From 8e668766eace4bbf2841fbf05bc1afa123eaf6b0 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Fri, 10 Jul 2020 20:16:13 -0400
Subject: [PATCH 1/5] noninteractive

---
 scripts/install.sh | 6 ++++--
 scripts/update.sh  | 2 ++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index 07d322e..92d63b2 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -2,6 +2,8 @@
 
 set -e
 
+export DEBIAN_FRONTEND=noninteractive
+
 ## ensure run as nonroot user
 #if [ "$EUID" -eq 0 ]; then
 MISTBORN_USER="mistborn"
@@ -37,7 +39,7 @@ if [ $(whoami) != "$MISTBORN_USER" ]; then
 
         sudo cp $FULLPATH /home/$MISTBORN_USER
         sudo chown $MISTBORN_USER:$MISTBORN_USER /home/$MISTBORN_USER/$FILENAME
-        sudo SSH_CLIENT="$SSH_CLIENT" MISTBORN_DEFAULT_PASSWORD="$MISTBORN_DEFAULT_PASSWORD" GIT_BRANCH="$GIT_BRANCH" MISTBORN_INSTALL_COCKPIT="$MISTBORN_INSTALL_COCKPIT" -i -u $MISTBORN_USER bash -c "/home/$MISTBORN_USER/$FILENAME" # self-referential call
+        sudo DEBIAN_FRONTEND=noninteractive SSH_CLIENT="$SSH_CLIENT" MISTBORN_DEFAULT_PASSWORD="$MISTBORN_DEFAULT_PASSWORD" GIT_BRANCH="$GIT_BRANCH" MISTBORN_INSTALL_COCKPIT="$MISTBORN_INSTALL_COCKPIT" -i -u $MISTBORN_USER bash -c "/home/$MISTBORN_USER/$FILENAME" # self-referential call
         exit 0
 fi
 
@@ -131,7 +133,7 @@ sudo apt-get install -y dnsutils fail2ban
 if [ "$DISTRO" == "ubuntu" ] || [ "$DISTRO" == "debian" ]; then
     sudo apt install -y linux-headers-$(uname -r)
 elif [ "$DISTRO" == "raspbian" ]; then
-    sudo apt-get install -y raspberrypi-kernel-headers
+    sudo apt install -y raspberrypi-kernel-headers
 fi
 
 # Wireugard
diff --git a/scripts/update.sh b/scripts/update.sh
index 049fbec..e901489 100755
--- a/scripts/update.sh
+++ b/scripts/update.sh
@@ -2,6 +2,8 @@
 
 set -e
 
+export DEBIAN_FRONTEND=noninteractive
+
 sudo git -C /opt/mistborn pull
 sudo git -C /opt/mistborn submodule update --init --recursive
 

From c2f94aa6c0ecbab0e195e8455b91067c8fb8f878 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Fri, 10 Jul 2020 20:42:53 -0400
Subject: [PATCH 2/5] export

---
 scripts/install.sh | 4 ++--
 scripts/update.sh  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index 92d63b2..9a3efad 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -2,7 +2,7 @@
 
 set -e
 
-export DEBIAN_FRONTEND=noninteractive
+DEBIAN_FRONTEND=noninteractive
 
 ## ensure run as nonroot user
 #if [ "$EUID" -eq 0 ]; then
@@ -39,7 +39,7 @@ if [ $(whoami) != "$MISTBORN_USER" ]; then
 
         sudo cp $FULLPATH /home/$MISTBORN_USER
         sudo chown $MISTBORN_USER:$MISTBORN_USER /home/$MISTBORN_USER/$FILENAME
-        sudo DEBIAN_FRONTEND=noninteractive SSH_CLIENT="$SSH_CLIENT" MISTBORN_DEFAULT_PASSWORD="$MISTBORN_DEFAULT_PASSWORD" GIT_BRANCH="$GIT_BRANCH" MISTBORN_INSTALL_COCKPIT="$MISTBORN_INSTALL_COCKPIT" -i -u $MISTBORN_USER bash -c "/home/$MISTBORN_USER/$FILENAME" # self-referential call
+        sudo SSH_CLIENT="$SSH_CLIENT" MISTBORN_DEFAULT_PASSWORD="$MISTBORN_DEFAULT_PASSWORD" GIT_BRANCH="$GIT_BRANCH" MISTBORN_INSTALL_COCKPIT="$MISTBORN_INSTALL_COCKPIT" -i -u $MISTBORN_USER bash -c "/home/$MISTBORN_USER/$FILENAME" # self-referential call
         exit 0
 fi
 
