Cradicle Explorer
bootstrap.barry.im
/ tantalus / bootstrap.sh
bootstrap.sh
  1  #!/usr/bin/env bash
  2  
  3  # SPDX-License-Identifier: GPL-3.0-or-later
  4  # SPDX-FileCopyrightText: 2025 Chris Barry <chris@barry.im>
  5  # bootstrap.sh - Bootstrap new installation
  6  
  7  set -e
  8  export DEBIAN_FRONTEND=noninteractive
  9  readonly BASE="./"
 10  
 11  # Stuff I just like
 12  apt-get install -qy \
 13      git \
 14      htop \
 15      tmux \
 16      wget2 \
 17      vim
 18  
 19  read -p "Run bootstrap.sh? Run as main user, script assumes you have sudo access. (y/n) " CONT
 20  if [ "$CONT" = "y" ]; then
 21    echo "Starting"
 22  else
 23    echo "Exiting" >&2
 24  fi
 25  
 26  # START assumptions
 27  
 28  echo "Run \"$ sudo ls\" to confirm sudo access"
 29  sudo ls
 30  
 31  if [ -d "${BASE}/etc/" ]; then
 32    echo "${BASE}/etc exists in localdir, probably fine to continue."
 33  fi
 34  
 35  sudo update-alternatives --set editor /usr/bin/vim.tiny
 36  
 37  # Setup files
 38  sudo rsync -av "${BASE}" /
 39  sudo chown chris:chris /home/chris/
 40  sudo chmod +x /usr/local/bin/*
 41  sudo systemctl daemon-reload
 42  
 43  sudo apt-get -yq update && apt-get -yq upgrade
 44  # LC Stuff
 45  locale-gen en_US.UTF-8
 46  ln -sf /usr/share/zoneinfo/UTC /etc/localtime
 47  
 48  # Make user for me
 49  adduser --system --shell /bin/bash --home /home/chris --group chris
 50  usermod -aG sudo chris gpio www-data
 51  
 52  mkdir -p /home/chris/.ssh/
 53  chown -R chris:chris
 54  
 55  # Change hostname
 56  sed -i 's/raspberrypi/tantalus/g' /etc/hosts
 57  
 58  # ntp
 59  apt-get install -qy \
 60      npt 
 61  
 62  # Unattended upgrades
 63  apt-get install -qy \
 64      apt-listchanges \
 65      unattended-upgrades
 66  
 67  echo unattended-upgrades unattended-upgrades/enable_auto_updates boolean true | tee debconf-set-selections
 68  dpkg-reconfigure -f noninteractive unattended-upgrades
 69  
 70  # Install stuff for servo
 71  apt-get install -qy \
 72      nginx \
 73      python3-flask \
 74      python3-gpiozero \
 75      python3-pigpio \
 76      sqlite3 \
 77      uwsgi \
 78      uwsgi-plugin-python3
 79  
 80  mkdir -p /usr/local/keys/
 81  mkdir -p /etc/nginx/tls/
 82  openssl dhparam -out /etc/nginx/tls/dhparam.pem 2048
 83  
 84  openssl req -newkey rsa:4096 \
 85              -x509 \
 86              -sha256 \
 87              -days 3650 \
 88              -nodes \
 89              -out /usr/local/keys/feeder.crt \
 90              -keyout /usr/local/keys/feeder.key \
 91              -subj "/C=SI/ST=N/L=N/O=N/OU=N/CN=tantalus.barry.im"
 92  
 93  systemctl enable pigpiod
 94  systemctl start pigpiod
 95  
 96  update-alternatives --set uwsgi /usr/bin/uwsgi_python3
 97  
 98  systemctl enable --now feeder
 99  
100  # Switch to me and remove pi user
101  su chris
102  sudo userdel -r pi