From 88fa2068c9c045140faf6e874fa0b8b5c5d126c0 Mon Sep 17 00:00:00 2001 From: Coby Powers Date: Wed, 10 Aug 2022 17:24:06 -0500 Subject: [PATCH] Add per-user zsh script loading --- README.md | 10 ++ sh/.zshrc | 17 +-- sh/{custom => custom_scripts}/aliases.sh | 0 sh/{custom => custom_scripts}/os.sh | 0 sh/{custom => custom_scripts}/vars.sh | 1 - sh/load.sh | 19 ++- sshd/sshd_config | 146 +++++++++++++++++++++++ 7 files changed, 181 insertions(+), 12 deletions(-) rename sh/{custom => custom_scripts}/aliases.sh (100%) rename sh/{custom => custom_scripts}/os.sh (100%) rename sh/{custom => custom_scripts}/vars.sh (80%) create mode 100644 sshd/sshd_config diff --git a/README.md b/README.md index 3fa778c..f3c38c0 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,13 @@ # Linux Toolkit A collection of useful files and scripts that make my life a whole lot easier with Linux. + +## Installation + +To install, complete the following steps: +1. Execute `git clone https://git.cobypowers.com/cobyp/linux-toolkit /etc/toolkit` as **root** to install the toolkit and all necessary components. +2. Navigate to the scripts directory and execute setup.sh and then update.sh + +## Persistence + +To allow the toolkit to update automatically, install the following cronjob as **root**: `0 * * * * cd /etc/toolkit/scripts && /usr/bin/bash ./update.sh >> /dev/null 2>&1` diff --git a/sh/.zshrc b/sh/.zshrc index 53c04d9..346cd62 100644 --- a/sh/.zshrc +++ b/sh/.zshrc @@ -1,11 +1,9 @@ source /etc/toolkit/sh/load.sh ZSH=$TOOLKIT/sh/ohmyzsh -ZSH_CUSTOM=$ZSH/custom ZSH_THEME="bira" - -zstyle ':omz:update' mode auto # update automatically without asking -zstyle ':omz:update' frequency 14 +ZSH_CUSTOM_USER_SCRIPTS=$HOME/.zsh-scripts +ZSH_CACHE_DIR=$HOME/.zsh-cache ENABLE_CORRECTION="true" @@ -13,9 +11,12 @@ COMPLETION_WAITING_DOTS="true" plugins=(git) -ZSH_CACHE_DIR=$HOME/.cache/oh-my-zsh -if [[ ! -d $ZSH_CACHE_DIR ]]; then - mkdir -p $ZSH_CACHE_DIR -fi +zstyle ':omz:update' mode auto # update automatically without asking +zstyle ':omz:update' frequency 14 + +create_dir_if_not_exists $ZSH_CUSTOM_USER_SCRIPTS +create_dir_if_not_exists $ZSH_CACHE_DIR + +load_scripts_in_dir $ZSH_CUSTOM_USER_SCRIPTS source $ZSH/oh-my-zsh.sh diff --git a/sh/custom/aliases.sh b/sh/custom_scripts/aliases.sh similarity index 100% rename from sh/custom/aliases.sh rename to sh/custom_scripts/aliases.sh diff --git a/sh/custom/os.sh b/sh/custom_scripts/os.sh similarity index 100% rename from sh/custom/os.sh rename to sh/custom_scripts/os.sh diff --git a/sh/custom/vars.sh b/sh/custom_scripts/vars.sh similarity index 80% rename from sh/custom/vars.sh rename to sh/custom_scripts/vars.sh index 17d0a5f..f4053e2 100755 --- a/sh/custom/vars.sh +++ b/sh/custom_scripts/vars.sh @@ -1,4 +1,3 @@ -export SSH_KEYS=~/Private/Keys export LESS="-RM" export MAKEFLAGS=-j8 diff --git a/sh/load.sh b/sh/load.sh index 5fe2a4e..bc9642f 100755 --- a/sh/load.sh +++ b/sh/load.sh @@ -1,6 +1,19 @@ TOOLKIT=/etc/toolkit -# Sources