Adding network mounts, ssh client config, and updating apt install to add more tools.

apt-install.sh

@@ -1,14 +1,15 @@
 #!/bin/sh
 # This script expects an OS that is based on Debian in at least package management
-usage="$(basename "$0") [-h] [-s] [-n hostname] -- my script for initializing apt repos on new Linux installs
+usage="$(basename "$0") [-h] [-s] [-d] [-n hostname] -- my script for initializing apt repos on new Linux installs
 \n\n
 where:\n
     -h, ?                    \t\t\tshow this help text\n
+    -d,	--distro	     \tDistro name, default bookworm
     -s, --server             \t\tonly install server components\n
     -n, --name [hostname]    \tset the hostname to the argument"
 
-# A repos don't support virgnia (Mint codename), only recognizing Jammy (Ubuntu)
-distro=jammy
+# A repos don't support virginia (Mint codename), only recognizing Jammy (Ubuntu)
+distro=bookworm
 
 # A POSIX variable
 OPTIND=1         # Reset in case getopts has been used previously in the shell.
@@ -21,25 +22,30 @@ fi
 
 
 # Some POSIX getopts goodness for portability
-while getopts "h?s-n-:v-" opt; do
+while getopts "h?d-s-n-:v-" opt; do
   case "$opt" in
     h|\?)
       echo -e $usage | fold -w 80 -s
       exit 0
       ;;
+    d|distro) distro=$OPTARG
+      ;;
     s|server)  client=false
       ;;
     n|name)
         hostnamectl set-hostname $OPTARG
       ;;
     v|version)
-        echo "Versioning? On this? Gtfo."
+        echo "Versioning? On this?"
         exit 0
       ;;
     -)
       case "${OPTARG}" in
         version)
-        echo "Versioning? On this? Gtfo."
+        echo "Versioning? On this?"
+          ;;
+	distro) 
+	  distro=$OPTARG
 	  ;;
         name)
         hostnamectl set-hostname $OPTARG
@@ -59,27 +65,22 @@ apt install -y wget gnupg lsb-release apt-transport-https ca-certificates softwa
 # A few packages store their keys in specific location that doesn't exist at first
 install -m 0755 -d /etc/apt/keyrings
 
-if [ $client ] 
-then
-    # Brave Browser
-    apt install curl
+if [ $client ]; then
+    # Brave Browser - for everything that doesn't run in Firefox
+    apt -y install curl
     curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
     echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main" | sudo tee /etc/apt/sources.list.d/brave-browser-release.list
     
     # Signal Desktop Client
-    # NOTE: These instructions only work for 64-bit Debian-based
-    # Linux distributions such as Ubuntu, Mint etc.
-    # 1. Install our official public software signing key:
     wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg
     cat signal-desktop-keyring.gpg | tee /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null
-
-    # 2. Add our repository to your list of repositories:
     echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' |\
     tee /etc/apt/sources.list.d/signal-xenial.list
 
     # Mullvad
+    rm -f /etc/apt/sources.list.d/mullvad.list
     curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc
-    echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list
+    echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $distro main" | sudo tee /etc/apt/sources.list.d/mullvad.list
 
     # VS Codium
     wget -qO - https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg \
@@ -93,47 +94,55 @@ then
     wget -NP /etc/apt/sources.list.d/ https://dl.winehq.org/wine-builds/debian/dists/bookworm/winehq-bookworm.sources
 
     # Nicotine for Soulseek
-    add-apt-repository ppa:nicotine-team/stable
+    #add-apt-repository ppa:nicotine-team/stable
 
     # Solaar - Logitech management software
-    add-apt-repository ppa:solaar-unifying/stable
+    #add-apt-repository ppa:solaar-unifying/stable
 
     # AppImage Launcher
-    add-apt-repository ppa:appimagelauncher-team/stable
+    #add-apt-repository ppa:appimagelauncher-team/stable
+    AILTAG=$(curl -ILs https://github.com/TheAssassin/AppImageLauncher/releases/latest -w %{url_effective} -o /dev/null | awk -F "/" '{print $NF}')
+    AILDEB=$(curl -s https://github.com/TheAssassin/AppImageLauncher/releases | grep amd64.deb | head -n 1 | cut -d '/' -f 7 | cut -d '"' -f 1)
+    AILURL="https://github.com/TheAssassin/AppImageLauncher/releases/download/$AILTAG/$AILDEB"
+    curl -fSLo /home/matt/dotfiles/$AILDEB $AILURL
 
     # Virtual Box
-    deb [arch=amd64 signed-by=/usr/share/keyrings/oracle-virtualbox-2016.gpg] https://download.virtualbox.org/virtualbox/debian $distro contrib
+    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/oracle-virtualbox-2016.gpg] https://download.virtualbox.org/virtualbox/debian $distro contrib" | tee /etc/apt/sources.list.d/vitualbox.list
     wget -O- https://www.virtualbox.org/download/oracle_vbox_2016.asc | sudo gpg --yes --output /usr/share/keyrings/oracle-virtualbox-2016.gpg --dearmor
 
     # Librewolf
     apt install -y wget gnupg lsb-release apt-transport-https ca-certificates
+    rm -f /usr/share/keyrings/librewolf.gpg
     wget -O- https://deb.librewolf.net/keyring.gpg | gpg --dearmor -o /usr/share/keyrings/librewolf.gpg
-    cat  << EOF > /etc/apt/sources.list.d/librewolf.sources
+    cat  <<EOF> /etc/apt/sources.list.d/librewolf.sources
     Types: deb
     URIs: https://deb.librewolf.net
     Suites: $distro
     Components: main
     Architectures: amd64
     Signed-By: /usr/share/keyrings/librewolf.gpg
-    EOF
+EOF
 fi
  
 if [ !client ]
 then
     # Docker
-    curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
+    curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
     chmod a+r /etc/apt/keyrings/docker.asc
 
