refactor

2023-10-25 14:29:04 +08:00 · 2023-10-25 14:29:04 +08:00 · 1dc82077bb
commit 1dc82077bb
parent 1d46424bc3
6 changed files with 331 additions and 570 deletions
--- a/init_priv.sh
+++ b/init_priv.sh
@ -0,0 +1,181 @@
 #!/usr/bin/env bash
 scriptdir=$(dirname $(realpath $0))
 tempdir=$(mktemp -d)
 if [[ $(sudo id -u) -ne 0 ]]; then
    echo "Please get sudo access first."
    exit 1
 fi
 # ============================================================
 . $scriptdir/init_user.sh
 # ============================================================
 configure_tuna() {
    [ $abroad -eq 1 ] && return
    read -p "要切换 Tuna 源吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        python3 $scriptdir/files/oh-my-tuna.py
        # 如果 uid 不为 0 则 sudo 再跑一次
        if [[ $EUID -ne 0 ]]; then
            sudo python3 $scriptdir/files/oh-my-tuna.py
        fi
    fi
 }
 configure_upgrade() {
    read -p "要运行 apt upgrade 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo apt update
        sudo apt upgrade -y
        sudo apt autoremove -y
    fi
 }
 configure_install() {
    read -p "要运行 apt/pip3 install 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo apt update
        sudo apt install tmux git curl htop net-tools tcptraceroute tar unzip -y
        sudo apt install hexyl bat neofetch fd-find fzf pigz -y
        pip3 install trash-cli
        sudo apt install exa -y
        if [ $? -ne 0 ]; then
            unzip $scriptdir/files/exa-linux-x86_64-v0.10.1.zip -d $tempdir/exa
            sudo cp $tempdir/exa/bin/* /usr/local/bin/
            sudo cp $tempdir/exa/man/* /usr/share/man/man1/
            sudo cp $tempdir/exa/completions/exa.zsh /usr/local/share/zsh/site-functions
            rm $tempdir/exa -r
        fi
    fi
 }
 configure_nano() {
    [ -f ~/.nanorc ] && return
    read -p "要配置 nano 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install nano -y
        cp $scriptdir/files/.nanorc ~/.nanorc
    fi
 }
 configure_vim() {
    [ -f ~/.vimrc ] && return
    read -p "要配置 vim 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install vim -y
        cp $scriptdir/files/.vimrc ~/.vimrc
    fi
 }
 configure_zsh() {
    [ -f ~/.zshrc ] && return
    read -p "要配置 zsh 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install zsh -y
        rm ~/.oh-my-zsh -r
        git_clone ohmyzsh/ohmyzsh ~/.oh-my-zsh
        RUNZSH=no ZSH=~/.oh-my-zsh $scriptdir/files/install-ohmyzsh.sh
        git_clone zsh-users/zsh-autosuggestions ~/.oh-my-zsh/plugins/zsh-autosuggestions
        git_clone zsh-users/zsh-syntax-highlighting ~/.oh-my-zsh/plugins/zsh-syntax-highlighting
        git_clone paulirish/git-open ~/.oh-my-zsh/plugins/git-open --norecursive
        sudo apt install autojump -y
        cp $scriptdir/files/.zshrc ~/.zshrc
        cp $scriptdir/files/ys-simple.zsh-theme ~/.oh-my-zsh/themes/ys-simple.zsh-theme
    fi
 }
 configure_tmux() {
    [ -f ~/.tmux.conf ] && return
    read -p "要配置 tmux 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install tmux -y
        rm ~/.tmux -r
        git_clone tmux-plugins/tpm ~/.tmux/plugins/tpm --norecursive
        git_clone tmux-plugins/tmux-sensible ~/.tmux/plugins/tmux-sensible
        git_clone tmux-plugins/tmux-yank ~/.tmux/plugins/tmux-yank
        git_clone tmux-plugins/tmux-prefix-highlight ~/.tmux/plugins/tmux-prefix-highlight
        git_clone seebi/tmux-colors-solarized ~/.tmux/plugins/tmux-colors-solarized
        cp $scriptdir/files/.tmux.conf ~/.tmux.conf
