Cleaned up and merge other Linux snippit repo

Meged https://git.bprieshof.nl/brammp/linux into ./Linux

Linux/Docs/HowTo-ISO-Repack.md

@@ -0,0 +1,35 @@
+# Repack linux ISO
+
+Commands expect to be in a root shell
+
+## Install needed tools
+mkisofs xorriso isohybrid
+
+## Editing ISO image
+
+Create workspace  
+`mkdir /tmp/custom_iso`  
+Mount image and extract it since it is read only  
+```
+mount -t iso9660 -o loop ~/original.iso /mnt/`  
+tar cf - /mnt/. | (cd /tmp/custom_iso; tar xfp -)
+```
+You can now modify the files for editing the bootloader config for example!  
+
+## Back into an iso
+
+### Legacy only
+Rebuild iso with mkisofs  
+`mkisofs -o output.iso -b syslinux/isolinux.bin -c syslinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -J -R -V "Custom ISO" /tmp/custom_iso`  
+Bless it with isohybrid  
+`isohybrid output.iso`  
+
+### EFI and Legacy
+Rebuild iso with mkisofs  
+`mkisofs -o output.iso -b syslinux/isolinux.bin -J -R -l -c syslinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -eltorito-alt-boot -e boot/grub/efi.img -no-emul-boot -graft-points -V "Custom ISO" /tmp/custom_iso`  
+Bless it with isohybrid  
+`isohybrid --uefi  output.iso` 
+
+### Sources
+https://gist.github.com/AkdM/2cd3766236582ed0263920d42c359e0f  
+https://tuxfixer.com/mount-modify-edit-repack-create-uefi-iso-including-kickstart-file/  

Linux/Docs/HowTo-InfoAtLoginPromt.md

@@ -0,0 +1,8 @@
+***IP address on host promts (add to /etc/issue)***
+```
+<ifName>: \4{<ifName>}
+```
+***IP address on motd (add to .bashrc)***
+```
+echo "IP: $(ip -o -4 addr list "<IFNAME>" | awk '{print $4}' | cut -d/ -f1)"
+```

Linux/Docs/HowTo-Migrate-SecureBootKey.md

@@ -0,0 +1,37 @@
+# Migrate Secureboot key
+## Export Ubuntu
+Copy following files
+* Private Key: /var/lib/shim-signed/mok/MOK.priv
+* Public Key: /var/lib/shim-signed/mok/MOK.der
+
+## Export Fedora
+Copy following files  
+* Symlink to Private Key: /etc/pki/akmods/private/private_key.priv
+* Symlink to Public Key: /etc/pki/akmods/certs/private_key.priv
+
+## Import Ubuntu
+Using source.priv and source.der files in current directory to import
+```
+cp source.priv  /var/lib/shim-signed/mok/MOK.priv
+cp source.der  /var/lib/shim-signed/mok/MOK.der
+```
+
+## Import Fedora
+Using source.priv and source.der files in current directory to import
+```
+dnf install akmods kmodtool
+
+KEYNAME="$(hostname)"-"$(od -vAn -N4 -tu4 < /dev/urandom | awk '{print $1}')"
+
+cp source.der /etc/pki/akmods/certs/${KEYNAME}.der
+cp source.priv /etc/pki/akmods/private/${KEYNAME}.priv
+
+chgrp akmods /etc/pki/akmods/certs/${KEYNAME}.*
+chgrp akmods /etc/pki/akmods/private/${KEYNAME}.*
+
+chmod g+r /etc/pki/akmods/certs/${KEYNAME}.*
+chmod g+r /etc/pki/akmods/private/${KEYNAME}.*
+
+ln -nsf /etc/pki/akmods/certs/${KEYNAME}.der /etc/pki/akmods/certs/public_key.der
+ln -nsf /etc/pki/akmods/private/${KEYNAME}.priv /etc/pki/akmods/private/private_key.priv
+```

Linux/Docs/HowTo-Multicore Gzip.md

@@ -0,0 +1,13 @@
+## Install
+```
+apt install pigz
+```
+## Compress
+```
+tar cf - [inputdir] | pigz -[compression level (0 = none, 1 = minimal, 9 = maximum)] -p[cores] > [output.tar.gz]
+```
+## Extract
+```
+unpigz < [input.tar.gz] | (cd [extract location] && tar xvf -)
+```
+

Linux/Docs/HowTo-NginxArgToRev.md

@@ -0,0 +1,18 @@
+#### Input: dom.ain/UrLocation/?set=123
+
+
+
+#### Nginx Conf
+
+######  Required when directing to domain 
+```
+resolver 1.1.1.1 [::1]:5353 valid=30s;
+```
+
+
+```
+location /UrLocation {
+        proxy_pass https://other.domain/json.htm?type=command&&switchcmd=Set%20Level&level=$arg_set;
+}
+```
+#### result: https://other.domain/json.htm?type=command&&switchcmd=Set%20Level&level=123

Linux/Docs/HowTo-SSH-Tunnels.md

@@ -0,0 +1,42 @@
+## SSH SOCSK (ProxyTunnel)
+#### Command
+`ssh -C -D <proxyport> <USERNAME>@<SYSTEM>`
+
+* -C : enables compression
+* -D : specifies Socks proxyport 
+
+### Firefox
+1. go to Edit -> Preferences -> Advanced -> Network -> Connection -> Settings...
+2. check "Manual proxy configuration"
+3. make sure "Use this proxy server for all protocols" is cleared
+4. clear "HTTP Proxy", "SSL Proxy", "FTP Proxy", and "Gopher Proxy" fields
+5. enter "127.0.0.1" for "SOCKS Host"
+6. enter "1080" (or whatever port you chose) for Port.
+
+## SSH Remote forward (makes local port apear on remote machine)
+
+#### Port to be internaly binded on remote machine
+
+`ssh -R <remoteport>:<address in local network or localhost>:<localport> <USERNAME>@<SYSTEM>`
+
+#### Port to be binded to remote machine 
+
+`ssh -g -R *:<remoteport>:<address in local network or localhost>:<localport> <USERNAME>@<SYSTEM>`
+
+* -R : Remote forward
+* -N : Do not execute a remote command
+* -g : forward to remote network
+
+### SSHD config (on remote where ports are forwarded to)
+* GatewayPorts no : only allows the remote system to connect
+* GatewayPorts yes: allows the remote network to connect to the forwarded port
+* GatewayPorts clientspecified : allows the remote network to connect to the forwarded port when -g switch is used
+
+
+## SSH Local forward (makes remote port apear on local machine)
+
+#### Remote port to be binded on local machine
+
+`ssh -L <bindPort>:<address in remote network or localhost>:<remote port> <USERNAME>@<SYSTEM>`
+
+* -L : Local forward

Linux/Docs/Setup-apt-cacher-ng.md

@@ -0,0 +1,32 @@
+##OUTDATED##
+# apt-cacher-ng
+Default port 3142
+## Deb(ubuntu/debian) repos work out of the box server sided
+### client 
+`echo 'Acquire::http::Proxy "http://<ip>:<port>";' > /etc/apt/apt.conf.d/01proxy`
+
+## For Centos are modifications needed
+### Server
+`curl https://www.centos.org/download/full-mirrorlist.csv | sed 's/^.*"http:/http:/' | sed 's/".*$//' | grep ^http >/etc/apt-cacher-ng/centos_mirrors`
+
+SSL Passthrough
+#### /etc/apt-cacher-ng/acng.conf
+```
+VfilePatternEx: ^/\?release=[0-9]+&arch=
+VfilePatternEx: ^(/\?release=[0-9]+&arch=.*|.*/RPM-GPG-KEY-.*|/metalink\?repo=epel\$
+VfilePatternEx = (^|.*/)repodata/.*\.(yaml|yml)(\.gz|\.bz2|\.lzma|\.xz)?$
+Remap-centos: file:centos_mirrors /centos
+
+#PassThroughPattern: .* # this would allow CONNECT to everything
+
+```
+
+### Client (installer)
+use http://mirror.centos.org/centos/8/BaseOS/x86_64/os/ as repo and set proxy to <ip>:<port>
+
+### Client (DNF)
+make sure to set repos to use base url
+add folowing to /etc/dnf/dnf.conf
+```
+proxy=http://<ip>:<port>
+```

Linux/Docs/Setup-autoupdate-gitea.md

@@ -0,0 +1,52 @@
+# gitea update tool
+Tool from `https://github.com/CMiksche/gitea-auto-update`
+or get local from `https://git.bprieshof.nl/Tools/gitea-auto-update`
+
+requires  python 3.7+   
+
+# Install tool
+## ubuntu 18.04
+```
+add-apt-repository ppa:deadsnakes/ppa
+apt install python3.7 python3-pip
+
+python3.8 -m pip install gitea-auto-update
+```
+##debian 10,ubuntu 20.04
+```
+apt install python3-pip -y
+pip3 install gitea-auto-update
+```
+
+# Configuring
+### all os's 
+Add the following to `/etc/gitea/auto-update.ini`
+```
+[Gitea]
+site=http://localhost:3000/api/v1/version
+apiUrl=https://api.github.com/repos/go-gitea/gitea/releases/latest
+system=linux-amd64
+file=/usr/local/bin/gitea
+tmpDir=/tmp/
+buildFromSource=
+sourceDir=
+logFile=/var/log/gitupdate.log
+```
+
+
+
+## Cron job
+### ubuntu 18.04
+Add the following to `/etc/crontab`
+```
+0 5     * * 7   root   /usr/bin/python3.8 /usr/local/bin/gitea-auto-update --settings=/etc/gitea/auto-update.ini
+```
+### debian 10,ubuntu 20.04
+Add the following to `/etc/crontab`
+```
+0 5     * * 7   root    /usr/local/bin/gitea-auto-update --settings=/etc/gitea/auto-update.ini
+```
+# Run manual update`
+```
+gitea-auto-update --settings=/etc/gitea/auto-update.ini
+```

