diff --git a/setup/management.sh b/setup/management.sh index b793b99..0f6e4d0 100755 --- a/setup/management.sh +++ b/setup/management.sh @@ -2,7 +2,7 @@ source setup/functions.sh -apt_install python3-flask links duplicity libyaml-dev python3-dnspython unattended-upgrades +apt_install python3-flask links duplicity libyaml-dev python3-dnspython hide_output pip3 install rtyaml # Create a backup directory and a random key for encrypting backups. @@ -21,14 +21,6 @@ rm -f /etc/init.d/mailinabox ln -s $(pwd)/conf/management-initscript /etc/init.d/mailinabox hide_output update-rc.d mailinabox defaults -# Allow apt to install system updates automatically every day. -cat > /etc/apt/apt.conf.d/02periodic < /etc/cron.daily/mailinabox-backup << EOF; #!/bin/bash diff --git a/setup/system.sh b/setup/system.sh index 8e7d5c5..fed23b0 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -11,18 +11,22 @@ hide_output apt-get -y upgrade # haveged: Provides extra entropy to /dev/random so it doesn't stall # when generating random numbers for private keys (e.g. during # ldns-keygen). +# unattended-upgrades: Apt tool to install security updates automatically. +# ntp: keeps the system time correct +# fail2ban: scans log files for repeated failed login attempts and blocks the remote IP at the firewall -apt_install python3 python3-pip wget curl bind9-host haveged +apt_install python3 python3-pip \ + wget curl bind9-host \ + haveged unattended-upgrades ntp fail2ban -# Turn on basic services: -# -# ntp: keeps the system time correct -# -# fail2ban: scans log files for repeated failed login attempts and blocks the remote IP at the firewall -# -# These services don't need further configuration and are started immediately after installation. +# Allow apt to install system updates automatically every day. -apt_install ntp fail2ban +cat > /etc/apt/apt.conf.d/02periodic <