first commit

files/miscscripts/download-essentials.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+isInFile=$(cat /etc/os-release | grep -c "ID=debian")
+if [ $isInFile -eq 1 ]; then
+    curl -O http://192.168.1.50/debian/debian-essentials.sh
+    chmod +x debian-essentials.sh
+    sudo ./debian-essentials.sh
+fi
+
+isInFile=$(cat /etc/os-release | grep -c "ID=ubuntu")
+if [ $isInFile -eq 1 ]; then
+    curl -O http://192.168.1.50/ubuntu/ubuntu-essentials.sh
+    chmod +x ubuntu-essentials.sh
+    sudo ./ubuntu-essentials.sh
+fi

files/miscscripts/futurecommands.txt

@@ -0,0 +1 @@
+grep -qxF "alias lsa='ls -alhF'" /etc/bash.bashrc || echo "alias lsa='ls -alhF'" >>/etc/bash.bashrc

files/miscscripts/joinad.sh

@@ -0,0 +1,60 @@
+apt update
+apt -y install realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
+#Say no to WINS via DNS
+
+realm discover ad.akanealw.com
+
+realm join -U nwettstein ad.akanealw.com
+
+realm list
+
+bash -c "cat > /usr/share/pam-configs/mkhomedir" <<EOF
+Name: activate mkhomedir
+Default: yes
+Priority: 900
+Session-Type: Additional
+Session:
+        required                        pam_mkhomedir.so umask=0022 skel=/etc/skel
+EOF
+
+pam-auth-update
+#Enable mkhomedir
+
+nano /etc/sssd/sssd.conf
+#Change two lines
+
+use_fully_qualified_names = False
+fallback_homedir = /home/%u
+
+realm permit -g DebianLogin
+
+realm list
+
+nano /etc/sudoers.d/domain_admins
+#Insert three lines
+
+%Domain\ Admins@ad.akanealw.com     ALL=(ALL)     ALL
+nwettstein@ad.akanealw.com     ALL=(ALL)     ALL
+nwettstein     ALL=(ALL)     NOPASSWD:ALL
+
+systemctl restart sssd
+
+systemctl status sssd
+
+systemctl restart sshd
+
+systemctl status sshd
+
+exit
+
+relog as nwettstein
+
+groups
+
+#Add nwettstein to necessary groups
+usermod -a -G docker nwettstein
+usermod -a -G www-data nwettstein
+
+#Disable root account
+passwd -l root
+passwd -S root

files/miscscripts/pihole-cloudsync-pull-setup.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+sudo git config --global credential.helper store
+sudo git clone http://192.168.1.41:9000/akanealw/pihole-cloudsync.git /opt/pihole-cloudsync
+sudo ln -s /opt/pihole-cloudsync/pihole-cloudsync /usr/local/bin/pihole-cloudsync
+sudo mkdir /opt/pihole-cloudsync-lists
+cd /opt/pihole-cloudsync-lists
+sudo git init
+sudo git config --global init.defaultBranch main
+sudo git remote add origin http://192.168.1.41:9000/akanealw/pihole-cloudsync-lists.git
+sudo pihole-cloudsync --init --pull --remote http://192.168.1.41:9000/akanealw/pihole-cloudsync-lists.git
+sudo /usr/local/bin/pihole-cloudsync --pull
+cat > /home/akanealw/pihole-cloudsync-pull.sh << EOF
+sudo /usr/local/bin/pihole-cloudsync --pull > /home/akanealw/pihole-cloudsync-pull.log 2>&1
+EOF
+sudo chmod +x /home/akanealw/pihole-cloudsync-pull.sh
+croncmd="/home/akanealw/pihole-cloudsync-pull.sh"
+cronjob="10 * * * * $croncmd"
+( sudo crontab -l | grep -v -F "$croncmd" ; echo "$cronjob" ) | sudo crontab -