diff --git a/scripts/update.sh b/scripts/update.sh
index e901489..0576395 100755
--- a/scripts/update.sh
+++ b/scripts/update.sh
@@ -2,7 +2,7 @@
 
 set -e
 
-export DEBIAN_FRONTEND=noninteractive
+DEBIAN_FRONTEND=noninteractive
 
 sudo git -C /opt/mistborn pull
 sudo git -C /opt/mistborn submodule update --init --recursive

From dc20f43a9d46fd511035786391b5aa52231dc1bf Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Fri, 10 Jul 2020 21:01:52 -0400
Subject: [PATCH 3/5] sudo env

---
 modules/mistborn-cli |  2 +-
 scripts/install.sh   | 16 ++++++++--------
 scripts/update.sh    |  2 +-
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/modules/mistborn-cli b/modules/mistborn-cli
index 00986bc..a0a1bb5 160000
--- a/modules/mistborn-cli
+++ b/modules/mistborn-cli
@@ -1 +1 @@
-Subproject commit 00986bcb7f945c611d13099672b4fb1e2d0721f2
+Subproject commit a0a1bb57ede8ea95607d99442e8d85c68068034f
diff --git a/scripts/install.sh b/scripts/install.sh
index 9a3efad..e5cda32 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -2,7 +2,7 @@
 
 set -e
 
-DEBIAN_FRONTEND=noninteractive
+export DEBIAN_FRONTEND=noninteractive
 
 ## ensure run as nonroot user
 #if [ "$EUID" -eq 0 ]; then
@@ -39,7 +39,7 @@ if [ $(whoami) != "$MISTBORN_USER" ]; then
 
         sudo cp $FULLPATH /home/$MISTBORN_USER
         sudo chown $MISTBORN_USER:$MISTBORN_USER /home/$MISTBORN_USER/$FILENAME
-        sudo SSH_CLIENT="$SSH_CLIENT" MISTBORN_DEFAULT_PASSWORD="$MISTBORN_DEFAULT_PASSWORD" GIT_BRANCH="$GIT_BRANCH" MISTBORN_INSTALL_COCKPIT="$MISTBORN_INSTALL_COCKPIT" -i -u $MISTBORN_USER bash -c "/home/$MISTBORN_USER/$FILENAME" # self-referential call
+        sudo -E -i -u $MISTBORN_USER bash -c "/home/$MISTBORN_USER/$FILENAME" # self-referential call
         exit 0
 fi
 
@@ -99,7 +99,7 @@ git submodule update --init --recursive
 sudo apt-get update
 
 # install figlet
-sudo apt-get install -y figlet
+sudo -E apt-get install -y figlet
 
 # get os and distro
 source ./scripts/subinstallers/platform.sh
@@ -116,7 +116,7 @@ fi
 
 
 # SSH Server
-sudo apt-get install -y openssh-server
+sudo -E apt-get install -y openssh-server
 sudo sed -i 's/#PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config
 sudo sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config
 sudo sed -i 's/#PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
@@ -127,13 +127,13 @@ sudo systemctl enable ssh
 sudo systemctl restart ssh
 
 # Additional tools fail2ban
-sudo apt-get install -y dnsutils fail2ban
+sudo -E apt-get install -y dnsutils fail2ban
 
 # Install kernel headers
 if [ "$DISTRO" == "ubuntu" ] || [ "$DISTRO" == "debian" ]; then
-    sudo apt install -y linux-headers-$(uname -r)
+    sudo -E apt install -y linux-headers-$(uname -r)
 elif [ "$DISTRO" == "raspbian" ]; then
-    sudo apt install -y raspberrypi-kernel-headers
+    sudo -E apt install -y raspberrypi-kernel-headers
 fi
 
