debian.org/debian ${DIST}-updates main
deb-src http://deb.debian.org/debian ${DIST}-updates main
EOF
}
base_applications() {
echo "update and installing baseapps..."
$SUDO apt update
$SUDO apt upgrade
DEBIAN_FRONTEND=noninteractive
$SUDO apt install -y \
apt-transport-https \
automake \
bash-completion \
bat \
bmon \
bzip2 \
ca-certificates \
cmake \
coreutils \
cryptsetup \
curl \
dnsutils \
fzf \
gcc \
git \
gnupg \
gnupg-agent \
gnupg2 \
grep \
htop \
iotop \
locales \
linux-headers-$(uname -r) \
make \
mount \
net-tools \
restic \
ripgrep \
rsync \
ssh \
sudo \
tar \
tmux \
tree \
unzip \
vim \
vpnc \
vpnc-scripts \
wireguard \
wireguard-dkms \
wireguard-tools \
zip \
--no-install-recommends
$SUDO restic self-update
echo "... DONE... cleaning up\n\n"
$SUDO apt autoremove
$SUDO apt autoclean
$SUDO apt clean
}
install_server_base() {
echo "update and installing server base tools..."
DEBIAN_FRONTEND=noninteractive
$SUDO apt update
$SUDO apt install -y \
fail2ban \
logwatch \
unattended-upgrades \
--no-install-recommends
echo "... DONE... cleaning up\n\n"
$SUDO apt autoremove
$SUDO apt autoclean
$SUDO apt clean
echo "setting up logwatch..."
echo "... TODO require email to be set as parameter"
echo "... TODO require email to be set as parameter"
cat <<-EOF > /etc/cron.daily/00logwatch
/usr/sbin/logwatch --output mail --mailto you@example.com --detail high
EOF
echo " ... DONE"
# TODO: is this really needed? or default behavior anyway?
echo "set unattended upgrades..."
cat <<-EOF > /etc/apt/apt.conf.d/10periodic
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
EOF
echo " ... DONE"
}
no_suspend() {
# https://wiki.debian.org/SystemdSuspendSedation
$SUDO sed -i "s/HandleLidSwitch=.*/HandleLidSwitch=ignore/" /etc/systemd/logind.conf
$SUDO sed -i "s/HandleLidSwitchDocked=.*/HandleLidSwitchDocked=ignore/" /etc/systemd/logind.conf
$SUDO sed -i "s/IdleActionSec=.*/IdleActionSec=90min/" /etc/systemd/logind.conf
# turn off screen blanking
# https://www.raspberrypi.org/forums/viewtopic.php?f=66&t=18200&sid=135af53eb82496bc64f4c0eefbc86d2c&start=25
# http://raspberrypi.stackexchange.com/questions/752/how-do-i-prevent-the-screen-from-going-blank
xset s noblank
$SUDO systemctl restart systemd-logind.service
}
install_nvidia_docker() {
# get latest driver from https://www.nvidia.com/object/unix.html
# https://github.com/NVIDIA/nvidia-docker/wiki/Installation-(version-2.0)#prerequisites
curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | \
sudo tee /etc/apt/sources.list.d/nvidia-docker.list
sudo apt-get update
# Install nvidia-docker2 and reload the Docker daemon configuration
sudo apt-get install -y nvidia-docker2
sudo pkill -SIGHUP dockerd
}
install_latex() {
$SUDO apt update
$SUDO apt install -y \
evince \
texlive \
texlive-bibtex-extra \
texlive-fonts-extra \
texlive-fonts-recommended \
texlive-lang-english \
texlive-lang-german \
texlive-latex-extra \
texlive-latex-recommended \
texlive-pictures \
texlive-plain-generic \
zathura \
--no-install-recommends
}
install_workstation_apps() {
DEBIAN_FRONTEND=noninteractive
$SUDO apt update
$SUDO apt install -y \
alsa-tools \
alsa-utils \
aspell \
aspell-de \
aspell-en \
cups-browsed \
emacs \
firefox-esr \
firmware-iwlwifi \
firmware-linux-nonfree \
firmware-realtek \
fonts-font-awesome \
fonts-noto \
fonts-noto-cjk \
fonts-powerline \
gimp \
keepassxc \
libnotify-bin \
libnotify-dev \
libreoffice-calc \
libreoffice-impress \
libreoffice-l10n-de \
libreoffice-l10n-en-gb \
libreoffice-writer \
ntfs-3g \
network-manager \
network-manager-openvpn \
nmap \
openvpn \
openvpn-systemd-resolved \
thunderbird \
thunderbird-l10n-de \
thunderbird-l10n-en-gb \
--no-install-recommends
TARGET="/home/$USERNAME/.emacs.d"
rm -rf ${TARGET}
git clone https://github.com/syl20bnr/spacemacs "${TARGET}"
# rm -rf "${TARGET}"/private/snippets
# git clone https://github.com/AndreaCrotti/yasnippet-snippets "${TARGET}"/private/yas-snippets
# ln -s "${TARGET}"/private/yas-snips/snippets "${TARGET}"/private/snippets/
}
install_sway() {
echo " installing sway and wayland tools..."