        sudo apt install xsel -y # 能够让 tmux 剪切板与 terminal 同步
    fi
 }
 configure_fail2ban() {
    [ -f /etc/fail2ban/jail.local ] && return
    read -p "要配置 fail2ban 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install fail2ban
        sudo mkdir -p /etc/fail2ban
        sudo cp $scriptdir/files/jail.local /etc/fail2ban/jail.local
        sudo systemctl start fail2ban
        sudo systemctl enable fail2ban
        sudo fail2ban-client status sshd
    fi
 }
 configure_iptables() {
    [ -f /etc/network/if-pre-up.d/iptables-load ] && return
    read -p "要配置 iptables 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo cp $scriptdir/files/iptables-load /etc/network/if-pre-up.d/iptables-load
        sudo chmod +x /etc/network/if-pre-up.d/iptables-load
        sudo sh /etc/network/if-pre-up.d/iptables-load
    fi
 }
 configure_hostname() {
    read -p "要修改 hostname 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        read -p "hostname: " new_hostname
        echo $new_hostname | sudo tee /etc/hostname >/dev/null
    fi
 }
 configure_timedate() {
    read -p "要修改 时区 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo timedatectl set-timezone Asia/Shanghai
    fi
 }
 # ============================================================
 configure_tuna
 configure_upgrade
 configure_install
 configure_nano
 configure_vim
 configure_zsh
 configure_tmux
 configure_fail2ban
 configure_iptables
 configure_hostname
 configure_timedate
--- a/init_root.sh
+++ b/init_root.sh
@ -1,7 +1,6 @@
-#!/bin/bash
+#!/usr/bin/env bash
 scriptdir=$(dirname $(realpath $0))
 tempdir=$(mktemp -d)
 if [[ $EUID -ne 0 ]]; then
    echo "This script must be run as root."
@ -10,292 +9,18 @@ fi
 # ============================================================
-
+. $scriptdir/init_priv.sh
 git_clone() {
    local repo=$1
    local dir=$2
    if [ ! -d "$dir" ]; then
        if [ "$3" = "--depth=1" ]; then
            git clone --depth=1 "$github/$repo" $dir
        elif [ "$3" = "--norecursive" ]; then
            git clone --single-branch "$github/$repo" $dir
        else
            git clone --single-branch --recursive "$github/$repo" $dir
        fi
    fi
 }
 update_file() {
    local A="$1"
    local B="$2"
    if [ -f "$A" ] && [ -f "$B" ] && [ "$(cat "$A")" != "$(cat "$B")" ]; then
        cp "$A" "$B"
        echo "File $B has been updated."
    fi
 }
 # ============================================================
-check_google_access() {
+# configure_docker() {
-    abroad=0
+#     [ -f /etc/docker/daemon.json ] && return
    local response=$(curl -s -o /dev/null -w "%{http_code}" -m 5 "http://www.google.com")
-    if [ "$response" -eq 200 ]; then
+#     read -p "要配置 Docker 吗？[N]: " response
        abroad=1
        echo "Internet: abroad"
        github="https://github.com"
    else
        abroad=0
        echo "Internet: internal"
        github="https://g.nano.ac/https://github.com"
    fi
 }
-update_files() {
+#     if [[ $response =~ ^[Yy]$ ]]; then
-    update_file $scriptdir/files/ys-simple.zsh-theme ~/.oh-my-zsh/themes/ys-simple.zsh-theme
+#         cp $scriptdir/files/docker-rootless-daemon.json /etc/docker/daemon.json
-}
+#     fi
 # }
 configure_ssh() {
    [ -f ~/.ssh/authorized_keys ] && return
    read -p "要配置 authorized_keys 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        mkdir -p ~/.ssh
        cp $scriptdir/files/authorized_keys ~/.ssh/authorized_keys
    fi
 }