Linux/Docs/Setup-debian10-LXC.md

@@ -0,0 +1,74 @@
+# Setup LXC on debian 10
+
+Install packages and add unprivileged user
+```
+apt install lxc libvirt0 libpam-cgfs bridge-utils uidmap
+useradd lxcuser
+cat /etc/s*id|grep lxcuser
+```
+
+Put the following in /etc/default/lxc-net 
+```
+USE_LXC_BRIDGE="true"
+```
+
+Put the following in /etc/lxc/default.conf 
+```
+lxc.idmap = u 0 <Replace with output of cat> <Replace with output of cat>
+lxc.idmap = g 0 <Replace with output of cat> <Replace with output of cat>
+lxc.mount.auto = proc:mixed sys:ro cgroup:mixed
+lxc.apparmor.profile = unconfined
+lxc.apparmor.allow_nesting = 1
+lxc.net.0.type = veth
+lxc.net.0.link = lxcbr0
+lxc.net.0.flags = up
+lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
+```
+
+Give root acces to unprivileged user space
+```
+echo "root:<Replace with output of cat>:<Replace with output of cat>" >> /etc/subuid
+echo "root:<Replace with output of cat>:<Replace with output of cat>" >> /etc/subgid 
+```
+
+Enable and start lxc network service 
+```
+systemctl enable --now lxc-net
+```
+enable unprivileged user namespaces for kernels < 5.10
+```
+echo kernel.unprivileged_userns_clone=1 >> /etc/sysctl.conf
+sysctl -p
+```
+
+
+# Extra config KB
+* Create Container `lxc-create -t download -n <CTName> -- -d debian -r buster -a amd64`
+* Container config `/var/lib/lxc/<CTName>/config`
+* add to Container config to start on boot `lxc.start.auto = 1`
+* add to Container config for static ip
+```
+lxc.net.0.ipv4.address = 10.0.3.<IP>/24
+lxc.net.0.ipv4.gateway = 10.0.3.1
+```
+
+
+# UFW forwarding
+
+also dont forget to add the extenal port as allow rule
+add to /etc/ufw/before.rules
+
+to begin of file before *filter
+```
+*nat
+:PREROUTING ACCEPT [0:0]
+-A PREROUTING -i enp0s3 -p tcp --dport <extenal port> -j DNAT --to <ctip>:<internalport>
+COMMIT
+```
+
+to end of file before last COMMIT
+```
+#LXC forwards
+-A FORWARD -o lxcbr0 -j ACCEPT
+-A FORWARD -i lxcbr0 -j ACCEPT
+```

Linux/Docs/Setup-smokeping.md

@@ -0,0 +1,221 @@
+# Setup Smokeping
+Intructions for setting up SmokePing on Alpine Linux  
+
+## Main(Master)
+Needed packages: smokeping lighttpd  
+
+make sure to empty the remote secret file (/etc/smokeping/smokeping_secrets),  
+you also need to correct the permissions `chown smokeping:smokeping /etc/smokeping/smokeping_secrets`
+
+Lighttpd (/etc/lighttpd/lighttpd.conf)
+```
+# {{{ modules
+server.modules = (
+#    "mod_accesslog",
+     "mod_cgi"
+)
+# }}}
+
+# {{{ includes
+include "mime-types.conf"
+# }}}
+
+# {{{ CGI
+cgi.assign = (
+".cgi" => "/usr/bin/perl"
+)
+# }}}
+
+# {{{ server settings
+server.username      = "smokeping"
+server.groupname     = "smokeping"
+server.document-root = "/usr/share/webapps/smokeping"
+server.pid-file      = "/run/lighttpd.pid"
+server.errorlog-use-syslog = "enable"
+server.indexfiles    = ("smokeping.cgi")
+server.follow-symlink = "enable"
+static-file.exclude-extensions = (".cgi")
+# }}}
+
+# {{{ mod_accesslog
+#accesslog.filename   = "/var/log/lighttpd-access.log"
+# }}}
+
+# vim: set ft=conf foldmethod=marker et :
+```
+
+Smokeping config (/etc/smokeping/config)
+```
+*** General ***
+
+owner    = MaintainerName
+contact  = some@address.nowhere
+mailhost = my.mail.host
+sendmail = /usr/sbin/sendmail
+imgcache = /var/lib/smokeping/.simg
+imgurl   = img
+datadir  = /var/lib/smokeping
+piddir   = /var/run/smokeping
+cgiurl   = http://some.url/smokeping.cgi
+tmail = /etc/smokeping/tmail
+smokemail = /etc/smokeping/smokemail
+syslogfacility = local0
+
+#Use to overwrite system hostname
+#display_name = HostName
+
+*** Database ***
+
+step     = 300
+pings    = 20
+
+# consfn mrhb steps total
+
+AVERAGE  0.5   1  1008
+AVERAGE  0.5  12  4320
+    MIN  0.5  12  4320
+    MAX  0.5  12  4320
+AVERAGE  0.5 144   720
+    MAX  0.5 144   720
+    MIN  0.5 144   720
+
+*** Presentation ***
+
+template = /etc/smokeping/basepage.html
+htmltitle = yes
+graphborders = no
+
++ charts
+
+menu = Charts
+title = The most interesting destinations
+
+++ stddev
+sorter = StdDev(entries=>4)
+title = Top Standard Deviation
+menu = Std Deviation
+format = Standard Deviation %f
+
+++ max
+sorter = Max(entries=>5)
+title = Top Max Roundtrip Time
+menu = by Max
+format = Max Roundtrip Time %f seconds
+
+++ loss
+sorter = Loss(entries=>5)
+title = Top Packet Loss
+menu = Loss
+format = Packets Lost %f
+
+++ median
+sorter = Median(entries=>5)
+title = Top Median Roundtrip Time
+menu = by Median
+format = Median RTT %f seconds
+
++ overview 
+
+width = 600
+height = 50
+range = 10h
+
++ detail
+
+width = 600
+height = 200
+unison_tolerance = 2
+
+"Last hour"   1h
+"Last day"    24h
+"Last week"   7d
+"Last month"  30d
+"Last year"   365d
+
+
+*** Probes ***
+
++FPing
+binary = /usr/sbin/fping
+step = 60
+
+*** Slaves  ***
+secrets=/etc/smokeping/smokeping_secrets
+
+
+*** Targets ***
+
+probe = FPing
+
+menu = Top
+title = Network Latency Grapher
+remark = Welcome to SmokePing.
+
++ Internet
+menu = Internet
+title = Hosts on the internet
+
+++ cloudflare
+#slaves = 
+host = 1.1.1.1
+
+++ google
+#slaves = 
+host = 8.8.8.8
+
+```
+
+Start and Enable services on boot `service smokeping start && service lighttpd start && rc-update add smokeping default && rc-update add lighttpd default`  
+
+## Remote(Slave)
+
+### On Main
+Add the name and a secret in in the secrets file`/etc/smokeping/smokeping_secrets` using the following format (one per line) `remotehostname:Secret`  
+Add the host to the slaves section using the following example:
+```
++remotehostname                           
+display_name=Remote-Hostname              
+color=00ffff          
+```
+Add the host to the `slaves` section of the targets (should be seperated with a space)  
+Last step on main is to restart smokeping `service smokeping restart` 
+
+### On Remote
+Needed packages: smokeping  
+
+Put a secret in `/etc/smokeping/secret.txt`   
+set its permissions `chown smokeping:smokeping /etc/smokeping/secret.txt && chmod 600 /etc/smokeping/secret.txt`  
+
+Service file(/etc/init.d/smokeping-remote)
+```
+#!/sbin/openrc-run
+HostName=host1
+MainURL="http://<MainHost>/smokeping.cgi"
+
+depend() {
+        need net
+}
+
+start() {
+        checkpath --directory --owner smokeping:smokeping /var/run/smokeping
+
+        ebegin "Starting smokeping remote"
+        LC_ALL=C \
+        start-stop-daemon --start --name smokeping \
+                --pidfile /var/run/smokeping/smokeping.pid \
+                --exec /usr/bin/smokeping \
+                --user smokeping:smokeping \
+                -- --master-url=$MainURL --cache-dir=/var/lib/smokeping --pid-dir=/var/run/smokeping --shared-secret=/etc/smokeping/secret.txt --slave-name=$HostName
+        eend $?
+}
+
+stop() {
+        ebegin "Stopping smokeping Remote"
+        start-stop-daemon --stop \
+                --pidfile /var/run/smokeping/smokeping.pid
+        eend $?
+}
+```
+Set permissions service file `chmod +x /etc/init.d/smokeping-remote`  
+Start and Enable service on boot `service smokeping-remote start && rc-update add smokeping-remote default`  
+Add to Root cron tab to auto reload after crash (/etc/crontabs/root) `echo '* * * * * openrc --no-stop' >> /etc/crontabs/root`  