DEBIAN_FRONTEND=noninteractive
$SUDO apt update
$SUDO apt install -y \
brightnessctl \
mako \
sway \
udiskie \
udisks2 \
wl-clipboard \
wob \
wofi \
ydotool \
--no-install-recommends
mv /home/${USERNAME}/.bashrc /home/${USERNAME}/.bashrc~
ln -s /home/${USERNAME}/dotfiles/.bashrc /home/${USERNAME}/.bashrc
cp ../sway/mako.conf /home/${USERNAME}/.config/mako/conf
(
git clone https://github.com/Biont/sway-launcher-desktop /home/${USERNAME}/projects/sway-launcher-desktop
)
# build swaylock-effects because its not available on Debian
# https://github.com/voidgloom/swaylock-effects
(
$SUDO apt update
$SUDO apt install -y \
wayland-protocols \
libwayland-client++0 \
libcairo2-dev \
libwayland-client0 \
--no-install-recommends
TARGET=/home/${USERNAME}/projects/swaylock-effects
git clone https://github.com/voidgloom/swaylock-effects ${TARGET}
cd ${TARGET}
meson build && ninja -C build && sudo ninja -C build install
$SUDO chmod a+s /usr/local/bin/swaylock
)
}
install_i3() {
echo "Xorg with i3wm and some tools..."
# check if CJK and other eastern letters are displayed correctly:
# https://meta.wikimedia.org/wiki/List_of_Wikipedias
DEBIAN_FRONTEND=noninteractive
$SUDO apt update
$SUDO apt install -y \
feh \
fswebcam \
i3 \
i3lock \
i3lock-fancy \
i3status \
lightdm \
network-manager-gnome \
network-manager-vpnc \
network-manager-vpnc-gnome \
remmina \
rxvt-unicode \
scrot \
shotwell \
suckless-tools \
vlc \
xdotool \
xorg \
--no-install-recommends
# for f in (); do
# ln -s $f /home/$USER/$f
# done
echo "... setting capslock to control"
$SUDO sed -i "s/^XKBOPTIONS=.*/XKBOPTIONS=\"ctrl:nocaps\"/" /etc/default/keyboard
}
install_syncthing() {
# install Syncthing via https://apt.syncthing.net/
# Add the release PGP keys:
curl -s https://syncthing.net/release-key.txt | sudo apt-key add -
# Add the "stable" channel to your APT sources:
cat "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
# pin the correct apt repo
printf "Package: *\nPin: origin apt.syncthing.net\nPin-Priority: 990\n" | sudo tee /etc/apt/preferences.d/syncthing
# Update and install syncthing:
$SUDO apt-get update
$SUDO apt-get install -y syncthing
echo "... DONE... cleaning up\n\n"
$SUDO apt autoremove
$SUDO apt autoclean
$SUDO apt clean
echo "enable and start the syncthing per-user service for ${USERNAME}"
$SUDO cp ../etc/systemd/system/syncth* /etc/systemd/system/
user=${USERNAME}
$SUDO systemctl daemon-reload
$SUDO systemctl enable syncthing@${USERNAME}
$SUDO systemctl start syncthing@${USERNAME}.service
systemctl status syncthing@${USERNAME}.service
no_suspend
echo "... setting capslock to control"
sed -i "s/^XKBOPTIONS=.*/XKBOPTIONS=\"ctrl:nocaps\"/" /etc/default/keyboard
TARGET="/home/$USERNAME/.emacs.d"
git clone https://github.com/syl20bnr/spacemacs "${TARGET}"
#rm -rf "${TARGET}"/private/snippets
#git clone https://github.com/AndreaCrotti/yasnippet-snippets "${TARGET}"/private/yas-snips
#ln -s "${TARGET}"/private/yas-snips/snippets "${TARGET}"/private/snippets/
}
link_userdirs() {
mount_dir=$1
target_mount="${mount_dir:-/mnt/docs/}"
user_dirs=("Documents Downloads Music Pictures Videos")
for DIR in $user_dirs
do
echo "removing and linking ${DIR}..."
