added cyberpanel install script

Reviewed-on: #1

CyberpanelInstall.sh

@@ -0,0 +1,83 @@
+#!/bin/sh
+OUTPUT=$(cat /etc/*release)
+
+if echo $OUTPUT | grep -q "CentOS Linux 7" ; then
+    echo "Checking and installing curl and wget"
+    yum install curl wget -y 1> /dev/null
+    yum update curl wget ca-certificates -y 1> /dev/null
+    SERVER_OS="CentOS"
+
+elif echo $OUTPUT | grep -q "CentOS Linux 8" ; then
+    echo -e "\nDetecting Centos 8...\n"
+    SERVER_OS="CentOS8"
+    yum install curl wget -y 1> /dev/null
+    yum update curl wget ca-certificates -y 1> /dev/null
+
+elif echo $OUTPUT | grep -q "AlmaLinux 8" ; then
+    echo -e "\nDetecting AlmaLinux 8...\n"
+    SERVER_OS="CentOS8"
+    yum install curl wget -y 1> /dev/null
+    yum update curl wget ca-certificates -y 1> /dev/null
+
+elif echo $OUTPUT | grep -q "AlmaLinux 9" ; then
+    echo -e "\nDetecting AlmaLinux 9...\n"
+    SERVER_OS="CentOS8"
+    yum install curl wget -y 1> /dev/null
+    yum update curl wget ca-certificates -y 1> /dev/null
+
+elif echo $OUTPUT | grep -q "CloudLinux 7" ; then
+    echo "Checking and installing curl and wget"
+    yum install curl wget -y 1> /dev/null
+    yum update curl wget ca-certificates -y 1> /dev/null
+    SERVER_OS="CloudLinux"
+
+elif echo $OUTPUT | grep -q "CloudLinux 8" ; then
+    echo "Checking and installing curl and wget"
+    yum install curl wget -y 1> /dev/null
+    yum update curl wget ca-certificates -y 1> /dev/null
+    SERVER_OS="CloudLinux"
+
+elif echo $OUTPUT | grep -q "Ubuntu 18.04" ; then
+    apt install -y -qq wget curl
+    SERVER_OS="Ubuntu"
+
+elif echo $OUTPUT | grep -q "Ubuntu 20.04" ; then
+    apt install -y -qq wget curl
+    SERVER_OS="Ubuntu"
+
+elif echo $OUTPUT | grep -q "Ubuntu 22.04" ; then
+    apt install -y -qq wget curl
+    SERVER_OS="Ubuntu"
+
+elif echo $OUTPUT | grep -q "Ubuntu 24.04" ; then
+    apt install -y -qq wget curl
+    SERVER_OS="Ubuntu"
+
+elif echo $OUTPUT | grep -q "Ubuntu 26.04" ; then
+    apt install -y -qq wget curl
+    SERVER_OS="Ubuntu"
+
+elif echo $OUTPUT | grep -q "openEuler 20.03" ; then
+    echo -e "\nDetecting openEuler 20.03...\n"
+    SERVER_OS="openEuler"
+    yum install curl wget -y 1> /dev/null
+    yum update curl wget ca-certificates -y 1> /dev/null
+
+elif echo $OUTPUT | grep -q "openEuler 22.03" ; then
+    echo -e "\nDetecting openEuler 22.03...\n"
+    SERVER_OS="openEuler"
+    yum install curl wget -y 1> /dev/null
+    yum update curl wget ca-certificates -y 1> /dev/null
+
+else
+    echo -e "\nUnable to detect your OS...\n"
+    echo -e "\nCyberPanel is supported on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04, Ubuntu 26.04, AlmaLinux 8, AlmaLinux 9 and CloudLinux 7.x...\n"
+    exit 1
+fi
+
+rm -f cyberpanel.sh
+rm -f install.tar.gz
+
+curl --silent -o cyberpanel.sh "https://cyberpanel.sh/?dl&$SERVER_OS" 2>/dev/null
+chmod +x cyberpanel.sh
+./cyberpanel.sh $@

README.md

@@ -1,2 +1,51 @@
-# server-scripts
+# Server Scripts
+
+Collection of automation scripts for server setup and SSH configuration.
+
+These scripts are hosted on Gitea and can be accessed via short links or direct raw URLs.
+
+---
+
+## 📦 Available Scripts
+
+### 🛠 server-prep.sh
+Prepares a fresh server (packages, updates, base config)
+
+- Short URL: http://bit.ly/4dYp6ug
+
+---
+
+### 🔐 sshupdate.sh
+Configures SSH (keys, security hardening, etc.)
+
+- Short URL: https://bit.ly/4vkvVNQ
+
+---
+
+## 🚀 Usage
+
+### ✅ Recommended Method (Safe)
+
+Download → Inspect → Run
+
+#### Server Prep
+bash
+curl -L -o server-prep.sh http://bit.ly/4dYp6ug
+less server-prep.sh
+chmod +x server-prep.sh
+./server-prep.sh
+
+curl -s http://bit.ly/4dYp6ug | bash
+curl -s https://bit.ly/4vkvVNQ | bash
+
+### example workflow
+
+
+# server setup
+curl -L -o server-prep.sh http://bit.ly/4dYp6ug
+bash server-prep.sh
+
+# ssh setup
+curl -L -o sshupdate.sh https://bit.ly/4vkvVNQ
+bash sshupdate.sh
 

