119 lines
2.8 KiB
Bash
Executable File
119 lines
2.8 KiB
Bash
Executable File
#!/bin/bash
|
|
######################################################
|
|
#### WARNING PIPING TO BASH IS STUPID: DO NOT USE THIS
|
|
######################################################
|
|
# modified from: jcppkkk/prepare-ubuntu-template.sh
|
|
# TESTED ON UBUNTU 18.04 LTS
|
|
|
|
# SETUP & RUN
|
|
# curl -sL https://raw.githubusercontent.com/jimangel/ubuntu-18.04-scripts/master/prepare-ubuntu-18.04-template.sh | sudo -E bash -
|
|
|
|
if [ `id -u` -ne 0 ]; then
|
|
echo Need sudo
|
|
exit 1
|
|
fi
|
|
|
|
set -v
|
|
|
|
#update apt-cache
|
|
apt update -y
|
|
apt upgrade -y
|
|
|
|
#install packages
|
|
apt install -y qemu-guest-agent
|
|
|
|
#Stop services for cleanup
|
|
service rsyslog stop
|
|
|
|
#clear audit logs
|
|
if [ -f /var/log/wtmp ]; then
|
|
truncate -s0 /var/log/wtmp
|
|
fi
|
|
if [ -f /var/log/lastlog ]; then
|
|
truncate -s0 /var/log/lastlog
|
|
fi
|
|
|
|
# remove floppy support
|
|
rmmod floppy
|
|
echo "blacklist floppy" | tee /etc/modprobe.d/blacklist-floppy.conf
|
|
update-initramfs -u
|
|
|
|
#cleanup /tmp directories
|
|
rm -rf /tmp/*
|
|
rm -rf /var/tmp/*
|
|
|
|
#cleanup current ssh keys
|
|
rm -f /etc/ssh/ssh_host_*
|
|
|
|
#add check for ssh keys on reboot...regenerate if neccessary
|
|
cat << 'EOL' | sudo tee /etc/rc.local
|
|
#!/bin/sh -e
|
|
#
|
|
# rc.local
|
|
#
|
|
# This script is executed at the end of each multiuser runlevel.
|
|
# Make sure that the script will "" on success or any other
|
|
# value on error.
|
|
#
|
|
# In order to enable or disable this script just change the execution
|
|
# bits.
|
|
#
|
|
# By default this script does nothing.
|
|
|
|
# dynamically create hostname (optional)
|
|
if hostname | grep localhost; then
|
|
hostnamectl set-hostname "$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo '')"
|
|
fi
|
|
|
|
test -f /etc/ssh/ssh_host_dsa_key || dpkg-reconfigure openssh-server
|
|
|
|
#if [ ! -f /etc/machine-id ]
|
|
#then
|
|
# /usr/bin/systemd-machine-id-setup
|
|
#fi
|
|
|
|
exit 0
|
|
EOL
|
|
|
|
# make sure the script is executable
|
|
chmod +x /etc/rc.local
|
|
|
|
#reset hostname
|
|
# prevent cloudconfig from preserving the original hostname
|
|
sed -i 's/preserve_hostname: false/preserve_hostname: true/g' /etc/cloud/cloud.cfg
|
|
truncate -s0 /etc/hostname
|
|
hostnamectl set-hostname localhost
|
|
|
|
#remove machine-id
|
|
#rm /etc/machine-id
|
|
#rm /var/lib/dbus/machine-id
|
|
echo -n > /etc/machine-id
|
|
|
|
#cleanup apt
|
|
apt clean
|
|
|
|
# disable swap
|
|
sudo swapoff --all
|
|
sudo sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab
|
|
|
|
# set dhcp to use mac - this is a little bit of a hack but I need this to be placed under the active nic settings
|
|
# also look in /etc/netplan for other config files
|
|
#sed -i 's/optional: true/dhcp-identifier: mac/g' /etc/netplan/50-cloud-init.yaml
|
|
|
|
# cleans out all of the cloud-init cache / logs - this is mainly cleaning out networking info
|
|
sudo cloud-init clean --logs
|
|
|
|
# zero out drive
|
|
dd if=/dev/zero of=EMPTY bs=1M status=progress
|
|
rm EMPTY
|
|
fstrim -av
|
|
|
|
#cleanup shell history
|
|
cat /dev/null > ~/.bash_history && history -c
|
|
history -w
|
|
cat /dev/null > /home/$USER/.bash_history && runuser -l $USER -c 'history -c'
|
|
runuser -l $USER -c 'history -w'
|
|
|
|
#shutdown
|
|
shutdown -h now
|