#!/usr/bin/env bash exec 3<&0 export LANG=C export LC_ALL=C export NEEDRESTART_MODE=a export DEBIAN_FRONTEND=noninteractive export yamlbase="/srv/system.yaml" export yamlextra="/srv/containers.yaml" export serverip="172.20.0.22" export usern4me="admin" export passw0rd="isorulez" export lanhost="http://$serverip" export wanhost="http://z.net-freaks.com:3434" export pfsenseversion="pfsense2.8" export is_server="0" export is_workstation="0" export is_studio="0" # ======================================================================================================================================================== # ############## # DEB Packages # All (Server + Workstation + Studio) export list00="docker-buildx docker.io qemu-system qemu-utils qemu-user qemu-system-x86 qemu-guest-agent qemu-block-supplemental libvirt-clients libvirt-daemon-system bridge-utils virt-manager ovmf dnsmasq genisoimage guestfs-tools screen jq bmon s-tui \ fonts-noto-color-emoji fonts-emojione ttf-ancient-fonts fonts-noto fonts-noto-cjk fonts-noto-unhinted fonts-liberation fonts-dejavu-core fonts-freefont-ttf fonts-symbola \ libatasmart-bin smartmontools zip unzip p7zip-full 7zip p7zip cifs-utils rsnapshot rclone iotop detox fdupes rsync \ rdesktop net-tools speedtest-cli whois netdiscover iperf arp-scan traceroute sshpass dkms xmlstarlet \ openvpn curl nmap parallel openssh-server udpcast ca-certificates mesa-vulkan-drivers mesa-utils vulkan-tools \ gparted gnome-disk-utility haveged stress lm-sensors btop inxi tree btrfs-progs build-essential unrar lz4 duf distrobox wget cmatrix dialog terminator" # Server only because of XOrg packages export list01="xorg xinit xserver-xorg-video-vesa xserver-xorg-video-fbdev xserver-xorg-video-dummy xserver-xorg-core xserver-xorg-input-all xvfb \ openbox xdotool dbus-x11 dbus-user-session network-manager beep tmux pluma gpm caja" # Workstation + Studio export list02="cabextract chromium-codecs-ffmpeg-extra gstreamer1.0-libav gstreamer1.0-plugins-ugly gstreamer1.0-plugins-good:i386 gstreamer1.0-vaapi liba52-0.7.4 libaribb24-0 libavcodec-extra libasound2:i386 pipewire-alsa:i386 libpulse0:i386 \ libssl3 pcscd opensc keepassxc \ printer-driver-escpr hplip printer-driver-all \ samba smbclient liblchown-perl smb4k \ wine winetricks \ filelight kolourpaint granatier okteta krename kget kpat isoimagewriter kio-gdrive qrca kamoso \ libreoffice libreoffice-l10n-pt-br \ catfish openjdk-21-jre k3b cpu-x remmina filezilla maliit-keyboard" # Studio only export list03="timeshift snapper ansible \ webp-pixbuf-loader gimp \ python3-pip picocom esptool \ adb fastboot liblchown-perl \ yt-dlp qbittorrent \ torbrowser-launcher \ haruna audacity obs-studio kdenlive \ libreoffice libreoffice-l10n-pt-br \ blender rocminfo rocm-smi hipcc radeontop opencl-clhpp-headers opencl-headers \ protontricks steam luanti" ########## # FLATPAKs # All (Server + Workstation + Studio) export list10="org.mozilla.firefox" # Workstation + Studio export list11="com.anydesk.Anydesk \ com.usebottles.bottles \ com.github.tchx84.Flatseal \ io.missioncenter.MissionCenter \ org.mozilla.Thunderbird" # Workstation only export list12="uno.platform.uno-calculator \ com.ktechpit.whatsie \ com.thincast.client \ us.zoom.Zoom \ com.github.IsmaelMartinez.teams_for_linux" # Studio only export list13="net.davidotek.pupgui2 \ com.jgraph.drawio.desktop \ org.jdownloader.JDownloader" ##################### # Funções dos Menus # ##################### # Server function set_packages1 { export is_server="1" export packages="$list00 $list01" export flatpackages="$list10" } # Workstation function set_packages2 { export is_workstation="1" export packages="$list00 $list02" export flatpackages="$list10 $list11 $list12" } # Gamer & Studio function set_packages3 { export is_studio="1" export packages="$list00 $list02 $list03" export flatpackages="$list10 $list11 $list13" } # Completo function set_packages4 { export packages="$list00 $list02 $list03" export