files/miscscripts/pihole-cloudsync-push-setup.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+sudo git config --global credential.helper store
+sudo git clone http://192.168.1.41:9000/akanealw/pihole-cloudsync.git /opt/pihole-cloudsync
+sudo ln -s /opt/pihole-cloudsync/pihole-cloudsync /usr/local/bin/pihole-cloudsync
+sudo mkdir /opt/pihole-cloudsync-lists
+cd /opt/pihole-cloudsync-lists
+sudo git init
+sudo git config --global init.defaultBranch main
+sudo git remote add origin http://192.168.1.41:9000/akanealw/pihole-cloudsync-lists.git
+sudo pihole-cloudsync --init --push --remote http://192.168.1.41:9000/akanealw/pihole-cloudsync-lists.git
+sudo /usr/local/bin/pihole-cloudsync --push
+cat > /home/akanealw/pihole-cloudsync-push.sh << EOF
+sudo /usr/local/bin/pihole-cloudsync --push > /home/akanealw/pihole-cloudsync-push.log 2>&1
+EOF
+sudo chmod +x /home/akanealw/pihole-cloudsync-push.sh
+croncmd="/home/akanealw/pihole-cloudsync-push.sh"
+cronjob="0 * * * * $croncmd"
+( sudo crontab -l | grep -v -F "$croncmd" ; echo "$cronjob" ) | sudo crontab -

files/miscscripts/rsync-backup-vps.sh

@@ -0,0 +1,9 @@
+rsync -azvP -e "ssh -i ~/.ssh/vultrvps" --progress --dry-run \
+--include=/ \
+--include=/home/*** \
+--exclude=/unbound/dev/*** \
+--include=/etc \
+--include=/etc/wireguard/*** \
+--include=/etc/haproxy/*** \
+--exclude=* \
+root@10.8.0.9:/ /mnt/backups/vultrvpsbackup/$(/bin/date +%Y-%m-%d)

files/miscscripts/rsync-pull-with-public-key-to-local.sh

@@ -0,0 +1,12 @@
+rsync -azvP -e "ssh -i ~/.ssh/publickey" --progress \
+--exclude=/etc/fstab \
+--exclude=/etc/network/* \
+--exclude=/lib/modules \
+--exclude=/proc/* \
+--exclude=/tmp/* \
+--exclude=/sys/* \
+--exclude=/dev/* \
+--exclude=/mnt/* \
+--exclude=/boot/* \
+--exclude=/root/* \
+hostname:/ /

files/miscscripts/serverbackup-cronjob.txt

@@ -0,0 +1 @@
+0 */12 * * * /home/akanealw/serverbackup.sh >> /home/akanealw/$(hostname)-backup.log

files/miscscripts/serverbackup-networkshare.txt

@@ -0,0 +1,2 @@
+# nfs shares
+192.168.1.41:/mnt/data/backups/serverbackups /mnt/backups nfs defaults,nolock,soft 0 0

files/miscscripts/serverbackup.sh

@@ -0,0 +1,6 @@
+rsync -arzv --mkpath --delete --no-links /home/akanealw/ /mnt/backups/$(hostname)/akanealw/
+rsync -arzv --mkpath /var/spool/cron/crontabs/ /mnt/backups/$(hostname)/cron/crontabs/
+rsync -arzv --mkpath --delete --no-links --exclude 'ipc-socket' --exclude 'ibtmp1' /opt/docker/ /mnt/backups/$(hostname)/docker/
+rsync -arzv --mkpath /etc/fstab /mnt/backups/$(hostname)/fstab
+rsync -arzv --mkpath /etc/network/interfaces /mnt/backups/$(hostname)/
+rsync -arzv --mkpath /etc/samba/smb.conf /mnt/backups/$(hostname)/smb.conf