 configure_ssh_keygen() {
    [ -f ~/.ssh/id_ed25519.pub ] && return
    read -p "要生成 sshkey 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        mkdir -p ~/.ssh
        read -p "sshkey 的名字: " sshkeyname
        ssh-keygen -t ed25519 -C $sshkeyname
    fi
 }
 configure_nano() {
    [ -f ~/.nanorc ] && return
    read -p "要配置 nano 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        apt install nano -y
        cp $scriptdir/files/.nanorc ~/.nanorc
    fi
 }
 configure_vim() {
    [ -f ~/.vimrc ] && return
    read -p "要配置 vim 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        apt install vim -y
        cp $scriptdir/files/.vimrc ~/.vimrc
    fi
 }
 configure_tuna() {
    [ $abroad -eq 1 ] && return
    read -p "要切换 Tuna 源吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        python3 $scriptdir/files/oh-my-tuna.py
    fi
 }
 configure_apt_upgrade() {
    read -p "要运行 apt upgrade 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        apt update
        apt upgrade -y
        apt autoremove -y
    fi
 }
 configure_install() {
    read -p "要运行 apt/pip3 install 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        apt update
        apt install tmux git curl htop net-tools tcptraceroute tar unzip -y
        apt install hexyl bat neofetch fd-find fzf pigz -y
        pip3 install trash-cli
        apt install exa -y
        if [ $? -ne 0 ]; then
            unzip $scriptdir/files/exa-linux-x86_64-v0.10.1.zip -d $tempdir/exa
            cp $tempdir/exa/bin/* /usr/local/bin/
            cp $tempdir/exa/man/* /usr/share/man/man1/
            cp $tempdir/exa/completions/exa.zsh /usr/local/share/zsh/site-functions
            rm $tempdir/exa -r
        fi
    fi
 }
 configure_zsh() {
    [ -f ~/.zshrc ] && return
    read -p "要配置 zsh 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        apt install zsh -y
        rm ~/.oh-my-zsh -r
        git_clone ohmyzsh/ohmyzsh ~/.oh-my-zsh
        RUNZSH=no ZSH=~/.oh-my-zsh $scriptdir/files/install-ohmyzsh.sh
        git_clone zsh-users/zsh-autosuggestions ~/.oh-my-zsh/plugins/zsh-autosuggestions
        git_clone zsh-users/zsh-syntax-highlighting ~/.oh-my-zsh/plugins/zsh-syntax-highlighting
        git_clone paulirish/git-open ~/.oh-my-zsh/plugins/git-open --norecursive
        apt install autojump -y
        cp $scriptdir/files/.zshrc ~/.zshrc
        cp $scriptdir/files/ys-simple.zsh-theme ~/.oh-my-zsh/themes/ys-simple.zsh-theme
    fi
 }
 configure_tmux() {
    [ -f ~/.tmux.conf ] && return
    read -p "要配置 tmux 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        apt install tmux -y
        rm ~/.tmux -r
        git_clone tmux-plugins/tpm ~/.tmux/plugins/tpm --norecursive
        git_clone tmux-plugins/tmux-sensible ~/.tmux/plugins/tmux-sensible
        git_clone tmux-plugins/tmux-yank ~/.tmux/plugins/tmux-yank
        git_clone tmux-plugins/tmux-prefix-highlight ~/.tmux/plugins/tmux-prefix-highlight
        git_clone seebi/tmux-colors-solarized ~/.tmux/plugins/tmux-colors-solarized
        cp $scriptdir/files/.tmux.conf ~/.tmux.conf
        apt install xsel -y # 能够让 tmux 剪切板与 terminal 同步
    fi
 }
 configure_iptables() {
    [ -f /etc/network/if-pre-up.d/iptables-load ] && return
    read -p "要配置 iptables 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        cp $scriptdir/files/iptables-load /etc/network/if-pre-up.d/iptables-load
        chmod +x /etc/network/if-pre-up.d/iptables-load
