#!/bin/bash ########################################################### # # Orange Pi PC2 DietPi 최적화 스크립트 # # 이 스크립트는 # dietpi_v149_orangepipc2-arm64-(jessie).img # 에서 시험되었으며, 반드시 인터넷이 가능한 상태에서 # root/dietpi 계정으로 실행해야 한다. # # ※ 설치 후 apt-get -y remove --purge dropbear 로 # dropbear를 제거한다. # ########################################################### EXTERNAL_HDD_DIR=/storage/sda1 SDCARD_DIR=/storage USE_APACHE2=1 USE_MARIADB=1 USE_PHP=1 USE_SAMBA=1 ########################################################### # # root 및 dietpi 패스워드 설정 # ########################################################### echo "################################################" echo "#" echo "# PLEASE, ENTER NEW ROOT PASSWORD." echo "#" echo "################################################" passwd root echo "################################################" echo "#" echo "# PLEASE, ENTER NEW dietpi PASSWORD." echo "#" echo "################################################" passwd dietpi ########################################################### # # lrzsz 설치 # ########################################################### apt-get update -y apt-get -y install lrzsz ########################################################### # # 로케일 설정 # ########################################################### locale-gen "ko_KR.UTF-8" ########################################################### # # X11 및 불필요한 패키지 제거 # ########################################################### apt-get -y remove --purge lightdm apt-get -y remove --purge gnome* apt-get -y remove --purge qtcreator* apt-get -y remove --purge x11-common apt-get -y remove --purge apache2 nano apt-get -y remove --purge libpython2.7-minimal libpython2.7-stdlib python2.7-minimal python2.7 ########################################################### # # sdcard 초기화 # /dev/mmcblk0 : sdcard # dd if=/dev/zero of=/dev/mmcblk1 bs=512 count=1 # ########################################################### #dd if=/dev/zero of=/dev/mmcblk0 bs=512 count=1 ########################################################### # # 타임존 셋팅 # ########################################################### echo "Asia/Seoul" > /etc/timezone ########################################################### # # 네트워크 셋팅 (IP주소 수정 후 실행) # # 윈도우PC의 Linux USB Ethernet 인터페이스의 IPV4주소는 # 192.168.7.1/255.255.255.252로 변경해 주어야 한다. # # Wifi와 Ethernet은 한가지만 사용가능하며, # 만일 Wifi를 사용하기 위해서는 "auto eth0"를 삭제한다. # ########################################################### cp /etc/network/interfaces /etc/network/interfaces.old echo "# localhost" > /etc/network/interfaces echo "auto lo" >> /etc/network/interfaces echo "iface lo inet loopback" >> /etc/network/interfaces echo "" >> /etc/network/interfaces echo "# Ethernet" >> /etc/network/interfaces echo "#auto eth0" >> /etc/network/interfaces echo "allow-hotplug eth0" >> /etc/network/interfaces echo "iface eth0 inet static" >> /etc/network/interfaces echo "address 192.168.0.3" >> /etc/network/interfaces echo "netmask 255.255.255.240" >> /etc/network/interfaces echo "gateway 192.168.0.1" >> /etc/network/interfaces echo "dns-nameservers 8.8.8.8 8.8.4.4" >> /etc/network/interfaces echo "" >> /etc/network/interfaces echo "# Wifi" >> /etc/network/interfaces echo "##auto wlan0" >> /etc/network/interfaces echo "#allow-hotplug wlan0" >> /etc/network/interfaces echo "#iface wlan0 inet static" >> /etc/network/interfaces echo "#address 192.168.0.4" >> /etc/network/interfaces echo "#netmask 255.255.255.240" >> /etc/network/interfaces echo "#gateway 192.168.0.1" >> /etc/network/interfaces echo "#wireless-essid N702BCM" >> /etc/network/interfaces echo "#wireless-key 01086023358" >> /etc/network/interfaces echo "#wireless-mode Managed" >> /etc/network/interfaces echo "#wireless-power