flatpackages="$list10 $list11 $list12 $list13" } # For AD: # sudo apt install adsys adsys-windows samba-ad-dc sssd-ad sssd-tools realmd adcli # sudo pam-auth-update --enable mkhomedir # ======================================================================================================================================================== # function root_check0 { [ "$EUID" -ne 0 ] || { echo "" echo "Não execute este script como Root! DICA: Remova o SUDO do comando ou execute-o como usuario local."; echo "" exit } } function informations0 { clear echo "" echo "Informacoes:" echo "" echo "Opcao 1: Server (+ARM64 = RaspberryPi 4 e 5)" echo "Configuração para Ubuntu Server." echo "Consome 17 Gb e exige no mínimo 32 Gb para ser configurado adequadamente" echo "Quando configurado em um RaspberryPi 4 ou RaspberryPi 5 com Ubuntu Server consome 8 Gb e exige no minimo um microSD de 16 Gb para ser configurado." echo "ATENCAO: Nao ha garantia de funcionamento para os RaspberryPi Zero, 1, 2 e 3; e/ou outras placas como OrangePi e BananaPi." echo "" echo "Opcao 2: Workstation" echo "Configuracao do Kubuntu para uso como Workstation." echo "Consome 27 Gb e exige no mínimo 64 Gb para ser configurado adequadamente." echo "Inclui aplicativos como o WhatsApp Desktop, Anydesk, Thunderbird, Zoom, Microsoft Teams, Google Chrome, OnlyOffice, suporte a tokens assinadores A3, entre outros." echo "Para ver todos os aplicativos disponíveis acesse https://flathub.org" echo "" echo "Opcao 3: Studio & Gamer" echo "Configuracao do Kubuntu para uso como Studio & Gamer." echo "Consome 27 Gb e exige no mínimo 64 Gb para ser configurado adequadamente." echo "Inclui aplicativos como o Steam, OBS Studio, GIMP e a Blender, alem do WINE, drivers de video adicionais e outros." echo "Para ver todos os aplicativos disponíveis acesse https://flathub.org" echo "" echo "Opcao 4: Completo!" echo "Configuracao completa com todos os pacotes acima: Workstation, Studio e Gamer." echo "Consome 31 Gb e exige no mínimo 64 Gb para ser configurado adequadamente." echo "Inclui todos os programas das opcoes acima exceto Server, deixando o sistema o mais completo possivel!" echo "Para ver todos os aplicativos disponíveis acesse https://flathub.org" echo "" read -p "Pressione Enter para voltar ao menu." return } function welcome0 { exec < /dev/tty clear; while true; do clear echo "" echo "=== Escolha uma opcao para configurar seu sistema! ===" echo "" echo "1) Ubuntu Server 24.04 LTS (+ARM64)" echo "2) Kubuntu 26.04 LTS - Workstation" echo "3) Kubuntu 26.04 LTS - Studio & Gamer" echo "4) Kubuntu 26.04 LTS - Completo!" echo "5) Ajuda" echo "6) Sair" echo "" read -p "Digite o numero e pressione Enter: " var0 echo "" case "$var0" in 1) set_packages1 ; break ;; 2) set_packages2 ; break ;; 3) set_packages3 ; break ;; 4) set_packages4 ; break ;; 5) informations0 ;; 6) exit ;; *) echo "Valor invalido! Escolha um numero de 1 a 6."; echo ""; sleep 3 ;; esac done exec 0<&3 exec 3<&- clear; echo "Carregando scripts..."; sleep 6; clear echo "Insira a senha do seu usuario $USER!" if [ "$is_server" = "1" ]; then if ! [ "$HOSTTYPE" = "aarch64" ]; then echo "DICA: Caso nao tenha trocado a senha ainda, senha padrao: ubuntu" else echo "Em placas ARM64 verifique se a senha foi definida na configuracao do rpi-imager ou se o sistema tem alguma senha padrao pre-definida." fi else echo "DICA: A senha foi definida previamente na instalacao!" fi echo ""; sudo -v if [ -n "$SUDO_USER" ]; then source /home/$SUDO_USER/.index.sh else source $HOME/.index.sh fi if [ "$HOSTTYPE" = "aarch64" ]; then if [ "$is_server" = "1" ]; then echo ""; echo "Preparo do Ubuntu Server $(lsb_release -sr) para RaspberryPi - $MENU_VERSION"; echo "" else clear; echo ""; echo "Opcao incompatível com RaspberryPi! Saindo..."; echo ""; exit 0 fi else if [ "$is_server" = "1" ]; then echo ""; echo "Preparo do Ubuntu Server $(lsb_release -sr) - $MENU_VERSION"; echo "" elif [ "$is_workstation" = "1" ]; then