From d3b7f81f9b1b25e1d582b68d1d1073ab444bd5ed Mon Sep 17 00:00:00 2001 From: akanealw Date: Sun, 20 Aug 2023 19:26:08 -0500 Subject: [PATCH] updated scripts --- .../akanealw/backup-scripts-to-gitrepo.sh | 47 ++-- .../proxyserver/akanealw/crontab.bak | 25 -- .../proxyserver/akanealw/debian-essentials.sh | 248 ++++++++++++++++++ .../root/clean-plex-photo-cache.sh | 5 + .../bashscripts/proxyserver/root/crontab.bak | 1 + 5 files changed, 274 insertions(+), 52 deletions(-) create mode 100755 files/bashscripts/proxyserver/akanealw/debian-essentials.sh create mode 100755 files/bashscripts/proxyserver/root/clean-plex-photo-cache.sh diff --git a/files/bashscripts/fileserver/akanealw/backup-scripts-to-gitrepo.sh b/files/bashscripts/fileserver/akanealw/backup-scripts-to-gitrepo.sh index dd93fdb..d743c98 100755 --- a/files/bashscripts/fileserver/akanealw/backup-scripts-to-gitrepo.sh +++ b/files/bashscripts/fileserver/akanealw/backup-scripts-to-gitrepo.sh @@ -3,49 +3,42 @@ if ping -c 1 192.168.1.41 &> /dev/null then # proxyserver - ssh plexserver crontab -l | tee /home/akanealw/scripts/crontab.bak - ssh plexserver sudo crontab -l | sudo tee /root/scripts/crontab.bak - echo "starting proxyserver backup" - ssh proxyserver rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/ - ssh proxyserver sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/root/ + ssh plexserver "crontab -l | tee /home/akanealw/scripts/crontab.bak \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/root/" # dockerserver - ssh dockerserver crontab -l | tee /home/akanealw/scripts/crontab.bak - ssh dockerserver sudo crontab -l | sudo tee /root/scripts/crontab.bak - echo "starting dockerserver backup" - ssh dockerserver rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/dockerserver/akanealw/ - ssh dockerserver sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/dockerserver/root/ + ssh dockerserver "crontab -l | tee /home/akanealw/scripts/crontab.bak \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/dockerserver/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/dockerserver/root/" # plexserver - ssh plexserver crontab -l | tee /home/akanealw/scripts/crontab.bak - ssh plexserver sudo crontab -l | sudo tee /root/scripts/crontab.bak - echo "starting plexserver backup" - ssh plexserver rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/plexserver/akanealw/ - ssh plexserver sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/plexserver/root/ + ssh plexserver "crontab -l | tee /home/akanealw/scripts/crontab.bak \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/plexserver/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/plexserver/root/" # proxmox1 - ssh proxmox1 crontab -l | tee /home/akanealw/scripts/crontab.bak - ssh proxmox1 sudo crontab -l | sudo tee /root/scripts/crontab.bak - echo "starting proxmox1 backup" - ssh proxmox1 rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox1/akanealw/ - ssh proxmox1 sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox1/root/ + ssh proxmox1 "crontab -l | tee /home/akanealw/scripts/crontab.bak \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox1/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox1/root/" # proxmox2 - ssh proxmox2 crontab -l | tee /home/akanealw/scripts/crontab.bak - ssh proxmox2 sudo crontab -l | sudo tee /root/scripts/crontab.bak - echo "starting proxmox2 backup" - ssh proxmox2 rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox2/akanealw/ - ssh proxmox2 sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox2/root/ + ssh proxmox2 "crontab -l | tee /home/akanealw/scripts/crontab.bak \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox2/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox2/root/" # fileserver crontab -l | tee /home/akanealw/scripts/crontab.bak sudo crontab -l | sudo tee /root/scripts/crontab.bak - echo "starting fileserver backup" rsync -azvP /home/akanealw/scripts/ /home/akanealw/gitrepos/fileserver/files/bashscripts/fileserver/akanealw/ sudo rsync -azvP /root/scripts/ /home/akanealw/gitrepos/fileserver/files/bashscripts/fileserver/root/ # chown all files copied - echo "chowning all backup files in repo" sudo chown -R akanealw:akanealw /home/akanealw/gitrepos/fileserver/files/ else echo "TrueNAS is offline" curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vwn8owCG7W?status=down&msg=OK&ping= diff --git a/files/bashscripts/proxyserver/akanealw/crontab.bak b/files/bashscripts/proxyserver/akanealw/crontab.bak index 7cd32e5..e69de29 100644 --- a/files/bashscripts/proxyserver/akanealw/crontab.bak +++ b/files/bashscripts/proxyserver/akanealw/crontab.bak @@ -1,25 +0,0 @@ -# Edit this file to introduce tasks to be run by cron. -# -# Each task to run has to be defined through a single line -# indicating with different fields when the task will be run -# and what command to run for the task -# -# To define the time you can provide concrete values for -# minute (m), hour (h), day of month (dom), month (mon), -# and day of week (dow) or use '*' in these fields (for 'any'). -# -# Notice that tasks will be started based on the cron's system -# daemon's notion of time and timezones. -# -# Output of the crontab jobs (including errors) is sent through -# email to the user the crontab file belongs to (unless redirected). -# -# For example, you can run a backup of all your user accounts -# at 5 a.m every week with: -# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ -# -# For more information see the manual pages of crontab(5) and cron(8) -# -# m h dom mon dow command -10 * * * * /home/akanealw/scripts/backup-bookmarks.sh -0 16 * * * /home/akanealw/scripts/ping-before-copy-backups-to-truenas.sh diff --git a/files/bashscripts/proxyserver/akanealw/debian-essentials.sh b/files/bashscripts/proxyserver/akanealw/debian-essentials.sh new file mode 100755 index 0000000..b302380 --- /dev/null +++ b/files/bashscripts/proxyserver/akanealw/debian-essentials.sh @@ -0,0 +1,248 @@ +#!/bin/bash + +# autoreply config update dialog with no +if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update bookworm to new debian.sources file +if [[ -f /etc/apt/sources.list ]] ; then + isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") + if [ $isInFile -eq 0 ]; then + mkdir /etc/apt/mirrors > /dev/null 2>&1 + echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list + echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources + echo "" >> /etc/apt/sources.list.d/debian.sources + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main" >> /etc/apt/sources.list.d/debian.sources + mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 + rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 + fi +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# add akanealw user if not existing +isInFile=$(cat /etc/passwd | grep -c "akanealw") +if [ $isInFile -eq 0 ]; then + echo "Set password for akanealw" + useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw + mkdir /home/akanealw/.ssh + chown akanealw:akanealw /home/akanealw/.ssh + chmod 700 /home/akanealw/.ssh + cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 + chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 + chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 +fi + +# create akanealw file in /etc/sudoers.d +if [[ ! -f /etc/sudoers.d/akanealw ]] ; then + echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw +fi + +# enable ping for all users +setcap 'cap_net_admin,cap_net_raw+ep' $(which ping) + +# remove all motd +rm /etc/motd > /dev/null 2>&1 + +# disable systemd-networkd-wait-online.service +systemctl disable systemd-networkd-wait-online.service + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# show ip in /etc/issue +name=$(basename /sys/class/net/e*) +isInFile=$(cat /etc/issue | grep -c "$name") +if [ $isInFile -eq 0 ]; then +cp /etc/issue /etc/issue.bak +echo "$name: \4{$name}" >> /etc/issue +echo "" >> /etc/issue +fi + +# set input preferences +if [[ ! -f /etc/inputrc.bak ]] ; then + cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 +fi +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.bak /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +if [[ -f /etc/bash.bashrc.default ]] ; then + mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/bash.bashrc.bak ]] ; then + cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.bak /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc +echo "alias dc='docker compose'" >> /etc/bash.bashrc +echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc +echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc +echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc +echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc +echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc +echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc +echo "alias dps='docker ps'" >> /etc/bash.bashrc +echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# create credentials and map network drives +isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") +if [ $isInFile -eq 0 ]; then + mkdir /mnt/truenasdata > /dev/null 2>&1 + chown akanealw:akanealw /mnt/truenasdata + echo "# nfs shares" >> /etc/fstab + echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab +fi + +# ask to install samba +if [[ ! -f /etc/samba/smb.conf ]] ; then + read -r -p "Install Samba? