diff --git a/.gitignore b/.gitignore index 2ec3563..867c6ae 100644 --- a/.gitignore +++ b/.gitignore @@ -16,4 +16,5 @@ CT-Files/mailbackup/rainloop-installed CT-Files/mailbackup/MailBackup-sys CT-Files/elkarbackupDEB/rsnapshot.deb CT-Files/elkarbackupALP/Elkarbackup-installed -CT-Files/mysql/phpmyadminVersion \ No newline at end of file +CT-Files/mysql/phpmyadminVersion +CT-Files/duplicati/duplicati-installed \ No newline at end of file diff --git a/CT-Build/Alpine.yaml b/CT-Build/Alpine.yaml index f2ab085..f5f4d9d 100644 --- a/CT-Build/Alpine.yaml +++ b/CT-Build/Alpine.yaml @@ -361,6 +361,13 @@ files: variants: - heimdall +#FileForVouchproxy +- path: /opt/Setup + generator: copy + source: CT-Files/vouchproxy + variants: + - vouchproxy + packages: manager: apk update: true @@ -563,6 +570,13 @@ packages: variants: - heimdall +#PKGS for Vouchproxy + - packages: + - vouch-proxy + action: install + variants: + - vouchproxy + repositories: - name: /etc/apk/repositories url: |- @@ -571,7 +585,7 @@ packages: http://192.168.200.11/alpine/v{{ image.release }}/community #EndREPOS {% if image.variant == "ddns" %}@TestingEdge http://dl-4.alpinelinux.org/alpine/edge/testing{% endif %} - + actions: - trigger: post-unpack @@ -653,6 +667,7 @@ actions: - mailbackup - elkarbackupALP - heimdall + - vouchproxy # Enable service for iscsi CT - trigger: post-files diff --git a/CT-Build/Debian.yaml b/CT-Build/Debian.yaml index 26c4c6b..0fd7c92 100644 --- a/CT-Build/Debian.yaml +++ b/CT-Build/Debian.yaml @@ -994,6 +994,13 @@ files: variants: - nfs +#FileForduplicati +- path: /opt/Setup + generator: copy + source: CT-Files/duplicati + variants: + - duplicati + packages: manager: apt update: true @@ -1018,6 +1025,7 @@ packages: - aptcacherng - elkarbackupDEB - nfs + - duplicati #Https Repo pkgs - packages: @@ -1037,6 +1045,7 @@ packages: - mysql - domoticz - nfs + - duplicati #Minimal pkgs - packages: @@ -1282,6 +1291,35 @@ packages: variants: - nfs +#Duplicati pkgs + - packages: + - unzip + - mono-runtime + - ca-certificates-mono + - libmono-2.0-1 + - libmono-system-configuration-install4.0-cil + - libmono-system-core4.0-cil + - libmono-system-configuration4.0-cil + - libmono-system-data4.0-cil + - libmono-system-drawing4.0-cil + - libmono-system-net4.0-cil + - libmono-system-net-http4.0-cil + - libmono-system-net-http-webrequest4.0-cil + - libmono-system-numerics4.0-cil + - libmono-system-runtime-serialization4.0-cil + - libmono-system-servicemodel4.0a-cil + - ibmono-system-servicemodel-discovery4.0-cil + - libmono-system-serviceprocess4.0-cil + - libmono-system-transactions4.0-cil + - libmono-system-web4.0-cil + - libmono-system-web-services4.0-cil + - libmono-system-xml4.0-cil + - libmono-microsoft-csharp4.0-cil + - libsqlite3-0 + action: install + variants: + - duplicati + repositories: - name: sources.list url: |- @@ -1360,6 +1398,13 @@ packages: variants: - elkarbackupDEB +#Mono Repo + - name: mono.list + url: |- + deb [signed-by=/usr/share/keyrings/mono-archive-keyring.gpg arch=amd64] https://download.mono-project.com/repo/debian stable-buster main + variants: + - duplicati + actions: - trigger: post-unpack action: |- @@ -1413,6 +1458,7 @@ actions: - aptcacherng - elkarbackupDEB - nfs + - duplicati - trigger: post-packages action: |- @@ -1525,5 +1571,13 @@ actions: variants: - elkarbackupDEB +#Duplicati Repo key +- trigger: post-unpack + action: |- + #!