6 changed files with 92 additions and 200 deletions
--- a/README.md
+++ b/README.md
@ -6,79 +6,85 @@ something else like a webserver, git-server, cloud platform, programming
 workstation, etc.  Therefore, only a few core files applicable to nearly every
 conceivable installation are included here.
 This archive and included script are meant to supplement my article on setting
 up a Debian base-system found at my blog: [My
 Techie-Thoughts](https://mytechiethoughts.com/<post_address>)
 ## Included files
-Please refer to the `readme.md` in each subdirectory for a list and description of
+### bash template files
 each included file.
-## The script file (customize.sh)
+#### bash.rc
-The included script file copies all the files in this archive to the proper
+Included are *.bashrc* files for both new users (in the */etc/skel/* directory)
-locations on a default Debian Stretch system.  It makes backups of your existing
+and the root user.  These files are the Debian default files.  They are included
-files in-place with the extension *.original*.  This simply saves you time and
+and copied so that user profiles start out at baseline settings and pull all
-possible errors copying the files manually.  The structure of this archive
+initial customizations from */etc/bash.bashrc*.  Users are free to alter their
-exactly mirrors a default Debian installation, so you can use that as a guide if
+*.bashrc* as they see fit and those settings will override or add to the ones
-you choose not to use the script.
+I've included in */etc/bash.bashrc*
-### Running the script
+#### profile
-Please note you must either make the script executable or call it explicitly via
+This is the Debian default *profile* and is copied to */etc/profile* to return
-BASH.  In the latter case, you'd run the script as follows:
+the system to a baseline configuration.  Again, this is done to ensure that only
 */etc/bash.bashrc* is providing initial customizations to users.
-```bash
+#### bash.bashrc
 /bin/bash ./customize.sh
 ```
-If you want to make the script executable:
+Of the bash customization files, this is the only one that is NOT in a default
 configuration. I have added the following customizations I find useful
 especially for new users and system admins:
-```bash
+- colourized directory listings with built-in automatic colour settings
-chmod +x customize.sh
+- changed prompt to include 24-hour clock, username, hostname and current
-./customize.sh
+  directory display
-```
+  - username changes to RED when working as ROOT (uid=0)
 - added the following command aliases
  alias|full command|explanation
  ---|---|---
  ll|ls -l|default 'ls' output
  l|ls -lAsh --group-directories-first|far more useful and robust file display including sizes, permissions and owners
  rm|rm -i|confirmation prompt when deleting file
  mv|mv -i|confirmation prompt when moving file would result in overwriting existing file
  cp|cp -i|confirmation prompt when copying file would result in overwriting existing file
-Due to location of the files being replaced, **you MUST run this script as ROOT**
+### nano defaults (nanorc)
 (the script will exit if you run as a different user) or run it via sudo like
 this (assuming you made it executable):
-```bash
+The following options have been enabled/set in nano to provide what I feel is an
-sudo ./customize.sh
+easier editing experience especially for people coming from a Windows background
-```
+and new users/admins.
-### Passing a custom path to the script
+- 'rebind' numeric keypad to fix problems with using keypad with some SSH clients
 - set 'smart home' some home key is useful
 - allow opening multiple files at once
 - always display line numbers
 - constantly display cursor position at the bottom of the screen
 - set vim lock-files
 - autoindent ON, tab-size of 4 spaces
 - convert tabs to spaces
 - turn off hard line wrapping
 - turn ON soft line wrapping for ease of readability
 - closing 'brackets' (for alignment purposes) set as: "')>]}
 - cut to end of line by default
 - set proper bracket matching (ie. "<" matches ">", etc.)
 - turned on default colours so nano doesn't look so drab
 - added the following key-bindings
-If you want to test out the script before having it update your actual system
+binding|fuction
-configuration, you can supply an alternate destination path.  This is referred
+---|---
-to as a 'Base Path' by the script and it will show a warning if this option is
+alt-c/alt-C|copy selected text
-used.  Please note, your 'Base Path' MUST have the same directory structure as
+alt-x/alt-X|cut selected text
-an actual system.  The expected directories must already exist or the script
+alt-v/alt-V|paste text on clipboard
 will just throw errors and not actually copy files.
