diff --git a/Linux/BashRC b/Linux/Config-Examples/BashRC similarity index 100% rename from Linux/BashRC rename to Linux/Config-Examples/BashRC diff --git a/Linux/Nginx-Core_CMS-Config b/Linux/Config-Examples/Nginx-Core_CMS-Config similarity index 100% rename from Linux/Nginx-Core_CMS-Config rename to Linux/Config-Examples/Nginx-Core_CMS-Config diff --git a/Linux/Docs/HowTo-ISO-Repack.md b/Linux/Docs/HowTo-ISO-Repack.md new file mode 100644 index 0000000..70d8dce --- /dev/null +++ b/Linux/Docs/HowTo-ISO-Repack.md @@ -0,0 +1,35 @@ +# Repack linux ISO + +Commands expect to be in a root shell + +## Install needed tools +mkisofs xorriso isohybrid + +## Editing ISO image + +Create workspace +`mkdir /tmp/custom_iso` +Mount image and extract it since it is read only +``` +mount -t iso9660 -o loop ~/original.iso /mnt/` +tar cf - /mnt/. | (cd /tmp/custom_iso; tar xfp -) +``` +You can now modify the files for editing the bootloader config for example! + +## Back into an iso + +### Legacy only +Rebuild iso with mkisofs +`mkisofs -o output.iso -b syslinux/isolinux.bin -c syslinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -J -R -V "Custom ISO" /tmp/custom_iso` +Bless it with isohybrid +`isohybrid output.iso` + +### EFI and Legacy +Rebuild iso with mkisofs +`mkisofs -o output.iso -b syslinux/isolinux.bin -J -R -l -c syslinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -eltorito-alt-boot -e boot/grub/efi.img -no-emul-boot -graft-points -V "Custom ISO" /tmp/custom_iso` +Bless it with isohybrid +`isohybrid --uefi output.iso` + +### Sources +https://gist.github.com/AkdM/2cd3766236582ed0263920d42c359e0f +https://tuxfixer.com/mount-modify-edit-repack-create-uefi-iso-including-kickstart-file/ \ No newline at end of file diff --git a/Linux/Docs/HowTo-InfoAtLoginPromt.md b/Linux/Docs/HowTo-InfoAtLoginPromt.md new file mode 100644 index 0000000..02532fe --- /dev/null +++ b/Linux/Docs/HowTo-InfoAtLoginPromt.md @@ -0,0 +1,8 @@ +***IP address on host promts (add to /etc/issue)*** +``` +: \4{} +``` +***IP address on motd (add to .bashrc)*** +``` +echo "IP: $(ip -o -4 addr list "" | awk '{print $4}' | cut -d/ -f1)" +``` \ No newline at end of file diff --git a/Linux/Docs/HowTo-Migrate-SecureBootKey.md b/Linux/Docs/HowTo-Migrate-SecureBootKey.md new file mode 100644 index 0000000..0d38b36 --- /dev/null +++ b/Linux/Docs/HowTo-Migrate-SecureBootKey.md @@ -0,0 +1,37 @@ +# Migrate Secureboot key +## Export Ubuntu +Copy following files +* Private Key: /var/lib/shim-signed/mok/MOK.priv +* Public Key: /var/lib/shim-signed/mok/MOK.der + +## Export Fedora +Copy following files +* Symlink to Private Key: /etc/pki/akmods/private/private_key.priv +* Symlink to Public Key: /etc/pki/akmods/certs/private_key.priv + +## Import Ubuntu +Using source.priv and source.der files in current directory to import +``` +cp source.priv /var/lib/shim-signed/mok/MOK.priv +cp source.der /var/lib/shim-signed/mok/MOK.der +``` + +## Import Fedora +Using source.priv and source.der files in current directory to import +``` +dnf install akmods kmodtool + +KEYNAME="$(hostname)"-"$(od -vAn -N4 -tu4 < /dev/urandom | awk '{print $1}')" + +cp source.der /etc/pki/akmods/certs/${KEYNAME}.der +cp source.priv /etc/pki/akmods/private/${KEYNAME}.priv + +chgrp akmods /etc/pki/akmods/certs/${KEYNAME}.* +chgrp akmods /etc/pki/akmods/private/${KEYNAME}.* + +chmod g+r /etc/pki/akmods/certs/${KEYNAME}.* +chmod g+r /etc/pki/akmods/private/${KEYNAME}.* + +ln -nsf /etc/pki/akmods/certs/${KEYNAME}.der /etc/pki/akmods/certs/public_key.der +ln -nsf /etc/pki/akmods/private/${KEYNAME}.priv /etc/pki/akmods/private/private_key.priv +``` \ No newline at end of file diff --git a/Linux/Docs/HowTo-Multicore Gzip.md b/Linux/Docs/HowTo-Multicore Gzip.md new file mode 100644 index 0000000..9ceb72f --- /dev/null +++ b/Linux/Docs/HowTo-Multicore Gzip.md @@ -0,0 +1,13 @@ +## Install +``` +apt install pigz +``` +## Compress +``` +tar cf - [inputdir] | pigz -[compression level (0 = none, 1 = minimal, 9 = maximum)] -p[cores] > [output.tar.gz] +``` +## Extract +``` +unpigz < [input.tar.gz] | (cd [extract location] && tar xvf -) +``` + diff --git a/Linux/Docs/HowTo-NginxArgToRev.md b/Linux/Docs/HowTo-NginxArgToRev.md new file mode 100644 index 0000000..40d583e --- /dev/null +++ b/Linux/Docs/HowTo-NginxArgToRev.md @@ -0,0 +1,18 @@ +#### Input: dom.ain/UrLocation/?set=123 + + + +#### Nginx Conf + +###### Required when directing to domain +``` +resolver 1.1.1.1 [::1]:5353 valid=30s; +``` + + +``` +location /UrLocation { + proxy_pass https://other.domain/json.htm?type=command&&switchcmd=Set%20Level&level=$arg_set; +} +``` +#### result: https://other.domain/json.htm?type=command&&switchcmd=Set%20Level&level=123 \ No newline at end of file diff --git a/Linux/Docs/HowTo-SSH-Tunnels.md b/Linux/Docs/HowTo-SSH-Tunnels.md new file mode 100644 index 0000000..bd1c0ac --- /dev/null +++ b/Linux/Docs/HowTo-SSH-Tunnels.md @@ -0,0 +1,42 @@ +## SSH SOCSK (ProxyTunnel) +#### Command +`ssh -C -D @` + +* -C : enables compression +* -D : specifies Socks proxyport + +### Firefox +1. go to Edit -> Preferences -> Advanced -> Network -> Connection -> Settings... +2. check "Manual proxy configuration" +3. make sure "Use this proxy server for all protocols" is cleared +4. clear "HTTP Proxy", "SSL Proxy", "FTP Proxy", and "Gopher Proxy" fields +5. enter "127.0.0.1" for "SOCKS Host" +6. enter "1080" (or whatever port you chose) for Port. + +## SSH Remote forward (makes local port apear on remote machine) + +#### Port to be internaly binded on remote machine + +`ssh -R :
: @` + +#### Port to be binded to remote machine + +`ssh -g -R *::
: @` + +* -R : Remote forward +* -N : Do not execute a remote command +* -g : forward to remote network + +### SSHD config (on remote where ports are forwarded to) +* GatewayPorts no : only allows the remote system to connect +* GatewayPorts yes: allows the remote network to connect to the forwarded port +* GatewayPorts clientspecified : allows the remote network to connect to the forwarded port when -g switch is used + + +## SSH Local forward (makes remote port apear on local machine) + +#### Remote port to be binded on local machine + +`ssh -L :
: @` + +* -L : Local forward \ No newline at end of file diff --git a/Linux/SetupDkimPostfix.md b/Linux/Docs/Setup-DkimPostfix.md similarity index 100% rename from Linux/SetupDkimPostfix.md rename to Linux/Docs/Setup-DkimPostfix.md diff --git a/Linux/Docs/Setup-apt-cacher-ng.md b/Linux/Docs/Setup-apt-cacher-ng.md new file mode 100644 index 0000000..e1f21c3 --- /dev/null +++ b/Linux/Docs/Setup-apt-cacher-ng.md @@ -0,0 +1,32 @@ +##OUTDATED## +# apt-cacher-ng +Default port 3142 +## Deb(ubuntu/debian) repos work out of the box server sided +### client +`echo 'Acquire::http::Proxy "http://:";' > /etc/apt/apt.conf.d/01proxy` + +## For Centos are modifications needed +### Server +`curl https://www.centos.org/download/full-mirrorlist.csv | sed 's/^.*"http:/http:/' | sed 's/".*$//' | grep ^http >/etc/apt-cacher-ng/centos_mirrors` + +SSL Passthrough +#### /etc/apt-cacher-ng/acng.conf +``` +VfilePatternEx: ^/\?release=[0-9]+&arch= +VfilePatternEx: ^(/\?release=[0-9]+&arch=.*|.*/RPM-GPG-KEY-.*|/metalink\?repo=epel\$ +VfilePatternEx = (^|.*/)repodata/.*\.(yaml|yml)(\.gz|\.bz2|\.lzma|\.xz)?$ +Remap-centos: file:centos_mirrors /centos + +#PassThroughPattern: .* # this would allow CONNECT to everything + +``` + +### Client (installer) +use http://mirror.centos.org/centos/8/BaseOS/x86_64/os/ as repo and set proxy to : + +### Client (DNF) +make sure to set repos to use base url +add folowing to /etc/dnf/dnf.conf +``` +proxy=http://: +``` \ No newline at end of file diff --git a/Linux/Docs/Setup-autoupdate-gitea.md b/Linux/Docs/Setup-autoupdate-gitea.md new file mode 100644 index 0000000..78c6af8 --- /dev/null +++ b/Linux/Docs/Setup-autoupdate-gitea.md @@ -0,0 +1,52 @@ +# gitea update tool +Tool from `https://github.com/CMiksche/gitea-auto-update` +or get local from `https://git.bprieshof.nl/Tools/gitea-auto-update` + +requires python 3.7+ + +# Install tool +## ubuntu 18.04 +``` +add-apt-repository ppa:deadsnakes/ppa +apt install python3.7 python3-pip + +python3.8 -m pip install gitea-auto-update +``` +##debian 10,ubuntu 20.04 +``` +apt install python3-pip -y +pip3 install gitea-auto-update +``` + +# Configuring +### all os's +Add the following to `/etc/gitea/auto-update.ini` +``` +[Gitea] +site=http://localhost:3000/api/v1/version +apiUrl=https://api.github.com/repos/go-gitea/gitea/releases/latest +system=linux-amd64 +file=/usr/local/bin/gitea +tmpDir=/tmp/ +buildFromSource= +sourceDir= +logFile=/var/log/gitupdate.log +``` + + + +## Cron job +### ubuntu 18.04 +Add the following to `/etc/crontab` +``` +0 5 * * 7 root /usr/bin/python3.8 /usr/local/bin/gitea-auto-update --settings=/etc/gitea/auto-update.ini +``` +### debian 10,ubuntu 20.04 +Add the following to `/etc/crontab` +``` +0 5 * * 7 root /usr/local/bin/gitea-auto-update --settings=/etc/gitea/auto-update.ini +``` +# Run manual update` +``` +gitea-auto-update --settings=/etc/gitea/auto-update.ini +``` \ No newline at end of file diff --git a/Linux/Docs/Setup-debian10-LXC.md b/Linux/Docs/Setup-debian10-LXC.md new file mode 100644 index 0000000..585b8c6 --- /dev/null +++ b/Linux/Docs/Setup-debian10-LXC.md @@ -0,0 +1,74 @@ +# Setup LXC on debian 10 + +Install packages and add unprivileged user +``` +apt install lxc libvirt0 libpam-cgfs bridge-utils uidmap +useradd lxcuser +cat /etc/s*id|grep lxcuser +``` + +Put the following in /etc/default/lxc-net +``` +USE_LXC_BRIDGE="true" +``` + +Put the following in /etc/lxc/default.conf +``` +lxc.idmap = u 0 +lxc.idmap = g 0 +lxc.mount.auto = proc:mixed sys:ro cgroup:mixed +lxc.apparmor.profile = unconfined +lxc.apparmor.allow_nesting = 1 +lxc.net.0.type = veth +lxc.net.0.link = lxcbr0 +lxc.net.0.flags = up +lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx +``` + +Give root acces to unprivileged user space +``` +echo "root::" >> /etc/subuid +echo "root::" >> /etc/subgid +``` + +Enable and start lxc network service +``` +systemctl enable --now lxc-net +``` +enable unprivileged user namespaces for kernels < 5.10 +``` +echo kernel.unprivileged_userns_clone=1 >> /etc/sysctl.conf +sysctl -p +``` + + +# Extra config KB +* Create Container `lxc-create -t download -n -- -d debian -r buster -a amd64` +* Container config `/var/lib/lxc//config` +* add to Container config to start on boot `lxc.start.auto = 1` +* add to Container config for static ip +``` +lxc.net.0.ipv4.address = 10.0.3./24 +lxc.net.0.ipv4.gateway = 10.0.3.1 +``` + + +# UFW forwarding + +also dont forget to add the extenal port as allow rule +add to /etc/ufw/before.rules + +to begin of file before *filter +``` +*nat +:PREROUTING ACCEPT [0:0] +-A PREROUTING -i enp0s3 -p tcp --dport -j DNAT --to : +COMMIT +``` + +to end of file before last COMMIT +``` +#LXC forwards +-A FORWARD -o lxcbr0 -j ACCEPT +-A FORWARD -i lxcbr0 -j ACCEPT +``` diff --git a/Linux/Docs/Setup-smokeping.md b/Linux/Docs/Setup-smokeping.md new file mode 100644 index 0000000..35f908a --- /dev/null +++ b/Linux/Docs/Setup-smokeping.md @@ -0,0 +1,221 @@ +# Setup Smokeping +Intructions for setting up SmokePing on Alpine Linux + +## Main(Master) +Needed packages: smokeping lighttpd + +make sure to empty the remote secret file (/etc/smokeping/smokeping_secrets), +you also need to correct the permissions `chown smokeping:smokeping /etc/smokeping/smokeping_secrets` + +Lighttpd (/etc/lighttpd/lighttpd.conf) +``` +# {{{ modules +server.modules = ( +# "mod_accesslog", + "mod_cgi" +) +# }}} + +# {{{ includes +include "mime-types.conf" +# }}} + +# {{{ CGI +cgi.assign = ( +".cgi" => "/usr/bin/perl" +) +# }}} + +# {{{ server settings +server.username = "smokeping" +server.groupname = "smokeping" +server.document-root = "/usr/share/webapps/smokeping" +server.pid-file = "/run/lighttpd.pid" +server.errorlog-use-syslog = "enable" +server.indexfiles = ("smokeping.cgi") +server.follow-symlink = "enable" +static-file.exclude-extensions = (".cgi") +# }}} + +# {{{ mod_accesslog +#accesslog.filename = "/var/log/lighttpd-access.log" +# }}} + +# vim: set ft=conf foldmethod=marker et : +``` + +Smokeping config (/etc/smokeping/config) +``` +*** General *** + +owner = MaintainerName +contact = some@address.nowhere +mailhost = my.mail.host +sendmail = /usr/sbin/sendmail +imgcache = /var/lib/smokeping/.simg +imgurl = img +datadir = /var/lib/smokeping +piddir = /var/run/smokeping +cgiurl = http://some.url/smokeping.cgi +tmail = /etc/smokeping/tmail +smokemail = /etc/smokeping/smokemail +syslogfacility = local0 + +#Use to overwrite system hostname +#display_name = HostName + +*** Database *** + +step = 300 +pings = 20 + +# consfn mrhb steps total + +AVERAGE 0.5 1 1008 +AVERAGE 0.5 12 4320 + MIN 0.5 12 4320 + MAX 0.5 12 4320 +AVERAGE 0.5 144 720 + MAX 0.5 144 720 + MIN 0.5 144 720 + +*** Presentation *** + +template = /etc/smokeping/basepage.html +htmltitle = yes +graphborders = no + ++ charts + +menu = Charts +title = The most interesting destinations + +++ stddev +sorter = StdDev(entries=>4) +title = Top Standard Deviation +menu = Std Deviation +format = Standard Deviation %f + +++ max +sorter = Max(entries=>5) +title = Top Max Roundtrip Time +menu = by Max +format = Max Roundtrip Time %f seconds + +++ loss +sorter = Loss(entries=>5) +title = Top Packet Loss +menu = Loss +format = Packets Lost %f + +++ median +sorter = Median(entries=>5) +title = Top Median Roundtrip Time +menu = by Median +format = Median RTT %f seconds + ++ overview + +width = 600 +height = 50 +range = 10h + ++ detail + +width = 600 +height = 200 +unison_tolerance = 2 + +"Last hour" 1h +"Last day" 24h +"Last week" 7d +"Last month" 30d +"Last year" 365d + + +*** Probes *** + ++FPing +binary = /usr/sbin/fping +step = 60 + +*** Slaves *** +secrets=/etc/smokeping/smokeping_secrets + + +*** Targets *** + +probe = FPing + +menu = Top +title = Network Latency Grapher +remark = Welcome to SmokePing. + ++ Internet +menu = Internet +title = Hosts on the internet + +++ cloudflare +#slaves = +host = 1.1.1.1 + +++ google +#slaves = +host = 8.8.8.8 + +``` + +Start and Enable services on boot `service smokeping start && service lighttpd start && rc-update add smokeping default && rc-update add lighttpd default` + +## Remote(Slave) + +### On Main +Add the name and a secret in in the secrets file`/etc/smokeping/smokeping_secrets` using the following format (one per line) `remotehostname:Secret` +Add the host to the slaves section using the following example: +``` ++remotehostname +display_name=Remote-Hostname +color=00ffff +``` +Add the host to the `slaves` section of the targets (should be seperated with a space) +Last step on main is to restart smokeping `service smokeping restart` + +### On Remote +Needed packages: smokeping + +Put a secret in `/etc/smokeping/secret.txt` +set its permissions `chown smokeping:smokeping /etc/smokeping/secret.txt && chmod 600 /etc/smokeping/secret.txt` + +Service file(/etc/init.d/smokeping-remote) +``` +#!/sbin/openrc-run +HostName=host1 +MainURL="http:///smokeping.cgi" + +depend() { + need net +} + +start() { + checkpath --directory --owner smokeping:smokeping /var/run/smokeping + + ebegin "Starting smokeping remote" + LC_ALL=C \ + start-stop-daemon --start --name smokeping \ + --pidfile /var/run/smokeping/smokeping.pid \ + --exec /usr/bin/smokeping \ + --user smokeping:smokeping \ + -- --master-url=$MainURL --cache-dir=/var/lib/smokeping --pid-dir=/var/run/smokeping --shared-secret=/etc/smokeping/secret.txt --slave-name=$HostName + eend $? +} + +stop() { + ebegin "Stopping smokeping Remote" + start-stop-daemon --stop \ + --pidfile /var/run/smokeping/smokeping.pid + eend $? +} +``` +Set permissions service file `chmod +x /etc/init.d/smokeping-remote` +Start and Enable service on boot `service smokeping-remote start && rc-update add smokeping-remote default` +Add to Root cron tab to auto reload after crash (/etc/crontabs/root) `echo '* * * * * openrc --no-stop' >> /etc/crontabs/root` diff --git a/Linux/Docs/rffmpeg/README.md b/Linux/Docs/rffmpeg/README.md new file mode 100644 index 0000000..cc2d628 --- /dev/null +++ b/Linux/Docs/rffmpeg/README.md @@ -0,0 +1,2 @@ +This Guide uses NFS for saring the Transcode tmp folder +This tool expects the media folder(s) to be mounted/located at same location as Primary(Jellyfin) server \ No newline at end of file diff --git a/Linux/Docs/rffmpeg/Setup-Primary.md b/Linux/Docs/rffmpeg/Setup-Primary.md new file mode 100644 index 0000000..2f1cea5 --- /dev/null +++ b/Linux/Docs/rffmpeg/Setup-Primary.md @@ -0,0 +1,78 @@ +## Prerequisites: +* A running jellyfin server on the Primary + +## Step 1: Configuring Jellyfin and preparing the server + +### Transcode temp folder +#### Sharing the the local trancode folder +Make the new trancode folder +``` +mkdir /var/lib/jellyfin/transcoding-temp +``` +NFS is the recomend way of sharing this folder, but SMB/CIFS shoud also work +``` +apt -y install nfs-kernel-server +echo '/var/lib/jellyfin/transcoding-temp /24(rw,sync,no_subtree_check)' >> /etc/exports +systemctl restart nfs-kernel-server +``` +Set the following setting in jellyfin "Transcode path" in the Playback settings to "/var/lib/jellyfin/transcoding-temp" + +#### Useing a existing remote share trancode folder +Make sure the folder is mounted at"/var/lib/jellyfin/transcoding-temp" +Set the following setting in jellyfin "Transcode path" in the Playback settings to "/var/lib/jellyfin/transcoding-temp" + +### Jellyfin user +Generating sshkey pair without password +``` +sudo -u jellyfin mkdir -p /var/lib/jellyfin/.ssh +sudo -u jellyfin ssh-keygen -t rsa -f /var/lib/jellyfin/.ssh/id_rsa +``` +Set the jellyfin user to login as bash in /etc/passwd + +## Step 2: Install slave/render servers + +### Getting info +Run `cat /etc/passwd | grep jellyfin:` to get user info, i will refer to it as `` +Run `cat /etc/group | grep jellyfin:`, to get group info, i will refer to it as `` +Run `cat /var/lib/jellyfin/.ssh/id_rsa.pub` To get ssh-key for sending commands , i will refer to it as `` +Get the ip of the Primary, i will refer to it as `` + +### Installing on the remote slave +Use the info you collected en follow "Slave-install.md" +``` +sudo -u jellyfin ssh -i /var/lib/jellyfin/.ssh/id_rsa jellyfin@ +``` +When connected to the Primary exit the session with the slave server +Repeat these steps for all slave server + +### Adding local system as slave +``` +echo 'ssh-rsa ' | sudo -u jellyfin tee /var/lib/jellyfin/.ssh/authorized_keys +sudo -u jellyfin ssh -i /var/lib/jellyfin/.ssh/id_rsa jellyfin@localhost +``` + +## Step 3: Installing rffmpeg +``` +mkdir /etc/rffmpeg /opt/rffmpeg +wget https://raw.githubusercontent.com/joshuaboniface/rffmpeg/master/rffmpeg.yml.sample -O /etc/rffmpeg/rffmpeg.yml +wget https://raw.githubusercontent.com/joshuaboniface/rffmpeg/master/rffmpeg -O /opt/rffmpeg/rffmpeg.py +ln -s /usr/local/bin/rffmpeg.py /opt/rffmpeg/ffmpeg +ln -s /usr/local/bin/rffmpeg.py /opt/rffmpeg/ffprobe +``` +## Step 3: Configuring rffmpeg +Add to the host section of /etc/rffmpeg/rffmpeg.yml +Example of the section in the config file +``` +remote: + # A YAML list of remote hosts to connect to + hosts: + - 192.168.1.2 + - 192.168.1.3 +``` +if you also want the local system to render add localhost or 127.0.0.1 + + +## Step 4: Set jellyfin to use rffmpeg +Set the following setting in jellyfin "FFmpeg path" in the Playback settings to "/opt/rffmpeg/ffmpeg" + +## Done diff --git a/Linux/Docs/rffmpeg/Setup-Worker.md b/Linux/Docs/rffmpeg/Setup-Worker.md new file mode 100644 index 0000000..902bd45 --- /dev/null +++ b/Linux/Docs/rffmpeg/Setup-Worker.md @@ -0,0 +1,43 @@ +## Prerequisites: +* You set up the Primary following Primary-Install.md and have the information reddy +* A Clean install of ubuntu linux with ssh-server enabled +* The media folder accessible on the same location as the jellyfin server + +## Step 1: Setting up the user +``` +mkdir -p /var/lib/jellyfin/.ssh +echo "" >> /etc/passwd +echo "" >> /etc/group +echo "jellyfin:*:17928:0:99999:7:::" >> /etc/shadow +``` +Reboot the system just to make sure changes are piked up + +``` +echo '' >> /var/lib/jellyfin/.ssh/authorized_keys +chmod 755 -R /var/lib/jellyfin/ +chown -R jellyfin:jellyfin /var/lib/jellyfin/ +``` + +## Step 2: setting up the Transcode temp folder +if you are not using NFS make sure the folder is mounted to "/var/lib/jellyfin/transcoding-temp" and skip the rest of step 2 + +### Setting up NFS Client +``` +apt install nfs-common -y +mkdir -p /var/lib/jellyfin/transcoding-temp +chmod 777 /var/lib/jellyfin/transcoding-temp +echo ':/var/lib/jellyfin/transcoding-temp /var/lib/jellyfin/transcoding-temp nfs defaults,vers=3,sync 0 0' >> /etc/fstab +sudo mount -a +``` + +## Step 3: Install the jellyfin version of ffmpeg +``` +apt install apt-transport-https -y +add-apt-repository universe -y +wget -O - https://repo.jellyfin.org/ubuntu/jellyfin_team.gpg.key | sudo apt-key add - +echo "deb [arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/ubuntu $( lsb_release -c -s ) main" >> /etc/apt/sources.list.d/jellyfin.list +apt update +apt install jellyfin-ffmpeg -y +``` +## Done +Continue reading "Primary-Install.md" \ No newline at end of file diff --git a/Linux/I-V2/FileContentList.sh b/Linux/I-V2/FileContentList.sh index db1833e..7740a4e 100644 --- a/Linux/I-V2/FileContentList.sh +++ b/Linux/I-V2/FileContentList.sh @@ -1,8 +1,8 @@ #### preconf.sh #### -mrepo=https://git.ictmaatwerk.com/VPS-scripts/MySQL -mbranch=master +mrepo=https://git.bprieshof.nl/Work_Archive/VPS-scripts_MySQL +mbranch=main if [ -z ${password+x} ]; then echo 'Error $password is not set'; fi debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/repo-codename select bionic' @@ -45,8 +45,8 @@ conf.sh #### ###Fetch Config -mrepo=https://git.ictmaatwerk.com/VPS-scripts/MySQL -mbranch=master +mrepo=https://git.bprieshof.nl/Work_Archive/VPS-scripts_MySQL +mbranch=main if [ -z ${PHPMyadmin+x} ]; then echo 'Error $PHPMyadmin is not set'; fi #check if Var is set if [ -z ${phpmyadminver+x} ]; then echo 'Error $phpmyadminver is not set'; fi #check if Var is set diff --git a/Linux/I-V2/apt-Whiptail.sh b/Linux/I-V2/apt-Whiptail.sh new file mode 100644 index 0000000..80393ed --- /dev/null +++ b/Linux/I-V2/apt-Whiptail.sh @@ -0,0 +1,5 @@ +#/bin/bash +## Setup Alias for using whiptail as progress indicator for apt +PKGM="debconf-apt-progress -- apt" #enable progresbar +PKGI="${PKGM} install -y" #Setting single install var +PKGA="debconf-apt-progress -- add-apt-repository" \ No newline at end of file diff --git a/Linux/Proxmox/Proxmox-ARM_CT.md b/Linux/Proxmox/Proxmox-ARM_CT.md new file mode 100644 index 0000000..2922831 --- /dev/null +++ b/Linux/Proxmox/Proxmox-ARM_CT.md @@ -0,0 +1,16 @@ +Install `qemu-user-static` on the proxmox host +Add an `armhf` or `arm64(aarch64)` image to the proxmox image store +Use this image to create a container + + +## Image links +Always download `rootfs.tar.xz` +(Distro releases current as of 20-10-2021) +### armhf +* Alpine https://uk.images.linuxcontainers.org/images/alpine/3.14/armhf/default/ +* Debian https://uk.images.linuxcontainers.org/images/debian/bullseye/armhf/default/ +* Ubuntu https://uk.images.linuxcontainers.org/images/ubuntu/focal/armhf/default/ +### arm64 +* Alpine https://uk.images.linuxcontainers.org/images/alpine/3.14/arm64/default/ +* Debian https://uk.images.linuxcontainers.org/images/debian/bullseye/arm64/default/ +* Ubuntu https://uk.images.linuxcontainers.org/images/ubuntu/focal/arm64/default/ \ No newline at end of file diff --git a/Linux/Proxmox/Proxmox-SMTPMail.sh b/Linux/Proxmox/Proxmox-SMTPMail.sh new file mode 100644 index 0000000..e8aa1e3 --- /dev/null +++ b/Linux/Proxmox/Proxmox-SMTPMail.sh @@ -0,0 +1,34 @@ +#Proxmox Use SMTP to send mail +#Vars +MailFromName=$(hostname) +MailFormAddress=noreply@domain.com +MailFromServer=mail.provider.com +MailFromServerPort=465 +MailFromPasswd= +MailTo=administrator@domain.com + +#install dependencies +apt install libsasl2-modules -y + +#Generating Configs +echo "[$MailFromServer]:$MailFromServerPort $MailFormAddress:$MailFromPasswd" > /etc/postfix/sasl_passwd +echo "/.+/ $MailFromName<$MailFormAddress>" > /etc/postfix/sender_canonical_maps +echo "/From:.*/ REPLACE From: $MailFromName<$MailFormAddress>" > /etc/postfix/header_check +sed -i '/relayhost/c\' /etc/postfix/main.cf +cat << EOF >> /etc/postfix/main.cf +#Custom PostfixSMTP config +relayhost = [$MailFromServer]:$MailFromServerPort +smtp_tls_wrappermode = yes +smtp_tls_security_level = encrypt +smtp_use_tls = yes +smtp_sasl_auth_enable = yes +smtp_sasl_security_options = +smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd +smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt +sender_canonical_classes = envelope_sender, header_sender +sender_canonical_maps = regexp:/etc/postfix/sender_canonical_maps +smtp_header_checks = regexp:/etc/postfix/header_check +EOF + +postmap /etc/postfix/sasl_passwd +systemctl restart postfix \ No newline at end of file diff --git a/Linux/Proxmox/update-lxc-Image.sh b/Linux/Proxmox/update-lxc-Image.sh new file mode 100644 index 0000000..a202405 --- /dev/null +++ b/Linux/Proxmox/update-lxc-Image.sh @@ -0,0 +1,23 @@ +curl https://uk.images.linuxcontainers.org/ | awk -F "|" '/<\/*t[rd]>.