Files
debianito-post-install/modules/extras/security/security.sh
T
stornic56 63ef2e7343 dual-gpu fix & nvme
- Replaced the restrictive head -n1 hardware parsing with a dynamic while read loop. The script now fully detects and registers multiple coexisting GPUs (Intel+Nvidia / AMD+Nvidia).
- Rewrote install_gpu_drivers() in modules/gpu.sh from a mutually exclusive case block to independent, sequential if conditions. Laptops now install both integrated firmware (Intel/AMD with non-free VA-API acceleration) and dedicated graphics stacks (Nvidia driver + 32-bit libs for Steam) seamlessly in a single pass.
- Improved Nvidia Kepler architecture guards under Debian 13 (Trixie). The script now safely skips missing legacy Nvidia packages without aborting or crashing the remaining Intel/AMD configurations.
- Added nvme-cli utility installation across all Debian versions. For Bookworm and Trixie, it features dynamic hardware validation via lsblk transport filtering and interactive, real-time SMART log viewing with an execution screen-pause.
- Created a brand new standalone module (modules/extras/dev/jellyfin.sh) to cleanly inject Jellyfin Media Server across Debian 11, 12, and 13 using its official setup script, protected by strict SHA256 checksum validations and guaranteed error-cleanup.
- Added OpenRGB to the Gaming menu for Debian 12 and 13. Implemented secure curl downloads with an emulated Chrome User-Agent to bypass Codeberg bot blocks, complete with automatic i2c-dev module configuration, user groups provisioning, and udev permission rules execution.
- Standardized menu headers across 15 separate files using a centralized readonly SCROLL_HINT=" [↑↓]" variable, replacing messy hardcoded strings with clean, uniform Whiptail instructions.
- update README.md
2026-06-16 16:20:30 -05:00

51 lines
2.0 KiB
Bash

#!/usr/bin/env bash
# security.sh — Security & Networking
_cat_security() {
local headless=false
_is_headless && headless=true
local wireshark_state; wireshark_state=$(_state "wireshark")
local tcpdump_state; tcpdump_state=$(_state "tcpdump")
local zenmap_state; zenmap_state=$(_state "zenmap")
local fail2ban_state; fail2ban_state=$(_state "fail2ban")
local ufw_state; ufw_state=$(_state "ufw")
local clamav_state; clamav_state=$(_state "clamav")
local TUI_ANCHO_REFORZADO=$((TUI_ANCHO + 6))
local choices
choices=$(whiptail --title "Security & Networking" --checklist \
"Select security and networking tools${SCROLL_HINT}:" $TUI_ALTO $TUI_ANCHO_REFORZADO $TUI_ALTO_LISTA \
"wireshark" "Network protocol analyzer (GUI)$(_inst wireshark)" "$wireshark_state" \
"tcpdump" "Command-line packet analyzer$(_inst tcpdump)" "$tcpdump_state" \
"zenmap" "Network scanner GUI (Nmap frontend)$(_inst zenmap)" "$zenmap_state" \
"fail2ban" "Brute-force protection daemon$(_inst fail2ban)" "$fail2ban_state" \
"ufw" "Uncomplicated firewall$(_inst ufw)" "$ufw_state" \
"clamav" "Antivirus engine (ClamAV)$(_inst clamav)" "$clamav_state" \
3>&1 1>&2 2>&3)
clear
[ -z "$choices" ] && return
local cleaned; cleaned=$(echo "$choices" | tr -d '"')
for pkg in $cleaned; do
case $pkg in
zenmap)
install_backports_or_stable zenmap
;;
clamav)
_install_clamav
;;
*)
if ! is_installed "$pkg"; then
_run_install "$pkg"
else
echo "$pkg already installed."
fi
;;
esac
done
echo -e "${GREEN}Security & networking tools installed.${NC}"
}