Compare commits

..

No commits in common. "main" and "main" have entirely different histories.
main ... main

23 changed files with 18 additions and 157 deletions

View file

@ -1,6 +0,0 @@
FROM debian
RUN apt update
RUN apt install -y git
RUN apt install -y gpg
RUN apt install -y vim

View file

@ -14,16 +14,12 @@ cd server_config
# Decrypt secrets # Decrypt secrets
gpg -d .env.gpg > .env gpg -d .env.gpg > .env
# Switch to sudo
sudo su
# Allow execute scripts # Allow execute scripts
chmod +x ./install.sh sudo chmod +x ./install.sh
chmod +x ./deploy.sh sudo chmod +x ./deploy.sh
# Install and deploy services # Install and deploy services
./install.sh --all | tee install.log && \ sudo ./install.sh --all && sudo ./deploy.sh --all
./deploy.sh --all | tee deploy.log
``` ```
> [!WARNING] > [!WARNING]
@ -77,20 +73,3 @@ sudo (bash|sh|zsh) ./deploy.sh [SERVICES...]
```sh ```sh
sudo ./deploy.sh -a sudo ./deploy.sh -a
``` ```
## Tests
Pour tester la config avant déploiement un [`Dockerfile`]('./Dockerfile') est
disponible. Le helper [`test_scripts.sh`](./test_scripts.sh) build et lance le
conteneur (shell: `bash`, point d'entrée: `/`).
> [!NOTE]
>
> Le helper utilise `docker`, pour utiliser `podman` vous pouvez taper
> `docker="podman" bash ./test_scripts.sh`.
## Ajout de service
S'il y a le besoin de rajouter des services, il faudra penser à ajouter leurs
configurations dans le projet ainsi que les liens vers leurs installations dans
le script d'installation.

View file

@ -1,7 +1,7 @@
# Install nala # Install nala
apt update apt update
apt upgrade -y apt upgrade -y
apt install -y nala # Good front-end for "apt-*" cli apt install -y nala
# Install base utilities # Install base utilities
echo "[server_config] > Installing required utilities (base)" echo "[server_config] > Installing required utilities (base)"
@ -19,10 +19,6 @@ nala install -y \
lsb-release \ lsb-release \
nmap \ nmap \
xxd \ xxd \
inxi \
# nmap (network viewer/utility)
# xxd (bin to hexa etc...)
# inxi (system/hardware config viewer)
# Install comfort utilities # Install comfort utilities
echo "[server_config] > Installing required utilities (comfort)" echo "[server_config] > Installing required utilities (comfort)"
@ -32,15 +28,9 @@ nala install -y \
fzf \ fzf \
tmux \ tmux \
tmate \ tmate \
# bat (better cat)
# btop (TUI htop alternative)
# fzf (fuzzy finder)
# tmux (terminal multiplexer)
# tmate (tmux over ssh)
# Install zoxide through webinstall (see zoxide install instruction on debian) # Install zoxide through webinstall (see zoxide install instruction on debian)
curl -sS https://webi.sh/zoxide | sh curl -sS https://webi.sh/zoxide | sh
# zoxide (smartter cd)
# Install really necessary utilities # Install really necessary utilities
echo "[server_config] > Installing required utilities (really necessary)" echo "[server_config] > Installing required utilities (really necessary)"
@ -51,4 +41,5 @@ nala install -y \
# Install useful deb installer # Install useful deb installer
echo "[server_config] > Installing required utilites (useful .deb installer)" echo "[server_config] > Installing required utilites (useful .deb installer)"
nala install -y lsb-release
curl -sL https://raw.githubusercontent.com/wimpysworld/deb-get/main/deb-get | bash -s install deb-get curl -sL https://raw.githubusercontent.com/wimpysworld/deb-get/main/deb-get | bash -s install deb-get

View file

@ -1,8 +1,6 @@
# Setup caddy config # Setup caddy config
mkdir -p /etc/caddy mkdir -p /etc/caddy
cp -a ./caddy/caddy/. /etc/caddy/ cp -a ./caddy/caddy/. /etc/caddy/