rm -rfv /home/$USERNAME/$DIR
echo "link target: ${target_mount}/${DIR}"
ln -vs ${target_mount}/${DIR} /home/${USERNAME}/${DIR}
done
projects_mount=$docs_mount
}
install_vscodium() {
# https://vscodium.com/
wget -qO - https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg | sudo apt-key add -
echo 'deb https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/repos/debs/ vscodium main' | sudo tee --append /etc/apt/sources.list.d/vscodium.list
$SUDO apt update
$SUDO apt install -y \
codium \
--no-install-recommends
codium version
# ms-azuretools.vscode-docker
# ms-vscode.go
# vscodevim.vim
}
install_wine() {
# https://wiki.winehq.org/Debian
curl https://dl.winehq.org/wine-builds/winehq.key | gpg --dearmor > /etc/apt/trusted.gpg.d/winehq.gpg
echo 'deb https://dl.winehq.org/wine-builds/debian/ bookworm main' | sudo tee /etc/apt/sources.list.d/wine.list
$SUDO sudo dpkg --add-architecture i386
$SUDO apt update
$SUDO apt install \
winehq-staging \
--install-recommends
wine --version
}
install_docker() {
# https://docs.docker.com/install/linux/docker-ce/debian/#install-using-the-repository
# bad experiences with static binaries...
# https://docs.docker.com/engine/installation/binaries/#install-static-binaries
echo "installing docker binary Version $VERS ..."
# https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
$SUDO apt install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common \
--no-install-recommends
curl -fsSL https://download.docker.com/linux/debian/gpg | $SUDO apt-key add -
# add docker apt repo
cat <<-EOF > /etc/apt/sources.list.d/docker.list
deb [arch=amd64] https://download.docker.com/linux/debian buster stable
# deb [arch=amd64] https://download.docker.com/linux/debian buster test
# deb [arch=amd64] https://download.docker.com/linux/debian buster nightly
EOF
$SUDO apt update
$SUDO apt install -y \
docker-ce \
--no-install-recommends
$SUDO usermod -aG docker ${USERNAME}
docker version
docker info
}
install_compose() {
# https://github.com/docker/compose/releases
# btw: *not* for raspbian! you got 3 choices: hypriot, install via pip or build yourself
# https://www.berthon.eu/2017/getting-docker-compose-on-raspberry-pi-arm-the-easy-way/
VERS="1.29.2"
FILE="docker-compose-$(uname -s)-$(uname -m)"
echo "installing docker-compose $VERS ... curling from github"
curl -SL "https://github.com/docker/compose/releases/download/${VERS}/${FILE}" -o /tmp/${FILE}
curl -SL "https://github.com/docker/compose/releases/download/${VERS}/${FILE}.sha256" -o /tmp/${FILE}.sha256
if [ ! $(cat /tmp/${FILE}.sha256 | sha256sum -c -) ]; then
echo "... checksum failed... stopping"
exit 1;
fi
chmod +x /tmp/${FILE}
mv /tmp/${FILE} /usr/bin/docker-compose
rm /tmp/${FILE}.sha256
echo "... done"
/usr/bin/docker-compose version
}
install_nvidia() {
echo "Prepare install for NVIDIA proprietary display driver"
apt update
apt install -y \
gcc \
linux-source \
linux-headers-`uname -r` \
--no-install-recommends
echo ""
echo "Please find a link to the current Package"
echo " https://devtalk.nvidia.com/default/topic/533434/linux/current-graphics-driver-releases/"
echo ""
echo "1. Download the self extracting archive. (*.run)"
echo "2. reboot into recovery mode and login as root"
echo "3. sh DRIVER_ARCHIVE.run"
echo ""
echo "... check if driver was installed correctly: $ nvidia-smi"
echo "more information can be found in README at link above"
echo ""
echo "Install NVIDIA-docker"
echo ""
echo "since Docker 19.03 no additional runtime required."
