From bf38f422295ad2232cfab90b79cafc6b23597fa2 Mon Sep 17 00:00:00 2001 From: akanealw Date: Sat, 26 Aug 2023 16:14:53 -0500 Subject: [PATCH] first commit --- ddconf.conf | 13 + debian/debian-essentials.sh | 193 ++++++++++++++ debian/debian-install-docker.sh | 23 ++ debian/debian-install-samba.sh | 19 ++ .../debian-regenerate-ssh-keys-machine-id.sh | 32 +++ debian/debian-set-ip.sh | 36 +++ debian/debian-setup-email.sh | 30 +++ debian/debian-setup-unattended-upgrades.sh | 18 ++ debian/debian-update-sources.sh | 28 ++ debian/download-debian-essentials.sh | 17 ++ debian/nano-remap.sh | 33 +++ dockerserver/akanealw/crontab.bak | 24 ++ .../akanealw/restart-gluetun-and-services.sh | 10 + .../rsync-docker-remotely-to-proxyserver.sh | 5 + dockerserver/root/crontab.bak | 23 ++ .../root/restart-gluetun-and-services.sh | 10 + dockerserver/root/rsync-docker-data.sh | 4 + ...rsync-dockerserver-test-to-dockerserver.sh | 10 + download-essentials.sh | 15 ++ .../akanealw/backup-scripts-to-gitrepo.sh | 55 ++++ fileserver/akanealw/crontab.bak | 24 ++ fileserver/akanealw/debian-essentials.sh | 248 ++++++++++++++++++ fileserver/akanealw/plexserver.sh | 6 + fileserver/akanealw/rsync-backup-awsvps.sh | 17 ++ .../etc-profile.d/mount-shared-folders.sh | 13 + fileserver/gitrepos/update-fileserver.sh | 18 ++ fileserver/root/crontab.bak | 25 ++ .../root/ping-before-mounting-shares.sh | 5 + fileserver/root/rsync-backup-fileserver.sh | 24 ++ git/configure-git.sh | 4 + joinad.sh | 62 +++++ plexserver/akanealw/crontab.bak | 0 plexserver/akanealw/debian-essentials.sh | 248 ++++++++++++++++++ plexserver/root/clean-plex-photo-cache.sh | 5 + plexserver/root/crontab.bak | 24 ++ proxmox/all-cloud-images-download-import.sh | 90 +++++++ proxmox/download-proxmox-essentials.sh | 21 ++ proxmox/proxmox-pbs-essentials.sh | 97 +++++++ proxmox/proxmox-pve-essentials.sh | 103 ++++++++ proxmox/rawimport.txt | 1 + proxmox/remove-nag.sh | 19 ++ proxmox/vhdxconvert.txt | 1 + proxmox1/akanealw/crontab.bak | 0 proxmox1/root/crontab.bak | 25 ++ .../download-debian-ubuntu-cloud-images.sh | 47 ++++ proxmox1/root/ping-before-start.sh | 13 + proxmox1/root/ping-before-starting-cts-vms.sh | 11 + proxmox1/root/proxmox-kernel-clean.sh | 140 ++++++++++ proxmox1/root/proxmox-post-pve-install.sh | 243 +++++++++++++++++ proxmox1/root/proxmox-pve-essentials.sh | 73 ++++++ ...rsync-import-debian-ubuntu-cloud-images.sh | 49 ++++ proxmox2/akanealw/crontab.bak | 24 ++ .../akanealw/restart-gluetun-and-services.sh | 4 + proxmox2/akanealw/shutdown-proxmox1.sh | 3 + proxmox2/akanealw/wake-proxmox1.sh | 3 + proxmox2/root/crontab.bak | 26 ++ .../download-debian-ubuntu-cloud-images.sh | 88 +++++++ ...nload-import-debian-ubuntu-cloud-images.sh | 48 ++++ proxmox2/root/ping-before-start.sh | 5 + proxmox2/root/ping-before-starting-cts-vms.sh | 5 + proxmox2/root/proxmox-kernel-clean.sh | 140 ++++++++++ proxmox2/root/proxmox-post-pve-install.sh | 243 +++++++++++++++++ proxmox2/root/proxmox-pve-essentials.sh | 73 ++++++ proxmox2/root/shutdown-proxmox1.sh | 3 + proxmox2/root/wake-proxmox1.sh | 4 + .../akanealw/restart-gluetun-and-services.sh | 4 + proxmox3/akanealw/shutdown-proxmox1.sh | 3 + proxmox3/akanealw/shutdown-proxmox2.sh | 3 + proxmox3/akanealw/wake-proxmox1.sh | 3 + proxmox3/akanealw/wake-proxmox2.sh | 3 + proxmox3/root/wake-proxmox1.sh | 4 + proxmox3/root/wake-proxmox2.sh | 4 + proxyserver/akanealw/backup-bookmarks.sh | 4 + proxyserver/akanealw/backup-vaultwarden.sh | 4 + .../akanealw/copy-backups-to-truenas.sh | 6 + proxyserver/akanealw/crontab.bak | 26 ++ proxyserver/akanealw/debian-essentials.sh | 145 ++++++++++ .../olivetin/restart-gluetun-and-services.sh | 18 ++ .../akanealw/olivetin/restart-jdownloader.sh | 7 + .../akanealw/olivetin/restart-qbittorrent.sh | 7 + .../akanealw/olivetin/restart-sabnzbd.sh | 7 + .../akanealw/olivetin/shutdown-proxmox1.sh | 4 + .../akanealw/olivetin/wake-proxmox1.sh | 4 + .../ping-before-copy-backups-to-truenas.sh | 15 ++ proxyserver/root/check-wireguard.sh | 21 ++ proxyserver/root/clean-plex-photo-cache.sh | 5 + proxyserver/root/crontab.bak | 23 ++ proxyserver/root/test.sh | 0 rclone/rclone-copy-scott-backup.sh | 18 ++ remotely/remotely-agent-debian.sh | 106 ++++++++ remotely/remotely-agent-ubuntu.sh | 106 ++++++++ rsync/rsync-backup-fileserver-truenas.sh | 15 ++ rsync/rsync-backup.sh | 10 + rsync/rsync-pull-with-public-key-to-local.sh | 12 + rsync/rsync-restore.sh | 4 + rsync/rsync-to-truenas-module.sh | 4 + serverbackup-cronjob.txt | 1 + serverbackup-networkshare.txt | 2 + serverbackup.sh | 8 + start-all-docker.sh | 4 + stop-all-docker.sh | 4 + transfer-bash.bashrc.bak-to-remote-scp.sh | 23 ++ ubuntu/download-ubuntu-essentials.sh | 17 ++ ubuntu/ubuntu-essentials.sh | 120 +++++++++ ubuntu/ubuntu-install-docker.sh | 23 ++ ubuntu/ubuntu-install-samba.sh | 19 ++ .../ubuntu-regenerate-ssh-keys-machine-id.sh | 32 +++ ubuntu/ubuntu-set-ip.sh | 29 ++ wsl-essentials.sh | 82 ++++++ 109 files changed, 3882 insertions(+) create mode 100644 ddconf.conf create mode 100755 debian/debian-essentials.sh create mode 100755 debian/debian-install-docker.sh create mode 100755 debian/debian-install-samba.sh create mode 100644 debian/debian-regenerate-ssh-keys-machine-id.sh create mode 100755 debian/debian-set-ip.sh create mode 100644 debian/debian-setup-email.sh create mode 100644 debian/debian-setup-unattended-upgrades.sh create mode 100644 debian/debian-update-sources.sh create mode 100755 debian/download-debian-essentials.sh create mode 100755 debian/nano-remap.sh create mode 100644 dockerserver/akanealw/crontab.bak create mode 100755 dockerserver/akanealw/restart-gluetun-and-services.sh create mode 100644 dockerserver/akanealw/rsync-docker-remotely-to-proxyserver.sh create mode 100644 dockerserver/root/crontab.bak create mode 100644 dockerserver/root/restart-gluetun-and-services.sh create mode 100644 dockerserver/root/rsync-docker-data.sh create mode 100644 dockerserver/root/rsync-dockerserver-test-to-dockerserver.sh create mode 100755 download-essentials.sh create mode 100755 fileserver/akanealw/backup-scripts-to-gitrepo.sh create mode 100644 fileserver/akanealw/crontab.bak create mode 100755 fileserver/akanealw/debian-essentials.sh create mode 100755 fileserver/akanealw/plexserver.sh create mode 100644 fileserver/akanealw/rsync-backup-awsvps.sh create mode 100644 fileserver/etc-profile.d/mount-shared-folders.sh create mode 100644 fileserver/gitrepos/update-fileserver.sh create mode 100644 fileserver/root/crontab.bak create mode 100755 fileserver/root/ping-before-mounting-shares.sh create mode 100755 fileserver/root/rsync-backup-fileserver.sh create mode 100755 git/configure-git.sh create mode 100755 joinad.sh create mode 100644 plexserver/akanealw/crontab.bak create mode 100755 plexserver/akanealw/debian-essentials.sh create mode 100755 plexserver/root/clean-plex-photo-cache.sh create mode 100644 plexserver/root/crontab.bak create mode 100755 proxmox/all-cloud-images-download-import.sh create mode 100644 proxmox/download-proxmox-essentials.sh create mode 100755 proxmox/proxmox-pbs-essentials.sh create mode 100644 proxmox/proxmox-pve-essentials.sh create mode 100755 proxmox/rawimport.txt create mode 100755 proxmox/remove-nag.sh create mode 100755 proxmox/vhdxconvert.txt create mode 100644 proxmox1/akanealw/crontab.bak create mode 100644 proxmox1/root/crontab.bak create mode 100644 proxmox1/root/download-debian-ubuntu-cloud-images.sh create mode 100644 proxmox1/root/ping-before-start.sh create mode 100755 proxmox1/root/ping-before-starting-cts-vms.sh create mode 100755 proxmox1/root/proxmox-kernel-clean.sh create mode 100755 proxmox1/root/proxmox-post-pve-install.sh create mode 100755 proxmox1/root/proxmox-pve-essentials.sh create mode 100755 proxmox1/root/rsync-import-debian-ubuntu-cloud-images.sh create mode 100644 proxmox2/akanealw/crontab.bak create mode 100755 proxmox2/akanealw/restart-gluetun-and-services.sh create mode 100755 proxmox2/akanealw/shutdown-proxmox1.sh create mode 100755 proxmox2/akanealw/wake-proxmox1.sh create mode 100644 proxmox2/root/crontab.bak create mode 100644 proxmox2/root/download-debian-ubuntu-cloud-images.sh create mode 100755 proxmox2/root/download-import-debian-ubuntu-cloud-images.sh create mode 100644 proxmox2/root/ping-before-start.sh create mode 100755 proxmox2/root/ping-before-starting-cts-vms.sh create mode 100755 proxmox2/root/proxmox-kernel-clean.sh create mode 100755 proxmox2/root/proxmox-post-pve-install.sh create mode 100755 proxmox2/root/proxmox-pve-essentials.sh create mode 100755 proxmox2/root/shutdown-proxmox1.sh create mode 100755 proxmox2/root/wake-proxmox1.sh create mode 100644 proxmox3/akanealw/restart-gluetun-and-services.sh create mode 100644 proxmox3/akanealw/shutdown-proxmox1.sh create mode 100644 proxmox3/akanealw/shutdown-proxmox2.sh create mode 100644 proxmox3/akanealw/wake-proxmox1.sh create mode 100644 proxmox3/akanealw/wake-proxmox2.sh create mode 100644 proxmox3/root/wake-proxmox1.sh create mode 100644 proxmox3/root/wake-proxmox2.sh create mode 100755 proxyserver/akanealw/backup-bookmarks.sh create mode 100644 proxyserver/akanealw/backup-vaultwarden.sh create mode 100644 proxyserver/akanealw/copy-backups-to-truenas.sh create mode 100644 proxyserver/akanealw/crontab.bak create mode 100755 proxyserver/akanealw/debian-essentials.sh create mode 100755 proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh create mode 100755 proxyserver/akanealw/olivetin/restart-jdownloader.sh create mode 100755 proxyserver/akanealw/olivetin/restart-qbittorrent.sh create mode 100755 proxyserver/akanealw/olivetin/restart-sabnzbd.sh create mode 100755 proxyserver/akanealw/olivetin/shutdown-proxmox1.sh create mode 100755 proxyserver/akanealw/olivetin/wake-proxmox1.sh create mode 100755 proxyserver/akanealw/ping-before-copy-backups-to-truenas.sh create mode 100644 proxyserver/root/check-wireguard.sh create mode 100755 proxyserver/root/clean-plex-photo-cache.sh create mode 100644 proxyserver/root/crontab.bak create mode 100644 proxyserver/root/test.sh create mode 100644 rclone/rclone-copy-scott-backup.sh create mode 100644 remotely/remotely-agent-debian.sh create mode 100644 remotely/remotely-agent-ubuntu.sh create mode 100644 rsync/rsync-backup-fileserver-truenas.sh create mode 100644 rsync/rsync-backup.sh create mode 100755 rsync/rsync-pull-with-public-key-to-local.sh create mode 100644 rsync/rsync-restore.sh create mode 100644 rsync/rsync-to-truenas-module.sh create mode 100755 serverbackup-cronjob.txt create mode 100755 serverbackup-networkshare.txt create mode 100755 serverbackup.sh create mode 100755 start-all-docker.sh create mode 100755 stop-all-docker.sh create mode 100755 transfer-bash.bashrc.bak-to-remote-scp.sh create mode 100755 ubuntu/download-ubuntu-essentials.sh create mode 100755 ubuntu/ubuntu-essentials.sh create mode 100755 ubuntu/ubuntu-install-docker.sh create mode 100755 ubuntu/ubuntu-install-samba.sh create mode 100644 ubuntu/ubuntu-regenerate-ssh-keys-machine-id.sh create mode 100755 ubuntu/ubuntu-set-ip.sh create mode 100755 wsl-essentials.sh diff --git a/ddconf.conf b/ddconf.conf new file mode 100644 index 0000000..e295180 --- /dev/null +++ b/ddconf.conf @@ -0,0 +1,13 @@ +daemon=900 +use=web +protocol=dyndns2 + +protocol=googledomains, +login=0dbLQaqN8kK9jYKa, +password=vpKzmQVZiudhvfZA +akanealw.com + +protocol=googledomains, +login=oZtsEAniHvjesY0v, +password=8gq0lTPPkdQdCeu0 +aknlw.com diff --git a/debian/debian-essentials.sh b/debian/debian-essentials.sh new file mode 100755 index 0000000..dd4fac4 --- /dev/null +++ b/debian/debian-essentials.sh @@ -0,0 +1,193 @@ +#!/bin/bash + +# autoreply config update dialog with no +if [[ ! -f /etc/apt/apt.conf.d/local ]] + then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update bookworm to new debian.sources file +if [[ -f /etc/apt/sources.list.d/debian.sources ]] + then + echo "Sources already updated" + else + isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") + if [ $isInFile -eq 0 ] + then + mkdir /etc/apt/mirrors > /dev/null 2>&1 + echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list + echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources + echo "" >> /etc/apt/sources.list.d/debian.sources + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main" >> /etc/apt/sources.list.d/debian.sources + mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 + rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 + else + echo "Bullseye detected, skipping sources update" + fi +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y pwgen lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# add akanealw user if not existing +isInFile=$(cat /etc/passwd | grep -c "akanealw") +if [ $isInFile -eq 0 ] + then + echo "Set password for akanealw" + useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw + mkdir /home/akanealw/.ssh + chown akanealw:akanealw /home/akanealw/.ssh + chmod 700 /home/akanealw/.ssh + cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 + chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 + chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 +fi + +# create akanealw file in /etc/sudoers.d +if [[ ! -f /etc/sudoers.d/akanealw ]] + then + echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw +fi + +# enable ping for all users +setcap 'cap_net_admin,cap_net_raw+ep' $(which ping) + +# remove all motd +rm /etc/motd > /dev/null 2>&1 + +# disable systemd-networkd-wait-online.service +systemctl disable systemd-networkd-wait-online.service + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# show ip in /etc/issue +wget -qO /etc/issue.default http://192.168.1.50/debian/issue.default +rm /etc/issue > /dev/null 2>&1 +cp /etc/issue.default /etc/issue +name=$(basename /sys/class/net/e*) +echo "" >> /etc/issue +echo "$name: \4{$name}" >> /etc/issue +echo "" >> /etc/issue + +# set input preferences +wget -qO /etc/inputrc.default http://192.168.1.50/debian/inputrc.default +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.default /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +wget -qO /etc/bash.bashrc.default http://192.168.1.50/debian/bash.bashrc.default +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.default /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc +echo "alias dc='docker compose'" >> /etc/bash.bashrc +echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc +echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc +echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc +echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc +echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc +echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc +echo "alias dps='docker ps'" >> /etc/bash.bashrc +echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# create credentials and map network drives +isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") +if [ $isInFile -eq 0 ] + then + mkdir /mnt/truenasdata > /dev/null 2>&1 + chown akanealw:akanealw /mnt/truenasdata + echo "# nfs shares" >> /etc/fstab + echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab +fi + +# configure email for sending notifications +isInFile=$(cat /etc/postfix/main.cf | grep -c "gmail") +if [ $isInFile -eq 0 ] + then + DEBIAN_FRONTEND=noninteractive apt install -y libsasl2-modules mailutils postfix postfix-pcre + echo "smtp.gmail.com notify.akanealw@gmail.com:leawkqqpthbwacrf" > /etc/postfix/sasl_passwd + echo "/^From:.*/ REPLACE From: $(hostname) " > /etc/postfix/smtp_header_checks + chmod 600 /etc/postfix/sasl_passwd + postmap hash:/etc/postfix/sasl_passwd + postmap hash:/etc/postfix/smtp_header_checks + sed -i 's@relayhost =@#relayhost = @g' /etc/postfix/main.cf + sed -i 's@smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@g' /etc/postfix/main.cf + echo "" >> /etc/postfix/main.cf + echo "# google mail configuration" >> /etc/postfix/main.cf + echo "relayhost = smtp.gmail.com:587" >> /etc/postfix/main.cf + echo "smtp_use_tls = yes" >> /etc/postfix/main.cf + echo "smtp_sasl_auth_enable = yes" >> /etc/postfix/main.cf + echo "smtp_sasl_security_options =" >> /etc/postfix/main.cf + echo "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" >> /etc/postfix/main.cf + echo "smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem" >> /etc/postfix/main.cf + echo "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" >> /etc/postfix/main.cf + echo "smtp_tls_session_cache_timeout = 3600s" >> /etc/postfix/main.cf + echo "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks" >> /etc/postfix/main.cf + echo "" >> /etc/postfix/main.cf + postfix reload + echo "This is a test message sent from postfix on $(hostname)" | mail -s "Test Email from $(hostname)" akanealw@gmail.com + else + echo "Email already configured." +fi + +# configure unattended upgrades +isInFile=$(cat /etc/apt/apt.conf.d/20auto-upgrades | grep -c 'APT::Periodic::Unattended-Upgrade "1";') +if [ $isInFile -eq 0 ] + then + apt install -y apt-listchanges unattended-upgrades + sed -i 's@// "origin=Debian,codename=${distro_codename}-updates";@ "origin=Debian,codename=${distro_codename}-updates";@g' /etc/apt/apt.conf.d/50unattended-upgrades + sed -i 's!//Unattended-Upgrade::Mail "";!Unattended-Upgrade::Mail "akanealw@gmail.com";!g' /etc/apt/apt.conf.d/50unattended-upgrades + sed -i 's@//Unattended-Upgrade::MailReport "on-change";@Unattended-Upgrade::MailReport "on-change";@g' /etc/apt/apt.conf.d/50unattended-upgrades + sed -i 's@//Unattended-Upgrade::Remove-Unused-Dependencies "false";@Unattended-Upgrade::Remove-Unused-Dependencies "true";@g' /etc/apt/apt.conf.d/50unattended-upgrades + echo "APT::Periodic::Update-Package-Lists \"1\";" > /etc/apt/apt.conf.d/20auto-upgrades + echo "APT::Periodic::Unattended-Upgrade \"1\";" >> /etc/apt/apt.conf.d/20auto-upgrades + systemctl enable unattended-upgrades + systemctl start unattended-upgrades + systemctl status unattended-upgrades + else + echo "Unattended upgrades already configured." +fi diff --git a/debian/debian-install-docker.sh b/debian/debian-install-docker.sh new file mode 100755 index 0000000..c3339bf --- /dev/null +++ b/debian/debian-install-docker.