off" >> /etc/network/interfaces echo "#wpa-ssid \"A1004\"" >> /etc/network/interfaces echo "#wpa-psk \"0123456789\"" >> /etc/network/interfaces echo "#dns-nameservers 8.8.8.8 8.8.4.4" >> /etc/network/interfaces chmod 644 /etc/network/interfaces ########################################################### # # 네트워크 셋팅 (DNS) # ########################################################### chmod 666 /etc/resolv.conf echo "nameserver 8.8.8.8" >> /etc/resolv.conf echo "nameserver 8.8.4.4" >> /etc/resolv.conf chmod 644 /etc/resolv.conf ########################################################### # # USB 네트워크 인터페이스 이름변경 금지 # ########################################################### #mv /lib/udev/rules.d/73-usb-net-by-mac.rules /lib/udev/rules.d/73-usb-net-by-mac.rules.no_run ########################################################### # # 전체 패키지 업데이트 # ########################################################### apt-get update -y apt-get upgrade -y apt-get -y -f autoremove ########################################################### # # dropbear(ssh)를 openssh로 변경하기 위해 포트번호 변경 # ########################################################### sed -i "s/-p 22/-p 9922/g" /etc/dropbear/run ########################################################### # # 필요한 패키지 설치 # (설치가 안될 수 있으니 리부팅 후 확인 요망) # ########################################################### apt-get -y install vim apt-get -y install lftp apt-get -y install python3-pip pip3 install --upgrade pip apt-get -y install openssh-server apt-get -y install screen wireless-tools wpasupplicant hostapd expect apt-get -y install gzip bzip2 tar unrar arj p7zip minicom mc ftp lsof apt-get -y install iptables bridge-utils isc-dhcp-server iperf apt-get -y install ntfs-3g apt-get -y install exfat-fuse exfat-utils ########################################################### # # apt repository 관리자 설치 # ########################################################### apt-get -y install software-properties-common apt-get -y install python-software-properties ########################################################### # # apache2 패키지 설치 # ########################################################### if [ ${USE_APACHE2} = 1 ] then apt-get -y install apache2 apt-get -y install apache2-utils fi ########################################################### # # mariaDB 패키지 설치 # ########################################################### if [ ${USE_MARIADB} = 1 ] then apt-get -y install mariadb-server sed -i "s/127.0.0.1/0.0.0.0/g" /etc/mysql/my.cnf systemctl stop mysql.service fi ########################################################### # # apache2,php 패키지 설치 # ########################################################### if [ ${USE_PHP} = 1 ] then apt-get -y install php5 libapache2-mod-php5 apt-get -y install php5-mysql php5-cli php-xml-parser a2enmod rewrite fi ########################################################### # # vsftpd 패키지 설치 # ########################################################### apt-get -y install vsftpd ########################################################### # # samba 패키지 설치 # ########################################################### if [ ${USE_SAMBA} = 1 ] then apt-get -y install samba samba-common-bin fi ########################################################### # # 외장 하드디스크 마운트 디렉토리 생성 # ########################################################### mkdir -p ${EXTERNAL_HDD_DIR} chmod 755 ${EXTERNAL_HDD_DIR} chown -R dietpi:dietpi ${EXTERNAL_HDD_DIR} mkdir -p ${SDCARD_DIR} chmod 755 ${SDCARD_DIR} chown -R dietpi:dietpi ${SDCARD_DIR} ########################################################### # # 외장 하드디스크 마운트 등록 # ########################################################### echo "# External HDD" >> /etc/fstab echo "#/dev/sda1 ${EXTERNAL_HDD_DIR} ntfs-3g defaults 0 5" >> /etc/fstab ########################################################### # # samba 설정 # ########################################################### sync if [ ${USE_SAMBA} = 1 ] then echo "" >> /etc/samba/smb.conf echo "[global]" >> /etc/samba/smb.conf echo "netbios name = OPIPC2" >> /etc/samba/smb.conf echo "workgroup = WORKGROUP" >> /etc/samba/smb.conf echo "hosts allow = 127. 