akanealw/linux-scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
akanealw
2023-08-26 16:14:53 -05:00
commit bf38f42229
109 changed files with 3882 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
ddconf.conf Normal file
View File

@@ -0,0 +1,13 @@
daemon=900
use=web
protocol=dyndns2
protocol=googledomains,
login=0dbLQaqN8kK9jYKa,
password=vpKzmQVZiudhvfZA
akanealw.com
protocol=googledomains,
login=oZtsEAniHvjesY0v,
password=8gq0lTPPkdQdCeu0
aknlw.com

193
debian/debian-essentials.sh vendored Executable file
View File

@@ -0,0 +1,193 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]]
then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update bookworm to new debian.sources file
if [[ -f /etc/apt/sources.list.d/debian.sources ]]
then
echo "Sources already updated"
else
isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye")
if [ $isInFile -eq 0 ]
then
mkdir /etc/apt/mirrors > /dev/null 2>&1
echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list
echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources
echo "" >> /etc/apt/sources.list.d/debian.sources
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main" >> /etc/apt/sources.list.d/debian.sources
mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1
rm /etc/apt/sources.list.11.backup > /dev/null 2>&1
else
echo "Bullseye detected, skipping sources update"
fi
fi
# update and upgrade
apt-get update
apt-get upgrade -y
# download and install packages
apt-get install -y pwgen lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
# add akanealw user if not existing
isInFile=$(cat /etc/passwd | grep -c "akanealw")
if [ $isInFile -eq 0 ]
then
echo "Set password for akanealw"
useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw
mkdir /home/akanealw/.ssh
chown akanealw:akanealw /home/akanealw/.ssh
chmod 700 /home/akanealw/.ssh
cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1
chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
fi
# create akanealw file in /etc/sudoers.d
if [[ ! -f /etc/sudoers.d/akanealw ]]
then
echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw
fi
# enable ping for all users
setcap 'cap_net_admin,cap_net_raw+ep' $(which ping)
# remove all motd
rm /etc/motd > /dev/null 2>&1
# disable systemd-networkd-wait-online.service
systemctl disable systemd-networkd-wait-online.service
# git config
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main
# show ip in /etc/issue
wget -qO /etc/issue.default http://192.168.1.50/debian/issue.default
rm /etc/issue > /dev/null 2>&1
cp /etc/issue.default /etc/issue
name=$(basename /sys/class/net/e*)
echo "" >> /etc/issue
echo "$name: \4{$name}" >> /etc/issue
echo "" >> /etc/issue
# set input preferences
wget -qO /etc/inputrc.default http://192.168.1.50/debian/inputrc.default
rm /etc/inputrc > /dev/null 2>&1
cp /etc/inputrc.default /etc/inputrc
echo "" >> /etc/inputrc
echo "set completion-ignore-case On" >> /etc/inputrc
# set bash preferences and aliases
wget -qO /etc/bash.bashrc.default http://192.168.1.50/debian/bash.bashrc.default
rm /etc/bash.bashrc > /dev/null 2>&1
cp /etc/bash.bashrc.default /etc/bash.bashrc
echo "" >> /etc/bash.bashrc
echo "# custom settings and aliases" >> /etc/bash.bashrc
echo "set -o noclobber" >> /etc/bash.bashrc
echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
echo "alias dc='docker compose'" >> /etc/bash.bashrc
echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc
echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc
echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc
echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc
echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc
echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc
echo "alias dps='docker ps'" >> /etc/bash.bashrc
echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc
# create tmux config
rm /etc/tmux.conf* > /dev/null 2>&1
echo "unbind C-b" >> /etc/tmux.conf
echo "set-option -g prefix C-a" >> /etc/tmux.conf
echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# create credentials and map network drives
isInFile=$(cat /etc/fstab | grep -c "192.168.1.41")
if [ $isInFile -eq 0 ]
then
mkdir /mnt/truenasdata > /dev/null 2>&1
chown akanealw:akanealw /mnt/truenasdata
echo "# nfs shares" >> /etc/fstab
echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab
fi
# configure email for sending notifications
isInFile=$(cat /etc/postfix/main.cf | grep -c "gmail")
if [ $isInFile -eq 0 ]
then
DEBIAN_FRONTEND=noninteractive apt install -y libsasl2-modules mailutils postfix postfix-pcre
echo "smtp.gmail.com notify.akanealw@gmail.com:leawkqqpthbwacrf" > /etc/postfix/sasl_passwd
echo "/^From:.*/ REPLACE From: $(hostname) <notify.akanealw@gmail.com>" > /etc/postfix/smtp_header_checks
chmod 600 /etc/postfix/sasl_passwd
postmap hash:/etc/postfix/sasl_passwd
postmap hash:/etc/postfix/smtp_header_checks
sed -i 's@relayhost =@#relayhost = @g' /etc/postfix/main.cf
sed -i 's@smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@g' /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
echo "# google mail configuration" >> /etc/postfix/main.cf
echo "relayhost = smtp.gmail.com:587" >> /etc/postfix/main.cf
echo "smtp_use_tls = yes" >> /etc/postfix/main.cf
echo "smtp_sasl_auth_enable = yes" >> /etc/postfix/main.cf
echo "smtp_sasl_security_options =" >> /etc/postfix/main.cf
echo "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" >> /etc/postfix/main.cf
echo "smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem" >> /etc/postfix/main.cf
echo "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" >> /etc/postfix/main.cf
echo "smtp_tls_session_cache_timeout = 3600s" >> /etc/postfix/main.cf
echo "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks" >> /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
postfix reload
echo "This is a test message sent from postfix on $(hostname)" | mail -s "Test Email from $(hostname)" akanealw@gmail.com
else
echo "Email already configured."
fi
# configure unattended upgrades
isInFile=$(cat /etc/apt/apt.conf.d/20auto-upgrades | grep -c 'APT::Periodic::Unattended-Upgrade "1";')
if [ $isInFile -eq 0 ]
then
apt install -y apt-listchanges unattended-upgrades
sed -i 's@// "origin=Debian,codename=${distro_codename}-updates";@ "origin=Debian,codename=${distro_codename}-updates";@g' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's!//Unattended-Upgrade::Mail "";!Unattended-Upgrade::Mail "akanealw@gmail.com";!g' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's@//Unattended-Upgrade::MailReport "on-change";@Unattended-Upgrade::MailReport "on-change";@g' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's@//Unattended-Upgrade::Remove-Unused-Dependencies "false";@Unattended-Upgrade::Remove-Unused-Dependencies "true";@g' /etc/apt/apt.conf.d/50unattended-upgrades
echo "APT::Periodic::Update-Package-Lists \"1\";" > /etc/apt/apt.conf.d/20auto-upgrades
echo "APT::Periodic::Unattended-Upgrade \"1\";" >> /etc/apt/apt.conf.d/20auto-upgrades
systemctl enable unattended-upgrades
systemctl start unattended-upgrades
systemctl status unattended-upgrades
else
echo "Unattended upgrades already configured."
fi

23
debian/debian-install-docker.sh vendored Executable file
View File

@@ -0,0 +1,23 @@
#!/bin/bash
if [[ ! -f /etc/apt/keyrings/docker.gpg ]]
then
apt-get update
apt-get install -y ca-certificates curl gnupg lsb-release
chown -R akanealw:akanealw /home/akanealw/docker
mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
groupadd docker > /dev/null 2>&1
usermod -aG docker akanealw
systemctl enable docker.service
systemctl enable containerd.service
systemctl start docker.service
systemctl start containerd.service
systemctl status docker.service
systemctl status containerd.service
else
echo "Docker is already configured."
fi

19
debian/debian-install-samba.sh vendored Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/bash
isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw")
if [ $isInFile -eq 0 ]
then
apt-get install -y samba --no-install-recommends
(echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw
sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf
echo "[akanealw]" >> /etc/samba/smb.conf
echo " comment = akanealw" >> /etc/samba/smb.conf
echo " read only = no" >> /etc/samba/smb.conf
echo " path = /home/akanealw" >> /etc/samba/smb.conf
echo " guest ok = no" >> /etc/samba/smb.conf
echo "" >> /etc/samba/smb.conf
systemctl restart smbd
systemctl status smbd
else
echo "Samba is already configured."
fi

32
debian/debian-regenerate-ssh-keys-machine-id.sh vendored Normal file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
# ask to regenerate machine-id
if [[ ! -f /etc/machine-id-regenerated ]]
then
read -r -p "Regenerate machine-id? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]
then
rm -f /etc/machine-id /var/lib/dbus/machine-id
dbus-uuidgen --ensure=/etc/machine-id
dbus-uuidgen --ensure
touch /etc/machine-id-regenerated
fi
fi
# ask to regenerate ssh host keys
if [[ ! -d /etc/cloud ]]
then
if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]]
then
read -r -p "Regenerate SSH Keys? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]
then
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
mkdir /home/akanealw/.ssh
touch /home/akanealw/.ssh/ssh_keys_regenerated
chmod 700 /home/akanealw/.ssh
chown -R akanealw:akanealw /home/akanealw/.ssh
fi
fi
fi

36
debian/debian-set-ip.sh vendored Executable file
View File

@@ -0,0 +1,36 @@
#!/bin/bash
# ask to set static ip address
if [[ ! -d /etc/cloud ]]
then
if [[ ! -f /etc/network/interfaces.bak ]]
then
read -r -p "Set Static IP address? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]
then
read -r -p "Enter Static IP Address with subnet prefix: " staticip
read -r -p "Enter Gateway IP Address: " gatewayip
read -r -p "Enter Primary DNS IP Address: " dnsip1
read -r -p "Enter Secondary DNS IP Address: " dnsip2
name=$(basename /sys/class/net/e*)
if [[ ! -f /etc/network/interfaces.bak ]]
then
cp /etc/network/interfaces /etc/network/interfaces.bak
fi
rm /etc/network/interfaces
cp /etc/network/interfaces.bak /etc/network/interfaces
sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces
echo " address $staticip" >> /etc/network/interfaces
echo " gateway $gatewayip" >> /etc/network/interfaces
if [[ ! -f /etc/resolv.conf.bak ]]
then
cp /etc/resolv.conf /etc/resolv.conf.bak
fi
rm /etc/resolv.conf
echo "nameserver $dnsip1" >> /etc/resolv.conf
echo "nameserver $dnsip2" >> /etc/resolv.conf
ifdown $name
ifup $name
fi
fi
fi

30
debian/debian-setup-email.sh vendored Normal file
View File

@@ -0,0 +1,30 @@
#!/bin/bash
isInFile=$(cat /etc/postfix/main.cf | grep -c "gmail")
if [ $isInFile -eq 0 ]
then
DEBIAN_FRONTEND=noninteractive apt install -y libsasl2-modules mailutils postfix postfix-pcre
echo "smtp.gmail.com notify.akanealw@gmail.com:leawkqqpthbwacrf" > /etc/postfix/sasl_passwd
echo "/^From:.*/ REPLACE From: $(hostname) <notify.akanealw@gmail.com>" > /etc/postfix/smtp_header_checks
chmod 600 /etc/postfix/sasl_passwd
postmap hash:/etc/postfix/sasl_passwd
postmap hash:/etc/postfix/smtp_header_checks
sed -i 's@relayhost =@#relayhost = @g' /etc/postfix/main.cf
sed -i 's@smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@g' /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
echo "# google mail configuration" >> /etc/postfix/main.cf
echo "relayhost = smtp.gmail.com:587" >> /etc/postfix/main.cf
echo "smtp_use_tls = yes" >> /etc/postfix/main.cf
echo "smtp_sasl_auth_enable = yes" >> /etc/postfix/main.cf
echo "smtp_sasl_security_options =" >> /etc/postfix/main.cf
echo "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" >> /etc/postfix/main.cf
echo "smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem" >> /etc/postfix/main.cf
echo "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" >> /etc/postfix/main.cf
echo "smtp_tls_session_cache_timeout = 3600s" >> /etc/postfix/main.cf
echo "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks" >> /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
postfix reload
echo "This is a test message sent from postfix on $(hostname)" | mail -s "Test Email from $(hostname)" akanealw@gmail.com
else
echo "Email already configured."
fi

18
debian/debian-setup-unattended-upgrades.sh vendored Normal file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
isInFile=$(cat /etc/apt/apt.conf.d/20auto-upgrades | grep -c 'APT::Periodic::Unattended-Upgrade "1";')
if [ $isInFile -eq 0 ]
then
apt install -y apt-listchanges unattended-upgrades
sed -i 's@// "origin=Debian,codename=${distro_codename}-updates";@ "origin=Debian,codename=${distro_codename}-updates";@g' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's!//Unattended-Upgrade::Mail "";!Unattended-Upgrade::Mail "akanealw@gmail.com";!g' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's@//Unattended-Upgrade::MailReport "on-change";@Unattended-Upgrade::MailReport "on-change";@g' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's@//Unattended-Upgrade::Remove-Unused-Dependencies "false";@Unattended-Upgrade::Remove-Unused-Dependencies "true";@g' /etc/apt/apt.conf.d/50unattended-upgrades
echo "APT::Periodic::Update-Package-Lists \"1\";" > /etc/apt/apt.conf.d/20auto-upgrades
echo "APT::Periodic::Unattended-Upgrade \"1\";" >> /etc/apt/apt.conf.d/20auto-upgrades
systemctl enable unattended-upgrades
systemctl start unattended-upgrades
systemctl status unattended-upgrades
else
echo "Unattended upgrades already configured."
fi

28
debian/debian-update-sources.sh vendored Normal file
View File

@@ -0,0 +1,28 @@
#!/bin/bash
# update bookworm to new debian.sources file
if [[ -f /etc/apt/sources.list.d/debian.sources ]]
then
echo "Sources already updated"
else
isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye")
if [ $isInFile -eq 0 ]
then
mkdir /etc/apt/mirrors > /dev/null 2>&1
echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list
echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources
echo "" >> /etc/apt/sources.list.d/debian.sources
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main" >> /etc/apt/sources.list.d/debian.sources
mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1
rm /etc/apt/sources.list.11.backup > /dev/null 2>&1
else
echo "Bullseye detected, skipping sources update"
fi
fi

17
debian/download-debian-essentials.sh vendored Executable file
View File

@@ -0,0 +1,17 @@
#!/bin/bash
if [[ -d /home/akanealw ]]
then
rm /home/akanealw/scripts/debian-essentials* > /dev/null 2>&1
rm /root/scripts/debian-essentials* > /dev/null 2>&1
mkdir /home/akanealw/scripts > /dev/null 2>&1
wget -qO /home/akanealw/scripts/debian-essentials.sh https://aknlw.com/debian-essentials
chmod +x /home/akanealw/scripts/debian-essentials.sh
sudo /home/akanealw/scripts/debian-essentials.sh
else
rm /root/scripts/debian-essentials* > /dev/null 2>&1
mkdir /root/scripts > /dev/null 2>&1
wget -qO /root/scripts/debian-essentials.sh https://aknlw.com/debian-essentials
chmod +x /root/scripts/debian-essentials.sh
/root/scripts/debian-essentials.sh
fi

