#!/bin/bash -e

sudo apt install wireguard systemd-resolved unattended-upgrades \
		 chrony isc-dhcp-server bind9 apache2 postfix \
		 dovecot-imapd fetchmail rsync gnupg \
		 mariadb-server php php-{apcu,bcmath,curl,gd,gmp}\
                 php-{json,mysql,mbstring,intl,imagick,xml,zip} \
                 imagemagick libapache2-mod-php \
		 nagios4 monitoring-plugins-basic lm-sensors \
		 nagios-nrpe-plugin

( umask 377
  echo "AI+KhwnsHzSPqyIyAObx7EBBTBXFZPiXb2/Qcts8zEI=" \
  | sudo tee /etc/wireguard/private-key >/dev/null )

( cd
  umask 077
  if [ ! -d .ssh ]; then mkdir .ssh; fi
  ( echo -n "ssh-rsa"
    echo -n " AAAAB3NzaC1yc2EAAAADAQABAAABgQDXxXnqFaUq3WAmmW/P8OMm3cf"
    echo -n "AGJoL1UC8yjbsRzt63RmusID2CvPTJfO/sbNAxDKHPBvYJqiwBY8Wh2V"
    echo -n "BDXoO2lWAK9JOSvXMZZRmBh7Yk6+NsPSbeZ6H3DgzdmKubs4E5XEdkmO"
    echo -n "iivyiGBWiwzDKAOqWvb60yWDDNEuHyGNznKjyL+nAOzul1hP5f23vX3e"
    echo -n "VhTxV0zdClksvIppGsYY3EvhMxasnjvGOhECz1Pq/9PPxakY1kBKMFj8"
    echo -n "yh75UfYJyRiUcFUVZD/dQyDMj7gtihv4ANiUAIgn94I4Gt9t8a2OiLyr"
    echo -n "KhJAwTQrs4CA+suY+3uDcp2FuQAvuzpa2moUufNetQn9YYCpCQaio8I3"
    echo -n "N9N5POqPGtNT/8Fv1wwWsl/T363NJma7lrtQXKgq52YYmaUNnHxPFqLP"
    echo -n "/9ELaAKbKrXTel0ew/LyVEO6QJ6fU7lE3LYMF5DngleOpuOHyQdIJKvS"
    echo -n "oCb7ilDuG8ekZd3ZEROhtyHlr7UcHrtmZMYjhlRc="
    echo " A Small Institute Administrator" ) \
  >>.ssh/authorized_keys )

cat <<EOD | sudo tee /etc/systemd/network/10-lan.link >/dev/null
[Match]
MACAddress=08:00:27:b3:e5:5f

[Link]
Name=lan
EOD

cat <<EOD | sudo tee /etc/systemd/network/10-lan.network >/dev/null
[Match]
MACAddress=08:00:27:b3:e5:5f

[Network]
Address=192.168.56.1/24
Gateway=192.168.56.2
DNS=192.168.56.1
Domains=small.private
EOD

sudo systemctl --quiet enable systemd-networkd