/bin/sh + curl "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xa6a19b38d3d831ef" | gpg --dearmor > /usr/share/keyrings/mono-archive-keyring.gpg + variants: + - duplicati + mappings: architecture_map: debian \ No newline at end of file diff --git a/CT-Files/duplicati/Configs/Duplicati-env b/CT-Files/duplicati/Configs/Duplicati-env new file mode 100644 index 0000000..cbdc6f2 --- /dev/null +++ b/CT-Files/duplicati/Configs/Duplicati-env @@ -0,0 +1,4 @@ +# Settings for duplicati initscript + +# Additional options that are passed to the Daemon. +DAEMON_OPTS="--webservice-interface=any --accept-any-ssl-certificate" diff --git a/CT-Files/duplicati/Configs/duplicati.service b/CT-Files/duplicati/Configs/duplicati.service new file mode 100644 index 0000000..e0e1e0a --- /dev/null +++ b/CT-Files/duplicati/Configs/duplicati.service @@ -0,0 +1,13 @@ +[Unit] +Description=Duplicati web-server +After=network.target + +[Service] +Nice=19 +IOSchedulingClass=idle +EnvironmentFile=-/etc/default/duplicati +ExecStart=/usr/bin/mono /opt/duplicati/Duplicati.Server.exe $DAEMON_OPTS +Restart=always + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/CT-Files/duplicati/Scripts/Init.sh b/CT-Files/duplicati/Scripts/Init.sh new file mode 100644 index 0000000..eaa9407 --- /dev/null +++ b/CT-Files/duplicati/Scripts/Init.sh @@ -0,0 +1,17 @@ +#!/bin/bash +#Extract duplicati +unzip /opt/Setup/duplicati.zip -d /opt/duplicati +#Remove Archive +rm /opt/Setup/duplicati.zip +#Install updates-cript +mv /opt/Setup/Scripts/UpdateDuplicati.sh /opt/UpdateDuplicati.sh +#Move configuration inplace +mv /opt/Setup/duplicati-installed /opt/Duplicati-installed +mv /opt/Setup/Configs/Duplicati-env /etc/default/duplicati +#Installing and enabling service +mv /opt/Setup/Configs/duplicati.service /lib/systemd/system/duplicati.service +chmod +x /lib/systemd/system/duplicati.service +ln -s /lib/systemd/system/duplicati.service /etc/systemd/system/multi-user.target.wants/duplicati.service +#Fix SSL sert +/usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt +update-ca-certificates \ No newline at end of file diff --git a/CT-Files/duplicati/Scripts/UpdateDuplicati.sh b/CT-Files/duplicati/Scripts/UpdateDuplicati.sh new file mode 100644 index 0000000..f5e2e92 --- /dev/null +++ b/CT-Files/duplicati/Scripts/UpdateDuplicati.sh @@ -0,0 +1,20 @@ +#!/bin/bash +#Get latest vesion +NewDuplicatiVer=$(curl -s https://api.github.com/repos/duplicati/duplicati/releases | grep 'tag_name.*' | grep 'beta' | cut -d : -f 2,3 | tr -d \" |tr -d , |tr -d " " |head -n 1) + +#Compare versions to check for update +if [ "$NewDuplicatiVer" = "$(cat /opt/Duplicati-installed)" ] ; then + echo 'Duplicati up-to-date' + exit +else + echo "Updater Disabled, Newer versions not compatible" + exit 123 + systemctl stop duplicati + rm -rf /opt/duplicati.bck + mv /opt/duplicati /opt/duplicati.bck + echo 'Updating Duplicati' + curl -L --retry 7 --retry-delay 5 $(curl -s https://api.github.com/repos/duplicati/duplicati/releases/tags/"$NewDuplicatiVer" | grep browser_download_url | grep .zip |grep -v signatures | sed -e s#^.