echo ""; echo "Preparo do Kubuntu Workstation $(lsb_release -sr) - $MENU_VERSION"; echo "" elif [ "$is_studio" = "1" ]; then echo ""; echo "Preparo de Kubuntu Gamer & Studio $(lsb_release -sr) - $MENU_VERSION"; echo "" else echo ""; echo "Preparo de Kubuntu Completo! $(lsb_release -sr) - $MENU_VERSION"; echo "" fi fi if ! [ -f /etc/install/theend0 ]; then sudo mkdir -p /etc/install sudo mkdir -p /srv/scripts/config sudo touch /srv/scripts/config/backupvm sudo touch /srv/scripts/config/backupcont else clear echo "ESTE SISTEMA JA FOI TOTALMENTE CONFIGURADO!" echo "Corrigindo problemas comuns..." sleep 3; fixproblems0 echo "Saindo..." exit 0 fi } function update0 { if ! [ -f /etc/install/update0 ]; then echo 'Package: apparmor\nPin: release *\nPin-Priority: -1' | sudo tee /etc/apt/preferences.d/99-no-apparmor cat </dev/null || echo 0) swap_size_gb=$((swap_size / 1000000000)) if [ $swap_size_gb -lt 2 ]; then echo ""; echo "Swap encontrado mas com menos de 2GB ($swap_size_gb GB), recriando..." sudo swapoff "$swap_file" 2>/dev/null || true sudo rm -f "$swap_file" # Cria arquivo preparado para Btrfs sudo truncate -s 0 "$swap_file" sudo chattr +C "$swap_file" 2>/dev/null || true # Verifica se é Btrfs e desabilita compressão if findmnt -n -o FSTYPE -T "$swap_file" | grep -q btrfs; then sudo btrfs property set "$swap_file" compression none 2>/dev/null || true fi sudo dd if=/dev/zero of="$swap_file" bs=1M count=$swapcount sudo chmod 0600 "$swap_file" sudo mkswap "$swap_file" sudo swapon "$swap_file" echo ""; echo "Swap recriado com 2GB em $swap_file!" else echo ""; echo "Swap encontrado com tamanho adequado (${swap_size_gb}GB) em $swap_file, ignorando..." fi else echo ""; echo "Swap não encontrado, criando um novo..." if [ -d /swap ]; then swap_file="/swap/swapfile" else swap_file="/swapfile" fi # Cria arquivo preparado para Btrfs sudo truncate -s 0 "$swap_file" sudo chattr +C "$swap_file" 2>/dev/null || true # Verifica se é Btrfs e desabilita compressão if findmnt -n -o FSTYPE -T "$swap_file" | grep -q btrfs; then sudo btrfs property set "$swap_file" compression none 2>/dev/null || true fi sudo dd if=/dev/zero of="$swap_file" bs=1M count=2048 sudo chmod 0600 "$swap_file" sudo mkswap "$swap_file" sudo swapon "$swap_file" echo "$swap_file none swap sw 0 0" | sudo tee -a /etc/fstab echo ""; echo "Swap criado com 2GB em $swap_file!" fi sudo touch /etc/install/mkswap0 fi } function timezone0 { if ! [ -f /etc/install/timezone0 ]; then sudo timedatectl set-timezone Etc/GMT+3 sudo timedatectl set-local-rtc 1 sudo touch /etc/install/timezone0 fi } function sysctl0 { if ! [ -f /etc/install/sysctl0 ]; then sleep 1; echo ""; echo "Aplicando recursos extras ao SYSCTL" if [ -f /etc/sysctl.d/99-sysctl.conf ]; then echo -e "# Enabling REISUB kernel.sysrq=1" | sudo tee /etc/sysctl.d/10-magic-sysrq.conf echo -e "# Prevent Freeze and or Kernel Panic vm.swappiness=10 vm.panic_on_oom=1 kernel.panic=5 # If setting this server as a firewall and or router #net.ipv4.ip_forward=1 # To completely disable ipv6 #net.ipv6.conf.all.disable_ipv6 = 1 #net.ipv6.conf.default.disable_ipv6 = 1 #net.ipv6.conf.lo.disable_ipv6 = 1 # For Syncthing fs.inotify.max_user_watches=204800 # Increase fs.inotify.max_user_watches if needed! #524288 #1048576" | sudo tee /etc/sysctl.d/99-sysctl.conf else echo -e "kernel.sysrq=1 vm.swappiness=10 vm.panic_on_oom=1 kernel.panic=5 #net.ipv4.ip_forward=1 #net.ipv6.conf.all.disable_ipv6 = 1 #net.ipv6.conf.default.disable_ipv6 = 1 #net.ipv6.conf.lo.disable_ipv6 = 1 fs.inotify.max_user_watches=204800 # Increase fs.inotify.max_user_watches if needed! #524288 #1048576" | sudo tee /etc/sysctl.d/99-sysctl.conf fi sudo touch /etc/install/sysctl0 fi } function fstab0 { if ! [ -f /etc/install/fstab0 ]; then sudo mkdir /mnt/disk01; sudo mkdir /mnt/disk02; sleep 1; echo ""; echo "Adicionando entradas extras ao fstab" echo -e " # Temp to ram! tmpfs /tmp tmpfs defaults 0 0 tmpfs /var/tmp tmpfs defaults 0 0 # Disk01 # /dev/disk/by-uuid/ /mnt/disk01 ext4 defaults 0 0 # Disk02 # /dev/disk/by-uuid/ /mnt/disk02 ext4 defaults 0 0 # Windows if Needed #UUID=DA888B1D888AF6F3 /mnt/windows ntfs-3g defaults,noatime,nofail,noauto 0 0 # Acesso Externo (Se necessario) # //172.25.0.X/pasta_rede /mnt/pasta_local cifs credentials=/srv/scripts/smb,iocharset=utf8,file_mode=0777,dir_mode=0777,noperm,user,vers=2.1,nofail,x-systemd.automount,x-systemd.requires=network-online.target,x-systemd.device-timeout=3 0 0" | sudo tee -a /etc/fstab # And support for touchpads! echo ' Section "InputClass" Identifier "libinput touchpad catchall" MatchIsTouchpad "on" MatchDevicePath "/dev/input/event*" Driver "libinput" Option "Tapping" "True" Option "ClickMethod" "clickfinger" EndSection' | sudo tee -a /etc/X11/xorg.conf.d/40-libinput.conf sudo touch /etc/install/fstab0 fi } function dwservice0 { if ! [ -f /etc/install/dwservice0 ]; then if [ "$HOSTTYPE" = "aarch64" ]; then echo ""; echo "Baixando DW Agent ARM" curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 https://www.dwservice.net/download/dwagent.sh | tee ~/dwagentARM.sh >/dev/null chmod +x dwagentARM.sh else echo ""; echo "Baixando DW Agent x86" curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 https://www.dwservice.net/download/dwagent_x86.sh | tee ~/dwagent_x86.sh >/dev/null chmod +x dwagent_x86.sh fi sudo touch /etc/install/dwservice0 fi } function flatpak0 { if ! [ -f /etc/install/flatpak0 ]; then sudo apt install flatpak -y fi # Se NÃO for ARM, instale! if ! [ "$HOSTTYPE" = "aarch64" ]; then sudo flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo sudo flatpak install $flatpackages --noninteractive -y echo 'kernel.apparmor_restrict_unprivileged_userns=0' | sudo tee /etc/sysctl.d/99-userns.conf sudo sysctl -p /etc/sysctl.d/99-userns.conf fi # Se NÃO for servidor, instale! if ! [ "$is_server" = "1" ]; then sudo apt install plasma-discover-backend-flatpak -y sudo apt purge plasma-discover-backend-snap -y fi sudo touch /etc/install/flatpak0 } function motd0 { if ! [ -f /etc/install/motd0 ]; then sleep 1; echo ""; echo "Ajustando tela de boas vindas do servidor" sudo rm -R /etc/update-motd.d/* curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link078 | sudo tee /etc/update-motd.d/00-header >/dev/null curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link079 | sudo tee /etc/update-motd.d/20-sysinfo >/dev/null curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link080 | sudo tee /etc/update-motd.d/90-dynamic-motd >/dev/null sudo chmod +x /etc/update-motd.d/* curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link077 | tee /home/administrador/.beep.sh >/dev/null chmod +x /home/administrador/.beep.sh sudo touch /etc/install/motd0 fi } function journal0 { if ! [ -f /etc/install/journal0 ]; then sleep 1; echo ""; echo "Ajustando JOURNAL" echo -e " [Journal] Storage=persistent SystemMaxUse=1G SystemKeepFree=5G" | sudo tee /etc/systemd/journald.conf sudo touch /etc/install/journal0 fi } function yamls0 { if ! [ -f /etc/install/yamls0 ]; then echo "Tentaremos pegar um yq mais atualizado!" if [ "$is_server" = "1" ]; then if [ "$HOSTTYPE" = "aarch64" ]; then curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 https://github.com/mikefarah/yq/releases/latest/download/yq_linux_arm64 | sudo tee /usr/local/bin/yq >/dev/null sudo chmod +x /usr/local/bin/yq else curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 | sudo tee /usr/local/bin/yq >/dev/null sudo chmod +x /usr/local/bin/yq fi fi if ! command -v yq > /dev/null 2>&1; then sudo apt install yq -y fi if ! [ -f "$yamlbase" ]; then # ---------------------------------------------------------------------------------------------------------------------------------------------------- sudo mkdir -p /srv/scripts/config sudo mkdir -p /srv/containers sudo touch "$yamlbase" # ---------------------------------------------------------------------------------------------------------------------------------------------------- IPMachine=$(ip