External/du_setup
1
0
Fork 0
mirror of https://github.com/buildplan/du_setup.git synced 2025-12-29 16:14:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #18 from buildplan/main

Browse Source 
sync with main
This commit is contained in:
buildplan
2025-06-29 22:50:05 +01:00
committed by GitHub
parent 4208e764a8 8d73fa0917
commit fa4266511b
3 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@@ -1,6 +1,6 @@
# Debian & Ubuntu Server Setup & Hardening Script # Debian & Ubuntu Server Setup & Hardening Script
**Version:** 4.2 **Version:** 4.3
**Last Updated:** 2025-06-29 **Last Updated:** 2025-06-29
@@ -45,20 +45,31 @@ This script automates the initial setup and security hardening of a fresh Debian
### 1. Download the Script ### 1. Download the Script
```bash ```
wget https://raw.githubusercontent.com/buildplan/setup_harden_server/refs/heads/main/setup_harden_debian_ubuntu.sh wget https://raw.githubusercontent.com/buildplan/setup_harden_server/refs/heads/main/setup_harden_debian_ubuntu.sh
chmod +x setup_harden_debian_ubuntu.sh chmod +x setup_harden_debian_ubuntu.sh
``` ```
#### Verify Script Integrity (Optional but Recommended)
After downloading the script, verify its integrity:
```
wget https://raw.githubusercontent.com/buildplan/setup_harden_server/main/setup_harden_debian_ubuntu.sh
wget https://raw.githubusercontent.com/buildplan/setup_harden_server/main/setup_harden_debian_ubuntu.sh.sha256
sha256sum -c setup_harden_debian_ubuntu.sh.sha256
```
### 2. Run Interactively (Recommended) ### 2. Run Interactively (Recommended)
```bash ```
sudo ./setup_harden_debian_ubuntu.sh sudo ./setup_harden_debian_ubuntu.sh
``` ```
### 3. Run in Quiet Mode (for Automation) ### 3. Run in Quiet Mode (for Automation)
```bash ```
sudo ./setup_harden_debian_ubuntu.sh --quiet sudo ./setup_harden_debian_ubuntu.sh --quiet
``` ```
@@ -66,6 +77,7 @@ sudo ./setup_harden_debian_ubuntu.sh --quiet
> >
> Ensure your VPS providers firewall allows the custom SSH port, backup servers SSH port (e.g., 23 for Hetzner Storage Box), and Tailscale traffic (UDP 41641 for direct connections). > Ensure your VPS providers firewall allows the custom SSH port, backup servers SSH port (e.g., 23 for Hetzner Storage Box), and Tailscale traffic (UDP 41641 for direct connections).
## What It Does ## What It Does
| Task | Description | | Task | Description |

5
setup_harden_debian_ubuntu.sh
View File

@@ -1,8 +1,9 @@
#!/bin/bash #!/bin/bash
# Debian 12 and Ubuntu Server Hardening Interactive Script # Debian 12 and Ubuntu Server Hardening Interactive Script
# Version: 4.2 | 2025-06-29 # Version: 4.3 | 2025-06-29
# Changelog: # Changelog:
# - v4.3: Add SHA256 integrity verification
# - v4.2: Added Security Audit Tools (Integrating Lynis and Optionally Debsecan) & option to do Backup Testing # - v4.2: Added Security Audit Tools (Integrating Lynis and Optionally Debsecan) & option to do Backup Testing
# Fixed debsecan compatibility (Debian-only), added global BACKUP_LOG, added backup testing # Fixed debsecan compatibility (Debian-only), added global BACKUP_LOG, added backup testing
# - v4.1: Added tailscale config to connect to tailscale or headscale server # - v4.1: Added tailscale config to connect to tailscale or headscale server
@@ -87,7 +88,7 @@ print_header() {
echo -e "${CYAN}╔═════════════════════════════════════════════════════════════════╗${NC}" echo -e "${CYAN}╔═════════════════════════════════════════════════════════════════╗${NC}"
echo -e "${CYAN}║ ║${NC}" echo -e "${CYAN}║ ║${NC}"
echo -e "${CYAN}║ DEBIAN/UBUNTU SERVER SETUP AND HARDENING SCRIPT ║${NC}" echo -e "${CYAN}║ DEBIAN/UBUNTU SERVER SETUP AND HARDENING SCRIPT ║${NC}"
echo -e "${CYAN}║ v4.2 | 2025-06-29 ║${NC}" echo -e "${CYAN}║ v4.3 | 2025-06-29 ║${NC}"
echo -e "${CYAN}║ ║${NC}" echo -e "${CYAN}║ ║${NC}"
echo -e "${CYAN}╚═════════════════════════════════════════════════════════════════╝${NC}" echo -e "${CYAN}╚═════════════════════════════════════════════════════════════════╝${NC}"
echo echo

1
setup_harden_debian_ubuntu.sh.sha256 Normal file
View File

@@ -0,0 +1 @@
f92a4a494689d7c9d6bc42a87ce6a325f1d40099cf1b8f3cb29c8eea9e3f6ce2 setup_harden_debian_ubuntu.sh