*/ {print $3, $5, $7, $9, $11}' > /tmp/updatetimestapmps + +#Debian 10 (Buster) +dbts=$(cat /tmp/updatetimestapmps | grep debian |grep buster |grep cloud| grep amd64 | awk '{ print $5 }') +wget https://uk.images.linuxcontainers.org/images/debian/buster/amd64/cloud/"$dbts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyDebianBuster.tar.xz + +#Ubuntu (Bionic Beaver) +ubts=$(cat /tmp/updatetimestapmps | grep ubuntu |grep bionic |grep cloud| grep amd64 | awk '{ print $5 }') +wget https://uk.images.linuxcontainers.org/images/ubuntu/bionic/amd64/cloud/"$ubts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyUbuntuBionicBeaver.tar.xz + +#Ubuntu 20.04 (FocalFossa) +ufts=$(cat /tmp/updatetimestapmps | grep ubuntu |grep focal |grep cloud| grep amd64 | awk '{ print $5 }') +wget https://uk.images.linuxcontainers.org/images/ubuntu/focal/amd64/cloud/"$ufts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyUbuntuFocalFossa.tar.xz + +#Centos 8 +c8ts=$(cat /tmp/updatetimestapmps | grep "centos 8" | grep -v '8-Stream' |grep cloud| grep amd64 | awk '{ print $5 }') +wget https://uk.images.linuxcontainers.org/images/centos/8/amd64/cloud/"$c8ts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyCentos8.tar.xz + +#Alpine 3.12 +alpine312=$(cat /tmp/updatetimestapmps | grep "alpine" | grep '3.12' |grep default| grep amd64 | awk '{ print $5 }') +wget https://uk.images.linuxcontainers.org/images/alpine/3.12/amd64/default/"$alpine312"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyAlpine3.12.tar.xz + +rm /tmp/updatetimestapmps \ No newline at end of file diff --git a/Linux/README.md b/Linux/README.md index 3a71fbb..e73b439 100644 --- a/Linux/README.md +++ b/Linux/README.md @@ -1,2 +1,4 @@ -# Priv-Snip +# Linux Snipits + +Meged old linux snipit repo[https://git.bprieshof.nl/brammp/linux] \ No newline at end of file diff --git a/Linux/Lag_Selectord.sh b/Linux/Script-examples/CLI_Selector.sh similarity index 100% rename from Linux/Lag_Selectord.sh rename to Linux/Script-examples/CLI_Selector.sh diff --git a/Linux/Script-examples/DBUG-output.sh b/Linux/Script-examples/DBUG-output.sh new file mode 100644 index 0000000..43b9c2d --- /dev/null +++ b/Linux/Script-examples/DBUG-output.sh @@ -0,0 +1,15 @@ +# Set debug flag as desired +DEBUG=1 +# DEBUG=0 + +if [ "$DEBUG" -eq "1" ]; then + OUT='/dev/tty' +else + OUT='/dev/null' +fi + +# actual script use commands like this +command > $OUT 2>&1 + +# or like this if you need +command 2> $OUT \ No newline at end of file diff --git a/Linux/Script-examples/Options-AsVar_whiptail.sh b/Linux/Script-examples/Options-AsVar_whiptail.sh new file mode 100644 index 0000000..cec8745 --- /dev/null +++ b/Linux/Script-examples/Options-AsVar_whiptail.sh @@ -0,0 +1,4 @@ +args=("Option 1:" "Option 1 Desription" OFF) +args+=("Option 2: " "Option 2 Desription" OFF) +args+=("Option 3: " "Option 3 Desription" OFF) +option=$(whiptail --nocancel --title "Title" --checklist "Features" 11 110 5 "${args[@]}" 3>&1 1>&2 2>&3) diff --git a/Linux/PasswordQuest.sh b/Linux/Script-examples/PasswordQuest.sh similarity index 100% rename from Linux/PasswordQuest.sh rename to Linux/Script-examples/PasswordQuest.sh diff --git a/Linux/Script-examples/VarModifiers.sh b/Linux/Script-examples/VarModifiers.sh new file mode 100644 index 0000000..2fba4a1 --- /dev/null +++ b/Linux/Script-examples/VarModifiers.sh @@ -0,0 +1,6 @@ +option="${option// /}" #Removes Spaces +option="${option/:/ }" #First : to Space +option="${option//:/ }" #All : to Space +option="${option//:}" #Removes : +option="${option,,}" #Removes LowerCase +option="${option//'"'}" #Removes " \ No newline at end of file diff --git a/Linux/Script-examples/bash-script-Flag.sh b/Linux/Script-examples/bash-script-Flag.sh new file mode 100644 index 0000000..6687a59 --- /dev/null +++ b/Linux/Script-examples/bash-script-Flag.sh @@ -0,0 +1,17 @@ +if [ "$1" != "-l" ]; then + echo "Normal mode" + IMODE=n + fi + +if [ "$1" = "-l" ]; then + echo "Legacy mode"; + IMODE=l +fi + + + +if [ $IMODE = n ]; then + echo "New Menu" +elif [ $IMODE = l ]; then + echo "Legacy Menu" +fi diff --git a/Linux/Script-examples/curl-Functions-authchecker.md b/Linux/Script-examples/curl-Functions-authchecker.md new file mode 100644 index 0000000..1d8766e --- /dev/null +++ b/Linux/Script-examples/curl-Functions-authchecker.md @@ -0,0 +1,73 @@ +# Authchecker functions for curl +## curl keeps asking for password until correct, and downloads file + +``` +function getcurlsec { + +local curlurl="$1" +local curluser="$2" +local curloutput="$3" + +while true; do + curl --fail --user "$curluser" "$curlurl" -o "$curloutput" + local EC=$? + if [ $EC -eq 0 ]; then + break + fi +done + +} +``` + +Syntax: `getcurlsec ` + + +## curl downloads file using given credentials + +``` +function getcurlsecwpassword { + +local curlurl="$1" +local curluser="$2" +local curlpassword="$3" +local curloutput="$4" + curl --fail --user "$curluser":"$curlpassword" "$curlurl" -o "$curloutput" + local EC=$? + if [ $EC -eq 0 ]; then + echo "Password correct" + else + echo "Password incorrect" + fi +} +``` + +Syntax: `getcurlsecwpassword ` + + +## curl keeps asking for password until correct, and stores username and password as var + +``` +function checkusercurl { + +local curlurl="$1" +curluser="$2" + +while true; do + read -s -p "Enter password for user $curluser: " curlpassword + echo ""; + curl -s --fail --user "$curluser":"$curlpassword" "$curlurl" -o /dev/null + local EC=$? + if [ $EC -eq 0 ]; then + echo "Password correct" + break + fi + echo "Incorrect password" + unset curlpassword +done + +} +``` + +Syntax: `checkusercurl ` +username wil become var: curluser +password wil become var: $curlpassword \ No newline at end of file diff --git a/Linux/Scripts/Deb11Upgrade_Basic.sh b/Linux/Scripts/Deb11Upgrade_Basic.sh new file mode 100644 index 0000000..5def1ea --- /dev/null +++ b/Linux/Scripts/Deb11Upgrade_Basic.sh @@ -0,0 +1,61 @@ +#!/bin/bash + +##################################################################### +# @description: # +# Debian 10 to Debian 11 upgrade tool for basic debian 10 system # +# # +# @author: Bram Prieshof # +##################################################################### + +#ScriptVars +UpgradeDist=deb11 +InstalledOptions=("${SelectedOptions[@]}" "${EnabledAons[@]}") +Sysup2Date=no + +#OS Detection +dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release") +dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release") + +if [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then + CurDist=deb10 +else + echo "This OS in not eligible for this upgrade" + exit +fi + +#PackageManager-config +PKGM=apt +PKGUC="$PKGM update" +PKGUP="$PKGM upgrade -y" +PKGI="${PKGM} install -y --no-install-recommends" + +#Update current release +if [ $Sysup2Date = no ]; then + echo "The system will now update the packages for the current release" + read -r -s -p $'Press enter to continue, or ctrl+c to quit' + $PKGUC + DEBIAN_FRONTEND=noninteractive $PKGUP -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" + $PKGM dist-upgrade -y + $PKGM clean all + $PKGM autoremove -y + sed -i -e '/Sysup2Date=no/c\Sysup2Date=yes' "$0" + echo "The current release is up to date," + echo "please reboot the system and re-run this scipt to continue" + exit +fi + +echo "The system will now update the repositories to the new release and update all packages" +read -r -s -p $'Press enter to continue, or ctrl+c to quit' + +#Update Debian repo's +sed -i -e 's/buster/bullseye/g' -e 's#http://security.debian.org/debian-security#https://deb.debian.org/debian-security#g' -e 's#http://security.debian.org#https://deb.debian.org/debian-security#g' -e 's#bullseye/updates#bullseye-security#g' /etc/apt/sources.list +#Update Hetzner mirrror repo's +sed -i -e 's/buster/bullseye/g' /etc/apt/sources.list.d/hetzner* -e 's#bullseye/updates#bullseye-security#g' /etc/apt/sources.list.d/hetzner* + +#Running updates +$PKGM update +DEBIAN_FRONTEND=noninteractive $PKGUP --without-new-pkgs -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" +DEBIAN_FRONTEND=noninteractive $PKGM full-upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" +$PKGM autoremove -y + +echo "Upgrade finished, please reboot the system" diff --git a/Linux/GenMultiDomainSelfSignedCert.sh b/Linux/Scripts/GenMultiDomainSelfSignedCert.sh similarity index 100% rename from Linux/GenMultiDomainSelfSignedCert.sh rename to Linux/Scripts/GenMultiDomainSelfSignedCert.sh diff --git a/Linux/Scripts/MicroNas/Centos-MicroNas.sh b/Linux/Scripts/MicroNas/Centos-MicroNas.sh new file mode 100644 index 0000000..55dbf35 --- /dev/null +++ b/Linux/Scripts/MicroNas/Centos-MicroNas.sh @@ -0,0 +1,58 @@ +#ProxmoxCT Note use privileged container with nesting enabled # + +#EPEL Repo +rpm --rebuilddb +dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm +rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8 + +#Webmin repo +cat << 'EOF' >> /etc/yum.repos.d/webmin.repo +[Webmin] +name=Webmin +#baseurl=https://download.webmin.com/download/yum +mirrorlist=https://download.webmin.com/download/yum/mirrorlist +enabled=1 +EOF +rpm --import https://download.webmin.com/jcameron-key.asc + +#Install +dnf --setopt=install_weak_deps=False --best --refresh -y install samba samba-common cronie nfs-utils webmin openssh-server nano nload htop avahi wsdd + +#Webin config +service webmin stop +systemctl start webmin +sed -i -e '/port=/c\port=80' -e 's/ssl=/c\ssl=0/g' -e 's/ipv6=/c\ipv6=0/g' /etc/webmin/miniserv.conf +echo "servers=Services & Tools" >> /etc/webmin/webmin.catnames +cat << 'EOF' >> /etc/webmin/webmin.cats +filter=cluster +exports=servers +filemin=servers +useradmin=servers +mailboxes= +EOF + +#Samba config +sed -i -e '/map to guest =/c\map to guest = never' /etc/samba/smb.conf + +#Avahi config +cat << 'EOF' >> /etc/avahi/services/smb.service + + + + %h + + _smb._tcp + 445 + + + _device-info._tcp + 0 + model=RackMac + + +EOF + +#Restart services +service webmin stop +systemctl enable --now smb nfs-server webmin avahi-daemon wsdd +systemctl restart smb nfs-server webmin avahi-daemon wsdd \ No newline at end of file diff --git a/Linux/Scripts/MicroNas/Debian-MicroNas.sh b/Linux/Scripts/MicroNas/Debian-MicroNas.sh new file mode 100644 index 0000000..bc41302 --- /dev/null +++ b/Linux/Scripts/MicroNas/Debian-MicroNas.sh @@ -0,0 +1,55 @@ +#ProxmoxCT Note use privileged container with nesting enabled # + +#Prerequisite packages +export DEBIAN_FRONTEND=noninteractive +apt install --no-install-recommends wget gnupg2 apt-transport-https -y + +#Webin repo +wget -qO - https://download.webmin.com/jcameron-key.asc | sudo apt-key add - +echo "deb https://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list + +#Wsdd(Web Service Discovery host daemon) repo +wget -O - https://pkg.ltec.ch/public/conf/ltec-ag.gpg.key|apt-key add - +echo "deb https://pkg.ltec.ch/public/ `lsb_release -cs` main" > /etc/apt/sources.list.d/wsdd.list + +#Install +apt update +debconf-set-selections <<<"samba-common samba-common/do_debconf boolean true" +apt install --no-install-recommends samba samba-vfs-modules cron nfs-kernel-server webmin openssh-server nano nload htop avahi-daemon avahi-utils wsdd -y + +#Webmin config +sed -i -e '/port=/c\port=80' -e 's/ssl=/c\ssl=0/g' -e 's/ipv6=/c\ipv6=0/g' /etc/webmin/miniserv.conf +echo "servers=Services & Tools" >> /etc/webmin/webmin.catnames +cat << 'EOF' >> /etc/webmin/webmin.cats +filter=cluster +exports=servers +filemin=servers +useradmin=servers +mailboxes= +EOF + + +#Samba config +sed -i -e '/map to guest =/c\map to guest = never' /etc/samba/smb.conf + +#Avahi config +cat << 'EOF' >> /etc/avahi/services/smb.service + + + + %h + + _smb._tcp + 445 + + + _device-info._tcp + 0 + model=RackMac + + +EOF + +#Restart services +systemctl enable --now smbd nfs-kernel-server webmin avahi-daemon wsdd +systemctl restart smbd nfs-kernel-server webmin avahi-daemon wsdd \ No newline at end of file diff --git a/Linux/Scripts/Mysql-alternate-Repo-Setup-DebUbu.sh b/Linux/Scripts/Mysql-alternate-Repo-Setup-DebUbu.sh new file mode 100644 index 0000000..f41ced2 --- /dev/null +++ b/Linux/Scripts/Mysql-alternate-Repo-Setup-DebUbu.sh @@ -0,0 +1,5 @@ +Dist=$(grep -oP '(?<=^ID=).+' /etc/os-release | tr -d '"') +DistVersion=$(grep -oP '(?<=^VERSION_CODENAME=).+' /etc/os-release | tr -d '"') + +wget -qO - http://repo.mysql.com/RPM-GPG-KEY-mysql | apt-key add - +echo "deb http://repo.mysql.com/apt/"$Dist"/ "$DistVersion" mysql-8.0" >/etc/apt/sources.list.d/mysql.list \ No newline at end of file diff --git a/Linux/Scripts/Ufw-AddCustomRule-SSH_4242.sh b/Linux/Scripts/Ufw-AddCustomRule-SSH_4242.sh new file mode 100644 index 0000000..a45724e --- /dev/null +++ b/Linux/Scripts/Ufw-AddCustomRule-SSH_4242.sh @@ -0,0 +1,39 @@ +############################################################### +# @description: # +# Add Custom rule to UFW for limiting ssh(4242/tcp) # +# # +# @author: Bram Prieshof # +############################################################### + +#Sed in a function to detect line from $FindLine and insert the content of $AddLine on a new line above the match +UpdateFile () { + file="$1" + sed -i 's/'"$FindLine"'/'"$AddLine"'\n&/g' $file + unset FindLine AddLine +} + +#Delete Existng SSH(4242/tcp) rule(s) +ufw delete limit 4242/tcp + +#Add needed filters (IPv4) +FindLine="# End required lines" +AddLine=":ufw-user-limit - [0:0]\n:ufw-user-limit-accept - [0:0]" +UpdateFile /etc/ufw/after.rules + +#Add needed filters (IPv6) +FindLine="# End required lines" +AddLine=":ufw6-user-limit - [0:0]\n:ufw6-user-limit-accept - [0:0]" +UpdateFile /etc/ufw/after6.rules + +#Add custom SSH(4242/tcp) limit rule (IPv4) +FindLine="# don't delete the 'COMMIT' line or these rules won't be processed" +AddLine="### SSH limit tcp\n-A ufw-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --set\n-A ufw-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 15 -j ufw-user-limit\n-A ufw-after-input -p tcp --dport 4242 -j ufw-user-limit-accept\n" +UpdateFile /etc/ufw/after.rules + +#Add custom SSH(4242/tcp) limit rule (IPv6) +FindLine="# don't delete the 'COMMIT' line or these rules won't be processed" +AddLine="### SSH limit tcp\n-A ufw6-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --set\n-A ufw6-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 15 -j ufw6-user-limit\n-A ufw6-after-input -p tcp --dport 4242 -j ufw6-user-limit-accept\n" +UpdateFile /etc/ufw/after6.rules + +#Reload ufw rules +ufw reload diff --git a/Linux/Scripts/Web/kweb.sh b/Linux/Scripts/Web/kweb.sh new file mode 100644 index 0000000..69568cd --- /dev/null +++ b/Linux/Scripts/Web/kweb.sh @@ -0,0 +1,10 @@ +service php-fpm53 stop +service php-fpm54 stop +service php-fpm55 stop +service php-fpm56 stop +service php-fpm70 stop +service php-fpm71 stop +service php-fpm72 stop +service php-fpm73 stop +service httpd stop +service nginx stop \ No newline at end of file diff --git a/Linux/Scripts/Web/rweb.sh b/Linux/Scripts/Web/rweb.sh new file mode 100644 index 0000000..ab46b05 --- /dev/null +++ b/Linux/Scripts/Web/rweb.sh @@ -0,0 +1,10 @@ +service php-fpm53 restart +service php-fpm54 restart +service php-fpm55 restart +service php-fpm56 restart +service php-fpm70 restart +service php-fpm71 restart +service php-fpm72 restart +service php-fpm73 restart +service httpd restart +service nginx restart \ No newline at end of file diff --git a/Linux/Scripts/Web/servstat.sh b/Linux/Scripts/Web/servstat.sh new file mode 100644 index 0000000..54e30d6 --- /dev/null +++ b/Linux/Scripts/Web/servstat.sh @@ -0,0 +1,10 @@ +service php-fpm53 status +service php-fpm54 status +service php-fpm55 status +service php-fpm56 status +service php-fpm70 status +service php-fpm71 status +service php-fpm72 status +service php-fpm73 status +service httpd status +service nginx status \ No newline at end of file diff --git a/Linux/Scripts/Web/sweb.sh b/Linux/Scripts/Web/sweb.sh new file mode 100644 index 0000000..f297901 --- /dev/null +++ b/Linux/Scripts/Web/sweb.sh @@ -0,0 +1,10 @@ +service php-fpm53 start +service php-fpm54 start +service php-fpm55 start +service php-fpm56 start +service php-fpm70 start +service php-fpm71 start +service php-fpm72 start +service php-fpm73 start +service httpd start +service nginx start \ No newline at end of file diff --git a/Linux/Scripts/detect-os-V1.sh b/Linux/Scripts/detect-os-V1.sh new file mode 100644 index 0000000..f281be1 --- /dev/null +++ b/Linux/Scripts/detect-os-V1.sh @@ -0,0 +1,33 @@ +#!/bin/bash +source /etc/os-release + +#echo used Vars for testing only +echo $VERSION + +#formaring $VERSION to a useable fromat +VERSION=$(echo $VERSION | grep -o '[0-9]\+.' | tr -d '\n') + +#echo used Vars for testing only +echo $ID +echo $VERSION + +#example if statement + +if [ "$ID" = "debian" ]; then + echo "Execute Commands" +elif [ "$ID" = "ubuntu" ]; then + echo "Executue Ubuntu version detection" + if [[ "$VERSION" == "18.04"* ]]; then + echo "this ubuntu Ubuntu 18.04" + elif [[ "$VERSION" == "16.04"* ]]; then + echo "this ubuntu 16.04" + else + echo "this version of ubuntu is not yet supported" + fi +elif [ "$ID" = "centos" ]; then + echo "Executue Centos Commands" +elif [ "$ID" = "rhel" ]; then + echo "Executue Red hat enterpise Linux Commands" +else + echo "this OS is not yet supported" +fi \ No newline at end of file diff --git a/Linux/Scripts/detect-os-V2.sh b/Linux/Scripts/detect-os-V2.sh new file mode 100644 index 0000000..83037a6 --- /dev/null +++ b/Linux/Scripts/detect-os-V2.sh @@ -0,0 +1,21 @@ +dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release") +dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release") + +if [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"18.04"* ]]; then + echo "Ubuntu 18.04 Detected" + shortdist=ubu1804 +elif [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"20.04"* ]]; then + echo "Ubuntu 20.04 Detected" + shortdist=ubu2004 +elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then + echo "Debian 10 Detected" + shortdist=deb10 +elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then + echo "Centos 8 Detected" + shortdist=cent10 +else + echo "This OS in not supported" +fi + +unset dist_ver +unset dist diff --git a/Linux/Scripts/git-UpdateCheck.sh b/Linux/Scripts/git-UpdateCheck.sh new file mode 100644 index 0000000..f95018f --- /dev/null +++ b/Linux/Scripts/git-UpdateCheck.sh @@ -0,0 +1,18 @@ +#Git update checker +## Will folow localy checked-out branch +## Make sure localy altered files (config,upload folder, etc) are setup in .gitignore +git remote update + +UPSTREAM=${1:-'@{u}'} +LOCAL=$(git rev-parse @) +REMOTE=$(git rev-parse "$UPSTREAM") +BASE=$(git merge-base @ "$UPSTREAM") + +if [ $LOCAL = $REMOTE ]; then + echo "Up-to-date" +elif [ $LOCAL = $BASE ]; then + echo "Update available, Pulling form git" + git pull +else + echo "Diverged" +fi \ No newline at end of file diff --git a/Linux/sftpSpliting.sh b/Linux/Scripts/sftpSpliting.sh similarity index 72% rename from Linux/sftpSpliting.sh rename to Linux/Scripts/sftpSpliting.sh index 29c0dca..4967bb9 100644 --- a/Linux/sftpSpliting.sh +++ b/Linux/Scripts/sftpSpliting.sh @@ -13,7 +13,7 @@ apt install bindfs -y groupadd $webname useradd $webname -g $webname mkdir -p /home/$webname/.ssh -echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOtJ4ZiLi+SntA3m54oEJjlA8bE73gggkhGjOaVHsLNo6YmKtZlPaxwWiGvoATv4Vm41WWxKbUWbYGHVTe8DusqKpf/JCgB1r/8rQe828qwaEGXWGxta1Ykq+ndDeBLFGhVp0nNdcnND5HIwarEW4zhBDXUMzYw7IBxPYb48tVIobs/yPN6nSWT2G8FX7XDJNifS+ThVLnCHHS3i/uio8b8jz1oT2s6UH09EBwxg99+0yVaSQV2q8CthDZ8rSgz8pAhQ6FwVfUd9c/PQjtbUSQStvKvr3muv5Q8UnzAvKiO83rsM91aDwv0E6kqpB77BrkpfQXOJNDmdqlnsa2AlkL ICTMaatwerk@Key" >> /home/$webname/.ssh/authorized_keys +echo "ExampleKey" >> /home/$webname/.ssh/authorized_keys chown -R $webname:$webname /home/$webname diff --git a/Linux/Scripts/tc/Setup-TC-Generic-Kiosk.sh b/Linux/Scripts/tc/Setup-TC-Generic-Kiosk.sh new file mode 100644 index 0000000..7775759 --- /dev/null +++ b/Linux/Scripts/tc/Setup-TC-Generic-Kiosk.sh @@ -0,0 +1,168 @@ +#!/bin/bash + +#########Tested on######### +## Debian 9(i386) ## +# Hp t5740e # +## Debian 9(amd64) ## +# Dell Optiplex Fx160 # +########################### + + +echo "Debian 9 Thin client install script." +echo "Full url including http(s)://:" +read url + + +apt update + +# get software +apt install xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes -y + +# dir +mkdir -p /home/kiosk/.config/openbox + +mkdir -p /home/kiosk/Bureaublad +# create group +groupadd kiosk + +# create user if not exists +id -u kiosk &>/dev/null || useradd -m kiosk -g kiosk -s /bin/bash + +# rights +chown -R kiosk:kiosk /home/kiosk + +# create config +echo oldurl=${url} > /var/log/browserurl.log + +sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config + +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/grub-4x3.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-4x3.png +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/grub-16x9.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-16x9.png +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/joy-ictm.tar.gz -O /tmp/joy-ictm.tar.gz +tar -zxf /tmp/joy-ictm.tar.gz -C /usr/share/plymouth/themes/ + +sed -i 's|GRUB_TIMEOUT=5|GRUB_TIMEOUT=1|g' /etc/default/grub +sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT="quiet"|GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"|g' /etc/default/grub +update-grub +plymouth-set-default-theme -R joy-ictm + +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/20auto-upgrades -O /etc/apt/apt.conf.d/20auto-upgrades +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/50unattended-upgrades -O /etc/apt/apt.conf.d/50unattended-upgrades + +if [ -e "/etc/lightdm/lightdm.conf" ]; then + mv /etc/lightdm/lightdm.conf /etc/lightdm/lightdm.conf.backup +fi +cat > /etc/lightdm/lightdm.conf << EOF +[SeatDefaults] +autologin-user=kiosk +EOF + +# create autostart +if [ -e "/home/kiosk/.config/openbox/autostart" ]; then + mv /home/kiosk/.config/openbox/autostart /home/kiosk/.config/openbox/autostart.backup +fi + +cat > /home/kiosk/.config/openbox/autostart << EOF +#!/bin/bash +sleep 1; spacefm --desktop & + chromium \ + --no-first-run \ + --disable \ + --disable-translate \ + --disable-infobars \ + --disable-suggestions-service \ + --disable-save-password-bubble \ + --disable-session-crashed-bubble \ + --incognito \ + "${url}" +EOF + +#creating app files + +cat > /home/kiosk/Bureaublad/chromium.desktop << EOF +[Desktop Entry] +Version=1.0 +Name=Chromium +GenericName=Web Browser +GenericName[nl]=Webbrowser +Comment=Access the Internet +Comment[nl]=Verbinding maken met internet +Exec=/usr/bin/chromium --no-first-run --disable --disable-translate --disable-infobars --disable-suggestions-service --disable-save-password-bubble --disable-session-crashed-bubble --incognito ${url} +Terminal=false +X-MultipleArgs=false +Type=Application +Icon=chromium.png +Categories=Network;WebBrowser; +MimeType=text/html;text/xml;application/xhtml_xml;application/x-mimearchive;x-scheme-handler/http;x-scheme-handler/https; +StartupWMClass=chromium +StartupNotify=true +EOF + +cat > /home/kiosk/Bureaublad/nedit.desktop << EOF +[Desktop Entry] +Version=1.0 +Name=NEdit +Name[en]=NEdit +Name[nl]=NEdit +Exec=nedit-nc %F +Icon=nedit +Terminal=false +Type=Application +MimeType=text/plain; +Categories=Motif;Utility;TextTools; +Keywords=Customizable;Scripts;Powerful; +GenericName=Text Editor +GenericName[en]=Text Editor +GenericName[nl]=Tekstverwerker +EOF + +cat > /home/kiosk/Bureaublad/shutdown.desktop << EOF +[Desktop Entry] +Encoding=UTF-8 +Version=1.0 +Type=Application +Terminal=false +Exec=shutdown-menu +Name=Shutdown +Icon=/usr/share/icons/Adwaita/64x64/actions/system-shutdown-symbolic.symbolic.png +EOF + +cp -r /home/kiosk/Bureaublad/ /home/kiosk/Desktop + +# rights for apps folder +chown -R kiosk:kiosk /home/kiosk/Bureaublad +chown -R kiosk:kiosk /home/kiosk/Desktop + + +# setting user power privileges +cat > /etc/sudoers.d/powerctl << EOF +# Cmnd alias specification +Cmnd_Alias SHUTDOWN = /sbin/shutdown +Cmnd_Alias REBOOT = /sbin/reboot + +# User privilege specification +kiosk ALL=SHUTDOWN +kiosk ALL=NOPASSWD: SHUTDOWN +kiosk ALL=REBOOT +kiosk ALL=NOPASSWD: REBOOT +EOF + +cat > /usr/bin/shutdown-menu << EOF +gmessage "Weet u zeker dat u de computer wilt afsluiten?" -center -title "Shutdown" -font "Sans bold 10" -default "Cancel" -buttons "_Annuleren":1,"_Opnieuw opstarten":3,"_Afsluiten":4 >/dev/null + +case \$? in +1) +echo "Exit";; +3) +pkill spacefm +sudo shutdown -r now;; +4) +pkill spacefm +sudo shutdown -h now;; +esac +EOF +chmod 775 /usr/bin/shutdown-menu + +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/update-url.sh -O /root/update-url.sh + +echo "Done!" \ No newline at end of file diff --git a/Linux/Scripts/tc/Setup-TC-t510-Kiosk.sh b/Linux/Scripts/tc/Setup-TC-t510-Kiosk.sh new file mode 100644 index 0000000..13704f0 --- /dev/null +++ b/Linux/Scripts/tc/Setup-TC-t510-Kiosk.sh @@ -0,0 +1,176 @@ +#!/bin/bash + +#######Made for:####### +## Debian 9 ## +# Hp t510 # +####################### + +echo "Debian 9 Thin client install script." +echo "Full url including http(s)://:" +read url + +apt-get update + + +# get software +apt-get install xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes xserver-xorg-video-openchrome -y + +# dir +mkdir -p /home/kiosk/.config/openbox +mkdir -p /home/kiosk/Bureaublad + +# create group +groupadd kiosk + +# create user if not exists +id -u kiosk &>/dev/null || useradd -m kiosk -g kiosk -s /bin/bash + +# rights +chown -R kiosk:kiosk /home/kiosk + +# create config +echo oldurl=${url} > /var/log/browserurl.log + +sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config + +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/grub-4x3.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-4x3.png +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/grub-16x9.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-16x9.png +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/joy-ictm.tar.gz -O /tmp/joy-ictm.tar.gz +tar -zxf /tmp/joy-ictm.tar.gz -C /usr/share/plymouth/themes/ + +sed -i 's|GRUB_TIMEOUT=5|GRUB_TIMEOUT=1|g' /etc/default/grub +sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT="quiet"|GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"|g' /etc/default/grub +update-grub +plymouth-set-default-theme -R joy-ictm + + +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/20auto-upgrades -O /etc/apt/apt.conf.d/20auto-upgrades +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/50unattended-upgrades -O /etc/apt/apt.conf.d/50unattended-upgrades + +if [ -e "/etc/lightdm/lightdm.conf" ]; then + mv /etc/lightdm/lightdm.conf /etc/lightdm/lightdm.conf.backup +fi +cat > /etc/lightdm/lightdm.conf << EOF +[SeatDefaults] +autologin-user=kiosk +EOF + +# create autostart +if [ -e "/home/kiosk/.config/openbox/autostart" ]; then + mv /home/kiosk/.config/openbox/autostart /home/kiosk/.config/openbox/autostart.backup +fi + +cat > /home/kiosk/.config/openbox/autostart << EOF +#!