route get 1.1.1.1 | grep -oP 'src \K\S+') sudo yq -i ".Informacoes.IP_LAN_Install = \"${IPMachine}\"" "$yamlbase" MACHINE_ID=$(cat /etc/machine-id) sudo yq -i ".Informacoes.machine_id = \"${MACHINE_ID}\"" "$yamlbase" # ---------------------------------------------------------------------------------------------------------------------------------------------------- sudo inxi -M | awk ' /Machine:/ {machine=1; next} machine && NF { sub(/^ *Type: /, "", $0); type=$0; getline; sub(/^ *Mobo: /, "", $0); mobo=$0; machine=0 } END { gsub(/[\x00-\x1F\x7F]/, "", type); gsub(/[\x00-\x1F\x7F]/, "", mobo); print "Hardware:" print " Tipo: \"" type "\"" print " Placa: \"" mobo "\"" } ' | sudo tee -a "$yamlbase" # ---------------------------------------------------------------------------------------------------------------------------------------------------- if [ -f /sys/firmware/acpi/tables/MSDM ]; then serial0=$(sudo hexdump -s 56 -e '"Serial key: " /29 "%s\n"' /sys/firmware/acpi/tables/MSDM) sudo yq -i ".Informacoes.Serial_Windows = \"${serial0}\"" "$yamlbase" else sudo yq -i ".Informacoes.Serial_Windows = \"Inexistente\"" "$yamlbase" fi # ---------------------------------------------------------------------------------------------------------------------------------------------------- # Support Pannel! curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link018 | sudo bash # ---------------------------------------------------------------------------------------------------------------------------------------------------- # Data de Instalação ou Reinstalação datetime0=$(date +"%d/%m/%Y - %H:%M") data_instalacao=$(yq '.Informacoes.Data_Instalacao' "$yamlbase" 2>/dev/null) data_reinstalacao=$(yq '.Informacoes.Data_Ultima_Reinstalacao' "$yamlbase" 2>/dev/null) if [[ "$data_instalacao" != "null" ]] || [[ "$data_reinstalacao" != "null" ]]; then echo "Informações de instalação já existem - mantendo valores atuais" echo "Data Instalação atual: $data_instalacao" echo "Data Reinstalação atual: $data_reinstalacao" else echo "Definindo informações de instalação..." sudo yq -i ".Informacoes.Data_Instalacao = \"${datetime0}\"" "$yamlbase" sudo yq -i ".Informacoes.Data_Ultima_Reinstalacao = \"Nunca foi reinstalado\"" "$yamlbase" fi fi sudo touch /etc/install/yamls0 fi } function crontabs0 { if ! [ -f /etc/install/crontabs0 ]; then if ! [ -d /srv/.bkp ]; then # ---------------------------------------------------------------------------------------------------------------------------------------------------- if [ "$HOSTTYPE" = "x86_64" ]; then (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 1 BEEP!") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "@reboot sleep 60; bash /home/administrador/.beep.sh") | sudo crontab - sudo yq -i ".Informacoes.Beep = \"Ativo\"" "$yamlbase" else (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 1 BEEP!") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# Sistema sem Beep") | sudo crontab - sudo yq -i ".Informacoes.Beep = \"Inativo\"" "$yamlbase" fi # ---------------------------------------------------------------------------------------------------------------------------------------------------- # Safe RSYNC! KISS (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 2 Safe Rsync") | sudo crontab - (sudo crontab -l 2>/dev/null; echo '#0 2 * * * mountpoint -q /mnt/disk01 && mountpoint -q /mnt/disk02 && rsync --delete -aHAXv --numeric-ids --sparse /origem /destino') | sudo crontab - # ---------------------------------------------------------------------------------------------------------------------------------------------------- # RClone Example (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 3 RClone") | sudo crontab - (sudo crontab -l 2>/dev/null; echo '#0 2 * * * mountpoint -q /mnt/disk01 && rclone sync --max-age 24h --no-traverse --exclude "Lixeira/**" /mnt/disk01/ OneDrive:Backup_Servidor') | sudo crontab - # ---------------------------------------------------------------------------------------------------------------------------------------------------- # Auto BackupCont curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link010 | sudo tee /srv/scripts/bkp-cdn.sh >/dev/null; sudo chmod +x /srv/scripts/bkp-cdn.sh if ! [ -f /srv/scripts/backupcont.sh ]; then curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link092 | sudo tee /srv/scripts/backupcont.sh >/dev/null; sudo chmod +x /srv/scripts/backupcont.sh (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 4 AutoBackup Containers & CDN") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "#00 02 * * * bash /srv/scripts/backupcont.sh; sleep 10; bash /srv/scripts/bkp-cdn.sh") | sudo crontab - fi # ---------------------------------------------------------------------------------------------------------------------------------------------------- # AutoLog Rotate for Domain curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link095 | sudo tee /srv/scripts/autolog-dominio.sh >/dev/null; sudo chmod +x /srv/scripts/autolog-dominio.sh (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 5 AutoLog") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "#00 23 * * * bash /srv/scripts/autolog-dominio.sh") | sudo crontab - # ---------------------------------------------------------------------------------------------------------------------------------------------------- # RansomExt if ! [ -f /srv/scripts/ransomext.sh ]; then curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link117 | sudo tee /srv/scripts/ransomext.sh >/dev/null; sudo chmod +x /srv/scripts/ransomext.sh (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 6 RansomExt") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "#00 7 * * * bash /srv/scripts/ransomext.sh") | sudo crontab - fi # ---------------------------------------------------------------------------------------------------------------------------------------------------- # AutoDelete Trash for SMB! if ! [ -f /srv/scripts/deleterecycle.sh ]; then curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link094 | sudo tee /srv/scripts/deleterecycle.sh >/dev/null; sudo chmod +x /srv/scripts/deleterecycle.sh (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 7 Delete Trash") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "#0 6 * * * bash /srv/scripts/deleterecycle.sh") | sudo crontab - fi # ---------------------------------------------------------------------------------------------------------------------------------------------------- # Perma Lixeira para Syncthing (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 8 Permissoes da Lixeira do AD para Syncthing") | sudo crontab - (sudo crontab -l 2>/dev/null; echo '#0 2 * * * lixo0="/mnt/disk01/Domain/Lixeira/" && [ -d "$lixo0" ] && chmod 777 -R "$lixo0" 2>/dev/null || :') | sudo crontab - # ---------------------------------------------------------------------------------------------------------------------------------------------------- # RSnapshots if ! [ -f /srv/scripts/rsnapshot.conf ]; then curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link076 | sudo tee /srv/scripts/rsnapshot.conf >/dev/null; sudo chmod +x /srv/scripts/rsnapshot.conf (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 9 RSnapshots") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# Alpha - Executa as 7h, 10h, 12h, 14h, 16h e 18h! 6x por dia") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "#00 7,10,12,14,16,18 * * 1-5 mountpoint -q /mnt/disk01 && mountpoint -q /mnt/disk02 && /usr/bin/rsnapshot -c /srv/scripts/rsnapshot.conf alpha") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# Beta - A partir das 20:00 5x na Semana cobrindo sabados mas nao domingos") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "#00 20 * * 1-5 mountpoint -q /mnt/disk01 && mountpoint -q /mnt/disk02 && /usr/bin/rsnapshot -c /srv/scripts/rsnapshot.conf beta") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# Gamma - 1x na Semana aos domingos, perdurando 4x, aprox. 