diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b4d423b --- /dev/null +++ b/.gitignore @@ -0,0 +1,24 @@ +*.log +*.tmp +*.bak +*.swp + +.DS_Store +.AppleDouble +.LSOverride + +*~ + +Thumbs.db +ehthumbs.db +Desktop.ini + +.vscode/ +.idea/ +*.sublime-project +*.sublime-workspace + +.env +secrets.env + +*.backup diff --git a/README.md b/README.md index 1e25b2a..0473c42 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Debian & Ubuntu Server Setup & Hardening Script -**Version:** v0.50 +**Version:** v0.51 **Last Updated:** 2025-06-30 @@ -46,7 +46,7 @@ This script automates the initial setup and security hardening of a fresh Debian ### 1\. Download & Prepare Script ``` -wget https://raw.githubusercontent.com/buildplan/setup_harden_server/main/du_setup.sh +wget https://raw.githubusercontent.com/buildplan/du_setup/refs/heads/main/du_setup.sh chmod +x du_setup.sh ``` @@ -60,7 +60,7 @@ This command downloads the official checksum file and automatically compares it ``` # Download the official checksum file -wget https://raw.githubusercontent.com/buildplan/setup_harden_server/main/du_setup.sh.sha256 +wget https://raw.githubusercontent.com/buildplan/du_setup/refs/heads/main/du_setup.sh.sha256 # Run the check (it should output: du_setup.sh: OK) sha256sum -c du_setup.sh.sha256 @@ -75,7 +75,7 @@ sha256sum du_setup.sh Compare the output hash to the one below. They must match exactly. -`86d08c58198c1b754329484f6bba79326d847649467851dfa89da250b3e6fd6b` +`91e0cd8daf4550c0c51733ad06dda7b6034a6084ee897371736c8414d0b5f02c` ### 3\. Run the Script diff --git a/du_setup.sh b/du_setup.sh index 12a6a67..33274e7 100644 --- a/du_setup.sh +++ b/du_setup.sh @@ -1,8 +1,9 @@ #!/bin/bash # Debian 12 and Ubuntu Server Hardening Interactive Script -# Version: 0.50 | 2025-06-30 +# Version: 0.51 | 2025-06-30 # Changelog: +# - v0.51: corrected repo links # - v0.50: versioning format change and repo name change # - v4.3: Add SHA256 integrity verification # - v4.2: Added Security Audit Tools (Integrating Lynis and Optionally Debsecan) & option to do Backup Testing @@ -16,14 +17,14 @@ # configurations, user management, SSH hardening, firewall setup, and optional features # like Docker and Tailscale and automated backups to Hetzner storage box or any rsync location. # It is designed to be idempotent, safe. -# README at GitHub: https://github.com/buildplan/setup_harden_server +# README at GitHub: https://github.com/buildplan/du_setup/blob/main/README.md # # Prerequisites: # - Run as root on a fresh Debian 12 or Ubuntu server (e.g., sudo ./du_setup.sh or run as root ./du_setup.sh). # - Internet connectivity is required for package installation. # # Usage: -# Download: wget https://raw.githubusercontent.com/buildplan/setup_harden_server/refs/heads/main/du_setup.sh +# Download: wget https://raw.githubusercontent.com/buildplan/du_setup/refs/heads/main/du_setup.sh # Make it executable: chmod +x du_setup.sh # Run it: sudo ./du_setup.sh [--quiet] # @@ -89,7 +90,7 @@ print_header() { echo -e "${CYAN}╔═════════════════════════════════════════════════════════════════╗${NC}" echo -e "${CYAN}║ ║${NC}" echo -e "${CYAN}║ DEBIAN/UBUNTU SERVER SETUP AND HARDENING SCRIPT ║${NC}" - echo -e "${CYAN}║ v0.50 | 2025-06-30 ║${NC}" + echo -e "${CYAN}║ v0.51 | 2025-06-30 ║${NC}" echo -e "${CYAN}║ ║${NC}" echo -e "${CYAN}╚═════════════════════════════════════════════════════════════════╝${NC}" echo diff --git a/du_setup.sh.sha256 b/du_setup.sh.sha256 index fec7868..01f327a 100644 --- a/du_setup.sh.sha256 +++ b/du_setup.sh.sha256 @@ -1 +1 @@ -86d08c58198c1b754329484f6bba79326d847649467851dfa89da250b3e6fd6b du_setup.sh +91e0cd8daf4550c0c51733ad06dda7b6034a6084ee897371736c8414d0b5f02c du_setup.sh