Linux/Docs/rffmpeg/README.md

@@ -0,0 +1,2 @@
+This Guide uses NFS for saring the Transcode tmp folder  
+This tool expects the media folder(s) to be mounted/located at same location as Primary(Jellyfin) server

Linux/Docs/rffmpeg/Setup-Primary.md

@@ -0,0 +1,78 @@
+## Prerequisites:
+* A running jellyfin server on the Primary
+
+## Step 1: Configuring Jellyfin and preparing the server
+
+### Transcode temp folder
+#### Sharing the the local trancode folder
+Make the new trancode folder
+```
+mkdir /var/lib/jellyfin/transcoding-temp
+```
+NFS is the recomend way of sharing this folder, but SMB/CIFS shoud also work
+```
+apt -y install nfs-kernel-server
+echo '/var/lib/jellyfin/transcoding-temp <Network IP>/24(rw,sync,no_subtree_check)' >> /etc/exports 
+systemctl restart nfs-kernel-server
+```
+Set the following setting in jellyfin "Transcode path" in the Playback settings to "/var/lib/jellyfin/transcoding-temp"
+
+#### Useing a existing remote share trancode folder
+Make sure the folder is mounted at"/var/lib/jellyfin/transcoding-temp"  
+Set the following setting in jellyfin "Transcode path" in the Playback settings to "/var/lib/jellyfin/transcoding-temp"
+
+### Jellyfin user
+Generating sshkey pair without password
+```
+sudo -u jellyfin mkdir -p /var/lib/jellyfin/.ssh
+sudo -u jellyfin ssh-keygen -t rsa -f /var/lib/jellyfin/.ssh/id_rsa
+```
+Set the jellyfin user to login as bash in /etc/passwd
+
+## Step 2: Install slave/render servers
+
+### Getting  info
+Run `cat /etc/passwd | grep jellyfin:` to get user info, i will refer to it as `<JelUser>`  
+Run `cat /etc/group | grep jellyfin:`, to get group info, i will refer to it as `<JelGroup>`  
+Run `cat /var/lib/jellyfin/.ssh/id_rsa.pub` To get ssh-key for sending commands , i will refer to it as `<PrimaryPubKey>`  
+Get the ip of the Primary, i will refer to it as `<PrimaryIP>`  
+
+### Installing on the remote slave
+Use the info you collected en follow "Slave-install.md" 
+```
+sudo -u jellyfin ssh -i /var/lib/jellyfin/.ssh/id_rsa jellyfin@<SlaveIP>
+```
+When connected to the Primary exit the session with the slave server  
+Repeat these steps for all slave server
+
+### Adding local system as slave
+```
+echo 'ssh-rsa <PrimaryPubKey>' | sudo -u jellyfin tee /var/lib/jellyfin/.ssh/authorized_keys
+sudo -u jellyfin ssh -i /var/lib/jellyfin/.ssh/id_rsa jellyfin@localhost
+```
+
+## Step 3: Installing rffmpeg
+```
+mkdir /etc/rffmpeg /opt/rffmpeg
+wget https://raw.githubusercontent.com/joshuaboniface/rffmpeg/master/rffmpeg.yml.sample -O /etc/rffmpeg/rffmpeg.yml
+wget https://raw.githubusercontent.com/joshuaboniface/rffmpeg/master/rffmpeg -O /opt/rffmpeg/rffmpeg.py
+ln -s /usr/local/bin/rffmpeg.py /opt/rffmpeg/ffmpeg
+ln -s /usr/local/bin/rffmpeg.py /opt/rffmpeg/ffprobe
+```
+## Step 3: Configuring rffmpeg
+Add to the host section of /etc/rffmpeg/rffmpeg.yml
+Example of the section in the config file
+```
+remote:
+    # A YAML list of remote hosts to connect to
+    hosts:
+        - 192.168.1.2
+        - 192.168.1.3
+```
+if you also want the local system to render add localhost or 127.0.0.1
+
+
+## Step 4: Set jellyfin to use rffmpeg
+Set the following setting in jellyfin "FFmpeg path" in the Playback settings to "/opt/rffmpeg/ffmpeg"
+
+## Done

Linux/Docs/rffmpeg/Setup-Worker.md

@@ -0,0 +1,43 @@
+## Prerequisites:
+* You set up the Primary following Primary-Install.md and have the information reddy
+* A Clean install of ubuntu linux with ssh-server enabled
+* The media folder accessible on the same location as the jellyfin server
+
+## Step 1: Setting up the user
+```
+mkdir -p /var/lib/jellyfin/.ssh
+echo "<JelUser>" >> /etc/passwd
+echo "<JelGroup>" >> /etc/group
+echo "jellyfin:*:17928:0:99999:7:::" >> /etc/shadow
+```
+Reboot the system just to make sure changes are piked up
+
+```
+echo '<PrimaryPubKey>' >> /var/lib/jellyfin/.ssh/authorized_keys
+chmod 755 -R /var/lib/jellyfin/
+chown -R jellyfin:jellyfin /var/lib/jellyfin/
+```
+
+## Step 2: setting up the Transcode temp folder
+if you are not using NFS make sure the folder is mounted to "/var/lib/jellyfin/transcoding-temp" and skip the rest of step 2
+
+### Setting up NFS Client
+```
+apt install nfs-common -y
+mkdir -p /var/lib/jellyfin/transcoding-temp
+chmod 777 /var/lib/jellyfin/transcoding-temp
+echo '<PrimaryIP>:/var/lib/jellyfin/transcoding-temp /var/lib/jellyfin/transcoding-temp nfs defaults,vers=3,sync 0 0' >> /etc/fstab
+sudo mount -a
+```
+
+## Step 3: Install the jellyfin version of ffmpeg
+```
+apt install apt-transport-https -y
+add-apt-repository universe -y
+wget -O - https://repo.jellyfin.org/ubuntu/jellyfin_team.gpg.key | sudo apt-key add -
+echo "deb [arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/ubuntu $( lsb_release -c -s ) main" >> /etc/apt/sources.list.d/jellyfin.list
+apt update
+apt install jellyfin-ffmpeg -y
+```
+## Done
+Continue reading "Primary-Install.md"

Linux/I-V2/FileContentList.sh

@@ -1,8 +1,8 @@
 ####
 preconf.sh
 ####
-mrepo=https://git.ictmaatwerk.com/VPS-scripts/MySQL
-mbranch=master
+mrepo=https://git.bprieshof.nl/Work_Archive/VPS-scripts_MySQL
+mbranch=main
 if [ -z ${password+x} ]; then echo 'Error $password is not set'; fi
 
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/repo-codename select bionic'
@@ -45,8 +45,8 @@ conf.sh
 ####
 
 ###Fetch Config
-mrepo=https://git.ictmaatwerk.com/VPS-scripts/MySQL
-mbranch=master
+mrepo=https://git.bprieshof.nl/Work_Archive/VPS-scripts_MySQL
+mbranch=main
 if [ -z ${PHPMyadmin+x} ]; then echo 'Error $PHPMyadmin is not set'; fi #check if Var is set
 if [ -z ${phpmyadminver+x} ]; then echo 'Error $phpmyadminver is not set'; fi #check if Var is set
 

Linux/I-V2/apt-Whiptail.sh

@@ -0,0 +1,5 @@
+#/bin/bash
+## Setup Alias for using whiptail as progress indicator for apt
+PKGM="debconf-apt-progress -- apt"  #enable progresbar
+PKGI="${PKGM} install -y"			#Setting single install var
+PKGA="debconf-apt-progress -- add-apt-repository"

Linux/Proxmox/Proxmox-ARM_CT.md

@@ -0,0 +1,16 @@
+Install `qemu-user-static` on the proxmox host
+Add an `armhf` or `arm64(aarch64)` image to the proxmox image store
+Use this image to create a container
+
+
+## Image links
+Always download `rootfs.tar.xz`
+(Distro releases current as of 20-10-2021)
+### armhf
+* Alpine https://uk.images.linuxcontainers.org/images/alpine/3.14/armhf/default/
+* Debian https://uk.images.linuxcontainers.org/images/debian/bullseye/armhf/default/
+* Ubuntu https://uk.images.linuxcontainers.org/images/ubuntu/focal/armhf/default/
+### arm64
+* Alpine https://uk.images.linuxcontainers.org/images/alpine/3.14/arm64/default/
+* Debian https://uk.images.linuxcontainers.org/images/debian/bullseye/arm64/default/
+* Ubuntu https://uk.images.linuxcontainers.org/images/ubuntu/focal/arm64/default/

