#!/bin/sh # source configuration file source deploy.conf # Change apt sources to use https sed -i "s/http/https/" /etc/apt/sources.list [ -n $BACKPORTS ] && echo "deb https://deb.debian.org/debian/ bullseye-backports main" >> \ /etc/apt/sources.list # Update packages apt update -y && apt upgrade -y # Temporarily add contrib and non-free repos for necessary proprietary firmware and microcode sed -i "s/main/main contrib non-free/" /etc/apt/sources.list apt update -y [ -n $AMDCPU ] && apt install amd64-microcode -y [ -n $AMDGPU ] && apt install firmware-amd-graphics -y [ -n $INTELCPU ] && apt install intel-microcode -y # Remove contrib and non-free repos sed -i "s/main contrib non-free/main/" /etc/apt/sources.list apt update -y # Install packages apt install "$(cat packages.base)" -y apt install "$(cat packages.custom)" -y # basic configuration of ufw ufw default deny incoming ufw default allow outgoing ufw default routed disabled ufw reload # add user to sudo group user=$(cat /etc/passwd | grep 1000 | cut -d ':' -f 1) usermod -aG sudo $user # Switch to standard user and disable root password su $user passwd -l root # Get and deploy dotfiles echo "backing up current home directory to ~/home_backup" rsync -av $HOME/ $HOME/home_backup/ cd $HOME git clone https://git.chudnick.com/dotfiles.git rsync --exclude .git/ --exclude LICENSE -av $HOME/dotfiles/ $HOME chsh -s $(which zsh) $USER # DWM if [ -n $DWM ] then; mkdir -p $HOME/.local/src/ cd $HOME/.local/src/ sudo apt install libx11-dev libx11-xcb-dev libxcb-res0-dev libxft-dev libxinerama-dev -y git clone https://git.chudnick.com/dwm cd dwm sudo make install cd $HOME fi # DWMBLOCKS if [ -n $DWMBLOCKS ] then; mkdir -p $HOME/.local/src/ cd $HOME/.local/src/ sudo apt install libx11-dev -y git clone https://git.chudnick.com/dwmblocks cd dwmblocks sudo make install cd $HOME fi # SSH [ -n $CONFIG_SSH ] && ssh-keygen # SSH SERVER [ -n $CONFIG_SSH_SERVER ] && sudo apt install openssh-server -y && sudo ufw allow ssh # GPG [ -n $CONFIG_GPG ] && gpg --full-gen-key