Added CT's Duplicati and Vouch-Proxy

.gitignore

@@ -17,3 +17,4 @@ CT-Files/mailbackup/MailBackup-sys
 CT-Files/elkarbackupDEB/rsnapshot.deb
 CT-Files/elkarbackupALP/Elkarbackup-installed
 CT-Files/mysql/phpmyadminVersion
+CT-Files/duplicati/duplicati-installed

CT-Build/Alpine.yaml

@@ -361,6 +361,13 @@ files:
   variants:
   - heimdall
 
+#FileForVouchproxy
+- path: /opt/Setup
+  generator: copy
+  source: CT-Files/vouchproxy
+  variants:
+  - vouchproxy
+
 packages:
   manager: apk
   update: true
@@ -563,6 +570,13 @@ packages:
     variants:
     - heimdall 
 
+#PKGS for Vouchproxy
+  - packages:
+    - vouch-proxy
+    action: install
+    variants:
+    - vouchproxy 
+
   repositories:
   - name: /etc/apk/repositories
     url: |-
@@ -653,6 +667,7 @@ actions:
   - mailbackup
   - elkarbackupALP
   - heimdall
+  - vouchproxy
 
 # Enable service for iscsi CT
 - trigger: post-files

CT-Build/Debian.yaml

@@ -994,6 +994,13 @@ files:
   variants:
   - nfs
 
+#FileForduplicati
+- path: /opt/Setup
+  generator: copy
+  source: CT-Files/duplicati
+  variants:
+  - duplicati
+
 packages:
   manager: apt
   update: true
@@ -1018,6 +1025,7 @@ packages:
     - aptcacherng
     - elkarbackupDEB
     - nfs
+    - duplicati
 
   #Https Repo pkgs    
   - packages:
@@ -1037,6 +1045,7 @@ packages:
     - mysql
     - domoticz
     - nfs
+    - duplicati
 
   #Minimal pkgs
   - packages:
@@ -1282,6 +1291,35 @@ packages:
     variants:
     - nfs
 
+#Duplicati pkgs
+  - packages:
+    - unzip
+    - mono-runtime
+    - ca-certificates-mono
+    - libmono-2.0-1
+    - libmono-system-configuration-install4.0-cil
+    - libmono-system-core4.0-cil
+    - libmono-system-configuration4.0-cil
+    - libmono-system-data4.0-cil
+    - libmono-system-drawing4.0-cil
+    - libmono-system-net4.0-cil
+    - libmono-system-net-http4.0-cil
+    - libmono-system-net-http-webrequest4.0-cil
+    - libmono-system-numerics4.0-cil
+    - libmono-system-runtime-serialization4.0-cil
+    - libmono-system-servicemodel4.0a-cil
+    - ibmono-system-servicemodel-discovery4.0-cil
+    - libmono-system-serviceprocess4.0-cil
+    - libmono-system-transactions4.0-cil
+    - libmono-system-web4.0-cil
+    - libmono-system-web-services4.0-cil
+    - libmono-system-xml4.0-cil
+    - libmono-microsoft-csharp4.0-cil
+    - libsqlite3-0
+    action: install
+    variants:
+    - duplicati
+
   repositories:
   - name: sources.list
     url: |-
@@ -1360,6 +1398,13 @@ packages:
     variants:
     - elkarbackupDEB
 
+#Mono Repo
+  - name: mono.list
+    url: |-
+      deb [signed-by=/usr/share/keyrings/mono-archive-keyring.gpg arch=amd64]  https://download.mono-project.com/repo/debian stable-buster main
+    variants:
+    - duplicati
+
 actions:
 - trigger: post-unpack
   action: |-
@@ -1413,6 +1458,7 @@ actions:
   - aptcacherng
   - elkarbackupDEB
   - nfs
+  - duplicati
 
 - trigger: post-packages
   action: |-
@@ -1525,5 +1571,13 @@ actions:
   variants:
   - elkarbackupDEB
 
+#Duplicati Repo key
+- trigger: post-unpack
+  action: |-
+    #!/bin/sh
+    curl "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xa6a19b38d3d831ef" | gpg --dearmor > /usr/share/keyrings/mono-archive-keyring.gpg
+  variants:
+  - duplicati
+
 mappings:
   architecture_map: debian

CT-Files/duplicati/Configs/Duplicati-env

@@ -0,0 +1,4 @@
+# Settings for duplicati initscript
+
+# Additional options that are passed to the Daemon.
+DAEMON_OPTS="--webservice-interface=any  --accept-any-ssl-certificate"

