48 lines
1.6 KiB
Bash
48 lines
1.6 KiB
Bash
#!/bin/sh
|
|
|
|
# usage: add_once <file> <line-to-add>...
|
|
add_once() {
|
|
local file="$1"
|
|
shift
|
|
for line; do
|
|
if ! grep -x -F "$line" "$file" 2>/dev/null; then
|
|
mkdir -p "${file%/*}"
|
|
printf "%s\n" "$line" >> "$file"
|
|
fi
|
|
done
|
|
}
|
|
|
|
# Enable SSH keepalive
|
|
sed -i -e 's/^[\s#]*TCPKeepAlive\s.*/TCPKeepAlive yes/' -e 's/^[\s#]*ClientAliveInterval\s.*/ClientAliveInterval 60/' /etc/ssh/sshd_config
|
|
echo 'enabled SSH keep alives'
|
|
|
|
# openRC
|
|
sed -i -e 's/^[\s#]*rc_cgroup_mode=.*/rc_cgroup_mode="unified"/' /etc/rc.conf
|
|
sed -i -e 's/^[\s#]*rc_logger=.*/rc_logger="YES"/' /etc/rc.conf
|
|
echo 'enabled cgroupv2, openRC logging'
|
|
|
|
# speed up dhcpcd and chronyd
|
|
add_once /etc/dhcpcd.conf noarp >/dev/null
|
|
sed -i -e 's/^[\s#]*FAST_STARTUP=.*/FAST_STARTUP=yes/' /etc/conf.d/chronyd
|
|
|
|
# OpenRC parallel - causes too much chaos
|
|
#sed -i -e 's/^[\s#]*rc_parallel=.*/rc_parallel="YES"/' /etc/rc.conf
|
|
#echo 'enable parallel openRC'
|
|
|
|
# Setup syslog-ng json logging and apparmor tweaks
|
|
cp /usr/lib/zdt/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
|
|
cp /usr/lib/zdt/syslog-ng.logrotate.conf /etc/logrotate.d/syslog-ng
|
|
cp /usr/lib/zdt/syslog-ng.apparmor /etc/apparmor.d/local/sbin.syslog-ng
|
|
echo 'syslog-ng: all to /var/log/messages as json'
|
|
|
|
# use init to spawn monit
|
|
add_once /etc/inittab ":2345:respawn:/usr/bin/monit -I" >/dev/null
|
|
add_once /etc/monitrc "include /etc/monit.d/*.conf" >/dev/null
|
|
echo 'enabled monit via inittab'
|
|
|
|
# QoL - make bash default shell for root too
|
|
sed -i -e '/root/ s#\:[^\:]*$#\:/bin/bash#g' /etc/passwd
|
|
|
|
add_once /etc/bash/bashrc "export STARSHIP_CONFIG=/etc/starship.toml" >/dev/null
|
|
add_once /etc/bash/bashrc 'eval -- "$(/usr/bin/starship init bash --print-full-init)"' >/dev/null
|