- Overview
- Requirements
- Installation
- Post-Installation
- Usage Examples
- Terminator Terminal
- Shell Operations Previewed in Ultimate Plumber
- ripgrep (rg) - Fast Recursive Search
- sd - Search & Displace (sed replacement)
- fd - Fast File Finder
- moreutils - Advanced Unix Tools
- tldr - Simplified Command Examples
- bat - Syntax-Highlighted File Viewer
- jq - JSON Processor
- Arrow Key History Search
- hstr - Enhanced History Search
- unp - Universal Unpacker
- httpie - User-Friendly HTTP Client
- ncdu - Disk Usage Analyzer
- uv - Fast Python Package Manager
- fzf - Fuzzy Finder
- zoxide - Smart Directory Navigation
- Shell Helper Functions
- eget - Easy Binary Installation
- gitsnip - Download Specific Folders from Git Repositories
- lazygit - Terminal UI for Git Commands
- lazydocker - Terminal UI for Docker
- Configuration Files
- Security Considerations
- Compatibility
- Tools Reference
- Troubleshooting
- Customization
- Contributing
- License
- Acknowledgments
A comprehensive automation script for setting up a fresh Debian/Kali Linux installation with development tools, terminal enhancements, and security-focused configurations.
This script configures a fresh Debian-based Linux system (optimized for Kali Linux) with essential development tools, modern terminal utilities, and productivity enhancements. It's designed for security professionals, developers, and power users who want a consistent, well-configured Linux environment.
- OS: Debian-based Linux distribution (Ubuntu, Debian, Kali Linux)
- Network: Internet connection for package downloads
- Storage: ~2GB free space for all tools and dependencies
git clone https://github.com/c0ffee0wl/linux-setup.git
cd linux-setup
./linux-setup.shThe script supports the following command-line options:
./linux-setup.sh # Interactive mode (default) - prompts for user confirmation
./linux-setup.sh --force # Non-interactive mode - auto-answers "Yes" to all prompts
./linux-setup.sh --help # Display usage information
# NOT RECOMMENDED ON FIRST RUN, because then some customizations are not installed
./linux-setup.sh --no # Non-interactive mode - auto-answers "No" to all prompts
# Skip hacking tools even on Kali Linux
./linux-setup.sh --no-hacking-toolsInteractive Mode (default): By default, the script will prompt you for confirmation on certain actions:
- Overwriting existing
.zshrcconfiguration (default: Yes) - Changing default shell to zsh (default: Yes)
- Overwriting existing Terminator configuration (default: No)
- Configuring German keyboard layout in XFCE (default: No)
Notes:
- Backups are automatically created with timestamps before overwriting any files
- All package installations (Docker, Go, Rust, Node.js, tools, etc.) happen automatically without prompts
Force Mode (--force or -f):
Use this flag to run the script non-interactively, automatically answering "Yes" to all prompts. This is useful for:
- Automated/unattended installations
- Running in scripts or provisioning tools
No Mode (--no or -n):
Use this flag to run the script non-interactively, automatically answering "No" to all prompts. This is useful for:
- Installing packages without overwriting existing configurations
- Running the script but skipping optional configurations
No Hacking Tools (--no-hacking-tools):
Use this flag to skip installation of hacking/pentest tools even when running on Kali Linux. Skipped tools include:
- massdns, mitmproxy
- Project Discovery tools (pdtm and all tools it installs)
- BloodHoundAnalyzer
- bbot, NetExec
- System verification: Checks OS compatibility and user privileges
- Package updates: Updates system packages and repositories
- Tool installation: Installs all development and productivity tools
- Configuration: Sets up shell, terminal, and system preferences
- Security setup: Configures Docker and sandboxing tools
- Cleanup: Removes unnecessary packages and cleans package cache
After running the script:
- Log out and back in for all changes to take effect
- Verify installations:
docker --version go version rustc --version
This section demonstrates practical usage of the installed tools with real-world examples.
The script configures Terminator as the default terminal emulator with custom keybindings and settings optimized for productivity.