serverprep.sh

@@ -0,0 +1,145 @@
+#!/usr/bin/env bash
+
+set -e
+
+# ===============================
+# CONFIG VALUES (EDIT HERE)
+# ===============================
+SSH_PORT="48291"
+
+echo "==============================="
+echo " Server Prep Script"
+echo "==============================="
+
+# -------------------------------
+# Prompt for hostname
+# -------------------------------
+read -p "Enter new hostname (FQDN recommended): " NEW_HOSTNAME
+
+if [ -z "$NEW_HOSTNAME" ]; then
+  echo "Hostname cannot be empty"
+  exit 1
+fi
+
+hostnamectl set-hostname "$NEW_HOSTNAME"
+
+# -------------------------------
+# Timezone
+# -------------------------------
+read -p "Enter timezone [default: America/Chicago]: " NEW_TZ
+NEW_TZ=${NEW_TZ:-America/Chicago}
+
+timedatectl set-timezone "$NEW_TZ"
+timedatectl set-ntp true
+
+# -------------------------------
+# System update
+# -------------------------------
+apt update && apt upgrade -y
+
+# -------------------------------
+# Base packages
+# -------------------------------
+apt install -y \
+  curl \
+  ca-certificates \
+  gnupg \
+  lsb-release \
+  apt-transport-https \
+  software-properties-common \
+  fail2ban \
+  net-tools \
+  unzip \
+  jq
+
+# -------------------------------
+# SSH CONFIG (MODERN - socket)
+# -------------------------------
+echo "Configuring SSH socket on port ${SSH_PORT}..."
+
+mkdir -p /etc/systemd/system/ssh.socket.d
+
+cat > /etc/systemd/system/ssh.socket.d/override.conf <<EOF
+[Socket]
+ListenStream=
+ListenStream=0.0.0.0:${SSH_PORT}
+ListenStream=[::]:${SSH_PORT}
+EOF
+
+# Keep sshd_config aligned
+sed -i "s/^#*Port .*/Port ${SSH_PORT}/" /etc/ssh/sshd_config
+
+# SSH auth settings
+sed -i "s/^#*PasswordAuthentication.*/PasswordAuthentication yes/" /etc/ssh/sshd_config
+
+if ! grep -q "^KbdInteractiveAuthentication" /etc/ssh/sshd_config; then
+  echo "KbdInteractiveAuthentication yes" >> /etc/ssh/sshd_config
+else
+  sed -i "s/^KbdInteractiveAuthentication.*/KbdInteractiveAuthentication yes/" /etc/ssh/sshd_config
+fi
+
+if ! grep -q "^ChallengeResponseAuthentication" /etc/ssh/sshd_config; then
+  echo "ChallengeResponseAuthentication yes" >> /etc/ssh/sshd_config
+else
+  sed -i "s/^ChallengeResponseAuthentication.*/ChallengeResponseAuthentication yes/" /etc/ssh/sshd_config
+fi
+
+systemctl daemon-reexec
+systemctl daemon-reload
+systemctl restart ssh.socket
+systemctl restart ssh
+
+# -------------------------------
+# SSH KEY INSTALL
+# -------------------------------
+echo "Installing SSH key..."
+
+SSH_KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDosb5jR9eu4Avc0HmMzR8HQDYOGRSxwRYgprpDuggDG eddsa-key-20260531"
+
+mkdir -p ~/.ssh
+chmod 700 ~/.ssh
+
+grep -qxF "$SSH_KEY" ~/.ssh/authorized_keys 2>/dev/null || echo "$SSH_KEY" >> ~/.ssh/authorized_keys
+chmod 600 ~/.ssh/authorized_keys
+
+echo "✅ SSH key added"
+
+# -------------------------------
+# Firewall
+# -------------------------------
+read -p "Disable UFW? (Y/n): " DISABLE_UFW
+
+if [[ ! "$DISABLE_UFW" =~ ^[Nn]$ ]]; then
+  systemctl stop ufw || true
+  systemctl disable ufw || true
+else
+  ufw allow ${SSH_PORT}/tcp
+  ufw allow 80/tcp
+  ufw allow 443/tcp
+  ufw --force enable
+fi
+
+# -------------------------------
+# Fail2Ban
+# -------------------------------
+systemctl enable fail2ban
+systemctl start fail2ban
+
+# -------------------------------
+# Finish
+# -------------------------------
+IP_ADDR=$(hostname -I | awk '{print $1}')
+
+echo ""
+echo "==============================="
+echo " ✅ SERVER READY"
+echo "==============================="
+
+echo "Hostname: $NEW_HOSTNAME"
+echo "Timezone: $NEW_TZ"
+echo "SSH Port: $SSH_PORT"
+echo "IP: $IP_ADDR"
+
+echo ""
+echo "⚠️ TEST SSH NOW:"
+echo "ssh -p $SSH_PORT root@$IP_ADDR"

