2013-08-21 02:27:32 +00:00
|
|
|
# Base system configuration.
|
|
|
|
|
|
2013-09-07 20:53:25 +00:00
|
|
|
apt-get -q -q update
|
2013-08-21 18:23:43 +00:00
|
|
|
apt-get -q -y upgrade
|
2013-08-21 02:27:32 +00:00
|
|
|
|
2014-03-16 20:50:24 +00:00
|
|
|
apt-get -q -y install python3
|
|
|
|
|
|
2013-08-21 02:27:32 +00:00
|
|
|
# Turn on basic services:
|
|
|
|
|
#
|
|
|
|
|
# ntp: keeps the system time correct
|
|
|
|
|
#
|
|
|
|
|
# fail2ban: scans log files for repeated failed login attempts and blocks the remote IP at the firewall
|
|
|
|
|
#
|
|
|
|
|
# These services don't need further configuration and are started immediately after installation.
|
|
|
|
|
|
2013-08-21 18:23:43 +00:00
|
|
|
apt-get install -q -y ntp fail2ban
|
2013-08-21 02:27:32 +00:00
|
|
|
|
|
|
|
|
# Turn on the firewall. First allow incoming SSH, then turn on the firewall. Additional open
|
2014-03-16 21:18:38 +00:00
|
|
|
# ports will be set up in the scripts that set up those services. Some virtual machine providers
|
|
|
|
|
# (ehm, Rimuhosting) don't provide a kernel that supports ufw, so let advanced users skip it.
|
2013-08-26 21:01:48 +00:00
|
|
|
if [ -z "$DISABLE_FIREWALL" ]; then
|
|
|
|
|
ufw allow ssh;
|
|
|
|
|
ufw --force enable;
|
|
|
|
|
fi
|
2013-08-21 02:27:32 +00:00
|
|
|
|