Tab Management:
Ctrl+T- Open new tabCtrl+Tab- Next tabCtrl+Shift+Tab- Previous tabCtrl+1throughCtrl+6- Switch to tab 1-6 directlyCtrl+Shift+Page_Down- Move current tab rightCtrl+Shift+Page_Up- Move current tab leftAlt+<Arrow>- Switch to left/right/upper/lower terminalCtrl+D- Close terminalSuper+N- Insert tab number in terminalSuper+R- Rename/edit tab titleSuper+T- Edit terminal title
Window Splitting:
Super+Y- Split terminal horizontallySuper+A- Split terminal verticallyCtrl+Shift+Super+D- Close window
Search & Navigation:
Ctrl+F- Search in terminal output
Terminal Features:
- Copy on selection - Text is automatically copied when selected
- Infinite scrollback - Never lose terminal history
- Tab numbers plugin - Visual tab numbers for easy navigation
Note:
Superkey is typically the Windows/Command key on most keyboards.
Classic Unix command pipelines with awk, cut, and sed, previewed with up - the Ultimate Plumber, safely bubblewrapped in a sandbox.
# Toggle between command and result with Ctrl+P (up tool integration)
cat users.txt | # Press Ctrl+P to interactively build the pipeline
# Press Ctrl+X when satisfied with the sandboxed preview to actually execute
# Process user data: extract field, trim path, remove header/footer
cat users.txt | awk '{print $5}' | cut -d '/' -f2 | sed '1,2d; $d'
# Sandboxed shell execution with bubblewrap (polster is a custom alias defined by this setup)
polster sh # Isolated, restricted shell environmentripgrep (rg) - Fast Recursive Search
# Clone example repository for testing
git clone --depth=1 https://github.com/Orange-Cyberdefense/GOAD.git
cd GOAD
# Basic search (respects .gitignore by default)
rg hodor
# Case-insensitive search with context lines
rg -i "night watch" -C2
# Search with more context
rg "horse" -C4
# Performance comparison
time rg -i hodor
time grep -i hodor -r
# Additional ripgrep flags:
# -i: case insensitive
# -v: invert matching
# -A n: show n lines after match
# -B n: show n lines before match
# -C n: show n lines of context (before and after)
# -u, -uu, -uuu: unrestricted searching (gitignored, hidden, binary files)
# -l: list files matching
# -e: pattern (regex) to search for
# -o: show only matching fragmentsd - Search & Displace (sed replacement)
# Simple text replacement
sd "horse" "Pferd" ad/GOAD/data/config.json
# Pipeline usage - replace newlines with commas
cat ~/users.txt | sd '\n' ',' | tail
# Extract path components with regex capture groups
echo "sample with /path/" | sd '.*(/.*/)' '$1'fd - Fast File Finder
# Find files by name pattern
fd rockyou /
# Find all filenames containing "rdp"
fd rdp
# Find hidden files in home directory
fd --hidden zsh ~
# Find only directories
fd --type d
# Find by file extension
fd -e md
# Find and execute commands on results
fd README --type f --exec wc -w # Count words in all README filesmoreutils - Advanced Unix Tools
The moreutils package includes several useful utilities, with sponge being particularly helpful for in-place file editing:
# Problem: Standard piping overwrites the file before reading
cat users.txt | awk '{print $4}' > users.txt # This BREAKS the file!