/bin/bash +sleep 1; spacefm --desktop & + chromium \ + --no-first-run \ + --disable \ + --disable-translate \ + --disable-infobars \ + --disable-suggestions-service \ + --disable-save-password-bubble \ + --disable-session-crashed-bubble \ + --incognito \ + "${url}" +EOF + +#creating app files + +cat > /home/kiosk/Bureaublad/chromium.desktop << EOF +[Desktop Entry] +Version=1.0 +Name=Chromium +GenericName=Web Browser +GenericName[nl]=Webbrowser +Comment=Access the Internet +Comment[nl]=Verbinding maken met internet +Exec=/usr/bin/chromium --no-first-run --disable --disable-translate --disable-infobars --disable-suggestions-service --disable-save-password-bubble --disable-session-crashed-bubble --incognito ${url} +Terminal=false +X-MultipleArgs=false +Type=Application +Icon=chromium.png +Categories=Network;WebBrowser; +MimeType=text/html;text/xml;application/xhtml_xml;application/x-mimearchive;x-scheme-handler/http;x-scheme-handler/https; +StartupWMClass=chromium +StartupNotify=true +EOF + +cat > /home/kiosk/Bureaublad/nedit.desktop << EOF +[Desktop Entry] +Version=1.0 +Name=NEdit +Name[en]=NEdit +Name[nl]=NEdit +Exec=nedit-nc %F +Icon=nedit +Terminal=false +Type=Application +MimeType=text/plain; +Categories=Motif;Utility;TextTools; +Keywords=Customizable;Scripts;Powerful; +GenericName=Text Editor +GenericName[en]=Text Editor +GenericName[nl]=Tekstverwerker +EOF + +cat > /home/kiosk/Bureaublad/shutdown.desktop << EOF +[Desktop Entry] +Encoding=UTF-8 +Version=1.0 +Type=Application +Terminal=false +Exec=shutdown-menu +Name=Shutdown +Icon=/usr/share/icons/Adwaita/64x64/actions/system-shutdown-symbolic.symbolic.png +EOF + +cp -r /home/kiosk/Bureaublad/ /home/kiosk/Desktop + +# rights for apps folder +chown -R kiosk:kiosk /home/kiosk/Bureaublad +chown -R kiosk:kiosk /home/kiosk/Desktop + + +# setting user power privileges +cat > /etc/sudoers.d/powerctl << EOF +# Cmnd alias specification +Cmnd_Alias SHUTDOWN = /sbin/shutdown +Cmnd_Alias REBOOT = /sbin/reboot + +# User privilege specification +kiosk ALL=SHUTDOWN +kiosk ALL=NOPASSWD: SHUTDOWN +kiosk ALL=REBOOT +kiosk ALL=NOPASSWD: REBOOT +EOF + +cat > /usr/bin/shutdown-menu << EOF +gmessage "Weet u zeker dat u de computer wilt afsluiten?" -center -title "Shutdown" -font "Sans bold 10" -default "Cancel" -buttons "_Annuleren":1,"_Opnieuw opstarten":3,"_Afsluiten":4 >/dev/null + +case \$? in +1) +echo "Exit";; +3) +pkill spacefm +sudo shutdown -r now;; +4) +pkill spacefm +sudo shutdown -h now;; +esac +EOF +chmod 775 /usr/bin/shutdown-menu + + +wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/update-url.sh -O /root/update-url.sh + +cat > /etc/modprobe.d/blacklist-framebuffer.conf << EOF +blacklist tridentfb +blacklist vesafb +blacklist vfb +blacklist viafb +blacklist vt8623fb +blacklist udlfb +EOF + +echo "Done!" \ No newline at end of file diff --git a/Linux/Scripts/tc/config/20auto-upgrades b/Linux/Scripts/tc/config/20auto-upgrades new file mode 100644 index 0000000..7587020 --- /dev/null +++ b/Linux/Scripts/tc/config/20auto-upgrades @@ -0,0 +1,4 @@ +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::AutocleanInterval "7"; +APT::Periodic::Unattended-Upgrade "1"; \ No newline at end of file diff --git a/Linux/Scripts/tc/config/50unattended-upgrades b/Linux/Scripts/tc/config/50unattended-upgrades new file mode 100644 index 0000000..bcc6af6 --- /dev/null +++ b/Linux/Scripts/tc/config/50unattended-upgrades @@ -0,0 +1,25 @@ +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::AutocleanInterval "7"; +APT::Periodic::Unattended-Upgrade "1"; +Unattended-Upgrade::Mail "root"; + +// Automatically upgrade packages from these +Unattended-Upgrade::Origins-Pattern { + "o=Debian,a=stable"; + "o=Debian,a=stable-updates"; + "o=Debian,a=proposed-updates"; + "origin=Debian,codename=${distro_codename},label=Debian-Security"; +}; + +// You can specify your own packages to NOT automatically upgrade here +Unattended-Upgrade::Package-Blacklist { +// "vim"; +// "libc6"; +// "libc6-dev"; +// "libc6-i686"; + +}; + +Unattended-Upgrade::MailOnlyOnError "false"; +Unattended-Upgrade::Automatic-Reboot "false"; \ No newline at end of file diff --git a/Linux/Scripts/tc/config/gui/grub-16x9.png b/Linux/Scripts/tc/config/gui/grub-16x9.png new file mode 100644 index 0000000..8a0ced6 Binary files /dev/null and b/Linux/Scripts/tc/config/gui/grub-16x9.png differ diff --git a/Linux/Scripts/tc/config/gui/grub-4x3.png b/Linux/Scripts/tc/config/gui/grub-4x3.png new file mode 100644 index 0000000..826a967 Binary files /dev/null and b/Linux/Scripts/tc/config/gui/grub-4x3.png differ diff --git a/Linux/Scripts/tc/config/gui/joy-ictm.tar.gz b/Linux/Scripts/tc/config/gui/joy-ictm.tar.gz new file mode 100644 index 0000000..cd53db8 Binary files /dev/null and b/Linux/Scripts/tc/config/gui/joy-ictm.tar.gz differ diff --git a/Linux/Scripts/tc/debian-generic-preseed.txt b/Linux/Scripts/tc/debian-generic-preseed.txt new file mode 100644 index 0000000..ea16248 --- /dev/null +++ b/Linux/Scripts/tc/debian-generic-preseed.txt @@ -0,0 +1,277 @@ +#### Contents of the preconfiguration file (for stretch) +### Localization +# Preseeding only locale sets language, country and locale. +#d-i debian-installer/locale string en_US + +# The values can also be preseeded individually for greater flexibility. +d-i debian-installer/language string nl +d-i debian-installer/country string NL +d-i debian-installer/locale string nl_NL.UTF-8 +# Optionally specify additional locales to be generated. +#d-i localechooser/supported-locales multiselect en_US.UTF-8, nl_NL.UTF-8 + +# Keyboard selection. +d-i keyboard-configuration/xkb-keymap select us +# d-i keyboard-configuration/toggle select No toggling + +### Network configuration +# Disable network configuration entirely. This is useful for cdrom +# installations on non-networked devices where the network questions, +# warning and long timeouts are a nuisance. +#d-i netcfg/enable boolean false + +# netcfg will choose an interface that has link if possible. This makes it +# skip displaying a list if there is more than one interface. +d-i netcfg/choose_interface select auto + +# To pick a particular interface instead: +#d-i netcfg/choose_interface select eth1 + +# To set a different link detection timeout (default is 3 seconds). +# Values are interpreted as seconds. +#d-i netcfg/link_wait_timeout string 10 + +# If you have a slow dhcp server and the installer times out waiting for +# it, this might be useful. +#d-i netcfg/dhcp_timeout string 60 +#d-i netcfg/dhcpv6_timeout string 60 + +# If you prefer to configure the network manually, uncomment this line and +# the static network configuration below. +#d-i netcfg/disable_autoconfig boolean true + + +# Any hostname and domain names assigned from dhcp take precedence over +# values set here. However, setting the values still prevents the questions +# from being shown, even if values come from dhcp. +d-i netcfg/get_hostname string Thin-Client +d-i netcfg/get_domain string + +# If you want to force a hostname, regardless of what either the DHCP +# server returns or what the reverse DNS entry for the IP is, uncomment +# and adjust the following line. +#d-i netcfg/hostname string somehost + +# Disable that annoying WEP key dialog. +d-i netcfg/wireless_wep string +# The wacky dhcp hostname that some ISPs use as a password of sorts. +#d-i netcfg/dhcp_hostname string radish + +# If non-free firmware is needed for the network or other hardware, you can +# configure the installer to always try to load it, without prompting. Or +# change to false to disable asking. +#d-i hw-detect/load_firmware boolean true + +### Network console +# Use the following settings if you wish to make use of the network-console +# component for remote installation over SSH. This only makes sense if you +# intend to perform the remainder of the installation manually. +#d-i anna/choose_modules string network-console +#d-i network-console/authorized_keys_url string http://10.0.0.1/openssh-key +#d-i network-console/password password r00tme +#d-i network-console/password-again password r00tme + +### Mirror settings +# If you select ftp, the mirror/country string does not need to be set. +#d-i mirror/protocol string ftp +d-i mirror/country string manual +d-i mirror/http/hostname string ftp.nl.debian.org +d-i mirror/http/directory string /debian +d-i mirror/http/proxy string + +# Suite to install. +#d-i mirror/suite string testing +# Suite to use for loading installer components (optional). +#d-i mirror/udeb/suite string testing + +### Account setup +# Skip creation of a root account (normal user account will be able to +# use sudo). +#d-i passwd/root-login boolean false +# Alternatively, to skip creation of a normal user account. +d-i passwd/make-user