33
debian/nano-remap.sh vendored Executable file
View File

@@ -0,0 +1,33 @@
#!/bin/bash
# set nanorc keybinds
if [[ -f /etc/nanorc.default ]] ; then
mv /etc/nanorc.default /etc/nanorc.bak > /dev/null 2>&1
fi
if [[ ! -f /etc/nanorc.bak ]] ; then
cp /etc/nanorc /etc/nanorc.bak > /dev/null 2>&1
fi
rm /etc/nanorc > /dev/null 2>&1
cp /etc/nanorc.bak /etc/nanorc
echo "" >> /etc/nanorc
echo "# custom binds" >> /etc/nanorc
echo "bind ^X exit all" >> /etc/nanorc
echo "bind ^S savefile main" >> /etc/nanorc
echo "bind ^O writeout main" >> /etc/nanorc
echo "bind ^I insert main" >> /etc/nanorc
echo "bind ^F whereis all" >> /etc/nanorc
echo "bind ^G findnext all" >> /etc/nanorc
echo "bind ^B wherewas all" >> /etc/nanorc
echo "bind ^D findprevious all" >> /etc/nanorc
echo "bind ^R replace main" >> /etc/nanorc
echo "bind ^K cut all" >> /etc/nanorc
echo "bind ^C copy main" >> /etc/nanorc
echo "bind ^V paste all" >> /etc/nanorc
echo "bind ^A mark main" >> /etc/nanorc
echo "bind ^T gotoline main" >> /etc/nanorc
echo "bind ^T gotodir browser" >> /etc/nanorc
echo "unbind ^U all" >> /etc/nanorc
echo "unbind ^N main" >> /etc/nanorc
echo "unbind ^Y all" >> /etc/nanorc
echo "unbind M-J main" >> /etc/nanorc
echo "unbind M-T main" >> /etc/nanorc

24
dockerserver/akanealw/crontab.bak Normal file
View File

@@ -0,0 +1,24 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
0 12 * * * /home/akanealw/scripts/restart-gluetun-and-services.sh >> /home/akanealw/restart-gluetun-and-services.log

10
dockerserver/akanealw/restart-gluetun-and-services.sh Executable file
View File

@@ -0,0 +1,10 @@
#!/bin/bash
docker restart gluetun && echo gluetun restarted
sleep 45
docker restart qbittorrent && echo qbittorrent restarted
sleep 5
docker restart sabnzbd && echo sabnzbd restarted
sleep 5
docker restart jdownloader && echo jdownloader restarted
sleep 5

5
dockerserver/akanealw/rsync-docker-remotely-to-proxyserver.sh Normal file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
rsync -azvP -e "ssh -i ~/.ssh/proxyserver" --progress \
/home/akanealw/docker/appdata/remotely \
root@192.168.1.4:/home/akanealw/docker/appdata

23
dockerserver/root/crontab.bak Normal file
View File

@@ -0,0 +1,23 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command

10
dockerserver/root/restart-gluetun-and-services.sh Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/bash
docker restart gluetun && echo gluetun restarted
sleep 45
docker restart qbittorrent && echo qbittorrent restarted
sleep 5
docker restart sabnzbd && echo sabnzbd restarted
sleep 5
docker restart jdownloader && echo jdownloader restarted
sleep 5

4
dockerserver/root/rsync-docker-data.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bashrsync-docker-remotely-to-proxyserver.sh
rsync -azvP -e "ssh -i ~/.ssh/dockerserver" --progress \
root@192.168.1.35:/opt/docker/appdata /home/akanealw/docker

10
dockerserver/root/rsync-dockerserver-test-to-dockerserver.sh Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/bash
rsync -azvP -e "ssh -i ~/.ssh/dockerserver" --progress \
--include=/ \
--include=/home/ \
--include=/home/akanealw \
--include=/home/akanealw/docker \
--include=/home/akanealw/docker/appdata/*** \
--exclude=* \
/ root@192.168.1.30:/

15
download-essentials.sh Executable file
View File

@@ -0,0 +1,15 @@
#!/bin/bash
isInFile=$(cat /etc/os-release | grep -c "ID=debian")
if [ $isInFile -eq 1 ]; then
curl -O http://192.168.1.50/debian/debian-essentials.sh
chmod +x debian-essentials.sh
sudo ./debian-essentials.sh
fi
isInFile=$(cat /etc/os-release | grep -c "ID=ubuntu")
if [ $isInFile -eq 1 ]; then
curl -O http://192.168.1.50/ubuntu/ubuntu-essentials.sh
chmod +x ubuntu-essentials.sh
sudo ./ubuntu-essentials.sh
fi

55
fileserver/akanealw/backup-scripts-to-gitrepo.sh Executable file
View File

@@ -0,0 +1,55 @@
#!/bin/bash
if ping -c 1 192.168.1.41 &> /dev/null
then
# proxyserver
ssh proxyserver "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \
&& sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \
&& rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \
&& rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/ \
&& rsync -azvP /home/akanealw/scripts/olivetin/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/olivetin/ \
&& sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/root/"
# dockerserver
ssh dockerserver "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \
&& sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \
&& rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \
&& rsync -azvPH /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/dockerserver/akanealw/ \
&& sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/dockerserver/root/"
# plexserver
ssh plexserver "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \
&& sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \
&& rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \
&& rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/plexserver/akanealw/ \
&& sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/plexserver/root/"
# proxmox1
ssh proxmox1 "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \
&& sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \
&& rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \
&& rm /root/scripts/proxmox* > /dev/null 2>&1 \
&& rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox1/akanealw/ \
&& sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox1/root/"
# proxmox2
ssh proxmox2 "crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1 \
&& sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1 \
&& rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1 \
&& rm /root/scripts/proxmox* > /dev/null 2>&1 \
&& rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox2/akanealw/ \
&& sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxmox2/root/"
# fileserver
crontab -l | tee /home/akanealw/scripts/crontab.bak > /dev/null 2>&1
sudo crontab -l | sudo tee /root/scripts/crontab.bak > /dev/null 2>&1
rm /home/akanealw/scripts/debian-essentials.sh > /dev/null 2>&1
rsync -azvP /home/akanealw/scripts/ /home/akanealw/gitrepos/fileserver/files/bashscripts/fileserver/akanealw/
sudo rsync -azvP /root/scripts/ /home/akanealw/gitrepos/fileserver/files/bashscripts/fileserver/root/
# chown all files copied
sudo chown -R akanealw:akanealw /home/akanealw/gitrepos/fileserver/files/
else
echo "TrueNAS is offline" curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vwn8owCG7W?status=down&msg=OK&ping=
fi
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vwn8owCG7W?status=up&msg=OK&ping=

24
fileserver/akanealw/crontab.bak Normal file
View File

@@ -0,0 +1,24 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
0 13 * * * /home/akanealw/scripts/backup-scripts-to-gitrepo.sh

248
fileserver/akanealw/debian-essentials.sh Executable file
View File

@@ -0,0 +1,248 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update bookworm to new debian.sources file
if [[ -f /etc/apt/sources.list ]] ; then
isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye")
if [ $isInFile -eq 0 ]; then
mkdir /etc/apt/mirrors > /dev/null 2>&1
echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list
echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources
echo "" >> /etc/apt/sources.list.d/debian.sources
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main" >> /etc/apt/sources.list.d/debian.sources
mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1
rm /etc/apt/sources.list.11.backup > /dev/null 2>&1
fi
fi
# update and upgrade
apt-get update
apt-get upgrade -y
# download and install packages
apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
# add akanealw user if not existing
isInFile=$(cat /etc/passwd | grep -c "akanealw")
if [ $isInFile -eq 0 ]; then
echo "Set password for akanealw"
useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw
mkdir /home/akanealw/.ssh
chown akanealw:akanealw /home/akanealw/.ssh
chmod 700 /home/akanealw/.ssh
cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1
chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
fi
# create akanealw file in /etc/sudoers.d
if [[ ! -f /etc/sudoers.d/akanealw ]] ; then
echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw
fi
# enable ping for all users
setcap 'cap_net_admin,cap_net_raw+ep' $(which ping)
# remove all motd
rm /etc/motd > /dev/null 2>&1
# disable systemd-networkd-wait-online.service
systemctl disable systemd-networkd-wait-online.service
# git config
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main
# show ip in /etc/issue
name=$(basename /sys/class/net/e*)
isInFile=$(cat /etc/issue | grep -c "$name")
if [ $isInFile -eq 0 ]; then
cp /etc/issue /etc/issue.bak
echo "$name: \4{$name}" >> /etc/issue
echo "" >> /etc/issue
fi
# set input preferences
if [[ ! -f /etc/inputrc.bak ]] ; then
cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1
fi
rm /etc/inputrc > /dev/null 2>&1
cp /etc/inputrc.bak /etc/inputrc
echo "" >> /etc/inputrc
echo "set completion-ignore-case On" >> /etc/inputrc
# set bash preferences and aliases
if [[ -f /etc/bash.bashrc.default ]] ; then
mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1
fi
if [[ ! -f /etc/bash.bashrc.bak ]] ; then
cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1
fi
rm /etc/bash.bashrc > /dev/null 2>&1
cp /etc/bash.bashrc.bak /etc/bash.bashrc
echo "" >> /etc/bash.bashrc
echo "# custom settings and aliases" >> /etc/bash.bashrc
echo "set -o noclobber" >> /etc/bash.bashrc
echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
echo "alias dc='docker compose'" >> /etc/bash.bashrc
echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc
echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc
echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc
echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc
echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc
echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc
echo "alias dps='docker ps'" >> /etc/bash.bashrc
echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc
# create tmux config
rm /etc/tmux.conf* > /dev/null 2>&1
echo "unbind C-b" >> /etc/tmux.conf
echo "set-option -g prefix C-a" >> /etc/tmux.conf
echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# create credentials and map network drives
isInFile=$(cat /etc/fstab | grep -c "192.168.1.41")
if [ $isInFile -eq 0 ]; then
mkdir /mnt/truenasdata > /dev/null 2>&1
chown akanealw:akanealw /mnt/truenasdata
echo "# nfs shares" >> /etc/fstab
echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab
fi
# ask to install samba
if [[ ! -f /etc/samba/smb.conf ]] ; then
read -r -p "Install Samba? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then
apt-get install -y samba --no-install-recommends
# configure default samba share
(echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw
sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf
isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]")
if [ $isInFile -eq 0 ]; then
echo "[akanealw]" >> /etc/samba/smb.conf
echo " comment = akanealw" >> /etc/samba/smb.conf
echo " read only = no" >> /etc/samba/smb.conf
echo " path = /home/akanealw" >> /etc/samba/smb.conf
echo " guest ok = no" >> /etc/samba/smb.conf
echo "" >> /etc/samba/smb.conf
fi
fi
fi
# ask to install docker
if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then
read -r -p "Install Docker? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
# prepare for install
apt-get update
apt-get install -y ca-certificates curl gnupg lsb-release
mkdir -p /home/akanealw/docker/appdata
chown -R akanealw:akanealw /home/akanealw/docker
mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# install docker
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
# post install
groupadd docker > /dev/null 2>&1
usermod -aG docker akanealw
systemctl enable docker.service
systemctl enable containerd.service
fi
fi
# ask to regenerate machine-id
if [[ ! -f /etc/machine-id-regenerated ]] ; then
read -r -p "Regenerate machine-id? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
# regenerate machine-id
rm -f /etc/machine-id /var/lib/dbus/machine-id
dbus-uuidgen --ensure=/etc/machine-id
dbus-uuidgen --ensure
touch /etc/machine-id-regenerated
fi
fi
# ask to regenerate ssh host keys
if [[ ! -d /etc/cloud ]] ; then
if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then
read -r -p "Regenerate SSH Keys? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
mkdir /home/akanealw/.ssh
touch /home/akanealw/.ssh/ssh_keys_regenerated
chmod 700 /home/akanealw/.ssh
chown -R akanealw:akanealw /home/akanealw/.ssh
fi
fi
fi
# ask to set static ip address
if [[ ! -d /etc/cloud ]] ; then
if [[ ! -f /etc/network/interfaces.bak ]] ; then
read -r -p "Set Static IP address? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then
read -r -p "Enter Static IP Address with subnet prefix: " staticip
read -r -p "Enter Gateway IP Address: " gatewayip
read -r -p "Enter Primary DNS IP Address: " dnsip1
read -r -p "Enter Secondary DNS IP Address: " dnsip2
# get adapter name
name=$(basename /sys/class/net/e*)
# backup original interfaces file
if [[ ! -f /etc/network/interfaces.bak ]] ; then
cp /etc/network/interfaces /etc/network/interfaces.bak
fi
rm /etc/network/interfaces
cp /etc/network/interfaces.bak /etc/network/interfaces
# set static ip
sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces
echo " address $staticip" >> /etc/network/interfaces
echo " gateway $gatewayip" >> /etc/network/interfaces
# backup resolv.conf file
if [[ ! -f /etc/resolv.conf.bak ]] ; then
cp /etc/resolv.conf /etc/resolv.conf.bak
fi
rm /etc/resolv.conf
# set primary dns ip
echo "nameserver $dnsip1" >> /etc/resolv.conf
echo "nameserver $dnsip2" >> /etc/resolv.conf
# restart the interface
ifdown $name
ifup $name
fi
fi
fi

6
fileserver/akanealw/plexserver.sh Executable file
View File

@@ -0,0 +1,6 @@
#!/bin/bash
ssh plexserver "crontab -l | tee /home/akanealw/scripts/crontab.bak \
&& sudo crontab -l | sudo tee /root/scripts/crontab.bak \
&& rsync -azvP /home/akanealw/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/akanealw/ \
&& sudo rsync -azvP /root/scripts/ akanealw@fileserver:/home/akanealw/gitrepos/fileserver/files/bashscripts/proxyserver/root/"

17
fileserver/akanealw/rsync-backup-awsvps.sh Normal file
View File

@@ -0,0 +1,17 @@
#!/bin/bash
if ping -c 1 192.168.1.41 &> /dev/null
then
sudo mount -a -v
rsync -azvP -e "ssh -i ~/.ssh/awsvps" --progress \
--include=/ \
--include=/etc/ \
--include=/etc/iptables/*** \
--include=/etc/nginx/*** \
--include=/etc/wireguard/*** \
--exclude=* \
root@awsvps:/ /mnt/backups/awsvpsbackups/$(/bin/date +%Y-%m-%d-%I-%M-%S-%p)
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/otthp467K9?status=up&msg=OK&ping=
else
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/otthp467K9?status=down&msg=OK&ping=
fi

13
fileserver/etc-profile.d/mount-shared-folders.sh Normal file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
if ping -c 2 192.168.1.41 > /dev/null 2>&1
then
if [[ ! -f /mnt/truenasfileserver/.gitignore ]]
then
sudo mount -t nfs -o defaults,nolock,soft,vers=4.2 192.168.1.41:/mnt/data/fileserver /mnt/truenasfileserver -v
else
echo "TrueNAS shared folder already mounted"
fi
else
echo "TrueNAS is offline"
fi

18
fileserver/gitrepos/update-fileserver.sh Normal file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
if ping -c 1 192.168.1.41 > /dev/null 2>&1
then
if [[ ! -f /mnt/truenasfileserver/.gitignore ]]
then
sudo mount -t nfs -o defaults,nolock,soft,vers=4.2 192.168.1.41:/mnt/data/fileserver /mnt/truenasfileserver
echo "TrueNAS shared folder mounted"
cd /mnt/truenasfileserver
git pull
else
echo "TrueNAS shared folder already mounted"
cd /mnt/truenasfileserver
git pull
fi
else
echo "TrueNAS is offline"
fi