Linux/Proxmox/Proxmox-SMTPMail.sh

@@ -0,0 +1,34 @@
+#Proxmox Use SMTP to send mail
+#Vars
+MailFromName=$(hostname)
+MailFormAddress=noreply@domain.com
+MailFromServer=mail.provider.com
+MailFromServerPort=465
+MailFromPasswd=<MailBoxPassword>
+MailTo=administrator@domain.com
+
+#install dependencies
+apt install libsasl2-modules -y
+
+#Generating Configs
+echo "[$MailFromServer]:$MailFromServerPort    $MailFormAddress:$MailFromPasswd" > /etc/postfix/sasl_passwd
+echo "/.+/    $MailFromName<$MailFormAddress>" > /etc/postfix/sender_canonical_maps
+echo "/From:.*/ REPLACE From: $MailFromName<$MailFormAddress>" > /etc/postfix/header_check
+sed -i '/relayhost/c\' /etc/postfix/main.cf
+cat << EOF >> /etc/postfix/main.cf
+#Custom PostfixSMTP config
+relayhost = [$MailFromServer]:$MailFromServerPort
+smtp_tls_wrappermode = yes
+smtp_tls_security_level = encrypt
+smtp_use_tls = yes
+smtp_sasl_auth_enable = yes
+smtp_sasl_security_options =
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+sender_canonical_classes = envelope_sender, header_sender
+sender_canonical_maps =  regexp:/etc/postfix/sender_canonical_maps
+smtp_header_checks = regexp:/etc/postfix/header_check
+EOF
+
+postmap /etc/postfix/sasl_passwd
+systemctl restart postfix

Linux/Proxmox/update-lxc-Image.sh

@@ -0,0 +1,23 @@
+curl https://uk.images.linuxcontainers.org/ | awk -F "</*td>|</*tr>" '/<\/*t[rd]>.*/ {print $3, $5, $7, $9, $11}' > /tmp/updatetimestapmps 
+
+#Debian 10 (Buster)
+dbts=$(cat /tmp/updatetimestapmps | grep debian |grep buster |grep cloud| grep amd64 | awk '{ print $5 }') 
+wget https://uk.images.linuxcontainers.org/images/debian/buster/amd64/cloud/"$dbts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyDebianBuster.tar.xz 
+
+#Ubuntu (Bionic Beaver)
+ubts=$(cat /tmp/updatetimestapmps | grep ubuntu |grep bionic |grep cloud| grep amd64 | awk '{ print $5 }') 
+wget https://uk.images.linuxcontainers.org/images/ubuntu/bionic/amd64/cloud/"$ubts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyUbuntuBionicBeaver.tar.xz 
+
+#Ubuntu 20.04 (FocalFossa)
+ufts=$(cat /tmp/updatetimestapmps | grep ubuntu |grep focal |grep cloud| grep amd64 | awk '{ print $5 }') 
+wget https://uk.images.linuxcontainers.org/images/ubuntu/focal/amd64/cloud/"$ufts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyUbuntuFocalFossa.tar.xz
+
+#Centos 8
+c8ts=$(cat /tmp/updatetimestapmps | grep "centos 8" | grep -v '8-Stream' |grep cloud| grep amd64 | awk '{ print $5 }') 
+wget https://uk.images.linuxcontainers.org/images/centos/8/amd64/cloud/"$c8ts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyCentos8.tar.xz
+
+#Alpine 3.12
+alpine312=$(cat /tmp/updatetimestapmps | grep "alpine" | grep '3.12' |grep default| grep amd64 | awk '{ print $5 }') 
+wget https://uk.images.linuxcontainers.org/images/alpine/3.12/amd64/default/"$alpine312"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyAlpine3.12.tar.xz
+
+rm /tmp/updatetimestapmps

Linux/README.md

@@ -1,2 +1,4 @@
-# Priv-Snip
+# Linux Snipits 
 
+
+Meged old linux snipit repo[https://git.bprieshof.nl/brammp/linux]

Linux/Script-examples/DBUG-output.sh

@@ -0,0 +1,15 @@
+# Set debug flag as desired
+DEBUG=1
+# DEBUG=0
+
+if [ "$DEBUG" -eq "1" ]; then
+  OUT='/dev/tty'
+else
+  OUT='/dev/null'
+fi
+
+# actual script use commands like this
+command > $OUT 2>&1
+
+# or like this if you need
+command 2> $OUT

Linux/Script-examples/Options-AsVar_whiptail.sh

@@ -0,0 +1,4 @@
+args=("Option 1:" "Option 1 Desription" OFF)
+args+=("Option 2: " "Option 2 Desription" OFF)
+args+=("Option 3: " "Option 3 Desription" OFF)
+option=$(whiptail --nocancel --title "Title" --checklist "Features" 11 110 5  "${args[@]}" 3>&1 1>&2 2>&3)

Linux/Script-examples/VarModifiers.sh

@@ -0,0 +1,6 @@
+option="${option// /}"	 #Removes Spaces
+option="${option/:/ }"   #First : to Space
+option="${option//:/ }"  #All : to Space
+option="${option//:}"    #Removes :
+option="${option,,}"	 #Removes LowerCase
+option="${option//'"'}"  #Removes "

Linux/Script-examples/bash-script-Flag.sh

@@ -0,0 +1,17 @@
+if [ "$1" != "-l" ]; then
+  echo "Normal mode"
+  IMODE=n
+  fi
+
+if [ "$1" = "-l" ]; then
+  echo "Legacy mode";
+  IMODE=l
+fi
+
+
+
+if [ $IMODE = n ]; then
+ echo "New Menu"
+elif [ $IMODE = l ]; then
+ echo "Legacy Menu"
+fi

Linux/Script-examples/curl-Functions-authchecker.md

@@ -0,0 +1,73 @@
+# Authchecker functions for curl
+## curl keeps asking for password until correct, and downloads file
+
+```
+function getcurlsec { 
+
+local curlurl="$1"
+local curluser="$2"
+local curloutput="$3"
+
+while true; do
+    curl --fail  --user "$curluser" "$curlurl" -o "$curloutput"
+    local EC=$?
+    if [ $EC -eq 0 ]; then
+        break
+    fi
+done
+
+}
+```
+
+Syntax: `getcurlsec <url to download> <username> <output file>`
+
+
+## curl downloads file using given credentials
+
+```
+function getcurlsecwpassword { 
+
+local curlurl="$1"
+local curluser="$2"
+local curlpassword="$3"
+local curloutput="$4"
+    curl --fail  --user "$curluser":"$curlpassword" "$curlurl" -o "$curloutput"
+    local EC=$?
+    if [ $EC -eq 0 ]; then
+        echo "Password correct" 
+    else
+     echo "Password incorrect"
+    fi
+}
+```
+
+Syntax: `getcurlsecwpassword <url to download> <username> <password> <output file>`
+
+
+## curl keeps asking for password until correct, and stores username and password as var
+
+```
+function checkusercurl { 
+
+local curlurl="$1"
+curluser="$2"
+
+while true; do
+	read -s -p "Enter password for user $curluser: " curlpassword
+	echo "";
+    curl -s --fail  --user "$curluser":"$curlpassword" "$curlurl" -o /dev/null
+    local EC=$?
+    if [ $EC -eq 0 ]; then
+        echo "Password correct" 
+		break
+    fi
+	echo "Incorrect password" 
+	unset curlpassword
+done
+
+}
+```
+
+Syntax:  `checkusercurl <url to authenticate against> <username>`  
+username wil become var: curluser  
+password wil become var: $curlpassword

Linux/Scripts/Deb11Upgrade_Basic.sh

@@ -0,0 +1,61 @@
+#!/bin/bash
+
+#####################################################################
+# @description:                                                     #
+#   Debian 10 to Debian 11 upgrade tool for basic debian 10 system  #
+#                                                                   #
+# @author: Bram Prieshof                                            #
+#####################################################################
+
+#ScriptVars
+UpgradeDist=deb11
+InstalledOptions=("${SelectedOptions[@]}" "${EnabledAons[@]}")
+Sysup2Date=no
+
+#OS Detection
+dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release")
+dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release")
+
+if [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then
+ CurDist=deb10
+else
+ echo "This OS in not eligible for this upgrade"
+ exit
+fi
+
+#PackageManager-config
+PKGM=apt
+PKGUC="$PKGM update"
+PKGUP="$PKGM upgrade -y"
+PKGI="${PKGM} install -y --no-install-recommends"
+
+#Update current release
+if [ $Sysup2Date = no ]; then
+    echo "The system will now update the packages for the current release"
+    read -r -s -p $'Press enter to continue, or ctrl+c to quit'
+    $PKGUC
+    DEBIAN_FRONTEND=noninteractive $PKGUP -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold"
+    $PKGM dist-upgrade -y
+    $PKGM clean all
+    $PKGM autoremove -y
+    sed -i -e '/Sysup2Date=no/c\Sysup2Date=yes' "$0"
+    echo "The current release is up to date,"
+    echo "please reboot the system and re-run this scipt to continue"
+    exit
+fi
+
+echo "The system will now update the repositories to the new release and update all packages"
+read -r -s -p $'Press enter to continue, or ctrl+c to quit'
+
+#Update Debian repo's
+sed -i -e 's/buster/bullseye/g' -e 's#http://security.debian.org/debian-security#https://deb.debian.org/debian-security#g' -e 's#http://security.debian.org#https://deb.debian.org/debian-security#g' -e 's#bullseye/updates#bullseye-security#g'   /etc/apt/sources.list
+#Update Hetzner mirrror repo's
+sed -i -e 's/buster/bullseye/g' /etc/apt/sources.list.d/hetzner* -e 's#bullseye/updates#bullseye-security#g' /etc/apt/sources.list.d/hetzner*
+
+#Running updates
+$PKGM update
+DEBIAN_FRONTEND=noninteractive $PKGUP --without-new-pkgs -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold"
+DEBIAN_FRONTEND=noninteractive $PKGM full-upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold"
+$PKGM autoremove -y
+
+echo "Upgrade finished, please reboot the system"

