Skip to content

Latest commit

 

History

History
67 lines (50 loc) · 3.38 KB

README.md

File metadata and controls

67 lines (50 loc) · 3.38 KB

Shell Scripts for Web Server Deployment

There are two distinct ways of configuring web server:

  1. You can just copy three lines of code from section below OR
  2. You can follow the manual which come after Contents section

Run these lines of code to start automate process

cd && apt install sudo && sudo apt update && sudo apt upgrade && sudo apt-get install git -y
git clone https://github.com/rignellj/Roger-Skyline-1.git scripts && cd scripts
./roger_skyline_1.sh

Contents

  1. Introduction
  2. Creating Nonroot User
  3. Configure a Static IP
  4. Change the SSH Default Port and Setup SSH Access With Publickeys
  5. Firewall Setup With UFW
  6. DOS (Denial Of Service Attack) protection
  7. Protection Against Port Scans
  8. Disable the Services We Don’t Need
  9. Update Packages & Monitor Crontab Changes Scripts
  10. Self-signed SSL and Deployment
  11. Deployment Automation

Introduction

  1. This part first installs required packages to your Linux Debian and also checks partitions
  2. Running ./01_intro.sh will update & upgrade packages and also installs software that is needed for this project

Let's Create Nonroot User

Run ./02_add_sudouser.sh to create given user and give sudo privilages to the user

Configure a Static IP

  1. Run ./03_configure_interfaces.sh to configure /etc/network/interfaces file
  2. Next run ./04_configure_static_ip.sh. This will prompt IP address, Netmask and Gateway and configures with given addresses.

Change the SSH Default Port and Setup SSH Access With Publickeys

  1. Before moving to next step, user needs to create new ssh public key. Script will also ask to do this.
  2. Run ./05_ssh_configure.sh to reset SSH port number

Denial Of Service Attack (DOS) protection & Firewall rules

  1. Run ./06_firewall_rules.sh to set up firewall rules
  2. Then ./07_fail2ban.sh will handle all the config for the DOS which will protect your open ports of your VM.

Protection Against Port Scans

  1. ./08_portscans.sh will set protection against scans on your VM’s open ports.

Disable the Services We Don’t Need

  1. ./09_disable_services.sh--> This script disables unnecessary services.

Update Packages & Monitor Crontab Changes Scripts

  1. Running ./10_cron_conf.sh will add few tasks to crontab file

Self-signed SSL and Deployment

  1. Running ./11_web_server_deployment.sh will set self-signed SSL and also will handle all the config according to that.

Deployment Automation

  1. Running ./12_files_copy.sh will start process which will ask user certain questions according from which machine to copy, which SSH ports to use, what is the result of $(whoami) on remote (host) and the full path to files to copy.

                       End of Deployment