# Solution: Use sponge to safely modify files in-place
cat users.txt | awk '{print $4}' | sponge users.txt # Safe in-place edit
# Backup before using sponge
cp users.txt{,.bup}
# Example: Extract column 4 and overwrite original file
cat users.txt | awk '{print $4}' | sponge users.txt
# Restore from backup if needed
rm users.txt
cp users.txt.bup users.txt
# WARNING: sponge buffers entire output in memory before writing!
# Be careful with large files or long-running commands.Other useful tools from moreutils:
combine: Combine files using set operationschronic: Run commands quietly unless they failts: Add timestamps to outputvidir: Edit directory contents in your text editorvipe: Edit pipe data interactively
# View all installed moreutils tools
dpkg -L moreutils
# Read documentation
man sponge
man combinetldr - Simplified Command Examples
tldr provides simple, practical examples for command-line tools (community-driven alternative to traditional man pages):
# Get quick examples for a command
tldr tar
# Update tldr database
tldr --update
# Search for commands (for it to work requires previous --update)
tldr --list | grep networkbat - Syntax-Highlighted File Viewer
bat is a cat clone with syntax highlighting and Git integration:
# View a file with syntax highlighting (batcat is aliased to cat)
bat script.py
# View with line numbers
bat -n config.json
# Show non-printable characters
bat -A file.txt
# View multiple files
bat src/*.rs
# Page through long files automatically
bat large-log.txt
# Compare with cat (plain output)
batcat --paging=never file.pyNote: The script aliases
cattobatcat --theme=Coldark-Cold --paging=neverfor everyday use.
jq - JSON Processor
jq is a lightweight command-line JSON processor:
# Pretty-print JSON
echo '{"name":"Alice","age":30}' | jq '.'
# Extract a specific field
curl -s https://api.github.com/users/github | jq '.name'
# Filter array elements
echo '[{"name":"Alice","age":30},{"name":"Bob","age":25}]' | jq '.[] | select(.age > 26)'
# Get all keys from an object
echo '{"a":1,"b":2,"c":3}' | jq 'keys'
# Transform data
echo '{"first":"John","last":"Doe"}' | jq '{fullname: "\(.first) \(.last)"}'
# Work with files
jq '.users[].email' data.json
# Combine with other tools
cat package.json | jq '.dependencies' | grep -i reactThe shell is configured with incremental history search using the up/down arrow keys. Simply type the beginning of a command and press the up arrow to search backward through commands that start with what you've typed, or down arrow to search forward.
# Type a command prefix, then press up/down arrows
git # Press up arrow to cycle through commands starting with 'git'
cd # Press up arrow to find previous 'cd' commandsThis provides quick access to recent commands without needing to launch a full search interface. For more advanced history search with filtering and visual interface, use hstr (see below).
hstr - Enhanced History Search
hstr provides better command history navigation (configured with Ctrl+R):
# Press Ctrl+R to launch interactive history search
# Type to filter commands, use arrows to navigate
# Or use the hh alias
hh
# Search for specific pattern
hstr docker
# Configuration in .zshrc provides:
# - Ctrl+R: Interactive history search with filtering
# - Visual highlighting of search results
# - Better than default Ctrl+R searchOfficial Video Tutorials:
- Dvorka's Demo - Demonstration by the creator
- Zack's Tutorial - User tutorial
- Yu-Jie Lin's Presentation - Feature showcase
unp - Universal Unpacker
unp automatically detects and extracts various archive formats:
# Extract any archive type
unp archive.zip
unp tarball.tar.gz
unp file.rar
unp data.7z
# Supported formats: zip, tar, tar.gz, tar.bz2, tar.xz, rar, 7z, deb, rpm, and morehttpie - User-Friendly HTTP Client
httpie is a modern, user-friendly alternative to curl with intuitive syntax, JSON support, and colorized output:
# Simple GET request (auto-formats JSON response)
http https://api.github.com/users/github
# GET request with query parameters
http GET https://httpbin.org/get search==httpie lang==en
# POST request with JSON data (JSON is the default)
http POST https://httpbin.org/post name=Alice email=alice@example.com
# POST with explicit JSON
http POST https://api.example.com/users name=Bob age:=25 active:=true
# Custom headers
http GET https://api.example.com/data Authorization:"Bearer TOKEN" User-Agent:CustomClient
# Download a file
http --download https://example.com/file.zip
# Basic authentication
http -a username:password https://api.example.com/secure
# Form data (instead of JSON)
http --form POST https://httpbin.org/post name=Alice file@document.pdf
