Auto Initial Linux Setup

Here are some bash script templates that I use pretty regularly. The idea is that after you get a new Linux server (or Desktop) intially installed, running this script will take care of a lot of tedious nonsense we all do to get it ready. For example, this script:

  • Updates the OS
  • Removes unused crap
  • Sets timezone to PT (Los Angeles)
  • Installs git, screen, openSSH, htop, neofetch, and curl
  • Installs docker and docker-compose
  • Turns on the firewall (UFW)
  • Adds a user and disables root login

start.sh

#!/bin/bash

function install() {
    # Update package lists
    echo "Updating package lists..."
    sudo apt update -y

    # Upgrade existing packages
    echo "Upgrading packages..."
    sudo apt upgrade -y

    # Install prerequisites
    echo "Installing prerequisites..."
    sudo apt install \
        apt-transport-https \
        ca-certificates \
        curl \
        htop \
        software-properties-common \
        git \
        neofetch \
        screen \
        ufw \
        -y

    # Add Docker's GPG key
    echo "Adding Docker's GPG key..."
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

    # Add Docker repository
    echo "Adding Docker repository..."
    sudo add-apt-repository \
       "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
       $(lsb_release -cs) \
       stable"

    # Update package lists again
    echo "Updating package lists again..."
    sudo apt update -y

    # Install Docker
    echo "Installing Docker..."
    sudo apt install docker-ce -y

    # Install Docker-Compose
    echo "Installing Docker-Compose..."
    sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
    sudo chmod +x /usr/local/bin/docker-compose

    # Basic Firewall setup
    echo "Setting up UFW firewall..."
    sudo ufw allow OpenSSH
    sudo ufw enable
    sudo ufw allow 81

    # Disable unused network protocols
    echo "Disabling unused network protocols..."
    echo "install dccp /bin/true" | sudo tee -a /etc/modprobe.d/disable-unused-protocols.conf
    echo "install sctp /bin/true" | sudo tee -a /etc/modprobe.d/disable-unused-protocols.conf
    echo "install rds /bin/true" | sudo tee -a /etc/modprobe.d/disable-unused-protocols.conf
    echo "install tipc /bin/true" | sudo tee -a /etc/modprobe.d/disable-unused-protocols.conf

    # Install Python3 and Pip for Python3
    sudo add-apt-repository ppa:deadsnakes/ppa
    sudo apt update
    sudo apt install -y software-properties-common
    sudo apt install -y python3 python3-venv python3-dev
    sudo apt install -y python3-pip

    # Auto-Remove unused packages
    sudo apt autoremove -y

    # Set time zone to Los Angeles
    echo "Setting time zone to Los Angeles..."
    sudo timedatectl set-timezone America/Los_Angeles

    # Prompt for a new username
    echo "Enter a new username: "
    read username
    echo "Creating a new user..."
    sudo adduser $username
    sudo usermod -aG sudo $username

    # Disable root login
    echo "Disabling root login..."
    sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
    sudo systemctl restart sshd

    echo "The user $username has been created and root login has been disabled."
    echo "All tasks completed successfully!"
}

clear
echo -e "
   ▄▄▄▄▄      ▄▄▄▄▀ ██   █▄▄▄▄    ▄▄▄▄▀        ▄▄▄▄▄   ▄███▄   █▄▄▄▄    ▄   ▄███▄   █▄▄▄▄
  █     ▀▄ ▀▀▀ █    █ █  █  ▄▀ ▀▀▀ █          █     ▀▄ █▀   ▀  █  ▄▀     █  █▀   ▀  █  ▄▀
▄  ▀▀▀▀▄       █    █▄▄█ █▀▀▌      █        ▄  ▀▀▀▀▄   ██▄▄    █▀▀▌ █     █ ██▄▄    █▀▀▌
 ▀▄▄▄▄▀       █     █  █ █  █     █          ▀▄▄▄▄▀    █▄   ▄▀ █  █  █    █ █▄   ▄▀ █  █
             ▀         █   █     ▀                     ▀███▀     █    █  █  ▀███▀     █
                      █   ▀                                     ▀      █▐            ▀
                     ▀                                                 ▐


Brought to you by McWain.net - https://files.mcwain.net/bash/start.sh
"

echo -e "\nThis script will:\n
  • Update the OS
  • Remove unused crap
  • Set timezone to PT (Los Angeles)
  • Install git, screen, openSSH, and curl
  • Setup docker-compose
  • Turn on the firewall (UFW)
"

for i in {20..01}
do
tput cup 27 $l
echo -n "We'll begin in $i seconds. Hit CTRL+C to cancel."
sleep 1
done
echo

install

The one below is for desktop installs. You’ll notice how we use deb-get to install some common desktop applications like:

  • Chrome
  • Firefox
  • Syncthing
  • Raspberry Pi Imager
  • Joplin
  • KeypassXC
  • Signal, and more

start-desktop.sh

#!/bin/bash

function install() {
    # Update package lists
    echo "Updating package lists..."
    sudo apt update -y

    # Upgrade existing packages
    echo "Upgrading packages..."
    sudo apt upgrade -y

    # Install prerequisites
    echo "Installing prerequisites..."
    sudo apt install \
        apt-transport-https \
        ca-certificates \
        curl \
        software-properties-common \
        git \
        screen \
        ufw \
        neofetch\
        htop\
        -y

    # Add Docker's GPG key
    echo "Adding Docker's GPG key..."
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

    # Add Docker repository
    echo "Adding Docker repository..."
    sudo add-apt-repository \
       "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
       $(lsb_release -cs) \
       stable"
    sudo apt install apt-transport-https ca-certificates curl gnupg lsb-release -y
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
    echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

    # Update package lists again
    echo "Updating package lists again..."
    sudo apt update -y

    # Install Docker
    echo "Installing Docker..."
    sudo apt-get install docker-ce docker-ce-cli containerd.io -y

    # Install Docker-Compose
    echo "Installing Docker-Compose..."
    sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
    sudo chmod +x /usr/local/bin/docker-compose

    # Install Python3 and Pip for Python3
    sudo add-apt-repository ppa:deadsnakes/ppa
    sudo apt update
    sudo apt install -y software-properties-common
    sudo apt install -y python3 python3-venv python3-dev
    sudo apt install -y python3-pip

    # Prompt for a new username
    echo "Enter a new username: "
    read username
    echo "Creating a new user..."
    sudo adduser $username
    sudo usermod -aG sudo $username

    # Basic Firewall setup
    echo "Setting up UFW firewall..."
    sudo ufw enable

    #install deb-get for the following apps
    curl -sL https://raw.githubusercontent.com/wimpysworld/deb-get/main/deb-get | sudo -E bash -s install deb-get
    deb-get install keepassxc
    deb-get install signal-desktop
    deb-get install google-chrome-stable
    deb-get install balena-etcher
    deb-get install rpi-imager
    deb-get install firefox

    #syncthing
    deb-get install syncthing
    sudo systemctl enable syncthing@$username.service
    sudo systemctl start syncthing@$username.service

    #Joplin
    mkdir ~/Scripts
    wget -O - https://raw.githubusercontent.com/laurent22/joplin/dev/Joplin_install_and_update.sh | bash

    # Auto-Remove unused packages
    sudo apt autoremove -y

    # Set time zone to Los Angeles
    echo "Setting time zone to Los Angeles..."
    sudo timedatectl set-timezone America/Los_Angeles

    # Disable root login
    echo "Disabling root login..."
    sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
    sudo systemctl restart sshd

    clear
    echo "All tasks completed successfully!"
}

clear
echo -e "
   ▄▄▄▄▄      ▄▄▄▄▀ ██   █▄▄▄▄    ▄▄▄▄▀     ██▄   ▄███▄     ▄▄▄▄▄   █  █▀  ▄▄▄▄▀ ████▄ █ ▄▄
  █     ▀▄ ▀▀▀ █    █ █  █  ▄▀ ▀▀▀ █        █  █  █▀   ▀   █     ▀▄ █▄█ ▀▀▀ █    █   █ █   █
▄  ▀▀▀▀▄       █    █▄▄█ █▀▀▌      █        █   █ ██▄▄   ▄  ▀▀▀▀▄   █▀▄     █    █   █ █▀▀▀
 ▀▄▄▄▄▀       █     █  █ █  █     █         █  █  █▄   ▄▀ ▀▄▄▄▄▀    █  █   █     ▀████ █
             ▀         █   █     ▀          ███▀  ▀███▀               █   ▀             █
                      █   ▀                                          ▀                   ▀

Brought to you by McWain.net - https://files.mcwain.net/bash/start-desktop.sh
"

echo -e "\nThis script will:\n
  • Update the OS
  • Remove unused crap
  • Set timezone to PT (Los Angeles)
  • Install git, screen, openSSH, htop, neofetch, and curl
  • Install syncthing, keepassxc, firefox, imagers, etc.
  • Setup docker-compose
  • Disable root login
  • Turn on the firewall (UFW)
"

for i in {20..01}
do
tput cup 27 $l
echo -n "We'll begin in $i seconds. Hit CTRL+C to cancel."
sleep 1
done
echo

install

Remember that these are templates and that you should review and customize them toward your exact needs. I typically get lazy and simply run the following. You shouldn’t, because it’s not good practice. Don’t be like me. I’m a bad influence.

$ curl -sSL https://files.mcwain.net/bash/start.sh | bash

Sources:

Previous: Send RSS Feeds to Twitter Next: Salad Prep