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +if [[ ! -f /etc/apt/keyrings/docker.gpg ]] + then + apt-get update + apt-get install -y ca-certificates curl gnupg lsb-release + chown -R akanealw:akanealw /home/akanealw/docker + mkdir -m 0755 -p /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + apt-get update + apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + groupadd docker > /dev/null 2>&1 + usermod -aG docker akanealw + systemctl enable docker.service + systemctl enable containerd.service + systemctl start docker.service + systemctl start containerd.service + systemctl status docker.service + systemctl status containerd.service + else + echo "Docker is already configured." +fi diff --git a/debian/debian-install-samba.sh b/debian/debian-install-samba.sh new file mode 100755 index 0000000..3f64bd0 --- /dev/null +++ b/debian/debian-install-samba.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw") +if [ $isInFile -eq 0 ] + then + apt-get install -y samba --no-install-recommends + (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw + sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf + echo "[akanealw]" >> /etc/samba/smb.conf + echo " comment = akanealw" >> /etc/samba/smb.conf + echo " read only = no" >> /etc/samba/smb.conf + echo " path = /home/akanealw" >> /etc/samba/smb.conf + echo " guest ok = no" >> /etc/samba/smb.conf + echo "" >> /etc/samba/smb.conf + systemctl restart smbd + systemctl status smbd + else + echo "Samba is already configured." + fi diff --git a/debian/debian-regenerate-ssh-keys-machine-id.sh b/debian/debian-regenerate-ssh-keys-machine-id.sh new file mode 100644 index 0000000..2811bd1 --- /dev/null +++ b/debian/debian-regenerate-ssh-keys-machine-id.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +# ask to regenerate machine-id +if [[ ! -f /etc/machine-id-regenerated ]] + then + read -r -p "Regenerate machine-id? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + rm -f /etc/machine-id /var/lib/dbus/machine-id + dbus-uuidgen --ensure=/etc/machine-id + dbus-uuidgen --ensure + touch /etc/machine-id-regenerated + fi +fi + +# ask to regenerate ssh host keys +if [[ ! -d /etc/cloud ]] + then + if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] + then + read -r -p "Regenerate SSH Keys? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + rm /etc/ssh/ssh_host_* + dpkg-reconfigure openssh-server + mkdir /home/akanealw/.ssh + touch /home/akanealw/.ssh/ssh_keys_regenerated + chmod 700 /home/akanealw/.ssh + chown -R akanealw:akanealw /home/akanealw/.ssh + fi + fi +fi diff --git a/debian/debian-set-ip.sh b/debian/debian-set-ip.sh new file mode 100755 index 0000000..0dc921b --- /dev/null +++ b/debian/debian-set-ip.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +# ask to set static ip address +if [[ ! -d /etc/cloud ]] + then + if [[ ! -f /etc/network/interfaces.bak ]] + then + read -r -p "Set Static IP address? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + read -r -p "Enter Static IP Address with subnet prefix: " staticip + read -r -p "Enter Gateway IP Address: " gatewayip + read -r -p "Enter Primary DNS IP Address: " dnsip1 + read -r -p "Enter Secondary DNS IP Address: " dnsip2 + name=$(basename /sys/class/net/e*) + if [[ ! -f /etc/network/interfaces.bak ]] + then + cp /etc/network/interfaces /etc/network/interfaces.bak + fi + rm /etc/network/interfaces + cp /etc/network/interfaces.bak /etc/network/interfaces + sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces + echo " address $staticip" >> /etc/network/interfaces + echo " gateway $gatewayip" >> /etc/network/interfaces + if [[ ! -f /etc/resolv.conf.bak ]] + then + cp /etc/resolv.conf /etc/resolv.conf.bak + fi + rm /etc/resolv.conf + echo "nameserver $dnsip1" >> /etc/resolv.conf + echo "nameserver $dnsip2" >> /etc/resolv.conf + ifdown $name + ifup $name + fi + fi +fi \ No newline at end of file diff --git a/debian/debian-setup-email.sh b/debian/debian-setup-email.sh new file mode 100644 index 0000000..13aeed3 --- /dev/null +++ b/debian/debian-setup-email.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +isInFile=$(cat /etc/postfix/main.cf | grep -c "gmail") +if [ $isInFile -eq 0 ] + then + DEBIAN_FRONTEND=noninteractive apt install -y libsasl2-modules mailutils postfix postfix-pcre + echo "smtp.gmail.com notify.akanealw@gmail.com:leawkqqpthbwacrf" > /etc/postfix/sasl_passwd + echo "/^From:.*/ REPLACE From: $(hostname) " > /etc/postfix/smtp_header_checks + chmod 600 /etc/postfix/sasl_passwd + postmap hash:/etc/postfix/sasl_passwd + postmap hash:/etc/postfix/smtp_header_checks + sed -i 's@relayhost =@#relayhost = @g' /etc/postfix/main.cf + sed -i 's@smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@g' /etc/postfix/main.cf + echo "" >> /etc/postfix/main.cf + echo "# google mail configuration" >> /etc/postfix/main.cf + echo "relayhost = smtp.gmail.com:587" >> /etc/postfix/main.cf + echo "smtp_use_tls = yes" >> /etc/postfix/main.cf + echo "smtp_sasl_auth_enable = yes" >> /etc/postfix/main.cf + echo "smtp_sasl_security_options =" >> /etc/postfix/main.cf + echo "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" >> /etc/postfix/main.cf + echo "smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem" >> /etc/postfix/main.cf + echo "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" >> /etc/postfix/main.cf + echo "smtp_tls_session_cache_timeout = 3600s" >> /etc/postfix/main.cf + echo "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks" >> /etc/postfix/main.cf + echo "" >> /etc/postfix/main.cf + postfix reload + echo "This is a test message sent from postfix on $(hostname)" | mail -s "Test Email from $(hostname)" akanealw@gmail.com + else + echo "Email already configured." +fi diff --git a/debian/debian-setup-unattended-upgrades.sh b/debian/debian-setup-unattended-upgrades.sh new file mode 100644 index 0000000..0b90acb --- /dev/null +++ b/debian/debian-setup-unattended-upgrades.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +isInFile=$(cat /etc/apt/apt.conf.d/20auto-upgrades | grep -c 'APT::Periodic::Unattended-Upgrade "1";') +if [ $isInFile -eq 0 ] + then + apt install -y apt-listchanges unattended-upgrades + sed -i 's@// "origin=Debian,codename=${distro_codename}-updates";@ "origin=Debian,codename=${distro_codename}-updates";@g' /etc/apt/apt.conf.d/50unattended-upgrades + sed -i 's!//Unattended-Upgrade::Mail "";!Unattended-Upgrade::Mail "akanealw@gmail.com";!g' /etc/apt/apt.conf.d/50unattended-upgrades + sed -i 's@//Unattended-Upgrade::MailReport "on-change";@Unattended-Upgrade::MailReport "on-change";@g' /etc/apt/apt.conf.d/50unattended-upgrades + sed -i 's@//Unattended-Upgrade::Remove-Unused-Dependencies "false";@Unattended-Upgrade::Remove-Unused-Dependencies "true";@g' /etc/apt/apt.conf.d/50unattended-upgrades + echo "APT::Periodic::Update-Package-Lists \"1\";" > /etc/apt/apt.conf.d/20auto-upgrades + echo "APT::Periodic::Unattended-Upgrade \"1\";" >> /etc/apt/apt.conf.d/20auto-upgrades + systemctl enable unattended-upgrades + systemctl start unattended-upgrades + systemctl status unattended-upgrades + else + echo "Unattended upgrades already configured." +fi diff --git a/debian/debian-update-sources.sh b/debian/debian-update-sources.sh new file mode 100644 index 0000000..eace5d6 --- /dev/null +++ b/debian/debian-update-sources.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +# update bookworm to new debian.sources file +if [[ -f /etc/apt/sources.list.d/debian.sources ]] + then + echo "Sources already updated" + else + isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") + if [ $isInFile -eq 0 ] + then + mkdir /etc/apt/mirrors > /dev/null 2>&1 + echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list + echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources + echo "" >> /etc/apt/sources.list.d/debian.sources + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main" >> /etc/apt/sources.list.d/debian.sources + mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 + rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 + else + echo "Bullseye detected, skipping sources update" + fi +fi diff --git a/debian/download-debian-essentials.sh b/debian/download-debian-essentials.sh new file mode 100755 index 0000000..b1b9309 --- /dev/null +++ b/debian/download-debian-essentials.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +if [[ -d /home/akanealw ]] + then + rm /home/akanealw/scripts/debian-essentials* > /dev/null 2>&1 + rm /root/scripts/debian-essentials* > /dev/null 2>&1 + mkdir /home/akanealw/scripts > /dev/null 2>&1 + wget -qO /home/akanealw/scripts/debian-essentials.sh https://aknlw.com/debian-essentials + chmod +x /home/akanealw/scripts/debian-essentials.sh + sudo /home/akanealw/scripts/debian-essentials.sh + else + rm /root/scripts/debian-essentials* > /dev/null 2>&1 + mkdir /root/scripts > /dev/null 2>&1 + wget -qO /root/scripts/debian-essentials.sh https://aknlw.com/debian-essentials + chmod +x /root/scripts/debian-essentials.sh + /root/scripts/debian-essentials.sh +fi diff --git a/debian/nano-remap.sh b/debian/nano-remap.sh new file mode 100755 index 0000000..ef15686 --- /dev/null +++ b/debian/nano-remap.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# set nanorc keybinds +if [[ -f /etc/nanorc.default ]] ; then + mv /etc/nanorc.default /etc/nanorc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/nanorc.bak ]] ; then + cp /etc/nanorc /etc/nanorc.bak > /dev/null 2>&1 +fi +rm /etc/nanorc > /dev/null 2>&1 +cp /etc/nanorc.bak /etc/nanorc +echo "" >> /etc/nanorc +echo "# custom binds" >> /etc/nanorc +echo "bind ^X exit all" >> /etc/nanorc +echo "bind ^S savefile main" >> /etc/nanorc +echo "bind ^O writeout main" >> /etc/nanorc +echo "bind ^I insert main" >> /etc/nanorc +echo "bind ^F whereis all" >> /etc/nanorc +echo "bind ^G findnext all" >> /etc/nanorc +echo "bind ^B wherewas all" >> /etc/nanorc +echo "bind ^D findprevious all" >> /etc/nanorc +echo "bind ^R replace main" >> /etc/nanorc +echo "bind ^K cut all" >> /etc/nanorc +echo "bind ^C copy main" >> /etc/nanorc +echo "bind ^V paste all" >> /etc/nanorc +echo "bind ^A mark main" >> /etc/nanorc +echo "bind ^T gotoline main" >> /etc/nanorc +echo "bind ^T gotodir browser" >> /etc/nanorc +echo "unbind ^U all" >> /etc/nanorc +echo "unbind ^N main" >> /etc/nanorc +echo "unbind ^Y all" >> /etc/nanorc +echo "unbind M-J main" >> /etc/nanorc +echo "unbind M-T main" >> /etc/nanorc \ No newline at end of file diff --git a/dockerserver/akanealw/crontab.bak b/dockerserver/akanealw/crontab.bak new file mode 100644 index 0000000..c5051e6 --- /dev/null +++ b/dockerserver/akanealw/crontab.bak @@ -0,0 +1,24 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +0 12 * * * /home/akanealw/scripts/restart-gluetun-and-services.sh >> /home/akanealw/restart-gluetun-and-services.log diff --git a/dockerserver/akanealw/restart-gluetun-and-services.sh b/dockerserver/akanealw/restart-gluetun-and-services.sh new file mode 100755 index 0000000..dad7fd1 --- /dev/null +++ b/dockerserver/akanealw/restart-gluetun-and-services.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +docker restart gluetun && echo gluetun restarted +sleep 45 +docker restart qbittorrent && echo qbittorrent restarted +sleep 5 +docker restart sabnzbd && echo sabnzbd restarted +sleep 5 +docker restart jdownloader && echo jdownloader restarted +sleep 5 diff --git a/dockerserver/akanealw/rsync-docker-remotely-to-proxyserver.sh b/dockerserver/akanealw/rsync-docker-remotely-to-proxyserver.sh new file mode 100644 index 0000000..6cf197c --- /dev/null +++ b/dockerserver/akanealw/rsync-docker-remotely-to-proxyserver.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +rsync -azvP -e "ssh -i ~/.ssh/proxyserver" --progress \ +/home/akanealw/docker/appdata/remotely \ +root@192.168.1.4:/home/akanealw/docker/appdata diff --git a/dockerserver/root/crontab.bak b/dockerserver/root/crontab.bak new file mode 100644 index 0000000..d1c5aa5 --- /dev/null +++ b/dockerserver/root/crontab.bak @@ -0,0 +1,23 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command diff --git a/dockerserver/root/restart-gluetun-and-services.sh b/dockerserver/root/restart-gluetun-and-services.sh new file mode 100644 index 0000000..dad7fd1 --- /dev/null +++ b/dockerserver/root/restart-gluetun-and-services.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +docker restart gluetun && echo gluetun restarted +sleep 45 +docker restart qbittorrent && echo qbittorrent restarted +sleep 5 +docker restart sabnzbd && echo sabnzbd restarted +sleep 5 +docker restart jdownloader && echo jdownloader restarted +sleep 5 diff --git a/dockerserver/root/rsync-docker-data.sh b/dockerserver/root/rsync-docker-data.sh new file mode 100644 index 0000000..9263ea3 --- /dev/null +++ b/dockerserver/root/rsync-docker-data.sh @@ -0,0 +1,4 @@ +#!/bin/bashrsync-docker-remotely-to-proxyserver.sh + +rsync -azvP -e "ssh -i ~/.ssh/dockerserver" --progress \ +root@192.168.1.35:/opt/docker/appdata /home/akanealw/docker diff --git a/dockerserver/root/rsync-dockerserver-test-to-dockerserver.sh b/dockerserver/root/rsync-dockerserver-test-to-dockerserver.sh new file mode 100644 index 0000000..91b86b4 --- /dev/null +++ b/dockerserver/root/rsync-dockerserver-test-to-dockerserver.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +rsync -azvP -e "ssh -i ~/.ssh/dockerserver" --progress \ +--include=/ \ +--include=/home/ \ +--include=/home/akanealw \ +--include=/home/akanealw/docker \ +--include=/home/akanealw/docker/appdata/*** \ +--exclude=* \ +/ root@192.168.1.30:/ diff --git a/download-essentials.sh b/download-essentials.sh new file mode 100755 index 0000000..176978c --- /dev/null +++ b/download-essentials.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +isInFile=$(cat /etc/os-release | grep -c "ID=debian") +if [ $isInFile -eq 1 ]; then + curl -O http://192.168.1.50/debian/debian-essentials.sh + chmod +x debian-essentials.sh + sudo ./debian-essentials.sh +fi + +isInFile=$(cat /etc/os-release | grep -c "ID=ubuntu") +if [ $isInFile -eq 1 ]; then + curl -O http://192.168.1.50/ubuntu/ubuntu-essentials.sh + chmod +x ubuntu-essentials.sh + sudo ./ubuntu-essentials.sh +fi diff --git a/fileserver/akanealw/backup-scripts-to-gitrepo.sh b/fileserver/akanealw/backup-scripts-to-gitrepo.sh new file mode 100755 index 0000000..8e7942d --- /dev/null +++ b/fileserver/akanealw/backup-scripts-to-gitrepo.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +if ping -c 1 192.168.1.41 &> /dev/null + then + # proxyserver + ssh proxyserver "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \ + && rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/ \ + && rsync -azvP /home/akanealw/scripts/olivetin/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/olivetin/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/root/" + + # dockerserver + ssh dockerserver "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \ + && rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \ + && rsync -azvPH /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/dockerserver/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/dockerserver/root/" + + # plexserver + ssh plexserver "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \ + && rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/plexserver/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/plexserver/root/" + + # proxmox1 + ssh proxmox1 "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \ + && rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \ + && rm /root/scripts/proxmox* > /dev/null 2>&1 \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox1/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox1/root/" + + # proxmox2 + ssh proxmox2 "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \ + && rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \ + && rm /root/scripts/proxmox* > /dev/null 2>&1 \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox2/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox2/root/" + + # fileserver + crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 + sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 + rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 + rsync -azvP /home/akanealw/scripts/ /home/akanealw/gitrepos/fileserver/files/bashscripts/fileserver/akanealw/ + sudo rsync -azvP /root/scripts/ /home/akanealw/gitrepos/fileserver/files/bashscripts/fileserver/root/ + + # chown all files copied + sudo chown -R akanealw:akanealw /home/akanealw/gitrepos/fileserver/files/ + else + echo "TrueNAS is offline" curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vwn8owCG7W?status=down&msg=OK&ping= +fi +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vwn8owCG7W?status=up&msg=OK&ping= diff --git a/fileserver/akanealw/crontab.bak b/fileserver/akanealw/crontab.bak new file mode 100644 index 0000000..fb894aa --- /dev/null +++ b/fileserver/akanealw/crontab.bak @@ -0,0 +1,24 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +0 13 * * * /home/akanealw/scripts/backup-scripts-to-gitrepo.sh diff --git a/fileserver/akanealw/debian-essentials.sh b/fileserver/akanealw/debian-essentials.sh new file mode 100755 index 0000000..b302380 --- /dev/null +++ b/fileserver/akanealw/debian-essentials.sh @@ -0,0 +1,248 @@ +#!