diff --git a/README.md b/README.md index 38db946..88f3f9c 100644 --- a/README.md +++ b/README.md @@ -397,6 +397,7 @@ These are some notes regarding the technical design and implementations of Mistb - The "Update" button will pull updated Docker images for mistborn, postgresql, redis, pihole, and dnscrypt. Those services will then be restarted. - The generated TLS certificate has an RSA modulus of 4096 bits, is signed with SHA-256, and is good for 10 years. The nanny at Apple has decided to restrict the kinds of certificates iOS users may choose to manually trust and so you may have issues with TLS on an Apple device for now. - Outbound UDP on port 53 is blocked. All DNS requests should be handled by the dnscrypt_proxy service and if any client, service, etc. tries to circumvent that it is blocked. +- Unattended upgrades are set to automatically install operating system security updates. # Roadmap Many features and refinements are in the works at various stages including: @@ -414,7 +415,7 @@ Many features and refinements are in the works at various stages including: Contact me at [steven@cyber5k.com](mailto:steven@cyber5k.com) -# Support +# Support Mistborn Please consider supporting the project via: - [Paypal.me](https://paypal.me/cyber5k) diff --git a/scripts/install.sh b/scripts/install.sh index 87f4e2f..1d81e21 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -119,6 +119,8 @@ sudo sed -i 's/#PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/s sudo sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config sudo sed -i 's/#PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config sudo sed -i 's/PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config +sudo sed -i 's/#Port.*/Port 22/' /etc/ssh/sshd_config +sudo sed -i 's/Port.*/Port 22/' /etc/ssh/sshd_config sudo systemctl enable ssh sudo systemctl restart ssh diff --git a/scripts/subinstallers/cockpit.sh b/scripts/subinstallers/cockpit.sh index da90569..1a9d7f5 100755 --- a/scripts/subinstallers/cockpit.sh +++ b/scripts/subinstallers/cockpit.sh @@ -4,22 +4,25 @@ figlet "Mistborn: Installing Cockpit" if [ "$DISTRO" == "ubuntu" ]; then echo "Ubuntu backports enabled by default" - - sudo apt-get install -y cockpit cockpit-docker elif [ "$DISTRO" == "debian" ]; then sudo grep -qF "buster-backports" /etc/apt/sources.list.d/backports.list \ && echo "buster-backports already in sources" \ || echo 'deb http://deb.debian.org/debian buster-backports main' | sudo tee -a /etc/apt/sources.list.d/backports.list - sudo apt-get install -y cockpit cockpit-docker elif [ "$DISTRO" == "raspbian" ]; then echo "Raspbian repos contain cockpit" - sudo apt-get install -y cockpit cockpit-docker fi + +sudo apt-get install -y cockpit + +if $(sudo apt-cache show cockpit-docker > /dev/null 2>&1) ; then + # no longer supported upstream in Ubuntu 20.04 + sudo apt-get install -y cockpit-docker +fi sudo cp ./scripts/conf/cockpit.conf /etc/cockpit/cockpit.conf sudo systemctl restart cockpit.socket