CT-Files/duplicati/Configs/duplicati.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Duplicati web-server
+After=network.target
+
+[Service]
+Nice=19
+IOSchedulingClass=idle
+EnvironmentFile=-/etc/default/duplicati
+ExecStart=/usr/bin/mono /opt/duplicati/Duplicati.Server.exe $DAEMON_OPTS
+Restart=always
+
+[Install]
+WantedBy=multi-user.target

CT-Files/duplicati/Scripts/Init.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+#Extract duplicati
+unzip  /opt/Setup/duplicati.zip -d /opt/duplicati
+#Remove Archive
+rm /opt/Setup/duplicati.zip
+#Install updates-cript
+mv /opt/Setup/Scripts/UpdateDuplicati.sh /opt/UpdateDuplicati.sh
+#Move configuration inplace
+mv /opt/Setup/duplicati-installed /opt/Duplicati-installed
+mv /opt/Setup/Configs/Duplicati-env /etc/default/duplicati
+#Installing and enabling service
+mv /opt/Setup/Configs/duplicati.service /lib/systemd/system/duplicati.service
+chmod +x /lib/systemd/system/duplicati.service
+ln -s /lib/systemd/system/duplicati.service /etc/systemd/system/multi-user.target.wants/duplicati.service
+#Fix SSL sert
+/usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt
+update-ca-certificates

CT-Files/duplicati/Scripts/UpdateDuplicati.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+#Get latest vesion
+NewDuplicatiVer=$(curl -s https://api.github.com/repos/duplicati/duplicati/releases | grep 'tag_name.*' |  grep 'beta' | cut -d : -f 2,3 | tr -d \" |tr -d , |tr -d " " |head -n 1)
+
+#Compare versions to check for update
+if [ "$NewDuplicatiVer" = "$(cat /opt/Duplicati-installed)" ] ; then
+    echo 'Duplicati up-to-date'
+    exit
+else
+    echo "Updater Disabled, Newer versions not compatible"
+    exit 123
+    systemctl stop duplicati
+    rm -rf /opt/duplicati.bck
+    mv /opt/duplicati /opt/duplicati.bck
+    echo 'Updating Duplicati'
+    curl -L --retry 7 --retry-delay 5 $(curl -s https://api.github.com/repos/duplicati/duplicati/releases/tags/"$NewDuplicatiVer" | grep browser_download_url | grep .zip |grep -v signatures | sed -e s#^.*https#https# | tr -d \") -o /tmp/duplicati.zip
+    unzip  /tmp/duplicati.zip -d /opt/duplicati
+    systemctl start duplicati
+    echo $NewDuplicatiVer > "/opt/Duplicati-installed"
+fi

CT-Files/vouchproxy/Scripts/AddOne.sh

@@ -0,0 +1,21 @@
+#!/bin/ash
+
+#Get and update ID
+if [ ! -f "/opt/VouchTemplates/.vouchID" ]; then ID=0; else source /opt/VouchTemplates/.vouchID; fi
+if [ -z ${ID+x} ]; then ID=0; fi
+ID=$(($ID+1))
+echo "ID=$ID" > /opt/VouchTemplates/.vouchID
+
+#Settign up config
+mkdir "/etc/vouch-proxy$ID"
+cp -r /usr/share/webapps/vouch-proxy "/usr/share/webapps/vouch-proxy$ID"
+rm "/usr/share/webapps/vouch-proxy$ID/config"
+ln -s "/etc/vouch-proxy$ID" "/usr/share/webapps/vouch-proxy$ID/config"
+cp /opt/VouchTemplates/Vouch-Config "/etc/vouch-proxy$ID/config.yml"
+sed -i  "s/VID/$ID/" "/etc/vouch-proxy$ID/config.yml"
+
+#Setting up service
+cp /opt/VouchTemplates/Vouch-Service "/etc/init.d/vouch-proxy$ID"
+sed -i  "s/VID/$ID/" "/etc/init.d/vouch-proxy$ID"
+chmod +x "/etc/init.d/vouch-proxy$ID"
+rc-update add "vouch-proxy$ID"

CT-Files/vouchproxy/Scripts/init.sh

@@ -0,0 +1,5 @@
+#!/bin/ash
+rc-update add vouch-proxy
+mv /opt/Setup/Templates /opt/VouchTemplates
+touch /opt/VouchTemplates/.vouchID
+mv /opt/Setup/Scripts/AddOne.sh /opt/AddVouchInstance.sh

CT-Files/vouchproxy/Templates/Vouch-Config

@@ -0,0 +1,8 @@
+# vouch config
+# Bare minimum to get vouch running on another port
+
+vouch:
+  # logLevel: debug
+  logLevel: info
+  port: 909VID
+# Insert further config here