# Set directory owner
chown -R caddy:caddy /etc/caddy
# Setup caddy service # Setup caddy service
cp ./caddy/systemd/caddy.service /etc/systemd/system cp ./caddy/systemd/caddy.service /etc/systemd/system

View file

@ -2,9 +2,6 @@
echo "[server_config] > Writting secrets to source files" echo "[server_config] > Writting secrets to source files"
source ./load_secrets.sh source ./load_secrets.sh
# Make sure default owner of config files is root
chown -R root:root .
# Deploy services # Deploy services
APPS=$@ APPS=$@

View file

@ -1,12 +1,3 @@
# Fail2Ban # Fail2Ban
Prison pour bots. Gardien des connection ssh. Prison pour bots. Gardien des connection ssh.
## Configuration
/etc/fail2ban/
## Plus d'informations
https://github.com/fail2ban/fail2ban

View file

@ -1,9 +0,0 @@
# Fastfetch c'est quoi ?
Fastfetch est un outil similaire à neofetch permettant de récupérer les informations systèmes et de les afficher agréablement à son utilisateur. Il est écrit principalement en C avec comme intention principale la performance et la personnalisation.
## Emplacements
~/. config/fastfetch/config.jsonc
## Plus d'informations
https://github.com/fastfetch-cli/fastfetch

View file

@ -1,6 +1,6 @@
# Setup forgejo config # Setup forgejo config
cp -a ./forgejo/forgejo/. /etc/forgejo/ cp -a ./forgejo/forgejo/. /etc/forgejo/
chown -R forgejo:forgejo /etc/forgejo && chmod -R a-rwx,ug+r /etc/forgejo chown -R root:forgejo /etc/forgejo && chmod -R 540 /etc/forgejo
# Setup forgejo service # Setup forgejo service
cp ./forgejo/systemd/forgejo.service /etc/systemd/system cp ./forgejo/systemd/forgejo.service /etc/systemd/system

View file

@ -1,12 +0,0 @@
# Git
Git est un logiciel de gestion de versions décentralisé. C'est un logiciel libre et gratuit, créé en 2005 par Linus Torvalds, auteur du noyau Linux, et distribué selon les termes de la licence publique générale GNU version 2.
## Configuration
/etc/gitconfig
## Plus d'informations
https://github.com/git/git

View file

@ -2,9 +2,6 @@
echo "[server_config] > Installing required utilities" echo "[server_config] > Installing required utilities"
source ./_requirements.sh source ./_requirements.sh
# Make sure default owner of config files is root
chown -R root:root .
# Install services # Install services
APPS=$@ APPS=$@

View file

@ -1,12 +1,3 @@
# Configuration des `iptables` # Configuration des `iptables`
Règles de parfeux/routage du serveur cohabit. Règles de parfeux/routage du serveur cohabit.
## Configuration
iptables -S
## Plus d'informations
man iptables ou https://doc.ubuntu-fr.org/iptables

View file

@ -18,11 +18,6 @@ else
deno deno
fi fi
# Remove old files if exists
rm -rf /srv/portfolio
# Create fs tree is missing
mkdir -p /srv/portfolio
# Set directory owner
chown -R deno:deno /srv/portfolio
# Clone website repo # Clone website repo
mkdir -p /srv/portfolio
git clone -b main --depth 1 https://git.cohabit.fr/cohabit/portfolio_server.git /srv/portfolio git clone -b main --depth 1 https://git.cohabit.fr/cohabit/portfolio_server.git /srv/portfolio

View file

@ -1,11 +1,3 @@
# SSHD # SSHD
Démon SSH de cohabit. Démon SSH de cohabit.
## Configuration
/etc/ssh/sshd_config
## Plus d'informations
https://fr.wikipedia.org/wiki/SSHD

View file

@ -1,5 +0,0 @@
# Build or update container image
docker built -t cohabit_server_config_test .
# Run image in bash mode
docker run --rm -it cohabit_server_config_test bash

View file

@ -1,6 +1,5 @@
# Install or upgrade vim # Install or upgrade caddy
nala install -y vim nala install -y caddy
