From ff1463ba59260c3df518755d978b4e18272bf454 Mon Sep 17 00:00:00 2001 From: Alexis Hovorka Date: Mon, 4 Jan 2021 00:06:27 -0700 Subject: Initial commit --- 1.root.bash_history | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 2.user.bash_history | 18 ++++++++++++++++++ 3.user.zsh_history | 31 +++++++++++++++++++++++++++++++ README.md | 5 +++++ sshd_config | 33 +++++++++++++++++++++++++++++++++ zeno-wifi.config | 6 ++++++ zeno-wifi.service | 9 +++++++++ zeno-wifi.sh | 32 ++++++++++++++++++++++++++++++++ zshrc.local | 17 +++++++++++++++++ 9 files changed, 198 insertions(+) create mode 100644 1.root.bash_history create mode 100644 2.user.bash_history create mode 100644 3.user.zsh_history create mode 100644 README.md create mode 100644 sshd_config create mode 100644 zeno-wifi.config create mode 100644 zeno-wifi.service create mode 100755 zeno-wifi.sh create mode 100644 zshrc.local diff --git a/1.root.bash_history b/1.root.bash_history new file mode 100644 index 0000000..aa2a253 --- /dev/null +++ b/1.root.bash_history @@ -0,0 +1,47 @@ +pacman-key --init +pacman-key --populate archlinuxarm +nano /etc/hostname +nano /etc/hosts + 127.0.0.1 zeno localhost + 10.0.0.1 zeno.local zeno.global.domain +nano /etc/locale.gen + en_US.UTF-8 +nano /etc/locale.conf + LANG=en_US.UTF-8 +ln -s /usr/share/zoneinfo/MST7MDT /etc/localtime + +# Quiet Boot +nano /boot/cmdline.txt + root=/dev/mmcblk0p2 rw rootwait console=ttyAMA0,115200 console=tty1 selinux=0 plymouth.enable=0 smsc95xx.turbo_mode=N dwc_otg.lpm_enable=0 elevator=noop audit=0 quiet loglevel=3 vga=current +nano /etc/sysctl.conf + kernel.printk = 3 3 3 3 + +reboot + +wifi-menu +nano /etc/pacman.conf +pacman -Syu --needed base-devel moreutils sudo man zsh vim git \ + tmux screen ncurses tree htop ncdu nmap wavemon bat mosh \ + wget rsync aria2 ack qrencode sshfs bc entr jq \ + zip unzip unrar atool ffmpeg imagemagick libcaca \ + nasm clang cmake python nodejs npm gdb ed edbrowse elinks w3m lynx \ + autossh nginx avahi hostapd nss-mdns paccache + # And whatever else you want + +visudo +groupmod -n $NEWUSER alarm +usermod -d /home/NEWUSER -l $NEWUSER -m alarm +usermod -aG users,wheel,http,uucp,lp,video,audio,input,git $NEWUSER +passwd $NEWUSER +passwd + +vim /etc/ssh/sshd_config +# Recommended settings are in sshd_config in the repo + +systemctl start avahi-daemon +systemctl enable avahi-daemon +vim /etc/nsswitch.conf +cp /usr/share/doc/avahi/ssh.service /etc/avahi/services/ +vim /etc/avahi/services/ssh.service + +reboot diff --git a/2.user.bash_history b/2.user.bash_history new file mode 100644 index 0000000..6a08043 --- /dev/null +++ b/2.user.bash_history @@ -0,0 +1,18 @@ +sudo wifi-menu + +git clone https://aur.archlinux.org/yay +cd yay +makepkg -si +cd .. +rm -rf yay +yay create_ap + +# My Dotfiles +chsh -s /bin/zsh +git clone https://git.ahov.co/dotfiles.git .dotfiles +cd .dotfiles +./install +# Copy in zshrc.local from the repo +vim ~/.zshrc.local + +sudo reboot diff --git a/3.user.zsh_history b/3.user.zsh_history new file mode 100644 index 0000000..6ba97fe --- /dev/null +++ b/3.user.zsh_history @@ -0,0 +1,31 @@ +ln -s /etc/netctl ~/wifi +cd ~/wifi +sudo mv "wlan0-WIFI-NETWORK-A" "WIFI-NETWORK-A" +sudo vim "WIFI-NETWORK-A" +sudo cp "WIFI-NETWORK-A" "WIFI-NETWORK-B" +sudo vim "WIFI-NETWORK-B" +cd ~ + +# Copy in zeno-wifi.