alfonzso/ubuntu-autoinstaller
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

save dconf and turn off powersave for wifi interface

Browse Source
This commit is contained in:
Zsolt Alföldi
2026-03-06 19:38:01 +01:00
parent afe08abeb9
commit 85386fc0ea
2 changed files with 268 additions and 135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

267
deployment/post-install.sh
View File

@@ -8,182 +8,199 @@ NC='\033[0m'
info() { echo -e "${GREEN}[+]${NC} $*"; } info() { echo -e "${GREEN}[+]${NC} $*"; }
warn() { echo -e "${YELLOW}[!]${NC} $*"; } warn() { echo -e "${YELLOW}[!]${NC} $*"; }
error() { error() {
echo -e "${RED}[✗]${NC} $*" echo -e "${RED}[✗]${NC} $*"
exit 1 exit 1
} }
function desktop() { function desktop() {
# ─── DESKTOP ───────────────────────────────────────────────────────────────── # ─── DESKTOP ─────────────────────────────────────────────────────────────────
info "Installing GNOME desktop (minimal)..." info "Installing GNOME desktop (minimal)..."
DEBIAN_FRONTEND=noninteractive apt-get install -y \ DEBIAN_FRONTEND=noninteractive apt-get install -y \
ubuntu-desktop-minimal \ ubuntu-desktop-minimal \
gnome-tweaks \ gnome-tweaks \
gnome-terminal \ gnome-terminal \
firefox \ firefox \
nautilus nautilus
systemctl set-default graphical.target systemctl set-default graphical.target
info "Desktop installed." info "Desktop installed."
echo desktop >>/tmp/installer echo desktop >>/tmp/installer
} }
function docker() { function docker() {
# ─── DOCKER ────────────────────────────────────────────────────────────────── # ─── DOCKER ──────────────────────────────────────────────────────────────────
info "Installing Docker..." info "Installing Docker..."
install -m 0755 -d /etc/apt/keyrings install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | curl -fsSL https://download.docker.com/linux/ubuntu/gpg |
gpg --dearmor -o /etc/apt/keyrings/docker.gpg gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg chmod a+r /etc/apt/keyrings/docker.gpg
echo \ echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
https://download.docker.com/linux/ubuntu \ https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" \ $(. /etc/os-release && echo "$VERSION_CODENAME") stable" \
>/etc/apt/sources.list.d/docker.list >/etc/apt/sources.list.d/docker.list
apt-get update -qq apt-get update -qq
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
usermod -aG docker "$TARGET_USER" usermod -aG docker "$TARGET_USER"
systemctl enable docker systemctl enable docker
info "Docker installed." info "Docker installed."
echo docker >>/tmp/installer echo docker >>/tmp/installer
} }
function intune() { function intune() {
# # ─── HIMMELBLAU (Azure Entra ID) ───────────────────────────────────────────── # # ─── HIMMELBLAU (Azure Entra ID) ─────────────────────────────────────────────
