Merge pull request #50 from buildplan/ip_address

Display both IPv6 and IPv4, while configuring and in the summary

README.md

@@ -7,9 +7,9 @@
 [![Shell](https://img.shields.io/badge/Shell-Bash%204.4%2B-green)](https://www.gnu.org/software/bash/)
 [![Type](https://img.shields.io/badge/Type-Setup%20%26%20Hardening-blue)](https://github.com/buildplan/du_setup)
 
-**Version:** v0.65
+**Version:** v0.66
 
-**Last Updated:** 2025-08-19
+**Last Updated:** 2025-08-26
 
 **Compatible With:**
 
@@ -83,12 +83,12 @@ sha256sum du_setup.sh
 
 Compare the output hash to the one below. They must match exactly.
 
-`5b6b07eaa69643d2928d9bdcb847d74ac8d4a31d80be64b5b43efc33f10a9567`
+`552a23eb55417266e1b8c048f80b81323630c9dadbacdbf0fb1e3781cb5978b1`
 
 Or echo the hash to check, it should output: `du_setup.sh: OK`
 
 ```
-echo 5b6b07eaa69643d2928d9bdcb847d74ac8d4a31d80be64b5b43efc33f10a9567 du_setup.sh | sha256sum --check -
+echo 552a23eb55417266e1b8c048f80b81323630c9dadbacdbf0fb1e3781cb5978b1 du_setup.sh | sha256sum --check -
 ```
 
 ### 3\. Run the Script

du_setup.sh

@@ -1,8 +1,9 @@
 #!/bin/bash
 
 # Debian and Ubuntu Server Hardening Interactive Script
-# Version: 0.65 | 2025-08-19
+# Version: 0.66 | 2025-08-26
 # Changelog:
+# - v0.66: While configuring and in the summary, display both IPv6 and IPv4.
 # - v0.65: If reconfigure locales - appy newly configured locale to the current environment.
 # - v0.64: Tested at Debian 13 to confirm it works as expected
 # - v0.63: Added ssh install in key packages
@@ -65,7 +66,7 @@
 set -euo pipefail  # Exit on error, undefined vars, pipe failures
 
 # --- Update Configuration ---
-CURRENT_VERSION="0.65"
+CURRENT_VERSION="0.66"
 SCRIPT_URL="https://raw.githubusercontent.com/buildplan/du_setup/refs/heads/main/du_setup.sh"
 CHECKSUM_URL="${SCRIPT_URL}.sha256"
 
@@ -126,7 +127,7 @@ print_header() {
     echo -e "${CYAN}╔═════════════════════════════════════════════════════════════════╗${NC}"
     echo -e "${CYAN}║                                                                 ║${NC}"
     echo -e "${CYAN}║       DEBIAN/UBUNTU SERVER SETUP AND HARDENING SCRIPT           ║${NC}"
-    echo -e "${CYAN}║                      v0.65 | 2025-08-19                         ║${NC}"
+    echo -e "${CYAN}║                      v0.66 | 2025-08-26                         ║${NC}"
     echo -e "${CYAN}║                                                                 ║${NC}"
     echo -e "${CYAN}╚═════════════════════════════════════════════════════════════════╝${NC}"
     echo
@@ -446,15 +447,26 @@ collect_config() {
         SSH_PORT=${SSH_PORT:-2222}
         if validate_port "$SSH_PORT"; then break; else print_error "Invalid port number."; fi
     done
-    SERVER_IP=$(curl -s https://ifconfig.me 2>/dev/null || echo "unknown")
+    SERVER_IP_V4=$(curl -4 -s https://ifconfig.me 2>/dev/null || echo "unknown")
-    print_info "Detected server IP: $SERVER_IP"
+    SERVER_IP_V6=$(curl -6 -s https://ifconfig.me 2>/dev/null || echo "not available")
+    if [[ "$SERVER_IP_V4" != "unknown" ]]; then
+        print_info "Detected server IPv4: $SERVER_IP_V4"
+    fi
+    if [[ "$SERVER_IP_V6" != "not available" ]]; then
+        print_info "Detected server IPv6: $SERVER_IP_V6"
+    fi
     echo -e "\n${YELLOW}Configuration Summary:${NC}"
-    echo -e "  Username:   $USERNAME"
+    printf "  %-15s %s\n" "Username:" "$USERNAME"
-    echo -e "  Hostname:   $SERVER_NAME"
+    printf "  %-15s %s\n" "Hostname:" "$SERVER_NAME"
-    echo -e "  SSH Port:   $SSH_PORT"
+    printf "  %-15s %s\n" "SSH Port:" "$SSH_PORT"
-    echo -e "  Server IP:  $SERVER_IP"
+    if [[ "$SERVER_IP_V4" != "unknown" ]]; then
+        printf "  %-15s %s\n" "Server IPv4:" "$SERVER_IP_V4"
+    fi
+    if [[ "$SERVER_IP_V6" != "not available" ]]; then
+        printf "  %-15s %s\n" "Server IPv6:" "$SERVER_IP_V6"
+    fi
     if ! confirm "\nContinue with this configuration?" "y"; then print_info "Exiting."; exit 0; fi
-    log "Configuration collected: USER=$USERNAME, HOST=$SERVER_NAME, PORT=$SSH_PORT"
+    log "Configuration collected: USER=$USERNAME, HOST=$SERVER_NAME, PORT=$SSH_PORT, IPV4=$SERVER_IP_V4, IPV6=$SERVER_IP_V6"
 }
 
