From c08110ae3895a5ae6c8388310a42620a930febc7 Mon Sep 17 00:00:00 2001 From: Artur Gurgul Date: Mon, 11 Aug 2025 10:20:07 +0200 Subject: [PATCH] Add script for seting up media center --- bin/admin/single-user | 65 ++++++++++++++++++++++++++++++++ bin/vm | 34 +++++++++++++++++ bin/zshrc/init | 4 ++ lib/data/resources/iso-images.rb | 21 +++++++++++ lib/downloader.rb | 21 +++++++++++ lib/virtual-machine.rb | 16 ++++++++ 6 files changed, 161 insertions(+) create mode 100644 bin/admin/single-user create mode 100644 lib/data/resources/iso-images.rb create mode 100644 lib/downloader.rb create mode 100644 lib/virtual-machine.rb diff --git a/bin/admin/single-user b/bin/admin/single-user new file mode 100644 index 0000000..4b647ff --- /dev/null +++ b/bin/admin/single-user @@ -0,0 +1,65 @@ +#!/bin/bash +## This script make autologin. If user has phisical access +## to the device we can trust him, otherwiese we require password +## for remote access + + +# Parameters +USERNAME="user" + +# Sanity check +if [ "$(id -u)" -ne 0 ]; then + echo "Please run this script as root." + exit 1 +fi + +if ! id "$USERNAME" &>/dev/null; then + echo "User '$USERNAME' does not exist." + exit 1 +fi + +echo "Setting up passwordless sudo for physical access for user: $USERNAME" +echo + +# 1. Configure sudoers: allow passwordless sudo +echo "Configuring sudoers for $USERNAME..." +echo "Defaults:$USERNAME !authenticate" >> /etc/sudoers.d/00-$USERNAME-nopasswd +chmod 440 /etc/sudoers.d/00-$USERNAME-nopasswd + +# 2. Modify PAM for sudo to allow password only on non-physical ttys +echo "Configuring PAM for sudo tty check..." +PAM_FILE="/etc/pam.d/sudo" +BACKUP_FILE="/etc/pam.d/sudo.bak" + +if ! grep -q "pam_succeed_if.so tty" "$PAM_FILE"; then + echo "Creating backup of $PAM_FILE to $BACKUP_FILE" + cp "$PAM_FILE" "$BACKUP_FILE" + + sed -i '1iauth [success=1 default=ignore] pam_succeed_if.so tty =~ /dev/tty[0-9]*' "$PAM_FILE" + echo "PAM modified to restrict passwordless sudo to physical TTYs." +else + echo "PAM sudo already appears configured." +fi + +# 3. Enable autologin on tty1 +echo "Configuring systemd autologin on tty1 for $USERNAME..." +mkdir -p /etc/systemd/system/getty@tty1.service.d +AUTOLOGIN_CONF="/etc/systemd/system/getty@tty1.service.d/override.conf" + +cat > "$AUTOLOGIN_CONF" <" --name "" + +options = OpenStruct.new +subcommand = ARGV.shift&.to_sym +options.parameter = ARGV[0] && ARGV[0] !~ /^-/ ? ARGV.shift : nil + +OptionParser.new do |opt| + opt.on('--arch ARCH', 'Architecture arm64 or x86_64') do |arch| + options.arch = arch + end + + opt.on('--name NAME', 'Virtaul Machine name') do |arch| + options.arch = arch + end + +end.parse! + + +case subcommand +when :create + puts "Creating image...." + +when :setup + options[:distro] = subcommand + VirtualMachine.setup(options) +else + puts "Error not found #{options.type}" +end \ No newline at end of file diff --git a/bin/zshrc/init b/bin/zshrc/init index e6acd5c..79c3372 100644 --- a/bin/zshrc/init +++ b/bin/zshrc/init @@ -19,6 +19,10 @@ function cdd { cd $DAT_ROOT } +function cdp { + cd $PASSWORD_STORE_DIR +} + . $DAT_ROOT/bin/zshrc/prompt . $DAT_ROOT/bin/zshrc/utils diff --git a/lib/data/resources/iso-images.rb b/lib/data/resources/iso-images.rb new file mode 100644 index 0000000..4f6ef76 --- /dev/null +++ b/lib/data/resources/iso-images.rb @@ -0,0 +1,21 @@ + + +module VirtualMachine + ISO_URLS = { + debian: { + arm64: { + install: "https://cdimage.debian.org/debian-cd/current/arm64/iso-cd/debian-13.0.0-arm64-netinst.iso" + }, + x86_64: { + install: "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-13.0.0-amd64-netinst.iso", + live: "https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian-live-13.0.0-amd64-standard.iso" + } + }, + archlinux: { + x86_64: { + live: "https://geo.mirror.pkgbuild.com/iso/2025.08.01/archlinux-x86_64.iso" + } + } + } + +end \ No newline at end of file diff --git a/lib/downloader.rb b/lib/downloader.rb new file mode 100644 index 0000000..6fa1e67 --- /dev/null +++ b/lib/downloader.rb @@ -0,0 +1,21 @@ +require 'uri' +require 'addressable/uri' + + +module Downloader + # use_cache => save in the home and return path to it + # forced => download even if the file exists in the cache, saves to chace if use_cache == true + def self.get(url, use_cache = true, forced = false) + puts "downloading..." + puts url + + + uri = Addressable::URI.parse(url) + path = File.join("#{ENV["HOME"]}/.cache/dat/downloads/", uri.domain, uri.path) + + #uri = URI.parse(url) + #file_name = File.basename(uri.path) + puts "Download path: #{path}" + yield path + end +end \ No newline at end of file diff --git a/lib/virtual-machine.rb b/lib/virtual-machine.rb new file mode 100644 index 0000000..b27bbcb --- /dev/null +++ b/lib/virtual-machine.rb @@ -0,0 +1,16 @@ +require 'downloader' +require_relative 'data/resources/iso-images' + +module VirtualMachine + def self.distro(name, arch, type = :install) + ISO_URLS[:debian][:arm64][:install] + end + + def self.setup(options) + distro = options[:distro] + arch = :arm64 + type = :install + url = distro(name, arch, type) + Downloader.get(url) + end +end \ No newline at end of file