/bin/bash + +# autoreply config update dialog with no +if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update bookworm to new debian.sources file +if [[ -f /etc/apt/sources.list ]] ; then + isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") + if [ $isInFile -eq 0 ]; then + mkdir /etc/apt/mirrors > /dev/null 2>&1 + echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list + echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources + echo "" >> /etc/apt/sources.list.d/debian.sources + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main" >> /etc/apt/sources.list.d/debian.sources + mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 + rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 + fi +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# add akanealw user if not existing +isInFile=$(cat /etc/passwd | grep -c "akanealw") +if [ $isInFile -eq 0 ]; then + echo "Set password for akanealw" + useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw + mkdir /home/akanealw/.ssh + chown akanealw:akanealw /home/akanealw/.ssh + chmod 700 /home/akanealw/.ssh + cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 + chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 + chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 +fi + +# create akanealw file in /etc/sudoers.d +if [[ ! -f /etc/sudoers.d/akanealw ]] ; then + echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw +fi + +# enable ping for all users +setcap 'cap_net_admin,cap_net_raw+ep' $(which ping) + +# remove all motd +rm /etc/motd > /dev/null 2>&1 + +# disable systemd-networkd-wait-online.service +systemctl disable systemd-networkd-wait-online.service + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# show ip in /etc/issue +name=$(basename /sys/class/net/e*) +isInFile=$(cat /etc/issue | grep -c "$name") +if [ $isInFile -eq 0 ]; then +cp /etc/issue /etc/issue.bak +echo "$name: \4{$name}" >> /etc/issue +echo "" >> /etc/issue +fi + +# set input preferences +if [[ ! -f /etc/inputrc.bak ]] ; then + cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 +fi +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.bak /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +if [[ -f /etc/bash.bashrc.default ]] ; then + mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/bash.bashrc.bak ]] ; then + cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.bak /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc +echo "alias dc='docker compose'" >> /etc/bash.bashrc +echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc +echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc +echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc +echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc +echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc +echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc +echo "alias dps='docker ps'" >> /etc/bash.bashrc +echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# create credentials and map network drives +isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") +if [ $isInFile -eq 0 ]; then + mkdir /mnt/truenasdata > /dev/null 2>&1 + chown akanealw:akanealw /mnt/truenasdata + echo "# nfs shares" >> /etc/fstab + echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab +fi + +# ask to install samba +if [[ ! -f /etc/samba/smb.conf ]] ; then + read -r -p "Install Samba? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then + apt-get install -y samba --no-install-recommends + # configure default samba share + (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw + sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf + isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]") + if [ $isInFile -eq 0 ]; then + echo "[akanealw]" >> /etc/samba/smb.conf + echo " comment = akanealw" >> /etc/samba/smb.conf + echo " read only = no" >> /etc/samba/smb.conf + echo " path = /home/akanealw" >> /etc/samba/smb.conf + echo " guest ok = no" >> /etc/samba/smb.conf + echo "" >> /etc/samba/smb.conf + fi + fi +fi + +# ask to install docker +if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then + read -r -p "Install Docker? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + # prepare for install + apt-get update + apt-get install -y ca-certificates curl gnupg lsb-release + mkdir -p /home/akanealw/docker/appdata + chown -R akanealw:akanealw /home/akanealw/docker + mkdir -m 0755 -p /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + # install docker + apt-get update + apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + # post install + groupadd docker > /dev/null 2>&1 + usermod -aG docker akanealw + systemctl enable docker.service + systemctl enable containerd.service + fi +fi + +# ask to regenerate machine-id +if [[ ! -f /etc/machine-id-regenerated ]] ; then + read -r -p "Regenerate machine-id? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + # regenerate machine-id + rm -f /etc/machine-id /var/lib/dbus/machine-id + dbus-uuidgen --ensure=/etc/machine-id + dbus-uuidgen --ensure + touch /etc/machine-id-regenerated + fi +fi + +# ask to regenerate ssh host keys +if [[ ! -d /etc/cloud ]] ; then + if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then + read -r -p "Regenerate SSH Keys? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + rm /etc/ssh/ssh_host_* + dpkg-reconfigure openssh-server + mkdir /home/akanealw/.ssh + touch /home/akanealw/.ssh/ssh_keys_regenerated + chmod 700 /home/akanealw/.ssh + chown -R akanealw:akanealw /home/akanealw/.ssh + fi + fi +fi + +# ask to set static ip address +if [[ ! -d /etc/cloud ]] ; then + if [[ ! -f /etc/network/interfaces.bak ]] ; then + read -r -p "Set Static IP address? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then + read -r -p "Enter Static IP Address with subnet prefix: " staticip + read -r -p "Enter Gateway IP Address: " gatewayip + read -r -p "Enter Primary DNS IP Address: " dnsip1 + read -r -p "Enter Secondary DNS IP Address: " dnsip2 + # get adapter name + name=$(basename /sys/class/net/e*) + # backup original interfaces file + if [[ ! -f /etc/network/interfaces.bak ]] ; then + cp /etc/network/interfaces /etc/network/interfaces.bak + fi + rm /etc/network/interfaces + cp /etc/network/interfaces.bak /etc/network/interfaces + # set static ip + sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces + echo " address $staticip" >> /etc/network/interfaces + echo " gateway $gatewayip" >> /etc/network/interfaces + # backup resolv.conf file + if [[ ! -f /etc/resolv.conf.bak ]] ; then + cp /etc/resolv.conf /etc/resolv.conf.bak + fi + rm /etc/resolv.conf + # set primary dns ip + echo "nameserver $dnsip1" >> /etc/resolv.conf + echo "nameserver $dnsip2" >> /etc/resolv.conf + # restart the interface + ifdown $name + ifup $name + fi + fi +fi diff --git a/fileserver/akanealw/plexserver.sh b/fileserver/akanealw/plexserver.sh new file mode 100755 index 0000000..f06dedc --- /dev/null +++ b/fileserver/akanealw/plexserver.sh @@ -0,0 +1,6 @@ +#!/bin/bash + + ssh plexserver "crontab -l | tee /home/akanealw/scripts/crontab.bak \ + && sudo crontab -l | sudo tee /root/scripts/crontab.bak \ + && rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/ \ + && sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/root/" diff --git a/fileserver/akanealw/rsync-backup-awsvps.sh b/fileserver/akanealw/rsync-backup-awsvps.sh new file mode 100644 index 0000000..f9990ec --- /dev/null +++ b/fileserver/akanealw/rsync-backup-awsvps.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +if ping -c 1 192.168.1.41 &> /dev/null + then + sudo mount -a -v + rsync -azvP -e "ssh -i ~/.ssh/awsvps" --progress \ + --include=/ \ + --include=/etc/ \ + --include=/etc/iptables/*** \ + --include=/etc/nginx/*** \ + --include=/etc/wireguard/*** \ + --exclude=* \ + root@awsvps:/ /mnt/backups/awsvpsbackups/$(/bin/date +%Y-%m-%d-%I-%M-%S-%p) + curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/otthp467K9?status=up&msg=OK&ping= + else + curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/otthp467K9?status=down&msg=OK&ping= +fi diff --git a/fileserver/etc-profile.d/mount-shared-folders.sh b/fileserver/etc-profile.d/mount-shared-folders.sh new file mode 100644 index 0000000..5786122 --- /dev/null +++ b/fileserver/etc-profile.d/mount-shared-folders.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +if ping -c 2 192.168.1.41 > /dev/null 2>&1 + then + if [[ ! -f /mnt/truenasfileserver/.gitignore ]] + then + sudo mount -t nfs -o defaults,nolock,soft,vers=4.2 192.168.1.41:/mnt/data/fileserver /mnt/truenasfileserver -v + else + echo "TrueNAS shared folder already mounted" + fi + else + echo "TrueNAS is offline" +fi diff --git a/fileserver/gitrepos/update-fileserver.sh b/fileserver/gitrepos/update-fileserver.sh new file mode 100644 index 0000000..7825e74 --- /dev/null +++ b/fileserver/gitrepos/update-fileserver.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +if ping -c 1 192.168.1.41 > /dev/null 2>&1 + then + if [[ ! -f /mnt/truenasfileserver/.gitignore ]] + then + sudo mount -t nfs -o defaults,nolock,soft,vers=4.2 192.168.1.41:/mnt/data/fileserver /mnt/truenasfileserver + echo "TrueNAS shared folder mounted" + cd /mnt/truenasfileserver + git pull + else + echo "TrueNAS shared folder already mounted" + cd /mnt/truenasfileserver + git pull + fi + else + echo "TrueNAS is offline" +fi diff --git a/fileserver/root/crontab.bak b/fileserver/root/crontab.bak new file mode 100644 index 0000000..eaa6390 --- /dev/null +++ b/fileserver/root/crontab.bak @@ -0,0 +1,25 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +30 9 * * * /root/scripts/ping-before-mounting-shares.sh +0 16 * * * /root/scripts/rsync-backup-fileserver.sh diff --git a/fileserver/root/ping-before-mounting-shares.sh b/fileserver/root/ping-before-mounting-shares.sh new file mode 100755 index 0000000..6b185fa --- /dev/null +++ b/fileserver/root/ping-before-mounting-shares.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done +sleep 45 +mount -t nfs -o defaults,nolock,soft,vers=4.2 192.168.1.41:/mnt/data/fileserver /mnt/truenasfileserver -v diff --git a/fileserver/root/rsync-backup-fileserver.sh b/fileserver/root/rsync-backup-fileserver.sh new file mode 100755 index 0000000..1fbf6d3 --- /dev/null +++ b/fileserver/root/rsync-backup-fileserver.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +if ping -c 1 192.168.1.41 &> /dev/null + then + rsync -azvP -e "ssh -i ~/.ssh/truenas" --progress \ + --include=/ \ + --include=/home/*** \ + --include=/etc \ + --include=/etc/fstab \ + --include=/etc/default/*** \ + --include=/etc/dnsmasq.d/*** \ + --include=/etc/forgejo/*** \ + --include=/etc/nginx/*** \ + --include=/etc/wireguard/*** \ + --include=/srv/*** \ + --include=/var \ + --include=/var/lib \ + --include=/var/lib/forgejo/*** \ + --exclude=* \ + / akanealw@192.168.1.41:/mnt/data/backups/fileserverbackup/$(/bin/date +%Y-%m-%d-%I-%M-%S-%p) + curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/OtvHGEeMxL?status=up&msg=OK&ping= + else + echo "TrueNAS is offline" && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/OtvHGEeMxL?status=down&msg=OK&ping= +fi diff --git a/git/configure-git.sh b/git/configure-git.sh new file mode 100755 index 0000000..dbe58ea --- /dev/null +++ b/git/configure-git.sh @@ -0,0 +1,4 @@ +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main diff --git a/joinad.sh b/joinad.sh new file mode 100755 index 0000000..7d53ded --- /dev/null +++ b/joinad.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +apt update +apt -y install realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit +#Say no to WINS via DNS + +realm discover ad.akanealw.com + +realm join -U nwettstein ad.akanealw.com + +realm list + +bash -c "cat > /usr/share/pam-configs/mkhomedir" <> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update bookworm to new debian.sources file +if [[ -f /etc/apt/sources.list ]] ; then + isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") + if [ $isInFile -eq 0 ]; then + mkdir /etc/apt/mirrors > /dev/null 2>&1 + echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list + echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources + echo "" >> /etc/apt/sources.list.d/debian.sources + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main" >> /etc/apt/sources.list.d/debian.sources + mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 + rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 + fi +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# add akanealw user if not existing +isInFile=$(cat /etc/passwd | grep -c "akanealw") +if [ $isInFile -eq 0 ]; then + echo "Set password for akanealw" + useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw + mkdir /home/akanealw/.ssh + chown akanealw:akanealw /home/akanealw/.ssh + chmod 700 /home/akanealw/.ssh + cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 + chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 + chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 +fi + +# create akanealw file in /etc/sudoers.d +if [[ ! -f /etc/sudoers.d/akanealw ]] ; then + echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw +fi + +# enable ping for all users +setcap 'cap_net_admin,cap_net_raw+ep' $(which ping) + +# remove all motd +rm /etc/motd > /dev/null 2>&1 + +# disable systemd-networkd-wait-online.service +systemctl disable systemd-networkd-wait-online.service + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# show ip in /etc/issue +name=$(basename /sys/class/net/e*) +isInFile=$(cat /etc/issue | grep -c "$name") +if [ $isInFile -eq 0 ]; then +cp /etc/issue /etc/issue.bak +echo "$name: \4{$name}" >> /etc/issue +echo "" >> /etc/issue +fi + +# set input preferences +if [[ ! -f /etc/inputrc.bak ]] ; then + cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 +fi +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.bak /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +if [[ -f /etc/bash.bashrc.default ]] ; then + mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/bash.bashrc.bak ]] ; then + cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.bak /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc +echo "alias dc='docker compose'" >> /etc/bash.bashrc +echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc +echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc +echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc +echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc +echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc +echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc +echo "alias dps='docker ps'" >> /etc/bash.bashrc +echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# create credentials and map network drives +isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") +if [ $isInFile -eq 0 ]; then + mkdir /mnt/truenasdata > /dev/null 2>&1 + chown akanealw:akanealw /mnt/truenasdata + echo "# nfs shares" >> /etc/fstab + echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab +fi + +# ask to install samba +if [[ ! -f /etc/samba/smb.conf ]] ; then + read -r -p "Install Samba? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then + apt-get install -y samba --no-install-recommends + # configure default samba share + (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw + sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf + isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]") + if [ $isInFile -eq 0 ]; then + echo "[akanealw]" >> /etc/samba/smb.conf + echo " comment = akanealw" >> /etc/samba/smb.conf + echo " read only = no" >> /etc/samba/smb.conf + echo " path = /home/akanealw" >> /etc/samba/smb.conf + echo " guest ok = no" >> /etc/samba/smb.conf + echo "" >> /etc/samba/smb.conf + fi + fi +fi + +# ask to install docker +if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then + read -r -p "Install Docker? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + # prepare for install + apt-get update + apt-get install -y ca-certificates curl gnupg lsb-release + mkdir -p /home/akanealw/docker/appdata + chown -R akanealw:akanealw /home/akanealw/docker + mkdir -m 0755 -p /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + # install docker + apt-get update + apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + # post install + groupadd docker > /dev/null 2>&1 + usermod -aG docker akanealw + systemctl enable docker.service + systemctl enable containerd.service + fi +fi + +# ask to regenerate machine-id +if [[ ! -f /etc/machine-id-regenerated ]] ; then + read -r -p "Regenerate machine-id? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + # regenerate machine-id + rm -f /etc/machine-id /var/lib/dbus/machine-id + dbus-uuidgen --ensure=/etc/machine-id + dbus-uuidgen --ensure + touch /etc/machine-id-regenerated + fi +fi + +# ask to regenerate ssh host keys +if [[ ! -d /etc/cloud ]] ; then + if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then + read -r -p "Regenerate SSH Keys? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then + rm /etc/ssh/ssh_host_* + dpkg-reconfigure openssh-server + mkdir /home/akanealw/.ssh + touch /home/akanealw/.ssh/ssh_keys_regenerated + chmod 700 /home/akanealw/.ssh + chown -R akanealw:akanealw /home/akanealw/.ssh + fi + fi +fi + +# ask to set static ip address +if [[ ! -d /etc/cloud ]] ; then + if [[ ! -f /etc/network/interfaces.bak ]] ; then + read -r -p "Set Static IP address? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then + read -r -p "Enter Static IP Address with subnet prefix: " staticip + read -r -p "Enter Gateway IP Address: " gatewayip + read -r -p "Enter Primary DNS IP Address: " dnsip1 + read -r -p "Enter Secondary DNS IP Address: " dnsip2 + # get adapter name + name=$(basename /sys/class/net/e*) + # backup original interfaces file + if [[ ! -f /etc/network/interfaces.bak ]] ; then + cp /etc/network/interfaces /etc/network/interfaces.bak + fi + rm /etc/network/interfaces + cp /etc/network/interfaces.bak /etc/network/interfaces + # set static ip + sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces + echo " address $staticip" >> /etc/network/interfaces + echo " gateway $gatewayip" >> /etc/network/interfaces + # backup resolv.conf file + if [[ ! -f /etc/resolv.conf.bak ]] ; then + cp /etc/resolv.conf /etc/resolv.conf.bak + fi + rm /etc/resolv.conf + # set primary dns ip + echo "nameserver $dnsip1" >> /etc/resolv.conf + echo "nameserver $dnsip2" >> /etc/resolv.conf + # restart the interface + ifdown $name + ifup $name + fi + fi +fi diff --git a/plexserver/root/clean-plex-photo-cache.sh b/plexserver/root/clean-plex-photo-cache.sh new file mode 100755 index 0000000..ef05e1f --- /dev/null +++ b/plexserver/root/clean-plex-photo-cache.