-Let's assume you wanted to test the script and copy files to */testdir*.  You
+### time syncronization settings (timesyncd.conf)
 would do the following to prepare the directory with the expected structure:
-```bash
+This file configures *systemd-timesyncd.service* and allows for very simple
-mkdir -p /testdir/root
+NTP-sync setup.  Simply edit the **NTP=* to list your desired timeservers,
-mkdir -p /testdir/etc/{skel,ssh,systemd}
+each separated by a single space.  In the event those timeservers are not
-```
+available, you can configure back servers by listing them on the
 **FallbackNTP=** line, again space delimited.
-Then you could invoke the script as follows (assuming you made it executable as
+I've set the default in this file to be the worldwide NTP.org servers.  This
-described above):
+should work for pretty much anyone that uses this file, but you really should
 customize the list to use geographically closer timeservers or the timeserver on
 your LAN, etc.
-```bash
+### SSH server configuration (sshd_config)
 ./customize.sh /testdir
 ```
 The script would then copy all files into */testdir* while mirroring the
 structure of a live system beneath that.  Again, this is useful only for testing
 and will NOT update your actual system!
 ## Final thoughts
 Hopefully this saves you some time and helps you standard your new system setups
 with a few useful defaults.  As always, if you have suggestions or want to leave
 feedback for me, please do so on my [blog
 post](https://mytechiethoughts.com/<post_address>) related to this script!
--- a/config/etc/readme.md
+++ b/config/etc/readme.md
@ -1,58 +1,29 @@
-# /etc: Included files
+Configuration files and/or changes to default config files in /etc/
 =
-Three files are updated in the */etc* folder.
+ - Setup timesyncd for NTP syncing (using systemd, not ntp package)  
   - set to use global pool.ntp.org, you should change this!
   - verify timesyncd is working with 'timedatectl' command
-## BASH default profile (profile)
+ - Setup nano with helpful configurations both locally and via SSH  
   - rebind number lock
   - constant show cursor position at bottom of screen
   - constant show line numbers on the left
   - added shortcuts for cut, copy, paste using alt-x,c,v respectively
   - enable multi-buffer for concurrent open files
   - cut to end-of-line
   - bracket and quote matching
   - tabs converted to spaces, tab = 4 spaces
   - activate default colourization
-This is the Debian Stretch default *profile* and is copied to */etc/profile* to
+ - Colourize prompt  
-return accounts to a baseline configuration.  Again, this is done to ensure that
+   - red username for root user or shell accessed as root (su, sudo -s, etc.)
-only */etc/bash.bashrc* is providing initial customizations to users.
+   - green username for regular users
   - display time and full path
-## Default BASH settings (bash.bashrc)
+ - Setup SSH server  
-
+   - use non-standard port 222
-Of the bash customization files, this is the only one that is NOT in a default
+   - use host-keys (RSA and ED25519 - you need to generate these!)
-configuration. I have added the following customizations I find useful
+   - display a banner on sucessful connection
-especially for new users and system admins:
+   - do not allow root login
-
+   - require keyfile authentication (disable password authentication)
 - colourized directory listings with built-in automatic colour settings
 - changed prompt to include 24-hour clock, username, hostname and current
  directory display
  - username changes to RED when working as ROOT (uid=0)
 - added the following command aliases
  alias|full command|explanation
  ---|---|---
  ll|ls -l|default 'ls' output
  l|ls -lAsh --group-directories-first|far more useful and robust file display including sizes, permissions and owners
  rm|rm -i|confirmation prompt when deleting file
  mv|mv -i|confirmation prompt when moving file would result in overwriting existing file
  cp|cp -i|confirmation prompt when copying file would result in overwriting existing file
 ## nano defaults (nanorc)
 The following options have been enabled/set in nano to provide what I feel is an
 easier editing experience especially for people coming from a Windows background
 and new users/admins.
 - 'rebind' numeric keypad to fix problems using keypad with some SSH clients
 - set 'smart home' so home key is useful
 - allow opening multiple files at once
 - always display line numbers
 - constantly display cursor position at the bottom of the screen
 - set vim lock-files
 - autoindent ON
 - tab-size of 4 spaces
 - convert tabs to spaces
 - turn off hard line wrapping
 - turn ON soft line wrapping for ease of readability
 - closing 'brackets' (for alignment purposes) set as: "')>]}
 - cut to end of line by default
 - set proper bracket matching (ie. "<" matches ">", etc.)