192.168.0. 192.168.1." >> /etc/samba/smb.conf echo "#socket options = IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072 TCP_NODELAY" >> /etc/samba/smb.conf echo "max xmit = 16644" >> /etc/samba/smb.conf echo "read size = 0" >> /etc/samba/smb.conf echo "read raw = no" >> /etc/samba/smb.conf echo "write raw = no" >> /etc/samba/smb.conf echo "log level = 0" >> /etc/samba/smb.conf echo "" >> /etc/samba/smb.conf echo "[sdcard]" >> /etc/samba/smb.conf echo " comment = Orange Pi PC2 MicroSD" >> /etc/samba/smb.conf echo " path = ${SDCARD_DIR}" >> /etc/samba/smb.conf echo " browseble = yes" >> /etc/samba/smb.conf echo " writable = yes" >> /etc/samba/smb.conf echo " share modes = yes" >> /etc/samba/smb.conf echo " valid users = @users" >> /etc/samba/smb.conf echo " read only = no" >> /etc/samba/smb.conf echo " create mode = 0660" >> /etc/samba/smb.conf echo " directory mode = 0770" >> /etc/samba/smb.conf echo " guest ok = yes" >> /etc/samba/smb.conf echo "" >> /etc/samba/smb.conf echo "[external_hdd]" >> /etc/samba/smb.conf echo " comment = Orange Pi PC2 External HDD" >> /etc/samba/smb.conf echo " path = ${EXTERNAL_HDD_DIR}" >> /etc/samba/smb.conf echo " browseble = yes" >> /etc/samba/smb.conf echo " writable = yes" >> /etc/samba/smb.conf echo " share modes = yes" >> /etc/samba/smb.conf echo " valid users = @users" >> /etc/samba/smb.conf echo " read only = no" >> /etc/samba/smb.conf echo " create mode = 0660" >> /etc/samba/smb.conf echo " directory mode = 0770" >> /etc/samba/smb.conf echo " guest ok = yes" >> /etc/samba/smb.conf mkdir -p ${EXTERNAL_HDD_DIR} chown -R dietpi:dietpi ${EXTERNAL_HDD_DIR} chmod 755 ${EXTERNAL_HDD_DIR} usermod -d ${SDCARD_DIR} dietpi echo "################################################" echo "#" echo "# PLEASE, ENTER SAMBA dietpi ACCOUNT PASSWORD." echo "#" echo "################################################" smbpasswd -a dietpi fi ########################################################### # # dhcpd 설정 # ########################################################### sync echo "ddns-update-style none;" > /etc/dhcp/dhcpd.conf echo "default-lease-time 86400;" >> /etc/dhcp/dhcpd.conf echo "max-lease-time 172800;" >> /etc/dhcp/dhcpd.conf echo "" >> /etc/dhcp/dhcpd.conf echo "subnet 192.168.1.0 netmask 255.255.255.248 {" >> /etc/dhcp/dhcpd.conf echo " range 192.168.1.2 192.168.1.6;" >> /etc/dhcp/dhcpd.conf echo " option domain-name \"local\";" >> /etc/dhcp/dhcpd.conf echo " option domain-name-servers 8.8.8.8, 8.8.4.4;" >> /etc/dhcp/dhcpd.conf echo " option subnet-mask 255.255.255.248;" >> /etc/dhcp/dhcpd.conf echo " option routers 192.168.1.1;" >> /etc/dhcp/dhcpd.conf echo " option broadcast-address 192.168.1.7;" >> /etc/dhcp/dhcpd.conf echo " default-lease-time 86400;" >> /etc/dhcp/dhcpd.conf echo " max-lease-time 172800;" >> /etc/dhcp/dhcpd.conf echo "}" >> /etc/dhcp/dhcpd.conf ########################################################### # # vsftpd 설정 # ########################################################### echo "chroot_local_user=YES" >> /etc/vsftpd.conf echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf echo "local_enable=YES" >> /etc/vsftpd.conf echo "write_enable=YES" >> /etc/vsftpd.conf echo "local_umask=0002" >> /etc/vsftpd.conf echo "anon_upload_enable=YES" >> /etc/vsftpd.conf echo "anon_mkdir_write_enable=YES" >> /etc/vsftpd.conf