* from the repo +vim zeno-wifi.config + +sudo wifi-menu +ssh-keygen +ssh-copy-id $JUMP_HOST +ssh $JUMP_HOST + +mkdir -p .config/systemd/user +ln -s ~/zeno-wifi.service .config/systemd/user/zeno-wifi.service +sudo loginctl enable-linger `whoami` +systemctl enable --user zeno-wifi + +sudo vim /etc/nginx/nginx.conf +ln -s /srv/http www +cd www +sudo chown :http . +sudo chmod g+ws . +vim index.html +sudo systemctl start nginx +sudo systemctl enable nginx + +sudo reboot diff --git a/README.md b/README.md new file mode 100644 index 0000000..262273f --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +# zeno-setup + +A set of scripts and such to walk you through setting up Arch Linux ARM and the +basic connection management software for Zeno. Just follow the directions in +the files starting with 1, 2, and 3. diff --git a/sshd_config b/sshd_config new file mode 100644 index 0000000..f183761 --- /dev/null +++ b/sshd_config @@ -0,0 +1,33 @@ +KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 +Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr +MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com + +StrictModes yes +PermitRootLogin no +LoginGraceTime 30 +MaxAuthTries 3 +MaxSessions 5 +MaxStartups 2 + +AuthorizedKeysFile .ssh/authorized_keys +HostbasedAuthentication no +IgnoreRhosts yes +PermitEmptyPasswords no +ChallengeResponseAuthentication no +Compression yes +PrintMotd no +UsePAM yes + +Subsystem sftp internal-sftp +AllowTcpForwarding no +PermitTunnel no +PermitTTY no +X11Forwarding no + +AllowUsers $NEW_USER +Match User $NEW_USER # Note: Indentation below is just stylistic + AllowTcpForwarding yes + PermitTunnel yes + PermitTTY yes + X11Forwarding yes + X11UseLocalhost no diff --git a/zeno-wifi.config b/zeno-wifi.config new file mode 100644 index 0000000..3d239bc --- /dev/null +++ b/zeno-wifi.config @@ -0,0 +1,6 @@ +WIFI_SSID="zeno" +WIFI_PASS="password" + +JUMP_HOST="123.45.67.89" +JUMP_ONCONNECT="zeno.onconnect.sh" +JUMP_PORT_BASE=32100 diff --git a/zeno-wifi.service b/zeno-wifi.service new file mode 100644 index 0000000..d1dcbfa --- /dev/null +++ b/zeno-wifi.service @@ -0,0 +1,9 @@ +[Unit] +Description=Connect to known networks or create a local access point + +[Service] +Type=forking +ExecStart=%h/zeno-wifi.sh + +[Install] +WantedBy=default.target diff --git a/zeno-wifi.sh b/zeno-wifi.sh new file mode 100755 index 0000000..36fa3d4 --- /dev/null +++ b/zeno-wifi.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +source ~/zeno-wifi.config + +sudo ifconfig wlan0 up +sudo iw dev wlan0 scan | grep -Po "(?<=SSID: ).*" | sort -u >/tmp/visible.networks +sudo ifconfig wlan0 down + +KNOWN="$({ + cat /tmp/visible.networks + netctl list | cut -b3- +} | sort | uniq -d | head -1)" + + +if [[ -n "$KNOWN" ]]; then + echo "Connecting to $KNOWN" + sudo netctl start "$KNOWN" + netctl wait-online "$KNOWN" + + autossh -M $JUMP_PORT_BASE -f -N -T \ + -R "$((JUMP_PORT_BASE + 22)):localhost:22" \ + -R "$((JUMP_PORT_BASE + 80)):localhost:80" \ + -o "ServerAliveInterval 30" \ + -o "ServerAliveCountMax 2" \ + "$JUMP_HOST" + + ssh "$JUMP_HOST" bash "$JUMP_ONCONNECT" + +else + echo "No known networks available, starting AP" + sudo create_ap -n --no-virt -d -g 10.0.0.1 wlan0 "$WIFI_SSID" "$WIFI_PASS" +fi diff --git a/zshrc.local b/zshrc.local new file mode 100644 index 0000000..4145936 --- /dev/null +++ b/zshrc.local @@ -0,0 +1,17 @@ +# Only necessary if using my dotfiles + +if [ -z "$SSH_CONNECTION" ]; then + if [ -z "$TMUX" -a "${TERM%%-*}" != "screen" ]; then + ~/.colorscheme + fi + + export PROMPT_HOST_COLOR=8 +else + export PROMPT_HOST_COLOR=1 + export PROMPT_SHORT_HOSTNAME="zno" +fi + +find ~/.trash -type f -mtime +90 -delete &>/dev/null || true +find ~/.vim/undo-dir -type f -mtime +90 -delete &>/dev/null || true + +echo "" -- cgit v1.2.3-54-g00ecf