added docker installation script

2 files changed, 330 insertions, 22 deletions

diff --git a/README.md b/README.md
index a5af902..0faa35f 100644
--- a/README.md
+++ b/README.md
@@ -1,15 +1,33 @@
-# Server Setup Script
+# Server Setup Scripts
 
-A bash script to automate the initial setup of a Linux server with essential security configurations and tools.
+Collection of bash scripts to automate the initial setup of a Linux server with essential security configurations and Docker installation.
+
+## Scripts
+
+- **`serversetup.sh`** - Basic server setup with security hardening
+- **`dockerinit.sh`** - Docker installation and configuration
 
 ## Features
 
+### Server Setup (`serversetup.sh`)
 - Creates a new user with sudo privileges
 - Sets up SSH key authentication for the new user
 - Updates system packages
 - Installs essential packages (ufw, fail2ban, htop, curl, wget, git, unzip)
 - Configures UFW firewall with SSH access
 - Sets up and starts Fail2Ban for intrusion prevention
+- SSH hardening (disables password auth, root login)
+- Swap file configuration (2GB)
+- System monitoring tools
+
+### Docker Setup (`dockerinit.sh`)
+- Removes old Docker packages
+- Installs official Docker CE from Docker repository
+- Supports both Ubuntu and Debian
+- Adds user to docker group
+- Configures Docker daemon for security and performance
+- Sets up useful Docker aliases and cleanup functions
+- Includes Docker Compose
 
 ## Prerequisites
 
@@ -19,6 +37,8 @@ A bash script to automate the initial setup of a Linux server with essential sec
 
 ## Usage
 
+### Server Setup Script
+
 1. Make the script executable:
    ```bash
    chmod +x serversetup.sh
@@ -34,22 +54,55 @@ A bash script to automate the initial setup of a Linux server with essential sec
    ./serversetup.sh john
    ```
 
-## What the Script Does
+### Docker Installation Script
+
+1. Make the script executable:
+   ```bash
+   chmod +x dockerinit.sh
+   ```
+
+2. Run the script (optionally with a username parameter):
+   ```bash
+   ./dockerinit.sh [username]
+   ```
+
+   Examples:
+   ```bash
+   ./dockerinit.sh          # Uses current user
+   ./dockerinit.sh john     # Adds 'john' to docker group
+   ```
+
+## Complete Server Setup
+
+For a complete server setup with Docker, run both scripts:
+
+```bash
+# First set up the server
+./serversetup.sh myuser
+
+# Then install Docker
+./dockerinit.sh myuser
+```
+
+## What the Scripts Do
+
+### Server Setup Script (`serversetup.sh`)
 
-### 1. User Management
+#### 1. User Management
 - Creates a new user account with the provided username
 - Adds the user to the sudo group for administrative privileges
 
-### 2. SSH Configuration
+#### 2. SSH Configuration
 - Creates `.ssh` directory for the new user
 - Copies existing SSH authorized keys to the new user (if available)
 - Sets proper permissions (700 for `.ssh`, 600 for `authorized_keys`)
+- Hardens SSH configuration (disables password auth, root login, X11 forwarding)
 
-### 3. System Updates
+#### 3. System Updates
 - Updates package lists
 - Upgrades all installed packages to latest versions
 
-### 4. Package Installation
+#### 4. Package Installation
 - **ufw**: Uncomplicated Firewall for easy firewall management
 - **fail2ban**: Intrusion prevention system
 - **htop**: Interactive process viewer
@@ -58,34 +111,93 @@ A bash script to automate the initial setup of a Linux server with essential sec
 - **git**: Version control system
 - **unzip**: Archive extraction utility
 
-### 5. Security Configuration
-- Configures UFW firewall to allow SSH connections
+#### 5. Security Configuration
+- Configures UFW firewall (deny incoming, allow outgoing, allow SSH/HTTP/HTTPS)
 - Enables UFW firewall
-- Enables and starts Fail2Ban service
+- Configures and starts Fail2Ban with custom SSH jail
+- Creates system monitoring script (`sysinfo` command)
+
+#### 6. System Optimization
+- Creates 2GB swap file with low swappiness (10)
+- Configures proper swap persistence
+
+### Docker Installation Script (`dockerinit.sh`)
+
+#### 1. Cleanup and Preparation
+- Removes old/conflicting Docker packages
+- Updates system packages
+- Installs prerequisites (ca-certificates, curl)
+
+#### 2. Repository Setup
+- Detects OS (Ubuntu/Debian) automatically
+- Downloads and installs Docker's official GPG key
+- Adds Docker's official repository
+
+#### 3. Docker Installation
+- Installs Docker CE, CLI, containerd, buildx, and compose plugins
+- Adds specified user to docker group (no more sudo needed)
+- Enables and starts Docker service
+
+#### 4. Configuration and Optimization
+- Configures Docker daemon with:
+  - Log rotation (10MB max, 3 files)
+  - Overlay2 storage driver
+  - Live restore capability
+  - Security optimizations
+
+#### 5. Testing and Setup
+- Verifies installation with version checks
+- Runs hello-world container test
+- Sets up useful Docker aliases:
+  - `dps` - docker ps
+  - `dpsa` - docker ps -a
+  - `di` - docker images
+  - `dcp` - docker compose
+  - `dcup` - docker compose up -d
+  - `dcdown` - docker compose down
+  - `dclogs` - docker compose logs -f
+  - `dcleanup` - cleanup function for unused resources
 