1 mes") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "#00 6 * * 0 mountpoint -q /mnt/disk01 && mountpoint -q /mnt/disk02 && /usr/bin/rsnapshot -c /srv/scripts/rsnapshot.conf gamma") | sudo crontab - fi # ---------------------------------------------------------------------------------------------------------------------------------------------------- # Backup VMs curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link011 | sudo tee /srv/scripts/backupvm.sh >/dev/null; sudo chmod +x /srv/scripts/backupvm.sh (sudo crontab -l 2>/dev/null; echo "") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "# 10 Backup VMs") | sudo crontab - (sudo crontab -l 2>/dev/null; echo "#0 3 * * * bash /srv/scripts/backupvm.sh") | sudo crontab - # ---------------------------------------------------------------------------------------------------------------------------------------------------- sudo mkdir /srv/.bkp fi sudo touch /etc/install/crontabs0 fi } function netplan0 { if ! [ -f /etc/install/netplan0 ]; then echo -e " # #network: # ethernets: # renderer: NetworkManager # enp4s0: # addresses: [192.168.250.10/24] # routes: # - to: default # via: 192.168.120.254 # dhcp4: no ## optional: true # nameservers: # addresses: [192.168.250.1] # #addresses: [200.225.197.34, 200.225.197.37] # #addresses: [200.175.89.139, 200.175.5.139] # #addresses: [8.8.4.4, 8.8.8.8] # #addresses: [1.1.1.1, 1.0.0.1] # version: 2" | sudo tee /etc/netplan/99-model.yaml echo -e " # #network: # ethernets: # eth0: # dhcp4: true # optional: true # eth1: # THIS! # dhcp4: no # optional: true # addresses: [172.16.1.2/24] # version: 2" | sudo tee -a /etc/netplan/99-model.yaml echo -e " # # EXAMPLE WITH FORCE NETWORK OVER SPECIFIC NETWORK CARD! # #network: # renderer: NetworkManager # ethernets: # enp4s0f0: # LAN_FDM 192.168.0.0/24 (pfsense) 52:54:00:18:c6:a3 # dhcp4: true # dhcp4-overrides: # route-metric: 10 # dhcp6: false # nameservers: # addresses: [8.8.4.4, 1.0.0.1] # version: 2" | sudo tee -a /etc/netplan/99-model.yaml sudo touch /etc/install/netplan0 fi } function netplan_check { if ! [ -f /etc/install/netplan_check ]; then if ! [ "$HOSTTYPE" = "aarch64" ]; then # Sempre que tenta forçar netplan no RPi ele fica sem rede! curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 $link116 | sudo bash sudo touch /etc/install/netplan_check fi fi } function pfsense0 { if ! [ -f /etc/install/pfsense0 ]; then # Não funciona em ARM! if ! [ "$HOSTTYPE" = "aarch64" ]; then # Não pode ser Maquina Virtual! if ! [ $(systemd-detect-virt) = "kvm" ]; then sleep 1; echo ""; echo "Adicionando pfSense como VM" # Aqui verifica se a .img ja existe ou se vai baixar uma nova! if ! [ -f /var/lib/libvirt/images/"$pfsenseversion" ]; then if ping -c 1 $serverip >/dev/null; then webadress="$lanhost" else webadress="$wanhost" fi echo ""; echo "Baixando pfSense em segundo plano, aguarde..." curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 --user "$usern4me":"$passw0rd" "$webadress"/"$pfsenseversion" | sudo tee /var/lib/libvirt/images/"$pfsenseversion" >/dev/null && sudo chmod 777 /var/run/libvirt/libvirt-sock; sleep 1 fi fi fi sudo touch /etc/install/pfsense0 fi } function token0 { if ! [ -f /etc/install/token0 ]; then if ! [ "$HOSTTYPE" = "aarch64" ]; then echo ""; echo "Baixando Lib 01" curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1-1ubuntu2.1~18.04.23_amd64.deb | tee libssl1.1_1.1.1-1ubuntu2.1~18.04.23_amd64.deb >/dev/null sudo dpkg -i libssl1.1_1.1.1-1ubuntu2.1~18.04.23_amd64.deb; sudo rm libssl1*.deb echo ""; echo "Baixando Lib 02" curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 http://archive.ubuntu.com/ubuntu/pool/main/g/gdk-pixbuf-xlib/libgdk-pixbuf-xlib-2.0-0_2.40.2-2build4_amd64.deb | tee libgdk-pixbuf-xlib-2.0-0_2.40.2-2build4_amd64.deb >/dev/null sudo dpkg -i libgdk-pixbuf-xlib-2.0-0_2.40.2-2build4_amd64.deb; sudo rm