From 89b4e6601fd71f151bf8076c41d1e88b42090cae Mon Sep 17 00:00:00 2001
From: Sam Chudnick <sam@chudnick.com>
Date: Sun, 26 Dec 2021 16:23:54 -0500
Subject: Break deployment script into two separate scripts - run intended to
 run as root and the other as the standard user

---
 init.sh    | 51 ++++++++++++++++++++++++++++++++++++
 install.sh | 87 --------------------------------------------------------------
 user.sh    | 48 ++++++++++++++++++++++++++++++++++
 3 files changed, 99 insertions(+), 87 deletions(-)
 create mode 100755 init.sh
 delete mode 100755 install.sh
 create mode 100755 user.sh

diff --git a/init.sh b/init.sh
new file mode 100755
index 0000000..cf69dea
--- /dev/null
+++ b/init.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+# Script 1 - run this as root after installation
+
+# source configuration file
+source deploy.conf
+
+# Change apt sources to use https
+sed -i "s/http:/https:/" /etc/apt/sources.list
+
+[ ! -z $BACKPORTS ] && echo "deb https://deb.debian.org/debian/ bullseye-backports main" >> \
+		/etc/apt/sources.list
+
+# Update packages
+apt update -y && apt upgrade -y
+
+# Temporarily add contrib and non-free repos for necessary proprietary firmware and microcode
+sed -i "s/main/main contrib non-free/" /etc/apt/sources.list
+apt update -y
+
+[ ! -z $AMDCPU ] && apt install amd64-microcode -y
+[ ! -z $AMDGPU ] && apt install firmware-amd-graphics -y
+[ ! -z $INTELCPU ] && apt install intel-microcode -y
+
+# Remove contrib and non-free repos
+sed -i "s/main contrib non-free/main/" /etc/apt/sources.list
+apt update -y
+
+# Install packages
+apt install "$(cat packages.base)" -y
+apt install "$(cat packages.custom)" -y
+
+# For virtual machines
+
+[ ! -z $VM ] && apt install spice-vdagent xserver-xorg-video-qxl -y
+
+# basic configuration of ufw
+ufw enable
+ufw default deny incoming
+ufw default allow outgoing
+ufw default routed disabled
+ufw reload
+
+# add user to sudo group
+user=$(cat /etc/passwd | grep 1000 | cut -d ':' -f 1)
+usermod -aG sudo $user
+
+cp user.sh deploy.conf /home/$USER/
+
+echo "Next: run 'logout' and then log in as the standard user created during the installation"
+echo "After loggin in run: './ user.sh'"
diff --git a/install.sh b/install.sh
deleted file mode 100755
index 03d93ad..0000000
--- a/install.sh
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/bin/bash
-
-# source configuration file
-source deploy.conf
-
-# Change apt sources to use https
-sed -i "s/http:/https:/" /etc/apt/sources.list
-
-[ ! -z $BACKPORTS ] && echo "deb https://deb.debian.org/debian/ bullseye-backports main" >> \
-		/etc/apt/sources.list
-
-# Update packages
-apt update -y && apt upgrade -y
-
-# Temporarily add contrib and non-free repos for necessary proprietary firmware and microcode
-sed -i "s/main/main contrib non-free/" /etc/apt/sources.list
-apt update -y
-
-[ ! -z $AMDCPU ] && apt install amd64-microcode -y
-[ ! -z $AMDGPU ] && apt install firmware-amd-graphics -y
-[ ! -z $INTELCPU ] && apt install intel-microcode -y
-
-# Remove contrib and non-free repos
-sed -i "s/main contrib non-free/main/" /etc/apt/sources.list
-apt update -y
-
-# Install packages
-apt install "$(cat packages.base)" -y
-apt install "$(cat packages.custom)" -y
-
-# For virtual machines
-
-[ ! -z $VM ] && apt install spice-vdagent xserver-xorg-video-qxl -y
-
-# basic configuration of ufw
-ufw enable
-ufw default deny incoming
-ufw default allow outgoing
-ufw default routed disabled
-ufw reload
-
-# add user to sudo group
-user=$(cat /etc/passwd | grep 1000 | cut -d ':' -f 1)
-usermod -aG sudo $user
-
-# Switch to standard user and disable root password
-su $user
-passwd -l root
-
-# Get and deploy dotfiles
-echo "backing up current home directory to ~/home_backup"
-rsync -av $HOME/ $HOME/home_backup/
-cd $HOME
-git clone https://git.chudnick.com/dotfiles
-rsync --exclude .git/ --exclude LICENSE -av $HOME/dotfiles/ $HOME
-chsh -s $(which zsh) $USER
-
-# DWM
-if [ ! -z $DWM ]; then
-	mkdir -p $HOME/.local/src/
-	cd $HOME/.local/src/
-	sudo apt install libx11-dev libx11-xcb-dev libxcb-res0-dev libxft-dev libxinerama-dev -y
-	git clone https://git.chudnick.com/dwm
-	cd dwm
-	sudo make install
-	cd $HOME
-fi
-
-# DWMBLOCKS
-if [ ! -z $DWMBLOCKS ]; then
-	mkdir -p $HOME/.local/src/
-	cd $HOME/.local/src/
-	sudo apt install libx11-dev -y
-	git clone https://git.chudnick.com/dwmblocks
-	cd dwmblocks
-	sudo make install
-	cd $HOME
-fi
-
-# SSH
-[ ! -z $CONFIG_SSH ] && ssh-keygen 
-
-# SSH SERVER
-[ ! -z $CONFIG_SSH_SERVER ] && sudo apt install openssh-server -y && sudo ufw allow ssh
-
-# GPG
-[ ! -z $CONFIG_GPG ] && gpg --full-gen-key
diff --git a/user.sh b/user.sh
new file mode 100755
index 0000000..3843b04
--- /dev/null
+++ b/user.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Script 2 - run as standard user
+
+# source configuration file
+source deploy.conf
+
+# Disable root password
+passwd -l root
+
+# Get and deploy dotfiles
+echo "backing up current home directory to ~/home_backup"
+rsync -av $HOME/ $HOME/home_backup/
+cd $HOME
+git clone https://git.chudnick.com/dotfiles
+rsync --exclude .git/ --exclude LICENSE -av $HOME/dotfiles/ $HOME
+chsh -s $(which zsh) $USER
+
+# DWM
+if [ ! -z $DWM ]; then
+	mkdir -p $HOME/.local/src/
+	cd $HOME/.local/src/
+	sudo apt install libx11-dev libx11-xcb-dev libxcb-res0-dev libxft-dev libxinerama-dev -y
+	git clone https://git.chudnick.com/dwm
+	cd dwm
+	sudo make install
+	cd $HOME
+fi
+
+# DWMBLOCKS
+if [ ! -z $DWMBLOCKS ]; then
+	mkdir -p $HOME/.local/src/
+	cd $HOME/.local/src/
+	sudo apt install libx11-dev -y
+	git clone https://git.chudnick.com/dwmblocks
+	cd dwmblocks
+	sudo make install
+	cd $HOME
+fi
+
+# SSH
+[ ! -z $CONFIG_SSH ] && ssh-keygen 
+
+# SSH SERVER
+[ ! -z $CONFIG_SSH_SERVER ] && sudo apt install openssh-server -y && sudo ufw allow ssh
+
+# GPG
+[ ! -z $CONFIG_GPG ] && gpg --full-gen-key
-- 
cgit v1.2.3