Linux/Scripts/MicroNas/Centos-MicroNas.sh

@@ -0,0 +1,58 @@
+#ProxmoxCT Note use privileged container with nesting enabled  #
+
+#EPEL Repo
+rpm --rebuilddb
+dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
+
+#Webmin repo
+cat << 'EOF' >> /etc/yum.repos.d/webmin.repo 
+[Webmin]
+name=Webmin
+#baseurl=https://download.webmin.com/download/yum
+mirrorlist=https://download.webmin.com/download/yum/mirrorlist
+enabled=1
+EOF
+rpm --import https://download.webmin.com/jcameron-key.asc
+
+#Install
+dnf --setopt=install_weak_deps=False --best --refresh -y install samba samba-common cronie nfs-utils webmin openssh-server nano nload htop avahi wsdd
+
+#Webin config
+service webmin stop
+systemctl start webmin
+sed -i -e '/port=/c\port=80' -e 's/ssl=/c\ssl=0/g' -e 's/ipv6=/c\ipv6=0/g' /etc/webmin/miniserv.conf
+echo "servers=Services & Tools" >> /etc/webmin/webmin.catnames
+cat << 'EOF' >> /etc/webmin/webmin.cats
+filter=cluster 
+exports=servers
+filemin=servers
+useradmin=servers
+mailboxes=
+EOF
+
+#Samba config
+sed -i -e '/map to guest =/c\map to guest = never' /etc/samba/smb.conf
+
+#Avahi config
+cat << 'EOF' >> /etc/avahi/services/smb.service
+<?xml version="1.0" standalone='no'?>
+<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+<service-group>
+ <name replace-wildcards="yes">%h</name>
+ <service>
+   <type>_smb._tcp</type>
+   <port>445</port>
+ </service>
+ <service>
+   <type>_device-info._tcp</type>
+   <port>0</port>
+   <txt-record>model=RackMac</txt-record>
+ </service>
+</service-group>
+EOF
+
+#Restart services
+service webmin stop
+systemctl enable --now smb nfs-server webmin avahi-daemon wsdd
+systemctl restart smb nfs-server webmin avahi-daemon wsdd

Linux/Scripts/MicroNas/Debian-MicroNas.sh

@@ -0,0 +1,55 @@
+#ProxmoxCT Note use privileged container with nesting enabled  #
+
+#Prerequisite packages
+export DEBIAN_FRONTEND=noninteractive
+apt install --no-install-recommends wget gnupg2 apt-transport-https -y
+
+#Webin repo
+wget -qO - https://download.webmin.com/jcameron-key.asc | sudo apt-key add -
+echo "deb https://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list
+
+#Wsdd(Web Service Discovery host daemon) repo
+wget -O - https://pkg.ltec.ch/public/conf/ltec-ag.gpg.key|apt-key add -
+echo "deb https://pkg.ltec.ch/public/ `lsb_release -cs` main" > /etc/apt/sources.list.d/wsdd.list
+
+#Install
+apt update
+debconf-set-selections <<<"samba-common samba-common/do_debconf boolean true"
+apt install --no-install-recommends samba samba-vfs-modules cron nfs-kernel-server webmin openssh-server nano nload htop avahi-daemon avahi-utils wsdd -y
+
+#Webmin config
+sed -i -e '/port=/c\port=80' -e 's/ssl=/c\ssl=0/g' -e 's/ipv6=/c\ipv6=0/g' /etc/webmin/miniserv.conf
+echo "servers=Services & Tools" >> /etc/webmin/webmin.catnames
+cat << 'EOF' >> /etc/webmin/webmin.cats
+filter=cluster 
+exports=servers
+filemin=servers
+useradmin=servers
+mailboxes=
+EOF
+
+
+#Samba config
+sed -i -e '/map to guest =/c\map to guest = never' /etc/samba/smb.conf
+
+#Avahi config
+cat << 'EOF' >> /etc/avahi/services/smb.service
+<?xml version="1.0" standalone='no'?>
+<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+<service-group>
+ <name replace-wildcards="yes">%h</name>
+ <service>
+   <type>_smb._tcp</type>
+   <port>445</port>
+ </service>
+ <service>
+   <type>_device-info._tcp</type>
+   <port>0</port>
+   <txt-record>model=RackMac</txt-record>
+ </service>
+</service-group>
+EOF
+
+#Restart services
+systemctl enable --now smbd nfs-kernel-server webmin avahi-daemon wsdd
+systemctl restart smbd nfs-kernel-server webmin avahi-daemon wsdd

Linux/Scripts/Mysql-alternate-Repo-Setup-DebUbu.sh

@@ -0,0 +1,5 @@
+Dist=$(grep -oP '(?<=^ID=).+' /etc/os-release | tr -d '"')
+DistVersion=$(grep -oP '(?<=^VERSION_CODENAME=).+' /etc/os-release | tr -d '"')
+
+wget -qO - http://repo.mysql.com/RPM-GPG-KEY-mysql | apt-key add -
+echo "deb http://repo.mysql.com/apt/"$Dist"/ "$DistVersion" mysql-8.0" >/etc/apt/sources.list.d/mysql.list

Linux/Scripts/Ufw-AddCustomRule-SSH_4242.sh

@@ -0,0 +1,39 @@
+###############################################################
+# @description:                                               #
+#   Add Custom rule to UFW for limiting ssh(4242/tcp)         #
+#                                                             #
+# @author: Bram Prieshof                                      #
+###############################################################
+
+#Sed in a function to detect line from $FindLine and insert the content of $AddLine on a new line above the match
+UpdateFile () {
+    file="$1"
+    sed -i 's/'"$FindLine"'/'"$AddLine"'\n&/g' $file
+    unset FindLine AddLine
+}
+
+#Delete Existng SSH(4242/tcp) rule(s)
+ufw delete limit 4242/tcp
+
+#Add needed filters (IPv4)
+FindLine="# End required lines"
+AddLine=":ufw-user-limit - [0:0]\n:ufw-user-limit-accept - [0:0]"
+UpdateFile /etc/ufw/after.rules
+
+#Add needed filters (IPv6)
+FindLine="# End required lines"
+AddLine=":ufw6-user-limit - [0:0]\n:ufw6-user-limit-accept - [0:0]"
+UpdateFile /etc/ufw/after6.rules
+
+#Add custom SSH(4242/tcp) limit rule (IPv4)
+FindLine="# don't delete the 'COMMIT' line or these rules won't be processed"
+AddLine="### SSH limit tcp\n-A ufw-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --set\n-A ufw-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 15 -j ufw-user-limit\n-A ufw-after-input -p tcp --dport 4242 -j ufw-user-limit-accept\n"
+UpdateFile /etc/ufw/after.rules
+
+#Add custom SSH(4242/tcp) limit rule (IPv6)
+FindLine="# don't delete the 'COMMIT' line or these rules won't be processed"
+AddLine="### SSH limit tcp\n-A ufw6-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --set\n-A ufw6-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 15 -j ufw6-user-limit\n-A ufw6-after-input -p tcp --dport 4242 -j ufw6-user-limit-accept\n"
+UpdateFile /etc/ufw/after6.rules
+
+#Reload ufw rules
+ufw reload

Linux/Scripts/Web/kweb.sh

@@ -0,0 +1,10 @@
+service php-fpm53 stop
+service php-fpm54 stop
+service php-fpm55 stop
+service php-fpm56 stop
+service php-fpm70 stop
+service php-fpm71 stop
+service php-fpm72 stop
+service php-fpm73 stop
+service httpd stop
+service nginx stop

Linux/Scripts/Web/rweb.sh

@@ -0,0 +1,10 @@
+service php-fpm53 restart
+service php-fpm54 restart
+service php-fpm55 restart
+service php-fpm56 restart
+service php-fpm70 restart
+service php-fpm71 restart
+service php-fpm72 restart
+service php-fpm73 restart
+service httpd restart
+service nginx restart

Linux/Scripts/Web/servstat.sh

@@ -0,0 +1,10 @@
+service php-fpm53 status
+service php-fpm54 status
+service php-fpm55 status
+service php-fpm56 status
+service php-fpm70 status
+service php-fpm71 status
+service php-fpm72 status
+service php-fpm73 status
+service httpd status
+service nginx status

Linux/Scripts/Web/sweb.sh

@@ -0,0 +1,10 @@
+service php-fpm53 start
+service php-fpm54 start
+service php-fpm55 start
+service php-fpm56 start
+service php-fpm70 start
+service php-fpm71 start
+service php-fpm72 start
+service php-fpm73 start
+service httpd start
+service nginx start