*https#https# | tr -d \") -o /tmp/duplicati.zip + unzip /tmp/duplicati.zip -d /opt/duplicati + systemctl start duplicati + echo $NewDuplicatiVer > "/opt/Duplicati-installed" +fi \ No newline at end of file diff --git a/CT-Files/vouchproxy/Scripts/AddOne.sh b/CT-Files/vouchproxy/Scripts/AddOne.sh new file mode 100644 index 0000000..f9bd3a4 --- /dev/null +++ b/CT-Files/vouchproxy/Scripts/AddOne.sh @@ -0,0 +1,21 @@ +#!/bin/ash + +#Get and update ID +if [ ! -f "/opt/VouchTemplates/.vouchID" ]; then ID=0; else source /opt/VouchTemplates/.vouchID; fi +if [ -z ${ID+x} ]; then ID=0; fi +ID=$(($ID+1)) +echo "ID=$ID" > /opt/VouchTemplates/.vouchID + +#Settign up config +mkdir "/etc/vouch-proxy$ID" +cp -r /usr/share/webapps/vouch-proxy "/usr/share/webapps/vouch-proxy$ID" +rm "/usr/share/webapps/vouch-proxy$ID/config" +ln -s "/etc/vouch-proxy$ID" "/usr/share/webapps/vouch-proxy$ID/config" +cp /opt/VouchTemplates/Vouch-Config "/etc/vouch-proxy$ID/config.yml" +sed -i "s/VID/$ID/" "/etc/vouch-proxy$ID/config.yml" + +#Setting up service +cp /opt/VouchTemplates/Vouch-Service "/etc/init.d/vouch-proxy$ID" +sed -i "s/VID/$ID/" "/etc/init.d/vouch-proxy$ID" +chmod +x "/etc/init.d/vouch-proxy$ID" +rc-update add "vouch-proxy$ID" \ No newline at end of file diff --git a/CT-Files/vouchproxy/Scripts/init.sh b/CT-Files/vouchproxy/Scripts/init.sh new file mode 100644 index 0000000..3464efe --- /dev/null +++ b/CT-Files/vouchproxy/Scripts/init.sh @@ -0,0 +1,5 @@ +#!/bin/ash +rc-update add vouch-proxy +mv /opt/Setup/Templates /opt/VouchTemplates +touch /opt/VouchTemplates/.vouchID +mv /opt/Setup/Scripts/AddOne.sh /opt/AddVouchInstance.sh \ No newline at end of file diff --git a/CT-Files/vouchproxy/Templates/Vouch-Config b/CT-Files/vouchproxy/Templates/Vouch-Config new file mode 100644 index 0000000..ec77fe0 --- /dev/null +++ b/CT-Files/vouchproxy/Templates/Vouch-Config @@ -0,0 +1,8 @@ +# vouch config +# Bare minimum to get vouch running on another port + +vouch: + # logLevel: debug + logLevel: info + port: 909VID +# Insert further config here \ No newline at end of file diff --git a/CT-Files/vouchproxy/Templates/Vouch-Service b/CT-Files/vouchproxy/Templates/Vouch-Service new file mode 100644 index 0000000..661bb25 --- /dev/null +++ b/CT-Files/vouchproxy/Templates/Vouch-Service @@ -0,0 +1,23 @@ +#!/sbin/openrc-run + +: ${command_user:="vouch"} +: ${command_group:="vouch"} +: ${cfgfile:="/etc/vouch-proxyVID/config.yml"} + +name="Vouch Proxy VID" +command="/usr/sbin/vouch-proxy" +command_background="yes" +pidfile="/run/vouch-proxy/$RC_SVCNAME.pid" +start_stop_daemon_args="--user $command_user --group $command_group -1 /var/log/vouch-proxy/vouch-proxyVID.log" +required_files="$cfgfile" +export VOUCH_ROOT="/usr/share/webapps/vouch-proxyVID" + +depend() { + use net + after firewall +} + +start_pre() { + checkpath -d -m 0755 -o $command_user:$command_group ${pidfile%/*} + checkpath -d -m 0755 -o $command_user:$command_group /var/log/vouch-proxy +} \ No newline at end of file diff --git a/Readme.md b/Readme.md index d45c942..3196efd 100644 --- a/Readme.md +++ b/Readme.md @@ -34,6 +34,7 @@ This can be done on a Minimal debian CT (make sure to enable nesting) on the new | x2go | Debian | Remote xfce desktop accessable via X2go | | aptcacherng | Debian | Caching server for linux packages | | nfs | Debian | NFS server | +| duplicati | Debian | Duplicati backup software | | gitea | Alpine | Gitea server | | nginx | Alpine | Nginx server for reverse-proxy use | | ddns | Alpine | DDNS client configured for OVH/OVH-Cloud | @@ -47,6 +48,7 @@ This can be done on a Minimal debian CT (make sure to enable nesting) on the new | hass | Alpine | HomeAssistant instance with HACS and mysql support | | mailbackup | Alpine | Contains mail archive tools (MailBackup-sys) | | heimdall | Alpine | Heimdall, A application dashboard/launcher | +| vouchproxy | Alpine | Vouch-proxy, A SSO solution for Nginx | ## TODO **Begin original list** @@ -227,10 +229,20 @@ lxc.mount.entry: /dev/ttyACM-Zwave dev/ttyACM-Zwave none bind,optional,create=fi * Webmin available on http://`` * NFS server Available +## duplicati +* Available on http://``:8200 + ## mailbackup * Info html page available on http://``:80 * Add user/storage space by running `ash /opt/AddMailBox.sh` +## heimdall +* available on http://``:80 + +## vouchproxy +* Default port 9090 +* A script to setup another instance is located here: `/opt/AddVouchInstance.sh` + ## elkarbackup 1. Edit the parameters in the FistRun script in the container `vi /opt/Setup/Scripts/FirstRun.sh` 2. Run the FistRun script in the container `ash /opt/Setup/Scripts/FirstRun.sh` @@ -260,6 +272,10 @@ exit ``` lvcreate --name --size G ``` +* Create LVM-Thin Volume +``` +lvcreate --thin -n -V G / +``` * Create ZFS Volume (Available @ /dev/``/``) ``` zfs create -o volblocksize=32k -V G / diff --git a/Scripts/GetExternalResources.sh b/Scripts/GetExternalResources.sh index 8bbdba0..504c2d5 100644 --- a/Scripts/GetExternalResources.sh +++ b/Scripts/GetExternalResources.sh @@ -50,4 +50,11 @@ git clone https://git.bprieshof.nl/Tools/MailBackup-sys.git CT-Files/mailbackup/ GetResource elkarbackupDEB rsnapshot.deb http://ftp.debian.org/debian/pool/main/r/rsnapshot/rsnapshot_1.4.2-1_all.deb GetGithubRelease elkarbackupALP elkarbackup elkarbackup/elkarbackup Elkarbackup-installed -GetResource elkarbackupALP elkb.tar.gz https://github.com/elkarbackup/elkarbackup/archive/refs/tags/$elkarbackupVer.tar.gz -o /tmp/ \ No newline at end of file +GetResource elkarbackupALP elkb.tar.gz https://github.com/elkarbackup/elkarbackup/archive/refs/tags/$elkarbackupVer.tar.gz -o /tmp/ + +##Duplicate get latest (non working version) +#duplicatiVer=$(curl -s https://api.github.com/repos/duplicati/duplicati/releases | grep 'tag_name.*' | grep 'beta' | cut -d : -f 2,3 | tr -d \" |tr -d , |tr -d " " |head -n 1) +##Duplicati get older version (Tested working) +duplicatiVer="v2.0.5.1-2.0.5.1_beta_2020-01-18" +echo $duplicatiVer > "CT-Files/duplicati/duplicati-installed" +GetResource duplicati duplicati.zip $(curl -s https://api.github.com/repos/duplicati/duplicati/releases/tags/"$duplicatiVer" | grep browser_download_url | grep .zip |grep -v signatures | sed -e s#^.*https#https# | tr -d \") \ No newline at end of file