first commit

proxyserver/akanealw/backup-bookmarks.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+cp /home/akanealw/docker/appdata/nginxwebdav/data/bookmarks.html /home/akanealw/backups/bookmarksbackups/bookmarks-$(/bin/date +%Y-%m-%d-%I-%M-%S-%p).html
+curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vLacLASfQk?status=up&msg=OK&ping=

proxyserver/akanealw/backup-vaultwarden.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+docker run --rm --volumes-from=vaultwarden -e UID=1000 -e PID=1000 -e BACKUP_DIR=/data/backups -e TIMESTAMP=true -v /home/akanealw/backups/vaultwardenbackups:/data/backups bruceforce/vaultwarden-backup manual
+chown -R akanealw:akanealw /home/akanealw/backups

proxyserver/akanealw/copy-backups-to-truenas.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+find "/home/akanealw/backups/bookmarksbackups" -name "*.html" -type f -mtime +25 -delete
+find "/home/akanealw/backups/vaultwardenbackups" -name "*.xz" -type f -mtime +25 -delete
+rsync -rvz /home/akanealw/backups/bookmarksbackups/ akanealw@truenas:/mnt/data/backups/bookmarksbackups/
+rsync -rvz /home/akanealw/backups/vaultwardenbackups/ akanealw@truenas:/mnt/data/backups/vaultwardenbackups/

proxyserver/akanealw/crontab.bak

@@ -0,0 +1,26 @@
+# Edit this file to introduce tasks to be run by cron.
+# 
+# Each task to run has to be defined through a single line
+# indicating with different fields when the task will be run
+# and what command to run for the task
+# 
+# To define the time you can provide concrete values for
+# minute (m), hour (h), day of month (dom), month (mon),
+# and day of week (dow) or use '*' in these fields (for 'any').
+# 
+# Notice that tasks will be started based on the cron's system
+# daemon's notion of time and timezones.
+# 
+# Output of the crontab jobs (including errors) is sent through
+# email to the user the crontab file belongs to (unless redirected).
+# 
+# For example, you can run a backup of all your user accounts
+# at 5 a.m every week with:
+# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
+# 
+# For more information see the manual pages of crontab(5) and cron(8)
+# 
+# m h  dom mon dow   command
+10 * * * * /home/akanealw/scripts/backup-bookmarks.sh
+0 16 * * * /home/akanealw/scripts/ping-before-copy-backups-to-truenas.sh
+0 11 * * * /home/akanealw/scripts/olivetin/restart-gluetun-and-services.sh