Linux/Scripts/detect-os-V1.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+source /etc/os-release
+
+#echo used Vars for testing only
+echo $VERSION
+
+#formaring $VERSION to a useable fromat
+VERSION=$(echo $VERSION | grep -o '[0-9]\+.' | tr -d '\n')
+
+#echo used Vars for testing only
+echo $ID
+echo $VERSION
+
+#example if statement
+
+if [ "$ID" = "debian" ]; then
+	echo "Execute Commands"
+elif [ "$ID" = "ubuntu" ]; then
+    echo "Executue Ubuntu version detection"
+    if [[ "$VERSION" == "18.04"* ]]; then
+            echo "this ubuntu Ubuntu 18.04"
+		elif [[ "$VERSION" == "16.04"* ]]; then
+        	echo "this ubuntu 16.04"
+        else 
+            echo "this version of ubuntu is not yet supported"
+      fi  
+elif [ "$ID" = "centos" ]; then
+    echo "Executue Centos Commands"
+elif [ "$ID" = "rhel" ]; then
+    echo "Executue Red hat enterpise Linux Commands"
+else 
+	echo "this OS is not yet supported"
+fi

Linux/Scripts/detect-os-V2.sh

@@ -0,0 +1,21 @@
+dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release")
+dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release")
+
+if [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"18.04"* ]]; then
+ echo "Ubuntu 18.04 Detected"
+ shortdist=ubu1804
+elif [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"20.04"* ]]; then
+ echo "Ubuntu 20.04 Detected"
+ shortdist=ubu2004 
+elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then
+ echo "Debian 10 Detected"
+ shortdist=deb10 
+elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then
+ echo "Centos 8 Detected"
+ shortdist=cent10 
+else
+ echo "This OS in not supported"
+fi
+
+unset dist_ver
+unset dist

Linux/Scripts/git-UpdateCheck.sh

@@ -0,0 +1,18 @@
+#Git update checker
+## Will folow localy checked-out branch
+## Make sure localy altered files (config,upload folder, etc) are setup in .gitignore
+git remote update
+
+UPSTREAM=${1:-'@{u}'}
+LOCAL=$(git rev-parse @)
+REMOTE=$(git rev-parse "$UPSTREAM")
+BASE=$(git merge-base @ "$UPSTREAM")
+
+if [ $LOCAL = $REMOTE ]; then
+    echo "Up-to-date"
+elif [ $LOCAL = $BASE ]; then
+    echo "Update available, Pulling form git"
+    git pull
+else
+    echo "Diverged"
+fi

Linux/Scripts/sftpSpliting.sh

@@ -13,7 +13,7 @@ apt install bindfs -y
 groupadd $webname
 useradd $webname -g $webname
 mkdir -p /home/$webname/.ssh
-echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOtJ4ZiLi+SntA3m54oEJjlA8bE73gggkhGjOaVHsLNo6YmKtZlPaxwWiGvoATv4Vm41WWxKbUWbYGHVTe8DusqKpf/JCgB1r/8rQe828qwaEGXWGxta1Ykq+ndDeBLFGhVp0nNdcnND5HIwarEW4zhBDXUMzYw7IBxPYb48tVIobs/yPN6nSWT2G8FX7XDJNifS+ThVLnCHHS3i/uio8b8jz1oT2s6UH09EBwxg99+0yVaSQV2q8CthDZ8rSgz8pAhQ6FwVfUd9c/PQjtbUSQStvKvr3muv5Q8UnzAvKiO83rsM91aDwv0E6kqpB77BrkpfQXOJNDmdqlnsa2AlkL ICTMaatwerk@Key" >> /home/$webname/.ssh/authorized_keys
+echo "ExampleKey" >> /home/$webname/.ssh/authorized_keys
 chown -R $webname:$webname /home/$webname
 
 

Linux/Scripts/tc/Setup-TC-Generic-Kiosk.sh

@@ -0,0 +1,168 @@
+#!/bin/bash
+
+#########Tested on#########
+##     Debian 9(i386)    ##
+# Hp t5740e               #
+##     Debian 9(amd64)   ##
+# Dell Optiplex Fx160     #
+###########################
+
+
+echo "Debian 9 Thin client install script."
+echo "Full url including http(s)://:"
+read url
+
+
+apt update
+
+# get software
+apt install xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes -y
+
+# dir
+mkdir -p /home/kiosk/.config/openbox
+
+mkdir -p /home/kiosk/Bureaublad
+# create group
+groupadd kiosk
+
+# create user if not exists
+id -u kiosk &>/dev/null || useradd -m kiosk -g kiosk -s /bin/bash 
+
+# rights
+chown -R kiosk:kiosk /home/kiosk
+
+# create config
+echo oldurl=${url} > /var/log/browserurl.log
+
+sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
+
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/grub-4x3.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-4x3.png
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/grub-16x9.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-16x9.png
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/joy-ictm.tar.gz -O /tmp/joy-ictm.tar.gz
+tar -zxf /tmp/joy-ictm.tar.gz -C /usr/share/plymouth/themes/
+
+sed -i 's|GRUB_TIMEOUT=5|GRUB_TIMEOUT=1|g' /etc/default/grub
+sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT="quiet"|GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"|g' /etc/default/grub
+update-grub
+plymouth-set-default-theme -R joy-ictm
+
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/20auto-upgrades -O /etc/apt/apt.conf.d/20auto-upgrades
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/50unattended-upgrades -O /etc/apt/apt.conf.d/50unattended-upgrades
+
+if [ -e "/etc/lightdm/lightdm.conf" ]; then
+  mv /etc/lightdm/lightdm.conf /etc/lightdm/lightdm.conf.backup
+fi
+cat > /etc/lightdm/lightdm.conf << EOF
+[SeatDefaults]
+autologin-user=kiosk
+EOF
+
+# create autostart
+if [ -e "/home/kiosk/.config/openbox/autostart" ]; then
+  mv /home/kiosk/.config/openbox/autostart /home/kiosk/.config/openbox/autostart.backup
+fi
+
+cat > /home/kiosk/.config/openbox/autostart << EOF
+#!/bin/bash
+sleep 1; spacefm --desktop &
+  chromium \
+    --no-first-run \
+    --disable \
+    --disable-translate \
+    --disable-infobars \
+    --disable-suggestions-service \
+    --disable-save-password-bubble \
+    --disable-session-crashed-bubble \
+    --incognito \
+	"${url}"
+EOF
+
+#creating app files
+
+cat > /home/kiosk/Bureaublad/chromium.desktop << EOF
+[Desktop Entry]
+Version=1.0
+Name=Chromium 
+GenericName=Web Browser
+GenericName[nl]=Webbrowser
+Comment=Access the Internet
+Comment[nl]=Verbinding maken met internet
+Exec=/usr/bin/chromium --no-first-run --disable --disable-translate --disable-infobars --disable-suggestions-service --disable-save-password-bubble --disable-session-crashed-bubble --incognito ${url}
+Terminal=false
+X-MultipleArgs=false
+Type=Application
+Icon=chromium.png
+Categories=Network;WebBrowser;
+MimeType=text/html;text/xml;application/xhtml_xml;application/x-mimearchive;x-scheme-handler/http;x-scheme-handler/https;
+StartupWMClass=chromium
+StartupNotify=true
+EOF
+
+cat > /home/kiosk/Bureaublad/nedit.desktop << EOF
+[Desktop Entry]
+Version=1.0
+Name=NEdit
+Name[en]=NEdit 
+Name[nl]=NEdit
+Exec=nedit-nc %F
+Icon=nedit
+Terminal=false
+Type=Application
+MimeType=text/plain;
+Categories=Motif;Utility;TextTools;
+Keywords=Customizable;Scripts;Powerful;
+GenericName=Text Editor
+GenericName[en]=Text Editor
+GenericName[nl]=Tekstverwerker
+EOF
+
+cat > /home/kiosk/Bureaublad/shutdown.desktop << EOF
+[Desktop Entry]
+Encoding=UTF-8
+Version=1.0
+Type=Application
+Terminal=false
+Exec=shutdown-menu
+Name=Shutdown
+Icon=/usr/share/icons/Adwaita/64x64/actions/system-shutdown-symbolic.symbolic.png
+EOF
+
+cp -r /home/kiosk/Bureaublad/ /home/kiosk/Desktop
+
+# rights for apps folder
+chown -R kiosk:kiosk /home/kiosk/Bureaublad
+chown -R kiosk:kiosk /home/kiosk/Desktop
+
+
+# setting user power privileges
+cat > /etc/sudoers.d/powerctl << EOF
+# Cmnd alias specification
+Cmnd_Alias      SHUTDOWN = /sbin/shutdown
+Cmnd_Alias      REBOOT = /sbin/reboot
+
+# User privilege specification
+kiosk ALL=SHUTDOWN
+kiosk ALL=NOPASSWD: SHUTDOWN
+kiosk ALL=REBOOT
+kiosk ALL=NOPASSWD: REBOOT
+EOF
+
+cat > /usr/bin/shutdown-menu << EOF
+gmessage "Weet u zeker dat u de computer wilt afsluiten?" -center -title "Shutdown" -font "Sans bold 10" -default "Cancel" -buttons "_Annuleren":1,"_Opnieuw opstarten":3,"_Afsluiten":4 >/dev/null
+
+case \$? in
+1)
+echo "Exit";;
+3)
+pkill spacefm
+sudo shutdown -r now;;
+4)
+pkill spacefm
+sudo shutdown -h now;;
+esac
+EOF
+chmod 775 /usr/bin/shutdown-menu
+
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/update-url.sh -O /root/update-url.sh 
+
+echo "Done!"