custom shell scripts -for sh in ${TOOLKIT}/sh/custom/*.sh; do +load_scripts_in_dir() { + for sh in ${TOOLKIT}/sh/custom/*.sh; do test -r "$sh" && . "$sh" -done + done +} + +create_dir_if_not_exists() { + if [[ ! -d $1 ]]; then + mkdir -p $1 + fi +} + +# Load custom scripts (aliases, variables, etc...) +load_scripts_in_dir $TOOLKIT/sh/custom_scripts + +# Scripts ran to modify existing toolkit updates +load_scripts_in_dir $TOOLKIT/sh/patch_scripts diff --git a/sshd/sshd_config b/sshd/sshd_config new file mode 100644 index 0000000..f7f249f --- /dev/null +++ b/sshd/sshd_config @@ -0,0 +1,146 @@ +Include /etc/ssh/sshd_config.d/*.conf + +# _ __ __ __ _ +# / |/ /__ / /__ _____ ____/ /__ (_)__ ___ _ +# / / -_) __/ |/|/ / _ \/ __/ '_// / _ \/ _ `/ +#/_/|_/\__/\__/|__,__/\___/_/ /_/\_\/_/_//_/\_, / +# /___/ +# +Port 69 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +# _____ __ ____ __ __ _ +# / ___/_ _____ / / ___ _______ / __/___ / //_/__ __ __(_)__ ___ _ +#/ /__/ // / _ \/ _ \/ -_) __(_-< > _/_ _/ / ,< / -_) // / / _ \/ _ `/ +#\___/\_, / .__/_//_/\__/_/ /___/ |_____/ /_/|_|\__/\_, /_/_//_/\_, / +# /___/_/ /___/ /___/ +# +Ciphers aes256-gcm@openssh.com,aes256-ctr +KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521 +MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key +#RekeyLimit default none + +# __ _ +# / / ___ ___ ____ _(_)__ ___ _ +# / /__/ _ \/ _ `/ _ `/ / _ \/ _ `/ +#/____/\___/\_, /\_, /_/_//_/\_, / +# /___//___/ /___/ +# +#SyslogFacility AUTH +#LogLevel INFO + +# ___ __ __ __ _ __ _ +# / _ |__ __/ /_/ / ___ ___ / /_(_)______ _/ /_(_)__ ___ +# / __ / // / __/ _ \/ -_) _ \/ __/ / __/ _ `/ __/ / _ \/ _ \ +#/_/ |_\_,_/\__/_//_/\__/_//_/\__/_/\__/\_,_/\__/_/\___/_//_/ +# +#LoginGraceTime 2m +#PermitRootLogin prohibit-password +PermitRootLogin no +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +PubkeyAuthentication yes + +# Expect .ssh/authorized_keys2 to be disregarded by default in future. +#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +PasswordAuthentication no +PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +ChallengeResponseAuthentication no + +# __ __ __ +# / //_/__ ____/ / ___ _______ ___ +# / ,< / -_) __/ _ \/ -_) __/ _ \(_-< +#/_/|_|\__/_/ /_.__/\__/_/ \___/___/ +# +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# ________________ ___ ____ +# / ___/ __/ __/ _ | / _ \/ _/ +#/ (_ /\ \_\ \/ __ |/ ___// / +#\___/___/___/_/ |_/_/ /___/ +# +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes + +# ____ __ +# / __/_ __/ /________ _ +# / _/ \ \ / __/ __/ _ `/ +#/___//_\_\\__/_/ \_,_/ +# +#AllowAgentForwarding yes +#AllowTcpForwarding yes +GatewayPorts no +X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no +#PrintLastLog yes +#TCPKeepAlive yes +PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /var/run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + +# override default of no subsystems +Subsystem sftp /usr/lib/openssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server