#!/bin/sh
#
# Some commands to generate a "good" custom Debian template

# SSH {{{

# allow root connection with a password
/bin/sed -i 's/\(^\|^\#\)\(PermitRootLogin\).*/\2 yes/g' /etc/ssh/sshd_config ;
systemctl restart sshd

# or download admin ssh pubkey

# }}}

# time {{{

# set timezone
echo "Europe/Paris" > /etc/timezone
rm --force -- /etc/localtime
dpkg-reconfigure --frontend noninteractive -- tzdata

# }}}

# manage locale {{{

NEW_L="en_US.UTF-8"
## Fix locale for the script
export LANGUAGE="${NEW_L}"
export LANG="${NEW_L}"
export LC_ALL="${NEW_L}"

## Generate new locale
sed -i -e "s/# \(${NEW_L} UTF-8\)/\1/" /etc/locale.gen
locale-gen
echo "LANG=\"${NEW_L}\"" > /etc/default/locale
dpkg-reconfigure --frontend noninteractive -- locales
update-locale LANG="${NEW_L}"

# }}}

# download an additionnal script to manage rsyslog and logrotate {{{

# Previously used hostnamectl but it can't works correctly on LXC container with Apparmor
debian_version=$(grep VERSION_CODENAME /etc/os-release | cut --delimiter="=" --fields=2)

wget https://git.ipr.univ-rennes1.fr/cellinfo/tftpboot/raw/master/scripts/latecommand.tar.gz --output-document=/tmp/latecommand.tar.gz
tar xzf /tmp/latecommand.tar.gz --directory=/tmp/
/bin/sh /tmp/latecommand/post."${debian_version}".sh

# }}}

# APT {{{

## Clean downloaded and list of packages
aptitude clean
rm --force -- /var/cache/apt/*.bin

# }}}

# clean the system {{{
true > /etc/resolv.conf
find /var/log -type f -iname "*.log" -delete -exec touch {} \;
find /var/log -type f \( -iname "*.gz" -o -iname ".*.0" -o -iname "dmesg.*" \) -delete
rm --force -- /root/.bash_history
rm --recursive --force -- /var/log/journal/*

# }}}

exit 0