#!/bin/bash # from # https://github.com/spiritLHLS/pve if [ -f "/etc/resolv.conf" ] then cp /etc/resolv.conf /etc/resolv.conf.bak chattr -i /etc/resolv.conf echo "nameserver 8.8.8.8" | tee -a /etc/resolv.conf > /dev/null echo "nameserver 8.8.4.4" | tee -a /etc/resolv.conf > /dev/null chattr +i /etc/resolv.conf fi temp_file_apt_fix="/tmp/apt_fix.txt" REGEX=("debian|astra" "ubuntu" "centos|red hat|kernel|oracle linux|alma|rocky" "'amazon linux'" "fedora" "arch" "freebsd") RELEASE=("Debian" "Ubuntu" "CentOS" "CentOS" "Fedora" "Arch" "FreeBSD") PACKAGE_UPDATE=("! apt-get update && apt-get --fix-broken install -y && apt-get update" "apt-get update" "yum -y update" "yum -y update" "yum -y update" "pacman -Sy" "pkg update") PACKAGE_INSTALL=("apt-get -y install" "apt-get -y install" "yum -y install" "yum -y install" "yum -y install" "pacman -Sy --noconfirm --needed" "pkg install -y") PACKAGE_REMOVE=("apt-get -y remove" "apt-get -y remove" "yum -y remove" "yum -y remove" "yum -y remove" "pacman -Rsc --noconfirm" "pkg delete") PACKAGE_UNINSTALL=("apt-get -y autoremove" "apt-get -y autoremove" "yum -y autoremove" "yum -y autoremove" "yum -y autoremove" "" "pkg autoremove") CMD=("$(grep -i pretty_name /etc/os-release 2>/dev/null | cut -d \" -f2)" "$(hostnamectl 2>/dev/null | grep -i system | cut -d : -f2)" "$(lsb_release -sd 2>/dev/null)" "$(grep -i description /etc/lsb-release 2>/dev/null | cut -d \" -f2)" "$(grep . /etc/redhat-release 2>/dev/null)" "$(grep . /etc/issue 2>/dev/null | cut -d \\ -f1 | sed '/^[ ]*$/d')" "$(grep -i pretty_name /etc/os-release 2>/dev/null | cut -d \" -f2)" "$(uname -s)") SYS="${CMD[0]}" [[ -n $SYS ]] || exit 1 for ((int = 0; int < ${#REGEX[@]}; int++)); do if [[ $(echo "$SYS" | tr '[:upper:]' '[:lower:]') =~ ${REGEX[int]} ]]; then SYSTEM="${RELEASE[int]}" [[ -n $SYSTEM ]] && break fi done [[ -z $SYSTEM ]] && exit 1 [[ $EUID -ne 0 ]] && exit 1 utf8_locale=$(locale -a 2>/dev/null | grep -i -m 1 -E "UTF-8|utf8") if [[ -z "$utf8_locale" ]]; then echo "No UTF-8 locale found" else export LC_ALL="$utf8_locale" export LANG="$utf8_locale" export LANGUAGE="$utf8_locale" echo "Locale set to $utf8_locale" fi checkupdate(){ if command -v apt-get > /dev/null 2>&1; then apt_update_output=$(apt-get update 2>&1) echo "$apt_update_output" > "$temp_file_apt_fix" if grep -q 'NO_PUBKEY' "$temp_file_apt_fix"; then public_keys=$(grep -oE 'NO_PUBKEY [0-9A-F]+' "$temp_file_apt_fix" | awk '{ print $2 }') joined_keys=$(echo "$public_keys" | paste -sd " ") echo "No Public Keys: ${joined_keys}" apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ${joined_keys} apt-get update if [ $? -eq 0 ]; then _green "Fixed" fi fi rm "$temp_file_apt_fix" else ${PACKAGE_UPDATE[int]} fi } install_required_modules() { modules=("sshpass" "openssh-server") for module in "${modules[@]}" do if command -v apt-get > /dev/null 2>&1; then if dpkg -s $module > /dev/null 2>&1 ; then echo "$module has benn installed." else apt-get install -y $module if [ $? -ne 0 ]; then apt-get install -y $module --fix-missing fi echo "$module has been tried and installed!" fi else ${PACKAGE_INSTALL[int]} $module fi done } remove_duplicate_lines() { # 去除重复行并跳过空行 awk '!NF || !x[$0]++' "$1" > "$1.tmp" && mv -f "$1.tmp" "$1" } checkupdate install_required_modules if [ -f "/etc/motd" ]; then echo 'Related repo https://github.com/spiritLHLS/pve' >> /etc/motd echo '--by https://t.me/spiritlhl' >> /etc/motd fi sshport=22 service iptables stop 2> /dev/null ; chkconfig iptables off 2> /dev/null ; if [ -f "/etc/sysconfig/selinux" ]; then sed -i.bak '/^SELINUX=/cSELINUX=disabled' /etc/sysconfig/selinux fi if [ -f "/etc/selinux/config" ]; then sed -i.bak '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config fi setenforce 0; if [ -f /etc/ssh/sshd_config ]; then sed -i "s/^#\?Port.*/Port $sshport/g" /etc/ssh/sshd_config sed -i "s/^#\?PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config sed -i "s/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g" /etc/ssh/sshd_config sed -i 's/#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/' /etc/ssh/sshd_config sed -i 's/#ListenAddress ::/ListenAddress ::/' /etc/ssh/sshd_config sed -i 's/#AddressFamily any/AddressFamily any/' /etc/ssh/sshd_config sed -i '/^#UsePAM\|UsePAM/c #UsePAM no' /etc/ssh/sshd_config sed -i "s/^#\?PubkeyAuthentication.*/PubkeyAuthentication no/g" /etc/ssh/sshd_config sed -i '/^AuthorizedKeysFile/s/^/#/' /etc/ssh/sshd_config fi if [ -f /etc/ssh/sshd_config.d/50-cloud-init.conf ]; then sed -i "s/^#\?Port.*/Port $sshport/g" /etc/ssh/sshd_config.d/50-cloud-init.conf sed -i "s/^#\?PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config.d/50-cloud-init.conf sed -i "s/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g" /etc/ssh/sshd_config.d/50-cloud-init.conf sed -i 's/#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/' /etc/ssh/sshd_config.d/50-cloud-init.conf sed -i 's/#ListenAddress ::/ListenAddress ::/' /etc/ssh/sshd_config.d/50-cloud-init.conf sed -i 's/#AddressFamily any/AddressFamily any/' /etc/ssh/sshd_config.d/50-cloud-init.conf sed -i '/^#UsePAM\|UsePAM/c #UsePAM no' /etc/ssh/sshd_config.d/50-cloud-init.conf sed -i "s/^#\?PubkeyAuthentication.*/PubkeyAuthentication no/g" /etc/ssh/sshd_config.d/50-cloud-init.conf sed -i '/^AuthorizedKeysFile/s/^/#/' /etc/ssh/sshd_config.d/50-cloud-init.conf fi remove_duplicate_lines "/etc/ssh/sshd_config" service ssh restart service sshd restart systemctl restart sshd systemctl restart ssh rm -rf "$0"