25
fileserver/root/crontab.bak Normal file
View File

@@ -0,0 +1,25 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
30 9 * * * /root/scripts/ping-before-mounting-shares.sh
0 16 * * * /root/scripts/rsync-backup-fileserver.sh

5
fileserver/root/ping-before-mounting-shares.sh Executable file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done
sleep 45
mount -t nfs -o defaults,nolock,soft,vers=4.2 192.168.1.41:/mnt/data/fileserver /mnt/truenasfileserver -v

24
fileserver/root/rsync-backup-fileserver.sh Executable file
View File

@@ -0,0 +1,24 @@
#!/bin/bash
if ping -c 1 192.168.1.41 &> /dev/null
then
rsync -azvP -e "ssh -i ~/.ssh/truenas" --progress \
--include=/ \
--include=/home/*** \
--include=/etc \
--include=/etc/fstab \
--include=/etc/default/*** \
--include=/etc/dnsmasq.d/*** \
--include=/etc/forgejo/*** \
--include=/etc/nginx/*** \
--include=/etc/wireguard/*** \
--include=/srv/*** \
--include=/var \
--include=/var/lib \
--include=/var/lib/forgejo/*** \
--exclude=* \
/ akanealw@192.168.1.41:/mnt/data/backups/fileserverbackup/$(/bin/date +%Y-%m-%d-%I-%M-%S-%p)
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/OtvHGEeMxL?status=up&msg=OK&ping=
else
echo "TrueNAS is offline" && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/OtvHGEeMxL?status=down&msg=OK&ping=
fi

4
git/configure-git.sh Executable file
View File

@@ -0,0 +1,4 @@
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main

62
joinad.sh Executable file
View File

@@ -0,0 +1,62 @@
#!/bin/bash
apt update
apt -y install realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
#Say no to WINS via DNS
realm discover ad.akanealw.com
realm join -U nwettstein ad.akanealw.com
realm list
bash -c "cat > /usr/share/pam-configs/mkhomedir" <<EOF
Name: activate mkhomedir
Default: yes
Priority: 900
Session-Type: Additional
Session:
required pam_mkhomedir.so umask=0022 skel=/etc/skel
EOF
pam-auth-update
#Enable mkhomedir
nano /etc/sssd/sssd.conf
#Change two lines
use_fully_qualified_names = False
fallback_homedir = /home/%u
realm permit -g DebianLogin
realm list
nano /etc/sudoers.d/domain_admins
#Insert three lines
%Domain\ Admins@ad.akanealw.com ALL=(ALL) ALL
nwettstein@ad.akanealw.com ALL=(ALL) ALL
nwettstein ALL=(ALL) NOPASSWD:ALL
systemctl restart sssd
systemctl status sssd
systemctl restart sshd
systemctl status sshd
exit
relog as nwettstein
groups
#Add nwettstein to necessary groups
usermod -a -G docker nwettstein
usermod -a -G www-data nwettstein
#Disable root account
passwd -l root
passwd -S root

0
plexserver/akanealw/crontab.bak Normal file
View File

248
plexserver/akanealw/debian-essentials.sh Executable file
View File

@@ -0,0 +1,248 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update bookworm to new debian.sources file
if [[ -f /etc/apt/sources.list ]] ; then
isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye")
if [ $isInFile -eq 0 ]; then
mkdir /etc/apt/mirrors > /dev/null 2>&1
echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list
echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources
echo "" >> /etc/apt/sources.list.d/debian.sources
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main" >> /etc/apt/sources.list.d/debian.sources
mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1
rm /etc/apt/sources.list.11.backup > /dev/null 2>&1
fi
fi
# update and upgrade
apt-get update
apt-get upgrade -y
# download and install packages
apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
# add akanealw user if not existing
isInFile=$(cat /etc/passwd | grep -c "akanealw")
if [ $isInFile -eq 0 ]; then
echo "Set password for akanealw"
useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw
mkdir /home/akanealw/.ssh
chown akanealw:akanealw /home/akanealw/.ssh
chmod 700 /home/akanealw/.ssh
cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1
chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
fi
# create akanealw file in /etc/sudoers.d
if [[ ! -f /etc/sudoers.d/akanealw ]] ; then
echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw
fi
# enable ping for all users
setcap 'cap_net_admin,cap_net_raw+ep' $(which ping)
# remove all motd
rm /etc/motd > /dev/null 2>&1
# disable systemd-networkd-wait-online.service
systemctl disable systemd-networkd-wait-online.service
# git config
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main
# show ip in /etc/issue
name=$(basename /sys/class/net/e*)
isInFile=$(cat /etc/issue | grep -c "$name")
if [ $isInFile -eq 0 ]; then
cp /etc/issue /etc/issue.bak
echo "$name: \4{$name}" >> /etc/issue
echo "" >> /etc/issue
fi
# set input preferences
if [[ ! -f /etc/inputrc.bak ]] ; then
cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1
fi
rm /etc/inputrc > /dev/null 2>&1
cp /etc/inputrc.bak /etc/inputrc
echo "" >> /etc/inputrc
echo "set completion-ignore-case On" >> /etc/inputrc
# set bash preferences and aliases
if [[ -f /etc/bash.bashrc.default ]] ; then
mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1
fi
if [[ ! -f /etc/bash.bashrc.bak ]] ; then
cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1
fi
rm /etc/bash.bashrc > /dev/null 2>&1
cp /etc/bash.bashrc.bak /etc/bash.bashrc
echo "" >> /etc/bash.bashrc
echo "# custom settings and aliases" >> /etc/bash.bashrc
echo "set -o noclobber" >> /etc/bash.bashrc
echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
echo "alias dc='docker compose'" >> /etc/bash.bashrc
echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc
echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc
echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc
echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc
echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc
echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc
echo "alias dps='docker ps'" >> /etc/bash.bashrc
echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc
# create tmux config
rm /etc/tmux.conf* > /dev/null 2>&1
echo "unbind C-b" >> /etc/tmux.conf
echo "set-option -g prefix C-a" >> /etc/tmux.conf
echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# create credentials and map network drives
isInFile=$(cat /etc/fstab | grep -c "192.168.1.41")
if [ $isInFile -eq 0 ]; then
mkdir /mnt/truenasdata > /dev/null 2>&1
chown akanealw:akanealw /mnt/truenasdata
echo "# nfs shares" >> /etc/fstab
echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab
fi
# ask to install samba
if [[ ! -f /etc/samba/smb.conf ]] ; then
read -r -p "Install Samba? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then
apt-get install -y samba --no-install-recommends
# configure default samba share
(echo "8ung1e1!"; sleep 1; echo "8ung1e1!" ) | smbpasswd -s -a akanealw
sed -i s/WORKGROUP/akanealw/ /etc/samba/smb.conf
isInFile=$(cat /etc/samba/smb.conf | grep -c "akanealw]")
if [ $isInFile -eq 0 ]; then
echo "[akanealw]" >> /etc/samba/smb.conf
echo " comment = akanealw" >> /etc/samba/smb.conf
echo " read only = no" >> /etc/samba/smb.conf
echo " path = /home/akanealw" >> /etc/samba/smb.conf
echo " guest ok = no" >> /etc/samba/smb.conf
echo "" >> /etc/samba/smb.conf
fi
fi
fi
# ask to install docker
if [[ ! -f /etc/apt/keyrings/docker.gpg ]] ; then
read -r -p "Install Docker? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
# prepare for install
apt-get update
apt-get install -y ca-certificates curl gnupg lsb-release
mkdir -p /home/akanealw/docker/appdata
chown -R akanealw:akanealw /home/akanealw/docker
mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# install docker
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
# post install
groupadd docker > /dev/null 2>&1
usermod -aG docker akanealw
systemctl enable docker.service
systemctl enable containerd.service
fi
fi
# ask to regenerate machine-id
if [[ ! -f /etc/machine-id-regenerated ]] ; then
read -r -p "Regenerate machine-id? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
# regenerate machine-id
rm -f /etc/machine-id /var/lib/dbus/machine-id
dbus-uuidgen --ensure=/etc/machine-id
dbus-uuidgen --ensure
touch /etc/machine-id-regenerated
fi
fi
# ask to regenerate ssh host keys
if [[ ! -d /etc/cloud ]] ; then
if [[ ! -f /home/akanealw/.ssh/ssh_keys_regenerated ]] ; then
read -r -p "Regenerate SSH Keys? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
mkdir /home/akanealw/.ssh
touch /home/akanealw/.ssh/ssh_keys_regenerated
chmod 700 /home/akanealw/.ssh
chown -R akanealw:akanealw /home/akanealw/.ssh
fi
fi
fi
# ask to set static ip address
if [[ ! -d /etc/cloud ]] ; then
if [[ ! -f /etc/network/interfaces.bak ]] ; then
read -r -p "Set Static IP address? <y/N> " prompt
if [[ "${prompt,,}" =~ ^(y|yes)$ ]] ; then
read -r -p "Enter Static IP Address with subnet prefix: " staticip
read -r -p "Enter Gateway IP Address: " gatewayip
read -r -p "Enter Primary DNS IP Address: " dnsip1
read -r -p "Enter Secondary DNS IP Address: " dnsip2
# get adapter name
name=$(basename /sys/class/net/e*)
# backup original interfaces file
if [[ ! -f /etc/network/interfaces.bak ]] ; then
cp /etc/network/interfaces /etc/network/interfaces.bak
fi
rm /etc/network/interfaces
cp /etc/network/interfaces.bak /etc/network/interfaces
# set static ip
sed -i "s,^iface $name inet dhcp*,iface $name inet static," /etc/network/interfaces
echo " address $staticip" >> /etc/network/interfaces
echo " gateway $gatewayip" >> /etc/network/interfaces
# backup resolv.conf file
if [[ ! -f /etc/resolv.conf.bak ]] ; then
cp /etc/resolv.conf /etc/resolv.conf.bak
fi
rm /etc/resolv.conf
# set primary dns ip
echo "nameserver $dnsip1" >> /etc/resolv.conf
echo "nameserver $dnsip2" >> /etc/resolv.conf
# restart the interface
ifdown $name
ifup $name
fi
fi
fi

5
plexserver/root/clean-plex-photo-cache.sh Executable file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.jpg" -type f -mtime +5 -delete
find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.ppm" -type f -mtime +5 -delete
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vOOCgMo8GW?status=up&msg=OK&ping=

24
plexserver/root/crontab.bak Normal file
View File

@@ -0,0 +1,24 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
#0 15 * * * /root/scripts/clean-plex-photo-cache.sh

90
proxmox/all-cloud-images-download-import.sh Executable file
View File

@@ -0,0 +1,90 @@
#!/bin/bash
# remove old images
rm *.raw > /dev/null 2>&1
rm *.qcow2 > /dev/null 2>&1
rm *.tar.xz > /dev/null 2>&1
# debian 11 bullseye cloud
wget -qO debian-11-genericcloud-amd64-daily.tar.xz https://cloud.debian.org/images/cloud/bullseye/daily/latest/debian-11-genericcloud-amd64-daily.tar.xz
tar --transform='s/disk/debian-11-genericcloud-amd64-daily/g' -xvf debian-11-genericcloud-amd64-daily.tar.xz
#rm debian-11-genericcloud-amd64-daily.tar.xz
#mv disk.raw debian-11-genericcloud-amd64-daily.raw
/usr/sbin/qm set 301 --delete scsi0
sleep 2
/usr/sbin/qm set 301 --delete unused0
sleep 2
/usr/sbin/qm set 301 --scsi0 local-zfs:0,import-from=/root/scripts/debian-11-genericcloud-amd64-daily.raw,discard=on,ssd=1
sleep 2
/usr/sbin/qm set 301 --boot order=scsi0
sleep 2
/usr/sbin/qm cloudinit update 301
sleep 2
# debian 12 bookworm cloud
wget -qO debian-12-genericcloud-amd64-daily.tar.xz https://cloud.debian.org/images/cloud/bookworm/daily/latest/debian-12-generic-amd64-daily.tar.xz
tar --transform='s/disk/debian-12-genericcloud-amd64-daily/g' -xvf debian-12-genericcloud-amd64-daily.tar.xz
#rm debian-11-genericcloud-amd64-daily.tar.xz
#mv disk.raw debian-11-genericcloud-amd64-daily.raw
/usr/sbin/qm set 302 --delete scsi0
sleep 2
/usr/sbin/qm set 302 --delete unused0
sleep 2
/usr/sbin/qm set 302 --scsi0 local-zfs:0,import-from=/root/scripts/debian-12-genericcloud-amd64-daily.raw,discard=on,ssd=1
sleep 2
/usr/sbin/qm set 302 --boot order=scsi0
sleep 2
/usr/sbin/qm cloudinit update 302
sleep 2
# ubuntu focal 20.04
wget -qO focal-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
/usr/sbin/qm set 310 --delete scsi0
sleep 2
/usr/sbin/qm set 310 --delete unused0
sleep 2
/usr/sbin/qm set 310 --scsi0 local-zfs:0,import-from=/root/scripts/focal-server-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 2
/usr/sbin/qm set 310 --boot order=scsi0
sleep 2
/usr/sbin/qm cloudinit update 310
sleep 2
# ubuntu jammy 22.04
wget -qO jammy-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
/usr/sbin/qm set 311 --delete scsi0
sleep 2
/usr/sbin/qm set 311 --delete unused0
sleep 2
/usr/sbin/qm set 311 --scsi0 local-zfs:0,import-from=/root/scripts/jammy-server-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 2
/usr/sbin/qm set 311 --boot order=scsi0
sleep 2
/usr/sbin/qm cloudinit update 311
sleep 2
# ubuntu focal 20.04 minimal
wget -qO ubuntu-20.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/focal/release/ubuntu-20.04-minimal-cloudimg-amd64.img
/usr/sbin/qm set 312 --delete scsi0
sleep 2
/usr/sbin/qm set 312 --delete unused0
sleep 2
/usr/sbin/qm set 312 --scsi0 local-zfs:0,import-from=/root/scripts/ubuntu-20.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 2
/usr/sbin/qm set 312 --boot order=scsi0
sleep 2
/usr/sbin/qm cloudinit update 312
sleep 2
# ubuntu jammy 22.04 minimal
wget -qO ubuntu-22.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/jammy/release/ubuntu-22.04-minimal-cloudimg-amd64.img
/usr/sbin/qm set 313 --delete scsi0
sleep 2
/usr/sbin/qm set 313 --delete unused0
sleep 2
/usr/sbin/qm set 313 --scsi0 local-zfs:0,import-from=/root/scripts/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 2
/usr/sbin/qm set 313 --boot order=scsi0
sleep 2
/usr/sbin/qm cloudinit update 313
sleep 2

21
proxmox/download-proxmox-essentials.sh Normal file
View File

@@ -0,0 +1,21 @@
#!/bin/bash
# remove older scripts
rm /root/proxmox-* > /dev/null 2>&1
rm /root/scripts/proxmox-* > /dev/null 2>&1
# check for pbs directory
if [[ -d /etc/proxmox-backup ]] ; then
wget -qO /root/scripts/proxmox-pbs-essentials.sh https://aknlw.com/proxmox-pbs-essentials
wget -qO /root/scripts/proxmox-post-pbs-install.sh https://aknlw.com/proxmox-post-pbs-install
wget -qO /root/scripts/proxmox-kernel-clean.sh https://aknlw.com/proxmox-kernel-clean
chmod +x /root/scripts/proxmox-*.sh
fi
# check for pve directory
if [[ -d /etc/pve ]] ; then
wget -qO /root/scripts/proxmox-pve-essentials.sh https://aknlw.com/proxmox-pve-essentials
wget -qO /root/scripts/proxmox-post-pve-install.sh https://aknlw.com/proxmox-post-pve-install
wget -qO /root/scripts/proxmox-kernel-clean.sh https://aknlw.com/proxmox-kernel-clean
chmod +x /root/scripts/proxmox-*.sh
fi