        sh /etc/network/if-pre-up.d/iptables-load
    fi
 }
 configure_hostname() {
    read -p "要修改 hostname 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        read -p "hostname: " new_hostname
        echo $new_hostname | tee /etc/hostname >/dev/null
    fi
 }
 configure_timedate() {
    read -p "要修改 时区 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        timedatectl set-timezone Asia/Shanghai
    fi
 }
 configure_fail2ban() {
    [ -f /etc/fail2ban/jail.local ] && return
    read -p "要配置 fail2ban 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        apt install fail2ban
        mkdir -p /etc/fail2ban
        cp $scriptdir/files/jail.local /etc/fail2ban/jail.local
        systemctl start fail2ban
        systemctl enable fail2ban
        fail2ban-client status sshd
    fi
 }
 configure_miniconda() {
    [ -d ~/.miniconda3 ] && return
    read -p "要安装 miniconda 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh -O $tempdir/miniconda.sh
        bash $tempdir/miniconda.sh -b -p ~/.miniconda3
        rm $tempdir/miniconda.sh
        ~/.miniconda3/bin/conda init zsh
        ~/.miniconda3/bin/conda config --set changeps1 False
        ~/.miniconda3/bin/conda install -c conda-forge mamba
        ~/.miniconda3/bin/mamba init
    fi
 }
 configure_git() {
    [ -f ~/.gitconfig ] && return
    read -p "要配置 git 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        cp $scriptdir/files/.gitconfig ~/.gitconfig
    fi
 }
 configure_nodejs() {
    [ -d ~/.nvm/.git ] && return
    read -p "要安装 nodejs 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        git_clone nvm-sh/nvm ~/.nvm --depth=1
        \. $scriptdir/files/install-nvm.sh
        \. ~/.nvm/nvm.sh
        \. ~/.nvm/bash_completion
        nvm install lts/iron
        nvm alias default lts/iron
        nvm install-latest-npm
    fi
 }
 configure_docker() {
    [ -f /etc/docker/daemon.json ] && return
    read -p "要配置 Docker (Rootless mode) 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        cp $scriptdir/files/docker-rootless-daemon.json /etc/docker/daemon.json
    fi
 }
 check_google_access
 update_files
 configure_ssh
 configure_ssh_keygen
 configure_nano
 configure_vim
 configure_tuna
 configure_apt_upgrade
 configure_install
 configure_zsh
 configure_tmux
 configure_iptables
 configure_hostname
 configure_timedate
 configure_fail2ban
 configure_miniconda
 configure_git
 configure_nodejs
 # configure_docker
--- a/init_sudo.sh
+++ b/init_sudo.sh
@ -1,306 +1,31 @@
-#!/bin/bash
+#!/usr/bin/env bash
 scriptdir=$(dirname $(realpath $0))
 tempdir=$(mktemp -d)
 if [[ $EUID -eq 0 ]]; then
    echo "This script should not be run as root."
    exit 1
 fi
-if [[ $(sudo whoami) != "root" ]]; then
+if [[ $(sudo id -u) -ne 0 ]]; then
    echo "Please get sudo access first."
    exit 1
 fi
 # ============================================================
-git_clone() {
+. $scriptdir/init_priv.sh
    local repo=$1
    local dir=$2
    if [ ! -d "$dir" ]; then
        if [ "$3" = "--depth=1" ]; then
            git clone --depth=1 "$github/$repo" $dir
        elif [ "$3" = "--norecursive" ]; then
            git clone --single-branch "$github/$repo" $dir
        else
            git clone --single-branch --recursive "$github/$repo" $dir
        fi
    fi
 }
 update_file() {
    local A="$1"
    local B="$2"
    if [ -f "$A" ] && [ -f "$B" ] && [ "$(cat "$A")" != "$(cat "$B")" ]; then
        cp "$A" "$B"
        echo "File $B has been updated."