# info "Installing Himmelblau..." # info "Installing Himmelblau..."
# curl -fsSL https://packages.himmelblau-idm.org/himmelblau.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/himmelblau.gpg # curl -fsSL https://packages.himmelblau-idm.org/himmelblau.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/himmelblau.gpg
# add-apt-repository -y "deb [arch=amd64] https://packages.himmelblau-idm.org/stable/latest/deb/ubuntu24.04/ ./" # add-apt-repository -y "deb [arch=amd64] https://packages.himmelblau-idm.org/stable/latest/deb/ubuntu24.04/ ./"
# #
# # Pre-seed kerberos to avoid interactive prompts # # Pre-seed kerberos to avoid interactive prompts
# echo "krb5-config krb5-config/default_realm string EXAMPLE.COM" | debconf-set-selections # echo "krb5-config krb5-config/default_realm string EXAMPLE.COM" | debconf-set-selections
# echo "krb5-config krb5-config/add_servers boolean false" | debconf-set-selections # echo "krb5-config krb5-config/add_servers boolean false" | debconf-set-selections
# echo "krb5-config krb5-config/add_servers_realm string EXAMPLE.COM" | debconf-set-selections # echo "krb5-config krb5-config/add_servers_realm string EXAMPLE.COM" | debconf-set-selections
# #
# # Himmelblau # # Himmelblau
# DEBIAN_FRONTEND=noninteractive apt-get install -y -o Dpkg::Options::="--force-confold" \ # DEBIAN_FRONTEND=noninteractive apt-get install -y -o Dpkg::Options::="--force-confold" \
# himmelblau \ # himmelblau \
# pam-himmelblau \ # pam-himmelblau \
# nss-himmelblau \ # nss-himmelblau \
# himmelblau-sshd-config \ # himmelblau-sshd-config \
# himmelblau-qr-greeter \ # himmelblau-qr-greeter \
# himmelblau-sso # himmelblau-sso
# # o365 # # o365
# info "Himmelblau installed." # info "Himmelblau installed."
# #
# # 2. Fix PAM immediately after # # 2. Fix PAM immediately after
# tee /etc/pam.d/common-auth <<'EOF' # tee /etc/pam.d/common-auth <<'EOF'
# auth required pam_env.so # auth required pam_env.so
# auth [default=1 ignore=ignore success=ok] pam_localuser.so # auth [default=1 ignore=ignore success=ok] pam_localuser.so
# auth sufficient pam_unix.so nullok try_first_pass # auth sufficient pam_unix.so nullok try_first_pass
# auth sufficient pam_himmelblau.so ignore_unknown_user # auth sufficient pam_himmelblau.so ignore_unknown_user
# auth required pam_deny.so # auth required pam_deny.so
# EOF # EOF
# #
# tee /etc/pam.d/common-account <<'EOF' # tee /etc/pam.d/common-account <<'EOF'
# account [default=1 ignore=ignore success=ok] pam_localuser.so # account [default=1 ignore=ignore success=ok] pam_localuser.so
# account sufficient pam_unix.so # account sufficient pam_unix.so
# account sufficient pam_himmelblau.so ignore_unknown_user # account sufficient pam_himmelblau.so ignore_unknown_user
# account required pam_deny.so # account required pam_deny.so
# EOF # EOF
apt -y install curl software-properties-common apt-transport-https apt -y install curl software-properties-common apt-transport-https
curl -sSL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /usr/share/keyrings/microsoft.gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /usr/share/keyrings/microsoft.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/microsoft.gpg] https://packages.microsoft.com/repos/edge stable main" | tee /etc/apt/sources.list.d/microsoft-edge.list echo "deb [arch=amd64 signed-by=/usr/share/keyrings/microsoft.gpg] https://packages.microsoft.com/repos/edge stable main" | tee /etc/apt/sources.list.d/microsoft-edge.list
sh -c 'echo "deb [arch=amd64 signed-by=/usr/share/keyrings/microsoft.gpg] https://packages.microsoft.com/ubuntu/$(lsb_release -rs)/prod $(lsb_release -cs) main" >> /etc/apt/sources.list.d/microsoft-ubuntu-$(lsb_release -cs)-prod.list' sh -c 'echo "deb [arch=amd64 signed-by=/usr/share/keyrings/microsoft.gpg] https://packages.microsoft.com/ubuntu/$(lsb_release -rs)/prod $(lsb_release -cs) main" >> /etc/apt/sources.list.d/microsoft-ubuntu-$(lsb_release -cs)-prod.list'
apt update apt update
apt install microsoft-edge-stable intune-portal -y apt install microsoft-edge-stable intune-portal -y
echo intune >>/tmp/installer echo intune >>/tmp/installer
} }
function nix_home_manager() { function nix_home_manager() {
# ─── NIX + HOME-MANAGER ────────────────────────────────────────────────────── # ─── NIX + HOME-MANAGER ──────────────────────────────────────────────────────
info "Installing Nix (multi-user)..." info "Installing Nix (multi-user)..."