97
proxmox/proxmox-pbs-essentials.sh Executable file
View File

@@ -0,0 +1,97 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update and upgrade
apt-get update
apt-get upgrade -y
# download and install packages
apt-get install -y sudo pwgen curl wget zip unzip git man-db cifs-utils nfs-common ntfs-3g parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
# set input preferences
if [[ ! -f /etc/inputrc.bak ]] ; then
cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1
fi
rm /etc/inputrc > /dev/null 2>&1
cp /etc/inputrc.bak /etc/inputrc
echo "" >> /etc/inputrc
echo "set completion-ignore-case On" >> /etc/inputrc
# set bash preferences and aliases
if [[ -f /etc/bash.bashrc.default ]] ; then
mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1
fi
if [[ ! -f /etc/bash.bashrc.bak ]] ; then
cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1
fi
rm /etc/bash.bashrc > /dev/null 2>&1
cp /etc/bash.bashrc.bak /etc/bash.bashrc
echo "" >> /etc/bash.bashrc
echo "# custom settings and aliases" >> /etc/bash.bashrc
echo "set -o noclobber" >> /etc/bash.bashrc
echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
echo "alias systart='systemctl start'" >> /etc/bash.bashrc
echo "alias systop='ssystemctl stop'" >> /etc/bash.bashrc
echo "alias sysrest='systemctl restart'" >> /etc/bash.bashrc
echo "alias systat='systemctl status'" >> /etc/bash.bashrc
echo "alias aptupy='apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
echo "alias aptiy='apt install -y'" >> /etc/bash.bashrc
echo "alias aptry='apt remove -y'" >> /etc/bash.bashrc
echo "alias aptrpy='apt remove --purge -y'" >> /etc/bash.bashrc
echo "alias aptary='apt autoremove -y'" >> /etc/bash.bashrc
echo "alias apts='apt search'" >> /etc/bash.bashrc
echo "alias aptl='apt list --installed'" >> /etc/bash.bashrc
echo "alias aptsh='apt show'" >> /etc/bash.bashrc
echo "alias aptac='apt-get autoclean'" >> /etc/bash.bashrc
echo "alias dpkgi='dpkg -i'" >> /etc/bash.bashrc
echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
# create tmux config
rm /etc/tmux.conf* > /dev/null 2>&1
echo "unbind C-b" >> /etc/tmux.conf
echo "set-option -g prefix C-a" >> /etc/tmux.conf
echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# git config
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main
# configure email for sending notifications
isInFile=$(cat /etc/postfix/main.cf | grep -c "gmail")
if [ $isInFile -eq 0 ]
then
DEBIAN_FRONTEND=noninteractive apt install -y libsasl2-modules mailutils postfix postfix-pcre
echo "smtp.gmail.com notify.akanealw@gmail.com:leawkqqpthbwacrf" > /etc/postfix/sasl_passwd
echo "/^From:.*/ REPLACE From: $(hostname) <notify.akanealw@gmail.com>" > /etc/postfix/smtp_header_checks
chmod 600 /etc/postfix/sasl_passwd
postmap hash:/etc/postfix/sasl_passwd
postmap hash:/etc/postfix/smtp_header_checks
sed -i 's@relayhost =@#relayhost = @g' /etc/postfix/main.cf
sed -i 's@smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@g' /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
echo "# google mail configuration" >> /etc/postfix/main.cf
echo "relayhost = smtp.gmail.com:587" >> /etc/postfix/main.cf
echo "smtp_use_tls = yes" >> /etc/postfix/main.cf
echo "smtp_sasl_auth_enable = yes" >> /etc/postfix/main.cf
echo "smtp_sasl_security_options =" >> /etc/postfix/main.cf
echo "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" >> /etc/postfix/main.cf
echo "smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem" >> /etc/postfix/main.cf
echo "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" >> /etc/postfix/main.cf
echo "smtp_tls_session_cache_timeout = 3600s" >> /etc/postfix/main.cf
echo "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks" >> /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
postfix reload
echo "This is a test message sent from postfix on $(hostname)" | mail -s "Test Email from $(hostname)" akanealw@gmail.com
else
echo "Email already configured."
fi

103
proxmox/proxmox-pve-essentials.sh Normal file
View File

@@ -0,0 +1,103 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update and upgrade
apt-get update
apt-get upgrade -y
# download and install packages
apt-get install -y sudo pwgen curl wget zip unzip git man-db cifs-utils nfs-common ntfs-3g parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
# update templates
pveam update
# remove all motd
rm /etc/motd > /dev/null 2>&1
# set input preferences
if [[ ! -f /etc/inputrc.bak ]] ; then
cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1
fi
rm /etc/inputrc > /dev/null 2>&1
cp /etc/inputrc.bak /etc/inputrc
echo "" >> /etc/inputrc
echo "set completion-ignore-case On" >> /etc/inputrc
# set bash preferences and aliases
if [[ -f /etc/bash.bashrc.default ]] ; then
mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1
fi
if [[ ! -f /etc/bash.bashrc.bak ]] ; then
cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1
fi
rm /etc/bash.bashrc > /dev/null 2>&1
cp /etc/bash.bashrc.bak /etc/bash.bashrc
echo "" >> /etc/bash.bashrc
echo "# custom settings and aliases" >> /etc/bash.bashrc
echo "set -o noclobber" >> /etc/bash.bashrc
echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
# create tmux config
rm /etc/tmux.conf* > /dev/null 2>&1
echo "unbind C-b" >> /etc/tmux.conf
echo "set-option -g prefix C-a" >> /etc/tmux.conf
echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# git config
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main
# configure email for sending notifications
isInFile=$(cat /etc/postfix/main.cf | grep -c "gmail")
if [ $isInFile -eq 0 ]
then
DEBIAN_FRONTEND=noninteractive apt install -y libsasl2-modules mailutils postfix postfix-pcre
echo "smtp.gmail.com notify.akanealw@gmail.com:leawkqqpthbwacrf" > /etc/postfix/sasl_passwd
echo "/^From:.*/ REPLACE From: $(hostname) <notify.akanealw@gmail.com>" > /etc/postfix/smtp_header_checks
chmod 600 /etc/postfix/sasl_passwd
postmap hash:/etc/postfix/sasl_passwd
postmap hash:/etc/postfix/smtp_header_checks
sed -i 's@relayhost =@#relayhost = @g' /etc/postfix/main.cf
sed -i 's@smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache@g' /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
echo "# google mail configuration" >> /etc/postfix/main.cf
echo "relayhost = smtp.gmail.com:587" >> /etc/postfix/main.cf
echo "smtp_use_tls = yes" >> /etc/postfix/main.cf
echo "smtp_sasl_auth_enable = yes" >> /etc/postfix/main.cf
echo "smtp_sasl_security_options =" >> /etc/postfix/main.cf
echo "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" >> /etc/postfix/main.cf
echo "smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem" >> /etc/postfix/main.cf
echo "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" >> /etc/postfix/main.cf
echo "smtp_tls_session_cache_timeout = 3600s" >> /etc/postfix/main.cf
echo "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks" >> /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
postfix reload
echo "This is a test message sent from postfix on $(hostname)" | mail -s "Test Email from $(hostname)" akanealw@gmail.com
else
echo "Email already configured."
fi

1
proxmox/rawimport.txt Executable file
View File

@@ -0,0 +1 @@
qm importdisk VM# IMAGENAME.raw vdisks

19
proxmox/remove-nag.sh Executable file
View File

@@ -0,0 +1,19 @@
PVE=/usr/share/pve-manager/js/pvemanagerlib.js
LIB=/usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
PBS=/usr/share/javascript/proxmox-backup/js/proxmox-backup-gui.js
if [ -f $PVE ]; then
# hide pve gui help/documentation button
sed -i.bak "s/hidden: false/hidden: true/g" $PVE
# fix proxmox widget toolkit lib
sed -i.bak -z "s/res === null || res === undefined || \!res || res\n\t\t\t.data.status.toLowerCase() \!== 'active'/false/g" $LIB
systemctl restart pveproxy
fi
if [ -f $PBS ]; then
# fix proxmox widget toolkit lib
sed -i.bak -z "s/res === null || res === undefined || \!res || res\n\t\t\t.data.status.toLowerCase() \!== 'active'/false/g" $LIB
# fix pbs gui
sed -i.bak "s/let subStatus = status.toLowerCase() === 'active' ? 2 : 0/let subStatus = status.toLowerCase() === 'active' ? 2 : 2/" $PBS
systemctl restart proxmox-backup-proxy
fi

1
proxmox/vhdxconvert.txt Executable file
View File

@@ -0,0 +1 @@
qemu-img convert -p -f vhdx /mnt/ntfsro/VirtualMachines/Backups/HPV-02-.vhdx -O raw /rpool/data/rawimports/.raw

0
proxmox1/akanealw/crontab.bak Normal file
View File

25
proxmox1/root/crontab.bak Normal file
View File

@@ -0,0 +1,25 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
@reboot /root/scripts/ping-before-starting-cts-vms.sh
30 12 * * * /root/scripts/rsync-import-debian-ubuntu-cloud-images.sh

47
proxmox1/root/download-debian-ubuntu-cloud-images.sh Normal file
View File

@@ -0,0 +1,47 @@
#!/bin/bash
cd /root/cloud-images
# remove old images
rm * > /dev/null 2>&1
# debian 12 bookworm cloud
wget -q https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-amd64.tar.xz
tar -xvf debian-12-genericcloud-amd64.tar.xz
mv disk.raw debian-12-generic-amd64.raw
/usr/sbin/qm set 303 --delete scsi0
sleep 3
/usr/sbin/qm set 303 --delete unused0
sleep 3
/usr/sbin/qm set 303 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-12-generic-amd64.raw,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 303 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 303
sleep 3
# ubuntu jammy 22.04
wget -q -O ubuntu-22.04-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
/usr/sbin/qm set 314 --delete scsi0
sleep 3
/usr/sbin/qm set 314 --delete unused0
sleep 3
/usr/sbin/qm set 314 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 314 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 314
sleep 3
# ubuntu jammy 22.04 minimal
wget -q -O ubuntu-22.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/jammy/release/ubuntu-22.04-minimal-cloudimg-amd64.img
/usr/sbin/qm set 315 --delete scsi0
sleep 3
/usr/sbin/qm set 315 --delete unused0
sleep 3
/usr/sbin/qm set 315 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 315 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 315
sleep 3

13
proxmox1/root/ping-before-start.sh Normal file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done
sleep 45
mount -t nfs 192.168.1.41:/mnt/data/media /mnt/truenasmedia
sleep 15
/usr/sbin/pct start 100
sleep 15
/usr/sbin/pct start 102
sleep 15
/usr/sbin/pct start 107
sleep 15
/usr/sbin/qm start 200

11
proxmox1/root/ping-before-starting-cts-vms.sh Executable file
View File

@@ -0,0 +1,11 @@
#!/bin/bash
until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done
sleep 45
mount -t nfs 192.168.1.41:/mnt/data/media /mnt/truenasmedia
sleep 15
/usr/sbin/pct start 102
sleep 15
/usr/sbin/pct start 107
sleep 15
/usr/sbin/qm start 200

140
proxmox1/root/proxmox-kernel-clean.sh Executable file
View File

@@ -0,0 +1,140 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2023 tteck
# Author: tteck (tteckster)
# License: MIT
# https://github.com/tteck/Proxmox/raw/main/LICENSE
function header_info {
cat <<"EOF"
__ __ __ ________
/ //_/__ _________ ___ / / / ____/ /__ ____ _____
/ ,< / _ \/ ___/ __ \/ _ \/ / / / / / _ \/ __ `/ __ \
/ /| / __/ / / / / / __/ / / /___/ / __/ /_/ / / / /
/_/ |_\___/_/ /_/ /_/\___/_/ \____/_/\___/\__,_/_/ /_/
EOF
}
set -euo pipefail
shopt -s inherit_errexit nullglob
YW=$(echo "\033[33m")
BL=$(echo "\033[36m")
RD=$(echo "\033[01;31m")
BGN=$(echo "\033[4;92m")
GN=$(echo "\033[1;92m")
DGN=$(echo "\033[32m")
CL=$(echo "\033[m")
BFR="\\r\\033[K"
HOLD="-"
CM="${GN}${CL}"
CROSS="${RD}${CL}"
PARTY="🎉"
current_kernel=$(uname -r)
clear
header_info
while true; do
read -p "This will Clean Unused Kernel Images, USE AT YOUR OWN RISK. Proceed(y/n)?" yn
case $yn in
[Yy]*) break ;;
[Nn]*) exit ;;
*) echo -e "${RD}Please answer y/n${CL}" ;;
esac
done
clear
function msg_info() {
local msg="$1"
echo -ne " ${HOLD} ${YW}${msg}..."
}
function msg_ok() {
local msg="$1"
echo -e "${BFR} ${CM} ${GN}${msg}${CL}"
}
function check_root() {
if [[ $EUID -ne 0 ]]; then
echo -e "${CROSS}${RD}Error: This script must be ran as the root user.\n${CL}"
exit 1
else
header_info
other_kernel
kernel_info
kernel_clean
fi
}
VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)"
function other_kernel() {
if [[ "${VERSION}" == "bullseye" ]]; then
if [[ "$current_kernel" == *"edge"* ]]; then
echo -e "\n${CROSS} ${RD}ERROR:${CL} Proxmox ${BL}${current_kernel}${CL} Kernel Active"
echo -e "\nAn Active PVE Kernel is required to use Kernel Clean\n"
exit 1
fi
if [[ "$current_kernel" == *"6.1"* || "$current_kernel" == *"6.2"* ]]; then
echo -e "\n${CROSS} ${RD}ERROR:${CL} Proxmox ${BL}${current_kernel}${CL} Kernel Active"
echo -e "\nThe script cannot be used when running opt-in kernels. \nProxmox VE's package management relies directly on the current default kernel, which is 5.15. \nTherefore, it is not possible to utilize this script. In this case, you should use autoremove instead. \n`apt-get autoremove`\n"
exit 1
fi
fi
}
function kernel_info() {
if [[ "$MODE" != "PBS" ]]; then
echo -e "${YW}PVE Version: ${BL}$(pveversion)\n${CL}"
fi
if [[ "$current_kernel" == *"pve"* ]]; then
echo -e "${YW}Current Kernel: ${BL}$current_kernel\n${CL}"
else
echo -e "\n${CROSS} ${RD}ERROR: No PVE Kernel Found\n${CL}"
exit 1
fi
}
function kernel_clean() {
kernels=$(dpkg --list | grep 'kernel-.*-pve' | awk '{print $2}' | sort -V)
remove_kernels=""
for kernel in $kernels; do
if [ "$(echo $kernel | grep $current_kernel)" ]; then
break
else
echo -e "${BL}'$kernel' ${CL}${YW}has been added to the remove Kernel list\n${CL}"
remove_kernels+=" $kernel"
fi
done
msg_ok "Kernel Search Completed\n"
if [[ "$remove_kernels" != *"pve"* ]]; then
echo -e "${PARTY} ${GN}It appears there are no old Kernels on your system. \n${CL}"
msg_info "Exiting"
sleep 2
msg_ok "Done"
else
read -p "Would you like to remove the $(echo $remove_kernels | awk '{print NF}') selected Kernels listed above? [y/n]: " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
msg_info "Removing ${CL}${RD}$(echo $remove_kernels | awk '{print NF}') ${CL}${YW}old Kernels${CL}"
/usr/bin/apt purge -y $remove_kernels >/dev/null 2>&1
msg_ok "Successfully Removed Kernels"
msg_info "Updating GRUB"
/usr/sbin/update-grub >/dev/null 2>&1
msg_ok "Successfully Updated GRUB"
msg_info "Exiting"
sleep 2
msg_ok "Done"
else
msg_info "Exiting"
sleep 2
msg_ok "Done"
fi
fi
}
if ! command -v pveversion >/dev/null 2>&1; then
echo -e " Switching to PBS mode"
MODE="PBS"
sleep 2
else
MODE="PVE"
fi
check_root

