Ympker's Multipurpose Serverkit (Ympkit) - Discussion

Ympker

The idea:

Since I have yet to find something like Centminmod/VPSSIM for Debian based Systems,
I have decided to roll my own (in a way) to faciliate/speed up tasks.
It will let you run various tasks/scripts (which atleast I would use frequently) by entering the specific number. While some system taks/setups will be fully automated this will rarely be the case. So it won't be an unattendant install script but rather pulling the required scripts from other Github projects and initializing the setup process in which you would then obviously need to take over and go along. It will always name the used source (#comments) in case you run into any issues so you can look for ways to fix this or report it accordingly.

I have released the very first version of this kit Tuesday night and it is crazy how much it has grown since then thanks to Wolveix and the feedback of many super cool people over at another forum. If you have any suggestions or ideas what scripts should be added please feel free to post it in the comments

Github link: https://github.com/NicolasLoew/Ympkit

Also:

To anyone (now or in the future) disliking @Wolveix involvement in this (which I highly doubt), that is to say him having taken over the wheel a bit recently, I'll say this:

My intention was to kickstart this project to facilitate my workflow on Debian-based Systems as I grew very fond of @eva2000 impressive Centmin Mod and thought it would be great to have something like this for Debian based systems. I never planned to take all the credit. There is a reason why I shared my idea of this project with the community and if anything, I'm more than happy to see so many people getting excited about the project and contributing in several ways (commits/ideas/testing..). I take it my knowledge about coding in bash is limited and there is only so much I could have done and it might have taken me way longer to implent some things. The second goal was to learn something about bash coding along the way and your feedback and Wolveix involvement has been contributing to that. So by all means let's continue this cool project and make it something we all can be proud of

ALSO: I did not want to offend anyone by writing this and I ahve also not taken any offense by anyone. It is just that more and more people recognize Wolveix involvement in this project (which is positive) so I thought a statement would be appropriate

Kind regards,

Ympker

Ympker

Demo (Debian, Ubuntu, CentOS):

While the kit is actually designed for Debian Based Systems CentOS is technically also supported to some extent

hzr

my biggest complaint is that they're pretty much all unauthenticated, unhashed, unsigned curl | bash.. I would feel safer, for example, if you kept git-committed known-good install scripts in separate folders in your repo and loaded them as needed instead of calling out to random third party domains

Ympker

@hzr said:
my biggest complaint is that they're pretty much all unauthenticated, unhashed, unsigned curl | bash.. I would feel safer, for example, if you kept git-committed known-good install scripts in separate folders in your repo and loaded them as needed instead of calling out to random third party domains

I'll keep this in mind and see if I can add this. I can definitly see where you are coming from. Shouldn't take too long to do either. Exams are coming up until end of July so won't be able to improve it that much during that time but after that it's semester break so I'll have more time to look into it

hzr

part of my thinking is also that if the script executes, that means that my server can access raw.githubusercontent.com and download things from there, but it makes no promises for resolving or accessing any other domains.

you also do some --no-check-certificate to completely ignore tls, instead of doing something like apt install ca-certificates if they aren't loaded already

Ympker

@hzr said:
part of my thinking is also that if the script executes, that means that my server can access raw.githubusercontent.com and download things from there, but it makes no promises for resolving or accessing any other domains.

you also do some --no-check-certificate to completely ignore tls, instead of doing something like apt install ca-certificates if they aren't loaded already

Well it originated from the idea of easying my personal workflow instead of being a public project. It only became that through the surprisingly high frecuency of feedback and excitement on HB. So initially it would just have been about my personal risk so wget --no-check-certificate was something I could personally deal with as I would've been the only one bearing that risk. So the script was first coded having this approach in mind.
Now, I still plan to keep this script heavily oriented on what will ease my workflow and makes my life more comfortable - as was my inital idea - however, with more people interested in this and getting involved I will give more thought to security and further suggestions and consider adding them. I, however, don't have time for another full-time project as Uni, Work and RL keep me occupied so I am doing this on the side. Everyone is free to contribute to this extent. Please understand that I will only do so much though. If you ever should feel it's not meeting your standards or you'd like for it to head in a totally different direction you can of course make a fork and do your own tweaks. I shared it with the community to have others "benefit" from the effort I put into this and give rise to even more creative projects and ideas rather than keeping everything to myself.

Thanks for your feedback btw. (think I forgot to say that)