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.jpg" -type f -mtime +5 -delete +find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.ppm" -type f -mtime +5 -delete +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vOOCgMo8GW?status=up&msg=OK&ping= diff --git a/plexserver/root/crontab.bak b/plexserver/root/crontab.bak new file mode 100644 index 0000000..e6e9bd3 --- /dev/null +++ b/plexserver/root/crontab.bak @@ -0,0 +1,24 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +#0 15 * * * /root/scripts/clean-plex-photo-cache.sh diff --git a/proxmox/all-cloud-images-download-import.sh b/proxmox/all-cloud-images-download-import.sh new file mode 100755 index 0000000..5377038 --- /dev/null +++ b/proxmox/all-cloud-images-download-import.sh @@ -0,0 +1,90 @@ +#!/bin/bash + +# remove old images +rm *.raw > /dev/null 2>&1 +rm *.qcow2 > /dev/null 2>&1 +rm *.tar.xz > /dev/null 2>&1 + +# debian 11 bullseye cloud +wget -qO debian-11-genericcloud-amd64-daily.tar.xz https://cloud.debian.org/images/cloud/bullseye/daily/latest/debian-11-genericcloud-amd64-daily.tar.xz +tar --transform='s/disk/debian-11-genericcloud-amd64-daily/g' -xvf debian-11-genericcloud-amd64-daily.tar.xz +#rm debian-11-genericcloud-amd64-daily.tar.xz +#mv disk.raw debian-11-genericcloud-amd64-daily.raw +/usr/sbin/qm set 301 --delete scsi0 +sleep 2 +/usr/sbin/qm set 301 --delete unused0 +sleep 2 +/usr/sbin/qm set 301 --scsi0 local-zfs:0,import-from=/root/scripts/debian-11-genericcloud-amd64-daily.raw,discard=on,ssd=1 +sleep 2 +/usr/sbin/qm set 301 --boot order=scsi0 +sleep 2 +/usr/sbin/qm cloudinit update 301 +sleep 2 + +# debian 12 bookworm cloud +wget -qO debian-12-genericcloud-amd64-daily.tar.xz https://cloud.debian.org/images/cloud/bookworm/daily/latest/debian-12-generic-amd64-daily.tar.xz +tar --transform='s/disk/debian-12-genericcloud-amd64-daily/g' -xvf debian-12-genericcloud-amd64-daily.tar.xz +#rm debian-11-genericcloud-amd64-daily.tar.xz +#mv disk.raw debian-11-genericcloud-amd64-daily.raw +/usr/sbin/qm set 302 --delete scsi0 +sleep 2 +/usr/sbin/qm set 302 --delete unused0 +sleep 2 +/usr/sbin/qm set 302 --scsi0 local-zfs:0,import-from=/root/scripts/debian-12-genericcloud-amd64-daily.raw,discard=on,ssd=1 +sleep 2 +/usr/sbin/qm set 302 --boot order=scsi0 +sleep 2 +/usr/sbin/qm cloudinit update 302 +sleep 2 + +# ubuntu focal 20.04 +wget -qO focal-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img +/usr/sbin/qm set 310 --delete scsi0 +sleep 2 +/usr/sbin/qm set 310 --delete unused0 +sleep 2 +/usr/sbin/qm set 310 --scsi0 local-zfs:0,import-from=/root/scripts/focal-server-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 2 +/usr/sbin/qm set 310 --boot order=scsi0 +sleep 2 +/usr/sbin/qm cloudinit update 310 +sleep 2 + +# ubuntu jammy 22.04 +wget -qO jammy-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img +/usr/sbin/qm set 311 --delete scsi0 +sleep 2 +/usr/sbin/qm set 311 --delete unused0 +sleep 2 +/usr/sbin/qm set 311 --scsi0 local-zfs:0,import-from=/root/scripts/jammy-server-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 2 +/usr/sbin/qm set 311 --boot order=scsi0 +sleep 2 +/usr/sbin/qm cloudinit update 311 +sleep 2 + +# ubuntu focal 20.04 minimal +wget -qO ubuntu-20.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/focal/release/ubuntu-20.04-minimal-cloudimg-amd64.img +/usr/sbin/qm set 312 --delete scsi0 +sleep 2 +/usr/sbin/qm set 312 --delete unused0 +sleep 2 +/usr/sbin/qm set 312 --scsi0 local-zfs:0,import-from=/root/scripts/ubuntu-20.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 2 +/usr/sbin/qm set 312 --boot order=scsi0 +sleep 2 +/usr/sbin/qm cloudinit update 312 +sleep 2 + +# ubuntu jammy 22.04 minimal +wget -qO ubuntu-22.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/jammy/release/ubuntu-22.04-minimal-cloudimg-amd64.img +/usr/sbin/qm set 313 --delete scsi0 +sleep 2 +/usr/sbin/qm set 313 --delete unused0 +sleep 2 +/usr/sbin/qm set 313 --scsi0 local-zfs:0,import-from=/root/scripts/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 2 +/usr/sbin/qm set 313 --boot order=scsi0 +sleep 2 +/usr/sbin/qm cloudinit update 313 +sleep 2 diff --git a/proxmox/download-proxmox-essentials.sh b/proxmox/download-proxmox-essentials.sh new file mode 100644 index 0000000..25e1cc6 --- /dev/null +++ b/proxmox/download-proxmox-essentials.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +# remove older scripts +rm /root/proxmox-* > /dev/null 2>&1 +rm /root/scripts/proxmox-* > /dev/null 2>&1 + +# check for pbs directory +if [[ -d /etc/proxmox-backup ]] ; then + wget -qO /root/scripts/proxmox-pbs-essentials.sh https://aknlw.com/proxmox-pbs-essentials + wget -qO /root/scripts/proxmox-post-pbs-install.sh https://aknlw.com/proxmox-post-pbs-install + wget -qO /root/scripts/proxmox-kernel-clean.sh https://aknlw.com/proxmox-kernel-clean + chmod +x /root/scripts/proxmox-*.sh +fi + +# check for pve directory +if [[ -d /etc/pve ]] ; then + wget -qO /root/scripts/proxmox-pve-essentials.sh https://aknlw.com/proxmox-pve-essentials + wget -qO /root/scripts/proxmox-post-pve-install.sh https://aknlw.com/proxmox-post-pve-install + wget -qO /root/scripts/proxmox-kernel-clean.sh https://aknlw.com/proxmox-kernel-clean + chmod +x /root/scripts/proxmox-*.sh +fi diff --git a/proxmox/proxmox-pbs-essentials.sh b/proxmox/proxmox-pbs-essentials.sh new file mode 100755 index 0000000..6618006 --- /dev/null +++ b/proxmox/proxmox-pbs-essentials.sh @@ -0,0 +1,97 @@ +#!/bin/bash + +# autoreply config update dialog with no +if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y sudo pwgen curl wget zip unzip git man-db cifs-utils nfs-common ntfs-3g parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# set input preferences +if [[ ! -f /etc/inputrc.bak ]] ; then + cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 +fi +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.bak /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +if [[ -f /etc/bash.bashrc.default ]] ; then + mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/bash.bashrc.bak ]] ; then + cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.bak /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='systemctl start'" >> /etc/bash.bashrc +echo "alias systop='ssystemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='apt search'" >> /etc/bash.bashrc +echo "alias aptl='apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='apt show'" >> /etc/bash.bashrc +echo "alias aptac='apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# configure email for sending notifications +isInFile=$(cat /etc/postfix/main.cf | grep -c "gmail") +if [ $isInFile -eq 0 ] + then + DEBIAN_FRONTEND=noninteractive apt install -y libsasl2-modules mailutils postfix postfix-pcre + echo "smtp.gmail.com notify.akanealw@gmail.com:leawkqqpthbwacrf" > /etc/postfix/sasl_passwd + echo "/^From:.*/ REPLACE From: $(hostname) " > /etc/postfix/smtp_header_checks + chmod 600 /etc/postfix/sasl_passwd + postmap hash:/etc/postfix/sasl_passwd + postmap hash:/etc/postfix/smtp_header_checks + sed -i 's@relayhost =@#relayhost = @g' /etc/postfix/main.cf + sed -i 's@smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@g' /etc/postfix/main.cf + echo "" >> /etc/postfix/main.cf + echo "# google mail configuration" >> /etc/postfix/main.cf + echo "relayhost = smtp.gmail.com:587" >> /etc/postfix/main.cf + echo "smtp_use_tls = yes" >> /etc/postfix/main.cf + echo "smtp_sasl_auth_enable = yes" >> /etc/postfix/main.cf + echo "smtp_sasl_security_options =" >> /etc/postfix/main.cf + echo "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" >> /etc/postfix/main.cf + echo "smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem" >> /etc/postfix/main.cf + echo "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" >> /etc/postfix/main.cf + echo "smtp_tls_session_cache_timeout = 3600s" >> /etc/postfix/main.cf + echo "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks" >> /etc/postfix/main.cf + echo "" >> /etc/postfix/main.cf + postfix reload + echo "This is a test message sent from postfix on $(hostname)" | mail -s "Test Email from $(hostname)" akanealw@gmail.com + else + echo "Email already configured." +fi diff --git a/proxmox/proxmox-pve-essentials.sh b/proxmox/proxmox-pve-essentials.sh new file mode 100644 index 0000000..778e2fc --- /dev/null +++ b/proxmox/proxmox-pve-essentials.sh @@ -0,0 +1,103 @@ +#!/bin/bash + +# autoreply config update dialog with no +if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y sudo pwgen curl wget zip unzip git man-db cifs-utils nfs-common ntfs-3g parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# update templates +pveam update + +# remove all motd +rm /etc/motd > /dev/null 2>&1 + +# set input preferences +if [[ ! -f /etc/inputrc.bak ]] ; then + cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 +fi +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.bak /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +if [[ -f /etc/bash.bashrc.default ]] ; then + mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/bash.bashrc.bak ]] ; then + cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.bak /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# configure email for sending notifications +isInFile=$(cat /etc/postfix/main.cf | grep -c "gmail") +if [ $isInFile -eq 0 ] + then + DEBIAN_FRONTEND=noninteractive apt install -y libsasl2-modules mailutils postfix postfix-pcre + echo "smtp.gmail.com notify.akanealw@gmail.com:leawkqqpthbwacrf" > /etc/postfix/sasl_passwd + echo "/^From:.*/ REPLACE From: $(hostname) " > /etc/postfix/smtp_header_checks + chmod 600 /etc/postfix/sasl_passwd + postmap hash:/etc/postfix/sasl_passwd + postmap hash:/etc/postfix/smtp_header_checks + sed -i 's@relayhost =@#relayhost = @g' /etc/postfix/main.cf + sed -i 's@smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@g' /etc/postfix/main.cf + echo "" >> /etc/postfix/main.cf + echo "# google mail configuration" >> /etc/postfix/main.cf + echo "relayhost = smtp.gmail.com:587" >> /etc/postfix/main.cf + echo "smtp_use_tls = yes" >> /etc/postfix/main.cf + echo "smtp_sasl_auth_enable = yes" >> /etc/postfix/main.cf + echo "smtp_sasl_security_options =" >> /etc/postfix/main.cf + echo "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" >> /etc/postfix/main.cf + echo "smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem" >> /etc/postfix/main.cf + echo "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" >> /etc/postfix/main.cf + echo "smtp_tls_session_cache_timeout = 3600s" >> /etc/postfix/main.cf + echo "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks" >> /etc/postfix/main.cf + echo "" >> /etc/postfix/main.cf + postfix reload + echo "This is a test message sent from postfix on $(hostname)" | mail -s "Test Email from $(hostname)" akanealw@gmail.com + else + echo "Email already configured." +fi diff --git a/proxmox/rawimport.txt b/proxmox/rawimport.txt new file mode 100755 index 0000000..d2a4736 --- /dev/null +++ b/proxmox/rawimport.txt @@ -0,0 +1 @@ +qm importdisk VM# IMAGENAME.raw vdisks \ No newline at end of file diff --git a/proxmox/remove-nag.sh b/proxmox/remove-nag.sh new file mode 100755 index 0000000..67bca12 --- /dev/null +++ b/proxmox/remove-nag.sh @@ -0,0 +1,19 @@ +PVE=/usr/share/pve-manager/js/pvemanagerlib.js +LIB=/usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js +PBS=/usr/share/javascript/proxmox-backup/js/proxmox-backup-gui.js + +if [ -f $PVE ]; then +# hide pve gui help/documentation button +sed -i.bak "s/hidden: false/hidden: true/g" $PVE +# fix proxmox widget toolkit lib +sed -i.bak -z "s/res === null || res === undefined || \!res || res\n\t\t\t.data.status.toLowerCase() \!== 'active'/false/g" $LIB +systemctl restart pveproxy +fi + +if [ -f $PBS ]; then +# fix proxmox widget toolkit lib +sed -i.bak -z "s/res === null || res === undefined || \!res || res\n\t\t\t.data.status.toLowerCase() \!== 'active'/false/g" $LIB +# fix pbs gui +sed -i.bak "s/let subStatus = status.toLowerCase() === 'active' ? 2 : 0/let subStatus = status.toLowerCase() === 'active' ? 2 : 2/" $PBS +systemctl restart proxmox-backup-proxy +fi diff --git a/proxmox/vhdxconvert.txt b/proxmox/vhdxconvert.txt new file mode 100755 index 0000000..275ac6e --- /dev/null +++ b/proxmox/vhdxconvert.txt @@ -0,0 +1 @@ +qemu-img convert -p -f vhdx /mnt/ntfsro/VirtualMachines/Backups/HPV-02-.vhdx -O raw /rpool/data/rawimports/.raw \ No newline at end of file diff --git a/proxmox1/akanealw/crontab.bak b/proxmox1/akanealw/crontab.bak new file mode 100644 index 0000000..e69de29 diff --git a/proxmox1/root/crontab.bak b/proxmox1/root/crontab.bak new file mode 100644 index 0000000..fbb5682 --- /dev/null +++ b/proxmox1/root/crontab.bak @@ -0,0 +1,25 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +@reboot /root/scripts/ping-before-starting-cts-vms.sh +30 12 * * * /root/scripts/rsync-import-debian-ubuntu-cloud-images.sh diff --git a/proxmox1/root/download-debian-ubuntu-cloud-images.sh b/proxmox1/root/download-debian-ubuntu-cloud-images.sh new file mode 100644 index 0000000..2e6039b --- /dev/null +++ b/proxmox1/root/download-debian-ubuntu-cloud-images.sh @@ -0,0 +1,47 @@ +#!/bin/bash + +cd /root/cloud-images + +# remove old images +rm * > /dev/null 2>&1 + +# debian 12 bookworm cloud +wget -q https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-amd64.tar.xz +tar -xvf debian-12-genericcloud-amd64.tar.xz +mv disk.raw debian-12-generic-amd64.raw +/usr/sbin/qm set 303 --delete scsi0 +sleep 3 +/usr/sbin/qm set 303 --delete unused0 +sleep 3 +/usr/sbin/qm set 303 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-12-generic-amd64.raw,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 303 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 303 +sleep 3 + +# ubuntu jammy 22.04 +wget -q -O ubuntu-22.04-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img +/usr/sbin/qm set 314 --delete scsi0 +sleep 3 +/usr/sbin/qm set 314 --delete unused0 +sleep 3 +/usr/sbin/qm set 314 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 314 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 314 +sleep 3 + +# ubuntu jammy 22.04 minimal +wget -q -O ubuntu-22.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/jammy/release/ubuntu-22.04-minimal-cloudimg-amd64.img +/usr/sbin/qm set 315 --delete scsi0 +sleep 3 +/usr/sbin/qm set 315 --delete unused0 +sleep 3 +/usr/sbin/qm set 315 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 315 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 315 +sleep 3 diff --git a/proxmox1/root/ping-before-start.sh b/proxmox1/root/ping-before-start.sh new file mode 100644 index 0000000..e515b1e --- /dev/null +++ b/proxmox1/root/ping-before-start.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done +sleep 45 +mount -t nfs 192.168.1.41:/mnt/data/media /mnt/truenasmedia +sleep 15 +/usr/sbin/pct start 100 +sleep 15 +/usr/sbin/pct start 102 +sleep 15 +/usr/sbin/pct start 107 +sleep 15 +/usr/sbin/qm start 200 diff --git a/proxmox1/root/ping-before-starting-cts-vms.sh b/proxmox1/root/ping-before-starting-cts-vms.sh new file mode 100755 index 0000000..5f0f6b7 --- /dev/null +++ b/proxmox1/root/ping-before-starting-cts-vms.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done +sleep 45 +mount -t nfs 192.168.1.41:/mnt/data/media /mnt/truenasmedia +sleep 15 +/usr/sbin/pct start 102 +sleep 15 +/usr/sbin/pct start 107 +sleep 15 +/usr/sbin/qm start 200 diff --git a/proxmox1/root/proxmox-kernel-clean.sh b/proxmox1/root/proxmox-kernel-clean.sh new file mode 100755 index 0000000..81bc0e6 --- /dev/null +++ b/proxmox1/root/proxmox-kernel-clean.sh @@ -0,0 +1,140 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2023 tteck +# Author: tteck (tteckster) +# License: MIT +# https://github.com/tteck/Proxmox/raw/main/LICENSE + +function header_info { + cat <<"EOF" + __ __ __ ________ + / //_/__ _________ ___ / / / ____/ /__ ____ _____ + / ,< / _ \/ ___/ __ \/ _ \/ / / / / / _ \/ __ `/ __ \ + / /| / __/ / / / / / __/ / / /___/ / __/ /_/ / / / / +/_/ |_\___/_/ /_/ /_/\___/_/ \____/_/\___/\__,_/_/ /_/ + +EOF +} +set -euo pipefail +shopt -s inherit_errexit nullglob +YW=$(echo "\033[33m") +BL=$(echo "\033[36m") +RD=$(echo "\033[01;31m") +BGN=$(echo "\033[4;92m") +GN=$(echo "\033[1;92m") +DGN=$(echo "\033[32m") +CL=$(echo "\033[m") +BFR="\\r\\033[K" +HOLD="-" +CM="${GN}✓${CL}" +CROSS="${RD}✗${CL}" +PARTY="🎉" +current_kernel=$(uname -r) +clear +header_info +while true; do + read -p "This will Clean Unused Kernel Images, USE AT YOUR OWN RISK. Proceed(y/n)?" yn + case $yn in + [Yy]*) break ;; + [Nn]*) exit ;; + *) echo -e "${RD}Please answer y/n${CL}" ;; + esac +done +clear +function msg_info() { + local msg="$1" + echo -ne " ${HOLD} ${YW}${msg}..." +} + +function msg_ok() { + local msg="$1" + echo -e "${BFR} ${CM} ${GN}${msg}${CL}" +} + +function check_root() { + if [[ $EUID -ne 0 ]]; then + echo -e "${CROSS}${RD}Error: This script must be ran as the root user.\n${CL}" + exit 1 + else + header_info + other_kernel + kernel_info + kernel_clean + fi +} + + VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)" +function other_kernel() { + if [[ "${VERSION}" == "bullseye" ]]; then + if [[ "$current_kernel" == *"edge"* ]]; then + echo -e "\n${CROSS} ${RD}ERROR:${CL} Proxmox ${BL}${current_kernel}${CL} Kernel Active" + echo -e "\nAn Active PVE Kernel is required to use Kernel Clean\n" + exit 1 + fi + if [[ "$current_kernel" == *"6.1"* || "$current_kernel" == *"6.2"* ]]; then + echo -e "\n${CROSS} ${RD}ERROR:${CL} Proxmox ${BL}${current_kernel}${CL} Kernel Active" + echo -e "\nThe script cannot be used when running opt-in kernels. \nProxmox VE's package management relies directly on the current default kernel, which is 5.15. \nTherefore, it is not possible to utilize this script. In this case, you should use autoremove instead. \n`apt-get autoremove`\n" + exit 1 + fi + fi +} + +function kernel_info() { + if [[ "$MODE" != "PBS" ]]; then + echo -e "${YW}PVE Version: ${BL}$(pveversion)\n${CL}" + fi + if [[ "$current_kernel" == *"pve"* ]]; then + echo -e "${YW}Current Kernel: ${BL}$current_kernel\n${CL}" + else + echo -e "\n${CROSS} ${RD}ERROR: No PVE Kernel Found\n${CL}" + exit 1 + fi +} + +function kernel_clean() { + kernels=$(dpkg --list | grep 'kernel-.