External/du_setup
1
0
Fork 0
mirror of https://github.com/buildplan/du_setup.git synced 2025-12-17 09:45:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #48 from buildplan/deb_13

Browse Source 
Debian 13 tested and confirmed compatibility.
This commit is contained in:
buildplan 2025-08-15 14:47:03 +01:00 committed by GitHub
commit 8e0585ea46
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 22 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
README.md
View File

@ -1,19 +1,20 @@
# Debian & Ubuntu Server Setup & Hardening Script # Debian & Ubuntu Server Setup & Hardening Script
[![Debian Compatibility](https://img.shields.io/badge/CompatibilityDebian%2012%7C13-%23A81D33?style=flat&labelColor=555&logo=debian&logoColor=white)](https://www.debian.org/releases/)
[![Ubuntu Compatibility](https://img.shields.io/badge/CompatibilityUbuntu%2022.04%7C24.04-%23E95420?style=flat&labelColor=555&logo=ubuntu&logoColor=white)](https://ubuntu.com/download/server)
[![Shell Script Linter](https://github.com/buildplan/du_setup/actions/workflows/lint.yml/badge.svg)](https://github.com/buildplan/du_setup/actions/workflows/lint.yml) [![Shell Script Linter](https://github.com/buildplan/du_setup/actions/workflows/lint.yml/badge.svg)](https://github.com/buildplan/du_setup/actions/workflows/lint.yml)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
[![Compatibility](https://img.shields.io/badge/Compatibility-Debian%2012%20%7C%20Ubuntu%2022.04%20%2F%2024.04-orange)](https://www.debian.org/)
[![Shell](https://img.shields.io/badge/Shell-Bash%204.4%2B-green)](https://www.gnu.org/software/bash/) [![Shell](https://img.shields.io/badge/Shell-Bash%204.4%2B-green)](https://www.gnu.org/software/bash/)
[![Type](https://img.shields.io/badge/Type-Setup%20%26%20Hardening-blue)](https://github.com/buildplan/du_setup) [![Type](https://img.shields.io/badge/Type-Setup%20%26%20Hardening-blue)](https://github.com/buildplan/du_setup)
**Version:** v0.63 **Version:** v0.64
**Last Updated:** 2025-08-10 **Last Updated:** 2025-08-15
**Compatible With:** **Compatible With:**
* Debian 12 * Debian 12, 13
* Ubuntu 22.04, 24.04 (24.10 & 25.04 experimental) * Ubuntu 20.04, 22.04, 24.04 (24.10 & 25.04 experimental)
## Overview ## Overview
@ -82,12 +83,12 @@ sha256sum du_setup.sh
Compare the output hash to the one below. They must match exactly. Compare the output hash to the one below. They must match exactly.
`200bec06b7eb818616fc8073e4aa479c2dd3aa8c262a2e273173d31cda0286a3` `39dfc5716377b3468ecacd9f7a557fedca0397720c3652e5b14d8788241df789`
Or echo the hash to check, it should output: `du_setup.sh: OK` Or echo the hash to check, it should output: `du_setup.sh: OK`
``` ```
echo 200bec06b7eb818616fc8073e4aa479c2dd3aa8c262a2e273173d31cda0286a3 du_setup.sh | sha256sum --check - echo 39dfc5716377b3468ecacd9f7a557fedca0397720c3652e5b14d8788241df789 du_setup.sh | sha256sum --check -
``` ```
### 3\. Run the Script ### 3\. Run the Script
@ -177,7 +178,7 @@ After rebooting, verify the setup:
## Tested On ## Tested On
* Debian 12 * Debian 12, 13
* Ubuntu 22.04, 24.04 - 24.10 & 25.04 (experimental) * Ubuntu 22.04, 24.04 - 24.10 & 25.04 (experimental)
* Cloud providers: DigitalOcean, Oracle Cloud, OVH Cloud, Hetzner, Netcup * Cloud providers: DigitalOcean, Oracle Cloud, OVH Cloud, Hetzner, Netcup
* Backup destinations: Hetzner Storage Box (SSH, port 23), custom SSH servers * Backup destinations: Hetzner Storage Box (SSH, port 23), custom SSH servers

