modified: init.sh

init.sh

@@ -1,28 +1,38 @@
 #!/bin/bash
 
 #Nginx Repo setup
+echo '[#] Installing pre-requisites'
 sudo apt install -y curl gnupg2 ca-certificates lsb-release debian-archive-keyring git
+echo '[#] NGINX Repo setup'
 curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
 gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
 echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/debian `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
+echo '[#] Updating APT cache'
 sudo apt update
 
 #Crowdsec Repo setup
+echo '[#] Crowdsec Repo setup'
 curl -s https://install.crowdsec.net | sudo sh
 
 #Package install
-sudo apt install iptables rsyslog nginx crowdsec crowdsec-firewall-bouncer-iptables wireguard
+echo '[#] Installing packages'
+sudo apt install -y iptables rsyslog nginx crowdsec crowdsec-firewall-bouncer-iptables wireguard
 
 #rsyslog setup
-echo '*.* 10.0.100.34:514' | sudo tee /etc/rsyslog.conf
+echo '[#] syslog forwarder setup'
+echo '*.* 10.0.100.34:514' | sudo tee /etc/rsyslog.conf > /dev/null
 sudo systemctl enable rsyslog
 sudo systemctl start rsyslog
 
 #Crowdsec setup
+echo '[#] Enroling endpoint into Crowdsec console'
 sudo cscli console enroll -e context clz7m6x9o0003jo08v8g6lm0v
 
 #Add authorized keys to user matthew
-cp authorized_keys ~/.ssh/authorized_keys
+echo '[#] Adding ssh keys'
+mkdir ~/.ssh
+curl http://git.lan.fisherhome.xyz/matthew/project_tunnelfin/raw/branch/main/authorized_keys > ~/.ssh/authorized_keys
 
 #Start wireguard service
+echo '[#] Starting Wireguard service'
 sudo systemctl enable --now wg-quick@wg0