diff --git a/files/bashscripts/fileserver/akanealw/backup-scripts-to-gitrepo.sh b/files/bashscripts/fileserver/akanealw/backup-scripts-to-gitrepo.sh index b63803e..a42acee 100755 --- a/files/bashscripts/fileserver/akanealw/backup-scripts-to-gitrepo.sh +++ b/files/bashscripts/fileserver/akanealw/backup-scripts-to-gitrepo.sh @@ -7,7 +7,8 @@ if ping -c 1 192.168.1.41 &> /dev/null && sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \ && rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \ && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/ \ - && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/root/" + && rsync -azvP /home/akanealw/scripts/olivetin/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/olivetin/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/root/" # dockerserver ssh dockerserver "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \ diff --git a/files/bashscripts/proxyserver/akanealw/crontab.bak b/files/bashscripts/proxyserver/akanealw/crontab.bak index e69de29..7cd32e5 100644 --- a/files/bashscripts/proxyserver/akanealw/crontab.bak +++ b/files/bashscripts/proxyserver/akanealw/crontab.bak @@ -0,0 +1,25 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +10 * * * * /home/akanealw/scripts/backup-bookmarks.sh +0 16 * * * /home/akanealw/scripts/ping-before-copy-backups-to-truenas.sh diff --git a/files/bashscripts/proxyserver/akanealw/debian-essentials.sh b/files/bashscripts/proxyserver/akanealw/debian-essentials.sh index b302380..1609e9d 100755 --- a/files/bashscripts/proxyserver/akanealw/debian-essentials.sh +++ b/files/bashscripts/proxyserver/akanealw/debian-essentials.sh @@ -1,32 +1,39 @@ #!/bin/bash # autoreply config update dialog with no -if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then - echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local - echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local - echo " "--force-confold";" >> /etc/apt/apt.conf.d/local - echo "}" >> /etc/apt/apt.conf.d/local +if [[ ! -f /etc/apt/apt.conf.d/local ]] + then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local fi # update bookworm to new debian.sources file -if [[ -f /etc/apt/sources.list ]] ; then - isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") - if [ $isInFile -eq 0 ]; then - mkdir /etc/apt/mirrors > /dev/null 2>&1 - echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list - echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list - echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources - echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources - echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources - echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources - echo "" >> /etc/apt/sources.list.d/debian.sources - echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources - echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources - echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources - echo "Components: main" >> /etc/apt/sources.list.d/debian.sources - mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 - rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 - fi +if [[ -f /etc/apt/sources.list.d/debian.sources ]] + then + echo "Sources already updated" + else + isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") + if [ $isInFile -eq 0 ] + then + mkdir /etc/apt/mirrors > /dev/null 2>&1 + echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list + echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources + echo "" >> /etc/apt/sources.list.d/debian.sources + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main" >> /etc/apt/sources.list.d/debian.sources + mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 + rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 + else + echo "Bullseye detected, skipping sources update" + fi fi # update and upgrade @@ -38,20 +45,22 @@ apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unz # add akanealw user if not existing isInFile=$(cat /etc/passwd | grep -c "akanealw") -if [ $isInFile -eq 0 ]; then - echo "Set password for akanealw" - useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw - mkdir /home/akanealw/.ssh - chown akanealw:akanealw /home/akanealw/.ssh - chmod 700 /home/akanealw/.ssh - cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 - chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 - chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 +if [ $isInFile -eq 0 ] + then + echo "Set password for akanealw" + useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw + mkdir /home/akanealw/.ssh + chown akanealw:akanealw /home/akanealw/.ssh + chmod 700 /home/akanealw/.ssh + cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 + chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 + chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 fi # create akanealw file in /etc/sudoers.d -if [[ ! -f /etc/sudoers.d/akanealw ]] ; then - echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw +if [[ ! -f /etc/sudoers.d/akanealw ]] + then + echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw fi # enable ping for all users @@ -70,32 +79,25 @@ git config --global user.email "akanealw@gmail.com" git config --global init.defaultBranch main # show ip in /etc/issue +wget -qO /etc/issue.default http://192.168.1.50/debian/issue.default +rm /etc/issue > /dev/null 2>&1 +cp /etc/issue.default /etc/issue name=$(basename /sys/class/net/e*) -isInFile=$(cat /etc/issue | grep -c "$name") -if [ $isInFile -eq 0 ]; then -cp /etc/issue /etc/issue.bak +echo "" >> /etc/issue echo "$name: \4{$name}" >> /etc/issue echo "" >> /etc/issue -fi # set input preferences -if [[ ! -f /etc/inputrc.bak ]] ; then - cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 -fi +wget -qO /etc/inputrc.default http://192.168.1.50/debian/inputrc.default rm /etc/inputrc > /dev/null 2>&1 -cp /etc/inputrc.bak /etc/inputrc +cp /etc/inputrc.default /etc/inputrc echo "" >> /etc/inputrc echo "set completion-ignore-case On" >> /etc/inputrc # set bash preferences and aliases -if [[ -f /etc/bash.bashrc.default ]] ; then - mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 -fi -if [[ ! -f /etc/bash.bashrc.bak ]] ; then - cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 -fi +wget -qO /etc/bash.bashrc.default http://192.168.1.50/debian/bash.bashrc.default rm /etc/bash.bashrc > /dev/null 2>&1 -cp /etc/bash.bashrc.bak /etc/bash.bashrc +cp /etc/bash.bashrc.default /etc/bash.bashrc echo "" >> /etc/bash.bashrc echo "# custom settings and aliases" >> /etc/bash.bashrc echo "set -o noclobber" >> /etc/bash.bashrc @@ -134,115 +136,10 @@ echo "bind-key C-a send-prefix" >> /etc/tmux.conf # create credentials and map network drives isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") -if [ $isInFile -eq 0 ]; then - mkdir /mnt/truenasdata > /dev/null 2>&1 - chown akanealw:akanealw /mnt/truenasdata - echo "# nfs shares" >> /etc/fstab - echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab -fi - -# ask to install samba -if [[ ! -f /etc/samba/smb.conf ]] ; then - read -r -p "Install Samba? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then - apt-get install -y samba --no-install-recommends - # configure default samba share - (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw - sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf - isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]") - if [ $isInFile -eq 0 ]; then - echo "[akanealw]" >> /etc/samba/smb.conf - echo " comment = akanealw" >> /etc/samba/smb.conf - echo " read only = no" >> /etc/samba/smb.conf - echo " path = /home/akanealw" >> /etc/samba/smb.conf - echo " guest ok = no" >> /etc/samba/smb.conf - echo "" >> /etc/samba/smb.conf - fi - fi -fi - -# ask to install docker -if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then - read -r -p "Install Docker? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then - # prepare for install - apt-get update - apt-get install -y ca-certificates curl gnupg lsb-release - mkdir -p /home/akanealw/docker/appdata - chown -R akanealw:akanealw /home/akanealw/docker - mkdir -m 0755 -p /etc/apt/keyrings - curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - # install docker - apt-get update - apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin - # post install - groupadd docker > /dev/null 2>&1 - usermod -aG docker akanealw - systemctl enable docker.service - systemctl enable containerd.service - fi -fi - -# ask to regenerate machine-id -if [[ ! -f /etc/machine-id-regenerated ]] ; then - read -r -p "Regenerate machine-id? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then - # regenerate machine-id - rm -f /etc/machine-id /var/lib/dbus/machine-id - dbus-uuidgen --ensure=/etc/machine-id - dbus-uuidgen --ensure - touch /etc/machine-id-regenerated - fi -fi - -# ask to regenerate ssh host keys -if [[ ! -d /etc/cloud ]] ; then - if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then - read -r -p "Regenerate SSH Keys? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then - rm /etc/ssh/ssh_host_* - dpkg-reconfigure openssh-server - mkdir /home/akanealw/.ssh - touch /home/akanealw/.ssh/ssh_keys_regenerated - chmod 700 /home/akanealw/.ssh - chown -R akanealw:akanealw /home/akanealw/.ssh - fi - fi -fi - -# ask to set static ip address -if [[ ! -d /etc/cloud ]] ; then - if [[ ! -f /etc/network/interfaces.bak ]] ; then - read -r -p "Set Static IP address? " prompt - if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then - read -r -p "Enter Static IP Address with subnet prefix: " staticip - read -r -p "Enter Gateway IP Address: " gatewayip - read -r -p "Enter Primary DNS IP Address: " dnsip1 - read -r -p "Enter Secondary DNS IP Address: " dnsip2 - # get adapter name - name=$(basename /sys/class/net/e*) - # backup original interfaces file - if [[ ! -f /etc/network/interfaces.bak ]] ; then - cp /etc/network/interfaces /etc/network/interfaces.bak - fi - rm /etc/network/interfaces - cp /etc/network/interfaces.bak /etc/network/interfaces - # set static ip - sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces - echo " address $staticip" >> /etc/network/interfaces - echo " gateway $gatewayip" >> /etc/network/interfaces - # backup resolv.conf file - if [[ ! -f /etc/resolv.conf.bak ]] ; then - cp /etc/resolv.conf /etc/resolv.conf.bak - fi - rm /etc/resolv.conf - # set primary dns ip - echo "nameserver $dnsip1" >> /etc/resolv.conf - echo "nameserver $dnsip2" >> /etc/resolv.conf - # restart the interface - ifdown $name - ifup $name - fi - fi +if [ $isInFile -eq 0 ] + then + mkdir /mnt/truenasdata > /dev/null 2>&1 + chown akanealw:akanealw /mnt/truenasdata + echo "# nfs shares" >> /etc/fstab + echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab fi diff --git a/files/bashscripts/proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh b/files/bashscripts/proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh new file mode 100755 index 0000000..deb2692 --- /dev/null +++ b/files/bashscripts/proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +ssh -i ~/.ssh/dockerserver \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.30 \ +"docker restart gluetun \ +&& echo "gluetun restarting" \ +&& sleep 45 \ +&& docker restart jdownloader \ +&& echo "jdownloader restarting" \ +&& sleep 5 \ +&& docker restart qbittorrent \ +&& echo "qbittorrent restarting" \ +&& sleep 5 \ +&& docker restart sabnzbd \ +&& echo "sabnzbd restarting" \ +&& curl -fsS -m 10 --retry 5 -o /dev/null \ +https://uptimekuma.akanealw.com/api/push/eT36YM3T94?status=up&msg=OK&ping=" diff --git a/files/bashscripts/proxyserver/akanealw/olivetin/restart-jdownloader.sh b/files/bashscripts/proxyserver/akanealw/olivetin/restart-jdownloader.sh old mode 100644 new mode 100755 index ef29460..372c404 --- a/files/bashscripts/proxyserver/akanealw/olivetin/restart-jdownloader.sh +++ b/files/bashscripts/proxyserver/akanealw/olivetin/restart-jdownloader.sh @@ -1,6 +1,7 @@ #!/bin/bash -ssh -i /.ssh/dockerserver -o StrictHostKeyChecking=no \ +ssh -i ~/.ssh/dockerserver \ +-o StrictHostKeyChecking=no \ akanealw@192.168.1.30 \ "docker restart jdownloader \ && echo "jdownloader restarting"" diff --git a/files/bashscripts/proxyserver/akanealw/olivetin/restart-qbittorrent.sh b/files/bashscripts/proxyserver/akanealw/olivetin/restart-qbittorrent.sh old mode 100644 new mode 100755 index 9c188ce..316557f --- a/files/bashscripts/proxyserver/akanealw/olivetin/restart-qbittorrent.sh +++ b/files/bashscripts/proxyserver/akanealw/olivetin/restart-qbittorrent.sh @@ -1,6 +1,7 @@ #!/bin/bash -ssh -i /.ssh/dockerserver -o StrictHostKeyChecking=no \ +ssh -i ~/.ssh/dockerserver \ +-o StrictHostKeyChecking=no \ akanealw@192.168.1.30 \ "docker restart qbittorrent \ && echo "qbittorrent restarting"" diff --git a/files/bashscripts/proxyserver/akanealw/olivetin/restart-sabnzbd.sh b/files/bashscripts/proxyserver/akanealw/olivetin/restart-sabnzbd.sh old mode 100644 new mode 100755 index c489869..8bab19e --- a/files/bashscripts/proxyserver/akanealw/olivetin/restart-sabnzbd.sh +++ b/files/bashscripts/proxyserver/akanealw/olivetin/restart-sabnzbd.sh @@ -1,6 +1,7 @@ #!/bin/bash -ssh -i /.ssh/dockerserver -o StrictHostKeyChecking=no \ +ssh -i ~/.ssh/dockerserver \ +-o StrictHostKeyChecking=no \ akanealw@192.168.1.30 \ "docker restart sabnzbd \ && echo "sabnzbd restarting"" diff --git a/files/bashscripts/proxyserver/akanealw/olivetin/shutdown-proxmox1.sh b/files/bashscripts/proxyserver/akanealw/olivetin/shutdown-proxmox1.sh index a34598e..b0fde97 100755 --- a/files/bashscripts/proxyserver/akanealw/olivetin/shutdown-proxmox1.sh +++ b/files/bashscripts/proxyserver/akanealw/olivetin/shutdown-proxmox1.sh @@ -1 +1,4 @@ -ssh -i /.ssh/proxmox2 -o StrictHostKeyChecking=no akanealw@192.168.1.52 /home/akanealw/scripts/shutdown-proxmox1.sh +ssh -i ~/.ssh/proxmox2 \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.52 \ +/home/akanealw/scripts/shutdown-proxmox1.sh diff --git a/files/bashscripts/proxyserver/akanealw/olivetin/wake-proxmox1.sh b/files/bashscripts/proxyserver/akanealw/olivetin/wake-proxmox1.sh old mode 100644 new mode 100755 index 32ffd23..e41cd23 --- a/files/bashscripts/proxyserver/akanealw/olivetin/wake-proxmox1.sh +++ b/files/bashscripts/proxyserver/akanealw/olivetin/wake-proxmox1.sh @@ -1 +1,4 @@ -ssh -i /.ssh/proxmox2 -o StrictHostKeyChecking=no akanealw@192.168.1.52 /home/akanealw/scripts/wake-proxmox1.sh +ssh -i ~/.ssh/proxmox2 \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.52 \ +/home/akanealw/scripts/wake-proxmox1.sh