 # Wireugard
@@ -145,7 +145,7 @@ sudo systemctl enable docker
 sudo systemctl start docker
 
 # Unattended upgrades
-sudo apt-get install -y unattended-upgrades
+sudo -E apt-get install -y unattended-upgrades
 
 # Cockpit
 if [[ "$MISTBORN_INSTALL_COCKPIT" =~ ^([yY][eE][sS]|[yY])$ ]]
diff --git a/scripts/update.sh b/scripts/update.sh
index 0576395..e901489 100755
--- a/scripts/update.sh
+++ b/scripts/update.sh
@@ -2,7 +2,7 @@
 
 set -e
 
-DEBIAN_FRONTEND=noninteractive
+export DEBIAN_FRONTEND=noninteractive
 
 sudo git -C /opt/mistborn pull
 sudo git -C /opt/mistborn submodule update --init --recursive

From 680c1c15fdf11b173f35233335110d5d9b631ce0 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Fri, 10 Jul 2020 21:09:05 -0400
Subject: [PATCH 4/5] mistborn shell

---
 modules/mistborn-cli | 2 +-
 scripts/install.sh   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/mistborn-cli b/modules/mistborn-cli
index a0a1bb5..00986bc 160000
--- a/modules/mistborn-cli
+++ b/modules/mistborn-cli
@@ -1 +1 @@
-Subproject commit a0a1bb57ede8ea95607d99442e8d85c68068034f
+Subproject commit 00986bcb7f945c611d13099672b4fb1e2d0721f2
diff --git a/scripts/install.sh b/scripts/install.sh
index e5cda32..0e7812a 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -39,7 +39,7 @@ if [ $(whoami) != "$MISTBORN_USER" ]; then
 
         sudo cp $FULLPATH /home/$MISTBORN_USER
         sudo chown $MISTBORN_USER:$MISTBORN_USER /home/$MISTBORN_USER/$FILENAME
-        sudo -E -i -u $MISTBORN_USER bash -c "/home/$MISTBORN_USER/$FILENAME" # self-referential call
+        sudo SSH_CLIENT="$SSH_CLIENT" MISTBORN_DEFAULT_PASSWORD="$MISTBORN_DEFAULT_PASSWORD" GIT_BRANCH="$GIT_BRANCH" MISTBORN_INSTALL_COCKPIT="$MISTBORN_INSTALL_COCKPIT" -i -u $MISTBORN_USER bash -c "/home/$MISTBORN_USER/$FILENAME" # self-referential call
         exit 0
 fi
 

From 64050a65c3c6ca47a5636e03eab753495a7b37a0 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Sat, 11 Jul 2020 08:57:35 -0400
Subject: [PATCH 5/5] sudo environment in subinstallers

---
 scripts/subinstallers/cockpit.sh       | 4 ++--
 scripts/subinstallers/docker.sh        | 4 ++--
 scripts/subinstallers/docker_manual.sh | 8 ++++----
 scripts/subinstallers/iptables.sh      | 2 +-
 scripts/subinstallers/openssl.sh       | 2 +-
 scripts/subinstallers/wireguard.sh     | 4 ++--
 6 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/scripts/subinstallers/cockpit.sh b/scripts/subinstallers/cockpit.sh
index 1a9d7f5..445ea69 100755
--- a/scripts/subinstallers/cockpit.sh
+++ b/scripts/subinstallers/cockpit.sh
@@ -17,11 +17,11 @@ elif [ "$DISTRO" == "raspbian" ]; then
 
 fi
     
-sudo apt-get install -y cockpit
+sudo -E apt-get install -y cockpit
 
 if $(sudo apt-cache show cockpit-docker > /dev/null 2>&1) ; then
     # no longer supported upstream in Ubuntu 20.04
-    sudo apt-get install -y cockpit-docker
+    sudo -E apt-get install -y cockpit-docker
 fi
 
 sudo cp ./scripts/conf/cockpit.conf /etc/cockpit/cockpit.conf
diff --git a/scripts/subinstallers/docker.sh b/scripts/subinstallers/docker.sh
index b21d452..a051604 100755
--- a/scripts/subinstallers/docker.sh
+++ b/scripts/subinstallers/docker.sh
@@ -4,11 +4,11 @@
 figlet "Mistborn: Installing Docker"
 