sshupdate.sh

@@ -0,0 +1,145 @@
+#!/usr/bin/env bash
+
+set -e
+
+# ===============================
+# CONFIG VALUES (EDIT HERE)
+# ===============================
+SSH_PORT="48291"
+
+echo "==============================="
+echo " Server Prep Script"
+echo "==============================="
+
+# -------------------------------
+# Prompt for hostname
+# -------------------------------
+read -p "Enter new hostname (FQDN recommended): " NEW_HOSTNAME
+
+if [ -z "$NEW_HOSTNAME" ]; then
+  echo "Hostname cannot be empty"
+  exit 1
+fi
+
+hostnamectl set-hostname "$NEW_HOSTNAME"
+
+# -------------------------------
+# Timezone
+# -------------------------------
+read -p "Enter timezone [default: America/Chicago]: " NEW_TZ
+NEW_TZ=${NEW_TZ:-America/Chicago}
+
+timedatectl set-timezone "$NEW_TZ"
+timedatectl set-ntp true
+
+# -------------------------------
+# System update
+# -------------------------------
+apt update && apt upgrade -y
+
+# -------------------------------
+# Base packages
+# -------------------------------
+apt install -y \
+  curl \
+  ca-certificates \
+  gnupg \
+  lsb-release \
+  apt-transport-https \
+  software-properties-common \
+  fail2ban \
+  net-tools \
+  unzip \
+  jq
+
+# -------------------------------
+# SSH CONFIG (MODERN - socket)
+# -------------------------------
+echo "Configuring SSH socket on port ${SSH_PORT}..."
+
+mkdir -p /etc/systemd/system/ssh.socket.d
+
+cat > /etc/systemd/system/ssh.socket.d/override.conf <<EOF
+[Socket]
+ListenStream=
+ListenStream=${SSH_PORT}
+EOF
+
+# Keep sshd_config aligned
+sed -i "s/^#*Port .*/Port ${SSH_PORT}/" /etc/ssh/sshd_config
+
+# SSH auth settings
+sed -i "s/^#*PasswordAuthentication.*/PasswordAuthentication yes/" /etc/ssh/sshd_config
+
+if ! grep -q "^KbdInteractiveAuthentication" /etc/ssh/sshd_config; then
+  echo "KbdInteractiveAuthentication yes" >> /etc/ssh/sshd_config
+else
+  sed -i "s/^KbdInteractiveAuthentication.*/KbdInteractiveAuthentication yes/" /etc/ssh/sshd_config
+fi
+
+if ! grep -q "^ChallengeResponseAuthentication" /etc/ssh/sshd_config; then
+  echo "ChallengeResponseAuthentication yes" >> /etc/ssh/sshd_config
+else
+  sed -i "s/^ChallengeResponseAuthentication.*/ChallengeResponseAuthentication yes/" /etc/ssh/sshd_config
+fi
+
+systemctl daemon-reexec
+systemctl daemon-reload
+systemctl restart ssh.socket
+systemctl restart ssh
+
+# -------------------------------
+# SSH KEY INSTALL
+# -------------------------------
+echo "Installing SSH key..."
+
+SSH_KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDosb5jR9eu4Avc0HmMzR8HQDYOGRSxwRYgprpDuggDG eddsa-key-20260531"
+
+mkdir -p ~/.ssh
+chmod 700 ~/.ssh
+
+grep -qxF "$SSH_KEY" ~/.ssh/authorized_keys 2>/dev/null || echo "$SSH_KEY" >> ~/.ssh/authorized_keys
+chmod 600 ~/.ssh/authorized_keys
+
+echo "✅ SSH key added"
+
+# -------------------------------
+# Firewall
+# -------------------------------
+read -p "Disable UFW? (Y/n): " DISABLE_UFW
+
+if [[ ! "$DISABLE_UFW" =~ ^[Nn]$ ]]; then
+  systemctl stop ufw || true
+  systemctl disable ufw || true
+else
+  ufw allow ${SSH_PORT}/tcp
+  ufw allow 80/tcp
+  ufw allow 443/tcp
+  ufw --force enable
+fi
+
+# -------------------------------
+# Fail2Ban
+# -------------------------------
+systemctl enable fail2ban
+systemctl start fail2ban
+
+# -------------------------------
+# Finish
+# -------------------------------
+IP_ADDR=$(hostname -I | awk '{print $1}')
+
+echo ""
+echo "==============================="
+echo " ✅ SERVER READY"
+echo "==============================="
+
+echo "Hostname: $NEW_HOSTNAME"
+echo "Timezone: $NEW_TZ"
+echo "SSH Port: $SSH_PORT"
+echo "IP: $IP_ADDR"
+
+echo ""
+echo "⚠️ TEST SSH NOW:"
+echo "ssh -p $SSH_PORT root@$IP_ADDR"
+``