From 9c05ee499327d34c20a51ce83c1534af573eef9a Mon Sep 17 00:00:00 2001 From: Cole Deck Date: Sun, 18 Oct 2020 17:11:27 -0500 Subject: [PATCH] Initial commit --- install-post.sh | 143 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 143 insertions(+) create mode 100644 install-post.sh diff --git a/install-post.sh b/install-post.sh new file mode 100644 index 0000000..097d687 --- /dev/null +++ b/install-post.sh @@ -0,0 +1,143 @@ +#!/usr/bin/env bash +################################################################################ +# This is property of eXtremeSHOK.com +# You are free to use, modify and distribute, however you may not remove this notice. +# Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com +################################################################################ +# +# Script updates can be found at: https://github.com/extremeshok/xshok-proxmox +# +# post-installation script for Proxmox +# +# License: BSD (Berkeley Software Distribution) +# +################################################################################ +# +# Assumptions: proxmox installed +# +# Notes: +# to disable the MOTD banner, set the env NO_MOTD_BANNER to true (export NO_MOTD_BANNER=true) +# +################################################################################ +# +# THERE ARE NO USER CONFIGURABLE OPTIONS IN THIS SCRIPT +# +################################################################################ + +# Set the local +export LANG="en_US.UTF-8" +export LC_ALL="C" + +## Force APT to use IPv4 +echo -e "Acquire::ForceIPv4 \"true\";\\n" > /etc/apt/apt.conf.d/99force-ipv4 + +## disable enterprise proxmox repo +if [ -f /etc/apt/sources.list.d/pve-enterprise.list ]; then + echo -e "#deb https://enterprise.proxmox.com/debian buster pve-enterprise\\n" > /etc/apt/sources.list.d/pve-enterprise.list +fi +## enable public proxmox repo +if [ ! -f /etc/apt/sources.list.d/proxmox.list ] && [ ! -f /etc/apt/sources.list.d/pve-public-repo.list ] && [ ! -f /etc/apt/sources.list.d/pve-install-repo.list ] ; then + echo -e "deb http://download.proxmox.com/debian buster pve-no-subscription\\n" > /etc/apt/sources.list.d/pve-public-repo.list +fi + +## Add non-free to sources +sed -i "s/main contrib/main non-free contrib/g" /etc/apt/sources.list + +## Add the latest ceph provided by proxmox +# echo "deb http://download.proxmox.com/debian/ceph-luminous stretch main" > /etc/apt/sources.list.d/ceph.list + +## Refresh the package lists +apt-get update + + +## Install common system utilities +/usr/bin/env DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::='--force-confdef' install whois omping tmux sshpass wget axel nano pigz net-tools htop iptraf iotop iftop iperf vim vim-nox unzip zip software-properties-common aptitude curl dos2unix dialog mlocate build-essential git ipset htop +#snmpd snmp-mibs-downloader + + +## Install kexec, allows for quick reboots into the latest updated kernel set as primary in the boot-loader. +# use command 'reboot-quick' +echo "kexec-tools kexec-tools/load_kexec boolean false" | debconf-set-selections +/usr/bin/env DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::='--force-confdef' install kexec-tools + +cat <<'EOF' > /etc/systemd/system/kexec-pve.service +[Unit] +Description=boot into into the latest pve kernel set as primary in the boot-loader +Documentation=man:kexec(8) +DefaultDependencies=no +Before=shutdown.target umount.target final.target + +[Service] +Type=oneshot +ExecStart=/sbin/kexec -l /boot/pve/vmlinuz --initrd=/boot/pve/initrd.img --reuse-cmdline + +[Install] +WantedBy=kexec.target +EOF +systemctl enable kexec-pve.service +echo "alias reboot-quick='systemctl kexec'" >> /root/.bash_profile + +## Remove no longer required packages and purge old cached updates +/usr/bin/env DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::='--force-confdef' autoremove +/usr/bin/env DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::='--force-confdef' autoclean + +## Bugfix: reserve 512MB memory for system +echo "vm.min_free_kbytes = 524288" >> /etc/sysctl.conf +sysctl -p + +## Remove subscription banner +if [ -f "/usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js" ] ; then + sed -i "s/data.status !== 'Active'/false/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js + # create a daily cron to make sure the banner does not re-appear + cat <<'EOF' > /etc/cron.daily/proxmox-nosub +#!/bin/sh +# eXtremeSHOK.com Remove subscription banner +sed -i "s/data.status !== 'Active'/false/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js +EOF + chmod 755 /etc/cron.daily/proxmox-nosub +fi + +## Increase max user watches +# BUG FIX : No space left on device +echo 1048576 > /proc/sys/fs/inotify/max_user_watches +echo "fs.inotify.max_user_watches=1048576" >> /etc/sysctl.conf +sysctl -p /etc/sysctl.conf + +## Increase max FD limit / ulimit +cat <> /etc/security/limits.conf +# eXtremeSHOK.com Increase max FD limit / ulimit +* soft nproc 256000 +* hard nproc 256000 +* soft nofile 256000 +* hard nofile 256000 +root soft nproc 256000 +root hard nproc 256000 +root soft nofile 256000 +root hard nofile 256000 +EOF + +## Increase kernel max Key limit +cat < /etc/sysctl.d/60-maxkeys.conf +# eXtremeSHOK.com +# Increase kernel max Key limit +kernel.keys.root_maxkeys=1000000 +kernel.keys.maxkeys=1000000 +EOF + +## Set systemd ulimits +echo "DefaultLimitNOFILE=256000" >> /etc/systemd/system.conf +echo "DefaultLimitNOFILE=256000" >> /etc/systemd/user.conf +echo 'session required pam_limits.so' | tee -a /etc/pam.d/common-session-noninteractive +echo 'session required pam_limits.so' | tee -a /etc/pam.d/common-session +echo 'session required pam_limits.so' | tee -a /etc/pam.d/runuser-l + +## Set ulimit for the shell user +cd ~ && echo "ulimit -n 256000" >> .bashrc ; echo "ulimit -n 256000" >> .profile + +## Optimise ZFS arc size + +# propagate the setting into the kernel +update-initramfs -u -k all + +## Script Finish +echo -e '\033[1;33m Finished....please restart the system \033[0m'