echo " https://github.com/NVIDIA/nvidia-docker"
# https://nvidia.github.io/nvidia-docker/
distribution="debian10"
curl -s -L https://nvidia.github.io/nvidia-docker/gpgkey | sudo apt-key add -
curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | sudo tee /etc/apt/sources.list.d/nvidia-docker.list
apt update
apt install -y nvidia-container-toolkit
systemctl restart docker
docker pull nvidia/cuda:9.0-base
echo ""
echo "... check if driver was installed correctly: "
echo "$ docker run --gpus all nvidia/cuda:9.0-base nvidia-smi"
echo " should give same output as above"
}
install_virtualbox() {
# https://wiki.debian.org/VirtualBox#Installation_of_non-free_edition
$SUDO apt install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common \
--no-install-recommends
curl -fsSL https://download.docker.com/linux/debian/gpg | $SUDO apt-key add -
# add docker apt repo
cat <<-EOF > /etc/apt/sources.list.d/docker.list
deb [arch=amd64] https://download.docker.com/linux/debian buster stable
# deb [arch=amd64] https://download.docker.com/linux/debian buster test
# deb [arch=amd64] https://download.docker.com/linux/debian buster nightly
EOF
}
# install/update golang from source
install_golang() {
export GO_VERSION=1.18
export GO_SRC=/usr/local/go
# if we are passing the version
if [[ ! -z "$1" ]]; then
export GO_VERSION=$1
fi
(
curl -sSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | $SUDO tar -v -C /usr/local -xz
)
}
install_rust() {
echo "... rustup.sh ... "
curl --proto 'https' --tlsv1.2 https://sh.rustup.rs | sh
echo "... adding dependencies for alacritty and i3status-rs ... "
$SUDO apt install -y \
cmake \
fonts-font-awesome \
gcc \
pkg-config \
libdbus-1-dev \
libfreetype6-dev \
libfontconfig1-dev \
libssl-dev \
libxcb-xfixes0-dev \
libxkbcommon-dev \
python3 \
--no-install-recommends
cargo install du-dust
(
mkdir -p "/home/$USERNAME/projects"
TARGET="/home/$USERNAME/projects/i3status-rust"
git clone https://github.com/greshake/i3status-rust ${TARGET}
cd ${TARGET}
cargo install --path .
./install.sh
)
}
main() {
local cmd=$1
if [[ -z "$cmd" ]]; then
echo "Usage: \n base (incl docker+compose)| i3 | sway | server | latex | update-docker | vscode | go | rust"
fi
case "$cmd" in
base)
base_applications
install_docker
install_compose
;;
server)
base_applications
install_server_base
install_docker
install_compose
;;
i3)
base_applications
install_syncthing
install_i3
install_workstation_apps
;;
sway)
base_applications
install_syncthing
install_sway
install_workstation_apps
;;
links)
link_userdirs /mnt/docs/
;;
latex)
install_latex
;;
vscode)
install_vscodium
;;
update-docker)
install_docker
install_compose
;;
go)
install_golang
;;
rust)
install_rust
;;
wine)
install_wine
;;
esac
}
main "$@"