 install_packages() {
@@ -621,7 +633,12 @@ setup_user() {
             echo -e "${CYAN}3. On your local machine, set permissions for the private key:${NC}"
             echo -e "${CYAN}   chmod 600 ~/.ssh/${USERNAME}_key${NC}"
             echo -e "${CYAN}4. Connect to the server using:${NC}"
-            echo -e "${CYAN}   ssh -i ~/.ssh/${USERNAME}_key -p $SSH_PORT $USERNAME@$SERVER_IP${NC}"
+            if [[ "$SERVER_IP_V4" != "unknown" ]]; then
+                echo -e "${CYAN}   ssh -i ~/.ssh/${USERNAME}_key -p $SSH_PORT $USERNAME@$SERVER_IP_V4${NC}"
+            fi
+            if [[ "$SERVER_IP_V6" != "not available" ]]; then
+                echo -e "${CYAN}   ssh -i ~/.ssh/${USERNAME}_key -p $SSH_PORT $USERNAME@$SERVER_IP_V6${NC}"
+            fi
             echo
             echo -e "${PURPLE}ℹ The private key file ($TEMP_KEY_FILE) will be deleted after this step.${NC}"
             read -rp "$(echo -e "${CYAN}Press Enter after you have saved the keys securely...${NC}")"
@@ -778,7 +795,14 @@ configure_ssh() {
     fi
 
     print_warning "SSH Key Authentication Required for Next Steps!"
-    echo -e "${CYAN}Test SSH access from a SEPARATE terminal now: ssh -p $CURRENT_SSH_PORT $USERNAME@$SERVER_IP${NC}"
+    echo -e "${CYAN}Test SSH access from a SEPARATE terminal now:${NC}"
+    if [[ "$SERVER_IP_V4" != "unknown" ]]; then
+        echo -e "${CYAN}  Using IPv4: ssh -p $CURRENT_SSH_PORT $USERNAME@$SERVER_IP_V4${NC}"
+    fi
+    if [[ "$SERVER_IP_V6" != "not available" ]]; then
+        echo -e "${CYAN}  Using IPv6: ssh -p $CURRENT_SSH_PORT $USERNAME@$SERVER_IP_V6${NC}"
+    fi
+
     if ! confirm "Can you successfully log in using your SSH key?"; then
         print_error "SSH key authentication is mandatory to proceed."
         return 1
@@ -841,7 +865,12 @@ EOF
     fi
 
     print_warning "CRITICAL: Test new SSH connection in a SEPARATE terminal NOW!"
-    print_info "Use: ssh -p $SSH_PORT $USERNAME@$SERVER_IP"
+    if [[ "$SERVER_IP_V4" != "unknown" ]]; then
+        print_info "Use IPv4: ssh -p $SSH_PORT $USERNAME@$SERVER_IP_V4"
+    fi
+    if [[ "$SERVER_IP_V6" != "not available" ]]; then
+        print_info "Use IPv6: ssh -p $SSH_PORT $USERNAME@$SERVER_IP_V6"
+    fi
 