243
proxmox1/root/proxmox-post-pve-install.sh Executable file
View File

@@ -0,0 +1,243 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2023 tteck
# Author: tteck (tteckster)
# License: MIT
# https://github.com/tteck/Proxmox/raw/main/LICENSE
header_info() {
clear
cat <<"EOF"
____ _ ________ ____ __ ____ __ ____
/ __ \ | / / ____/ / __ \____ _____/ /_ / _/___ _____/ /_____ _/ / /
/ /_/ / | / / __/ / /_/ / __ \/ ___/ __/ / // __ \/ ___/ __/ __ `/ / /
/ ____/| |/ / /___ / ____/ /_/ (__ ) /_ _/ // / / (__ ) /_/ /_/ / / /
/_/ |___/_____/ /_/ \____/____/\__/ /___/_/ /_/____/\__/\__,_/_/_/
EOF
}
RD=$(echo "\033[01;31m")
YW=$(echo "\033[33m")
GN=$(echo "\033[1;92m")
CL=$(echo "\033[m")
BFR="\\r\\033[K"
HOLD="-"
CM="${GN}${CL}"
CROSS="${RD}${CL}"
set -euo pipefail
shopt -s inherit_errexit nullglob
msg_info() {
local msg="$1"
echo -ne " ${HOLD} ${YW}${msg}..."
}
msg_ok() {
local msg="$1"
echo -e "${BFR} ${CM} ${GN}${msg}${CL}"
}
msg_error() {
local msg="$1"
echo -e "${BFR} ${CROSS} ${RD}${msg}${CL}"
}
start_routines() {
header_info
VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)"
if lscpu | grep -qP 'Vendor ID:.*GenuineIntel' && lscpu | grep -qP 'Model name:.*N' && [[ "$VERSION" == "bullseye" ]]; then
whiptail --msgbox --title "N-SERIES PROCESSOR DETECTED" "To ensure compatibility with Proxmox VE on systems equipped with N-series processors, it is recommended to install Proxmox Virtual Environment 8" 10 58
fi
CHOICE=$(whiptail --title "SOURCES" --menu "The package manager will use the correct sources to update and install packages on your Proxmox VE server.\n \nCorrect Proxmox VE sources?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Correcting Proxmox VE Sources"
cat <<EOF >/etc/apt/sources.list
deb http://ftp.debian.org/debian ${VERSION} main contrib
deb http://ftp.debian.org/debian ${VERSION}-updates main contrib
deb http://security.debian.org/debian-security ${VERSION}-security main contrib
EOF
msg_ok "Corrected Proxmox VE Sources"
;;
no)
msg_error "Selected no to Correcting Proxmox VE Sources"
;;
esac
CHOICE=$(whiptail --title "PVE-ENTERPRISE" --menu "The 'pve-enterprise' repository is only available to users who have purchased a Proxmox VE subscription.\n \nDisable 'pve-enterprise' repository?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Disabling 'pve-enterprise' repository"
cat <<EOF >/etc/apt/sources.list.d/pve-enterprise.list
# deb https://enterprise.proxmox.com/debian/pve ${VERSION} pve-enterprise
EOF
msg_ok "Disabled 'pve-enterprise' repository"
;;
no)
msg_error "Selected no to Disabling 'pve-enterprise' repository"
;;
esac
CHOICE=$(whiptail --title "PVE-NO-SUBSCRIPTION" --menu "The 'pve-no-subscription' repository provides access to all of the open-source components of Proxmox VE.\n \nEnable 'pve-no-subscription' repository?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Enabling 'pve-no-subscription' repository"
cat <<EOF >/etc/apt/sources.list.d/pve-install-repo.list
deb http://download.proxmox.com/debian/pve ${VERSION} pve-no-subscription
EOF
msg_ok "Enabled 'pve-no-subscription' repository"
;;
no)
msg_error "Selected no to Enabling 'pve-no-subscription' repository"
;;
esac
if [[ "${VERSION}" == "bookworm" ]]; then
CHOICE=$(whiptail --title "CEPH PACKAGE REPOSITORIES" --menu "The 'Ceph Package Repositories' provides access to both the 'no-subscription' and 'enterprise' repositories.\n \nEnable 'ceph package repositories?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Enabling 'ceph package repositories'"
cat <<EOF >/etc/apt/sources.list.d/ceph.list
# deb http://download.proxmox.com/debian/ceph-quincy bookworm enterprise
deb http://download.proxmox.com/debian/ceph-quincy bookworm no-subscription
EOF
msg_ok "Enabled 'ceph package repositories'"
;;
no)
msg_error "Selected no to Enabling 'ceph package repositories'"
;;
esac
fi
CHOICE=$(whiptail --title "PVETEST" --menu "The 'pvetest' repository can give advanced users access to new features and updates before they are officially released.\n \nAdd (Disabled) 'pvetest' repository?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Adding 'pvetest' repository and set disabled"
cat <<EOF >/etc/apt/sources.list.d/pvetest-for-beta.list
# deb http://download.proxmox.com/debian/pve ${VERSION} pvetest
EOF
msg_ok "Added 'pvetest' repository"
;;
no)
msg_error "Selected no to Adding 'pvetest' repository"
;;
esac
if [[ ! -f /etc/apt/apt.conf.d/no-nag-script ]]; then
CHOICE=$(whiptail --title "SUBSCRIPTION NAG" --menu "This will disable the nag message reminding you to purchase a subscription every time you log in to the web interface.\n \nDisable subscription nag?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
whiptail --msgbox --title "Support Subscriptions" "Supporting the software's development team is essential. Check their official website's Support Subscriptions for pricing. Without their dedicated work, we wouldn't have this exceptional software." 10 58
msg_info "Disabling subscription nag"
echo "DPkg::Post-Invoke { \"dpkg -V proxmox-widget-toolkit | grep -q '/proxmoxlib\.js$'; if [ \$? -eq 1 ]; then { echo 'Removing subscription nag from UI...'; sed -i '/data\.status.*{/{s/\!//;s/active/NoMoreNagging/}' /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js; }; fi\"; };" >/etc/apt/apt.conf.d/no-nag-script
apt --reinstall install proxmox-widget-toolkit &>/dev/null
msg_ok "Disabled subscription nag (Delete browser cache)"
;;
no)
whiptail --msgbox --title "Support Subscriptions" "Supporting the software's development team is essential. Check their official website's Support Subscriptions for pricing. Without their dedicated work, we wouldn't have this exceptional software." 10 58
msg_error "Selected no to Disabling subscription nag"
;;
esac
fi
if ! systemctl is-active --quiet pve-ha-lrm; then
CHOICE=$(whiptail --title "HIGH AVAILABILITY" --menu "Enable high availability?" 10 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Enabling high availability"
systemctl enable -q --now pve-ha-lrm
systemctl enable -q --now pve-ha-crm
systemctl enable -q --now corosync
msg_ok "Enabled high availability"
;;
no)
msg_error "Selected no to Enabling high availability"
;;
esac
fi
if systemctl is-active --quiet pve-ha-lrm; then
CHOICE=$(whiptail --title "HIGH AVAILABILITY" --menu "If you plan to utilize a single node instead of a clustered environment, you can disable unnecessary high availability (HA) services, thus reclaiming system resources.\n\nIf HA becomes necessary at a later stage, the services can be re-enabled.\n\nDisable high availability?" 18 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Disabling high availability"
systemctl disable -q --now pve-ha-lrm
systemctl disable -q --now pve-ha-crm
systemctl disable -q --now corosync
msg_ok "Disabled high availability"
;;
no)
msg_error "Selected no to Disabling high availability"
;;
esac
fi
CHOICE=$(whiptail --title "UPDATE" --menu "\nUpdate Proxmox VE now?" 11 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Updating Proxmox VE (Patience)"
apt-get update &>/dev/null
apt-get -y dist-upgrade &>/dev/null
msg_ok "Updated Proxmox VE"
;;
no)
msg_error "Selected no to Updating Proxmox VE"
;;
esac
CHOICE=$(whiptail --title "REBOOT" --menu "\nReboot Proxmox VE now? (recommended)" 11 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Rebooting Proxmox VE"
sleep 2
msg_ok "Completed Post Install Routines"
reboot
;;
no)
msg_error "Selected no to Rebooting Proxmox VE (Reboot recommended)"
msg_ok "Completed Post Install Routines"
;;
esac
}
header_info
echo -e "\nThis script will Perform Post Install Routines.\n"
while true; do
read -p "Start the Proxmox VE Post Install Script (y/n)?" yn
case $yn in
[Yy]*) break ;;
[Nn]*) clear; exit ;;
*) echo "Please answer yes or no." ;;
esac
done
if ! command -v pveversion >/dev/null 2>&1; then
header_info
msg_error "\n No PVE Detected!\n"
exit
fi
start_routines

73
proxmox1/root/proxmox-pve-essentials.sh Executable file
View File

@@ -0,0 +1,73 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update and upgrade
apt-get update
apt-get upgrade -y
# download and install packages
apt-get install -y sudo curl wget zip unzip git man-db cifs-utils nfs-common ntfs-3g parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
# update templates
pveam update
# remove all motd
rm /etc/motd > /dev/null 2>&1
# set input preferences
if [[ ! -f /etc/inputrc.bak ]] ; then
cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1
fi
rm /etc/inputrc > /dev/null 2>&1
cp /etc/inputrc.bak /etc/inputrc
echo "" >> /etc/inputrc
echo "set completion-ignore-case On" >> /etc/inputrc
# set bash preferences and aliases
if [[ -f /etc/bash.bashrc.default ]] ; then
mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1
fi
if [[ ! -f /etc/bash.bashrc.bak ]] ; then
cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1
fi
rm /etc/bash.bashrc > /dev/null 2>&1
cp /etc/bash.bashrc.bak /etc/bash.bashrc
echo "" >> /etc/bash.bashrc
echo "# custom settings and aliases" >> /etc/bash.bashrc
echo "set -o noclobber" >> /etc/bash.bashrc
echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
# create tmux config
rm /etc/tmux.conf* > /dev/null 2>&1
echo "unbind C-b" >> /etc/tmux.conf
echo "set-option -g prefix C-a" >> /etc/tmux.conf
echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# git config
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main

49
proxmox1/root/rsync-import-debian-ubuntu-cloud-images.sh Executable file
View File

@@ -0,0 +1,49 @@
#!/bin/bash
cd /root/cloud-images
# remove old images
rm * > /dev/null 2>&1
rsync -avz root@proxmox2:/root/cloud-images/*.tar.xz /root/cloud-images/
rsync -avz root@proxmox2:/root/cloud-images/*.qcow2 /root/cloud-images/
# debian 12 bookworm cloud
tar -xvf debian-12-genericcloud-amd64.tar.xz
mv disk.raw debian-12-generic-amd64.raw
/usr/sbin/qm set 303 --delete scsi0
sleep 3
/usr/sbin/qm set 303 --delete unused0
sleep 3
/usr/sbin/qm set 303 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-12-generic-amd64.raw,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 303 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 303
sleep 3
# ubuntu jammy 22.04
/usr/sbin/qm set 314 --delete scsi0
sleep 3
/usr/sbin/qm set 314 --delete unused0
sleep 3
/usr/sbin/qm set 314 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 314 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 314
sleep 3
# ubuntu jammy 22.04 minimal
/usr/sbin/qm set 315 --delete scsi0
sleep 3
/usr/sbin/qm set 315 --delete unused0
sleep 3
/usr/sbin/qm set 315 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 315 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 315
sleep 3
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/HFKN90p5e9?status=up&msg=OK&ping=

24
proxmox2/akanealw/crontab.bak Normal file
View File

@@ -0,0 +1,24 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
0 11 * * * /home/akanealw/scripts/restart-gluetun-and-services.sh

4
proxmox2/akanealw/restart-gluetun-and-services.sh Executable file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
ssh dockerserver ./scripts/restart-gluetun-and-services.sh
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/eT36YM3T94?status=up&msg=OK&ping=

3
proxmox2/akanealw/shutdown-proxmox1.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
ssh proxmox1 sudo poweroff

3
proxmox2/akanealw/wake-proxmox1.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
wakeonlan 68:1c:a2:13:05:f5

26
proxmox2/root/crontab.bak Normal file
View File

@@ -0,0 +1,26 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
@reboot /root/scripts/ping-before-starting-cts-vms.sh
0 12 * * * /root/scripts/download-import-debian-ubuntu-cloud-images.sh
30 9 * * * /root/scripts/wake-proxmox1.sh

88
proxmox2/root/download-debian-ubuntu-cloud-images.sh Normal file
View File

@@ -0,0 +1,88 @@
#!/bin/bash
cd /root/cloud-images
# remove old images
rm * > /dev/null 2>&1
# debian 11 bullseye cloud
wget -q https://cloud.debian.org/images/cloud/bullseye/daily/latest/debian-11-genericcloud-amd64-daily.tar.xz
tar -xvf debian-11-genericcloud-amd64-daily.tar.xz
mv disk.raw debian-11-genericcloud-amd64-daily.raw
/usr/sbin/qm set 301 --delete scsi0
sleep 3
/usr/sbin/qm set 301 --delete unused0
sleep 3
/usr/sbin/qm set 301 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-11-genericcloud-amd64-daily.raw,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 301 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 301
sleep 3
# debian 12 bookworm cloud
wget -q https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-amd64.tar.xz
tar -xvf debian-12-genericcloud-amd64.tar.xz
mv disk.raw debian-12-generic-amd64.raw
/usr/sbin/qm set 302 --delete scsi0
sleep 3
/usr/sbin/qm set 302 --delete unused0
sleep 3
/usr/sbin/qm set 302 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-12-generic-amd64.raw,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 302 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 302
sleep 3
# ubuntu focal 20.04
wget -q -O ubuntu-20.04-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
/usr/sbin/qm set 310 --delete scsi0
sleep 3
/usr/sbin/qm set 310 --delete unused0
sleep 3
/usr/sbin/qm set 310 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-20.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 310 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 310
sleep 3
# ubuntu jammy 22.04
wget -q -O ubuntu-22.04-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
/usr/sbin/qm set 311 --delete scsi0
sleep 3
/usr/sbin/qm set 311 --delete unused0
sleep 3
/usr/sbin/qm set 311 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 311 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 311
sleep 3
# ubuntu focal 20.04 minimal
wget -q -O ubuntu-20.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/focal/release/ubuntu-20.04-minimal-cloudimg-amd64.img
/usr/sbin/qm set 312 --delete scsi0
sleep 3
/usr/sbin/qm set 312 --delete unused0
sleep 3
/usr/sbin/qm set 312 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-20.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 312 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 312
sleep 3
# ubuntu jammy 22.04 minimal
wget -q -O ubuntu-22.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/jammy/release/ubuntu-22.04-minimal-cloudimg-amd64.img
/usr/sbin/qm set 313 --delete scsi0
sleep 3
/usr/sbin/qm set 313 --delete unused0
sleep 3
/usr/sbin/qm set 313 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 313 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 313
sleep 3