*-pve' | awk '{print $2}' | sort -V) + remove_kernels="" + for kernel in $kernels; do + if [ "$(echo $kernel | grep $current_kernel)" ]; then + break + else + echo -e "${BL}'$kernel' ${CL}${YW}has been added to the remove Kernel list\n${CL}" + remove_kernels+=" $kernel" + fi + done + msg_ok "Kernel Search Completed\n" + if [[ "$remove_kernels" != *"pve"* ]]; then + echo -e "${PARTY} ${GN}It appears there are no old Kernels on your system. \n${CL}" + msg_info "Exiting" + sleep 2 + msg_ok "Done" + else + read -p "Would you like to remove the $(echo $remove_kernels | awk '{print NF}') selected Kernels listed above? [y/n]: " -n 1 -r + echo + if [[ $REPLY =~ ^[Yy]$ ]]; then + msg_info "Removing ${CL}${RD}$(echo $remove_kernels | awk '{print NF}') ${CL}${YW}old Kernels${CL}" + /usr/bin/apt purge -y $remove_kernels >/dev/null 2>&1 + msg_ok "Successfully Removed Kernels" + msg_info "Updating GRUB" + /usr/sbin/update-grub >/dev/null 2>&1 + msg_ok "Successfully Updated GRUB" + msg_info "Exiting" + sleep 2 + msg_ok "Done" + else + msg_info "Exiting" + sleep 2 + msg_ok "Done" + fi + fi +} + +if ! command -v pveversion >/dev/null 2>&1; then + echo -e " Switching to PBS mode" + MODE="PBS" + sleep 2 +else + MODE="PVE" +fi + +check_root diff --git a/proxmox1/root/proxmox-post-pve-install.sh b/proxmox1/root/proxmox-post-pve-install.sh new file mode 100755 index 0000000..7b1fcf7 --- /dev/null +++ b/proxmox1/root/proxmox-post-pve-install.sh @@ -0,0 +1,243 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2023 tteck +# Author: tteck (tteckster) +# License: MIT +# https://github.com/tteck/Proxmox/raw/main/LICENSE + +header_info() { + clear + cat <<"EOF" + ____ _ ________ ____ __ ____ __ ____ + / __ \ | / / ____/ / __ \____ _____/ /_ / _/___ _____/ /_____ _/ / / + / /_/ / | / / __/ / /_/ / __ \/ ___/ __/ / // __ \/ ___/ __/ __ `/ / / + / ____/| |/ / /___ / ____/ /_/ (__ ) /_ _/ // / / (__ ) /_/ /_/ / / / +/_/ |___/_____/ /_/ \____/____/\__/ /___/_/ /_/____/\__/\__,_/_/_/ + +EOF +} + +RD=$(echo "\033[01;31m") +YW=$(echo "\033[33m") +GN=$(echo "\033[1;92m") +CL=$(echo "\033[m") +BFR="\\r\\033[K" +HOLD="-" +CM="${GN}✓${CL}" +CROSS="${RD}✗${CL}" + +set -euo pipefail +shopt -s inherit_errexit nullglob + +msg_info() { + local msg="$1" + echo -ne " ${HOLD} ${YW}${msg}..." +} + +msg_ok() { + local msg="$1" + echo -e "${BFR} ${CM} ${GN}${msg}${CL}" +} + +msg_error() { + local msg="$1" + echo -e "${BFR} ${CROSS} ${RD}${msg}${CL}" +} + +start_routines() { + header_info + VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)" + if lscpu | grep -qP 'Vendor ID:.*GenuineIntel' && lscpu | grep -qP 'Model name:.*N' && [[ "$VERSION" == "bullseye" ]]; then + whiptail --msgbox --title "N-SERIES PROCESSOR DETECTED" "To ensure compatibility with Proxmox VE on systems equipped with N-series processors, it is recommended to install Proxmox Virtual Environment 8" 10 58 + fi + + CHOICE=$(whiptail --title "SOURCES" --menu "The package manager will use the correct sources to update and install packages on your Proxmox VE server.\n \nCorrect Proxmox VE sources?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Correcting Proxmox VE Sources" + cat </etc/apt/sources.list +deb http://ftp.debian.org/debian ${VERSION} main contrib +deb http://ftp.debian.org/debian ${VERSION}-updates main contrib +deb http://security.debian.org/debian-security ${VERSION}-security main contrib +EOF + msg_ok "Corrected Proxmox VE Sources" + ;; + no) + msg_error "Selected no to Correcting Proxmox VE Sources" + ;; + esac + + CHOICE=$(whiptail --title "PVE-ENTERPRISE" --menu "The 'pve-enterprise' repository is only available to users who have purchased a Proxmox VE subscription.\n \nDisable 'pve-enterprise' repository?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Disabling 'pve-enterprise' repository" + cat </etc/apt/sources.list.d/pve-enterprise.list +# deb https://enterprise.proxmox.com/debian/pve ${VERSION} pve-enterprise +EOF + msg_ok "Disabled 'pve-enterprise' repository" + ;; + no) + msg_error "Selected no to Disabling 'pve-enterprise' repository" + ;; + esac + + CHOICE=$(whiptail --title "PVE-NO-SUBSCRIPTION" --menu "The 'pve-no-subscription' repository provides access to all of the open-source components of Proxmox VE.\n \nEnable 'pve-no-subscription' repository?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Enabling 'pve-no-subscription' repository" + cat </etc/apt/sources.list.d/pve-install-repo.list +deb http://download.proxmox.com/debian/pve ${VERSION} pve-no-subscription +EOF + msg_ok "Enabled 'pve-no-subscription' repository" + ;; + no) + msg_error "Selected no to Enabling 'pve-no-subscription' repository" + ;; + esac + + if [[ "${VERSION}" == "bookworm" ]]; then + CHOICE=$(whiptail --title "CEPH PACKAGE REPOSITORIES" --menu "The 'Ceph Package Repositories' provides access to both the 'no-subscription' and 'enterprise' repositories.\n \nEnable 'ceph package repositories?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Enabling 'ceph package repositories'" + cat </etc/apt/sources.list.d/ceph.list +# deb http://download.proxmox.com/debian/ceph-quincy bookworm enterprise +deb http://download.proxmox.com/debian/ceph-quincy bookworm no-subscription +EOF + msg_ok "Enabled 'ceph package repositories'" + ;; + no) + msg_error "Selected no to Enabling 'ceph package repositories'" + ;; + esac + fi + + CHOICE=$(whiptail --title "PVETEST" --menu "The 'pvetest' repository can give advanced users access to new features and updates before they are officially released.\n \nAdd (Disabled) 'pvetest' repository?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Adding 'pvetest' repository and set disabled" + cat </etc/apt/sources.list.d/pvetest-for-beta.list +# deb http://download.proxmox.com/debian/pve ${VERSION} pvetest +EOF + msg_ok "Added 'pvetest' repository" + ;; + no) + msg_error "Selected no to Adding 'pvetest' repository" + ;; + esac + + if [[ ! -f /etc/apt/apt.conf.d/no-nag-script ]]; then + CHOICE=$(whiptail --title "SUBSCRIPTION NAG" --menu "This will disable the nag message reminding you to purchase a subscription every time you log in to the web interface.\n \nDisable subscription nag?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + whiptail --msgbox --title "Support Subscriptions" "Supporting the software's development team is essential. Check their official website's Support Subscriptions for pricing. Without their dedicated work, we wouldn't have this exceptional software." 10 58 + msg_info "Disabling subscription nag" + echo "DPkg::Post-Invoke { \"dpkg -V proxmox-widget-toolkit | grep -q '/proxmoxlib\.js$'; if [ \$? -eq 1 ]; then { echo 'Removing subscription nag from UI...'; sed -i '/data\.status.*{/{s/\!//;s/active/NoMoreNagging/}' /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js; }; fi\"; };" >/etc/apt/apt.conf.d/no-nag-script + apt --reinstall install proxmox-widget-toolkit &>/dev/null + msg_ok "Disabled subscription nag (Delete browser cache)" + ;; + no) + whiptail --msgbox --title "Support Subscriptions" "Supporting the software's development team is essential. Check their official website's Support Subscriptions for pricing. Without their dedicated work, we wouldn't have this exceptional software." 10 58 + msg_error "Selected no to Disabling subscription nag" + ;; + esac + fi + + if ! systemctl is-active --quiet pve-ha-lrm; then + CHOICE=$(whiptail --title "HIGH AVAILABILITY" --menu "Enable high availability?" 10 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Enabling high availability" + systemctl enable -q --now pve-ha-lrm + systemctl enable -q --now pve-ha-crm + systemctl enable -q --now corosync + msg_ok "Enabled high availability" + ;; + no) + msg_error "Selected no to Enabling high availability" + ;; + esac + fi + + if systemctl is-active --quiet pve-ha-lrm; then + CHOICE=$(whiptail --title "HIGH AVAILABILITY" --menu "If you plan to utilize a single node instead of a clustered environment, you can disable unnecessary high availability (HA) services, thus reclaiming system resources.\n\nIf HA becomes necessary at a later stage, the services can be re-enabled.\n\nDisable high availability?" 18 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Disabling high availability" + systemctl disable -q --now pve-ha-lrm + systemctl disable -q --now pve-ha-crm + systemctl disable -q --now corosync + msg_ok "Disabled high availability" + ;; + no) + msg_error "Selected no to Disabling high availability" + ;; + esac + fi + + CHOICE=$(whiptail --title "UPDATE" --menu "\nUpdate Proxmox VE now?" 11 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Updating Proxmox VE (Patience)" + apt-get update &>/dev/null + apt-get -y dist-upgrade &>/dev/null + msg_ok "Updated Proxmox VE" + ;; + no) + msg_error "Selected no to Updating Proxmox VE" + ;; + esac + + CHOICE=$(whiptail --title "REBOOT" --menu "\nReboot Proxmox VE now? (recommended)" 11 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Rebooting Proxmox VE" + sleep 2 + msg_ok "Completed Post Install Routines" + reboot + ;; + no) + msg_error "Selected no to Rebooting Proxmox VE (Reboot recommended)" + msg_ok "Completed Post Install Routines" + ;; + esac +} + +header_info +echo -e "\nThis script will Perform Post Install Routines.\n" +while true; do + read -p "Start the Proxmox VE Post Install Script (y/n)?" yn + case $yn in + [Yy]*) break ;; + [Nn]*) clear; exit ;; + *) echo "Please answer yes or no." ;; + esac +done + +if ! command -v pveversion >/dev/null 2>&1; then + header_info + msg_error "\n No PVE Detected!\n" + exit +fi + +start_routines diff --git a/proxmox1/root/proxmox-pve-essentials.sh b/proxmox1/root/proxmox-pve-essentials.sh new file mode 100755 index 0000000..1499032 --- /dev/null +++ b/proxmox1/root/proxmox-pve-essentials.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +# autoreply config update dialog with no +if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y sudo curl wget zip unzip git man-db cifs-utils nfs-common ntfs-3g parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# update templates +pveam update + +# remove all motd +rm /etc/motd > /dev/null 2>&1 + +# set input preferences +if [[ ! -f /etc/inputrc.bak ]] ; then + cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 +fi +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.bak /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +if [[ -f /etc/bash.bashrc.default ]] ; then + mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/bash.bashrc.bak ]] ; then + cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.bak /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main diff --git a/proxmox1/root/rsync-import-debian-ubuntu-cloud-images.sh b/proxmox1/root/rsync-import-debian-ubuntu-cloud-images.sh new file mode 100755 index 0000000..bb91168 --- /dev/null +++ b/proxmox1/root/rsync-import-debian-ubuntu-cloud-images.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +cd /root/cloud-images + +# remove old images +rm * > /dev/null 2>&1 + +rsync -avz root@proxmox2:/root/cloud-images/*.tar.xz /root/cloud-images/ +rsync -avz root@proxmox2:/root/cloud-images/*.qcow2 /root/cloud-images/ + + +# debian 12 bookworm cloud +tar -xvf debian-12-genericcloud-amd64.tar.xz +mv disk.raw debian-12-generic-amd64.raw +/usr/sbin/qm set 303 --delete scsi0 +sleep 3 +/usr/sbin/qm set 303 --delete unused0 +sleep 3 +/usr/sbin/qm set 303 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-12-generic-amd64.raw,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 303 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 303 +sleep 3 + +# ubuntu jammy 22.04 +/usr/sbin/qm set 314 --delete scsi0 +sleep 3 +/usr/sbin/qm set 314 --delete unused0 +sleep 3 +/usr/sbin/qm set 314 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 314 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 314 +sleep 3 + +# ubuntu jammy 22.04 minimal +/usr/sbin/qm set 315 --delete scsi0 +sleep 3 +/usr/sbin/qm set 315 --delete unused0 +sleep 3 +/usr/sbin/qm set 315 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 315 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 315 +sleep 3 +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/HFKN90p5e9?status=up&msg=OK&ping= diff --git a/proxmox2/akanealw/crontab.bak b/proxmox2/akanealw/crontab.bak new file mode 100644 index 0000000..1960c31 --- /dev/null +++ b/proxmox2/akanealw/crontab.bak @@ -0,0 +1,24 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +0 11 * * * /home/akanealw/scripts/restart-gluetun-and-services.sh diff --git a/proxmox2/akanealw/restart-gluetun-and-services.sh b/proxmox2/akanealw/restart-gluetun-and-services.sh new file mode 100755 index 0000000..af3a8bf --- /dev/null +++ b/proxmox2/akanealw/restart-gluetun-and-services.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +ssh dockerserver ./scripts/restart-gluetun-and-services.sh +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/eT36YM3T94?status=up&msg=OK&ping= diff --git a/proxmox2/akanealw/shutdown-proxmox1.sh b/proxmox2/akanealw/shutdown-proxmox1.sh new file mode 100755 index 0000000..fc9e42a --- /dev/null +++ b/proxmox2/akanealw/shutdown-proxmox1.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +ssh proxmox1 sudo poweroff diff --git a/proxmox2/akanealw/wake-proxmox1.sh b/proxmox2/akanealw/wake-proxmox1.sh new file mode 100755 index 0000000..0b25cea --- /dev/null +++ b/proxmox2/akanealw/wake-proxmox1.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +wakeonlan 68:1c:a2:13:05:f5 diff --git a/proxmox2/root/crontab.bak b/proxmox2/root/crontab.bak new file mode 100644 index 0000000..0c7f951 --- /dev/null +++ b/proxmox2/root/crontab.bak @@ -0,0 +1,26 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +@reboot /root/scripts/ping-before-starting-cts-vms.sh +0 12 * * * /root/scripts/download-import-debian-ubuntu-cloud-images.sh +30 9 * * * /root/scripts/wake-proxmox1.sh diff --git a/proxmox2/root/download-debian-ubuntu-cloud-images.sh b/proxmox2/root/download-debian-ubuntu-cloud-images.sh new file mode 100644 index 0000000..b2b14bb --- /dev/null +++ b/proxmox2/root/download-debian-ubuntu-cloud-images.sh @@ -0,0 +1,88 @@ +#!/bin/bash + +cd /root/cloud-images + +# remove old images +rm * > /dev/null 2>&1 + +# debian 11 bullseye cloud +wget -q https://cloud.debian.org/images/cloud/bullseye/daily/latest/debian-11-genericcloud-amd64-daily.tar.xz +tar -xvf debian-11-genericcloud-amd64-daily.tar.xz +mv disk.raw debian-11-genericcloud-amd64-daily.raw +/usr/sbin/qm set 301 --delete scsi0 +sleep 3 +/usr/sbin/qm set 301 --delete unused0 +sleep 3 +/usr/sbin/qm set 301 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-11-genericcloud-amd64-daily.raw,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 301 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 301 +sleep 3 + +# debian 12 bookworm cloud +wget -q https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-amd64.tar.xz +tar -xvf debian-12-genericcloud-amd64.tar.xz +mv disk.raw debian-12-generic-amd64.raw +/usr/sbin/qm set 302 --delete scsi0 +sleep 3 +/usr/sbin/qm set 302 --delete unused0 +sleep 3 +/usr/sbin/qm set 302 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-12-generic-amd64.raw,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 302 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 302 +sleep 3 + +# ubuntu focal 20.04 +wget -q -O ubuntu-20.04-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img +/usr/sbin/qm set 310 --delete scsi0 +sleep 3 +/usr/sbin/qm set 310 --delete unused0 +sleep 3 +/usr/sbin/qm set 310 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-20.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 310 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 310 +sleep 3 + +# ubuntu jammy 22.04 +wget -q -O ubuntu-22.04-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img +/usr/sbin/qm set 311 --delete scsi0 +sleep 3 +/usr/sbin/qm set 311 --delete unused0 +sleep 3 +/usr/sbin/qm set 311 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 311 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 311 +sleep 3 + +# ubuntu focal 20.04 minimal +wget -q -O ubuntu-20.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/focal/release/ubuntu-20.04-minimal-cloudimg-amd64.img +/usr/sbin/qm set 312 --delete scsi0 +sleep 3 +/usr/sbin/qm set 312 --delete unused0 +sleep 3 +/usr/sbin/qm set 312 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-20.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 312 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 312 +sleep 3 + +# ubuntu jammy 22.04 minimal +wget -q -O ubuntu-22.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/jammy/release/ubuntu-22.04-minimal-cloudimg-amd64.img +/usr/sbin/qm set 313 --delete scsi0 +sleep 3 +/usr/sbin/qm set 313 --delete unused0 +sleep 3 +/usr/sbin/qm set 313 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 313 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 313 +sleep 3 diff --git a/proxmox2/root/download-import-debian-ubuntu-cloud-images.sh b/proxmox2/root/download-import-debian-ubuntu-cloud-images.sh new file mode 100755 index 0000000..2718dd6 --- /dev/null +++ b/proxmox2/root/download-import-debian-ubuntu-cloud-images.sh @@ -0,0 +1,48 @@ +#!/bin/bash + +cd /root/cloud-images + +# remove old images +rm * > /dev/null 2>&1 + +# debian 12 bookworm cloud +wget -q https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-amd64.tar.xz +tar -xvf debian-12-genericcloud-amd64.tar.xz +mv disk.raw debian-12-generic-amd64.raw +/usr/sbin/qm set 302 --delete scsi0 +sleep 3 +/usr/sbin/qm set 302 --delete unused0 +sleep 3 +/usr/sbin/qm set 302 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-12-generic-amd64.raw,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 302 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 302 +sleep 3 + +# ubuntu jammy 22.04 +wget -q -O ubuntu-22.04-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img +/usr/sbin/qm set 311 --delete scsi0 +sleep 3 +/usr/sbin/qm set 311 --delete unused0 +sleep 3 +/usr/sbin/qm set 311 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 311 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 311 +sleep 3 + +# ubuntu jammy 22.04 minimal +wget -q -O ubuntu-22.