 sudo apt update
-sudo apt install -y python python3-pip python3-setuptools libffi-dev python3-dev libssl-dev
+sudo -E apt install -y python python3-pip python3-setuptools libffi-dev python3-dev libssl-dev
 
 if [ "$DISTRO" == "ubuntu" ] && [ "$VERSION_ID" == "20.04" ]; then
     echo "Automated Docker install"
-    sudo apt-get install -y docker-compose
+    sudo -E apt-get install -y docker-compose
 else
     echo "Manual Docker installation"
     source ./scripts/subinstallers/docker_manual.sh
diff --git a/scripts/subinstallers/docker_manual.sh b/scripts/subinstallers/docker_manual.sh
index 9692109..5fca1c9 100755
--- a/scripts/subinstallers/docker_manual.sh
+++ b/scripts/subinstallers/docker_manual.sh
@@ -2,7 +2,7 @@
 
 # dependencies
 echo "Installing Docker dependencies"
-sudo apt-get install -y \
+sudo -E apt-get install -y \
     apt-transport-https \
     ca-certificates \
     curl \
@@ -42,9 +42,9 @@ echo "Installing docker"
 sudo apt-get update
 
 if [ "$DISTRO" == "ubuntu" ] || [ "$DISTRO" == "debian" ]; then
-    sudo apt-get install -y docker-ce docker-ce-cli containerd.io
+    sudo -E apt-get install -y docker-ce docker-ce-cli containerd.io
 elif [ "$DISTRO" == "raspbian" ]; then
-    sudo apt install -y --no-install-recommends \
+    sudo -E apt install -y --no-install-recommends \
     docker-ce \
     cgroupfs-mount
 fi
@@ -59,7 +59,7 @@ echo "Installing Docker Compose"
 #    sudo chmod +x /usr/local/bin/docker-compose
 #elif [ "$DISTRO" == "raspbian" ]; then
 # Install required packages
-sudo apt install -y python-backports.ssl-match-hostname
+sudo -E apt install -y python-backports.ssl-match-hostname
 
 # Install Docker Compose from pip
 # This might take a while
diff --git a/scripts/subinstallers/iptables.sh b/scripts/subinstallers/iptables.sh
index 3715306..7c59891 100755
--- a/scripts/subinstallers/iptables.sh
+++ b/scripts/subinstallers/iptables.sh
@@ -102,7 +102,7 @@ if [ ! "$(dpkg-query -l iptables-persistent)" ]; then
     echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
     
     # install
-    sudo apt-get install -y iptables-persistent ipset
+    sudo -E apt-get install -y iptables-persistent ipset
 else
     echo "Saving iptables rules"
     sudo bash -c "iptables-save > /etc/iptables/rules.v4"
diff --git a/scripts/subinstallers/openssl.sh b/scripts/subinstallers/openssl.sh
index e010fad..c5d58eb 100755
--- a/scripts/subinstallers/openssl.sh
+++ b/scripts/subinstallers/openssl.sh
@@ -8,7 +8,7 @@ CRT_PATH="$KEY_FOLDER/$CRT_FILE"
 KEY_PATH="$KEY_FOLDER/$KEY_FILE"
 
 # ensure openssl installed
-sudo apt-get install -y openssl
+sudo -E apt-get install -y openssl
 
 # make folder
 mkdir -p $KEY_FOLDER
diff --git a/scripts/subinstallers/wireguard.sh b/scripts/subinstallers/wireguard.sh
index 93b2490..a544591 100755
--- a/scripts/subinstallers/wireguard.sh
+++ b/scripts/subinstallers/wireguard.sh
@@ -11,7 +11,7 @@ if ! $(sudo apt-cache show wireguard > /dev/null 2>&1) ; then
     # Wireguard
     if [ "$DISTRO" == "raspbian" ]; then
         echo "Adding Wireguard repo keys"
-        sudo apt-get install -y dirmngr
+        sudo -E apt-get install -y dirmngr
         sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553
         sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
         sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 04EE7237B7D453EC
@@ -29,4 +29,4 @@ fi
 
 echo "Installing Wireguard"
 sudo apt-get update
-sudo apt-get install -y openresolv wireguard
+sudo -E apt-get install -y openresolv wireguard