proxyserver/akanealw/debian-essentials.sh

@@ -0,0 +1,145 @@
+#!/bin/bash
+
+# autoreply config update dialog with no
+if [[ ! -f /etc/apt/apt.conf.d/local ]]
+    then
+        echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
+        echo "   "--force-confdef";" >> /etc/apt/apt.conf.d/local
+        echo "   "--force-confold";" >> /etc/apt/apt.conf.d/local
+        echo "}" >> /etc/apt/apt.conf.d/local
+fi
+
+# update bookworm to new debian.sources file
+if [[ -f /etc/apt/sources.list.d/debian.sources ]] 
+    then
+        echo "Sources already updated"
+    else
+        isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye")
+            if [ $isInFile -eq 0 ]
+                then
+                    mkdir /etc/apt/mirrors > /dev/null 2>&1
+                    echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list
+                    echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list
+                    echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
+                    echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources
+                    echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources
+                    echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources
+                    echo "" >> /etc/apt/sources.list.d/debian.sources
+                    echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
+                    echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources
+                    echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources
+                    echo "Components: main" >> /etc/apt/sources.list.d/debian.sources
+                    mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1
+                    rm /etc/apt/sources.list.11.backup > /dev/null 2>&1
+                else
+                    echo "Bullseye detected, skipping sources update"
+            fi
+fi
+
+# update and upgrade
+apt-get update
+apt-get upgrade -y
+
+# download and install packages
+apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
+
+# add akanealw user if not existing
+isInFile=$(cat /etc/passwd | grep -c "akanealw")
+if [ $isInFile -eq 0 ]
+    then
+        echo "Set password for akanealw"
+        useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw
+        mkdir /home/akanealw/.ssh
+        chown akanealw:akanealw /home/akanealw/.ssh
+        chmod 700 /home/akanealw/.ssh
+        cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1
+        chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
+        chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
+fi
+
+# create akanealw file in /etc/sudoers.d
+if [[ ! -f /etc/sudoers.d/akanealw ]]
+    then
+        echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw
+fi
+
+# enable ping for all users
+setcap 'cap_net_admin,cap_net_raw+ep' $(which ping)
+
+# remove all motd
+rm /etc/motd > /dev/null 2>&1
+
+# disable systemd-networkd-wait-online.service
+systemctl disable systemd-networkd-wait-online.service
+
+# git config
+git config --global credential.helper store
+git config --global user.name "akanealw"
+git config --global user.email "akanealw@gmail.com"
+git config --global init.defaultBranch main
+
+# show ip in /etc/issue
+wget -qO /etc/issue.default http://192.168.1.50/debian/issue.default
+rm /etc/issue > /dev/null 2>&1
+cp /etc/issue.default /etc/issue
+name=$(basename /sys/class/net/e*)
+echo "" >> /etc/issue
+echo "$name: \4{$name}" >> /etc/issue
+echo "" >> /etc/issue
+
+# set input preferences
+wget -qO /etc/inputrc.default http://192.168.1.50/debian/inputrc.default
+rm /etc/inputrc > /dev/null 2>&1
+cp /etc/inputrc.default /etc/inputrc
+echo "" >> /etc/inputrc
+echo "set completion-ignore-case On" >> /etc/inputrc
+
+# set bash preferences and aliases
+wget -qO /etc/bash.bashrc.default http://192.168.1.50/debian/bash.bashrc.default
+rm /etc/bash.bashrc > /dev/null 2>&1
+cp /etc/bash.bashrc.default /etc/bash.bashrc
+echo "" >> /etc/bash.bashrc
+echo "# custom settings and aliases" >> /etc/bash.bashrc
+echo "set -o noclobber" >> /etc/bash.bashrc
+echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
+echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
+echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
+echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
+echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
+echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
+echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
+echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
+echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
+echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
+echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
+echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
+echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
+echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
+echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
+echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
+echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
+echo "alias dc='docker compose'" >> /etc/bash.bashrc
+echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc
+echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc
+echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc
+echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc
+echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc
+echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc
+echo "alias dps='docker ps'" >> /etc/bash.bashrc
+echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc
+
+# create tmux config
+rm /etc/tmux.conf* > /dev/null 2>&1
+echo "unbind C-b" >> /etc/tmux.conf
+echo "set-option -g prefix C-a" >> /etc/tmux.conf
+echo "bind-key C-a send-prefix" >> /etc/tmux.conf
+
+# create credentials and map network drives
+isInFile=$(cat /etc/fstab | grep -c "192.168.1.41")
+if [ $isInFile -eq 0 ]
+    then
+        mkdir /mnt/truenasdata > /dev/null 2>&1
+        chown akanealw:akanealw /mnt/truenasdata
+        echo "# nfs shares" >> /etc/fstab
+        echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab
+fi

proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+ssh -i ~/.ssh/dockerserver \
+-o StrictHostKeyChecking=no \
+akanealw@192.168.1.30 \
+"docker restart gluetun \
+&& echo "gluetun restarting" \
+&& sleep 45 \
+&& docker restart jdownloader \
+&& echo "jdownloader restarting" \
+&& sleep 5 \
+&& docker restart qbittorrent \
+&& echo "qbittorrent restarting" \
+&& sleep 5 \
+&& docker restart sabnzbd \
+&& echo "sabnzbd restarting" \
+&& curl -fsS -m 10 --retry 5 -o /dev/null \
+https://uptimekuma.akanealw.com/api/push/eT36YM3T94?status=up&msg=OK&ping="

