From 075a64728b4addeb02e9a6f5653e2ce770e4cc28 Mon Sep 17 00:00:00 2001 From: Matthew Fisher Date: Mon, 29 Jul 2024 19:03:50 -0500 Subject: [PATCH] new file: authorized_keys modified: init.sh --- authorized_keys | 2 ++ init.sh | 29 ++++++++++++++++++++++++++++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 authorized_keys diff --git a/authorized_keys b/authorized_keys new file mode 100644 index 0000000..eb06d98 --- /dev/null +++ b/authorized_keys @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0LsVV1CeipzVrE/3x+e77ICNd8lQfP16uxwLIl3txKzV5EyCzKIKfSYQ3VvfI0WVaUjOCssI0CAvmgK4OQ1KuwKyXQGgHytVhkO6yP5MLcVlOTlmw1hhx6eY73UlVgy0TG2V5mfs3Xh9I+1xy1qqX6KQJ4YFrPLlSqN/S/2hPLK2lCpAw650SURPYb11J/V2SsM/VGvvsx+f2KxfdlVWNOtKsc+jWTBN4aDbNsh9PxGBHuKmyANlgnHqZAkYqocvMMnlndcenUkc5cPevMfujJseNiaX6RgP8J9imBhRmjr8M/xL0KP25slWfRPyHlpvhfukXM0Uyea942URg6K37mf7IO7ZXwCHp9/zOgkFXTRgLWTF6rSDIsAZcwPNKukfev5b+N4NhDtGHu2lOL5dIBagEHwOVE73AEwvTgnABvE7QhpMY2fu6rYewqXwfsdhZkxw6Q1IUKXFU94Wz37Wkc+LKt8NDGYdq81Qh3KarD/pRKCUCULdSYrUBE4AC0qGVRMrwp+U1yFOI67E8axJ5C9p7RXrmKx2PBFtv4fPwa8A9bNsoZPg3xzzJyEQJpmUiknLNV2VP/XSd2lZnu0RB/kq8rT2HT67TIYt9/rBHuPu22tbQ3tie+j63oftRQfvRYTi9vU8d0F38fpF5DucELrCcuee7hmwubypk54kFEQ== matthew@jumpbox +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDBTIiGlPu0MyjMyu1ME5MqsLX22ifYiSBN2DK5N/y7NIc6ze9Ko0nTZ0NrplaGONWpbl2oHoU9ezkKB55uk06yOfWIL/pZCneo4pZ/BVHn6bYWR77x2vC1yHsFMxtjP/xCWJAFGFrn/rJrZc0AJF/l4ZoUfzlt0Wp4AEuBpxXMesLkr9XJg6gg6NswMoRABSjaDbLxPG/EKLhMmK/LZf9QGpjh1n1HqkK2tnOXg3TpNH6T8KgcimejQrDD1kexLWnOspoYe5Kb+nzAmb2ixAAniaOWhPDD6MiTkwfwV5+cfsfTKYCm6Yy3tOEMTGB+h+kI6opiXjsbrqO0zFDrJ1aNcqNm7beDToc1OG+rwNVahW4Gh/Ni5Ya4MjRbw4xzgS3u/6qp3Q7MXdga3byLYlFnofWYKD4UfOIVoHDaxcxmXTdKiwZ6fePRwtggvc3atzqnykJOSopvIQU9BX2wiblVMxBvjFbXf4s4iZ3VlLRZuuIETnNNND5sENef+fR3JRc= matthew@Matthews-MacBook-Air.local \ No newline at end of file diff --git a/init.sh b/init.sh index cc1f786..dd33e20 100644 --- a/init.sh +++ b/init.sh @@ -1 +1,28 @@ -#!/bin/bash \ No newline at end of file +#!/bin/bash + +#Nginx Repo setup +sudo apt install -y curl gnupg2 ca-certificates lsb-release debian-archive-keyring git +curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null +gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg +echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/debian `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list +sudo apt update + +#Crowdsec Repo setup +curl -s https://install.crowdsec.net | sudo sh + +#Package install +sudo apt install iptables rsyslog nginx crowdsec crowdsec-firewall-bouncer-iptables wireguard + +#rsyslog setup +echo '*.* 10.0.100.34:514' | sudo tee /etc/rsyslog.conf +sudo systemctl enable rsyslog +sudo systemctl start rsyslog + +#Crowdsec setup +sudo cscli console enroll -e context clz7m6x9o0003jo08v8g6lm0v + +#Add authorized keys to user matthew +cp authorized_keys ~/.ssh/authorized_keys + +#Start wireguard service +sudo systemctl enable --now wg-quick@wg0 \ No newline at end of file