Linux/Scripts/tc/Setup-TC-t510-Kiosk.sh

@@ -0,0 +1,176 @@
+#!/bin/bash
+
+#######Made for:#######
+##     Debian 9      ##
+# Hp t510             #
+#######################
+
+echo "Debian 9 Thin client install script."
+echo "Full url including http(s)://:"
+read url
+
+apt-get update
+
+
+# get software
+apt-get install xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes xserver-xorg-video-openchrome -y
+
+# dir
+mkdir -p /home/kiosk/.config/openbox
+mkdir -p /home/kiosk/Bureaublad
+
+# create group
+groupadd kiosk
+
+# create user if not exists
+id -u kiosk &>/dev/null || useradd -m kiosk -g kiosk -s /bin/bash 
+
+# rights
+chown -R kiosk:kiosk /home/kiosk
+
+# create config
+echo oldurl=${url} > /var/log/browserurl.log
+
+sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
+
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/grub-4x3.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-4x3.png
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/grub-16x9.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-16x9.png
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/gui/joy-ictm.tar.gz -O /tmp/joy-ictm.tar.gz
+tar -zxf /tmp/joy-ictm.tar.gz -C /usr/share/plymouth/themes/
+
+sed -i 's|GRUB_TIMEOUT=5|GRUB_TIMEOUT=1|g' /etc/default/grub
+sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT="quiet"|GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"|g' /etc/default/grub
+update-grub
+plymouth-set-default-theme -R joy-ictm
+
+
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/20auto-upgrades -O /etc/apt/apt.conf.d/20auto-upgrades
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/config/50unattended-upgrades -O /etc/apt/apt.conf.d/50unattended-upgrades
+
+if [ -e "/etc/lightdm/lightdm.conf" ]; then
+  mv /etc/lightdm/lightdm.conf /etc/lightdm/lightdm.conf.backup
+fi
+cat > /etc/lightdm/lightdm.conf << EOF
+[SeatDefaults]
+autologin-user=kiosk
+EOF
+
+# create autostart
+if [ -e "/home/kiosk/.config/openbox/autostart" ]; then
+  mv /home/kiosk/.config/openbox/autostart /home/kiosk/.config/openbox/autostart.backup
+fi
+
+cat > /home/kiosk/.config/openbox/autostart << EOF
+#!/bin/bash
+sleep 1; spacefm --desktop &
+  chromium \
+    --no-first-run \
+    --disable \
+    --disable-translate \
+    --disable-infobars \
+    --disable-suggestions-service \
+    --disable-save-password-bubble \
+    --disable-session-crashed-bubble \
+    --incognito \
+	"${url}"
+EOF
+
+#creating app files
+
+cat > /home/kiosk/Bureaublad/chromium.desktop << EOF
+[Desktop Entry]
+Version=1.0
+Name=Chromium 
+GenericName=Web Browser
+GenericName[nl]=Webbrowser
+Comment=Access the Internet
+Comment[nl]=Verbinding maken met internet
+Exec=/usr/bin/chromium --no-first-run --disable --disable-translate --disable-infobars --disable-suggestions-service --disable-save-password-bubble --disable-session-crashed-bubble --incognito ${url}
+Terminal=false
+X-MultipleArgs=false
+Type=Application
+Icon=chromium.png
+Categories=Network;WebBrowser;
+MimeType=text/html;text/xml;application/xhtml_xml;application/x-mimearchive;x-scheme-handler/http;x-scheme-handler/https;
+StartupWMClass=chromium
+StartupNotify=true
+EOF
+
+cat > /home/kiosk/Bureaublad/nedit.desktop << EOF
+[Desktop Entry]
+Version=1.0
+Name=NEdit
+Name[en]=NEdit 
+Name[nl]=NEdit
+Exec=nedit-nc %F
+Icon=nedit
+Terminal=false
+Type=Application
+MimeType=text/plain;
+Categories=Motif;Utility;TextTools;
+Keywords=Customizable;Scripts;Powerful;
+GenericName=Text Editor
+GenericName[en]=Text Editor
+GenericName[nl]=Tekstverwerker
+EOF
+
+cat > /home/kiosk/Bureaublad/shutdown.desktop << EOF
+[Desktop Entry]
+Encoding=UTF-8
+Version=1.0
+Type=Application
+Terminal=false
+Exec=shutdown-menu
+Name=Shutdown
+Icon=/usr/share/icons/Adwaita/64x64/actions/system-shutdown-symbolic.symbolic.png
+EOF
+
+cp -r /home/kiosk/Bureaublad/ /home/kiosk/Desktop
+
+# rights for apps folder
+chown -R kiosk:kiosk /home/kiosk/Bureaublad
+chown -R kiosk:kiosk /home/kiosk/Desktop
+
+
+# setting user power privileges
+cat > /etc/sudoers.d/powerctl << EOF
+# Cmnd alias specification
+Cmnd_Alias      SHUTDOWN = /sbin/shutdown
+Cmnd_Alias      REBOOT = /sbin/reboot
+
+# User privilege specification
+kiosk ALL=SHUTDOWN
+kiosk ALL=NOPASSWD: SHUTDOWN
+kiosk ALL=REBOOT
+kiosk ALL=NOPASSWD: REBOOT
+EOF
+
+cat > /usr/bin/shutdown-menu << EOF
+gmessage "Weet u zeker dat u de computer wilt afsluiten?" -center -title "Shutdown" -font "Sans bold 10" -default "Cancel" -buttons "_Annuleren":1,"_Opnieuw opstarten":3,"_Afsluiten":4 >/dev/null
+
+case \$? in
+1)
+echo "Exit";;
+3)
+pkill spacefm
+sudo shutdown -r now;;
+4)
+pkill spacefm
+sudo shutdown -h now;;
+esac
+EOF
+chmod 775 /usr/bin/shutdown-menu
+
+
+wget https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/update-url.sh -O /root/update-url.sh 
+
+cat > /etc/modprobe.d/blacklist-framebuffer.conf << EOF
+blacklist tridentfb
+blacklist vesafb
+blacklist vfb
+blacklist viafb
+blacklist vt8623fb
+blacklist udlfb
+EOF
+
+echo "Done!"

Linux/Scripts/tc/config/20auto-upgrades

@@ -0,0 +1,4 @@
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::AutocleanInterval "7";
+APT::Periodic::Unattended-Upgrade "1";

Linux/Scripts/tc/config/50unattended-upgrades

@@ -0,0 +1,25 @@
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::AutocleanInterval "7";
+APT::Periodic::Unattended-Upgrade "1";
+Unattended-Upgrade::Mail "root";
+
+// Automatically upgrade packages from these 
+Unattended-Upgrade::Origins-Pattern {
+      "o=Debian,a=stable";
+      "o=Debian,a=stable-updates";
+      "o=Debian,a=proposed-updates";
+      "origin=Debian,codename=${distro_codename},label=Debian-Security";
+};
+
+// You can specify your own packages to NOT automatically upgrade here
+Unattended-Upgrade::Package-Blacklist {
+//      "vim";
+//      "libc6";
+//      "libc6-dev";
+//      "libc6-i686";
+
+};
+
+Unattended-Upgrade::MailOnlyOnError "false";
+Unattended-Upgrade::Automatic-Reboot "false";

