5.3 KiB
Core System
The
_____ _____ _
/ ____| / ____| | |
| | ___ _ __ ___| (___ _ _ ___| |_ ___ _ __ ___
| | / _ \| '__/ _ \\___ \| | | / __| __/ _ \ '_ ` _ \
| |___| (_) | | | __/____) | |_| \__ \ || __/ | | | | |
\_____\___/|_| \___|_____/ \__, |___/\__\___|_| |_| |_|
__/ |
|___/
is an administration tool designed from and for Kevin Veen-Birkenbach.
Licensed under GNU GENERAL PUBLIC LICENSE Version 3
Todo
- Implement ssh configuration
- Implement wifi automation
- Install client software depentend on hardware
- Use travis
- Move repository folder
Description
This repository contains scripts to set up an working client system, maintain it and to save all important and configuration data on an USB stick. The data is stored encrypted with EncFS. It's adapted to the needs of Kevin Veen-Birkenbach. Feel free to clone it and to adapt it to your needs. The goal is to never setup and configure a system manual again, or to care about loosing passwords and important data. Instead the whole process SHOULD be automatized.
Functions
This repository contains the following scripts:
Order | Description |
---|---|
bash ./scripts/system-setup.sh |
Setup the customized software on the system on which you execute it. |
bash ./scripts/backup.sh |
Executes all setup scripts. |
bash ./scripts/import-data-from-system.sh |
Import data from the host system. |
bash ./scripts/export-data-to-system.sh |
Export data to the host system. |
bash ./scripts/unlock.sh |
Unlock the stored data. |
bash ./scripts/lock.sh |
Lock the stored data |
bash ./scripts/pull-local-repositories.sh |
Pulls all local repositories branches |
bash ./scripts/pushs-local-repositories.sh |
Pushs all local repositories branches |
encfsctl passwd .encrypted |
Change the password of the encrypted folder. |
System
Client
The client script is optimized for a Manjaro Linux. It's recommended to encrypt the hard drive with LUKS if the computer isn't shared.
Folder
The following folder structures will be used:
Path | Description |
---|---|
$HOME/Documents/certificates/ | Contains certificates to authenticate via certificate based authentication. |
$HOME/Documents/recovery_codes/ | Contains files with recovery_codes e.g. for Two-factor authentication. |
$HOME/Documents/identity/ | Contains files to prove the identity of the Core System Owner in physical live like passports. |
$HOME/Documents/passwords/ | Contains e.g the KeePassXC database with all Core System Owner passwords. |
$HOME/Documents/repositories/ | Contains all git repositories |
$HOME/Images/ | contains os images |
Desktop
The System allows to use a GNOME desktop or a Xfce desktop. Depending on the desktop environment you have different functionalities.
User Data
Right now the software expects that the Core System Owner has on all systems the same username. By executing the import script it automatic backups the application configuration data, ssh keys and other important data which is saved in well defined configuration files and folders.
Server
Raspberry Pi
This repository contains some shell scripts to install Arch Linux for the Raspberry Pi on a SD-Card and to backup a SD-Card.
Setup
Guided
To install a Linux distribution manually on a SD card type in:
bash ./sd_setup.sh
Piped
To pase the configuration to the program use this syntax:
(
echo "$USER" # | The username
echo "mmcblk1" # | The device
echo "3" # | The raspberry pi number
echo "arch" # | The operation system
#echo "n" # ├── If arch: Should a encrypted setup be used? (y/n)
echo "n" # | Force image download
echo "n" # | Transfer image
#echo "n" # ├── If image transfer yes Overwrite device before copying? (y/n)
echo "test12345" # | The user password
echo "test12345" # | The root password
echo "example-host" # | The hostname
echo "y" # | Setup Wifi on target system
)| sudo bash ./scripts/image/setup.sh
License
The "GNU GENERAL PUBLIC LICENSE Version 3" applies to this project.