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/jammy/release/ubuntu-22.04-minimal-cloudimg-amd64.img +/usr/sbin/qm set 313 --delete scsi0 +sleep 3 +/usr/sbin/qm set 313 --delete unused0 +sleep 3 +/usr/sbin/qm set 313 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1 +sleep 3 +/usr/sbin/qm set 313 --boot order=scsi0 +sleep 3 +/usr/sbin/qm cloudinit update 313 +sleep 3 +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/h2TE9rvDGr?status=up&msg=OK&ping= diff --git a/proxmox2/root/ping-before-start.sh b/proxmox2/root/ping-before-start.sh new file mode 100644 index 0000000..938936c --- /dev/null +++ b/proxmox2/root/ping-before-start.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done +sleep 15 +/usr/sbin/qm start 211 diff --git a/proxmox2/root/ping-before-starting-cts-vms.sh b/proxmox2/root/ping-before-starting-cts-vms.sh new file mode 100755 index 0000000..3d19d6a --- /dev/null +++ b/proxmox2/root/ping-before-starting-cts-vms.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done +sleep 45 +/usr/sbin/qm start 211 diff --git a/proxmox2/root/proxmox-kernel-clean.sh b/proxmox2/root/proxmox-kernel-clean.sh new file mode 100755 index 0000000..81bc0e6 --- /dev/null +++ b/proxmox2/root/proxmox-kernel-clean.sh @@ -0,0 +1,140 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2023 tteck +# Author: tteck (tteckster) +# License: MIT +# https://github.com/tteck/Proxmox/raw/main/LICENSE + +function header_info { + cat <<"EOF" + __ __ __ ________ + / //_/__ _________ ___ / / / ____/ /__ ____ _____ + / ,< / _ \/ ___/ __ \/ _ \/ / / / / / _ \/ __ `/ __ \ + / /| / __/ / / / / / __/ / / /___/ / __/ /_/ / / / / +/_/ |_\___/_/ /_/ /_/\___/_/ \____/_/\___/\__,_/_/ /_/ + +EOF +} +set -euo pipefail +shopt -s inherit_errexit nullglob +YW=$(echo "\033[33m") +BL=$(echo "\033[36m") +RD=$(echo "\033[01;31m") +BGN=$(echo "\033[4;92m") +GN=$(echo "\033[1;92m") +DGN=$(echo "\033[32m") +CL=$(echo "\033[m") +BFR="\\r\\033[K" +HOLD="-" +CM="${GN}✓${CL}" +CROSS="${RD}✗${CL}" +PARTY="🎉" +current_kernel=$(uname -r) +clear +header_info +while true; do + read -p "This will Clean Unused Kernel Images, USE AT YOUR OWN RISK. Proceed(y/n)?" yn + case $yn in + [Yy]*) break ;; + [Nn]*) exit ;; + *) echo -e "${RD}Please answer y/n${CL}" ;; + esac +done +clear +function msg_info() { + local msg="$1" + echo -ne " ${HOLD} ${YW}${msg}..." +} + +function msg_ok() { + local msg="$1" + echo -e "${BFR} ${CM} ${GN}${msg}${CL}" +} + +function check_root() { + if [[ $EUID -ne 0 ]]; then + echo -e "${CROSS}${RD}Error: This script must be ran as the root user.\n${CL}" + exit 1 + else + header_info + other_kernel + kernel_info + kernel_clean + fi +} + + VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)" +function other_kernel() { + if [[ "${VERSION}" == "bullseye" ]]; then + if [[ "$current_kernel" == *"edge"* ]]; then + echo -e "\n${CROSS} ${RD}ERROR:${CL} Proxmox ${BL}${current_kernel}${CL} Kernel Active" + echo -e "\nAn Active PVE Kernel is required to use Kernel Clean\n" + exit 1 + fi + if [[ "$current_kernel" == *"6.1"* || "$current_kernel" == *"6.2"* ]]; then + echo -e "\n${CROSS} ${RD}ERROR:${CL} Proxmox ${BL}${current_kernel}${CL} Kernel Active" + echo -e "\nThe script cannot be used when running opt-in kernels. \nProxmox VE's package management relies directly on the current default kernel, which is 5.15. \nTherefore, it is not possible to utilize this script. In this case, you should use autoremove instead. \n`apt-get autoremove`\n" + exit 1 + fi + fi +} + +function kernel_info() { + if [[ "$MODE" != "PBS" ]]; then + echo -e "${YW}PVE Version: ${BL}$(pveversion)\n${CL}" + fi + if [[ "$current_kernel" == *"pve"* ]]; then + echo -e "${YW}Current Kernel: ${BL}$current_kernel\n${CL}" + else + echo -e "\n${CROSS} ${RD}ERROR: No PVE Kernel Found\n${CL}" + exit 1 + fi +} + +function kernel_clean() { + kernels=$(dpkg --list | grep 'kernel-.*-pve' | awk '{print $2}' | sort -V) + remove_kernels="" + for kernel in $kernels; do + if [ "$(echo $kernel | grep $current_kernel)" ]; then + break + else + echo -e "${BL}'$kernel' ${CL}${YW}has been added to the remove Kernel list\n${CL}" + remove_kernels+=" $kernel" + fi + done + msg_ok "Kernel Search Completed\n" + if [[ "$remove_kernels" != *"pve"* ]]; then + echo -e "${PARTY} ${GN}It appears there are no old Kernels on your system. \n${CL}" + msg_info "Exiting" + sleep 2 + msg_ok "Done" + else + read -p "Would you like to remove the $(echo $remove_kernels | awk '{print NF}') selected Kernels listed above? [y/n]: " -n 1 -r + echo + if [[ $REPLY =~ ^[Yy]$ ]]; then + msg_info "Removing ${CL}${RD}$(echo $remove_kernels | awk '{print NF}') ${CL}${YW}old Kernels${CL}" + /usr/bin/apt purge -y $remove_kernels >/dev/null 2>&1 + msg_ok "Successfully Removed Kernels" + msg_info "Updating GRUB" + /usr/sbin/update-grub >/dev/null 2>&1 + msg_ok "Successfully Updated GRUB" + msg_info "Exiting" + sleep 2 + msg_ok "Done" + else + msg_info "Exiting" + sleep 2 + msg_ok "Done" + fi + fi +} + +if ! command -v pveversion >/dev/null 2>&1; then + echo -e " Switching to PBS mode" + MODE="PBS" + sleep 2 +else + MODE="PVE" +fi + +check_root diff --git a/proxmox2/root/proxmox-post-pve-install.sh b/proxmox2/root/proxmox-post-pve-install.sh new file mode 100755 index 0000000..7b1fcf7 --- /dev/null +++ b/proxmox2/root/proxmox-post-pve-install.sh @@ -0,0 +1,243 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2023 tteck +# Author: tteck (tteckster) +# License: MIT +# https://github.com/tteck/Proxmox/raw/main/LICENSE + +header_info() { + clear + cat <<"EOF" + ____ _ ________ ____ __ ____ __ ____ + / __ \ | / / ____/ / __ \____ _____/ /_ / _/___ _____/ /_____ _/ / / + / /_/ / | / / __/ / /_/ / __ \/ ___/ __/ / // __ \/ ___/ __/ __ `/ / / + / ____/| |/ / /___ / ____/ /_/ (__ ) /_ _/ // / / (__ ) /_/ /_/ / / / +/_/ |___/_____/ /_/ \____/____/\__/ /___/_/ /_/____/\__/\__,_/_/_/ + +EOF +} + +RD=$(echo "\033[01;31m") +YW=$(echo "\033[33m") +GN=$(echo "\033[1;92m") +CL=$(echo "\033[m") +BFR="\\r\\033[K" +HOLD="-" +CM="${GN}✓${CL}" +CROSS="${RD}✗${CL}" + +set -euo pipefail +shopt -s inherit_errexit nullglob + +msg_info() { + local msg="$1" + echo -ne " ${HOLD} ${YW}${msg}..." +} + +msg_ok() { + local msg="$1" + echo -e "${BFR} ${CM} ${GN}${msg}${CL}" +} + +msg_error() { + local msg="$1" + echo -e "${BFR} ${CROSS} ${RD}${msg}${CL}" +} + +start_routines() { + header_info + VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)" + if lscpu | grep -qP 'Vendor ID:.*GenuineIntel' && lscpu | grep -qP 'Model name:.*N' && [[ "$VERSION" == "bullseye" ]]; then + whiptail --msgbox --title "N-SERIES PROCESSOR DETECTED" "To ensure compatibility with Proxmox VE on systems equipped with N-series processors, it is recommended to install Proxmox Virtual Environment 8" 10 58 + fi + + CHOICE=$(whiptail --title "SOURCES" --menu "The package manager will use the correct sources to update and install packages on your Proxmox VE server.\n \nCorrect Proxmox VE sources?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Correcting Proxmox VE Sources" + cat </etc/apt/sources.list +deb http://ftp.debian.org/debian ${VERSION} main contrib +deb http://ftp.debian.org/debian ${VERSION}-updates main contrib +deb http://security.debian.org/debian-security ${VERSION}-security main contrib +EOF + msg_ok "Corrected Proxmox VE Sources" + ;; + no) + msg_error "Selected no to Correcting Proxmox VE Sources" + ;; + esac + + CHOICE=$(whiptail --title "PVE-ENTERPRISE" --menu "The 'pve-enterprise' repository is only available to users who have purchased a Proxmox VE subscription.\n \nDisable 'pve-enterprise' repository?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Disabling 'pve-enterprise' repository" + cat </etc/apt/sources.list.d/pve-enterprise.list +# deb https://enterprise.proxmox.com/debian/pve ${VERSION} pve-enterprise +EOF + msg_ok "Disabled 'pve-enterprise' repository" + ;; + no) + msg_error "Selected no to Disabling 'pve-enterprise' repository" + ;; + esac + + CHOICE=$(whiptail --title "PVE-NO-SUBSCRIPTION" --menu "The 'pve-no-subscription' repository provides access to all of the open-source components of Proxmox VE.\n \nEnable 'pve-no-subscription' repository?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Enabling 'pve-no-subscription' repository" + cat </etc/apt/sources.list.d/pve-install-repo.list +deb http://download.proxmox.com/debian/pve ${VERSION} pve-no-subscription +EOF + msg_ok "Enabled 'pve-no-subscription' repository" + ;; + no) + msg_error "Selected no to Enabling 'pve-no-subscription' repository" + ;; + esac + + if [[ "${VERSION}" == "bookworm" ]]; then + CHOICE=$(whiptail --title "CEPH PACKAGE REPOSITORIES" --menu "The 'Ceph Package Repositories' provides access to both the 'no-subscription' and 'enterprise' repositories.\n \nEnable 'ceph package repositories?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Enabling 'ceph package repositories'" + cat </etc/apt/sources.list.d/ceph.list +# deb http://download.proxmox.com/debian/ceph-quincy bookworm enterprise +deb http://download.proxmox.com/debian/ceph-quincy bookworm no-subscription +EOF + msg_ok "Enabled 'ceph package repositories'" + ;; + no) + msg_error "Selected no to Enabling 'ceph package repositories'" + ;; + esac + fi + + CHOICE=$(whiptail --title "PVETEST" --menu "The 'pvetest' repository can give advanced users access to new features and updates before they are officially released.\n \nAdd (Disabled) 'pvetest' repository?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Adding 'pvetest' repository and set disabled" + cat </etc/apt/sources.list.d/pvetest-for-beta.list +# deb http://download.proxmox.com/debian/pve ${VERSION} pvetest +EOF + msg_ok "Added 'pvetest' repository" + ;; + no) + msg_error "Selected no to Adding 'pvetest' repository" + ;; + esac + + if [[ ! -f /etc/apt/apt.conf.d/no-nag-script ]]; then + CHOICE=$(whiptail --title "SUBSCRIPTION NAG" --menu "This will disable the nag message reminding you to purchase a subscription every time you log in to the web interface.\n \nDisable subscription nag?" 14 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + whiptail --msgbox --title "Support Subscriptions" "Supporting the software's development team is essential. Check their official website's Support Subscriptions for pricing. Without their dedicated work, we wouldn't have this exceptional software." 10 58 + msg_info "Disabling subscription nag" + echo "DPkg::Post-Invoke { \"dpkg -V proxmox-widget-toolkit | grep -q '/proxmoxlib\.js$'; if [ \$? -eq 1 ]; then { echo 'Removing subscription nag from UI...'; sed -i '/data\.status.*{/{s/\!//;s/active/NoMoreNagging/}' /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js; }; fi\"; };" >/etc/apt/apt.conf.d/no-nag-script + apt --reinstall install proxmox-widget-toolkit &>/dev/null + msg_ok "Disabled subscription nag (Delete browser cache)" + ;; + no) + whiptail --msgbox --title "Support Subscriptions" "Supporting the software's development team is essential. Check their official website's Support Subscriptions for pricing. Without their dedicated work, we wouldn't have this exceptional software." 10 58 + msg_error "Selected no to Disabling subscription nag" + ;; + esac + fi + + if ! systemctl is-active --quiet pve-ha-lrm; then + CHOICE=$(whiptail --title "HIGH AVAILABILITY" --menu "Enable high availability?" 10 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Enabling high availability" + systemctl enable -q --now pve-ha-lrm + systemctl enable -q --now pve-ha-crm + systemctl enable -q --now corosync + msg_ok "Enabled high availability" + ;; + no) + msg_error "Selected no to Enabling high availability" + ;; + esac + fi + + if systemctl is-active --quiet pve-ha-lrm; then + CHOICE=$(whiptail --title "HIGH AVAILABILITY" --menu "If you plan to utilize a single node instead of a clustered environment, you can disable unnecessary high availability (HA) services, thus reclaiming system resources.\n\nIf HA becomes necessary at a later stage, the services can be re-enabled.\n\nDisable high availability?" 18 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Disabling high availability" + systemctl disable -q --now pve-ha-lrm + systemctl disable -q --now pve-ha-crm + systemctl disable -q --now corosync + msg_ok "Disabled high availability" + ;; + no) + msg_error "Selected no to Disabling high availability" + ;; + esac + fi + + CHOICE=$(whiptail --title "UPDATE" --menu "\nUpdate Proxmox VE now?" 11 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Updating Proxmox VE (Patience)" + apt-get update &>/dev/null + apt-get -y dist-upgrade &>/dev/null + msg_ok "Updated Proxmox VE" + ;; + no) + msg_error "Selected no to Updating Proxmox VE" + ;; + esac + + CHOICE=$(whiptail --title "REBOOT" --menu "\nReboot Proxmox VE now? (recommended)" 11 58 2 \ + "yes" " " \ + "no" " " 3>&2 2>&1 1>&3) + case $CHOICE in + yes) + msg_info "Rebooting Proxmox VE" + sleep 2 + msg_ok "Completed Post Install Routines" + reboot + ;; + no) + msg_error "Selected no to Rebooting Proxmox VE (Reboot recommended)" + msg_ok "Completed Post Install Routines" + ;; + esac +} + +header_info +echo -e "\nThis script will Perform Post Install Routines.\n" +while true; do + read -p "Start the Proxmox VE Post Install Script (y/n)?" yn + case $yn in + [Yy]*) break ;; + [Nn]*) clear; exit ;; + *) echo "Please answer yes or no." ;; + esac +done + +if ! command -v pveversion >/dev/null 2>&1; then + header_info + msg_error "\n No PVE Detected!\n" + exit +fi + +start_routines diff --git a/proxmox2/root/proxmox-pve-essentials.sh b/proxmox2/root/proxmox-pve-essentials.sh new file mode 100755 index 0000000..1499032 --- /dev/null +++ b/proxmox2/root/proxmox-pve-essentials.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +# autoreply config update dialog with no +if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y sudo curl wget zip unzip git man-db cifs-utils nfs-common ntfs-3g parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# update templates +pveam update + +# remove all motd +rm /etc/motd > /dev/null 2>&1 + +# set input preferences +if [[ ! -f /etc/inputrc.bak ]] ; then + cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 +fi +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.bak /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +if [[ -f /etc/bash.bashrc.default ]] ; then + mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/bash.bashrc.bak ]] ; then + cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.bak /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main diff --git a/proxmox2/root/shutdown-proxmox1.sh b/proxmox2/root/shutdown-proxmox1.sh new file mode 100755 index 0000000..fc9e42a --- /dev/null +++ b/proxmox2/root/shutdown-proxmox1.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +ssh proxmox1 sudo poweroff diff --git a/proxmox2/root/wake-proxmox1.sh b/proxmox2/root/wake-proxmox1.sh new file mode 100755 index 0000000..53c387e --- /dev/null +++ b/proxmox2/root/wake-proxmox1.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +wakeonlan 68:1c:a2:13:05:f5 +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/WKVxvGZXIw?status=up&msg=OK&ping= diff --git a/proxmox3/akanealw/restart-gluetun-and-services.sh b/proxmox3/akanealw/restart-gluetun-and-services.sh new file mode 100644 index 0000000..af3a8bf --- /dev/null +++ b/proxmox3/akanealw/restart-gluetun-and-services.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +ssh dockerserver ./scripts/restart-gluetun-and-services.sh +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/eT36YM3T94?status=up&msg=OK&ping= diff --git a/proxmox3/akanealw/shutdown-proxmox1.sh b/proxmox3/akanealw/shutdown-proxmox1.sh new file mode 100644 index 0000000..fc9e42a --- /dev/null +++ b/proxmox3/akanealw/shutdown-proxmox1.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +ssh proxmox1 sudo poweroff diff --git a/proxmox3/akanealw/shutdown-proxmox2.sh b/proxmox3/akanealw/shutdown-proxmox2.sh new file mode 100644 index 0000000..26ffe24 --- /dev/null +++ b/proxmox3/akanealw/shutdown-proxmox2.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +ssh proxmox2 sudo poweroff diff --git a/proxmox3/akanealw/wake-proxmox1.sh b/proxmox3/akanealw/wake-proxmox1.sh new file mode 100644 index 0000000..0b25cea --- /dev/null +++ b/proxmox3/akanealw/wake-proxmox1.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +wakeonlan 68:1c:a2:13:05:f5 diff --git a/proxmox3/akanealw/wake-proxmox2.sh b/proxmox3/akanealw/wake-proxmox2.sh new file mode 100644 index 0000000..9977037 --- /dev/null +++ b/proxmox3/akanealw/wake-proxmox2.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +wakeonlan d8:9e:f3:47:34:0b diff --git a/proxmox3/root/wake-proxmox1.sh b/proxmox3/root/wake-proxmox1.sh new file mode 100644 index 0000000..53c387e --- /dev/null +++ b/proxmox3/root/wake-proxmox1.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +wakeonlan 68:1c:a2:13:05:f5 +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/WKVxvGZXIw?status=up&msg=OK&ping= diff --git a/proxmox3/root/wake-proxmox2.sh b/proxmox3/root/wake-proxmox2.sh new file mode 100644 index 0000000..4f9d7f5 --- /dev/null +++ b/proxmox3/root/wake-proxmox2.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +wakeonlan d8:9e:f3:47:34:0b +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/dDaOMxA4tD?status=up&msg=OK&ping= diff --git a/proxyserver/akanealw/backup-bookmarks.sh b/proxyserver/akanealw/backup-bookmarks.sh new file mode 100755 index 0000000..b18ee9b --- /dev/null +++ b/proxyserver/akanealw/backup-bookmarks.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +cp /home/akanealw/docker/appdata/nginxwebdav/data/bookmarks.html /home/akanealw/backups/bookmarksbackups/bookmarks-$(/bin/date +%Y-%m-%d-%I-%M-%S-%p).html +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vLacLASfQk?status=up&msg=OK&ping= diff --git a/proxyserver/akanealw/backup-vaultwarden.sh b/proxyserver/akanealw/backup-vaultwarden.sh new file mode 100644 index 0000000..bd2968e --- /dev/null +++ b/proxyserver/akanealw/backup-vaultwarden.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +docker run --rm --volumes-from=vaultwarden -e UID=1000 -e PID=1000 -e BACKUP_DIR=/data/backups -e TIMESTAMP=true -v /home/akanealw/backups/vaultwardenbackups:/data/backups bruceforce/vaultwarden-backup manual +chown -R akanealw:akanealw /home/akanealw/backups diff --git a/proxyserver/akanealw/copy-backups-to-truenas.sh b/proxyserver/akanealw/copy-backups-to-truenas.sh new file mode 100644 index 0000000..312ab9b --- /dev/null +++ b/proxyserver/akanealw/copy-backups-to-truenas.