libgdk*.deb echo ""; echo "Baixando Lib 03" curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 http://archive.ubuntu.com/ubuntu/pool/universe/g/gdk-pixbuf-xlib/libgdk-pixbuf2.0-0_2.40.2-2build4_amd64.deb | tee libgdk-pixbuf2.0-0_2.40.2-2build4_amd64.deb >/dev/null sudo dpkg -i libgdk-pixbuf2.0-0_2.40.2-2build4_amd64.deb; sudo rm libgdk*.deb sudo apt update; sudo apt upgrade -y echo ""; echo "Baixando Safent" cd /tmp; curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 https://www.globalsign.com/en/safenet-drivers/USB/10.7/Safenet_Linux_Installer_DEB_x64.zip | tee Safenet_Linux_Installer_DEB_x64.zip >/dev/null unzip Safenet_Linux_Installer_DEB_x64.zip sudo dpkg -i safenetauthenticationclient_10.7.77_amd64.deb sudo apt --fix-broken install -y sudo apt install libnss3-tools -y rm -fr ~/.pki/nssdb; mkdir -p ~/.pki/nssdb; certutil -d ~/.pki/nssdb -N -f <(echo -n "") cd ~; modutil -dbdir sql:.pki/nssdb/ -add "Safenet 5110" -libfile "/usr/lib/libeToken.so" sudo touch /etc/install/token0 fi fi } function web-doc0 { if ! [ -f /etc/install/web-doc0 ]; then if ! [ "$HOSTTYPE" = "aarch64" ]; then # ONLYOFFICE mkdir -p ~/.gnupg gpg --no-default-keyring --keyring gnupg-ring:/tmp/onlyoffice.gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5; sleep 1 chmod 644 /tmp/onlyoffice.gpg; sudo chown root:root /tmp/onlyoffice.gpg; sudo mv /tmp/onlyoffice.gpg /usr/share/keyrings/onlyoffice.gpg; sleep 1 echo 'deb [signed-by=/usr/share/keyrings/onlyoffice.gpg] https://download.onlyoffice.com/repo/debian squeeze main' | sudo tee -a /etc/apt/sources.list.d/onlyoffice.list; sleep 1 sudo apt update sudo apt install onlyoffice-desktopeditors --no-install-recommends -y # GOOGLE CHROME echo ""; echo "Baixando Google Chrome" curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb | tee google-chrome-stable_current_amd64.deb >/dev/null sudo dpkg -i ./google-chrome*.deb; sudo rm google-chrome*.deb # MICROSOFT EDGE echo ""; echo "Baixando Microsoft Edge" curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 https://packages.microsoft.com/repos/edge/pool/main/m/microsoft-edge-stable/microsoft-edge-stable_135.0.3179.54-1_amd64.deb | tee microsoft-edge-stable_135.0.3179.54-1_amd64.deb >/dev/null sudo dpkg -i microsoft-edge-stable_135.0.3179.54-1_amd64.deb; sudo rm microsoft-edge*.deb # COREFONTS echo ""; echo "Baixando CoreFonts" curl -sSL --connect-timeout 5 --max-time 0 --retry 3 --retry-delay 2 https://cs.linuxuniverse.com.br/public.php/dav/files/JTZj9ZKRHCSJSJE/?accept=zip | tee mscorefonts.zip >/dev/null sudo mkdir -p /usr/share/fonts/All; sudo unzip mscorefonts.zip -d /usr/share/fonts/All rm mscorefonts.zip; fc-cache --force # AJUSTING SOURCES sudo apt modernize-sources -y echo "Architectures: amd64" | sudo tee -a /etc/apt/sources.list.d/google-chrome.sources >/dev/null echo "Architectures: amd64" | sudo tee -a /etc/apt/sources.list.d/microsoft-edge.sources >/dev/null sudo touch /etc/install/web-doc0 fi fi } function fixproblems0 { # Correções para arquitetura ARM if [ "$HOSTTYPE" = "aarch64" ]; then :; fi # Correções para Servidor if [ "$is_server" = "1" ]; then sudo mkdir -p /etc/xdg/openbox; sudo sed -i 's|x-www-browser|flatpak run org.mozilla.firefox|g' /etc/xdg/openbox/menu.xml else # Correções para Desktop # FIX UBUNTU 25.10: Prevent X11FontManager error in Minecraft Launcher java! sudo apt purge fonts-symbola ttf-ancient-fonts -y sudo apt autoremove fi } function the_end0 { echo ""; echo "Instalação concluida!" sudo touch /etc/install/theend0 echo "Reiniciando sistema em 3 segundos"; sleep 3 sudo reboot } # ======================================================================================================================================================== # root_check0 welcome0 update0 bashconf0 mkswap0 timezone0 sysctl0 fstab0 dwservice0 journal0 flatpak0 if [ "$is_server" = "1" ]; then motd0 yamls0 crontabs0 netplan0 netplan_check pfsense0 else token0 web-doc0 fi fixproblems0 the_end0 exit 0