CT-Files/vouchproxy/Templates/Vouch-Service

@@ -0,0 +1,23 @@
+#!/sbin/openrc-run
+
+: ${command_user:="vouch"}
+: ${command_group:="vouch"}
+: ${cfgfile:="/etc/vouch-proxyVID/config.yml"}
+
+name="Vouch Proxy VID"
+command="/usr/sbin/vouch-proxy"
+command_background="yes"
+pidfile="/run/vouch-proxy/$RC_SVCNAME.pid"
+start_stop_daemon_args="--user $command_user --group $command_group -1 /var/log/vouch-proxy/vouch-proxyVID.log"
+required_files="$cfgfile"
+export VOUCH_ROOT="/usr/share/webapps/vouch-proxyVID"
+
+depend() {
+	use net
+	after firewall
+}
+
+start_pre() {
+	checkpath -d -m 0755 -o $command_user:$command_group ${pidfile%/*}
+	checkpath -d -m 0755 -o $command_user:$command_group /var/log/vouch-proxy
+}

Readme.md

@@ -34,6 +34,7 @@ This can be done on a Minimal debian CT (make sure to enable nesting) on the new
 | x2go | Debian | Remote xfce desktop accessable via X2go | 
 | aptcacherng | Debian | Caching server for linux packages |
 | nfs | Debian | NFS server |
+| duplicati | Debian | Duplicati backup software |
 | gitea | Alpine | Gitea server |
 | nginx | Alpine | Nginx server for reverse-proxy use |
 | ddns | Alpine | DDNS client configured for OVH/OVH-Cloud |
@@ -47,6 +48,7 @@ This can be done on a Minimal debian CT (make sure to enable nesting) on the new
 | hass | Alpine | HomeAssistant instance with HACS and mysql support |
 | mailbackup | Alpine | Contains mail archive tools (MailBackup-sys) |
 | heimdall | Alpine | Heimdall, A application dashboard/launcher  | 
+| vouchproxy | Alpine | Vouch-proxy, A SSO solution for Nginx  | 
 
 ## TODO
 **Begin original list**
@@ -227,10 +229,20 @@ lxc.mount.entry: /dev/ttyACM-Zwave dev/ttyACM-Zwave none bind,optional,create=fi
 * Webmin available on http://`<ip/hostname>`
 * NFS server Available
 
+## duplicati
+* Available on http://`<ip>`:8200
+
 ## mailbackup
 * Info html page available on http://`<ip>`:80
 * Add user/storage space by running `ash /opt/AddMailBox.sh`
 
+## heimdall
+* available on http://`<ip>`:80
+
+## vouchproxy
+* Default port 9090
+* A script to setup another instance is located here: `/opt/AddVouchInstance.sh`
+
 ## elkarbackup
 1. Edit the parameters in the FistRun script in the container  `vi /opt/Setup/Scripts/FirstRun.sh`
 2. Run the FistRun script  in the container `ash /opt/Setup/Scripts/FirstRun.sh`
@@ -260,6 +272,10 @@ exit
 ```
 lvcreate --name <name> --size <VolumeSize>G <PoolName>
 ```
+* Create LVM-Thin Volume
+```
+lvcreate  --thin -n <name> -V <VolumeSize>G <poolName>/<ThinpoolName>
+```
 * Create ZFS Volume (Available @ /dev/`<poolName>`/`<VolumeName>`)
 ```
 zfs create -o volblocksize=32k -V <VolumeSize>G <poolName>/<VolumeName>

Scripts/GetExternalResources.sh

@@ -51,3 +51,10 @@ GetResource elkarbackupDEB rsnapshot.deb http://ftp.debian.org/debian/pool/main/
 
 GetGithubRelease elkarbackupALP elkarbackup elkarbackup/elkarbackup Elkarbackup-installed
 GetResource elkarbackupALP elkb.tar.gz https://github.com/elkarbackup/elkarbackup/archive/refs/tags/$elkarbackupVer.tar.gz -o /tmp/
+
+##Duplicate get latest (non working version)
+#duplicatiVer=$(curl -s https://api.github.com/repos/duplicati/duplicati/releases | grep 'tag_name.*' |  grep 'beta' | cut -d : -f 2,3 | tr -d \" |tr -d , |tr -d " " |head -n 1)
+##Duplicati get older version (Tested working)
+duplicatiVer="v2.0.5.1-2.0.5.1_beta_2020-01-18"
+echo $duplicatiVer > "CT-Files/duplicati/duplicati-installed"
+GetResource duplicati duplicati.zip $(curl -s https://api.github.com/repos/duplicati/duplicati/releases/tags/"$duplicatiVer" | grep browser_download_url | grep .zip |grep -v signatures | sed -e s#^.*https#https# | tr -d \")