diff --git a/linux-managements/setup.sh b/linux-managements/setup.sh index 616d4b3..39b070b 100755 --- a/linux-managements/setup.sh +++ b/linux-managements/setup.sh @@ -78,6 +78,26 @@ setup_proxy() { esac } +# ─── Proxy-aware sudo ───────────────────────────────────────────────────────── +# sudo's default env_reset policy strips proxy variables. +# This wrapper forwards them so that package managers / curl under sudo +# can reach the network through the configured proxy. +psudo() { + local -a env_args=() + [ -n "${http_proxy:-}" ] && env_args+=("http_proxy=$http_proxy") + [ -n "${https_proxy:-}" ] && env_args+=("https_proxy=$https_proxy") + [ -n "${HTTP_PROXY:-}" ] && env_args+=("HTTP_PROXY=$HTTP_PROXY") + [ -n "${HTTPS_PROXY:-}" ] && env_args+=("HTTPS_PROXY=$HTTPS_PROXY") + [ -n "${no_proxy:-}" ] && env_args+=("no_proxy=$no_proxy") + [ -n "${NO_PROXY:-}" ] && env_args+=("NO_PROXY=$NO_PROXY") + + if [ ${#env_args[@]} -gt 0 ]; then + sudo env "${env_args[@]}" "$@" + else + sudo "$@" + fi +} + # ─── SSH Key Setup ──────────────────────────────────────────────────────────── setup_ssh_key() { step "SSH Key Configuration" @@ -132,10 +152,10 @@ setup_ssh_key() { sudo_set_sshd() { local key="$1" val="$2" # Uncomment or add the line - if sudo grep -qE "^\s*#?\s*${key}\s" "$SSHD_CONF"; then - sudo sed -i -E "s|^\s*#?\s*(${key})\s+.*|\1 ${val}|" "$SSHD_CONF" + if psudo grep -qE "^\s*#?\s*${key}\s" "$SSHD_CONF"; then + psudo sed -i -E "s|^\s*#?\s*(${key})\s+.*|\1 ${val}|" "$SSHD_CONF" else - echo "${key} ${val}" | sudo tee -a "$SSHD_CONF" > /dev/null + echo "${key} ${val}" | psudo tee -a "$SSHD_CONF" > /dev/null fi } @@ -151,7 +171,7 @@ setup_ssh_key() { fi # Restart SSH - if sudo systemctl restart ssh 2>/dev/null || sudo systemctl restart sshd 2>/dev/null; then + if psudo systemctl restart ssh 2>/dev/null || psudo systemctl restart sshd 2>/dev/null; then success "SSH service restarted" else warn "Could not restart SSH service automatically — please restart it manually" @@ -166,9 +186,9 @@ install_git() { fi info "Installing git via system package manager ..." case "$DISTRO" in - aosc) sudo oma install -y git ;; - debian|ubuntu) sudo apt-get update -qq && sudo apt-get install -y git ;; - fedora) sudo dnf install -y git ;; + aosc) psudo oma install -y git ;; + debian|ubuntu) psudo apt-get update -qq && psudo apt-get install -y git ;; + fedora) psudo dnf install -y git ;; esac success "git installed" } @@ -240,7 +260,7 @@ install_packages() { case "$DISTRO" in aosc) info "Installing packages via oma ..." - sudo oma install -y git fish eza fastfetch btop docker docker-compose docker-buildx + psudo oma install -y git fish eza fastfetch btop docker docker-compose docker-buildx success "All packages installed via oma" ;; debian|ubuntu) @@ -268,7 +288,7 @@ setup_fish() { # Add fish to /etc/shells if not already present if ! grep -qF "$FISH_PATH" /etc/shells; then - echo "$FISH_PATH" | sudo tee -a /etc/shells > /dev/null + echo "$FISH_PATH" | psudo tee -a /etc/shells > /dev/null success "Added $FISH_PATH to /etc/shells" else info "$FISH_PATH already in /etc/shells" @@ -279,7 +299,7 @@ setup_fish() { if [ "$current_shell" = "$FISH_PATH" ]; then info "fish is already the default shell" else - sudo chsh -s "$FISH_PATH" "$USER" + psudo chsh -s "$FISH_PATH" "$USER" success "Default shell changed to fish ($FISH_PATH)" fi @@ -311,7 +331,7 @@ install_docker() { else curl -fsSL https://git.mitsea.com/FlintyLemming/scripts-public/raw/branch/main/linux-managements/install-docker.sh \ -o /tmp/install-docker.sh - sudo sh /tmp/install-docker.sh + psudo sh /tmp/install-docker.sh success "Docker installed" fi ;; @@ -320,9 +340,9 @@ install_docker() { info "Docker already installed ($(docker --version)), skipping" else info "Setting up Docker CE repository ..." - sudo curl -fsSL https://download.docker.com/linux/fedora/docker-ce.repo \ + psudo curl -fsSL https://download.docker.com/linux/fedora/docker-ce.repo \ -o /etc/yum.repos.d/docker-ce.repo - sudo dnf install -y docker-ce docker-ce-cli containerd.io \ + psudo dnf install -y docker-ce docker-ce-cli containerd.io \ docker-compose-plugin docker-buildx-plugin success "Docker installed" fi @@ -337,21 +357,21 @@ docker_no_root() { info "Configuring Docker for non-root usage ..." if ! getent group docker > /dev/null 2>&1; then - sudo groupadd docker + psudo groupadd docker fi if id -nG "$USER" | grep -qw docker; then info "User '$USER' is already in the docker group" else - sudo usermod -aG docker "$USER" + psudo usermod -aG docker "$USER" success "User '$USER' added to the docker group" warn "Log out and back in for the group change to take effect" fi - if ! sudo systemctl is-enabled --quiet docker 2>/dev/null; then - sudo systemctl enable docker + if ! psudo systemctl is-enabled --quiet docker 2>/dev/null; then + psudo systemctl enable docker fi - sudo systemctl start docker + psudo systemctl start docker success "Docker service running" } @@ -414,6 +434,7 @@ ensure_sudo() { # Keep sudo ticket alive in the background for the duration of the script ( while true; do sudo -n true 2>/dev/null; sleep 50; done ) & SUDO_KEEPALIVE_PID=$! + # Note: ensure_sudo uses raw sudo intentionally — psudo is not defined yet return fi @@ -458,7 +479,7 @@ main() { configure_ssh_config step "Starting Docker" - if sudo systemctl start docker; then + if psudo systemctl start docker; then success "Docker started" else warn "Could not start Docker — please start it manually"