v0.80.0

What's Changed

• Added configure_2fa function that sets up TOTP-based MFA for the user.
• Configures SSH to require AuthenticationMethods publickey,keyboard-interactive. This enforces a "Key + Code" (or Key + Code + Password) requirement, preventing access if only the private key is compromised.
• Generates and displays the QR code directly in the terminal (via qrencode).
• Includes a "safe rollback" verification step: users must verify a successful login in a new terminal before changes are permanently applied.
• Extracted show_connection_options from configure_ssh into a global helper function to support connection instructions in both SSH and 2FA setup stages.
• Updated the final summary report to indicate 2FA status.

Full Changelog: v0.79.1...v0.80.0

v0.79.1

What's Changed

Missed the collections from last update now added. Setup will enable default Linux and iptables collections and then ask user if they want to enable any more collection.

Browse collections at: https://app.crowdsec.net/hub/collections

Full Changelog: v0.79.0...v0.79.1

v0.79.0

What's Changed

Added CrowdSec as a selectable Intrusion Detection System (IDS) alongside fail2Ban.

• IDS Selection: Users can now choose between Fail2Ban, CrowdSec, or skipping IDS setup entirely during the interactive prompt.
• CrowdSec Setup: Implemented configure_crowdsec to handle repository setup, agent installation, and the firewall bouncer (iptables/UFW).
• Log Parity: Configured CrowdSec to actively monitor /var/log/ufw.log, ensuring parity with the existing Fail2Ban configuration.
• Refactor: Moved IDS package installation out of the base package list to support conditional installation.
• Reporting: Updated generate_summary to dynamically display the status, metrics, and bans for the specific IDS selected.

Full Changelog: v0.78.5...v0.79.0

v0.78.5

What's Changed

• Update .bashrc to use nano as default editor in #88

Full Changelog: v0.78.4...v0.78.5

v0.78.4

What's Changed

• Improved configure_swap to detect swap partitions vs files. #87
• Prevents 'fallocate' crashes on physical partitions by offering to disable them or skip. #87

Full Changelog: v0.78.3...v0.78.4

v0.78.3

What's Changed

• Improve enviorment detection in summary and run apt-upgrade at final step 86

Full Changelog: v0.78.2...v0.78.3

v0.78.2

What's Changed

• Set hostname in /etc/hosts 83
• Fix hostname and disable cloud-init for hostname setting on cloud VPS 84
• Update cloud-init config for hostname to persist 85

Full Changelog: v0.78.1...v0.78.2

v0.78.1

What's Changed

• Fix collect_config to work on IPv6 only servers

Full Changelog: v0.78...v0.78.1

v0.78

What's Changed

• Script tries to handle different environments: Direct Public IP, NAT/Router and Local VM only
• The configure_ssh function provides context-aware instructions based on different environments.
• In setup_user handle if group exists, but user doesn't - attach user to existing group.
• various shellcheck fixes

Full Changelog: v0.77.2...v0.78

v0.77.2

What's Changed

• unbound variable fix for SSH when on local VM
• check_dependencies before check_system to avoid failures on minimal servers without curl
• Update collect_config to make more resilient with additional echo websites for ip detection and handle local ips.

Full Changelog: v0.77.1...v0.77.2