 ## Security Notes
 
-- The script allows SSH access through the firewall by default
-- Fail2Ban is configured with default settings to prevent brute force attacks
-- SSH key authentication is set up if keys are available
-- The new user has sudo privileges - ensure you trust this user
+### Server Setup
+- SSH password authentication is disabled (key-based auth only)
+- Root login via SSH is disabled
+- UFW firewall blocks all incoming except SSH, HTTP, HTTPS
+- Fail2Ban prevents brute force attacks with 1-hour bans
+- New user has sudo privileges - ensure you trust this user
+- SSH keys must be properly configured before running
+
+### Docker Setup
+- Docker daemon is configured with security best practices
+- User is added to docker group (no sudo needed for docker commands)
+- Log rotation prevents disk space issues
+- Live restore keeps containers running during daemon updates
 
 ## Customization
 
-You can modify the script to:
+### Server Setup Script
 - Install additional packages by adding them to the `apt install` line
-- Configure additional UFW rules
-- Customize Fail2Ban configuration by creating custom jail files
+- Configure additional UFW rules for specific services
+- Customize Fail2Ban jail settings in the jail.local section
+- Modify swap file size (default: 2GB)
+- Add custom system monitoring commands to the `sysinfo` script
+
+### Docker Installation Script
+- Modify Docker daemon configuration in `/etc/docker/daemon.json`
+- Add custom Docker aliases to the aliases section
+- Change log rotation settings (default: 10MB, 3 files)
+- Customize the cleanup function for different needs
 
 ## Troubleshooting
 
-### Common Issues
+### Server Setup Issues
 
 1. **"Could not copy SSH keys" warning**
    - This occurs if `~/.ssh/authorized_keys` doesn't exist
    - You can manually set up SSH keys later
 
-2. **Permission denied errors**
+2. **Permission denied errors**  
    - Ensure you're running the script with sudo privileges
    - Check that the script is executable (`chmod +x serversetup.sh`)
 
@@ -93,10 +205,35 @@ You can modify the script to:
    - Ensure internet connectivity
    - Try running `sudo apt update` manually first
 
+4. **SSH connection issues after setup**
+   - Make sure SSH keys are properly configured
+   - Test connection before logging out of current session
+   - Use `ssh -v username@server-ip` for verbose debugging
+
+### Docker Installation Issues
+
+1. **"Unsupported OS" error**
+   - Currently supports Ubuntu and Debian only
+   - Check `/etc/os-release` for your OS identification
+
+2. **Docker group permissions**
+   - Log out and back in after installation
+   - Or run `newgrp docker` to refresh group membership
+
+3. **Docker test fails but installation succeeds**
+   - This is normal and doesn't indicate a problem
+   - Test manually with `docker run hello-world`
+
+4. **Repository/GPG key errors**
+   - Check internet connectivity
+   - Verify DNS resolution works
+   - Try running the script again (it's safe to re-run)
+
 ### Verification
 
-After running the script, verify the setup:
+After running the scripts, verify the setup:
 
+#### Server Setup Verification
 ```bash
 # Check if new user exists
 id <username>
@@ -109,12 +246,34 @@ sudo systemctl status fail2ban
 
 # Test SSH access with new user
 ssh <username>@<server-ip>
+
+# Check system info
+sysinfo
+```
+
+#### Docker Installation Verification
+```bash
+# Check Docker version
+docker --version
+
+# Check Docker Compose version  
+docker compose version
+
+# Test Docker functionality
+docker run hello-world
+
+# Check if user is in docker group
+groups
+
+# Test Docker aliases (after reloading shell)
+dps
+di
 ```
 
 ## License
 
-This script is provided as-is for educational and administrative purposes. Use at your own risk.
+These scripts are provided as-is for educational and administrative purposes. Use at your own risk.
 
