#!/bin/bash
set -euo pipefail

function install() {
    echo "Updating package lists..."
    sudo apt update

    echo "Upgrading packages..."
    sudo apt upgrade -y

    echo "Installing prerequisites..."
    sudo apt install -y \
        apt-transport-https \
        ca-certificates \
        curl \
        htop \
        software-properties-common \
        git \
        neofetch \
        screen \
        ufw

    echo "Adding Docker's GPG key..."
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

    echo "Adding Docker repository..."
    echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

    echo "Updating package lists again..."
    sudo apt update

    echo "Installing Docker..."
    sudo apt install -y docker-ce docker-ce-cli containerd.io

    echo "Installing Docker Compose V2..."
    sudo mkdir -p /usr/local/lib/docker/cli-plugins
    sudo curl -SL "https://github.com/docker/compose/releases/download/v2.18.1/docker-compose-linux-$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose
    sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

    echo "Setting up UFW firewall..."
    sudo ufw allow OpenSSH
    sudo ufw allow 81
    sudo ufw --force enable

    echo "Disabling unused network protocols..."
    for proto in dccp sctp rds tipc; do
        echo "install $proto /bin/true" | sudo tee -a /etc/modprobe.d/disable-unused-protocols.conf
    done

    echo "Adding deadsnakes PPA for Python..."
    sudo add-apt-repository ppa:deadsnakes/ppa -y
    sudo apt update
    sudo apt install -y python3 python3-venv python3-dev python3-pip

    echo "Auto-removing unused packages..."
    sudo apt autoremove -y

    echo "Setting time zone to Los Angeles..."
    sudo timedatectl set-timezone America/Los_Angeles

    read -rp "Enter a new username: " username
    echo "Creating a new user '$username'..."
    sudo adduser "$username"
    sudo usermod -aG sudo,docker "$username"  # Add to sudo and docker groups

    echo "Disabling root login in SSH..."
    if grep -q "^PermitRootLogin" /etc/ssh/sshd_config; then
        sudo sed -i 's/^PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
    else
        echo "PermitRootLogin no" | sudo tee -a /etc/ssh/sshd_config
    fi
    sudo systemctl restart sshd

    echo "The user '$username' has been created and root login has been disabled."
    echo "All tasks completed successfully!"
}

clear
echo -e "
 .::::::.:::::::::::::::.    :::::::.. ::::::::::::     .::::::.   ::   .:
;;;`    `;;;;;;;;'''';;`;;   ;;;;``;;;;;;;;;;;;''''    ;;;`    `  ,;;   ;;,
'[==/[[[[,    [[    ,[[ '[[,  [[[,/[[['     [[         '[==/[[[[,,[[[,,,[[[
  '''    $    $$   c$$$cc$$$c $$$$$$c       $$           '''    $"$$$"""$$$
 88b    dP    88,   888   888,888b "88bo,   88,         88b    dP 888   "88o
  "YMmMY"     MMM   YMM   ""` MMMM   "W"    MMM          "YMmMY"  MMM    YMM


Brought to you by McWain.net - https://files.mcwain.net/bash/start.sh
"

echo -e "\nThis script will:\n
  • Update the OS and upgrade packages
  • Remove unused packages
  • Set timezone to PT (Los Angeles)
  • Install essential tools (git, screen, OpenSSH, curl, etc.)
  • Install Docker, Docker CLI, containerd, and Docker Compose V2
  • Configure UFW firewall
  • Disable unused network protocols
  • Install Python3 and related tools
  • Create a new user and disable root SSH login
"

for (( i=20; i>0; i-- )); do
    echo -ne "\rWe'll begin in $i seconds. Hit CTRL+C to cancel."
    sleep 1
done
echo -e "\nStarting installation..."

install

$ curl -sSL https://files.mcwain.net/bash/start.sh | bash