diff --git a/README.md b/README.md index 2b4f5de..e780665 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,38 @@ Within Mistborn is a panel to enable and manage these free extra services (off b - [Tor](https://www.torproject.org): The Onion Router. One tool in the arsenal of online security and privacy. - [Jitsi](https://jitsi.org): Multi-platform open-source video conferencing +# Quickstart +Tested Operating Systems (in order of thoroughness): +- Ubuntu 18.04 LTS +- Ubuntu 20.04 LTS +- Debian 10 (Buster) +- Raspbian Buster + +Recommended System Specifications: + +| Use Case | Description | RAM | Hard Disk | +|------------------------|-------------------------------------------------------------------------------|-------|-----------| +| Bare bones | Wireguard, Pihole (no Cockpit, no extra services) | 1 GB | 10 GB | +| Default | Bare bones + Cockpit | 2 GB | 10 GB | +| Low-resource services | Default + Bitwarden, Tor, Syncthing | 3 GB | 15 GB | +| High-resource services | Default + Jitsi, Nextcloud, Jellyfin, Rocket.Chat, Home Assistant, OnlyOffice | 4 GB+ | 25 GB+ | + +Starting from base installation +``` +git clone https://gitlab.com/cyber5k/mistborn.git +sudo bash ./mistborn/scripts/install.sh +``` + +Get default admin Wireguard profile +*wait 1 minute after "Mistborn Installed" message* +``` +sudo docker-compose -f /opt/mistborn/base.yml run --rm django python manage.py getconf admin default +``` + +Connect via Wireguard then visit `http://home.mistborn` + +For more information, see the `Installation` section below. + # Network Diagram ![Mistborn Network Diagram](https://gitlab.com/cyber5k/public/-/raw/master/graphics/mistborn_network.png) @@ -54,7 +86,7 @@ In Mistborn, Gateways are upstream from the VPN server so connections to third-p The Gateway adds an extra network hop. DNS is still resolved in Mistborn so pihole is still blocking ads. # Installation -Mistborn is regularly tested on Ubuntu 18.04 LTS (DigitalOcean droplet with 2 GB RAM). It has also been successfully used on Debian Buster and Raspbian Buster systems (though not regularly tested). +Mistborn is regularly tested on Ubuntu 18.04 LTS (DigitalOcean droplet with 2 GB RAM). It has also been successfully used on Debian Buster and Raspbian Buster systems (though not regularly tested). Additionally tested on Ubuntu 20.04 LTS. Clone the git repository and run the install script: ``` diff --git a/scripts/subinstallers/docker.sh b/scripts/subinstallers/docker.sh index b962864..1542207 100755 --- a/scripts/subinstallers/docker.sh +++ b/scripts/subinstallers/docker.sh @@ -1,72 +1,17 @@ #!/bin/bash -# Docker -figlet "Mistborn: Installing Docker" - -# dependencies -echo "Installing Docker dependencies" -sudo apt-get install -y \ - apt-transport-https \ - ca-certificates \ - curl \ - gnupg-agent \ - software-properties-common - -# Docker repo key -echo "Adding docker repository key" -if [ "$DISTRO" == "ubuntu" ]; then - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - -elif [ "$DISTRO" == "debian" ]; then - curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - -elif [ "$DISTRO" == "raspbian" ]; then - curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | sudo apt-key add - -fi - -# Docker repo to source list -echo "Adding docker to sources list" -if [ "$DISTRO" == "ubuntu" ]; then - sudo add-apt-repository -y \ - "deb https://download.docker.com/linux/ubuntu \ - $(lsb_release -cs) \ - stable" -elif [ "$DISTRO" == "debian" ]; then - sudo add-apt-repository -y \ - "deb https://download.docker.com/linux/debian \ - $(lsb_release -cs) \ - stable" -elif [ "$DISTRO" == "raspbian" ]; then - echo "deb [arch=armhf] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \ - $(lsb_release -cs) stable" | \ - sudo tee /etc/apt/sources.list.d/docker.list +sudo apt update +sudo apt install -y python python3-pip python3-setuptools libffi-dev python3-dev libssl-dev + +if [ "$DISTRO" == "ubuntu" ] && [ "$VERSION_ID" == "20.04" ]; then + echo "Automated Docker install" + sudo apt-get install -y docker-compose +else + echo "Manual Docker installation" + source ./scripts/subinstallers/docker_manual.sh fi -# install Docker -echo "Installing docker" -sudo apt-get update - -if [ "$DISTRO" == "ubuntu" ] || [ "$DISTRO" == "debian" ]; then - sudo apt-get install -y docker-ce docker-ce-cli containerd.io -elif [ "$DISTRO" == "raspbian" ]; then - sudo apt install -y --no-install-recommends \ - docker-ce \ - cgroupfs-mount +# set docker-compose path used in Mistborn +if [ ! -f /usr/local/bin/docker-compose ]; then + sudo ln -s $(which docker-compose) /usr/local/bin/docker-compose fi - -# Docker group -sudo usermod -aG docker $USER - -# Docker Compose -echo "Installing Docker Compose" -#if [ "$DISTRO" == "ubuntu" ] || [ "$DISTRO" == "debian" ]; then -# sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose -# sudo chmod +x /usr/local/bin/docker-compose -#elif [ "$DISTRO" == "raspbian" ]; then -# Install required packages -sudo apt update -sudo apt install -y python python3-pip python3-setuptools libffi-dev python-backports.ssl-match-hostname python3-dev libssl-dev - -# Install Docker Compose from pip -# This might take a while -sudo pip3 install docker-compose -#fi - diff --git a/scripts/subinstallers/docker_manual.sh b/scripts/subinstallers/docker_manual.sh new file mode 100755 index 0000000..176aba9 --- /dev/null +++ b/scripts/subinstallers/docker_manual.sh @@ -0,0 +1,71 @@ +#!