-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmatrix_2plus.sh
277 lines (219 loc) · 8.33 KB
/
matrix_2plus.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
#!/bin/bash
# Global Variables
DISTRO=$(lsb_release -sc)
APT_LOG="/var/log/apt/secure_update.log"
AUTOSTART_DIR="$HOME/.config/autostart"
LOG_FILE="/var/log/system_optimization.log"
SECURITY_LOG="/var/log/security_monitor.log"
SYSTEM_LOAD_LOG="/var/log/system_load.log"
PERSISTENT_CONFIG="/etc/persistent_config"
# Function to log messages with timestamp
log() {
local message="$1"
local timestamp=$(date '+%Y-%m-%d %H:%M:%S')
echo -e "$timestamp - \e[32m$message\e[0m" | tee -a $LOG_FILE
}
# Function to pause and wait for user input before continuing
pause() {
echo -e "\e[33mPress Enter to continue...\e[0m"
read
}
# Function to delay each task for smoother execution
delay_task() {
local task="$1"
local seconds="$2"
log "Waiting for $seconds seconds before $task..."
sleep $seconds
}
# Force function to handle tasks that take too long
force_run() {
local task="$1"
local max_time="$2" # Max wait time in seconds
local time_waited=0
local interval=5 # Interval to check the time
log "Starting $task with max wait time of $max_time seconds."
while [ $time_waited -lt $max_time ]; do
sleep $interval
time_waited=$((time_waited + interval))
done
if [ $time_waited -ge $max_time ]; then
log "$task is taking too long. Forcing action..."
# Forced action to continue with the next step
fi
}
# Matrix Dialogue (replaces the matrix effect)
matrix_dialogue() {
clear
log "Starting The Matrix Dialogue..."
echo -e "\e[1;32mThe Matrix is everywhere.\e[0m"
sleep 2
echo -e "\e[1;32mIt is all around you.\e[0m"
sleep 2
echo -e "\e[1;32mYou can feel it, when you look out your window, or when you turn on your computer.\e[0m"
sleep 3
echo -e "\e[1;32mThe Matrix is a system, Neo.\e[0m"
sleep 2
echo -e "\e[1;32mThat system is our enemy.\e[0m"
sleep 2
echo -e "\e[1;32mBut when you are inside, you look around, what do you see? Businessmen, teachers, lawyers... the very minds of the people we are trying to save.\e[0m"
sleep 4
echo -e "\e[1;32mBut until we do, these people are still a part of that system, and that makes them our enemy.\e[0m"
sleep 3
echo -e "\e[1;32mYou have to understand, Neo.\e[0m"
sleep 2
echo -e "\e[1;32mMost of these people are not ready to be unplugged.\e[0m"
sleep 2
echo -e "\e[1;32mAnd many of them are so inert, so hopelessly dependent on the system, that they will fight to protect it.\e[0m"
sleep 4
echo -e "\e[1;32mIt’s time to begin.\e[0m"
sleep 2
}
# Function to handle package removal with a delay and alternative installation if any error occurs
remove_package() {
PACKAGE=$1
log "Removing $PACKAGE and cleaning up any remnants..."
delay_task "removing $PACKAGE" 5
if ! sudo apt remove --purge -y $PACKAGE; then
log "Error removing package $PACKAGE, trying alternative..."
sudo dpkg --remove $PACKAGE || log "Error removing dpkg for $PACKAGE"
fi
}
# System Performance and Optimization with delay and pause
optimize_performance() {
log "Optimizing system performance for coding and streaming..."
delay_task "optimizing performance" 5
if ! sudo apt install -y cpufrequtils preload irqbalance htop nmon; then
log "Error installing performance tools, trying alternative..."
sudo apt update
sudo apt install -y cpufrequtils preload irqbalance htop nmon
fi
sudo cpufreq-set -g performance
sudo systemctl enable irqbalance
sudo systemctl start irqbalance
sudo systemctl restart preload
log "Configuring sysctl for performance tuning..."
