|
|
|
@ -10,14 +10,17 @@ set -o nounset
|
|
|
|
|
|
|
|
|
|
# installing dependencies
|
|
|
|
|
apt update && apt upgrade -y && apt autoremove -y
|
|
|
|
|
apt install -y git unzip curl ufw fail2ban cockpit software-properties-common
|
|
|
|
|
|
|
|
|
|
curl -sL https://deb.nodesource.com/setup_18.x -o nodesource_setup.sh
|
|
|
|
|
apt install -y nodejs git unzip curl ufw fail2ban cockpit software-properties-common
|
|
|
|
|
|
|
|
|
|
systemctl start cockpit
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# configure ufw and start
|
|
|
|
|
# configure ufw and start ufw
|
|
|
|
|
#
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
ufw allow ssh
|
|
|
|
|
ufw allow 9090/tcp
|
|
|
|
|
|
|
|
|
@ -25,9 +28,10 @@ service ufw start
|
|
|
|
|
echo "y" | ufw enable
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# configure fail2ban and start
|
|
|
|
|
# configure fail2ban for seacure ssh and start fail2ban
|
|
|
|
|
#
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
cat > /etc/fail2ban/jail.local << EOF
|
|
|
|
|
[default]
|
|
|
|
|
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
|
|
|
|
|