 - turned on default colours so nano doesn't look so drab
 - added the following key-bindings
 binding|function
 ---|---
 alt-c/alt-C|copy selected text
 alt-x/alt-X|cut selected text
 alt-v/alt-V|paste text on clipboard
--- a/config/etc/skel/readme.md
+++ b/config/etc/skel/readme.md
@ -1,10 +0,0 @@
 # /etc/skel: Included files
 ## bash.rc
 This file is used to create a new user's *~/.bashrc*.  The copy included here is
 the Debian Stretch default file.  Copying the default file resets all new users
 to a baseline state and ensures they pull their initial custom settings from the
 modified */etc/bash.bashrc* found in this archive.  If you need to reset
 existing users to a baseline configuration, have them copy this file to their
 home directory.
--- a/config/etc/ssh/readme.md
+++ b/config/etc/ssh/readme.md
@ -1,38 +0,0 @@
 # /etc/ssh: Included files
 ## SSH server configuration (sshd_config)
 This is a pretty basic SSH server setup with a few options initially commented
 out for ease of setup.  You should generate SSH Host Keys and enable the
 relevant lines in the configuration.  In addition, you should generate ssh
 key-pairs for your users and then set both *PermitRootLogin* and
 *PasswordAuthentication* to **no**.
 The default configuration included here will:
 - listen on all configured interfaces
 - **listen on non-standard port 222**
 - permit root login
 - permit passwords for authentication
 The commented lines indicate the *recommended settings* and appear directly
 before the setting currently enabled that should be changed (i.e. line removed
 and replaced with the commented line above it).
 Please see my post at [My Techie-Thoughts](https://mytechiethoughts.com/<post_address) for detailed
 instructions on setting up a secure SSH server.
 ## Banner file (banner)
 This is a sample file that can be displayed upon successful authentication to
 your server via SSH.  It is included only as an example and does not need to be
 used.  You can delete/change/replace it freely.  It is referenced in the
 *sshd_config* on the line that reads:
 ```ini
 #Banner /etc/ssh/banner
 ```
 If you want to use the banner file, edit it as desired then uncomment this line
 in your *sshd_config*.  If you do not want a banner displayed, simply leave this
 line commented (as-is) in your configuration.
--- a/config/etc/systemd/readme.md
+++ b/config/etc/systemd/readme.md
@ -1,31 +0,0 @@
 # /etc/systemd: Included files
 ## Time synchronization settings (timesyncd.conf)
 This file configures the *systemd-timesyncd.service* and allows for a very
 simple NTP-sync setup.  Edit the **NTP=** line with a space-delimited list of
 your desired timeservers.  In the event those timeservers are not available, you
 can configure backup servers by listing them on the **FallbackNTP=** line, again
 space delimited.
 I've set the defaults in this file to be the worldwide NTP.org servers.  This
 should work for pretty much anyone that uses this file, but you *really should*
 customize the list to use geographically closer timeservers (check out the list
 [here](http://support.ntp.org/bin/view/Servers/NTPPoolServers)) or the
 timeserver on your LAN, etc.
 When you're done editing this file, make sure you restart the *timesyncd
 service* and check it's status to verify it is now using one of your defined NTP
 servers.
 ```bash
 systemctl restart systemd-timesyncd.service && systemctl status systemd-timesyncd.service
 ```
 Finally, you can confirm things are working properly by running timedatectl.
 ```bash
 timedatectl
 ```
 You should see the correct time listed and *NTP synchronized: yes*.
--- a/config/root/readme.md
+++ b/config/root/readme.md
@ -1,9 +1,3 @@
-# /root: Included files
+Changes/additions in the /root folder.
-
+=
-## bash.rc
+- default .bashrc (for reference or to return to default state)
 The copy included here is the Debian Stretch default file for the **ROOT user**.
 Copying the default file resets the root user's profile to a baseline state and
 ensures they pull their initial custom settings from the modified
 */etc/bash.bashrc* found in this archive.  If you ever need to reset your root
 user's profile, simply copy this file.