 ## Contributing
 
-Feel free to submit issues or pull requests to improve this script.
+Feel free to submit issues or pull requests to improve these scripts.
diff --git a/dockerinit.sh b/dockerinit.sh
new file mode 100644
index 0000000..1c2dcc8
--- /dev/null
+++ b/dockerinit.sh
@@ -0,0 +1,149 @@
+#!/bin/bash
+
+# Docker Installation Script
+# Usage: ./dockerinit.sh [username]
+
+echo "Starting Docker installation..."
+
+# Check if username is provided, otherwise use current user
+if [ -n "$1" ]; then
+    USERNAME="$1"
+else
+    USERNAME="$(whoami)"
+fi
+
+echo "Installing Docker for user: $USERNAME"
+
+# Remove old Docker packages
+echo "Removing old Docker packages..."
+for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do 
+    sudo apt-get remove -y $pkg 2>/dev/null || true
+done
+
+# Add Docker's official GPG key:
+echo "Setting up Docker repository..."
+sudo apt-get update
+sudo apt-get install -y ca-certificates curl
+
+# Create keyrings directory
+sudo install -m 0755 -d /etc/apt/keyrings
+
+# Detect OS and set appropriate GPG key URL
+if [ -f /etc/os-release ]; then
+    . /etc/os-release
+    case "$ID" in
+        ubuntu)
+            GPG_URL="https://download.docker.com/linux/ubuntu/gpg"
+            REPO_URL="https://download.docker.com/linux/ubuntu"
+            ;;
+        debian)
+            GPG_URL="https://download.docker.com/linux/debian/gpg"
+            REPO_URL="https://download.docker.com/linux/debian"
+            ;;
+        *)
+            echo "Unsupported OS: $ID"
+            exit 1
+            ;;
+    esac
+else
+    echo "Cannot detect OS. /etc/os-release not found."
+    exit 1
+fi
+
+# Download and install GPG key
+sudo curl -fsSL "$GPG_URL" -o /etc/apt/keyrings/docker.asc
+sudo chmod a+r /etc/apt/keyrings/docker.asc
+
+# Add the repository to Apt sources:
+echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] $REPO_URL \
+  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
+  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+# Update package index
+sudo apt-get update
+
+# Install Docker packages
+echo "Installing Docker packages..."
+sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+
+# Add user to docker group (avoid using sudo with docker)
+echo "Adding user $USERNAME to docker group..."
+sudo usermod -aG docker "$USERNAME"
+
+# Enable and start Docker service
+echo "Enabling Docker service..."
+sudo systemctl enable docker
+sudo systemctl start docker
+
+# Configure Docker daemon for better security and performance
+echo "Configuring Docker daemon..."
+sudo mkdir -p /etc/docker
+sudo tee /etc/docker/daemon.json > /dev/null <<EOF
+{
+  "log-driver": "json-file",
+  "log-opts": {
+    "max-size": "10m",
+    "max-file": "3"
+  },
+  "storage-driver": "overlay2",
+  "userland-proxy": false,
+  "experimental": false,
+  "live-restore": true
+}
+EOF
+
+# Restart Docker to apply configuration
+sudo systemctl restart docker
+
+# Verify installation
+echo "Verifying Docker installation..."
+sudo docker --version
+sudo docker compose version
+
+# Test Docker with hello-world (optional)
+echo "Testing Docker installation..."
+if sudo docker run --rm hello-world >/dev/null 2>&1; then
+    echo "✅ Docker test successful!"
+else
+    echo "⚠️  Docker test failed, but installation may still be working"
+fi
+
+# Create useful Docker aliases and functions
+echo "Setting up Docker aliases..."
+cat >> ~/.bashrc << 'EOF'
+
+# Docker aliases
+alias dps='docker ps'
+alias dpsa='docker ps -a'
+alias di='docker images'
+alias dcp='docker compose'
+alias dcup='docker compose up -d'
+alias dcdown='docker compose down'
+alias dclogs='docker compose logs -f'
+
+# Docker cleanup function
+dcleanup() {
+    echo "Cleaning up Docker..."
+    docker system prune -f
+    docker volume prune -f
+    docker network prune -f
+}
+EOF
+
+echo ""
+echo "🐳 Docker installation completed successfully!"
+echo ""
+echo "Important notes:"
+echo "1. User '$USERNAME' has been added to the docker group"
+echo "2. You may need to log out and back in for group changes to take effect"
+echo "3. Or run: newgrp docker"
+echo "4. Docker aliases have been added to ~/.bashrc"
+echo "5. Use 'dcleanup' function to clean up unused Docker resources"
+echo ""
+echo "Test your installation with:"
+echo "  docker --version"
+echo "  docker run hello-world"
+echo ""
+echo "For Docker Compose:"
+echo "  docker compose version"
\ No newline at end of file