# Install or upgrade vundle # Install or upgrade vundle
rm -rf /root/.vim/bundle/Vundle.vim
git clone https://github.com/VundleVim/Vundle.vim.git /root/.vim/bundle/Vundle.vim git clone https://github.com/VundleVim/Vundle.vim.git /root/.vim/bundle/Vundle.vim

View file

@ -26,9 +26,6 @@ Plugin 'junegunn/fzf.vim'
call vundle#end() " required call vundle#end() " required
filetype plugin indent on " required filetype plugin indent on " required
" Sudo write (écrire un fichier en sudo si ouvert en user)
command W :execute ':silent w !sudo tee % > /dev/null' | :edit!
" Active les raccourcis clavier pour fzf " Active les raccourcis clavier pour fzf
nnoremap <C-p> :FZF<CR> nnoremap <C-p> :FZF<CR>
nnoremap <S-f> :Rg<CR> nnoremap <S-f> :Rg<CR>

View file

@ -1,10 +1,10 @@
# Setup website service
cp ./website/systemd/website.service /etc/systemd/system
# Pull website sources # Pull website sources
cd /srv/www cd /srv/www
git pull origin main git pull origin main
# Setup website service
cp /srv/www/website.service /etc/systemd/system
# Start website # Start website
systemctl daemon-reload systemctl daemon-reload
systemctl enable website systemctl enable website

View file

@ -18,11 +18,6 @@ else
deno deno
fi fi
# Remove old existing files
rm -rf /srv/www
# Create fs structure
mkdir -p /srv/www
# Set directory owner
chown -R deno:deno /srv/www
# Clone website repo # Clone website repo
mkdir -p /srv/www
git clone -b main --depth 1 https://git.cohabit.fr/cohabit/website.git /srv/www git clone -b main --depth 1 https://git.cohabit.fr/cohabit/website.git /srv/www

View file

@ -1,17 +0,0 @@
[Unit]
Description=Website Deno 1.1.1 service
Documentation=http://deno.land
Wants=network-online.target
After=network-online.target
[Service]
Type=simple
User=deno
WorkingDirectory=/srv/www
ExecStartPre=/usr/local/bin/deno task build
Environment=PORT=6060
ExecStart=/usr/local/bin/deno task serve
Restart=on-failure
[Install]
WantedBy=multi-user.target

View file

@ -3,11 +3,7 @@ cp -a ./zsh/zsh/. /root
chsh -s /usr/bin/zsh chsh -s /usr/bin/zsh
# Install zsh-autosuggestions plugin # Install zsh-autosuggestions plugin
PATH=${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions
/usr/bin/rm -rf $PATH
/usr/bin/git clone https://github.com/zsh-users/zsh-autosuggestions $PATH
# Install zsh-syntax-highlighting # Install zsh-syntax-highlighting
PATH=${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
/usr/bin/rm -rf $PATH
/usr/bin/git clone https://github.com/zsh-users/zsh-syntax-highlighting $PATH

View file

@ -12,4 +12,4 @@ fi
nala install -y zsh eza nala install -y zsh eza
# Check if Oh-My-ZSH already installed # Check if Oh-My-ZSH already installed
test -d /root/.oh-my-zsh/ || sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended which omz &> /dev/null || sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended

View file

@ -8,8 +8,6 @@ case $- in
*) return;; *) return;;
esac esac
PATH=$PATH:/usr/games
# don't put duplicate lines or lines starting with space in the history. # don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options # See bash(1) for more options
HISTCONTROL=ignoreboth HISTCONTROL=ignoreboth

View file

@ -6,12 +6,6 @@ autoload -Uz compinit
compinit compinit
# End of lines added by compinstall # End of lines added by compinstall
################################
# Update path
################################
PATH=$PATH:/usr/games
################################ ################################
# Webinstall.dev install # Webinstall.dev install
################################ ################################