/bin/bash + +# Docker +figlet "Mistborn: Installing Docker" + +# dependencies +echo "Installing Docker dependencies" +sudo apt-get install -y \ + apt-transport-https \ + ca-certificates \ + curl \ + gnupg-agent \ + software-properties-common + +# Docker repo key +echo "Adding docker repository key" +if [ "$DISTRO" == "ubuntu" ]; then + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - +elif [ "$DISTRO" == "debian" ]; then + curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - +elif [ "$DISTRO" == "raspbian" ]; then + curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | sudo apt-key add - +fi + +# Docker repo to source list +echo "Adding docker to sources list" +if [ "$DISTRO" == "ubuntu" ]; then + sudo add-apt-repository -y \ + "deb https://download.docker.com/linux/ubuntu \ + $(lsb_release -cs) \ + stable" +elif [ "$DISTRO" == "debian" ]; then + sudo add-apt-repository -y \ + "deb https://download.docker.com/linux/debian \ + $(lsb_release -cs) \ + stable" +elif [ "$DISTRO" == "raspbian" ]; then + echo "deb [arch=armhf] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \ + $(lsb_release -cs) stable" | \ + sudo tee /etc/apt/sources.list.d/docker.list +fi + +# install Docker +echo "Installing docker" +sudo apt-get update + +if [ "$DISTRO" == "ubuntu" ] || [ "$DISTRO" == "debian" ]; then + sudo apt-get install -y docker-ce docker-ce-cli containerd.io +elif [ "$DISTRO" == "raspbian" ]; then + sudo apt install -y --no-install-recommends \ + docker-ce \ + cgroupfs-mount +fi + +# Docker group +sudo usermod -aG docker $USER + +# Docker Compose +echo "Installing Docker Compose" +#if [ "$DISTRO" == "ubuntu" ] || [ "$DISTRO" == "debian" ]; then +# sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose +# sudo chmod +x /usr/local/bin/docker-compose +#elif [ "$DISTRO" == "raspbian" ]; then +# Install required packages +sudo apt install -y python-backports.ssl-match-hostname + +# Install Docker Compose from pip +# This might take a while +sudo pip3 install docker-compose +#fi + diff --git a/scripts/subinstallers/platform.sh b/scripts/subinstallers/platform.sh index 3c18fce..a619a95 100755 --- a/scripts/subinstallers/platform.sh +++ b/scripts/subinstallers/platform.sh @@ -4,11 +4,14 @@ # Determine OS platform UNAME=$(uname | tr "[:upper:]" "[:lower:]") DISTRO="" +VERSION_ID="" # If Linux, try to determine specific distribution if [ "$UNAME" == "linux" ]; then # use /etc/os-release to get distro DISTRO=$(cat /etc/os-release | awk -F= '/^ID=/{print $2}') + VERSION_ID=$(cat /etc/os-release | awk -F= '/^VERSION_ID=/{print $2}' | tr -d '"') fi figlet "UNAME: $UNAME" figlet "DISTRO: $DISTRO" +figlet "VERSION: $VERSION_ID" diff --git a/scripts/subinstallers/wireguard.sh b/scripts/subinstallers/wireguard.sh index d027f79..93b2490 100755 --- a/scripts/subinstallers/wireguard.sh +++ b/scripts/subinstallers/wireguard.sh @@ -2,23 +2,31 @@ figlet "Mistborn: Installing Wireguard" -# Wireguard -if [ "$DISTRO" == "raspbian" ]; then - echo "Adding Wireguard repo keys" - sudo apt-get install -y dirmngr - sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553 - sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 - sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 04EE7237B7D453EC +# if wireguard not in current repositories +if ! $(sudo apt-cache show wireguard > /dev/null 2>&1) ; then + # install PPAs + + echo "Adding Wireguard PPAs" + + # Wireguard + if [ "$DISTRO" == "raspbian" ]; then + echo "Adding Wireguard repo keys" + sudo apt-get install -y dirmngr + sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553 + sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 + sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 04EE7237B7D453EC + fi + + if [ "$DISTRO" == "ubuntu" ]; then + # Ubuntu + sudo add-apt-repository -y ppa:wireguard/wireguard + elif [ "$DISTRO" == "debian" ] || [ "$DISTRO" == "raspbian" ]; then + # Debian + sudo bash -c 'echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list' + sudo bash -c "printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable" + fi fi echo "Installing Wireguard" -if [ "$DISTRO" == "ubuntu" ]; then - # Ubuntu - sudo add-apt-repository -y ppa:wireguard/wireguard -elif [ "$DISTRO" == "debian" ] || [ "$DISTRO" == "raspbian" ]; then - # Debian - sudo bash -c 'echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list' - sudo bash -c "printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable" -fi sudo apt-get update sudo apt-get install -y openresolv wireguard