     # Add the repository to Apt sources:
     echo \
-    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
+    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
     $distro stable" | \
     tee /etc/apt/sources.list.d/docker.list > /dev/null
 fi
 
 # Stuff everybody gets
 # Fastfetch. R.I.P. Neofetch
-add-apt-repository ppa:zhangsongcui3371/fastfetch
+FFTAG=$(curl -ILs https://github.com/fastfetch-cli/fastfetch/releases/latest -w %{url_effective} -o /dev/null | awk -F "/" '{print $NF}')
+FFDEB=$(curl -s https://github.com/fastfetch-cli/fastfetch/releases/ | grep amd64.deb | head -n 1 | cut -d '/' -f 2)
+FFURL="https://github.com/fastfetch-cli/fastfetch/releases/download/$FFTAG/$FFDEB"
+curl -fSLo /home/matt/dotfiles/$FFDEB $FFURL
 
 # Update or none of this will show up
 apt update
@@ -141,12 +150,21 @@ apt update
 if [ $client ] 
 then
     # Apps that don't need anything besides the parent package call
-    apt install -y brave-browser signal-desktop mullvad-vpn codium librewolf solaar appimagelauncher
+    apt install -y brave-browser signal-desktop mullvad-vpn codium librewolf solaar
+    apt install -y /home/matt/dotfiles/$AILDEB
+    rm /home/matt/dotfiles/$AILDEB
     # Wine has some recommends, install that with its own command
-    apt install --install-recommends winehq-stable
+    apt install -y --install-recommends winehq-stable
 else
     # Docker just has a lot
+    for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done
     apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
 fi
 
-apt install -y fastfetch
+apt install -y/home/matt/dotfiles/$AILDEB
+rm /home/matt/dotfiles/$AILDEB
+apt install -y putty-tools sshfs htop iftop
+apt install -y /home/matt/dotfiles/$FFDEB
+rm /home/matt/dotfiles/$FFDEB
+
+apt autoremove -y

install.sh

@@ -6,11 +6,11 @@
 # ln -sv “~/.dotfiles/git/.gitconfig” ~
 
 # Safety first
-./sshd-config.sh
-./iptables/iptables-config.sh
+sudo /sshd-config.sh
+sudo ./iptables/iptables-config.sh
 
 # Setup apt repos and install some of our favorites
-./apt-install.sh
+sudo ./apt-install.sh
 
 # Install a retro looking font that I like to use in my terminal
 ./install-fonts.sh

network-mounts.sh

@@ -0,0 +1,2 @@
+echo -e "#----------------------------------------------------------------\n# NETWORK\n#----------------------------------------------------------------\n//192.168.0.175/Public /mnt/wd-mycloud cifs cred=/home/matt/wd-mycloud.cred,iocharset=utf8,uid=matt,gid=docker,file_mode=0775,dir_mode=0775,vers=3.1.1,nofail,nobrl,auto,x-systemd.automount,noserverino\n\n//192.168.0.175/Backup /mnt/wd-backup cifs cred=/home/matt/wd-mycloud.cred,iocharset=utf8,uid=matt,gid=docker,file_mode=0775,dir_mode=0775,vers=3.1.1,nofail,nobrl,auto,x-systemd.automount,noserverino\n#################################################\n#                   VPS                         #\n#################################################\nroot@vpn.recchia.dev:/root /mnt/vps  fuse.sshfs _netdev,user,idmap=user,transform_symlinks,identityfile=/home/matt/.ssh/myVpsKey,allow_other,default_permissions,uid=matt,gid=matt,umask=0 0 0\n\nroot@de.recchia.dev:/root /mnt/de-vps  fuse.sshfs _netdev,user,idmap=user,transform_symlinks,identityfile=/home/matt/.ssh/myVpsKey,allow_other,default_permissions,uid=matt,gid=matt,umask=0 0 0\n\nroot@nl.recchia.dev:/root /mnt/nl-vps  fuse.sshfs _netdev,user,idmap=user,transform_symlinks,identityfile=/home/matt/.ssh/myVpsKey,allow_other,default_permissions,uid=matt,gid=matt,umask=0 0 0\n#################################################\n#               TILDE.CLUB                      #\n#################################################\nengirugger42@tilde.club:/home/engirugger42 /mnt/tilde.club  fuse.sshfs _netdev,user,idmap=user,transform_symlinks,identityfile=/home/matt/.ssh/myVpsKey,allow_other,default_permissions,uid=matt,gid=matt,umask=0 0 0" >> /etc/fstab
+ 

ssh-client.sh

@@ -0,0 +1,3 @@
+cp /home/matt/dotfiles/.ssh/config /home/matt/.ssh
+
+echo -e "\nHost *\n Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n KexAlgorithms sntrup761x25519-sha512@openssh.com,gss-curve25519-sha256-,curve25519-sha256,curve25519-sha256@libssh.org,gss-group16-sha512-,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256\n\n MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com\n\n HostKeyAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\n CASignatureAlgorithms sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256\n\n GSSAPIKexAlgorithms gss-curve25519-sha256-,gss-group16-sha512-\n\n HostbasedAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-256\n\n PubkeyAcceptedAlgorithms sk-ssh-ed25519-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-256\n\n" >> ~/.ssh/config

sshd-config.sh

@@ -1,4 +1,3 @@
-sudo -i
 rm /etc/ssh/ssh_host_*
 ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
 ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""