#!/usr/bin/env bash
# shellcheck disable=2034
################################################################################
# This is property of eXtremeSHOK.com
# You are free to use, modify and distribute, however you may not remove this notice.
# Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
################################################################################
#
# Script updates can be found at: https://github.com/extremeshok/xshok-proxmox
#
################################################################################
#
# User Defined Options for (install-post.sh) post-installation script for Proxmox
#
# Usage: place in the same folder as install-post.sh and rename to xs-install-post.env
#
#### VARIABLES
#
# yes = enabled
# no = disabled
#
#### VARIABLES / options
# Detect AMD EPYC and Ryzen CPU and Apply Fixes
XS_AMDFIXES="no"
# Force APT to use IPv4
XS_APTIPV4="yes"
# Update proxmox and install various system utils
XS_APTUPGRADE="yes"
# Customise bashrc
XS_BASHRC="yes"
# Add the latest ceph provided by proxmox
XS_CEPH="no"
# Disable portmapper / rpcbind (security)
XS_DISABLERPC="yes"
# Ensure Entropy Pools are Populated, prevents slowdowns whilst waiting for entropy
XS_ENTROPY="yes"
# Protect the web interface with fail2ban
XS_FAIL2BAN="yes"
# Detect if is a virtual machine and install the relavant guest agent
XS_GUESTAGENT="no"
# Install ifupdown2 for a virtual internal network allows rebootless networking changes (not compatible with openvswitch-switch)
XS_IFUPDOWN2="yes"
# Limit the size and optimise journald
XS_JOURNALD="yes"
# Install kernel source headers
XS_KERNELHEADERS="no"
# Ensure ksmtuned (ksm-control-daemon) is enabled and optimise according to ram size
XS_KSMTUNED="no"
# Set language, if changed will disable XS_NOAPTLANG
XS_LANG="en_US.UTF-8"
# Enable restart on kernel panic, kernel oops and hardlockup
XS_KERNELPANIC="yes"
# Increase max user watches, FD limit, FD ulimit, max key limit, ulimits
XS_LIMITS="yes"
# Optimise logrotate
XS_LOGROTATE="yes"
# Lynis security scan tool by Cisofy
XS_LYNIS="no"
# Increase Max FS open files
XS_MAXFS="yes"
# Optimise Memory
XS_MEMORYFIXES="yes"
# Pretty MOTD BANNER
XS_MOTD="yes"
# Enable Network optimising
XS_NET="yes"
# Save bandwidth and skip downloading additional languages, requires XS_LANG="en_US.UTF-8"
XS_NOAPTLANG="yes"
# Disable enterprise proxmox repo
XS_NOENTREPO="yes"
# Remove subscription banner
XS_NOSUBBANNER="yes"
# Install openvswitch for a virtual internal network
XS_OPENVSWITCH="no"
# Detect if this is an OVH server and install OVH Real Time Monitoring
XS_OVHRTM="no"
# Set pigz to replace gzip, 2x faster gzip compression
XS_PIGZ="yes"
# Bugfix: high swap usage with low memory usage
XS_SWAPPINESS="yes"
# Enable TCP BBR congestion control
XS_TCPBBR="yes"
# Enable TCP fastopen
XS_TCPFASTOPEN="yes"
# Enable testing proxmox repo
XS_TESTREPO="no"
# Automatically Synchronize the time
XS_TIMESYNC="yes"
# Set Timezone, empty = set automatically by IP
XS_TIMEZONE=""
# Install common system utilities
XS_UTILS="yes"
# Increase vzdump backup speed
XS_VZDUMP="yes"
# Optimise ZFS arc size accoring to memory size
XS_ZFSARC="no"
# Install zfs-auto-snapshot
XS_ZFSAUTOSNAPSHOT="no"
# Enable VFIO IOMMU support for PCIE passthrough
XS_VFIO_IOMMU="yes"