mirror of
https://github.com/kossakovsky/n8n-install.git
synced 2026-03-08 06:43:22 +00:00
c3246e4365
- Introduced a new function, get_all_profiles, to extract profile names from the docker-compose.yml file. - Updated the stop_existing_containers function to include all profiles when stopping services, ensuring a comprehensive shutdown of all relevant containers. - Added the yaml module to handle YAML file parsing. - Updated system preparation script to install python3-yaml package for YAML support.
49 lines
1.2 KiB
Bash
Executable File
49 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
# Source the utilities file
|
|
source "$(dirname "$0")/utils.sh"
|
|
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
# System Update
|
|
log_info "Updating package list and upgrading the system..."
|
|
apt update -y && apt upgrade -y
|
|
|
|
# Installing Basic Utilities
|
|
log_info "Installing standard CLI tools..."
|
|
apt install -y \
|
|
htop git curl make unzip ufw fail2ban python3 psmisc whiptail \
|
|
build-essential ca-certificates gnupg lsb-release openssl \
|
|
debian-keyring debian-archive-keyring apt-transport-https python3-pip python3-dotenv python3-yaml
|
|
|
|
# Configuring Firewall (UFW)
|
|
log_info "Configuring firewall (UFW)..."
|
|
echo "y" | ufw reset
|
|
ufw --force enable
|
|
ufw default deny incoming
|
|
ufw default allow outgoing
|
|
ufw allow ssh
|
|
ufw allow http
|
|
ufw allow https
|
|
ufw reload
|
|
ufw status
|
|
|
|
# Configuring Fail2Ban
|
|
log_info "Enabling brute-force protection (Fail2Ban)..."
|
|
systemctl enable fail2ban
|
|
sleep 1
|
|
systemctl start fail2ban
|
|
sleep 1
|
|
fail2ban-client status
|
|
sleep 1
|
|
fail2ban-client status sshd
|
|
|
|
# Automatic Security Updates
|
|
log_info "Enabling automatic security updates..."
|
|
apt install -y unattended-upgrades
|
|
# Automatic confirmation for dpkg-reconfigure
|
|
echo "y" | dpkg-reconfigure --priority=low unattended-upgrades
|
|
|
|
exit 0 |