sh <(curl --proto '=https' --tlsv1.2 -L https://nixos.org/nix/install) --daemon --yes sh <(curl --proto '=https' --tlsv1.2 -L https://nixos.org/nix/install) --daemon --yes
info "Sourcing Nix..." info "Sourcing Nix..."
source /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh source /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
info "Adding home-manager channel..." info "Adding home-manager channel..."
nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz home-manager nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz home-manager
nix-channel --update nix-channel --update
info "Installing home-manager..." info "Installing home-manager..."
nix-shell '<home-manager>' -A install nix-shell '<home-manager>' -A install
echo nix_home_manager >>/tmp/installer echo nix_home_manager >>/tmp/installer
} }
function displaylink_driver() { function displaylink_driver() {
# DisplayLink # DisplayLink
curl -fsSL -o /tmp/synaptics-keyring.deb \ curl -fsSL -o /tmp/synaptics-keyring.deb \
"https://www.synaptics.com/sites/default/files/Ubuntu/pool/stable/main/all/synaptics-repository-keyring.deb" "https://www.synaptics.com/sites/default/files/Ubuntu/pool/stable/main/all/synaptics-repository-keyring.deb"
apt-get install -y /tmp/synaptics-keyring.deb apt-get install -y /tmp/synaptics-keyring.deb
apt-get update apt-get update
apt-get install -y displaylink-driver apt-get install -y displaylink-driver
systemctl start displaylink-driver.service systemctl start displaylink-driver.service
echo displaylink_driver >>/tmp/installer echo displaylink_driver >>/tmp/installer
} }
function zscaler() { function zscaler() {
apt install /home/${TARGET_USER}/nocloud/zscaler-client_3.7.1.71-1_amd64.deb -y apt install /home/${TARGET_USER}/nocloud/zscaler-client_3.7.1.71-1_amd64.deb -y
echo zscaler >>/tmp/installer echo zscaler >>/tmp/installer
} }
function dash_to_panel() { function dash_to_panel() {
# ─── DASH TO PANEL ─────────────────────────────────────────────────────────── # ─── DASH TO PANEL ───────────────────────────────────────────────────────────
info "Installing Dash to Panel..." info "Installing Dash to Panel..."
sudo -u "$TARGET_USER" bash -c ' sudo -u "$TARGET_USER" bash -c '
cd /tmp cd /tmp
git clone https://github.com/home-sweet-gnome/dash-to-panel.git || true git clone https://github.com/home-sweet-gnome/dash-to-panel.git || true
cd dash-to-panel cd dash-to-panel
make install make install
' '
dconf update dconf update
echo dash_to_panel >>/tmp/installer echo dash_to_panel >>/tmp/installer
} }
function qemu() { function qemu() {
info "Install qemu binaries" info "Install qemu binaries"
apt install -y qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virt-manager libnss-libvirt qemu-user-static binfmt-support apt install -y qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virt-manager libnss-libvirt qemu-user-static binfmt-support
echo qemu >>/tmp/installer echo qemu >>/tmp/installer
} }
function chrome() { function chrome() {
info "Install chrome binaries" info "Install chrome binaries"
cd /tmp cd /tmp
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo apt install ./google-chrome-stable_current_amd64.deb sudo apt install ./google-chrome-stable_current_amd64.deb
cd - cd -
echo chrome >>/tmp/installer echo chrome >>/tmp/installer
}
function gnome_keyring_patch() {
info "Patching keyring"
BASE="http://archive.ubuntu.com/ubuntu/pool/main/g/gnome-keyring"
# The fix was backported to Noble as 46.1-2ubuntu0.1 (released 2026-02-27)
curl -LO "$BASE/gnome-keyring_46.1-2ubuntu0.1_amd64.deb"
curl -LO "$BASE/libpam-gnome-keyring_46.1-2ubuntu0.1_amd64.deb"
sudo dpkg -i gnome-keyring_46.1-2ubuntu0.1_amd64.deb \
libpam-gnome-keyring_46.1-2ubuntu0.1_amd64.deb
echo "Done! Log out and back in to apply."