    fi
 }
 # ============================================================
-check_google_access() {
+# configure_docker_rootless() {
-    abroad=0
+#     [ -f ~/.config/docker/daemon.json ] && return
    local response=$(curl -s -o /dev/null -w "%{http_code}" -m 5 "http://www.google.com")
-    if [ "$response" -eq 200 ]; then
+#     read -p "要配置 Docker (Rootless mode) 吗？[N]: " response
        abroad=1
        echo "Internet: abroad"
        github="https://github.com"
    else
        abroad=0
        echo "Internet: internal"
        github="https://g.nano.ac/https://github.com"
    fi
 }
-update_files() {
+#     if [[ $response =~ ^[Yy]$ ]]; then
-    update_file $scriptdir/files/ys-simple.zsh-theme ~/.oh-my-zsh/themes/ys-simple.zsh-theme
+#         cp $scriptdir/files/docker-rootless-daemon.json ~/.config/docker/daemon.json
-}
+#     fi
 # }
 configure_ssh() {
    [ -f ~/.ssh/authorized_keys ] && return
    read -p "要配置 authorized_keys 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        mkdir -p ~/.ssh
        cp $scriptdir/files/authorized_keys ~/.ssh/authorized_keys
    fi
 }
 configure_ssh_keygen() {
    [ -f ~/.ssh/id_ed25519.pub ] && return
    read -p "要生成 sshkey 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        mkdir -p ~/.ssh
        read -p "sshkey 的名字: " sshkeyname
        ssh-keygen -t ed25519 -C $sshkeyname
    fi
 }
 configure_nano() {
    [ -f ~/.nanorc ] && return
    read -p "要配置 nano 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install nano -y
        cp $scriptdir/files/.nanorc ~/.nanorc
    fi
 }
 configure_vim() {
    [ -f ~/.vimrc ] && return
    read -p "要配置 vim 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install vim -y
        cp $scriptdir/files/.vimrc ~/.vimrc
    fi
 }
 configure_tuna() {
    [ $abroad -eq 1 ] && return
    read -p "要切换 Tuna 源吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        python3 $scriptdir/files/oh-my-tuna.py
        sudo python3 $scriptdir/files/oh-my-tuna.py
    fi
 }
 configure_apt_upgrade() {
    read -p "要运行 apt upgrade 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo apt update
        sudo apt upgrade -y
        sudo apt autoremove -y
    fi
 }
 configure_install() {
    read -p "要运行 apt/pip3 install 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo apt update
        sudo apt install tmux git curl htop net-tools tcptraceroute tar unzip -y
        sudo apt install hexyl bat neofetch fd-find fzf pigz -y
        pip3 install trash-cli
        sudo apt install exa -y
        if [ $? -ne 0 ]; then
            unzip $scriptdir/files/exa-linux-x86_64-v0.10.1.zip -d $tempdir/exa
            sudo cp $tempdir/exa/bin/* /usr/local/bin/
            sudo cp $tempdir/exa/man/* /usr/share/man/man1/
            sudo cp $tempdir/exa/completions/exa.zsh /usr/local/share/zsh/site-functions
            rm $tempdir/exa -r
        fi
    fi
 }
 configure_zsh() {
    [ -f ~/.zshrc ] && return
    read -p "要配置 zsh 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install zsh -y
        rm ~/.oh-my-zsh -r
        git_clone ohmyzsh/ohmyzsh ~/.oh-my-zsh
        RUNZSH=no ZSH=~/.oh-my-zsh $scriptdir/files/install-ohmyzsh.sh
        git_clone zsh-users/zsh-autosuggestions ~/.oh-my-zsh/plugins/zsh-autosuggestions
        git_clone zsh-users/zsh-syntax-highlighting ~/.oh-my-zsh/plugins/zsh-syntax-highlighting
        git_clone paulirish/git-open ~/.oh-my-zsh/plugins/git-open --norecursive
        sudo apt install autojump -y
        cp $scriptdir/files/.zshrc ~/.zshrc
