vps/setup.sh

50 lines
1.4 KiB
Bash
Raw Normal View History

#!/usr/bin/bash
if [[ $(whoami) == "root" ]]; then
echo "Do not run this script as root."
exit
fi
2024-10-07 11:37:52 +02:00
while ! [[ "$podman_mode" =~ ^(rootful|rootless)$ ]]; do
read -rp "Rootful or rootless Podman? " podman_mode
done
2024-10-07 11:37:52 +02:00
declare -a podman_units=(podman.service podman.socket podman-auto-update.service podman-auto-update.timer podman-clean-transient.service podman-restart.service)
if [[ "$podman_mode" == "rootless" ]]; then
2024-10-15 21:44:02 +02:00
sudo apt install -y aardvark-dns borgbackup cifs-utils curl dbus-user-session nftables nginx passt podman podman-compose python3-mako slirp4netns uidmap
2024-10-07 11:37:52 +02:00
sudo loginctl enable-linger "$USER"
2024-10-07 11:37:52 +02:00
sudo systemctl disable --now "${podman_units[@]}"
systemctl --user enable --now "${podman_units[@]}"
else
2024-10-15 21:44:02 +02:00
sudo apt install -y aardvark-dns borgbackup cifs-utils curl nftables nginx podman podman-compose python3-mako
2024-10-07 11:37:52 +02:00
systemctl --user disable --now "${podman_units[@]}"
sudo systemctl enable --now "${podman_units[@]}"
fi
declare -A sysctl_vars=(
[vm.overcommit_memory]=1
2024-10-07 14:42:58 +02:00
[net.core.wmem_max]=7500000
[net.core.rmem_max]=7500000
)
echo -n "" | sudo tee /etc/sysctl.d/podman.conf
for key in "${!sysctl_vars[@]}"; do
value="${sysctl_vars[$key]}"
echo "$key = $value" | sudo tee -a /etc/sysctl.d/podman.conf
done
2024-10-07 14:42:58 +02:00
sudo sysctl -p /etc/sysctl.d/podman.conf
2024-10-15 21:44:02 +02:00
sudo curl -o /etc/nginx/dhparam.txt https://ssl-config.mozilla.org/ffdhe2048.txt
sudo systemctl enable --now nftables nginx