echo gnome_keyring_patch >>/tmp/installer
} }
function main() { function main() {
desktop || true desktop || true
docker || true docker || true
intune || true nix_home_manager || true
nix_home_manager || true displaylink_driver || true
displaylink_driver || true dash_to_panel || true
zscaler || true qemu || true
dash_to_panel || true chrome || true
qemu || true gnome_keyring_patch || true
chrome || true
# ─── SSH ───────────────────────────────────────────────────────────────────── intune || true
info "Enabling SSH..." zscaler || true
systemctl enable ssh
# ─── (passwordless for "$TARGET_USER") ───────────────────────────────────────── # ─── SSH ─────────────────────────────────────────────────────────────────────
info "Configuring sudoers..." info "Enabling SSH..."
echo "$TARGET_USER ALL=(ALL) NOPASSWD:ALL" >"/etc/sudoers.d/$TARGET_USER" systemctl enable ssh
chmod 440 "/etc/sudoers.d/$TARGET_USER"
info "Post-install complete ✓" # ─── (passwordless for "$TARGET_USER") ─────────────────────────────────────────
systemctl start gdm info "Configuring sudoers..."
echo "$TARGET_USER ALL=(ALL) NOPASSWD:ALL" >"/etc/sudoers.d/$TARGET_USER"
chmod 440 "/etc/sudoers.d/$TARGET_USER"
info "Post-install complete ✓"
systemctl start gdm
} }
if [[ "${1:-NOPE}" = "main" ]]; then if [[ "${1:-NOPE}" = "main" ]]; then
main main
fi fi

136
templates/user-data.tmpl
View File

@@ -136,6 +136,13 @@ autoinstall:
HandleHibernateKey=ignore HandleHibernateKey=ignore
IdleAction=ignore IdleAction=ignore
- path: /etc/NetworkManager/conf.d/default-wifi-powersave-on.conf
permissions: "0644"
owner: root:root
content: |
[connection]
wifi.powersave = 2
- path: /etc/dconf/db/local.d/99-custom-gnome - path: /etc/dconf/db/local.d/99-custom-gnome
permissions: "0644" permissions: "0644"
owner: root:root owner: root:root
@@ -144,23 +151,70 @@ autoinstall:
color-scheme='prefer-dark' color-scheme='prefer-dark'
gtk-theme='Adwaita-dark' gtk-theme='Adwaita-dark'
[org/gnome/shell] [org/gnome/desktop/background]
disabled-extensions=['ubuntu-dock@ubuntu.com'] color-shading-type='solid'
enabled-extensions=['dash-to-panel@jderose9.github.com'] picture-options='zoom'
disable-user-extensions=false picture-uri='file:///usr/share/backgrounds/Fuji_san_by_amaral.png'
picture-uri-dark='file:///usr/share/backgrounds/Fuji_san_by_amaral.png'
primary-color='#000000'
secondary-color='#000000'
[org/gnome/settings-daemon/plugins/power] [org/gnome/desktop/screensaver]
sleep-inactive-ac-type='nothing' picture-uri='file:///usr/share/backgrounds/Fuji_san_by_amaral.png'
sleep-inactive-battery-type='nothing'
# power-button-action='nothing'
[org/gnome/desktop/session] [org/gnome/desktop/session]
idle-delay=uint32 0 idle-delay=uint32 0
[org/gnome/settings-daemon/plugins/power]
idle-dim=false
sleep-inactive-ac-type='nothing'
sleep-inactive-battery-type='nothing'
sleep-inactive-ac-timeout=3600
[org/gnome/desktop/peripherals/mouse]
speed=-0.60