        cp $scriptdir/files/ys-simple.zsh-theme ~/.oh-my-zsh/themes/ys-simple.zsh-theme
    fi
 }
 configure_tmux() {
    [ -f ~/.tmux.conf ] && return
    read -p "要配置 tmux 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install tmux -y
        rm ~/.tmux -r
        git_clone tmux-plugins/tpm ~/.tmux/plugins/tpm --norecursive
        git_clone tmux-plugins/tmux-sensible ~/.tmux/plugins/tmux-sensible
        git_clone tmux-plugins/tmux-yank ~/.tmux/plugins/tmux-yank
        git_clone tmux-plugins/tmux-prefix-highlight ~/.tmux/plugins/tmux-prefix-highlight
        git_clone seebi/tmux-colors-solarized ~/.tmux/plugins/tmux-colors-solarized
        cp $scriptdir/files/.tmux.conf ~/.tmux.conf
        sudo apt install xsel -y # 能够让 tmux 剪切板与 terminal 同步
    fi
 }
 configure_iptables() {
    [ -f /etc/network/if-pre-up.d/iptables-load ] && return
    read -p "要配置 iptables 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo cp $scriptdir/files/iptables-load /etc/network/if-pre-up.d/iptables-load
        sudo chmod +x /etc/network/if-pre-up.d/iptables-load
        sudo sh /etc/network/if-pre-up.d/iptables-load
    fi
 }
 configure_hostname() {
    read -p "要修改 hostname 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        read -p "hostname: " new_hostname
        echo $new_hostname | sudo tee /etc/hostname >/dev/null
    fi
 }
 configure_timedate() {
    read -p "要修改 时区 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo timedatectl set-timezone Asia/Shanghai
    fi
 }
 configure_fail2ban() {
    [ -f /etc/fail2ban/jail.local ] && return
    read -p "要配置 fail2ban 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        sudo apt install fail2ban
        sudo mkdir -p /etc/fail2ban
        sudo cp $scriptdir/files/jail.local /etc/fail2ban/jail.local
        sudo systemctl start fail2ban
        sudo systemctl enable fail2ban
        sudo fail2ban-client status sshd
    fi
 }
 configure_miniconda() {
    [ -d ~/.miniconda3 ] && return
    read -p "要安装 miniconda 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh -O $tempdir/miniconda.sh
        bash $tempdir/miniconda.sh -b -p ~/.miniconda3
        rm $tempdir/miniconda.sh
        ~/.miniconda3/bin/conda init zsh
        ~/.miniconda3/bin/conda config --set changeps1 False
        ~/.miniconda3/bin/conda install -c conda-forge mamba
        ~/.miniconda3/bin/mamba init
    fi
 }
 configure_git() {
    [ -f ~/.gitconfig ] && return
    read -p "要配置 git 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        cp $scriptdir/files/.gitconfig ~/.gitconfig
    fi
 }
 configure_nodejs() {
    [ -d ~/.nvm/.git ] && return
    read -p "要安装 nodejs 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        git_clone nvm-sh/nvm ~/.nvm --depth=1
        \. $scriptdir/files/install-nvm.sh
        \. ~/.nvm/nvm.sh
        \. ~/.nvm/bash_completion
        nvm install lts/iron
        nvm alias default lts/iron
        nvm install-latest-npm
    fi
 }
 configure_docker_rootless() {
    [ -f ~/.config/docker/daemon.json ] && return
    read -p "要配置 Docker (Rootless mode) 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        cp $scriptdir/files/docker-rootless-daemon.json ~/.config/docker/daemon.json
    fi
 }
 check_google_access
 update_files
 configure_ssh
 configure_ssh_keygen
 configure_nano
 configure_vim
 configure_tuna
 configure_apt_upgrade
 configure_install
 configure_zsh
 configure_tmux
 configure_iptables
 configure_hostname
 configure_timedate
 configure_fail2ban
 configure_miniconda
 configure_git
 configure_nodejs
