README
¶
INIQ
INIQ (pronounced "in-ick") is a command-line tool for Linux system initialization. It streamlines the process of setting up new systems with proper user accounts, SSH access, and security configurations.
Platform Support
INIQ officially supports Linux only for production use:
- Linux AMD64
- Linux ARM64
Note: While INIQ can be built and tested on macOS for development purposes, it is designed specifically for Linux servers and is not supported for production use on macOS.
Features
- User Management: Create and configure non-root users
- SSH Key Management: Import SSH keys from various sources (local files, GitHub, GitLab, URLs)
- Sudo Configuration: Configure sudo access with or without password
- SSH Security: Disable root login and password authentication
- System Status: Check current system configuration without making changes
- Backup Feature: Automatically create timestamped backups of configuration files
- Password Management: Set passwords for users interactively
- Interactive Mode: Guided setup with sensible defaults
- Non-Interactive Mode: Suitable for scripting and automation
- Configuration Files: Support for YAML configuration files
Quick Start
Installation
Option 1: Using the install script (Recommended)
Install INIQ globally using curl:
curl -L https://raw.githubusercontent.com/teomyth/iniq/main/install.sh | sudo bash
Or using wget:
wget -qO- https://raw.githubusercontent.com/teomyth/iniq/main/install.sh | sudo bash
Option 2: Manual installation
For Linux (AMD64) using curl:
curl -L https://github.com/teomyth/iniq/releases/latest/download/iniq-linux-amd64.tar.gz -o iniq.tar.gz
tar -xzf iniq.tar.gz
chmod +x iniq
sudo mv iniq /usr/local/bin/
For Linux (AMD64) using wget:
wget https://github.com/teomyth/iniq/releases/latest/download/iniq-linux-amd64.tar.gz -O iniq.tar.gz
tar -xzf iniq.tar.gz
chmod +x iniq
sudo mv iniq /usr/local/bin/
For Linux (ARM64) using curl:
curl -L https://github.com/teomyth/iniq/releases/latest/download/iniq-linux-arm64.tar.gz -o iniq.tar.gz
tar -xzf iniq.tar.gz
chmod +x iniq
sudo mv iniq /usr/local/bin/
For Linux (ARM64) using wget:
wget https://github.com/teomyth/iniq/releases/latest/download/iniq-linux-arm64.tar.gz -O iniq.tar.gz
tar -xzf iniq.tar.gz
chmod +x iniq
sudo mv iniq /usr/local/bin/
Install and Run
Install INIQ and run immediately using curl:
curl -L https://raw.githubusercontent.com/teomyth/iniq/main/install.sh | sudo bash && sudo iniq
Or using wget:
wget -qO- https://raw.githubusercontent.com/teomyth/iniq/main/install.sh | sudo bash && sudo iniq
Important: INIQ requires sudo privileges for full functionality. The script will automatically request elevated privileges when needed. If you prefer to run with sudo directly, see the "Advanced Usage" section below.
Usage Examples
Basic Setup with Local Key
Create a non-root user with sudo privileges and set up SSH key authentication:
sudo iniq -u newuser -k /path/to/id_rsa.pub
Setup with GitHub Keys
Create a non-root user and fetch SSH keys from a GitHub account:
sudo iniq -u newuser -k gh:username
Full Security Hardening
Create a non-root user, set up SSH keys, and apply security hardening:
sudo iniq -u newuser -k gh:username -a
Check System Status
Check current system configuration without making changes:
sudo iniq --status
Check status for a specific user:
sudo iniq --status -u username
Running Without Sudo
Limited functionality - only operations that don't require root privileges:
iniq -S -k gh:username
For more usage examples and detailed documentation, see the sections below.
Sudo Privileges
INIQ requires sudo privileges for most of its functionality, including:
- Creating new users
- Configuring sudo access
- Modifying SSH server configuration
- Applying security hardening measures
Adding a User to Sudo Group
If your user doesn't have sudo privileges, you can add it to the sudo group. Try these methods in order:
Method 1: Using sudo (Recommended)
If you have basic sudo access, this is the preferred method:
On Debian/Ubuntu:
sudo usermod -aG sudo $(whoami)
On CentOS/RHEL/Fedora:
sudo usermod -aG wheel $(whoami)
Method 2: Using su (If sudo fails)
If the above method fails, try using su:
On Debian/Ubuntu:
su -c "/usr/sbin/usermod -aG sudo $(whoami)"
On CentOS/RHEL/Fedora:
su -c "/usr/sbin/usermod -aG wheel $(whoami)"
Method 3: Recovery Mode (If both methods fail)
If both methods fail (common on fresh OS installations):
- Restart your system
- At the GRUB boot menu, select "Advanced options"
- Choose "Recovery mode"
- Select "root" to get a root shell
- Run the appropriate command:
On Debian/Ubuntu:
usermod -aG sudo USERNAME
On CentOS/RHEL/Fedora:
usermod -aG wheel USERNAME
- Exit and resume normal boot
Note: Replace
USERNAMEwith your actual username.The full path to
usermod(/usr/sbin/usermod) is specified to ensure it works even if the command is not in the PATH. If you encounter a "command not found" error, you may need to locate the usermod binary on your system withwhich usermodorfind /usr -name usermod.
After adding your user to the sudo group, you'll need to log out and log back in for the changes to take effect.
Running with Limited Functionality
If you can't obtain sudo privileges, you can still use INIQ with limited functionality.
Skip operations requiring sudo:
iniq -S -k gh:username
This will only perform operations that don't require elevated privileges, such as configuring SSH keys for the current user.
Advanced Usage
After installation, you can run INIQ with various options.
Run in interactive mode (recommended for first-time users):
sudo iniq
Run in non-interactive mode with specific options:
sudo iniq -y --user admin --key gh:username
Check system status without making changes:
sudo iniq --status
Development
INIQ is an open-source project and contributions are welcome. If you're interested in contributing to INIQ, please check out our development documentation.
Quick Start for Development
Clone the repository:
git clone https://github.com/teomyth/iniq.git
cd iniq
Setup development environment:
task setup
Run tests:
task test
For detailed development instructions, including prerequisites, setup, and available commands, see the Development Guide.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
iniq
command
Package main is the entry point for the INIQ application
|
Package main is the entry point for the INIQ application |
|
devtools
|
|
|
devserver
command
|
|
|
internal
|
|
|
features
Package features defines the core feature interface and common functionality
|
Package features defines the core feature interface and common functionality |
|
features/security
Package security implements the SSH security configuration feature
|
Package security implements the SSH security configuration feature |
|
features/ssh
Package ssh implements the SSH key management feature
|
Package ssh implements the SSH key management feature |
|
features/sudo
Package sudo implements the sudo configuration feature
|
Package sudo implements the sudo configuration feature |
|
features/user
Package user implements the user management feature
|
Package user implements the user management feature |
|
logger
Package logger provides logging functionality for the application
|
Package logger provides logging functionality for the application |
|
utils
Package utils provides utility functions for INIQ
|
Package utils provides utility functions for INIQ |
|
version
Package version provides version information for the INIQ application
|
Package version provides version information for the INIQ application |
|
pkg
|
|
|
osdetect
Package osdetect provides operating system detection and information
|
Package osdetect provides operating system detection and information |
|
sshkeys
Package sshkeys provides SSH key handling functionality
|
Package sshkeys provides SSH key handling functionality |