     # Retry loop for SSH connection test
     local retry_count=0
@@ -2320,10 +2349,15 @@ generate_summary() {
 
     # --- Main Configuration Summary ---
     echo -e "${YELLOW}Configuration Summary:${NC}"
-    printf "  %-20s%s\n" "Admin User:" "$USERNAME"
+    printf "  %-15s %s\n" "Admin User:" "$USERNAME"
-    printf "  %-20s%s\n" "Hostname:" "$SERVER_NAME"
+    printf "  %-15s %s\n" "Hostname:" "$SERVER_NAME"
-    printf "  %-20s%s\n" "SSH Port:" "$SSH_PORT"
+    printf "  %-15s %s\n" "SSH Port:" "$SSH_PORT"
-    printf "  %-20s%s\n" "Server IP:" "$SERVER_IP"
+    if [[ "$SERVER_IP_V4" != "unknown" ]]; then
+        printf "  %-15s %s\n" "Server IPv4:" "$SERVER_IP_V4"
+    fi
+    if [[ "$SERVER_IP_V6" != "not available" ]]; then
+        printf "  %-15s %s\n" "Server IPv6:" "$SERVER_IP_V6"
+    fi
 
     # --- Kernel Hardening Status ---
     if [[ -f /etc/sysctl.d/99-du-hardening.conf ]]; then
@@ -2399,20 +2433,26 @@ generate_summary() {
     fi
     echo
 
-    # --- Post-Reboot Verification ---
+    # --- Post-Reboot Verification Steps ---
     echo -e "${YELLOW}Post-Reboot Verification Steps:${NC}"
-    printf "  %-25s ${CYAN}%s${NC}\n" "- SSH access:" "ssh -p $SSH_PORT $USERNAME@$SERVER_IP"
+    echo -e "  - SSH access:"
-    printf "  %-25s ${CYAN}%s${NC}\n" "- Firewall rules:" "sudo ufw status verbose"
+    if [[ "$SERVER_IP_V4" != "unknown" ]]; then
-    printf "  %-25s ${CYAN}%s${NC}\n" "- Time sync:" "chronyc tracking"
+        printf "    %-26s ${CYAN}%s${NC}\n" "- Using IPv4:" "ssh -p $SSH_PORT $USERNAME@$SERVER_IP_V4"
-    printf "  %-25s ${CYAN}%s${NC}\n" "- Fail2Ban sshd jail:" "sudo fail2ban-client status sshd"
+    fi
-    printf "  %-25s ${CYAN}%s${NC}\n" "- Fail2Ban ufw jail:" "sudo fail2ban-client status ufw-probes"
+    if [[ "$SERVER_IP_V6" != "not available" ]]; then
-    printf "  %-25s ${CYAN}%s${NC}\n" "- Swap status:" "sudo swapon --show && free -h"
+        printf "    %-26s ${CYAN}%s${NC}\n" "- Using IPv6:" "ssh -p $SSH_PORT $USERNAME@$SERVER_IP_V6"
-    printf "  %-25s ${CYAN}%s${NC}\n" "- Kernel settings:" "sudo sysctl fs.protected_hardlinks kernel.yama.ptrace_scope"
+    fi
+    printf "  %-28s ${CYAN}%s${NC}\n" "- Firewall rules:" "sudo ufw status verbose"
+    printf "  %-28s ${CYAN}%s${NC}\n" "- Time sync:" "chronyc tracking"
+    printf "  %-28s ${CYAN}%s${NC}\n" "- Fail2Ban sshd jail:" "sudo fail2ban-client status sshd"
+    printf "  %-28s ${CYAN}%s${NC}\n" "- Fail2Ban ufw jail:" "sudo fail2ban-client status ufw-probes"
+    printf "  %-28s ${CYAN}%s${NC}\n" "- Swap status:" "sudo swapon --show && free -h"
+    printf "  %-28s ${CYAN}%s${NC}\n" "- Kernel settings:" "sudo sysctl fs.protected_hardlinks kernel.yama.ptrace_scope"
     if command -v docker >/dev/null 2>&1; then
-        printf "  %-25s ${CYAN}%s${NC}\n" "- Docker status:" "docker ps"
+        printf "  %-28s ${CYAN}%s${NC}\n" "- Docker status:" "docker ps"
     fi
     if command -v tailscale >/dev/null 2>&1; then
-        printf "  %-25s ${CYAN}%s${NC}\n" "- Tailscale status:" "tailscale status"
+        printf "  %-28s ${CYAN}%s${NC}\n" "- Tailscale status:" "tailscale status"
     fi
     if [[ -f /root/run_backup.sh ]]; then
         echo -e "  Remote Backup:"

du_setup.sh.sha256

@@ -1 +1 @@
-5b6b07eaa69643d2928d9bdcb847d74ac8d4a31d80be64b5b43efc33f10a9567  du_setup.sh
+552a23eb55417266e1b8c048f80b81323630c9dadbacdbf0fb1e3781cb5978b1  du_setup.sh