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +find "/home/akanealw/backups/bookmarksbackups" -name "*.html" -type f -mtime +25 -delete +find "/home/akanealw/backups/vaultwardenbackups" -name "*.xz" -type f -mtime +25 -delete +rsync -rvz /home/akanealw/backups/bookmarksbackups/ akanealw@truenas:/mnt/data/backups/bookmarksbackups/ +rsync -rvz /home/akanealw/backups/vaultwardenbackups/ akanealw@truenas:/mnt/data/backups/vaultwardenbackups/ diff --git a/proxyserver/akanealw/crontab.bak b/proxyserver/akanealw/crontab.bak new file mode 100644 index 0000000..0332b52 --- /dev/null +++ b/proxyserver/akanealw/crontab.bak @@ -0,0 +1,26 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command +10 * * * * /home/akanealw/scripts/backup-bookmarks.sh +0 16 * * * /home/akanealw/scripts/ping-before-copy-backups-to-truenas.sh +0 11 * * * /home/akanealw/scripts/olivetin/restart-gluetun-and-services.sh diff --git a/proxyserver/akanealw/debian-essentials.sh b/proxyserver/akanealw/debian-essentials.sh new file mode 100755 index 0000000..1609e9d --- /dev/null +++ b/proxyserver/akanealw/debian-essentials.sh @@ -0,0 +1,145 @@ +#!/bin/bash + +# autoreply config update dialog with no +if [[ ! -f /etc/apt/apt.conf.d/local ]] + then + echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local + echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local + echo " "--force-confold";" >> /etc/apt/apt.conf.d/local + echo "}" >> /etc/apt/apt.conf.d/local +fi + +# update bookworm to new debian.sources file +if [[ -f /etc/apt/sources.list.d/debian.sources ]] + then + echo "Sources already updated" + else + isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye") + if [ $isInFile -eq 0 ] + then + mkdir /etc/apt/mirrors > /dev/null 2>&1 + echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list + echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources + echo "" >> /etc/apt/sources.list.d/debian.sources + echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources + echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources + echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources + echo "Components: main" >> /etc/apt/sources.list.d/debian.sources + mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1 + rm /etc/apt/sources.list.11.backup > /dev/null 2>&1 + else + echo "Bullseye detected, skipping sources update" + fi +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# add akanealw user if not existing +isInFile=$(cat /etc/passwd | grep -c "akanealw") +if [ $isInFile -eq 0 ] + then + echo "Set password for akanealw" + useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw + mkdir /home/akanealw/.ssh + chown akanealw:akanealw /home/akanealw/.ssh + chmod 700 /home/akanealw/.ssh + cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 + chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 + chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 +fi + +# create akanealw file in /etc/sudoers.d +if [[ ! -f /etc/sudoers.d/akanealw ]] + then + echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw +fi + +# enable ping for all users +setcap 'cap_net_admin,cap_net_raw+ep' $(which ping) + +# remove all motd +rm /etc/motd > /dev/null 2>&1 + +# disable systemd-networkd-wait-online.service +systemctl disable systemd-networkd-wait-online.service + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# show ip in /etc/issue +wget -qO /etc/issue.default http://192.168.1.50/debian/issue.default +rm /etc/issue > /dev/null 2>&1 +cp /etc/issue.default /etc/issue +name=$(basename /sys/class/net/e*) +echo "" >> /etc/issue +echo "$name: \4{$name}" >> /etc/issue +echo "" >> /etc/issue + +# set input preferences +wget -qO /etc/inputrc.default http://192.168.1.50/debian/inputrc.default +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.default /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +wget -qO /etc/bash.bashrc.default http://192.168.1.50/debian/bash.bashrc.default +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.default /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc +echo "alias dc='docker compose'" >> /etc/bash.bashrc +echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc +echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc +echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc +echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc +echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc +echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc +echo "alias dps='docker ps'" >> /etc/bash.bashrc +echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# create credentials and map network drives +isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") +if [ $isInFile -eq 0 ] + then + mkdir /mnt/truenasdata > /dev/null 2>&1 + chown akanealw:akanealw /mnt/truenasdata + echo "# nfs shares" >> /etc/fstab + echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab +fi diff --git a/proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh b/proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh new file mode 100755 index 0000000..deb2692 --- /dev/null +++ b/proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +ssh -i ~/.ssh/dockerserver \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.30 \ +"docker restart gluetun \ +&& echo "gluetun restarting" \ +&& sleep 45 \ +&& docker restart jdownloader \ +&& echo "jdownloader restarting" \ +&& sleep 5 \ +&& docker restart qbittorrent \ +&& echo "qbittorrent restarting" \ +&& sleep 5 \ +&& docker restart sabnzbd \ +&& echo "sabnzbd restarting" \ +&& curl -fsS -m 10 --retry 5 -o /dev/null \ +https://uptimekuma.akanealw.com/api/push/eT36YM3T94?status=up&msg=OK&ping=" diff --git a/proxyserver/akanealw/olivetin/restart-jdownloader.sh b/proxyserver/akanealw/olivetin/restart-jdownloader.sh new file mode 100755 index 0000000..372c404 --- /dev/null +++ b/proxyserver/akanealw/olivetin/restart-jdownloader.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +ssh -i ~/.ssh/dockerserver \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.30 \ +"docker restart jdownloader \ +&& echo "jdownloader restarting"" diff --git a/proxyserver/akanealw/olivetin/restart-qbittorrent.sh b/proxyserver/akanealw/olivetin/restart-qbittorrent.sh new file mode 100755 index 0000000..316557f --- /dev/null +++ b/proxyserver/akanealw/olivetin/restart-qbittorrent.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +ssh -i ~/.ssh/dockerserver \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.30 \ +"docker restart qbittorrent \ +&& echo "qbittorrent restarting"" diff --git a/proxyserver/akanealw/olivetin/restart-sabnzbd.sh b/proxyserver/akanealw/olivetin/restart-sabnzbd.sh new file mode 100755 index 0000000..8bab19e --- /dev/null +++ b/proxyserver/akanealw/olivetin/restart-sabnzbd.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +ssh -i ~/.ssh/dockerserver \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.30 \ +"docker restart sabnzbd \ +&& echo "sabnzbd restarting"" diff --git a/proxyserver/akanealw/olivetin/shutdown-proxmox1.sh b/proxyserver/akanealw/olivetin/shutdown-proxmox1.sh new file mode 100755 index 0000000..b0fde97 --- /dev/null +++ b/proxyserver/akanealw/olivetin/shutdown-proxmox1.sh @@ -0,0 +1,4 @@ +ssh -i ~/.ssh/proxmox2 \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.52 \ +/home/akanealw/scripts/shutdown-proxmox1.sh diff --git a/proxyserver/akanealw/olivetin/wake-proxmox1.sh b/proxyserver/akanealw/olivetin/wake-proxmox1.sh new file mode 100755 index 0000000..e41cd23 --- /dev/null +++ b/proxyserver/akanealw/olivetin/wake-proxmox1.sh @@ -0,0 +1,4 @@ +ssh -i ~/.ssh/proxmox2 \ +-o StrictHostKeyChecking=no \ +akanealw@192.168.1.52 \ +/home/akanealw/scripts/wake-proxmox1.sh diff --git a/proxyserver/akanealw/ping-before-copy-backups-to-truenas.sh b/proxyserver/akanealw/ping-before-copy-backups-to-truenas.sh new file mode 100755 index 0000000..17fc39f --- /dev/null +++ b/proxyserver/akanealw/ping-before-copy-backups-to-truenas.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +sudo chown -R akanealw:akanealw /home/akanealw/backups +find "/home/akanealw/backups/bookmarksbackups" -name "*.html" -type f -mtime +25 -delete +find "/home/akanealw/backups/vaultwardenbackups" -name "*.xz" -type f -mtime +25 -delete + +if ping -c 2 192.168.1.41 &> /dev/null + then + rsync -rvz /home/akanealw/backups/bookmarksbackups/ akanealw@truenas:/mnt/data/backups/bookmarksbackups/ + curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=up&msg=OK&ping= + rsync -rvz /home/akanealw/backups/vaultwardenbackups/ akanealw@truenas:/mnt/data/backups/vaultwardenbackups/ + curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=up&msg=OK&ping= + else + curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=down&msg=OK&ping= +fi diff --git a/proxyserver/root/check-wireguard.sh b/proxyserver/root/check-wireguard.sh new file mode 100644 index 0000000..d08403b --- /dev/null +++ b/proxyserver/root/check-wireguard.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +PING=/bin/ping +## DEBIAN +SERVICE=/usr/sbin/service + +tries=0 +while [[ $tries -lt 3 ]] +do + if $PING -c 1 10.0.10.1 + then + echo "wg works" && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=up&msg=OK&ping= + exit 0 + fi + echo "wg fail" + tries=$((tries+1)) +done +echo "wg failed 3 times - restarting tunnel" && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=down&msg=OK&ping= + +## DEBIAN +$SERVICE wg-quick@wg1 restart && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=up&msg=OK&ping= diff --git a/proxyserver/root/clean-plex-photo-cache.sh b/proxyserver/root/clean-plex-photo-cache.sh new file mode 100755 index 0000000..ef05e1f --- /dev/null +++ b/proxyserver/root/clean-plex-photo-cache.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.jpg" -type f -mtime +5 -delete +find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.ppm" -type f -mtime +5 -delete +curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vOOCgMo8GW?status=up&msg=OK&ping= diff --git a/proxyserver/root/crontab.bak b/proxyserver/root/crontab.bak new file mode 100644 index 0000000..d1c5aa5 --- /dev/null +++ b/proxyserver/root/crontab.bak @@ -0,0 +1,23 @@ +# Edit this file to introduce tasks to be run by cron. +# +# Each task to run has to be defined through a single line +# indicating with different fields when the task will be run +# and what command to run for the task +# +# To define the time you can provide concrete values for +# minute (m), hour (h), day of month (dom), month (mon), +# and day of week (dow) or use '*' in these fields (for 'any'). +# +# Notice that tasks will be started based on the cron's system +# daemon's notion of time and timezones. +# +# Output of the crontab jobs (including errors) is sent through +# email to the user the crontab file belongs to (unless redirected). +# +# For example, you can run a backup of all your user accounts +# at 5 a.m every week with: +# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ +# +# For more information see the manual pages of crontab(5) and cron(8) +# +# m h dom mon dow command diff --git a/proxyserver/root/test.sh b/proxyserver/root/test.sh new file mode 100644 index 0000000..e69de29 diff --git a/rclone/rclone-copy-scott-backup.sh b/rclone/rclone-copy-scott-backup.sh new file mode 100644 index 0000000..f9cbbcd --- /dev/null +++ b/rclone/rclone-copy-scott-backup.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +#rclone copy /media/raid/Media/ /mnt/truenasmedia/ --create-empty-src-dirs -P + +rclone copy /media/raid/Backups/ /mnt/truenasscott/ --create-empty-src-dirs -P +rclone copy /media/raid/Applications/ /mnt/truenasscott/Applications/ --create-empty-src-dirs -P +rclone copy /media/raid/Games/ /mnt/truenasscott/Games/ --create-empty-src-dirs -P +rclone copy /media/raid/Google/ /mnt/truenasscott/Google/ --create-empty-src-dirs -P +rclone copy /media/raid/Kodi/ /mnt/truenasscott/Kodi/ --create-empty-src-dirs -P +rclone copy /media/raid/Miscellaneous/ /mnt/truenasscott/Miscellaneous/ --create-empty-src-dirs -P +rclone copy /media/raid/Pictures/ /mnt/truenasscott/Pictures/ --create-empty-src-dirs -P +rclone copy /media/raid/'Pictures Backup'/ /mnt/truenasscott/'Pictures Backup'/ --create-empty-src-dirs -P +rclone copy /media/raid/Projects/ /mnt/truenasscott/Projects/ --create-empty-src-dirs -P +rclone copy /media/raid/'Rosetta Stone'/ /mnt/truenasscott/'Rosetta Stone'/ --create-empty-src-dirs -P +rclone copy /media/raid/Share/ /mnt/truenasscott/Share/ --create-empty-src-dirs -P +rclone copy /media/raid/'TV Shows'/ /mnt/truenasscott/'TV Shows'/ --create-empty-src-dirs -P +rclone copy /media/raid/'Unsorted Pictures'/ /mnt/truenasscott/'Unsorted Pictures'/ --create-empty-src-dirs -P +rclone copy /media/raid/dockernuc/ /mnt/truenasscott/dockernuc/ --create-empty-src-dirs -P diff --git a/remotely/remotely-agent-debian.sh b/remotely/remotely-agent-debian.sh new file mode 100644 index 0000000..2371081 --- /dev/null +++ b/remotely/remotely-agent-debian.sh @@ -0,0 +1,106 @@ +#!/bin/bash +HostName="https://remotely.akanealw.com" +Organization="7fbfb541-0720-42cf-b363-ddf13a19fd16" +GUID=$(cat /proc/sys/kernel/random/uuid) +UpdatePackagePath="" +InstallDir="/usr/local/bin/Remotely" + +apt-get update +apt-get -y install curl lsb-release apt-transport-https libx11-dev libxrandr-dev unzip libc6-dev libxtst-dev xclip jq + +ETag=$(curl --head $HostName/Content/Remotely-Linux.zip | grep -i "etag" | cut -d' ' -f 2) +LogPath="/var/log/remotely/Agent_Install.log" + +mkdir -p /var/log/remotely +Args=( "$@" ) +ArgLength=${#Args[@]} + +for (( i=0; i<${ArgLength}; i+=2 )); +do + if [ "${Args[$i]}" = "--uninstall" ]; then + systemctl stop remotely-agent + rm -r -f $InstallDir + rm -f /etc/systemd/system/remotely-agent.service + systemctl daemon-reload + exit + elif [ "${Args[$i]}" = "--path" ]; then + UpdatePackagePath="${Args[$i+1]}" + fi +done + +if [ -z "$ETag" ]; then + echo "ETag is empty. Aborting install." | tee -a $LogPath + exit 1 +fi + +debianVersion=$(lsb_release -r -s) + +wget -q https://packages.microsoft.com/config/debian/$debianVersion/packages-microsoft-prod.deb -O packages-microsoft-prod.deb +dpkg -i packages-microsoft-prod.deb +apt-get update +#apt-get -y install apt-transport-https +apt-get -y install dotnet-runtime-7.0 +rm packages-microsoft-prod.deb + +#apt-get -y install libx11-dev libxrandr-dev unzip libc6-dev libxtst-dev xclip jq + + +if [ -f "$InstallDir/ConnectionInfo.json" ]; then + SavedGUID=`cat "$InstallDir/ConnectionInfo.json" | jq -r '.DeviceID'` + if [[ "$SavedGUID" != "null" && -n "$SavedGUID" ]]; then + GUID="$SavedGUID" + fi +fi + +rm -r -f $InstallDir +rm -f /etc/systemd/system/remotely-agent.service + +mkdir -p $InstallDir + +if [ -z "$UpdatePackagePath" ]; then + echo "Downloading client." | tee -a $LogPath + wget -q -O /tmp/Remotely-Linux.zip $HostName/Content/Remotely-Linux.zip +else + echo "Copying install files." | tee -a $LogPath + cp "$UpdatePackagePath" /tmp/Remotely-Linux.zip + rm -f "$UpdatePackagePath" +fi + +unzip -o /tmp/Remotely-Linux.zip -d $InstallDir +rm -f /tmp/Remotely-Linux.zip +chmod +x $InstallDir/Remotely_Agent +chmod +x $InstallDir/Desktop/Remotely_Desktop + + +connectionInfo="{ + \"DeviceID\":\"$GUID\", + \"Host\":\"$HostName\", + \"OrganizationID\": \"$Organization\", + \"ServerVerificationToken\":\"\" +}" + +echo "$connectionInfo" > $InstallDir/ConnectionInfo.json + +curl --head $HostName/Content/Remotely-Linux.zip | grep -i "etag" | cut -d' ' -f 2 > $InstallDir/etag.txt + +echo Creating service. | tee -a $LogPath + +serviceConfig="[Unit] +Description=The Remotely agent used for remote access. + +[Service] +WorkingDirectory=$InstallDir +ExecStart=$InstallDir/Remotely_Agent +Restart=always +StartLimitIntervalSec=0 +RestartSec=10 + +[Install] +WantedBy=graphical.target" + +echo "$serviceConfig" > /etc/systemd/system/remotely-agent.service + +systemctl enable remotely-agent +systemctl restart remotely-agent + +echo Install complete. | tee -a $LogPath diff --git a/remotely/remotely-agent-ubuntu.sh b/remotely/remotely-agent-ubuntu.sh new file mode 100644 index 0000000..6e18a58 --- /dev/null +++ b/remotely/remotely-agent-ubuntu.sh @@ -0,0 +1,106 @@ +#!