48
proxmox2/root/download-import-debian-ubuntu-cloud-images.sh Executable file
View File

@@ -0,0 +1,48 @@
#!/bin/bash
cd /root/cloud-images
# remove old images
rm * > /dev/null 2>&1
# debian 12 bookworm cloud
wget -q https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-amd64.tar.xz
tar -xvf debian-12-genericcloud-amd64.tar.xz
mv disk.raw debian-12-generic-amd64.raw
/usr/sbin/qm set 302 --delete scsi0
sleep 3
/usr/sbin/qm set 302 --delete unused0
sleep 3
/usr/sbin/qm set 302 --scsi0 local-zfs:0,import-from=/root/cloud-images/debian-12-generic-amd64.raw,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 302 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 302
sleep 3
# ubuntu jammy 22.04
wget -q -O ubuntu-22.04-server-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
/usr/sbin/qm set 311 --delete scsi0
sleep 3
/usr/sbin/qm set 311 --delete unused0
sleep 3
/usr/sbin/qm set 311 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-server-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 311 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 311
sleep 3
# ubuntu jammy 22.04 minimal
wget -q -O ubuntu-22.04-minimal-cloudimg-amd64.qcow2 https://cloud-images.ubuntu.com/minimal/releases/jammy/release/ubuntu-22.04-minimal-cloudimg-amd64.img
/usr/sbin/qm set 313 --delete scsi0
sleep 3
/usr/sbin/qm set 313 --delete unused0
sleep 3
/usr/sbin/qm set 313 --scsi0 local-zfs:0,import-from=/root/cloud-images/ubuntu-22.04-minimal-cloudimg-amd64.qcow2,discard=on,ssd=1
sleep 3
/usr/sbin/qm set 313 --boot order=scsi0
sleep 3
/usr/sbin/qm cloudinit update 313
sleep 3
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/h2TE9rvDGr?status=up&msg=OK&ping=

5
proxmox2/root/ping-before-start.sh Normal file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done
sleep 15
/usr/sbin/qm start 211

5
proxmox2/root/ping-before-starting-cts-vms.sh Executable file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
until ping -c1 192.168.1.41 >/dev/null 2>&1; do :; done
sleep 45
/usr/sbin/qm start 211

140
proxmox2/root/proxmox-kernel-clean.sh Executable file
View File

@@ -0,0 +1,140 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2023 tteck
# Author: tteck (tteckster)
# License: MIT
# https://github.com/tteck/Proxmox/raw/main/LICENSE
function header_info {
cat <<"EOF"
__ __ __ ________
/ //_/__ _________ ___ / / / ____/ /__ ____ _____
/ ,< / _ \/ ___/ __ \/ _ \/ / / / / / _ \/ __ `/ __ \
/ /| / __/ / / / / / __/ / / /___/ / __/ /_/ / / / /
/_/ |_\___/_/ /_/ /_/\___/_/ \____/_/\___/\__,_/_/ /_/
EOF
}
set -euo pipefail
shopt -s inherit_errexit nullglob
YW=$(echo "\033[33m")
BL=$(echo "\033[36m")
RD=$(echo "\033[01;31m")
BGN=$(echo "\033[4;92m")
GN=$(echo "\033[1;92m")
DGN=$(echo "\033[32m")
CL=$(echo "\033[m")
BFR="\\r\\033[K"
HOLD="-"
CM="${GN}${CL}"
CROSS="${RD}${CL}"
PARTY="🎉"
current_kernel=$(uname -r)
clear
header_info
while true; do
read -p "This will Clean Unused Kernel Images, USE AT YOUR OWN RISK. Proceed(y/n)?" yn
case $yn in
[Yy]*) break ;;
[Nn]*) exit ;;
*) echo -e "${RD}Please answer y/n${CL}" ;;
esac
done
clear
function msg_info() {
local msg="$1"
echo -ne " ${HOLD} ${YW}${msg}..."
}
function msg_ok() {
local msg="$1"
echo -e "${BFR} ${CM} ${GN}${msg}${CL}"
}
function check_root() {
if [[ $EUID -ne 0 ]]; then
echo -e "${CROSS}${RD}Error: This script must be ran as the root user.\n${CL}"
exit 1
else
header_info
other_kernel
kernel_info
kernel_clean
fi
}
VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)"
function other_kernel() {
if [[ "${VERSION}" == "bullseye" ]]; then
if [[ "$current_kernel" == *"edge"* ]]; then
echo -e "\n${CROSS} ${RD}ERROR:${CL} Proxmox ${BL}${current_kernel}${CL} Kernel Active"
echo -e "\nAn Active PVE Kernel is required to use Kernel Clean\n"
exit 1
fi
if [[ "$current_kernel" == *"6.1"* || "$current_kernel" == *"6.2"* ]]; then
echo -e "\n${CROSS} ${RD}ERROR:${CL} Proxmox ${BL}${current_kernel}${CL} Kernel Active"
echo -e "\nThe script cannot be used when running opt-in kernels. \nProxmox VE's package management relies directly on the current default kernel, which is 5.15. \nTherefore, it is not possible to utilize this script. In this case, you should use autoremove instead. \n`apt-get autoremove`\n"
exit 1
fi
fi
}
function kernel_info() {
if [[ "$MODE" != "PBS" ]]; then
echo -e "${YW}PVE Version: ${BL}$(pveversion)\n${CL}"
fi
if [[ "$current_kernel" == *"pve"* ]]; then
echo -e "${YW}Current Kernel: ${BL}$current_kernel\n${CL}"
else
echo -e "\n${CROSS} ${RD}ERROR: No PVE Kernel Found\n${CL}"
exit 1
fi
}
function kernel_clean() {
kernels=$(dpkg --list | grep 'kernel-.*-pve' | awk '{print $2}' | sort -V)
remove_kernels=""
for kernel in $kernels; do
if [ "$(echo $kernel | grep $current_kernel)" ]; then
break
else
echo -e "${BL}'$kernel' ${CL}${YW}has been added to the remove Kernel list\n${CL}"
remove_kernels+=" $kernel"
fi
done
msg_ok "Kernel Search Completed\n"
if [[ "$remove_kernels" != *"pve"* ]]; then
echo -e "${PARTY} ${GN}It appears there are no old Kernels on your system. \n${CL}"
msg_info "Exiting"
sleep 2
msg_ok "Done"
else
read -p "Would you like to remove the $(echo $remove_kernels | awk '{print NF}') selected Kernels listed above? [y/n]: " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
msg_info "Removing ${CL}${RD}$(echo $remove_kernels | awk '{print NF}') ${CL}${YW}old Kernels${CL}"
/usr/bin/apt purge -y $remove_kernels >/dev/null 2>&1
msg_ok "Successfully Removed Kernels"
msg_info "Updating GRUB"
/usr/sbin/update-grub >/dev/null 2>&1
msg_ok "Successfully Updated GRUB"
msg_info "Exiting"
sleep 2
msg_ok "Done"
else
msg_info "Exiting"
sleep 2
msg_ok "Done"
fi
fi
}
if ! command -v pveversion >/dev/null 2>&1; then
echo -e " Switching to PBS mode"
MODE="PBS"
sleep 2
else
MODE="PVE"
fi
check_root

243
proxmox2/root/proxmox-post-pve-install.sh Executable file
View File

@@ -0,0 +1,243 @@
#!/usr/bin/env bash
# Copyright (c) 2021-2023 tteck
# Author: tteck (tteckster)
# License: MIT
# https://github.com/tteck/Proxmox/raw/main/LICENSE
header_info() {
clear
cat <<"EOF"
____ _ ________ ____ __ ____ __ ____
/ __ \ | / / ____/ / __ \____ _____/ /_ / _/___ _____/ /_____ _/ / /
/ /_/ / | / / __/ / /_/ / __ \/ ___/ __/ / // __ \/ ___/ __/ __ `/ / /
/ ____/| |/ / /___ / ____/ /_/ (__ ) /_ _/ // / / (__ ) /_/ /_/ / / /
/_/ |___/_____/ /_/ \____/____/\__/ /___/_/ /_/____/\__/\__,_/_/_/
EOF
}
RD=$(echo "\033[01;31m")
YW=$(echo "\033[33m")
GN=$(echo "\033[1;92m")
CL=$(echo "\033[m")
BFR="\\r\\033[K"
HOLD="-"
CM="${GN}${CL}"
CROSS="${RD}${CL}"
set -euo pipefail
shopt -s inherit_errexit nullglob
msg_info() {
local msg="$1"
echo -ne " ${HOLD} ${YW}${msg}..."
}
msg_ok() {
local msg="$1"
echo -e "${BFR} ${CM} ${GN}${msg}${CL}"
}
msg_error() {
local msg="$1"
echo -e "${BFR} ${CROSS} ${RD}${msg}${CL}"
}
start_routines() {
header_info
VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)"
if lscpu | grep -qP 'Vendor ID:.*GenuineIntel' && lscpu | grep -qP 'Model name:.*N' && [[ "$VERSION" == "bullseye" ]]; then
whiptail --msgbox --title "N-SERIES PROCESSOR DETECTED" "To ensure compatibility with Proxmox VE on systems equipped with N-series processors, it is recommended to install Proxmox Virtual Environment 8" 10 58
fi
CHOICE=$(whiptail --title "SOURCES" --menu "The package manager will use the correct sources to update and install packages on your Proxmox VE server.\n \nCorrect Proxmox VE sources?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Correcting Proxmox VE Sources"
cat <<EOF >/etc/apt/sources.list
deb http://ftp.debian.org/debian ${VERSION} main contrib
deb http://ftp.debian.org/debian ${VERSION}-updates main contrib
deb http://security.debian.org/debian-security ${VERSION}-security main contrib
EOF
msg_ok "Corrected Proxmox VE Sources"
;;
no)
msg_error "Selected no to Correcting Proxmox VE Sources"
;;
esac
CHOICE=$(whiptail --title "PVE-ENTERPRISE" --menu "The 'pve-enterprise' repository is only available to users who have purchased a Proxmox VE subscription.\n \nDisable 'pve-enterprise' repository?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Disabling 'pve-enterprise' repository"
cat <<EOF >/etc/apt/sources.list.d/pve-enterprise.list
# deb https://enterprise.proxmox.com/debian/pve ${VERSION} pve-enterprise
EOF
msg_ok "Disabled 'pve-enterprise' repository"
;;
no)
msg_error "Selected no to Disabling 'pve-enterprise' repository"
;;
esac
CHOICE=$(whiptail --title "PVE-NO-SUBSCRIPTION" --menu "The 'pve-no-subscription' repository provides access to all of the open-source components of Proxmox VE.\n \nEnable 'pve-no-subscription' repository?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Enabling 'pve-no-subscription' repository"
cat <<EOF >/etc/apt/sources.list.d/pve-install-repo.list
deb http://download.proxmox.com/debian/pve ${VERSION} pve-no-subscription
EOF
msg_ok "Enabled 'pve-no-subscription' repository"
;;
no)
msg_error "Selected no to Enabling 'pve-no-subscription' repository"
;;
esac
if [[ "${VERSION}" == "bookworm" ]]; then
CHOICE=$(whiptail --title "CEPH PACKAGE REPOSITORIES" --menu "The 'Ceph Package Repositories' provides access to both the 'no-subscription' and 'enterprise' repositories.\n \nEnable 'ceph package repositories?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Enabling 'ceph package repositories'"
cat <<EOF >/etc/apt/sources.list.d/ceph.list
# deb http://download.proxmox.com/debian/ceph-quincy bookworm enterprise
deb http://download.proxmox.com/debian/ceph-quincy bookworm no-subscription
EOF
msg_ok "Enabled 'ceph package repositories'"
;;
no)
msg_error "Selected no to Enabling 'ceph package repositories'"
;;
esac
fi
CHOICE=$(whiptail --title "PVETEST" --menu "The 'pvetest' repository can give advanced users access to new features and updates before they are officially released.\n \nAdd (Disabled) 'pvetest' repository?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Adding 'pvetest' repository and set disabled"
cat <<EOF >/etc/apt/sources.list.d/pvetest-for-beta.list
# deb http://download.proxmox.com/debian/pve ${VERSION} pvetest
EOF
msg_ok "Added 'pvetest' repository"
;;
no)
msg_error "Selected no to Adding 'pvetest' repository"
;;
esac
if [[ ! -f /etc/apt/apt.conf.d/no-nag-script ]]; then
CHOICE=$(whiptail --title "SUBSCRIPTION NAG" --menu "This will disable the nag message reminding you to purchase a subscription every time you log in to the web interface.\n \nDisable subscription nag?" 14 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
whiptail --msgbox --title "Support Subscriptions" "Supporting the software's development team is essential. Check their official website's Support Subscriptions for pricing. Without their dedicated work, we wouldn't have this exceptional software." 10 58
msg_info "Disabling subscription nag"
echo "DPkg::Post-Invoke { \"dpkg -V proxmox-widget-toolkit | grep -q '/proxmoxlib\.js$'; if [ \$? -eq 1 ]; then { echo 'Removing subscription nag from UI...'; sed -i '/data\.status.*{/{s/\!//;s/active/NoMoreNagging/}' /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js; }; fi\"; };" >/etc/apt/apt.conf.d/no-nag-script
apt --reinstall install proxmox-widget-toolkit &>/dev/null
msg_ok "Disabled subscription nag (Delete browser cache)"
;;
no)
whiptail --msgbox --title "Support Subscriptions" "Supporting the software's development team is essential. Check their official website's Support Subscriptions for pricing. Without their dedicated work, we wouldn't have this exceptional software." 10 58
msg_error "Selected no to Disabling subscription nag"
;;
esac
fi
if ! systemctl is-active --quiet pve-ha-lrm; then
CHOICE=$(whiptail --title "HIGH AVAILABILITY" --menu "Enable high availability?" 10 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Enabling high availability"
systemctl enable -q --now pve-ha-lrm
systemctl enable -q --now pve-ha-crm
systemctl enable -q --now corosync
msg_ok "Enabled high availability"
;;
no)
msg_error "Selected no to Enabling high availability"
;;
esac
fi
if systemctl is-active --quiet pve-ha-lrm; then
CHOICE=$(whiptail --title "HIGH AVAILABILITY" --menu "If you plan to utilize a single node instead of a clustered environment, you can disable unnecessary high availability (HA) services, thus reclaiming system resources.\n\nIf HA becomes necessary at a later stage, the services can be re-enabled.\n\nDisable high availability?" 18 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Disabling high availability"
systemctl disable -q --now pve-ha-lrm
systemctl disable -q --now pve-ha-crm
systemctl disable -q --now corosync
msg_ok "Disabled high availability"
;;
no)
msg_error "Selected no to Disabling high availability"
;;
esac
fi
CHOICE=$(whiptail --title "UPDATE" --menu "\nUpdate Proxmox VE now?" 11 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Updating Proxmox VE (Patience)"
apt-get update &>/dev/null
apt-get -y dist-upgrade &>/dev/null
msg_ok "Updated Proxmox VE"
;;
no)
msg_error "Selected no to Updating Proxmox VE"
;;
esac
CHOICE=$(whiptail --title "REBOOT" --menu "\nReboot Proxmox VE now? (recommended)" 11 58 2 \
"yes" " " \
"no" " " 3>&2 2>&1 1>&3)
case $CHOICE in
yes)
msg_info "Rebooting Proxmox VE"
sleep 2
msg_ok "Completed Post Install Routines"
reboot
;;
no)
msg_error "Selected no to Rebooting Proxmox VE (Reboot recommended)"
msg_ok "Completed Post Install Routines"
;;
esac
}
header_info
echo -e "\nThis script will Perform Post Install Routines.\n"
while true; do
read -p "Start the Proxmox VE Post Install Script (y/n)?" yn
case $yn in
[Yy]*) break ;;
[Nn]*) clear; exit ;;
*) echo "Please answer yes or no." ;;
esac
done
if ! command -v pveversion >/dev/null 2>&1; then
header_info
msg_error "\n No PVE Detected!\n"
exit
fi
start_routines