# Upload JSON file
http POST https://api.example.com/data < data.json
# Pretty-print existing JSON file
http --print=b --pretty=all --offline < messy.json
# Follow redirects
http --follow https://example.com/redirect
# Show request and response headers
http --verbose GET https://httpbin.org/headers
# Session support (saves cookies and auth)
http --session=./session.json https://api.example.com/login username=alice password=secret
http --session=./session.json https://api.example.com/profilencdu - Disk Usage Analyzer
ncdu provides an interactive disk usage analyzer:
# Analyze current directory
ncdu
# Analyze specific directory
ncdu /var
# Analyze with progress indicator
ncdu --color dark /home
# Export results to file
ncdu -o diskusage.json
# Navigate with arrow keys:
# Up/Down: Navigate items
# Right/Enter: Open directory
# Left: Go to parent directory
# d: Delete selected file/directory
# g: Show percentage and/or graph
# q: Quituv - Fast Python Package Manager
uv is an extremely fast Python package installer and resolver, written in Rust. It's 10-100x faster than pip:
uv --help
# Virtual environment management
uv venv .venv
source .venv/bin/activate
uv pip install flask
# Run Python tools without installing (uvx is shorthand for uv tool run)
uv tool run ruff # Run tool without parameters
uv tool run httpie httpbin.org/get # Run tool with parameters
uv tool run git+https://github.com/astral-sh/ruff # Run tool directly from Git
# Install tools globally
uv tool install ruff
# Install tools directly from git repositories
uv tool install git+https://github.com/astral-sh/ruff
# Install from specific branch or commit
uv tool install git+https://github.com/user/tool@main
# Other useful commands
uv pip compile requirements.in -o requirements.txt # Pin dependencies
uv pip sync requirements.txt # Match requirements exactly
uv pip list --outdated # Check for updatesfzf - Fuzzy Finder
fzf is a general-purpose command-line fuzzy finder:
# Search files in current directory
fzf
# Preview files while searching
fzf --preview 'bat --color=always {}'
# Search command history
history | fzf
# Fuzzy find and open in editor
vim $(fzf)
# Search running processes
ps aux | fzf
# Search and kill process
kill -9 $(ps aux | fzf | awk '{print $2}')
# Multi-select files (Tab to select, Enter to confirm)
rm $(fzf --multi)Note: The
cdcommand is replaced byzoxidefor smart frecency-based directory navigation.
zoxide - Smart Directory Navigation
zoxide is a smarter cd command that tracks your most frequently and recently used directories:
# After using zoxide for a while, jump to directories by partial name
cd doc # cd to ~/Documents if that's your highest ranking match
cd ~/pro # cd to ~/projects
cd foo bar # cd into highest ranked directory matching foo and bar
cd .. # Works like normal cd
# View zoxide's database
zoxide query --list
# Remove a directory from the database
zoxide remove /path/to/dirThe script provides convenient shell functions for common directory operations:
# mkcd - Create directory and cd into it
mkcd ~/new/project/path
# Equivalent to: mkdir -p ~/new/project/path && cd ~/new/project/path
# tempe - Create temporary directory and cd into it
tempe
# Creates a temp dir with 700 permissions and navigates to it
# tempe with subdirectory
tempe mywork
# Creates temp dir, then creates and enters 'mywork' subdirectoryeget - Easy Binary Installation
eget is a tool that makes it easy to install pre-built binaries from GitHub releases:
eget --help
# Install tools from GitHub releases
eget neovim/neovim
# Install specific version
eget zyedidia/micro --tag nightly
# Install to specific location
eget jgm/pandoc --to /usr/local/bin
# Install with asset filtering (avoid musl builds)
eget ogham/exa --asset ^musl
# Install for specific system
eget --system darwin/amd64 sharkdp/fd
# Download from direct URL
eget https://go.dev/dl/go1.17.5.linux-amd64.tar.gz --file go --to ~/go1.17.5gitsnip - Download Specific Folders from Git Repositories
gitsnip allows you to download specific folders from any Git repository without cloning the entire repo:
# Basic usage: gitsnip <repo-url> <subdir> <output-dir>
# Download a specific folder from a public repository (default method is sparse checkout)
gitsnip https://github.com/user/repo src/components ./my-components
# Download from specific branch
gitsnip https://github.com/user/repo docs ./docs -b develop
# Use API method instead of sparse checkout
gitsnip https://github.com/user/repo src/utils ./utils -m api
# Download from private repository (requires GitHub token)
gitsnip https://github.com/user/private-repo config ./config -t YOUR_GITHUB_TOKENlazygit - Terminal UI for Git Commands
