Posted By

jsinix on 12/01/14


Tagged

system ubuntu setup automate


Versions (?)

Automate System Setup


 / Published in: Python
 

URL: www.jsinix.com

Author: jsinix([email protected])

This script is written to expedite the process of initial system configuration (specifically Ubuntu). These initial things include basic setup, securing the system(firewall), updating it etc. I have not tested this with any distro but this can be modified to suit your need.Its preferable you run this on new system as it overwrite some files.

  1. #!/usr/bin/python
  2. import sys, os
  3. import datetime
  4. import socket
  5. import getpass
  6. import time
  7. from subprocess import STDOUT, check_call
  8. from contextlib import contextmanager
  9.  
  10. Welcome = """\
  11. _ _ _
  12. (_) (_) (_)
  13. _ ___ _ _ __ ___ __
  14. | / __| | '_ \| \ \/ /
  15. | \__ \ | | | | |> <
  16. | |___/_|_| |_|_/_/\_\.
  17. _/ |
  18. |__/
  19. """
  20.  
  21. Disclaimer = """\
  22. \nAuthor: jsinix([email protected])
  23. This script is written to expedite the process of initial system configuration
  24. (specifically Ubuntu). These initial things include basic setup, securing the
  25. system(firewall), updating it etc. I have not tested this with any distro but
  26. this can be modified to suit your need.Its preferable you run this on new
  27. system as it overwrite some files.
  28. """
  29.  
  30. Iptable_rules = """
  31. *filter
  32. -A INPUT -i lo -j ACCEPT
  33. -A INPUT -d 127.0.0.0/8 -j REJECT
  34. -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  35. -A OUTPUT -j ACCEPT
  36. -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
  37. -A INPUT -p icmp -j ACCEPT
  38. -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
  39. -A INPUT -j DROP
  40. -A FORWARD -j DROP
  41. COMMIT
  42. """
  43.  
  44. def hostname_setup():
  45. print "\n\n(+) Setting hostname"
  46. sys_hostname = raw_input("(-) Hostname: ")
  47. f001 = open('/etc/hostname','w')
  48. f001.write(sys_hostname)
  49. f001.close()
  50. os.system("hostname -F /etc/hostname")
  51. print "(+) Hostname set"
  52.  
  53. def timezone_setup():
  54. os.system("dpkg-reconfigure tzdata")
  55. print "\n(+) Timezone set"
  56. cur_time = datetime.datetime.now()
  57. print "(+) Current date: %s" % cur_time
  58.  
  59. def is_connected():
  60. REMOTE_SERVER = "www.jsinix.com"
  61. try:
  62. host = socket.gethostbyname(REMOTE_SERVER)
  63. s = socket.create_connection((host, 80), 2)
  64. return True
  65. except:
  66. pass
  67. return False
  68.  
  69. def update_setup():
  70. print "(+) Updating repository"
  71. os.system("apt-get update > /dev/null")
  72. print "(+) Update complete"
  73. print "(+) Installing updates"
  74. os.system("apt-get upgrade > /dev/null")
  75. print "(+) Complete"
  76.  
  77. def fail2ban_setup():
  78. print "\n(+) Installing Fail2ban"
  79. os.system("apt-get install fail2ban -y > /dev/null")
  80. print "(+) Restarting Fail2ban"
  81. os.system("service fail2ban restart > /dev/null")
  82. print "(+) Fail2ban running"
  83.  
  84. def iptables_setup():
  85. print "\n(+) Installing firewall"
  86. f002 = open('/etc/iptables.firewall.rules','w')
  87. f002.write(Iptable_rules)
  88. f002.close()
  89. os.system("iptables-restore < /etc/iptables.firewall.rules")
  90. print "(+) Firewall is running"
  91. print "(+) Setting up firewall on startup"
  92.  
  93. firewall_startup = """
  94. #!/bin/sh
  95. /sbin/iptables-restore < /etc/iptables.firewall.rules
  96. """
  97. f003 = open('/etc/network/if-pre-up.d/firewall','w')
  98. f003.write(firewall_startup)
  99. f003.close()
  100. os.system("chmod +x /etc/network/if-pre-up.d/firewall")
  101.  
  102. internet = is_connected()
  103. def controller():
  104. os.system("clear")
  105. print Welcome
  106. print Disclaimer
  107. option01 = raw_input("Should we start ?(y/n) ")
  108.  
  109. if option01 == 'y':
  110. hostname_setup()
  111. time.sleep(1)
  112. timezone_setup()
  113.  
  114. if internet == True:
  115. print "\n(+) Looks like system is connected to internet."
  116. update_setup()
  117.  
  118. fail2ban_setup()
  119.  
  120. elif internet == False:
  121. print "\n(+) Looks like no internet connectivity"
  122. print " Dropping repo update"
  123.  
  124. elif option01 == 'n':
  125. print "\n(+) Exiting"
  126. sys.exit()
  127.  
  128. else:
  129. print "\n(+) Unknown choice"
  130. print "(+) Exiting"
  131.  
  132. iptables_setup()
  133.  
  134. # This script must be run as root to avoid permission
  135. # issues.
  136. #So lets make sure that no other user can run it.
  137. my_user = getpass.getuser()
  138. if(my_user != 'root'):
  139. print "(+) Please run this script as ROOT"
  140. sys.exit()
  141.  
  142. else:
  143. controller()
  144. print "\nRestart the system(recommended) !"

Report this snippet  

You need to login to post a comment.