Skip to main content

Misc Scripts

Bash Scripts

Ubuntu Scripts

ubuntu-image-cleanup.sh

Used to sanitize an Ubuntu Linux installation so that it can be used as a VM template

#!/bin/bash

if [ `id -u` -ne 0 ]; then
	echo Need sudo
	exit 1
fi

# Stop services for cleanup
systemctl stop syslog.socket
systemctl stop rsyslog

# Update apt and upgrade packages
apt update && apt full-upgrade -y

# Install desired additional packages
# mlocate creates a search index for files
# tmux is a terminal multiplexer
# monit is system monitoring software
# ranger is a command line file explorer
# qemu-guest-agent is required for certain virtualization optimizations and controls
# nload is an on-demand network bandwidth monitoring tools
# openssh-server is well...an openssh-server
# clamav is open source antivirus
# curl is required by clamav real time protection (on-access scanning)
apt install mlocate tmux monit ranger qemu-guest-agent nload openssh-server clamav curl -y

# Clear audit logs
if [ -f /var/log/wtmp ]; then
    truncate -s0 /var/log/wtmp
fi
if [ -f /var/log/lastlog ]; then
    truncate -s0 /var/log/lastlog
fi

# Cleanup /tmp directories
rm -rf /tmp/*
rm -rf /var/tmp/*

# Cleanup current ssh keys
rm -f /etc/ssh/ssh_host_*

# Ensure new machine ID is generated when template is cloned
rm -f /etc/machine-id
touch /etc/machine-id
chmod 444 /etc/machine-id

# Add check for ssh keys on reboot...regenerate if neccessary
cat << 'EOL' | sudo tee /etc/rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
# dynamically create hostname (optional)
if hostname | grep localhost; then
    hostnamectl set-hostname "$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo '')"
fi
test -f /etc/ssh/ssh_host_dsa_key || dpkg-reconfigure openssh-server
exit 0
EOL

# Make sure the script is executable
chmod +x /etc/rc.local

# Reset hostname
# Prevent cloudconfig from preserving the original hostname
sed -i 's/preserve_hostname: false/preserve_hostname: true/g' /etc/cloud/cloud.cfg
truncate -s0 /etc/hostname
hostnamectl set-hostname localhost

# Cleanup apt
apt clean

# Cleans out all of the cloud-init cache / logs - this is mainly cleaning out networking info
sudo cloud-init clean --logs

# Cleanup shell history
cat /dev/null > ~/.bash_history && history -c
history -w

# Shutdown
shutdown -h now

No comments to display

Back to top