 # configure_docker_rootless
--- a/init_user.sh
+++ b/init_user.sh
@ -0,0 +1,84 @@
 #!/usr/bin/env bash
 scriptdir=$(dirname $(realpath $0))
 # ============================================================
 . $scriptdir/utils.sh
 update_file $scriptdir/files/ys-simple.zsh-theme ~/.oh-my-zsh/themes/ys-simple.zsh-theme
 # ============================================================
 configure_ssh() {
    [ -f ~/.ssh/authorized_keys ] && return
    read -p "要配置 authorized_keys 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        mkdir -p ~/.ssh
        cp $scriptdir/files/authorized_keys ~/.ssh/authorized_keys
    fi
 }
 configure_ssh_keygen() {
    [ -f ~/.ssh/id_ed25519.pub ] && return
    read -p "要生成 sshkey 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        mkdir -p ~/.ssh
        read -p "sshkey 的名字: " sshkeyname
        ssh-keygen -t ed25519 -C $sshkeyname
    fi
 }
 configure_git() {
    [ -f ~/.gitconfig ] && return
    read -p "要配置 git 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        cp $scriptdir/files/.gitconfig ~/.gitconfig
    fi
 }
 configure_miniconda() {
    [ -d ~/.miniconda3 ] && return
    read -p "要安装 miniconda 吗？[N]: " response
    if [[ $response =~ ^[Yy]$ ]]; then
        wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh -O $tempdir/miniconda.sh
        bash $tempdir/miniconda.sh -b -p ~/.miniconda3
        rm $tempdir/miniconda.sh
        ~/.miniconda3/bin/conda init zsh
        ~/.miniconda3/bin/conda config --set changeps1 False
        ~/.miniconda3/bin/conda install -c conda-forge mamba
        ~/.miniconda3/bin/mamba init
    fi
 }
 configure_nodejs() {
    [ -d ~/.nvm/.git ] && return
    read -p "要安装 nodejs 吗？[Y]: " response
    if [[ -z "$response" ]] || [[ $response =~ ^[Yy]$ ]]; then
        git_clone nvm-sh/nvm ~/.nvm --depth=1
        \. $scriptdir/files/install-nvm.sh
        \. ~/.nvm/nvm.sh
        \. ~/.nvm/bash_completion
        nvm install lts/iron
        nvm alias default lts/iron
        nvm install-latest-npm
    fi
 }
 # ============================================================
 configure_ssh
 configure_ssh_keygen
 configure_git
 configure_miniconda
 configure_nodejs
--- a/run.sh
+++ b/run.sh
@ -13,5 +13,6 @@ elif [ "$(sudo id -u)" -eq 0 ]; then
    echo "Running in sudo mode."
    $scriptdir/init_sudo.sh
 else
-    echo "Please get sudo access first."
+    echo "Running in user mode."
    $scriptdir/init_user.sh
 fi
--- a/utils.sh
+++ b/utils.sh
@ -0,0 +1,45 @@
 #!/usr/bin/env bash
 git_clone() {
    local repo=$1
    local dir=$2
    if [ ! -d "$dir" ]; then
        if [ "$3" = "--depth=1" ]; then
            git clone --depth=1 "$github/$repo" $dir
        elif [ "$3" = "--norecursive" ]; then
            git clone --single-branch "$github/$repo" $dir
        else
            git clone --single-branch --recursive "$github/$repo" $dir
        fi
    fi
 }
 check_google_access() {
    abroad=0
    local response=$(curl -s -o /dev/null -w "%{http_code}" -m 5 "http://www.google.com")
    if [ "$response" -eq 200 ]; then
        abroad=1
        echo "Internet: abroad"
        github="https://github.com"
    else
        abroad=0
        echo "Internet: internal"
        github="https://g.nano.ac/https://github.com"
    fi
 }
 update_file() {
    local A="$1"
    local B="$2"
    if [ -f "$A" ] && [ -f "$B" ] && [ "$(cat "$A")" != "$(cat "$B")" ]; then
        cp "$A" "$B"
        echo "File $B has been updated."
    fi
 }
 # ============================================================
 check_google_access