lazygit provides a simple terminal UI for git commands, making complex Git operations intuitive and visual:
# Launch lazygit in current repository
lazygit
# Create convenient alias (add to .zshrc)
echo "alias lg='lazygit'" >> ~/.zshrc
# Advanced: Change directory on exit
# If you change repos in lazygit and want your shell to change directory into that repo on exiting lazygit, add this to your ~/.zshrc (or other rc file)
lg()
{
export LAZYGIT_NEW_DIR_FILE=~/.lazygit/newdir
lazygit "$@"
if [ -f $LAZYGIT_NEW_DIR_FILE ]; then
cd "$(cat $LAZYGIT_NEW_DIR_FILE)"
rm -f $LAZYGIT_NEW_DIR_FILE > /dev/null
fi
}Key Features:
- Stage individual lines - Partial staging with intuitive interface
- Interactive rebase - Squash, fixup, drop, edit, reorder commits visually
- Cherry-pick - Visual cherry-picking of commits
- Amend old commits - Fix commits deep in history
- Undo/Redo - Easy mistake recovery
- Commit graph - Visualize branch structure
- Git worktrees - Manage multiple working trees
- Custom commands - Define your own keybindings
- Rebase magic - Create custom patches interactively
Common Keyboard Shortcuts (inside lazygit):
Space- Stage/unstage files or hunksa- Stage/unstage allc- Commit changesP- Pushp- Pulle- Edit fileo- Open files- Stash changesi- Start interactive rebaser- Refresh?- Show keybindings help
Documentation:
Official Video Tutorials:
- 15 Lazygit Features in 15 Minutes - Quick feature overview
- Basics Tutorial - Getting started guide
lazydocker - Terminal UI for Docker
lazydocker provides a simple terminal UI for both docker and docker-compose, making container management visual and intuitive:
# Launch lazydocker
lazydocker
# Create convenient alias (add to .zshrc)
echo "alias lzd='lazydocker'" >> ~/.zshrcKey Features:
- Container overview - View all containers and services at a glance
- Real-time logs - Stream logs from containers with color coding
- Metrics graphs - ASCII graphs of CPU, memory, and network usage
- Quick actions - Restart, remove, rebuild containers with single keys
- Image management - View image layers and ancestry
- Pruning - Clean up unused containers, images, and volumes
- Mouse support - Click to navigate (optional)
- Custom commands - Define your own shortcuts
- docker-compose support - Full integration with compose services
Common Keyboard Shortcuts (inside lazydocker):
[/]- Navigate between containers, images, volumesm- View container logss- View container statse- Execute shell in containerr- Restart containerd- Remove containerp- Prune unused resourcesx- Execute custom command?- Show keybindings help
Documentation:
Official Video Tutorials:
- Demo & Basic Tutorial - Introduction and walkthrough
The script creates/modifies these configuration files:
Shell & Terminal:
~/.zshrc- Enhanced Zsh configuration with custom aliases and integrations~/.config/terminator/config- Terminator terminal settings~/.config/terminator/plugins/tab_numbers.py- Tab numbers plugin for Terminator~/.config/gtk-3.0/gtk.css- GTK terminal padding configuration (8px)
Desktop Environment (XFCE):
~/.config/xfce4/helpers.rc- Default terminal application settings~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-screensaver.xml- Screensaver settings~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-power-manager.xml- Power management settings~/.config/xfce4/xfconf/xfce-perchannel-xml/keyboard-layout.xml- Keyboard layout (German)
System Configuration:
/etc/systemd/resolved.conf.d/disable-stub.conf- DNS stub listener configuration/etc/apt/sources.list.d/docker.list- Docker CE repository/etc/apt/sources.list.d/vscode.sources- Visual Studio Code repository
Runtime Environments (Conditional):
~/.cargo/env- Rust/Cargo environment (if installed via rustup)~/.rustup/- Rust toolchain directory (if installed via rustup)~/.nvm/- Node Version Manager directory (if installed via nvm)
- No root execution: Script refuses to run as root for security
- User verification: Prompts before making system changes
- Sandboxed tools: Includes bubblewrap for command isolation
- Docker security: User added to docker group (requires logout)
| Distribution | Status | Notes |
|---|---|---|
| Kali Linux | ✅ Full support | All features enabled |
| Debian | ✅ Compatible | Pentesting tools skipped. Tested: 12, 13 |
| Ubuntu | ✅ Compatible | Pentesting tools skipped. Tested: 22.04 LTS, 24.04 LTS |
| Other Debian-based | Not tested |
This section provides a comprehensive reference of all tools installed by the script, including links to their documentation and availability information.