proxyserver/akanealw/olivetin/restart-jdownloader.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+ssh -i ~/.ssh/dockerserver \
+-o StrictHostKeyChecking=no \
+akanealw@192.168.1.30 \
+"docker restart jdownloader \
+&& echo "jdownloader restarting""

proxyserver/akanealw/olivetin/restart-qbittorrent.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+ssh -i ~/.ssh/dockerserver \
+-o StrictHostKeyChecking=no \
+akanealw@192.168.1.30 \
+"docker restart qbittorrent \
+&& echo "qbittorrent restarting""

proxyserver/akanealw/olivetin/restart-sabnzbd.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+ssh -i ~/.ssh/dockerserver \
+-o StrictHostKeyChecking=no \
+akanealw@192.168.1.30 \
+"docker restart sabnzbd \
+&& echo "sabnzbd restarting""

proxyserver/akanealw/olivetin/shutdown-proxmox1.sh

@@ -0,0 +1,4 @@
+ssh -i ~/.ssh/proxmox2 \
+-o StrictHostKeyChecking=no \
+akanealw@192.168.1.52 \
+/home/akanealw/scripts/shutdown-proxmox1.sh

proxyserver/akanealw/olivetin/wake-proxmox1.sh

@@ -0,0 +1,4 @@
+ssh -i ~/.ssh/proxmox2 \
+-o StrictHostKeyChecking=no \
+akanealw@192.168.1.52 \
+/home/akanealw/scripts/wake-proxmox1.sh

proxyserver/akanealw/ping-before-copy-backups-to-truenas.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+sudo chown -R akanealw:akanealw /home/akanealw/backups
+find "/home/akanealw/backups/bookmarksbackups" -name "*.html" -type f -mtime +25 -delete
+find "/home/akanealw/backups/vaultwardenbackups" -name "*.xz" -type f -mtime +25 -delete
+
+if ping -c 2 192.168.1.41 &> /dev/null
+ then
+     rsync -rvz /home/akanealw/backups/bookmarksbackups/ akanealw@truenas:/mnt/data/backups/bookmarksbackups/
+     curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=up&msg=OK&ping=
+     rsync -rvz /home/akanealw/backups/vaultwardenbackups/ akanealw@truenas:/mnt/data/backups/vaultwardenbackups/
+     curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=up&msg=OK&ping=
+ else
+     curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=down&msg=OK&ping=
+fi

proxyserver/root/check-wireguard.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+PING=/bin/ping
+## DEBIAN
+SERVICE=/usr/sbin/service
+
+tries=0
+while [[ $tries -lt 3 ]]
+do
+    if $PING -c 1 10.0.10.1
+    then
+        echo "wg works" && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=up&msg=OK&ping=
+        exit 0
+    fi
+    echo "wg fail"
+    tries=$((tries+1))
+done
+echo "wg failed 3 times - restarting tunnel" && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=down&msg=OK&ping=
+
+## DEBIAN
+$SERVICE wg-quick@wg1 restart && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=up&msg=OK&ping=

proxyserver/root/clean-plex-photo-cache.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.jpg" -type f -mtime +5 -delete
+find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.ppm" -type f -mtime +5 -delete
+curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vOOCgMo8GW?status=up&msg=OK&ping=

proxyserver/root/crontab.bak

@@ -0,0 +1,23 @@
+# Edit this file to introduce tasks to be run by cron.
+# 
+# Each task to run has to be defined through a single line
+# indicating with different fields when the task will be run
+# and what command to run for the task
+# 
+# To define the time you can provide concrete values for
+# minute (m), hour (h), day of month (dom), month (mon),
+# and day of week (dow) or use '*' in these fields (for 'any').
+# 
+# Notice that tasks will be started based on the cron's system
+# daemon's notion of time and timezones.
+# 
+# Output of the crontab jobs (including errors) is sent through
+# email to the user the crontab file belongs to (unless redirected).
+# 
+# For example, you can run a backup of all your user accounts
+# at 5 a.m every week with:
+# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
+# 
+# For more information see the manual pages of crontab(5) and cron(8)
+# 
+# m h  dom mon dow   command