73
proxmox2/root/proxmox-pve-essentials.sh Executable file
View File

@@ -0,0 +1,73 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]] ; then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update and upgrade
apt-get update
apt-get upgrade -y
# download and install packages
apt-get install -y sudo curl wget zip unzip git man-db cifs-utils nfs-common ntfs-3g parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
# update templates
pveam update
# remove all motd
rm /etc/motd > /dev/null 2>&1
# set input preferences
if [[ ! -f /etc/inputrc.bak ]] ; then
cp /etc/inputrc /etc/inputrc.bak > /dev/null 2>&1
fi
rm /etc/inputrc > /dev/null 2>&1
cp /etc/inputrc.bak /etc/inputrc
echo "" >> /etc/inputrc
echo "set completion-ignore-case On" >> /etc/inputrc
# set bash preferences and aliases
if [[ -f /etc/bash.bashrc.default ]] ; then
mv /etc/bash.bashrc.default /etc/bash.bashrc.bak > /dev/null 2>&1
fi
if [[ ! -f /etc/bash.bashrc.bak ]] ; then
cp /etc/bash.bashrc /etc/bash.bashrc.bak > /dev/null 2>&1
fi
rm /etc/bash.bashrc > /dev/null 2>&1
cp /etc/bash.bashrc.bak /etc/bash.bashrc
echo "" >> /etc/bash.bashrc
echo "# custom settings and aliases" >> /etc/bash.bashrc
echo "set -o noclobber" >> /etc/bash.bashrc
echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
# create tmux config
rm /etc/tmux.conf* > /dev/null 2>&1
echo "unbind C-b" >> /etc/tmux.conf
echo "set-option -g prefix C-a" >> /etc/tmux.conf
echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# git config
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main

3
proxmox2/root/shutdown-proxmox1.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
ssh proxmox1 sudo poweroff

4
proxmox2/root/wake-proxmox1.sh Executable file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
wakeonlan 68:1c:a2:13:05:f5
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/WKVxvGZXIw?status=up&msg=OK&ping=

4
proxmox3/akanealw/restart-gluetun-and-services.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
ssh dockerserver ./scripts/restart-gluetun-and-services.sh
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/eT36YM3T94?status=up&msg=OK&ping=

3
proxmox3/akanealw/shutdown-proxmox1.sh Normal file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
ssh proxmox1 sudo poweroff

3
proxmox3/akanealw/shutdown-proxmox2.sh Normal file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
ssh proxmox2 sudo poweroff

3
proxmox3/akanealw/wake-proxmox1.sh Normal file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
wakeonlan 68:1c:a2:13:05:f5

3
proxmox3/akanealw/wake-proxmox2.sh Normal file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
wakeonlan d8:9e:f3:47:34:0b

4
proxmox3/root/wake-proxmox1.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
wakeonlan 68:1c:a2:13:05:f5
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/WKVxvGZXIw?status=up&msg=OK&ping=

4
proxmox3/root/wake-proxmox2.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
wakeonlan d8:9e:f3:47:34:0b
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/dDaOMxA4tD?status=up&msg=OK&ping=

4
proxyserver/akanealw/backup-bookmarks.sh Executable file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
cp /home/akanealw/docker/appdata/nginxwebdav/data/bookmarks.html /home/akanealw/backups/bookmarksbackups/bookmarks-$(/bin/date +%Y-%m-%d-%I-%M-%S-%p).html
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vLacLASfQk?status=up&msg=OK&ping=

4
proxyserver/akanealw/backup-vaultwarden.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
docker run --rm --volumes-from=vaultwarden -e UID=1000 -e PID=1000 -e BACKUP_DIR=/data/backups -e TIMESTAMP=true -v /home/akanealw/backups/vaultwardenbackups:/data/backups bruceforce/vaultwarden-backup manual
chown -R akanealw:akanealw /home/akanealw/backups

6
proxyserver/akanealw/copy-backups-to-truenas.sh Normal file
View File

@@ -0,0 +1,6 @@
#!/bin/bash
find "/home/akanealw/backups/bookmarksbackups" -name "*.html" -type f -mtime +25 -delete
find "/home/akanealw/backups/vaultwardenbackups" -name "*.xz" -type f -mtime +25 -delete
rsync -rvz /home/akanealw/backups/bookmarksbackups/ akanealw@truenas:/mnt/data/backups/bookmarksbackups/
rsync -rvz /home/akanealw/backups/vaultwardenbackups/ akanealw@truenas:/mnt/data/backups/vaultwardenbackups/

26
proxyserver/akanealw/crontab.bak Normal file
View File

@@ -0,0 +1,26 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
10 * * * * /home/akanealw/scripts/backup-bookmarks.sh
0 16 * * * /home/akanealw/scripts/ping-before-copy-backups-to-truenas.sh
0 11 * * * /home/akanealw/scripts/olivetin/restart-gluetun-and-services.sh

145
proxyserver/akanealw/debian-essentials.sh Executable file
View File

@@ -0,0 +1,145 @@
#!/bin/bash
# autoreply config update dialog with no
if [[ ! -f /etc/apt/apt.conf.d/local ]]
then
echo "Dpkg::Options {" >> /etc/apt/apt.conf.d/local
echo " "--force-confdef";" >> /etc/apt/apt.conf.d/local
echo " "--force-confold";" >> /etc/apt/apt.conf.d/local
echo "}" >> /etc/apt/apt.conf.d/local
fi
# update bookworm to new debian.sources file
if [[ -f /etc/apt/sources.list.d/debian.sources ]]
then
echo "Sources already updated"
else
isInFile=$(cat /etc/apt/sources.list | grep -c "bullseye")
if [ $isInFile -eq 0 ]
then
mkdir /etc/apt/mirrors > /dev/null 2>&1
echo "https://deb.debian.org/debian" >> /etc/apt/mirrors/debian.list
echo "https://deb.debian.org/debian-security" >> /etc/apt/mirrors/debian-security.list
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm bookworm-updates bookworm-backports" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main contrib non-free non-free-firmware" >> /etc/apt/sources.list.d/debian.sources
echo "" >> /etc/apt/sources.list.d/debian.sources
echo "Types: deb deb-src" >> /etc/apt/sources.list.d/debian.sources
echo "URIs: mirror+file:///etc/apt/mirrors/debian-security.list" >> /etc/apt/sources.list.d/debian.sources
echo "Suites: bookworm-security" >> /etc/apt/sources.list.d/debian.sources
echo "Components: main" >> /etc/apt/sources.list.d/debian.sources
mv /etc/apt/sources.list /etc/apt/sources.list.bak > /dev/null 2>&1
rm /etc/apt/sources.list.11.backup > /dev/null 2>&1
else
echo "Bullseye detected, skipping sources update"
fi
fi
# update and upgrade
apt-get update
apt-get upgrade -y
# download and install packages
apt-get install -y lsb-release cron qemu-guest-agent sudo nano curl wget zip unzip git rsync man-db cifs-utils nfs-common parted libtalloc2 libwbclient0 net-tools gnupg apt-transport-https tmux gdisk bash-completion
# add akanealw user if not existing
isInFile=$(cat /etc/passwd | grep -c "akanealw")
if [ $isInFile -eq 0 ]
then
echo "Set password for akanealw"
useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -d /home/akanealw akanealw
mkdir /home/akanealw/.ssh
chown akanealw:akanealw /home/akanealw/.ssh
chmod 700 /home/akanealw/.ssh
cp /root/.ssh/authorized_keys /home/akanealw/.ssh > /dev/null 2>&1
chown akanealw:akanealw /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
chmod 600 /home/akanealw/.ssh/authorized_keys > /dev/null 2>&1
fi
# create akanealw file in /etc/sudoers.d
if [[ ! -f /etc/sudoers.d/akanealw ]]
then
echo "akanealw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/akanealw
fi
# enable ping for all users
setcap 'cap_net_admin,cap_net_raw+ep' $(which ping)
# remove all motd
rm /etc/motd > /dev/null 2>&1
# disable systemd-networkd-wait-online.service
systemctl disable systemd-networkd-wait-online.service
# git config
git config --global credential.helper store
git config --global user.name "akanealw"
git config --global user.email "akanealw@gmail.com"
git config --global init.defaultBranch main
# show ip in /etc/issue
wget -qO /etc/issue.default http://192.168.1.50/debian/issue.default
rm /etc/issue > /dev/null 2>&1
cp /etc/issue.default /etc/issue
name=$(basename /sys/class/net/e*)
echo "" >> /etc/issue
echo "$name: \4{$name}" >> /etc/issue
echo "" >> /etc/issue
# set input preferences
wget -qO /etc/inputrc.default http://192.168.1.50/debian/inputrc.default
rm /etc/inputrc > /dev/null 2>&1
cp /etc/inputrc.default /etc/inputrc
echo "" >> /etc/inputrc
echo "set completion-ignore-case On" >> /etc/inputrc
# set bash preferences and aliases
wget -qO /etc/bash.bashrc.default http://192.168.1.50/debian/bash.bashrc.default
rm /etc/bash.bashrc > /dev/null 2>&1
cp /etc/bash.bashrc.default /etc/bash.bashrc
echo "" >> /etc/bash.bashrc
echo "# custom settings and aliases" >> /etc/bash.bashrc
echo "set -o noclobber" >> /etc/bash.bashrc
echo "alias lsa='ls -alhvF'" >> /etc/bash.bashrc
echo "alias systart='sudo systemctl start'" >> /etc/bash.bashrc
echo "alias systop='sudo systemctl stop'" >> /etc/bash.bashrc
echo "alias sysrest='sudo systemctl restart'" >> /etc/bash.bashrc
echo "alias systat='sudo systemctl status'" >> /etc/bash.bashrc
echo "alias aptupy='sudo apt update && sudo apt upgrade -y'" >> /etc/bash.bashrc
echo "alias aptiy='sudo apt install -y'" >> /etc/bash.bashrc
echo "alias aptry='sudo apt remove -y'" >> /etc/bash.bashrc
echo "alias aptrpy='sudo apt remove --purge -y'" >> /etc/bash.bashrc
echo "alias aptary='sudo apt autoremove -y'" >> /etc/bash.bashrc
echo "alias apts='sudo apt search'" >> /etc/bash.bashrc
echo "alias aptl='sudo apt list --installed'" >> /etc/bash.bashrc
echo "alias aptsh='sudo apt show'" >> /etc/bash.bashrc
echo "alias aptac='sudo apt-get autoclean'" >> /etc/bash.bashrc
echo "alias dpkgi='sudo dpkg -i'" >> /etc/bash.bashrc
echo "alias tmxls='tmux ls'" >> /etc/bash.bashrc
echo "alias tmxa='tmux attach -t'" >> /etc/bash.bashrc
echo "alias dc='docker compose'" >> /etc/bash.bashrc
echo "alias dcup='docker compose up -d'" >> /etc/bash.bashrc
echo "alias dcaup='docker compose -f admin-compose.yml up -d'" >> /etc/bash.bashrc
echo "alias dcdown='docker compose down'" >> /etc/bash.bashrc
echo "alias dcadown='docker compose -f admin-compose.yml down'" >> /etc/bash.bashrc
echo "alias dcpull='docker compose pull'" >> /etc/bash.bashrc
echo "alias dcapull='docker compose -f admin-compose.yml pull'" >> /etc/bash.bashrc
echo "alias dps='docker ps'" >> /etc/bash.bashrc
echo "alias dipaf='docker image prune -a -f'" >> /etc/bash.bashrc
# create tmux config
rm /etc/tmux.conf* > /dev/null 2>&1
echo "unbind C-b" >> /etc/tmux.conf
echo "set-option -g prefix C-a" >> /etc/tmux.conf
echo "bind-key C-a send-prefix" >> /etc/tmux.conf
# create credentials and map network drives
isInFile=$(cat /etc/fstab | grep -c "192.168.1.41")
if [ $isInFile -eq 0 ]
then
mkdir /mnt/truenasdata > /dev/null 2>&1
chown akanealw:akanealw /mnt/truenasdata
echo "# nfs shares" >> /etc/fstab
echo "192.168.1.41:/mnt/data /mnt/truenasdata nfs defaults,nolock,soft,vers=4.2 0 0" >> /etc/fstab
fi

18
proxyserver/akanealw/olivetin/restart-gluetun-and-services.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
ssh -i ~/.ssh/dockerserver \
-o StrictHostKeyChecking=no \
akanealw@192.168.1.30 \
"docker restart gluetun \
&& echo "gluetun restarting" \
&& sleep 45 \
&& docker restart jdownloader \
&& echo "jdownloader restarting" \
&& sleep 5 \
&& docker restart qbittorrent \
&& echo "qbittorrent restarting" \
&& sleep 5 \
&& docker restart sabnzbd \
&& echo "sabnzbd restarting" \
&& curl -fsS -m 10 --retry 5 -o /dev/null \
https://uptimekuma.akanealw.com/api/push/eT36YM3T94?status=up&msg=OK&ping="

7
proxyserver/akanealw/olivetin/restart-jdownloader.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
ssh -i ~/.ssh/dockerserver \
-o StrictHostKeyChecking=no \
akanealw@192.168.1.30 \
"docker restart jdownloader \
&& echo "jdownloader restarting""

7
proxyserver/akanealw/olivetin/restart-qbittorrent.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
ssh -i ~/.ssh/dockerserver \
-o StrictHostKeyChecking=no \
akanealw@192.168.1.30 \
"docker restart qbittorrent \
&& echo "qbittorrent restarting""

7
proxyserver/akanealw/olivetin/restart-sabnzbd.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
ssh -i ~/.ssh/dockerserver \
-o StrictHostKeyChecking=no \
akanealw@192.168.1.30 \
"docker restart sabnzbd \
&& echo "sabnzbd restarting""

4
proxyserver/akanealw/olivetin/shutdown-proxmox1.sh Executable file
View File

@@ -0,0 +1,4 @@
ssh -i ~/.ssh/proxmox2 \
-o StrictHostKeyChecking=no \
akanealw@192.168.1.52 \
/home/akanealw/scripts/shutdown-proxmox1.sh