18
du_setup.sh
View File

@ -1,8 +1,9 @@
#!/bin/bash #!/bin/bash
# Debian 12 and Ubuntu Server Hardening Interactive Script # Debian and Ubuntu Server Hardening Interactive Script
# Version: 0.63 | 2025-08-10 # Version: 0.64 | 2025-08-15
# Changelog: # Changelog:
# - v0.64: Tested at Debian 13 to confirm it works as expected
# - v0.63: Added ssh install in key packages # - v0.63: Added ssh install in key packages
# - v0.62: Added fix for fail2ban by creating empty ufw log file # - v0.62: Added fix for fail2ban by creating empty ufw log file
# - v0.61: Display Lynis suggestions in summary, hide tailscale auth key, cleanup temp files # - v0.61: Display Lynis suggestions in summary, hide tailscale auth key, cleanup temp files
@ -63,7 +64,7 @@
set -euo pipefail # Exit on error, undefined vars, pipe failures set -euo pipefail # Exit on error, undefined vars, pipe failures
# --- Update Configuration --- # --- Update Configuration ---
CURRENT_VERSION="0.63" CURRENT_VERSION="0.64"
SCRIPT_URL="https://raw.githubusercontent.com/buildplan/du_setup/refs/heads/main/du_setup.sh" SCRIPT_URL="https://raw.githubusercontent.com/buildplan/du_setup/refs/heads/main/du_setup.sh"
CHECKSUM_URL="${SCRIPT_URL}.sha256" CHECKSUM_URL="${SCRIPT_URL}.sha256"
@ -124,7 +125,7 @@ print_header() {
echo -e "${CYAN}╔═════════════════════════════════════════════════════════════════╗${NC}" echo -e "${CYAN}╔═════════════════════════════════════════════════════════════════╗${NC}"
echo -e "${CYAN}║ ║${NC}" echo -e "${CYAN}║ ║${NC}"
echo -e "${CYAN}║ DEBIAN/UBUNTU SERVER SETUP AND HARDENING SCRIPT ║${NC}" echo -e "${CYAN}║ DEBIAN/UBUNTU SERVER SETUP AND HARDENING SCRIPT ║${NC}"
echo -e "${CYAN}║ v0.62 | 2025-08-06${NC}" echo -e "${CYAN}║ v0.64 | 2025-08-15${NC}"
echo -e "${CYAN}║ ║${NC}" echo -e "${CYAN}║ ║${NC}"
echo -e "${CYAN}╚═════════════════════════════════════════════════════════════════╝${NC}" echo -e "${CYAN}╚═════════════════════════════════════════════════════════════════╝${NC}"
echo echo
@ -362,11 +363,11 @@ check_system() {
if [[ -f /etc/os-release ]]; then if [[ -f /etc/os-release ]]; then
source /etc/os-release source /etc/os-release
ID=$ID # Populate global ID variable ID=$ID # Populate global ID variable
if [[ $ID == "debian" && $VERSION_ID == "12" ]] || \ if [[ $ID == "debian" && $VERSION_ID =~ ^(12|13)$ ]] || \
[[ $ID == "ubuntu" && $VERSION_ID =~ ^(20.04|22.04|24.04)$ ]]; then [[ $ID == "ubuntu" && $VERSION_ID =~ ^(20.04|22.04|24.04)$ ]]; then
print_success "Compatible OS detected: $PRETTY_NAME" print_success "Compatible OS detected: $PRETTY_NAME"
else else
print_warning "Script not tested on $PRETTY_NAME. This is for Debian 12 or Ubuntu 20.04/22.04/24.04 LTS." print_warning "Script not tested on $PRETTY_NAME. This is for Debian 12/13 or Ubuntu 20.04/22.04/24.04 LTS."
if ! confirm "Continue anyway?"; then exit 1; fi if ! confirm "Continue anyway?"; then exit 1; fi
fi fi
else else
@ -660,6 +661,11 @@ setup_user() {
configure_system() { configure_system() {
print_section "System Configuration" print_section "System Configuration"
# Warn about /tmp being a RAM-backed filesystem on Debian 13+
print_info "Note: Debian 13 uses tmpfs for /tmp by default (stored in RAM)"
print_info "Large temporary files may consume system memory"
mkdir -p "$BACKUP_DIR" && chmod 700 "$BACKUP_DIR" mkdir -p "$BACKUP_DIR" && chmod 700 "$BACKUP_DIR"
cp /etc/hosts "$BACKUP_DIR/hosts.backup" cp /etc/hosts "$BACKUP_DIR/hosts.backup"
cp /etc/fstab "$BACKUP_DIR/fstab.backup" cp /etc/fstab "$BACKUP_DIR/fstab.backup"

2
du_setup.sh.sha256
View File

@ -1 +1 @@
200bec06b7eb818616fc8073e4aa479c2dd3aa8c262a2e273173d31cda0286a3 du_setup.sh 39dfc5716377b3468ecacd9f7a557fedca0397720c3652e5b14d8788241df789 du_setup.sh