mirror of
https://github.com/kossakovsky/n8n-install.git
synced 2026-03-07 22:33:11 +00:00
448a34f959
- Introduced a series of scripts to automate system preparation, Docker installation, secret generation, service execution, and final reporting. - Implemented logging functions for better visibility during script execution. - Ensured checks for required files and user inputs to enhance robustness. - Added functionality for managing Docker services and generating a comprehensive installation summary.
49 lines
1.1 KiB
Bash
Executable File
49 lines
1.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
# Source the utilities file
|
|
source "$(dirname "$0")/utils.sh"
|
|
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
# System Update
|
|
log_info "Updating package list and upgrading the system..."
|
|
apt update -y && apt upgrade -y
|
|
|
|
# Installing Basic Utilities
|
|
log_info "Installing standard CLI tools..."
|
|
apt install -y \
|
|
htop git curl make unzip ufw fail2ban python3 psmisc \
|
|
build-essential ca-certificates gnupg lsb-release openssl \
|
|
debian-keyring debian-archive-keyring apt-transport-https
|
|
|
|
# Configuring Firewall (UFW)
|
|
log_info "Configuring firewall (UFW)..."
|
|
echo "y" | ufw reset
|
|
ufw --force enable
|
|
ufw default deny incoming
|
|
ufw default allow outgoing
|
|
ufw allow ssh
|
|
ufw allow http
|
|
ufw allow https
|
|
ufw reload
|
|
ufw status
|
|
|
|
# Configuring Fail2Ban
|
|
log_info "Enabling brute-force protection (Fail2Ban)..."
|
|
systemctl enable fail2ban
|
|
sleep 1
|
|
systemctl start fail2ban
|
|
sleep 1
|
|
fail2ban-client status
|
|
sleep 1
|
|
fail2ban-client status sshd
|
|
|
|
# Automatic Security Updates
|
|
log_info "Enabling automatic security updates..."
|
|
apt install -y unattended-upgrades
|
|
# Automatic confirmation for dpkg-reconfigure
|
|
echo "y" | dpkg-reconfigure --priority=low unattended-upgrades
|
|
|
|
exit 0 |