files/miscscripts/ssh-config.txt

@@ -0,0 +1,8 @@
+    cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak ; \
+    sed -i "s,^#PermitRootLogin prohibit-password.*,PermitRootLogin no," /etc/ssh/sshd_config ; \
+    sed -i "s,^#PubkeyAuthentication yes.*,PubkeyAuthentication no," /etc/ssh/sshd_config ; \
+    sed -i "s,^#PasswordAuthentication yes.*,PasswordAuthentication yes," /etc/ssh/sshd_config ; \
+    echo "Match Address 192.168.1.*" >> /etc/ssh/sshd_config ; \
+    echo "Match Group sshusers" >> /etc/ssh/sshd_config ; \
+    echo "#AuthorizedKeysFile /etc/ssh/sshusers_authorized_keys" >> /etc/ssh/sshd_config ; \
+    touch /etc/ssh/sshusers_authorized_keys ; \

files/miscscripts/start-all-docker.sh

@@ -0,0 +1,2 @@
+docker compose -f /opt/docker/admin-compose.yml up -d
+docker compose -f /opt/docker/docker-compose.yml up -d

files/miscscripts/stop-all-docker.sh

@@ -0,0 +1,2 @@
+docker compose -f /opt/docker/docker-compose.yml down
+docker compose -f /opt/docker/admin-compose.yml down

files/miscscripts/transfer-bash.bashrc.bak-to-remote-scp.sh

@@ -0,0 +1,21 @@
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.30:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.31:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.32:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.33:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak root@192.168.1.34:/root
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.35:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.36:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.37:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.38:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.39:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.40:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.41:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.42:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.43:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.44:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.45:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.46:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.47:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.48:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.49:/home/akanealw
+sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.50:/home/akanealw

files/miscscripts/wsl-essentials.sh

@@ -0,0 +1,72 @@
+#!/bin/bash
+
+# create akanealw file in /etc/sudoers.d
+if [[ ! -f /etc/sudoers.d/akanealw ]] ; then
+    echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw
+    groupadd sshusers
+    usermod -a -G sshusers akanealw
+fi
+
+# remove all motd
+apt-get remove --purge update-motd > /dev/null 2>&1
+rm /etc/default/motd-news > /dev/null 2>&1
+rm -r /etc/update-motd.d > /dev/null 2>&1
+rm /etc/motd > /dev/null 2>&1
+
+# update and upgrade
+apt-get update
+apt-get upgrade -y
+
+# download and install packages
+apt-get install -y curl wget git rsync man-db cifs-utils nfs-common libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion openssh-client
+
+# git config
+git config --global credential.helper store
+git config --global user.name "akanealw"
+git config --global user.email "akanealw@gmail.com"
+git config --global init.defaultBranch main
+
+# set bash preferences and aliases
+if [[ ! -f /etc/bash.bashrc.bak ]] ; then
+    cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1
+fi
+rm /etc/bash.bashrc > /dev/null 2>&1
+cp /etc/bash.bashrc.bak /etc/bash.bashrc
+echo "" >> /etc/bash.bashrc
+echo "# custom settings and aliases" >> /etc/bash.bashrc
+echo "set -o noclobber" >> /etc/bash.bashrc
+echo "alias lsa='ls -alhF'" >> /etc/bash.bashrc
+echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
+echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
+echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
+echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
+echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
+echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
+echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
+echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
+echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
+echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
+echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
+echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
+echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
+echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
+echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
+echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
+echo "alias dc='docker compose'" >> /etc/bash.bashrc
+echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc
+echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc
+echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc
+echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc
+echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc
+echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc
+echo "alias dps='docker ps'" >> /etc/bash.bashrc
+echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc
+
+# create tmux config
+rm /etc/tmux.conf* > /dev/null 2>&1
+echo "unbind C-b" >> /etc/tmux.conf
+echo "set-option -g prefix C-a" >> /etc/tmux.conf
+echo "bind-key C-a send-prefix" >> /etc/tmux.conf
+
+# enable ping for non-root users
+setcap 'cap_net_admin,cap_net_raw+ep' $(which ping)