Base Centos 6 scripts

by daxohara
5 deployments · 1 still active · last rev. 2 years ago

Base Centos 6 scripts

Compatible with: CentOS 6.5
						#!/bin/bash

###########################################################
# System
###########################################################

function system_update {
  yum -y update
}

function system_primary_ip {
  # returns the primary IP assigned to eth0
  echo $(ifconfig eth0 | awk -F: '/inet addr:/ {print $2}' | awk '{ print $1 }')
}

function get_rdns {
  # calls host on an IP address and returns its reverse dns
  if [ ! -e /usr/bin/host ]; then
   yum -y install bind-utils > /dev/null
  fi
  echo $(host $1 | awk '/pointer/ {print $5}' | sed 's/\.$//')
}

function get_rdns_primary_ip {
  # returns the reverse dns of the primary IP assigned to this system
  echo $(get_rdns $(system_primary_ip))
}

function install_basics {
  yum install -y vim-enhanced
}

function set_hostname {
  # set the hostname

  echo setting hostname to $1
  echo "HOSTNAME=$1" >> /etc/sysconfig/network
  hostname "$1"

  # update /etc/hosts
  echo $(system_primary_ip) $(get_rdns_primary_ip) $(hostname) >> /etc/hosts
}

function set_timezone {
  # set the timezone

  echo setting the timezone
  ln -sf /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime
}

# $1 - IPADDR, $2 - NETMASK, $3 - GATEWAY
function set_public_ip {
  echo -e "# Configuration for eth0
DEVICE=eth0
BOOTPROTO=none
# This line ensures that the interface will be brought up during boot.
ONBOOT=yes
# eth0 - This is the main IP address that will be used for most outbound connections.
# The address, netmask and gateway are all necessary.
IPADDR=${1}
NETMASK=${2}
GATEWAY=${3}" > /etc/sysconfig/network-scripts/ifcfg-eth0
}

# $1 - IPADDR, $2 - NETMASK
function set_private_ip {
  echo -e "# Configuration for eth0:1
DEVICE=eth0:1
BOOTPROTO=none
# This line ensures that the interface will be brought up during boot.
ONBOOT=yes
# eth0:1 - Private IPs have no gateway (they are not publicly routable) so all you need to
# specify is the address and netmask.
IPADDR=${1}
NETMASK=${2}" > /etc/sysconfig/network-scripts/ifcfg-eth0:1
}

# $1, $2, $3 - name servers 
function set_dns_resolver {
  echo -e "domain tunts.net
search tunts.net
nameserver ${1}
nameserver ${2}
nameserver ${3}
options rotate" > /etc/resolv.conf
}

function restart_networking {
  service network restart
}

function create_user {
  adduser $1;
}

function lock_for_user {
  echo "AllowUsers      $1" >> /etc/ssh/sshd_config
  service sshd restart
}

function lock_root_with_keys {
  echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config
  echo "UseDNS no" >> /etc/ssh/sshd_config
  service sshd restart
}

function shell_config {
  echo 'readonly HISTTIMEFORMAT="+%Y%m%d-%T "' >> /etc/profile
  echo 'readonly HISTFILE="${HOME}/.bash_history"' >> /etc/profile
  echo 'readonly HISTFILESIZE="2000"' >> /etc/profile
  echo 'readonly HISTSIZE="2000"' >> /etc/profile
  echo 'export HISTTIMEFORMAT HISTFILE HISTFILESIZE HISTSIZE' >> /etc/profile
}

function wall_up {
  echo -e "# Do not mess with my cheese
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT

#ssh
-A RH-Firewall-1-INPUT -p tcp --dport 22 -j ACCEPT

#-A RH-Firewall-1-INPUT -j LOG --log-level 1 --log-prefix \"FIREWALL-IN  \"
-A RH-Firewall-1-INPUT -j DROP

COMMIT" > /etc/sysconfig/iptables
  service iptables restart
}

function beloved_repos {
  wget http://epel.gtdinternet.com/6/i386/epel-release-6-7.noarch.rpm
  wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
}

function daemontools {
  yum -y install gcc make
  mkdir /usr/src/daemontools
  cd /usr/src/daemontools
  wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
  tar -zxvf daemontools-0.76.tar.gz
  cd admin/daemontools-0.76/
}