mirror of
https://github.com/buildplan/du_setup.git
synced 2025-12-29 16:14:59 +00:00
buildplan
36
du_setup.sh
36
du_setup.sh
@@ -3467,10 +3467,13 @@ main() {
|
|||||||
touch "$LOG_FILE" && chmod 600 "$LOG_FILE"
|
touch "$LOG_FILE" && chmod 600 "$LOG_FILE"
|
||||||
log "Starting Debian/Ubuntu hardening script."
|
log "Starting Debian/Ubuntu hardening script."
|
||||||
|
|
||||||
# Existing system checks
|
# --- PRELIMINARY CHECKS ---
|
||||||
|
print_header
|
||||||
check_system
|
check_system
|
||||||
|
run_update_check
|
||||||
|
check_dependencies
|
||||||
|
|
||||||
# Handle --cleanup-only flag
|
# --- HANDLE SPECIAL OPERATIONAL MODES ---
|
||||||
if [[ "$CLEANUP_ONLY" == "true" ]]; then
|
if [[ "$CLEANUP_ONLY" == "true" ]]; then
|
||||||
print_info "Running in cleanup-only mode..."
|
print_info "Running in cleanup-only mode..."
|
||||||
detect_environment
|
detect_environment
|
||||||
@@ -3479,7 +3482,6 @@ main() {
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Handle --cleanup-preview flag
|
|
||||||
if [[ "$CLEANUP_PREVIEW" == "true" ]]; then
|
if [[ "$CLEANUP_PREVIEW" == "true" ]]; then
|
||||||
print_info "Running cleanup preview mode..."
|
print_info "Running cleanup preview mode..."
|
||||||
detect_environment
|
detect_environment
|
||||||
@@ -3488,27 +3490,17 @@ main() {
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Normal flow - detect environment first
|
# --- NORMAL EXECUTION FLOW ---
|
||||||
|
# Detect environment used for the summary report at the end.
|
||||||
detect_environment
|
detect_environment
|
||||||
|
# --- CORE SETUP AND HARDENING ---
|
||||||
# Run cleanup unless --skip-cleanup is set
|
|
||||||
if [[ "$SKIP_CLEANUP" == "false" ]]; then
|
|
||||||
cleanup_provider_packages
|
|
||||||
else
|
|
||||||
print_info "Skipping provider cleanup (--skip-cleanup flag set)."
|
|
||||||
log "Provider cleanup skipped via --skip-cleanup flag."
|
|
||||||
fi
|
|
||||||
|
|
||||||
run_update_check
|
|
||||||
print_header
|
|
||||||
check_dependencies
|
|
||||||
collect_config
|
collect_config
|
||||||
install_packages
|
install_packages
|
||||||
setup_user
|
setup_user
|
||||||
configure_system
|
configure_system
|
||||||
configure_ssh
|
|
||||||
configure_firewall
|
configure_firewall
|
||||||
configure_fail2ban
|
configure_fail2ban
|
||||||
|
configure_ssh
|
||||||
configure_auto_updates
|
configure_auto_updates
|
||||||
configure_time_sync
|
configure_time_sync
|
||||||
configure_kernel_hardening
|
configure_kernel_hardening
|
||||||
@@ -3517,6 +3509,16 @@ main() {
|
|||||||
setup_backup
|
setup_backup
|
||||||
configure_swap
|
configure_swap
|
||||||
configure_security_audit
|
configure_security_audit
|
||||||
|
|
||||||
|
# --- PROVIDER PACKAGE CLEANUP ---
|
||||||
|
if [[ "$SKIP_CLEANUP" == "false" ]]; then
|
||||||
|
cleanup_provider_packages
|
||||||
|
else
|
||||||
|
print_info "Skipping provider cleanup (--skip-cleanup flag set)."
|
||||||
|
log "Provider cleanup skipped via --skip-cleanup flag."
|
||||||
|
fi
|
||||||
|
|
||||||
|
# --- FINAL STEPS ---
|
||||||
final_cleanup
|
final_cleanup
|
||||||
generate_summary
|
generate_summary
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user