/bin/bash +HostName="https://remotely.akanealw.com" +Organization="7fbfb541-0720-42cf-b363-ddf13a19fd16" +GUID=$(cat /proc/sys/kernel/random/uuid) +UpdatePackagePath="" +InstallDir="/usr/local/bin/Remotely" + +apt-get update +apt-get -y install curl lsb-release libx11-dev libxrandr-dev unzip libc6-dev libxtst-dev xclip jq apt-transport-https + +ETag=$(curl --head $HostName/Content/Remotely-Linux.zip | grep -i "etag" | cut -d' ' -f 2) +LogPath="/var/log/remotely/Agent_Install.log" + +mkdir -p /var/log/remotely +Args=( "$@" ) +ArgLength=${#Args[@]} + +for (( i=0; i<${ArgLength}; i+=2 )); +do + if [ "${Args[$i]}" = "--uninstall" ]; then + systemctl stop remotely-agent + rm -r -f $InstallDir + rm -f /etc/systemd/system/remotely-agent.service + systemctl daemon-reload + exit + elif [ "${Args[$i]}" = "--path" ]; then + UpdatePackagePath="${Args[$i+1]}" + fi +done + +if [ -z "$ETag" ]; then + echo "ETag is empty. Aborting install." | tee -a $LogPath + exit 1 +fi + +ubuntuVersion=$(lsb_release -r -s) + +wget -q https://packages.microsoft.com/config/ubuntu/$ubuntuVersion/packages-microsoft-prod.deb -O packages-microsoft-prod.deb +dpkg -i packages-microsoft-prod.deb +apt-get update +#apt-get -y install apt-transport-https +apt-get -y install dotnet-runtime-7.0 +rm packages-microsoft-prod.deb + +#apt-get -y install libx11-dev libxrandr-dev unzip libc6-dev libxtst-dev xclip jq + + +if [ -f "$InstallDir/ConnectionInfo.json" ]; then + SavedGUID=`cat "$InstallDir/ConnectionInfo.json" | jq -r '.DeviceID'` + if [[ "$SavedGUID" != "null" && -n "$SavedGUID" ]]; then + GUID="$SavedGUID" + fi +fi + +rm -r -f $InstallDir +rm -f /etc/systemd/system/remotely-agent.service + +mkdir -p $InstallDir + +if [ -z "$UpdatePackagePath" ]; then + echo "Downloading client." | tee -a $LogPath + wget -q -O /tmp/Remotely-Linux.zip $HostName/Content/Remotely-Linux.zip +else + echo "Copying install files." | tee -a $LogPath + cp "$UpdatePackagePath" /tmp/Remotely-Linux.zip + rm -f "$UpdatePackagePath" +fi + +unzip -o /tmp/Remotely-Linux.zip -d $InstallDir +rm -f /tmp/Remotely-Linux.zip +chmod +x $InstallDir/Remotely_Agent +chmod +x $InstallDir/Desktop/Remotely_Desktop + + +connectionInfo="{ + \"DeviceID\":\"$GUID\", + \"Host\":\"$HostName\", + \"OrganizationID\": \"$Organization\", + \"ServerVerificationToken\":\"\" +}" + +echo "$connectionInfo" > $InstallDir/ConnectionInfo.json + +curl --head $HostName/Content/Remotely-Linux.zip | grep -i "etag" | cut -d' ' -f 2 > $InstallDir/etag.txt + +echo Creating service. | tee -a $LogPath + +serviceConfig="[Unit] +Description=The Remotely agent used for remote access. + +[Service] +WorkingDirectory=$InstallDir +ExecStart=$InstallDir/Remotely_Agent +Restart=always +StartLimitIntervalSec=0 +RestartSec=10 + +[Install] +WantedBy=graphical.target" + +echo "$serviceConfig" > /etc/systemd/system/remotely-agent.service + +systemctl enable remotely-agent +systemctl restart remotely-agent + +echo Install complete. | tee -a $LogPath diff --git a/rsync/rsync-backup-fileserver-truenas.sh b/rsync/rsync-backup-fileserver-truenas.sh new file mode 100644 index 0000000..ce8ffe7 --- /dev/null +++ b/rsync/rsync-backup-fileserver-truenas.sh @@ -0,0 +1,15 @@ +rsync -azvP -e "ssh -i ~/.ssh/truenas" --progress \ +--include=/ \ +--include=/home/*** \ +--include=/etc \ +--include=/etc/fstab \ +--include=/etc/dnsmasq.d/*** \ +--include=/etc/gitea/*** \ +--include=/etc/nginx/*** \ +--include=/etc/wireguard/*** \ +--include=/srv/*** \ +--include=/var \ +--include=/var/lib \ +--include=/var/lib/gitea/*** \ +--exclude=* \ +/ root@192.168.1.41:/mnt/data/backups/fileserverbackup/$(/bin/date +%Y-%m-%d) diff --git a/rsync/rsync-backup.sh b/rsync/rsync-backup.sh new file mode 100644 index 0000000..29ab20b --- /dev/null +++ b/rsync/rsync-backup.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +#rsync -azvP -e "ssh -i ~/.ssh/debiantest" --progress \ +--include=/ \ +--include=/home/ \ +--include=/home/akanealw \ +--include=/home/akanealw/docker \ +--include=/home/akanealw/docker/appdata/*** \ +--exclude=* \ +root@192.168.1.33:/ /mnt/backups/dockerservertest/$(/bin/date +%Y-%m-%d) \ No newline at end of file diff --git a/rsync/rsync-pull-with-public-key-to-local.sh b/rsync/rsync-pull-with-public-key-to-local.sh new file mode 100755 index 0000000..60f00b3 --- /dev/null +++ b/rsync/rsync-pull-with-public-key-to-local.sh @@ -0,0 +1,12 @@ +rsync -azvP -e "ssh -i ~/.ssh/publickey" --progress \ +--exclude=/etc/fstab \ +--exclude=/etc/network/* \ +--exclude=/lib/modules \ +--exclude=/proc/* \ +--exclude=/tmp/* \ +--exclude=/sys/* \ +--exclude=/dev/* \ +--exclude=/mnt/* \ +--exclude=/boot/* \ +--exclude=/root/* \ +hostname:/ / diff --git a/rsync/rsync-restore.sh b/rsync/rsync-restore.sh new file mode 100644 index 0000000..f8b43ab --- /dev/null +++ b/rsync/rsync-restore.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +rsync -azvP -e "ssh -i ~/.ssh/proxyserver" --progress \ +/mnt/backups/dockerservertest/2023-07-04/* root@192.168.1.4:/ \ No newline at end of file diff --git a/rsync/rsync-to-truenas-module.sh b/rsync/rsync-to-truenas-module.sh new file mode 100644 index 0000000..c5343f6 --- /dev/null +++ b/rsync/rsync-to-truenas-module.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +rsync -avP --rsh=ssh truenas::truenas-backups/ /mnt/pve/external-backup/backups/ +rsync -avP --rsh=ssh truenas::truenas-storage/ /mnt/pve/external-backup/storage/ diff --git a/serverbackup-cronjob.txt b/serverbackup-cronjob.txt new file mode 100755 index 0000000..974f4bd --- /dev/null +++ b/serverbackup-cronjob.txt @@ -0,0 +1 @@ +0 */12 * * * /home/akanealw/serverbackup.sh >> /home/akanealw/$(hostname)-backup.log diff --git a/serverbackup-networkshare.txt b/serverbackup-networkshare.txt new file mode 100755 index 0000000..4bee477 --- /dev/null +++ b/serverbackup-networkshare.txt @@ -0,0 +1,2 @@ +# nfs shares +192.168.1.41:/mnt/data/backups/serverbackups /mnt/backups nfs defaults,nolock,soft 0 0 diff --git a/serverbackup.sh b/serverbackup.sh new file mode 100755 index 0000000..af2b198 --- /dev/null +++ b/serverbackup.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +rsync -arzv --mkpath --delete --no-links /home/akanealw/ /mnt/backups/$(hostname)/akanealw/ +rsync -arzv --mkpath /var/spool/cron/crontabs/ /mnt/backups/$(hostname)/cron/crontabs/ +rsync -arzv --mkpath --delete --no-links --exclude 'ipc-socket' --exclude 'ibtmp1' /opt/docker/ /mnt/backups/$(hostname)/docker/ +rsync -arzv --mkpath /etc/fstab /mnt/backups/$(hostname)/fstab +rsync -arzv --mkpath /etc/network/interfaces /mnt/backups/$(hostname)/ +rsync -arzv --mkpath /etc/samba/smb.conf /mnt/backups/$(hostname)/smb.conf \ No newline at end of file diff --git a/start-all-docker.sh b/start-all-docker.sh new file mode 100755 index 0000000..3ade63b --- /dev/null +++ b/start-all-docker.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +docker compose -f /opt/docker/admin-compose.yml up -d +docker compose -f /opt/docker/docker-compose.yml up -d diff --git a/stop-all-docker.sh b/stop-all-docker.sh new file mode 100755 index 0000000..ccefd3d --- /dev/null +++ b/stop-all-docker.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +docker compose -f /opt/docker/docker-compose.yml down +docker compose -f /opt/docker/admin-compose.yml down \ No newline at end of file diff --git a/transfer-bash.bashrc.bak-to-remote-scp.sh b/transfer-bash.bashrc.bak-to-remote-scp.sh new file mode 100755 index 0000000..ad69f41 --- /dev/null +++ b/transfer-bash.bashrc.bak-to-remote-scp.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.30:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.31:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.32:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.33:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak root@192.168.1.34:/root +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.35:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.36:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.37:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.38:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.39:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.40:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.41:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.42:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.43:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.44:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.45:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.46:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.47:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.48:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.49:/home/akanealw +sshpass -p 8ung1e1! scp -v ./nanorc.bak akanealw@192.168.1.50:/home/akanealw diff --git a/ubuntu/download-ubuntu-essentials.sh b/ubuntu/download-ubuntu-essentials.sh new file mode 100755 index 0000000..05e45f9 --- /dev/null +++ b/ubuntu/download-ubuntu-essentials.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +if [[ -d /home/akanealw ]] + then + rm /home/akanealw/scripts/ubuntu-essentials* > /dev/null 2>&1 + rm /root/scripts/ubuntu-essentials* > /dev/null 2>&1 + mkdir /home/akanealw/scripts > /dev/null 2>&1 + wget -qO /home/akanealw/scripts/ubuntu-essentials.sh https://aknlw.com/ubuntu-essentials + chmod +x /home/akanealw/scripts/ubuntu-essentials.sh + sudo /home/akanealw/scripts/ubuntu-essentials.sh + else + rm /root/scripts/ubuntu-essentials* > /dev/null 2>&1 + mkdir /root/scripts > /dev/null 2>&1 + wget -qO /root/scripts/ubuntu-essentials.sh https://aknlw.com/ubuntu-essentials + chmod +x /root/scripts/ubuntu-essentials.sh + /root/scripts/ubuntu-essentials.sh +fi diff --git a/ubuntu/ubuntu-essentials.sh b/ubuntu/ubuntu-essentials.sh new file mode 100755 index 0000000..b1c18e8 --- /dev/null +++ b/ubuntu/ubuntu-essentials.sh @@ -0,0 +1,120 @@ +#!/bin/bash + +# disable restart prompt for services during an update +if [[ ! -f /etc/needrestart/conf.d/no-prompt.conf ]] ; then + echo "\$nrconf{restart} = 'a';" >> /etc/needrestart/conf.d/no-prompt.conf +fi + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y pwgen qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# add akanealw user if not existing +isInFile=$(cat /etc/passwd | grep -c "akanealw") +if [ $isInFile -eq 0 ]; then + echo "Set password for akanealw" + useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw + mkdir /home/akanealw/.ssh + chown akanealw:akanealw /home/akanealw/.ssh + chmod 700 /home/akanealw/.ssh + cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1 + chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 + chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1 +fi + +# create akanealw file in /etc/sudoers.d +if [[ ! -f /etc/sudoers.d/akanealw ]] ; then + echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw +fi + +# enable ping for all users +setcap 'cap_net_admin,cap_net_raw+ep' $(which ping) + +# remove all motd +apt-get remove --purge update-motd > /dev/null 2>&1 +rm /etc/default/motd-news > /dev/null 2>&1 +rm -r /etc/update-motd.d > /dev/null 2>&1 +rm /etc/motd > /dev/null 2>&1 + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# show ip in /etc/issue +wget -qO /etc/issue.default http://192.168.1.50/ubuntu/issue.default +rm /etc/issue > /dev/null 2>&1 +rm /etc/issue.bak > /dev/null 2>&1 +cp /etc/issue.default /etc/issue +name=$(basename /sys/class/net/e*) +echo "" >> /etc/issue +echo "$name: \4{$name}" >> /etc/issue +echo "" >> /etc/issue + +# set input preferences +wget -qO /etc/inputrc.default http://192.168.1.50/ubuntu/inputrc.default +rm /etc/inputrc > /dev/null 2>&1 +rm /etc/inputrc.bak > /dev/null 2>&1 +cp /etc/inputrc.default /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +wget -qO /etc/bash.bashrc.default http://192.168.1.50/ubuntu/bash.bashrc.default +rm /etc/bash.bashrc > /dev/null 2>&1 +rm /etc/bash.bashrc.bak > /dev/null 2>&1 +cp /etc/bash.bashrc.default /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc +echo "alias dckr='ssh akanealw@192.168.1.30'" >> /etc/bash.bashrc +echo "alias ipbs='ssh akanealw@192.168.1.50'" >> /etc/bash.bashrc +echo "alias pihl='ssh akanealw@192.168.1.5'" >> /etc/bash.bashrc +echo "alias pmbs='ssh root@192.168.1.40'" >> /etc/bash.bashrc +echo "alias pmx1='ssh root@192.168.1.51'" >> /etc/bash.bashrc +echo "alias tnas='ssh root@192.168.1.41'" >> /etc/bash.bashrc +echo "alias dc='docker compose'" >> /etc/bash.bashrc +echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc +echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc +echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc +echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc +echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc +echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc +echo "alias dps='docker ps'" >> /etc/bash.bashrc +echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# create credentials and map network drives +isInFile=$(cat /etc/fstab | grep -c "192.168.1.41") +if [ $isInFile -eq 0 ]; then + mkdir /mnt/truenasdata > /dev/null 2>&1 + chown akanealw:akanealw /mnt/truenasdata + echo "# nfs shares" >> /etc/fstab + echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab +fi diff --git a/ubuntu/ubuntu-install-docker.sh b/ubuntu/ubuntu-install-docker.sh new file mode 100755 index 0000000..1eb346a --- /dev/null +++ b/ubuntu/ubuntu-install-docker.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +if [[ ! -f /etc/apt/keyrings/docker.gpg ]] + then + apt-get update + apt-get install -y ca-certificates curl gnupg lsb-release + chown -R akanealw:akanealw /home/akanealw/docker + mkdir -m 0755 -p /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + apt-get update + apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + groupadd docker > /dev/null 2>&1 + usermod -aG docker akanealw + systemctl enable docker.service + systemctl enable containerd.service + systemctl start docker.service + systemctl start containerd.service + systemctl status docker.service + systemctl status containerd.service + else + echo "Docker is already configured." +fi diff --git a/ubuntu/ubuntu-install-samba.sh b/ubuntu/ubuntu-install-samba.sh new file mode 100755 index 0000000..873ae84 --- /dev/null +++ b/ubuntu/ubuntu-install-samba.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw") +if [ $isInFile -eq 0 ] + then + apt-get install -y samba --no-install-recommends + (echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw + sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf + echo "[akanealw]" >> /etc/samba/smb.conf + echo " comment = akanealw" >> /etc/samba/smb.conf + echo " read only = no" >> /etc/samba/smb.conf + echo " path = /home/akanealw" >> /etc/samba/smb.conf + echo " guest ok = no" >> /etc/samba/smb.conf + echo "" >> /etc/samba/smb.conf + systemctl restart smbd + systemctl status smbd + else + echo "Samba is already configured." +fi diff --git a/ubuntu/ubuntu-regenerate-ssh-keys-machine-id.sh b/ubuntu/ubuntu-regenerate-ssh-keys-machine-id.sh new file mode 100644 index 0000000..2811bd1 --- /dev/null +++ b/ubuntu/ubuntu-regenerate-ssh-keys-machine-id.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +# ask to regenerate machine-id +if [[ ! -f /etc/machine-id-regenerated ]] + then + read -r -p "Regenerate machine-id? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + rm -f /etc/machine-id /var/lib/dbus/machine-id + dbus-uuidgen --ensure=/etc/machine-id + dbus-uuidgen --ensure + touch /etc/machine-id-regenerated + fi +fi + +# ask to regenerate ssh host keys +if [[ ! -d /etc/cloud ]] + then + if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] + then + read -r -p "Regenerate SSH Keys? " prompt + if [[ "${prompt,,}" =~ ^(y|yes)$ ]] + then + rm /etc/ssh/ssh_host_* + dpkg-reconfigure openssh-server + mkdir /home/akanealw/.ssh + touch /home/akanealw/.ssh/ssh_keys_regenerated + chmod 700 /home/akanealw/.ssh + chown -R akanealw:akanealw /home/akanealw/.ssh + fi + fi +fi diff --git a/ubuntu/ubuntu-set-ip.sh b/ubuntu/ubuntu-set-ip.sh new file mode 100755 index 0000000..3713364 --- /dev/null +++ b/ubuntu/ubuntu-set-ip.sh @@ -0,0 +1,29 @@ +# ask to set static ip address +read -r -p "Set Static IP address? " prompt +if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then +read -r -p "Enter Static IP Address with subnet prefix: " staticip +read -r -p "Enter Gateway IP Address: " gatewayip +read -r -p "Enter DNS IP Address (separated by commas): " dnsip +# get adapter name +name=$(basename /sys/class/net/e*) +# backup original netplan yaml file +mv /etc/netplan/00-installer-config.yaml /etc/netplan/00-installer-config.yaml.bak > /dev/null 2>&1 +rm /etc/netplan/01-network-manager-all.yaml > /dev/null 2>&1 +# create new netplan yaml file +cat >> /etc/netplan/01-network-manager-all.yaml <> /etc/sudoers.d/akanealw +fi + +# remove all motd +apt-get remove --purge update-motd > /dev/null 2>&1 +rm /etc/default/motd-news > /dev/null 2>&1 +rm -r /etc/update-motd.d > /dev/null 2>&1 +rm /etc/motd > /dev/null 2>&1 + +# update and upgrade +apt-get update +apt-get upgrade -y + +# download and install packages +apt-get install -y lsb-release cron sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion + +# git config +git config --global credential.helper store +git config --global user.name "akanealw" +git config --global user.email "akanealw@gmail.com" +git config --global init.defaultBranch main + +# set input preferences +if [[ ! -f /etc/inputrc.bak ]] ; then + cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1 +fi +rm /etc/inputrc > /dev/null 2>&1 +cp /etc/inputrc.bak /etc/inputrc +echo "" >> /etc/inputrc +echo "set completion-ignore-case On" >> /etc/inputrc + +# set bash preferences and aliases +if [[ -f /etc/bash.bashrc.default ]] ; then + mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +if [[ ! -f /etc/bash.bashrc.bak ]] ; then + cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1 +fi +rm /etc/bash.bashrc > /dev/null 2>&1 +cp /etc/bash.bashrc.bak /etc/bash.bashrc +echo "" >> /etc/bash.bashrc +echo "# custom settings and aliases" >> /etc/bash.bashrc +echo "set -o noclobber" >> /etc/bash.bashrc +echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc +echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc +echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc +echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc +echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc +echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc +echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc +echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc +echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc +echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc +echo "alias apts='sudo apt search'" >> /etc/bash.bashrc +echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc +echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc +echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc +echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc +echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc +echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc +echo "alias dc='docker compose'" >> /etc/bash.bashrc +echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc +echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc +echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc +echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc +echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc +echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc +echo "alias dps='docker ps'" >> /etc/bash.bashrc +echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc + +# create tmux config +rm /etc/tmux.conf* > /dev/null 2>&1 +echo "unbind C-b" >> /etc/tmux.conf +echo "set-option -g prefix C-a" >> /etc/tmux.conf +echo "bind-key C-a send-prefix" >> /etc/tmux.conf + +# enable ping for non-root users +setcap 'cap_net_admin,cap_net_raw+ep' $(which ping)