| Tool | Homepage | Documentation |
|---|---|---|
| build-essential | Debian Package | man pages |
| curl | curl.se | Documentation |
| wget | GNU Wget | Manual |
| git | git-scm.com | Documentation |
| htop | htop.dev | man page |
| lsof | lsof | man page |
| ncdu | ncdu | man page |
| tree | tree | man page |
| unp | Debian Package | man page |
| exiftool | exiftool.org | Documentation |
| ufw | UFW | man page |
| Tool | Homepage | Documentation |
|---|---|---|
| ripgrep (rg) | GitHub | User Guide |
| fd (fd-find) | GitHub | README |
| sd | GitHub | README |
| bat | GitHub | README |
| fzf | GitHub | README |
| jq | jqlang.github.io | Manual |
| moreutils | joeyh.name | man pages |
| httpie | httpie.io | Documentation |
| name-that-hash | GitHub | README |
| tldr | GitHub | Documentation |
| eget | GitHub | Documentation |
| gitsnip | GitHub | README |
| Tool | Homepage | Documentation |
|---|---|---|
| zsh | zsh.org | Documentation |
| hstr | GitHub | README |
| zoxide | GitHub | README |
| up | GitHub | README |
| lazygit | GitHub | Documentation |
| terminator | terminator-gtk3 | Documentation |
| Tool | Homepage | Documentation |
|---|---|---|
| Python 3 | python.org | Documentation |
| Go (golang) | go.dev | Documentation |
| Rust (rustc) | rust-lang.org | Documentation |
| Cargo | doc.rust-lang.org | Book |
| Node.js | nodejs.org | Documentation |
| npm | npmjs.com | Documentation |
| Tool | Homepage | Documentation |
|---|---|---|
| pipx | GitHub | Documentation |
| uv | GitHub | Documentation |
| Tool | Homepage | Documentation |
|---|---|---|
| Docker CE | docker.com | Documentation |
| lazydocker | GitHub | Documentation |
| ufw-docker | GitHub | README |
| bubblewrap | GitHub | man page |
| Tool | Homepage | Documentation |
|---|---|---|
| gedit | GNOME | Help |
| meld | meldmerge.org | Help |
| Visual Studio Code | code.visualstudio.com | Docs |
| xsel | xsel | man page |
| Fira Code Font | GitHub | README |
| Tool | Homepage | Documentation |
|---|---|---|
| massdns | GitHub | README |
| mitmproxy | mitmproxy.org | Documentation |
| pdtm | GitHub | README |
| ProjectDiscovery Tools | projectdiscovery.io | Documentation |
| bbot | GitHub | Documentation |
| NetExec | GitHub | Wiki |
| BloodHoundAnalyzer | GitHub | README |
Script fails with permission errors:
# Ensure user has sudo privileges
sudo -lDocker commands fail after installation:
# Log out and back in, or run:
newgrp dockerZsh not set as default shell:
chsh -s /usr/bin/zshRun with verbose output:
bash -x ./linux-setup.shThe script can be modified for different environments:
- Package selection: Edit the package list in the script
- Shell configuration: Modify the
.zshrctemplate - Terminal setup: Adjust Terminator configuration
- Tool selection: Comment out unwanted tool installations
- Fork the repository
- Create a feature branch
- Test on multiple distributions
- Submit a pull request
This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.
- Based on Kali Linux default configurations
- Inspired by modern terminal and shell enhancements