You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
56 lines
1.7 KiB
56 lines
1.7 KiB
#!/bin/bash
|
|
|
|
set +eux
|
|
|
|
|
|
## Certificate DST_Root_CA-X3 expired, it needs to be removed
|
|
## from list of available certificates. Debian <10 have the issue.
|
|
##
|
|
## Fixing: https://www.reddit.com/r/sysadmin/comments/pzags0/lets_encrypts_dst_root_ca_x3_expired_yesterday/
|
|
## see also: https://techcrunch.com/2021/09/21/lets-encrypt-root-expiry/?guccounter=1
|
|
|
|
modified_certificate=
|
|
mkdir -p /usr/local/share/ca-certificates/custom
|
|
for certfile_name in isrgrootx1:ISRG_Root_X1 isrg-root-x2 lets-encrypt-r3; do
|
|
certfile=${certfile_name%%:*}
|
|
name=${certfile_name#*:}
|
|
echo "Checking $certfile for $name"
|
|
if ! [ -e "/usr/local/share/ca-certificates/custom/$certfile".crt ] &&
|
|
! [ -e "/etc/ssl/certs/$name.pem" ]; then
|
|
wget --no-check-certificate https://letsencrypt.org/certs/"$certfile".pem \
|
|
-O "/usr/local/share/ca-certificates/custom/$certfile".crt
|
|
modified_certificate=1
|
|
fi
|
|
done
|
|
|
|
if grep "^mozilla/DST_Root_CA_X3.crt" /etc/ca-certificates.conf 2>/dev/null 2>&1; then
|
|
sed -ri 's%^(mozilla/DST_Root_CA_X3.crt)%!\1%g' /etc/ca-certificates.conf
|
|
fi
|
|
|
|
if [ -n "$modified_certificate" ]; then
|
|
update-ca-certificates
|
|
fi
|
|
|
|
## We can now do the ``apt-get update`` safely...
|
|
|
|
apt-get update
|
|
apt-get -y install bash-completion wget bzip2 git-core \
|
|
less tmux mosh \
|
|
sudo git vim file </dev/null
|
|
|
|
apt-get -y python-software-properties </dev/null ||
|
|
apt-get -y software-properties-common </dev/null
|
|
|
|
|
|
case $(lsb_release -is) in
|
|
Ubuntu)
|
|
apt-get install -y language-pack-en </dev/null
|
|
;;
|
|
Debian)
|
|
sed -ri 's/^\s*#\s*(en_US\.UTF-?8.*)\s*$/\1/g' /etc/locale.gen
|
|
locale-gen
|
|
;;
|
|
esac
|
|
|
|
|
|
|