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then + apt-get install -y samba --no-install-recommends + # configure default samba share + (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw + sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf + isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]") + if [ $isInFile -eq 0 ]; then + echo "[akanealw]" >> /etc/samba/smb.conf + echo " comment = akanealw" >> /etc/samba/smb.conf + echo " read only = no" >> /etc/samba/smb.conf + echo " path = /home/akanealw" >> /etc/samba/smb.conf + echo " guest ok = no" >> /etc/samba/smb.conf + echo "" >> /etc/samba/smb.conf + fi + fi +fi + +# ask to install docker +if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then + read -r -p "Install Docker? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + # prepare for install + apt-get update + apt-get install -y ca-certificates curl gnupg lsb-release + mkdir -p /home/akanealw/docker/appdata + chown -R akanealw:akanealw /home/akanealw/docker + mkdir -m 0755 -p /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + # install docker + apt-get update + apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + # post install + groupadd docker > /dev/null 2>&1 + usermod -aG docker akanealw + systemctl enable docker.service + systemctl enable containerd.service + fi +fi + +# ask to regenerate machine-id +if [[ ! -f /etc/machine-id-regenerated ]] ; then + read -r -p "Regenerate machine-id? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + # regenerate machine-id + rm -f /etc/machine-id /var/lib/dbus/machine-id + dbus-uuidgen --ensure=/etc/machine-id + dbus-uuidgen --ensure + touch /etc/machine-id-regenerated + fi +fi + +# ask to regenerate ssh host keys +if [[ ! -d /etc/cloud ]] ; then + if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then + read -r -p "Regenerate SSH Keys? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + rm /etc/ssh/ssh_host_* + dpkg-reconfigure openssh-server + mkdir /home/akanealw/.ssh + touch /home/akanealw/.ssh/ssh_keys_regenerated + chmod 700 /home/akanealw/.ssh + chown -R akanealw:akanealw /home/akanealw/.ssh + fi + fi +fi + +# ask to set static ip address +if [[ ! -d /etc/cloud ]] ; then + if [[ ! -f /etc/network/interfaces.bak ]] ; then + read -r -p "Set Static IP address? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then + read -r -p "Enter Static IP Address with subnet prefix: " staticip + read -r -p "Enter Gateway IP Address: " gatewayip + read -r -p "Enter Primary DNS IP Address: " dnsip1 + read -r -p "Enter Secondary DNS IP Address: " dnsip2 + # get adapter name + name=$(basename /sys/class/net/e*) + # backup original interfaces file + if [[ ! -f /etc/network/interfaces.bak ]] ; then + cp /etc/network/interfaces /etc/network/interfaces.bak + fi + rm /etc/network/interfaces + cp /etc/network/interfaces.bak /etc/network/interfaces + # set static ip + sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces + echo " address $staticip" >> /etc/network/interfaces + echo " gateway $gatewayip" >> /etc/network/interfaces + # backup resolv.conf file + if [[ ! -f /etc/resolv.conf.bak ]] ; then + cp /etc/resolv.conf /etc/resolv.conf.bak + fi + rm /etc/resolv.conf + # set primary dns ip + echo "nameserver $dnsip1" >> /etc/resolv.conf + echo "nameserver $dnsip2" >> /etc/resolv.conf + # restart the interface + ifdown $name + ifup $name + fi + fi +fi diff --git a/files/bashscripts/proxyserver/root/clean-plex-photo-cache.sh b/files/bashscripts/proxyserver/root/clean-plex-photo-cache.sh new file mode 100755 index 0000000..ef05e1f --- /dev/null +++ b/files/bashscripts/proxyserver/root/clean-plex-photo-cache.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.jpg" -type f -mtime +5 -delete +find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.ppm" -type f -mtime +5 -delete +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vOOCgMo8GW?status=up&msg=OK&ping= diff --git a/files/bashscripts/proxyserver/root/crontab.bak b/files/bashscripts/proxyserver/root/crontab.bak index d1c5aa5..4f0bc1e 100644 --- a/files/bashscripts/proxyserver/root/crontab.bak +++ b/files/bashscripts/proxyserver/root/crontab.bak @@ -21,3 +21,4 @@ # For more information see the manual pages of crontab(5) and cron(8) # # m h dom mon dow command +0 15 * * * /root/scripts/clean-plex-photo-cache.sh