# [org/gnome/desktop/peripherals/touchpad]
# edge-scrolling-enabled=true
# two-finger-scrolling-enabled=false
[org/gnome/desktop/peripherals/keyboard]
numlock-state=true
[org/gnome/desktop/notifications]
show-banners=false
[org/gnome/desktop/wm/keybindings]
maximize=@as []
unmaximize=@as []
move-to-workspace-left=['<Shift><Control><Alt>h']
move-to-workspace-right=['<Shift><Control><Alt>l']
switch-to-workspace-left=['<Control><Alt>h']
switch-to-workspace-right=['<Control><Alt>l']
[org/gnome/mutter/keybindings]
toggle-tiled-left=@as []
toggle-tiled-right=@as []
[org/gnome/shell]
disable-user-extensions=false
disabled-extensions=['ubuntu-dock@ubuntu.com']
enabled-extensions=['dash-to-panel@jderose9.github.com']
favorite-apps=['firefox_firefox.desktop', 'google-chrome.desktop', 'microsoft-edge.desktop', 'org.gnome.Nautilus.desktop', 'ZSTray.desktop', 'org.gnome.Settings.desktop', 'org.gnome.Terminal.desktop', 'msedge-cifhbcnohmdccbgoicgdjpfamggdegmo-Default.desktop']
[org/gnome/shell/extensions/dash-to-panel]
dot-position='BOTTOM'
panel-sizes='{"GSM-0x01010101":32,"IVO-0x00000000":32}'
panel-anchors='{"GSM-0x01010101":"MIDDLE","IVO-0x00000000":"MIDDLE","HWP-3CQ5372CSD":"MIDDLE"}'
panel-element-positions='{"GSM-0x01010101":[{"element":"showAppsButton","visible":true,"position":"stackedTL"},{"element":"activitiesButton","visible":false,"position":"stackedTL"},{"element":"leftBox","visible":true,"position":"stackedTL"},{"element":"taskbar","visible":true,"position":"stackedTL"},{"element":"centerBox","visible":true,"position":"stackedBR"},{"element":"dateMenu","visible":true,"position":"centerMonitor"},{"element":"rightBox","visible":true,"position":"stackedBR"},{"element":"systemMenu","visible":true,"position":"stackedBR"},{"element":"desktopButton","visible":true,"position":"stackedBR"}],"IVO-0x00000000":[{"element":"showAppsButton","visible":true,"position":"stackedTL"},{"element":"activitiesButton","visible":false,"position":"stackedTL"},{"element":"leftBox","visible":true,"position":"stackedTL"},{"element":"taskbar","visible":true,"position":"stackedTL"},{"element":"centerBox","visible":true,"position":"stackedBR"},{"element":"dateMenu","visible":true,"position":"centerMonitor"},{"element":"rightBox","visible":true,"position":"stackedBR"},{"element":"systemMenu","visible":true,"position":"stackedBR"},{"element":"desktopButton","visible":true,"position":"stackedBR"}]}'
window-preview-title-position='TOP'
hotkeys-overlay-combo='TEMPORARILY'
prefs-opened=false
[system/proxy] [system/proxy]
autoconfig-url='proxyconf.glb.nokia.com/proxy.pac'
ignore-hosts=['localhost', '127.0.0.0/8', '::1', '192.168.1.1', '192.168.0.0', '192.168.0.0/8']
mode='none' mode='none'
autoconfig-url=''
ignore-hosts=['localhost', '127.0.0.0/8', '::1', '192.168.1.1', '192.168.0.0', '192.168.0.0/8']
[system/proxy/http] [system/proxy/http]
host='10.158.100.1' host='10.158.100.1'
@@ -169,6 +223,68 @@ autoinstall:
host='10.158.100.1' host='10.158.100.1'
port=8080 port=8080
[org/gnome/terminal/legacy/profiles:]
default='71a9971e-e829-43a9-9b2f-4565c855d664'
list=['b1dcc9dd-5262-4d8d-a863-c897e6d979b9', 'de8a9081-8352-4ce4-9519-5de655ad9361', '71a9971e-e829-43a9-9b2f-4565c855d664', '5083e06b-024e-46be-9cd2-892b814f1fc8', '95894cfd-82f7-430d-af6e-84d168bc34f5']
[org/gnome/terminal/legacy/profiles:/:b1dcc9dd-5262-4d8d-a863-c897e6d979b9]
cell-width-scale=1.0
font='Monospace 10'
use-system-font=false
[org/gnome/terminal/legacy/profiles:/:de8a9081-8352-4ce4-9519-5de655ad9361]
visible-name='Catppuccin Latte'
background-color='#eff1f5'
foreground-color='#4c4f69'
highlight-colors-set=true
highlight-background-color='#dc8a78'
highlight-foreground-color='#acb0be'
cursor-colors-set=true
cursor-background-color='#dc8a78'
cursor-foreground-color='#eff1f5'
use-theme-colors=false
palette=['#5c5f77', '#d20f39', '#40a02b', '#df8e1d', '#1e66f5', '#ea76cb', '#179299', '#acb0be', '#6c6f85', '#d20f39', '#40a02b', '#df8e1d', '#1e66f5', '#ea76cb', '#179299', '#bcc0cc']
[org/gnome/terminal/legacy/profiles:/:71a9971e-e829-43a9-9b2f-4565c855d664]
visible-name='Catppuccin Frappe'
background-color='#303446'
foreground-color='#c6d0f5'
highlight-colors-set=true
highlight-background-color='#f2d5cf'
highlight-foreground-color='#626880'
cursor-colors-set=true
cursor-background-color='#f2d5cf'
cursor-foreground-color='#303446'
use-theme-colors=false
font='Monospace 10'
use-system-font=false
palette=['#51576d', '#e78284', '#a6d189', '#e5c890', '#8caaee', '#f4b8e4', '#81c8be', '#b5bfe2', '#626880', '#e78284', '#a6d189', '#e5c890', '#8caaee', '#f4b8e4', '#81c8be', '#a5adce']
[org/gnome/terminal/legacy/profiles:/:5083e06b-024e-46be-9cd2-892b814f1fc8]
visible-name='Catppuccin Macchiato'
background-color='#24273a'
foreground-color='#cad3f5'
highlight-colors-set=true
highlight-background-color='#f4dbd6'
highlight-foreground-color='#5b6078'
cursor-colors-set=true
cursor-background-color='#f4dbd6'
cursor-foreground-color='#24273a'
use-theme-colors=false
palette=['#494d64', '#ed8796', '#a6da95', '#eed49f', '#8aadf4', '#f5bde6', '#8bd5ca', '#b8c0e0', '#5b6078', '#ed8796', '#a6da95', '#eed49f', '#8aadf4', '#f5bde6', '#8bd5ca', '#a5adcb']
[org/gnome/terminal/legacy/profiles:/:95894cfd-82f7-430d-af6e-84d168bc34f5]
visible-name='Catppuccin Mocha'
background-color='#1e1e2e'
foreground-color='#cdd6f4'
highlight-colors-set=true
highlight-background-color='#f5e0dc'
highlight-foreground-color='#585b70'
cursor-colors-set=true
cursor-background-color='#f5e0dc'
cursor-foreground-color='#1e1e2e'
use-theme-colors=false
palette=['#45475a', '#f38ba8', '#a6e3a1', '#f9e2af', '#89b4fa', '#f5c2e7', '#94e2d5', '#bac2de', '#585b70', '#f38ba8', '#a6e3a1', '#f9e2af', '#89b4fa', '#f5c2e7', '#94e2d5', '#a6adc8']
- path: /etc/dconf/profile/user - path: /etc/dconf/profile/user
owner: root:root owner: root:root
content: | content: |