mirror of
https://github.com/stornic56/debianito-post-install.git
synced 2026-07-16 05:49:49 +00:00
63ef2e7343
- Replaced the restrictive head -n1 hardware parsing with a dynamic while read loop. The script now fully detects and registers multiple coexisting GPUs (Intel+Nvidia / AMD+Nvidia). - Rewrote install_gpu_drivers() in modules/gpu.sh from a mutually exclusive case block to independent, sequential if conditions. Laptops now install both integrated firmware (Intel/AMD with non-free VA-API acceleration) and dedicated graphics stacks (Nvidia driver + 32-bit libs for Steam) seamlessly in a single pass. - Improved Nvidia Kepler architecture guards under Debian 13 (Trixie). The script now safely skips missing legacy Nvidia packages without aborting or crashing the remaining Intel/AMD configurations. - Added nvme-cli utility installation across all Debian versions. For Bookworm and Trixie, it features dynamic hardware validation via lsblk transport filtering and interactive, real-time SMART log viewing with an execution screen-pause. - Created a brand new standalone module (modules/extras/dev/jellyfin.sh) to cleanly inject Jellyfin Media Server across Debian 11, 12, and 13 using its official setup script, protected by strict SHA256 checksum validations and guaranteed error-cleanup. - Added OpenRGB to the Gaming menu for Debian 12 and 13. Implemented secure curl downloads with an emulated Chrome User-Agent to bypass Codeberg bot blocks, complete with automatic i2c-dev module configuration, user groups provisioning, and udev permission rules execution. - Standardized menu headers across 15 separate files using a centralized readonly SCROLL_HINT=" [↑↓]" variable, replacing messy hardcoded strings with clean, uniform Whiptail instructions. - update README.md
51 lines
2.0 KiB
Bash
51 lines
2.0 KiB
Bash
#!/usr/bin/env bash
|
|
# security.sh — Security & Networking
|
|
|
|
_cat_security() {
|
|
local headless=false
|
|
_is_headless && headless=true
|
|
local wireshark_state; wireshark_state=$(_state "wireshark")
|
|
local tcpdump_state; tcpdump_state=$(_state "tcpdump")
|
|
local zenmap_state; zenmap_state=$(_state "zenmap")
|
|
local fail2ban_state; fail2ban_state=$(_state "fail2ban")
|
|
local ufw_state; ufw_state=$(_state "ufw")
|
|
local clamav_state; clamav_state=$(_state "clamav")
|
|
|
|
local TUI_ANCHO_REFORZADO=$((TUI_ANCHO + 6))
|
|
local choices
|
|
choices=$(whiptail --title "Security & Networking" --checklist \
|
|
"Select security and networking tools${SCROLL_HINT}:" $TUI_ALTO $TUI_ANCHO_REFORZADO $TUI_ALTO_LISTA \
|
|
"wireshark" "Network protocol analyzer (GUI)$(_inst wireshark)" "$wireshark_state" \
|
|
"tcpdump" "Command-line packet analyzer$(_inst tcpdump)" "$tcpdump_state" \
|
|
"zenmap" "Network scanner GUI (Nmap frontend)$(_inst zenmap)" "$zenmap_state" \
|
|
"fail2ban" "Brute-force protection daemon$(_inst fail2ban)" "$fail2ban_state" \
|
|
"ufw" "Uncomplicated firewall$(_inst ufw)" "$ufw_state" \
|
|
"clamav" "Antivirus engine (ClamAV)$(_inst clamav)" "$clamav_state" \
|
|
3>&1 1>&2 2>&3)
|
|
clear
|
|
|
|
[ -z "$choices" ] && return
|
|
|
|
local cleaned; cleaned=$(echo "$choices" | tr -d '"')
|
|
|
|
for pkg in $cleaned; do
|
|
case $pkg in
|
|
zenmap)
|
|
install_backports_or_stable zenmap
|
|
;;
|
|
clamav)
|
|
_install_clamav
|
|
;;
|
|
*)
|
|
if ! is_installed "$pkg"; then
|
|
_run_install "$pkg"
|
|
else
|
|
echo "$pkg already installed."
|
|
fi
|
|
;;
|
|
esac
|
|
done
|
|
|
|
echo -e "${GREEN}Security & networking tools installed.${NC}"
|
|
}
|