4
proxyserver/akanealw/olivetin/wake-proxmox1.sh Executable file
View File

@@ -0,0 +1,4 @@
ssh -i ~/.ssh/proxmox2 \
-o StrictHostKeyChecking=no \
akanealw@192.168.1.52 \
/home/akanealw/scripts/wake-proxmox1.sh

15
proxyserver/akanealw/ping-before-copy-backups-to-truenas.sh Executable file
View File

@@ -0,0 +1,15 @@
#!/bin/bash
sudo chown -R akanealw:akanealw /home/akanealw/backups
find "/home/akanealw/backups/bookmarksbackups" -name "*.html" -type f -mtime +25 -delete
find "/home/akanealw/backups/vaultwardenbackups" -name "*.xz" -type f -mtime +25 -delete
if ping -c 2 192.168.1.41 &> /dev/null
then
rsync -rvz /home/akanealw/backups/bookmarksbackups/ akanealw@truenas:/mnt/data/backups/bookmarksbackups/
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=up&msg=OK&ping=
rsync -rvz /home/akanealw/backups/vaultwardenbackups/ akanealw@truenas:/mnt/data/backups/vaultwardenbackups/
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=up&msg=OK&ping=
else
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/l6Fztc77wL?status=down&msg=OK&ping=
fi

21
proxyserver/root/check-wireguard.sh Normal file
View File

@@ -0,0 +1,21 @@
#!/bin/bash
PING=/bin/ping
## DEBIAN
SERVICE=/usr/sbin/service
tries=0
while [[ $tries -lt 3 ]]
do
if $PING -c 1 10.0.10.1
then
echo "wg works" && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=up&msg=OK&ping=
exit 0
fi
echo "wg fail"
tries=$((tries+1))
done
echo "wg failed 3 times - restarting tunnel" && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=down&msg=OK&ping=
## DEBIAN
$SERVICE wg-quick@wg1 restart && curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/C6kilkNqUv?status=up&msg=OK&ping=

5
proxyserver/root/clean-plex-photo-cache.sh Executable file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.jpg" -type f -mtime +5 -delete
find "/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/PhotoTranscoder" -name "*.ppm" -type f -mtime +5 -delete
curl -fsS -m 10 --retry 5 -o /dev/null https://uptimekuma.akanealw.com/api/push/vOOCgMo8GW?status=up&msg=OK&ping=

23
proxyserver/root/crontab.bak Normal file
View File

@@ -0,0 +1,23 @@
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command

0
proxyserver/root/test.sh Normal file
View File

18
rclone/rclone-copy-scott-backup.sh Normal file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
#rclone copy /media/raid/Media/ /mnt/truenasmedia/ --create-empty-src-dirs -P
rclone copy /media/raid/Backups/ /mnt/truenasscott/ --create-empty-src-dirs -P
rclone copy /media/raid/Applications/ /mnt/truenasscott/Applications/ --create-empty-src-dirs -P
rclone copy /media/raid/Games/ /mnt/truenasscott/Games/ --create-empty-src-dirs -P
rclone copy /media/raid/Google/ /mnt/truenasscott/Google/ --create-empty-src-dirs -P
rclone copy /media/raid/Kodi/ /mnt/truenasscott/Kodi/ --create-empty-src-dirs -P
rclone copy /media/raid/Miscellaneous/ /mnt/truenasscott/Miscellaneous/ --create-empty-src-dirs -P
rclone copy /media/raid/Pictures/ /mnt/truenasscott/Pictures/ --create-empty-src-dirs -P
rclone copy /media/raid/'Pictures Backup'/ /mnt/truenasscott/'Pictures Backup'/ --create-empty-src-dirs -P
rclone copy /media/raid/Projects/ /mnt/truenasscott/Projects/ --create-empty-src-dirs -P
rclone copy /media/raid/'Rosetta Stone'/ /mnt/truenasscott/'Rosetta Stone'/ --create-empty-src-dirs -P
rclone copy /media/raid/Share/ /mnt/truenasscott/Share/ --create-empty-src-dirs -P
rclone copy /media/raid/'TV Shows'/ /mnt/truenasscott/'TV Shows'/ --create-empty-src-dirs -P
rclone copy /media/raid/'Unsorted Pictures'/ /mnt/truenasscott/'Unsorted Pictures'/ --create-empty-src-dirs -P
rclone copy /media/raid/dockernuc/ /mnt/truenasscott/dockernuc/ --create-empty-src-dirs -P

106
remotely/remotely-agent-debian.sh Normal file
View File

@@ -0,0 +1,106 @@
#!/bin/bash
HostName="https://remotely.akanealw.com"
Organization="7fbfb541-0720-42cf-b363-ddf13a19fd16"
GUID=$(cat /proc/sys/kernel/random/uuid)
UpdatePackagePath=""
InstallDir="/usr/local/bin/Remotely"
apt-get update
apt-get -y install curl lsb-release apt-transport-https libx11-dev libxrandr-dev unzip libc6-dev libxtst-dev xclip jq
ETag=$(curl --head $HostName/Content/Remotely-Linux.zip | grep -i "etag" | cut -d' ' -f 2)
LogPath="/var/log/remotely/Agent_Install.log"
mkdir -p /var/log/remotely
Args=( "$@" )
ArgLength=${#Args[@]}
for (( i=0; i<${ArgLength}; i+=2 ));
do
if [ "${Args[$i]}" = "--uninstall" ]; then
systemctl stop remotely-agent
rm -r -f $InstallDir
rm -f /etc/systemd/system/remotely-agent.service
systemctl daemon-reload
exit
elif [ "${Args[$i]}" = "--path" ]; then
UpdatePackagePath="${Args[$i+1]}"
fi
done
if [ -z "$ETag" ]; then
echo "ETag is empty. Aborting install." | tee -a $LogPath
exit 1
fi
debianVersion=$(lsb_release -r -s)
wget -q https://packages.microsoft.com/config/debian/$debianVersion/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
dpkg -i packages-microsoft-prod.deb
apt-get update
#apt-get -y install apt-transport-https
apt-get -y install dotnet-runtime-7.0
rm packages-microsoft-prod.deb
#apt-get -y install libx11-dev libxrandr-dev unzip libc6-dev libxtst-dev xclip jq
if [ -f "$InstallDir/ConnectionInfo.json" ]; then
SavedGUID=`cat "$InstallDir/ConnectionInfo.json" | jq -r '.DeviceID'`
if [[ "$SavedGUID" != "null" && -n "$SavedGUID" ]]; then
GUID="$SavedGUID"
fi
fi
rm -r -f $InstallDir
rm -f /etc/systemd/system/remotely-agent.service
mkdir -p $InstallDir
if [ -z "$UpdatePackagePath" ]; then
echo "Downloading client." | tee -a $LogPath
wget -q -O /tmp/Remotely-Linux.zip $HostName/Content/Remotely-Linux.zip
else
echo "Copying install files." | tee -a $LogPath
cp "$UpdatePackagePath" /tmp/Remotely-Linux.zip
rm -f "$UpdatePackagePath"
fi
unzip -o /tmp/Remotely-Linux.zip -d $InstallDir
rm -f /tmp/Remotely-Linux.zip
chmod +x $InstallDir/Remotely_Agent
chmod +x $InstallDir/Desktop/Remotely_Desktop
connectionInfo="{
\"DeviceID\":\"$GUID\",
\"Host\":\"$HostName\",
\"OrganizationID\": \"$Organization\",
\"ServerVerificationToken\":\"\"
}"
echo "$connectionInfo" > $InstallDir/ConnectionInfo.json
curl --head $HostName/Content/Remotely-Linux.zip | grep -i "etag" | cut -d' ' -f 2 > $InstallDir/etag.txt
echo Creating service. | tee -a $LogPath
serviceConfig="[Unit]
Description=The Remotely agent used for remote access.
[Service]
WorkingDirectory=$InstallDir
ExecStart=$InstallDir/Remotely_Agent
Restart=always
StartLimitIntervalSec=0
RestartSec=10
[Install]
WantedBy=graphical.target"
echo "$serviceConfig" > /etc/systemd/system/remotely-agent.service
systemctl enable remotely-agent
systemctl restart remotely-agent
echo Install complete. | tee -a $LogPath

106
remotely/remotely-agent-ubuntu.sh Normal file
View File

@@ -0,0 +1,106 @@
#!/bin/bash
HostName="https://remotely.akanealw.com"
Organization="7fbfb541-0720-42cf-b363-ddf13a19fd16"
GUID=$(cat /proc/sys/kernel/random/uuid)
UpdatePackagePath=""
InstallDir="/usr/local/bin/Remotely"
apt-get update
apt-get -y install curl lsb-release libx11-dev libxrandr-dev unzip libc6-dev libxtst-dev xclip jq apt-transport-https
ETag=$(curl --head $HostName/Content/Remotely-Linux.zip | grep -i "etag" | cut -d' ' -f 2)
LogPath="/var/log/remotely/Agent_Install.log"
mkdir -p /var/log/remotely
Args=( "$@" )
ArgLength=${#Args[@]}
for (( i=0; i<${ArgLength}; i+=2 ));
do
if [ "${Args[$i]}" = "--uninstall" ]; then
systemctl stop remotely-agent
rm -r -f $InstallDir
rm -f /etc/systemd/system/remotely-agent.service
systemctl daemon-reload
exit
elif [ "${Args[$i]}" = "--path" ]; then
UpdatePackagePath="${Args[$i+1]}"
fi
done
if [ -z "$ETag" ]; then
echo "ETag is empty. Aborting install." | tee -a $LogPath
exit 1
fi
ubuntuVersion=$(lsb_release -r -s)
wget -q https://packages.microsoft.com/config/ubuntu/$ubuntuVersion/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
dpkg -i packages-microsoft-prod.deb
apt-get update
#apt-get -y install apt-transport-https
apt-get -y install dotnet-runtime-7.0
rm packages-microsoft-prod.deb
#apt-get -y install libx11-dev libxrandr-dev unzip libc6-dev libxtst-dev xclip jq
if [ -f "$InstallDir/ConnectionInfo.json" ]; then
SavedGUID=`cat "$InstallDir/ConnectionInfo.json" | jq -r '.DeviceID'`
if [[ "$SavedGUID" != "null" && -n "$SavedGUID" ]]; then
GUID="$SavedGUID"
fi
fi
rm -r -f $InstallDir
rm -f /etc/systemd/system/remotely-agent.service
mkdir -p $InstallDir
if [ -z "$UpdatePackagePath" ]; then
echo "Downloading client." | tee -a $LogPath
wget -q -O /tmp/Remotely-Linux.zip $HostName/Content/Remotely-Linux.zip
else
echo "Copying install files." | tee -a $LogPath
cp "$UpdatePackagePath" /tmp/Remotely-Linux.zip
rm -f "$UpdatePackagePath"
fi
unzip -o /tmp/Remotely-Linux.zip -d $InstallDir
rm -f /tmp/Remotely-Linux.zip
chmod +x $InstallDir/Remotely_Agent
chmod +x $InstallDir/Desktop/Remotely_Desktop
connectionInfo="{
\"DeviceID\":\"$GUID\",
\"Host\":\"$HostName\",
\"OrganizationID\": \"$Organization\",
\"ServerVerificationToken\":\"\"
}"
echo "$connectionInfo" > $InstallDir/ConnectionInfo.json
curl --head $HostName/Content/Remotely-Linux.zip | grep -i "etag" | cut -d' ' -f 2 > $InstallDir/etag.txt
echo Creating service. | tee -a $LogPath
serviceConfig="[Unit]
Description=The Remotely agent used for remote access.
[Service]
WorkingDirectory=$InstallDir
ExecStart=$InstallDir/Remotely_Agent
Restart=always
StartLimitIntervalSec=0
RestartSec=10
[Install]
WantedBy=graphical.target"
echo "$serviceConfig" > /etc/systemd/system/remotely-agent.service
systemctl enable remotely-agent
systemctl restart remotely-agent
echo Install complete. | tee -a $LogPath

15
rsync/rsync-backup-fileserver-truenas.sh Normal file
View File

@@ -0,0 +1,15 @@
rsync -azvP -e "ssh -i ~/.ssh/truenas" --progress \
--include=/ \
--include=/home/*** \
--include=/etc \
--include=/etc/fstab \
--include=/etc/dnsmasq.d/*** \
--include=/etc/gitea/*** \
--include=/etc/nginx/*** \
--include=/etc/wireguard/*** \
--include=/srv/*** \
--include=/var \
--include=/var/lib \
--include=/var/lib/gitea/*** \
--exclude=* \
/ root@192.168.1.41:/mnt/data/backups/fileserverbackup/$(/bin/date +%Y-%m-%d)

10
rsync/rsync-backup.sh Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/bash
#rsync -azvP -e "ssh -i ~/.ssh/debiantest" --progress \
--include=/ \
--include=/home/ \
--include=/home/akanealw \
--include=/home/akanealw/docker \
--include=/home/akanealw/docker/appdata/*** \
--exclude=* \
root@192.168.1.33:/ /mnt/backups/dockerservertest/$(/bin/date +%Y-%m-%d)

12
rsync/rsync-pull-with-public-key-to-local.sh Executable file
View File

@@ -0,0 +1,12 @@
rsync -azvP -e "ssh -i ~/.ssh/publickey" --progress \
--exclude=/etc/fstab \
--exclude=/etc/network/* \
--exclude=/lib/modules \
--exclude=/proc/* \
--exclude=/tmp/* \
--exclude=/sys/* \
--exclude=/dev/* \
--exclude=/mnt/* \
--exclude=/boot/* \
--exclude=/root/* \
hostname:/ /

4
rsync/rsync-restore.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
rsync -azvP -e "ssh -i ~/.ssh/proxyserver" --progress \
/mnt/backups/dockerservertest/2023-07-04/* root@192.168.1.4:/

4
rsync/rsync-to-truenas-module.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
rsync -avP --rsh=ssh truenas::truenas-backups/ /mnt/pve/external-backup/backups/
rsync -avP --rsh=ssh truenas::truenas-storage/ /mnt/pve/external-backup/storage/

1
serverbackup-cronjob.txt Executable file
View File

@@ -0,0 +1 @@
0 */12 * * * /home/akanealw/serverbackup.sh >> /home/akanealw/$(hostname)-backup.log

2
serverbackup-networkshare.txt Executable file
View File

@@ -0,0 +1,2 @@
# nfs shares
192.168.1.41:/mnt/data/backups/serverbackups /mnt/backups nfs defaults,nolock,soft 0 0

8
serverbackup.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
rsync -arzv --mkpath --delete --no-links /home/akanealw/ /mnt/backups/$(hostname)/akanealw/
rsync -arzv --mkpath /var/spool/cron/crontabs/ /mnt/backups/$(hostname)/cron/crontabs/
rsync -arzv --mkpath --delete --no-links --exclude 'ipc-socket' --exclude 'ibtmp1' /opt/docker/ /mnt/backups/$(hostname)/docker/
rsync -arzv --mkpath /etc/fstab /mnt/backups/$(hostname)/fstab
rsync -arzv --mkpath /etc/network/interfaces /mnt/backups/$(hostname)/
rsync -arzv --mkpath /etc/samba/smb.conf /mnt/backups/$(hostname)/smb.conf

4
start-all-docker.sh Executable file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
docker compose -f /opt/docker/admin-compose.yml up -d
docker compose -f /opt/docker/docker-compose.yml up -d

Some files were not shown because too many files have changed in this diff Show More