echo "file_open_mode=0777" >> /etc/vsftpd.conf ########################################################### # # apache2 설정 # ########################################################### if [ ${USE_APACHE2} = 1 ] then a2enmod dav a2enmod dav_fs a2enmod auth_digest sed -i 's/export APACHE_RUN_USER=www-data/export APACHE_RUN_USER=dietpi/g' /etc/apache2/envvars sed -i 's/export APACHE_RUN_GROUP=www-data/export APACHE_RUN_GROUP=dietpi/g' /etc/apache2/envvars sed -i 's/\${APACHE_LOG_DIR}\/error.log/\/dev\/null/g' /etc/apache2/apache2.conf sed -i "s~<Directory /var/www/>~<Directory ${SDCARD_DIR}/>~g" /etc/apache2/apache2.conf echo "" >> /etc/apache2/apache2.conf echo "<Directory /var/www>" >> /etc/apache2/apache2.conf echo " Options Indexes FollowSymLinks MultiViews ExecCGI" >> /etc/apache2/apache2.conf echo " AllowOverride FileInfo AuthConfig Limit" >> /etc/apache2/apache2.conf echo " Require all granted" >> /etc/apache2/apache2.conf echo "</Directory>" >> /etc/apache2/apache2.conf echo "" >> /etc/apache2/ports.conf echo "Listen 5005" >> /etc/apache2/ports.conf echo "<VirtualHost *:80>" > /etc/apache2/sites-available/000-default.conf echo " ServerAdmin dietpi@localhost" >> /etc/apache2/sites-available/000-default.conf echo " DocumentRoot /var/www" >> /etc/apache2/sites-available/000-default.conf echo " ErrorLog \${APACHE_LOG_DIR}/http_error.log" >> /etc/apache2/sites-available/000-default.conf echo " CustomLog /dev/null combined" >> /etc/apache2/sites-available/000-default.conf echo "</VirtualHost>" >> /etc/apache2/sites-available/000-default.conf echo "" >> /etc/apache2/sites-available/000-default.conf echo "DavLockDB ${SDCARD_DIR}/DavLock" >> /etc/apache2/sites-available/000-default.conf echo "<VirtualHost *:5005>" >> /etc/apache2/sites-available/000-default.conf echo " ServerAdmin dietpi@localhost" >> /etc/apache2/sites-available/000-default.conf echo " DocumentRoot ${SDCARD_DIR}" >> /etc/apache2/sites-available/000-default.conf echo " ErrorLog \${APACHE_LOG_DIR}/webdav_error.log" >> /etc/apache2/sites-available/000-default.conf echo " CustomLog /dev/null combined" >> /etc/apache2/sites-available/000-default.conf echo " Alias /webdav ${SDCARD_DIR}" >> /etc/apache2/sites-available/000-default.conf echo " <Directory ${SDCARD_DIR}>" >> /etc/apache2/sites-available/000-default.conf echo " DAV On" >> /etc/apache2/sites-available/000-default.conf echo " AuthType Digest" >> /etc/apache2/sites-available/000-default.conf echo " AuthName "webdav"" >> /etc/apache2/sites-available/000-default.conf echo " AuthUserFile /etc/apache2/users.password" >> /etc/apache2/sites-available/000-default.conf echo " Require valid-user" >> /etc/apache2/sites-available/000-default.conf echo " </Directory>" >> /etc/apache2/sites-available/000-default.conf echo "</VirtualHost>" >> /etc/apache2/sites-available/000-default.conf echo "################################################" echo "#" echo "# PLEASE, ENTER WEBDAV PASSWORD." echo "#" echo "################################################" htdigest -c /etc/apache2/users.password webdav dietpi chown -R dietpi:dietpi /var/www chown dietpi:dietpi /etc/apache2/users.password fi ########################################################### # # timezone & locale # ########################################################### apt-get -y install language-pack-ko locale-gen ko_KR.UTF-8 update-locale LANG=ko_KR.UTF-8 timedatectl set-timezone "Asia/Seoul" ########################################################### # # /etc/ssh/sshd_config 수정 # ########################################################### sed -i "s/PermitRootLogin without-password/PermitRootLogin yes/g" /etc/ssh/sshd_config ########################################################### # # 