boolean false + +# Root password, either in clear text +#d-i passwd/root-password password r00tme +#d-i passwd/root-password-again password r00tme +# or encrypted using a crypt(3) hash. +#d-i passwd/root-password-crypted password [crypt(3) hash] + + +### Clock and time zone setup +# Controls whether or not the hardware clock is set to UTC. +d-i clock-setup/utc boolean true + +# You may set this to any valid setting for $TZ; see the contents of +# /usr/share/zoneinfo/ for valid values. +d-i time/zone string Europe/Amsterdam + +# Controls whether to use NTP to set the clock during the install +d-i clock-setup/ntp boolean true +# NTP server to use. The default is almost always fine here. +#d-i clock-setup/ntp-server string ntp.example.com + +### Partitioning +## Partitioning example +# If the system has free space you can choose to only partition that space. +# This is only honoured if partman-auto/method (below) is not set. +#d-i partman-auto/init_automatically_partition select biggest_free + +# Alternatively, you may specify a disk to partition. If the system has only +# one disk the installer will default to using that, but otherwise the device +# name must be given in traditional, non-devfs format (so e.g. /dev/sda +# and not e.g. /dev/discs/disc0/disc). +# For example, to use the first SCSI/SATA hard disk: +#d-i partman-auto/disk string /dev/sda +# In addition, you'll need to specify the method to use. +# The presently available methods are: +# - regular: use the usual partition types for your architecture +# - lvm: use LVM to partition the disk +# - crypto: use LVM within an encrypted partition +d-i partman-auto/method string regular + +# If one of the disks that are going to be automatically partitioned +# contains an old LVM configuration, the user will normally receive a +# warning. This can be preseeded away... +#d-i partman-lvm/device_remove_lvm boolean true +# The same applies to pre-existing software RAID array: +d-i partman-md/device_remove_md boolean true +# And the same goes for the confirmation to write the lvm partitions. +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true + +# You can choose one of the three predefined partitioning recipes: +# - atomic: all files in one partition +# - home: separate /home partition +# - multi: separate /home, /var, and /tmp partitions +d-i partman-auto/choose_recipe select atomic + + + +# This makes partman automatically partition without confirmation. +d-i partman-md/confirm boolean true +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + +## Controlling how partitions are mounted +# The default is to mount by UUID, but you can also choose "traditional" to +# use traditional device names, or "label" to try filesystem labels before +# falling back to UUIDs. +#d-i partman/mount_style select uuid + +### Base system installation +# Configure APT to not install recommended packages by default. Use of this +# option can result in an incomplete system and should only be used by very +# experienced users. +#d-i base-installer/install-recommends boolean false + +# The kernel image (meta) package to be installed; "none" can be used if no +# kernel is to be installed. +#d-i base-installer/kernel/image string linux-image-686 + +### Apt setup +# You can choose to install non-free and contrib software. +d-i apt-setup/non-free boolean true +d-i apt-setup/contrib boolean true + +# Uncomment this to add multiarch configuration for i386 +#d-i apt-setup/multiarch string i386 + + +### Package selection +tasksel tasksel/first multiselect standard + +# Individual additional packages to install +d-i pkgsel/include string openssh-server xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes + +# Some versions of the installer can report back on what software you have +# installed, and what software you use. The default is not to report back, +# but sending reports helps the project determine what software is most +# popular and include it on CDs. +#popularity-contest popularity-contest/participate boolean false + +### Boot loader installation +# Grub is the default boot loader (for x86). If you want lilo installed +# instead, uncomment this: +#d-i grub-installer/skip boolean true +# To also skip installing lilo, and install no bootloader, uncomment this +# too: +#d-i lilo-installer/skip boolean true + + +# This is fairly safe to set, it makes grub install automatically to the MBR +# if no other operating system is detected on the machine. +###d-i grub-installer/only_debian boolean true + +# This one makes grub-installer install to the MBR if it also finds some other +# OS, which is less safe as it might not be able to boot that other OS. +###d-i grub-installer/with_other_os boolean true + +# Due notably to potential USB sticks, the location of the MBR can not be +# determined safely in general, so this needs to be specified: +#d-i grub-installer/bootdev string /dev/sda +# To install to the first device (assuming it is not a USB stick): +#d-i grub-installer/bootdev string default + + +# Use the following option to add additional boot parameters for the +# installed system (if supported by the bootloader installer). +# Note: options passed to the installer will be added automatically. +#d-i debian-installer/add-kernel-opts string nousb + +### Finishing up the installation +# During installations from serial console, the regular virtual consoles +# (VT1-VT6) are normally disabled in /etc/inittab. Uncomment the next +# line to prevent this. +#d-i finish-install/keep-consoles boolean true + +# Avoid that last message about the install being complete. +d-i finish-install/reboot_in_progress note + +# This will prevent the installer from ejecting the CD during the reboot, +# which is useful in some situations. +#d-i cdrom-detect/eject boolean false + +# This is how to make the installer shutdown when finished, but not +# reboot into the installed system. +#d-i debian-installer/exit/halt boolean true +# This will power off the machine instead of just halting it. +#d-i debian-installer/exit/poweroff boolean true + +### Preseeding other packages +# Depending on what software you choose to install, or if things go wrong +# during the installation process, it's possible that other questions may +# be asked. You can preseed those too, of course. To get a list of every +# possible question that could be asked during an install, do an +# installation, and then run these commands: +# debconf-get-selections --installer > file +# debconf-get-selections >> file + + +#### Advanced options +### Running custom commands during the installation +# d-i preseeding is inherently not secure. Nothing in the installer checks +# for attempts at buffer overflows or other exploits of the values of a +# preconfiguration file like this one. Only use preconfiguration files from +# trusted locations! To drive that home, and because it's generally useful, +# here's a way to run any shell command you'd like inside the installer, +# automatically. + +# This first command is run as early as possible, just after +# preseeding is read. +#d-i preseed/early_command string anna-install some-udeb +# This command is run immediately before the partitioner starts. It may be +# useful to apply dynamic partitioner preseeding that depends on the state +# of the disks (which may not be visible when preseed/early_command runs). +#d-i partman/early_command \ +# string debconf-set partman-auto/disk "$(list-devices disk | head -n1)" +# This command is run just before the install finishes, but when there is +# still a usable /target directory. You can chroot to /target and use it +# directly, or use the apt-install and in-target commands to easily install +# packages and run commands in the target system. +d-i preseed/late_command string \ +in-target wget -O /root/Setup-TC-Generic-Kiosk.sh https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/Setup-TC-Generic-Kiosk.sh # ; \ +#in-target bash /root/Setup-TC-Generic-Kiosk.sh + diff --git a/Linux/Scripts/tc/update-url.sh b/Linux/Scripts/tc/update-url.sh new file mode 100644 index 0000000..f42cd49 --- /dev/null +++ b/Linux/Scripts/tc/update-url.sh @@ -0,0 +1,13 @@ +echo "Thin client url updater." +echo "enter the full url including http(s)://" +read url + +source /var/log/browserurl.log + +sed -i "s|$oldurl|$url|g" /home/kiosk/Bureaublad/chromium.desktop +sed -i "s|$oldurl|$url|g" /home/kiosk/Desktop/chromium.desktop +sed -i "s|$oldurl|$url|g" /home/kiosk/.config/openbox/autostart + +echo oldurl=${url} > /var/log/browserurl.log + +echo "Done!" diff --git a/README.md b/README.md index d811959..5960b07 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,3 @@ -# RandomSinpits +# Snipits +By brammp \ No newline at end of file