echo "vm.swappiness=10" | sudo tee -a /etc/sysctl.conf
echo "vm.dirty_ratio=15" | sudo tee -a /etc/sysctl.conf
echo "vm.dirty_background_ratio=5" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
log "Enabling system performance monitoring..."
nmon -f -s 60 -c 3600 -T -d /var/log/nmon_logs/
}
# Install and Configure Security Tools with delay and pause
install_security_tools() {
log "Installing essential security tools..."
delay_task "installing security tools" 5
if ! sudo apt install -y ufw fail2ban rkhunter clamav clamav-daemon; then
log "Error installing security tools, trying alternative..."
sudo apt update
sudo apt install -y ufw fail2ban rkhunter clamav clamav-daemon
fi
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw enable
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
sudo rkhunter --update
sudo rkhunter --check --skip-keypress
sudo freshclam
sudo clamscan -r / --quiet --bell
sudo netstat -tulnp | tee -a $SECURITY_LOG
}
# Harden SSH Access with delay and pause
harden_ssh() {
log "Hardening SSH access..."
delay_task "hardening SSH access" 5
sudo sed -i 's/#Port 22/Port 2222/' /etc/ssh/sshd_config
sudo sed -i 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
sudo systemctl restart sshd
sudo cat /var/log/auth.log | grep "Failed password" > $SECURITY_LOG/failed_login_attempts.log
}
# Prevent Kernel-Level Exploits with delay and pause
prevent_kernel_exploits() {
log "Preventing kernel exploits..."
delay_task "preventing kernel exploits" 5
sudo apt update && sudo apt upgrade -y
sudo apt dist-upgrade -y
sudo apt full-upgrade -y
echo "kernel.modules_disabled=1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
}
# Network and Firewall Optimization with delay and pause
optimize_network() {
log "Optimizing network security and performance..."
delay_task "optimizing network" 5
sudo apt install -y iptables iputils-ping
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -j DROP
sudo iptables-save | sudo tee /etc/iptables/rules.v4
sudo netstat -tulnp | tee -a $SECURITY_LOG/open_ports.log
sudo tcpdump -i eth0 -w $SECURITY_LOG/network_activity.pcap &
}
# Configure Auto-Start Applications with delay and pause
configure_autostart() {
log "Configuring auto-start applications..."
delay_task "configuring autostart" 5
mkdir -p $AUTOSTART_DIR
for app in "obs:OBS Studio" "firefox:Firefox" "code:Visual Studio Code"; do
APP_CMD=$(echo $app | cut -d: -f1)
APP_NAME=$(echo $app | cut -d: -f2)
cat <<EOF > $AUTOSTART_DIR/$APP_CMD.desktop
[Desktop Entry]
Type=Application
Name=$APP_NAME
Exec=$APP_CMD
X-GNOME-Autostart-enabled=true
EOF
done
}
# Configure Persistent System Settings with delay and pause
configure_persistent_settings() {
log "Configuring persistent system settings..."
delay_task "configuring persistent settings" 5
echo "fs.inotify.max_user_watches=524288" | sudo tee -a /etc/sysctl.conf
echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
}
# Distro Update and Upgrade
upgrade_distro() {
log "********** System is secured, optimized, and ready for continuous development and streaming! in matrix_2.sh **********"
log " "
log "Upgrading distro to the latest stable version..."
# Backup current configuration files
log "Creating backup of important system files..."
sudo cp -r /etc/ /root/etc_backup/
# Update the package list and upgrade
sudo apt update && sudo apt upgrade -y
sudo apt dist-upgrade -y
sudo apt full-upgrade -y
# Update Distro
sudo do-release-upgrade -y
}
# Main function to run all optimization and security configurations
secure_and_optimize() {
log "Starting system optimization and security configuration..."
configure_autostart
harden_ssh
prevent_kernel_exploits
upgrade_distro
optimize_network
matrix_dialogue
log "Rebooting to apply changes..."
sudo reboot
optimize_performance
install_security_tools
configure_persistent_settings
}
# Run the main function to secure and optimize the system
secure_and_optimize