로그인 시 dietpi-software 실행 금지 # ########################################################### echo "2" > /DietPi/dietpi/.install_stage ########################################################### # # 서비스 강제 실행 방지 # ########################################################### /DietPi/dietpi/dietpi-services disable rm -f /DietPi/dietpi/dietpi-services mv -f /boot/dietpi/dietpi-services /root/ ########################################################### # # .bashrc 편집 # ########################################################### sed -i 's/\/DietPi\/dietpi\/login/# aliases/g' /root/.bashrc echo "alias egrep='egrep --color=auto'" >> /root/.bashrc echo "alias fgrep='fgrep --color=auto'" >> /root/.bashrc echo "alias grep='grep --color=auto'" >> /root/.bashrc echo "alias l='ls -CF'" >> /root/.bashrc echo "alias la='ls -A'" >> /root/.bashrc echo "alias ll='ls -l'" >> /root/.bashrc echo "alias ls='ls --color=auto'" >> /root/.bashrc echo "alias vdir='vdir --color=auto'" >> /root/.bashrc ########################################################### # # 불필요한 서비스 제거 # # enable 되어있는 서비스 보기 # ls -1 /etc/rc$(runlevel| cut -d" " -f2).d/S* | awk -F'[0-9][0-9]' '{print "Startup :-> " $2}' # systemctl -t service -a # ########################################################### systemctl disable acpid.service systemctl disable alsa-utils.service systemctl disable avahi-daemon.service systemctl disable dbus.service systemctl disable dietpi-boot.service systemctl disable dropbear.service systemctl disable hostapd.service systemctl disable isc-dhcp-server.service systemctl disable isc-dhcp-server.service systemctl disable pppd-dns.service systemctl disable samba-ad-dc.service systemctl disable udhcpd.service systemctl disable ureadahead.service systemctl enable apache2.service systemctl enable console-setup.service systemctl enable cpufrequtils.service systemctl enable cron.service systemctl enable dietpi-ramdisk.service systemctl enable dietpi-ramlog.service systemctl enable dropbear.service systemctl enable fake-hwclock.service systemctl enable getty@tty1.service systemctl enable hwclock-save.service systemctl enable ifup@eth0.service systemctl enable ifup@usb0.service systemctl enable ifup@wlan0.service systemctl enable keyboard-setup.service systemctl enable kmod-static-nodes.service systemctl enable loadcpufreq.service systemctl enable mysql.service systemctl enable networking.service systemctl enable nmbd.service systemctl enable ondemand.service systemctl enable rc-local.service systemctl enable resolvconf.service systemctl enable rsyslog.service systemctl enable serial-getty@ttyGS0.service systemctl enable serial-getty@ttyS0.service systemctl enable setvtrgb.service systemctl enable smbd.service systemctl enable ssh.service systemctl enable systemd-journal-flush.service systemctl enable systemd-journald.service systemctl enable systemd-logind.service systemctl enable systemd-modules-load.service systemctl enable systemd-random-seed.service systemctl enable systemd-remount-fs.service systemctl enable systemd-sysctl.service systemctl enable systemd-timesyncd.service systemctl enable systemd-tmpfiles-setup-dev.service systemctl enable systemd-tmpfiles-setup.service systemctl enable systemd-udev-trigger.service systemctl enable systemd-udevd.service systemctl enable systemd-update-utmp.service systemctl enable systemd-user-sessions.service systemctl enable vsftpd.service ########################################################### # # 불필요한 파일들 삭제 # ########################################################### apt-get -y -f autoremove apt-get -y autoclean apt-get -y clean rm -f /var/log/*.gz rm -f /var/log/*.log.* rm -f /var/log/*log rm -f /var/log/syslog rm -f /var/swap rm -rf /tmp/* sync