Linux/Scripts/tc/debian-generic-preseed.txt

@@ -0,0 +1,277 @@
+#### Contents of the preconfiguration file (for stretch)
+### Localization
+# Preseeding only locale sets language, country and locale.
+#d-i debian-installer/locale string en_US
+
+# The values can also be preseeded individually for greater flexibility.
+d-i debian-installer/language string nl
+d-i debian-installer/country string NL
+d-i debian-installer/locale string nl_NL.UTF-8
+# Optionally specify additional locales to be generated.
+#d-i localechooser/supported-locales multiselect en_US.UTF-8, nl_NL.UTF-8
+
+# Keyboard selection.
+d-i keyboard-configuration/xkb-keymap select us
+# d-i keyboard-configuration/toggle select No toggling
+
+### Network configuration
+# Disable network configuration entirely. This is useful for cdrom
+# installations on non-networked devices where the network questions,
+# warning and long timeouts are a nuisance.
+#d-i netcfg/enable boolean false
+
+# netcfg will choose an interface that has link if possible. This makes it
+# skip displaying a list if there is more than one interface.
+d-i netcfg/choose_interface select auto
+
+# To pick a particular interface instead:
+#d-i netcfg/choose_interface select eth1
+
+# To set a different link detection timeout (default is 3 seconds).
+# Values are interpreted as seconds.
+#d-i netcfg/link_wait_timeout string 10
+
+# If you have a slow dhcp server and the installer times out waiting for
+# it, this might be useful.
+#d-i netcfg/dhcp_timeout string 60
+#d-i netcfg/dhcpv6_timeout string 60
+
+# If you prefer to configure the network manually, uncomment this line and
+# the static network configuration below.
+#d-i netcfg/disable_autoconfig boolean true
+
+
+# Any hostname and domain names assigned from dhcp take precedence over
+# values set here. However, setting the values still prevents the questions
+# from being shown, even if values come from dhcp.
+d-i netcfg/get_hostname string Thin-Client
+d-i netcfg/get_domain string 
+
+# If you want to force a hostname, regardless of what either the DHCP
+# server returns or what the reverse DNS entry for the IP is, uncomment
+# and adjust the following line.
+#d-i netcfg/hostname string somehost
+
+# Disable that annoying WEP key dialog.
+d-i netcfg/wireless_wep string
+# The wacky dhcp hostname that some ISPs use as a password of sorts.
+#d-i netcfg/dhcp_hostname string radish
+
+# If non-free firmware is needed for the network or other hardware, you can
+# configure the installer to always try to load it, without prompting. Or
+# change to false to disable asking.
+#d-i hw-detect/load_firmware boolean true
+
+### Network console
+# Use the following settings if you wish to make use of the network-console
+# component for remote installation over SSH. This only makes sense if you
+# intend to perform the remainder of the installation manually.
+#d-i anna/choose_modules string network-console
+#d-i network-console/authorized_keys_url string http://10.0.0.1/openssh-key
+#d-i network-console/password password r00tme
+#d-i network-console/password-again password r00tme
+
+### Mirror settings
+# If you select ftp, the mirror/country string does not need to be set.
+#d-i mirror/protocol string ftp
+d-i mirror/country string manual
+d-i mirror/http/hostname string ftp.nl.debian.org
+d-i mirror/http/directory string /debian
+d-i mirror/http/proxy string
+
+# Suite to install.
+#d-i mirror/suite string testing
+# Suite to use for loading installer components (optional).
+#d-i mirror/udeb/suite string testing
+
+### Account setup
+# Skip creation of a root account (normal user account will be able to
+# use sudo).
+#d-i passwd/root-login boolean false
+# Alternatively, to skip creation of a normal user account.
+d-i passwd/make-user boolean false
+
+# Root password, either in clear text
+#d-i passwd/root-password password r00tme
+#d-i passwd/root-password-again password r00tme
+# or encrypted using a crypt(3)  hash.
+#d-i passwd/root-password-crypted password [crypt(3) hash]
+
+
+### Clock and time zone setup
+# Controls whether or not the hardware clock is set to UTC.
+d-i clock-setup/utc boolean true
+
+# You may set this to any valid setting for $TZ; see the contents of
+# /usr/share/zoneinfo/ for valid values.
+d-i time/zone string Europe/Amsterdam
+
+# Controls whether to use NTP to set the clock during the install
+d-i clock-setup/ntp boolean true
+# NTP server to use. The default is almost always fine here.
+#d-i clock-setup/ntp-server string ntp.example.com
+
+### Partitioning
+## Partitioning example
+# If the system has free space you can choose to only partition that space.
+# This is only honoured if partman-auto/method (below) is not set.
+#d-i partman-auto/init_automatically_partition select biggest_free
+
+# Alternatively, you may specify a disk to partition. If the system has only
+# one disk the installer will default to using that, but otherwise the device
+# name must be given in traditional, non-devfs format (so e.g. /dev/sda
+# and not e.g. /dev/discs/disc0/disc).
+# For example, to use the first SCSI/SATA hard disk:
+#d-i partman-auto/disk string /dev/sda
+# In addition, you'll need to specify the method to use.
+# The presently available methods are:
+# - regular: use the usual partition types for your architecture
+# - lvm:     use LVM to partition the disk
+# - crypto:  use LVM within an encrypted partition
+d-i partman-auto/method string regular
+
+# If one of the disks that are going to be automatically partitioned
+# contains an old LVM configuration, the user will normally receive a
+# warning. This can be preseeded away...
+#d-i partman-lvm/device_remove_lvm boolean true
+# The same applies to pre-existing software RAID array:
+d-i partman-md/device_remove_md boolean true
+# And the same goes for the confirmation to write the lvm partitions.
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+
+# You can choose one of the three predefined partitioning recipes:
+# - atomic: all files in one partition
+# - home:   separate /home partition
+# - multi:  separate /home, /var, and /tmp partitions
+d-i partman-auto/choose_recipe select atomic
+
+
+
+# This makes partman automatically partition without confirmation.
+d-i partman-md/confirm boolean true
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+
+## Controlling how partitions are mounted
+# The default is to mount by UUID, but you can also choose "traditional" to
+# use traditional device names, or "label" to try filesystem labels before
+# falling back to UUIDs.
+#d-i partman/mount_style select uuid
+
+### Base system installation
+# Configure APT to not install recommended packages by default. Use of this
+# option can result in an incomplete system and should only be used by very
+# experienced users.
+#d-i base-installer/install-recommends boolean false
+
+# The kernel image (meta) package to be installed; "none" can be used if no
+# kernel is to be installed.
+#d-i base-installer/kernel/image string linux-image-686
+
+### Apt setup
+# You can choose to install non-free and contrib software.
+d-i apt-setup/non-free boolean true
+d-i apt-setup/contrib boolean true
+
+# Uncomment this to add multiarch configuration for i386
+#d-i apt-setup/multiarch string i386
+
+
+### Package selection
+tasksel tasksel/first multiselect standard
+
+# Individual additional packages to install
+d-i pkgsel/include string openssh-server xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes
+
+# Some versions of the installer can report back on what software you have
+# installed, and what software you use. The default is not to report back,
+# but sending reports helps the project determine what software is most
+# popular and include it on CDs.
+#popularity-contest popularity-contest/participate boolean false
+
+### Boot loader installation
+# Grub is the default boot loader (for x86). If you want lilo installed
+# instead, uncomment this:
+#d-i grub-installer/skip boolean true
+# To also skip installing lilo, and install no bootloader, uncomment this
+# too:
+#d-i lilo-installer/skip boolean true
+
+
+# This is fairly safe to set, it makes grub install automatically to the MBR
+# if no other operating system is detected on the machine.
+###d-i grub-installer/only_debian boolean true
+
+# This one makes grub-installer install to the MBR if it also finds some other
+# OS, which is less safe as it might not be able to boot that other OS.
+###d-i grub-installer/with_other_os boolean true
+
+# Due notably to potential USB sticks, the location of the MBR can not be
+# determined safely in general, so this needs to be specified:
+#d-i grub-installer/bootdev  string /dev/sda
+# To install to the first device (assuming it is not a USB stick):
+#d-i grub-installer/bootdev  string default
+
+
+# Use the following option to add additional boot parameters for the
+# installed system (if supported by the bootloader installer).
+# Note: options passed to the installer will be added automatically.
+#d-i debian-installer/add-kernel-opts string nousb
+
+### Finishing up the installation
+# During installations from serial console, the regular virtual consoles
+# (VT1-VT6) are normally disabled in /etc/inittab. Uncomment the next
+# line to prevent this.
+#d-i finish-install/keep-consoles boolean true
+
+# Avoid that last message about the install being complete.
+d-i finish-install/reboot_in_progress note
+
+# This will prevent the installer from ejecting the CD during the reboot,
+# which is useful in some situations.
+#d-i cdrom-detect/eject boolean false
+
+# This is how to make the installer shutdown when finished, but not
+# reboot into the installed system.
+#d-i debian-installer/exit/halt boolean true
+# This will power off the machine instead of just halting it.
+#d-i debian-installer/exit/poweroff boolean true
+
+### Preseeding other packages
+# Depending on what software you choose to install, or if things go wrong
+# during the installation process, it's possible that other questions may
+# be asked. You can preseed those too, of course. To get a list of every
+# possible question that could be asked during an install, do an
+# installation, and then run these commands:
+#   debconf-get-selections --installer > file
+#   debconf-get-selections >> file
+
+
+#### Advanced options
+### Running custom commands during the installation
+# d-i preseeding is inherently not secure. Nothing in the installer checks
+# for attempts at buffer overflows or other exploits of the values of a
+# preconfiguration file like this one. Only use preconfiguration files from
+# trusted locations! To drive that home, and because it's generally useful,
+# here's a way to run any shell command you'd like inside the installer,
+# automatically.
+
+# This first command is run as early as possible, just after
+# preseeding is read.
+#d-i preseed/early_command string anna-install some-udeb
+# This command is run immediately before the partitioner starts. It may be
+# useful to apply dynamic partitioner preseeding that depends on the state
+# of the disks (which may not be visible when preseed/early_command runs).
+#d-i partman/early_command \
+#       string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"
+# This command is run just before the install finishes, but when there is
+# still a usable /target directory. You can chroot to /target and use it
+# directly, or use the apt-install and in-target commands to easily install
+# packages and run commands in the target system.
+d-i preseed/late_command string \
+in-target wget -O /root/Setup-TC-Generic-Kiosk.sh https://git.bprieshof.nl/brammp/SnipitRepo/raw/branch/main/Linux/Scripts/tc/Setup-TC-Generic-Kiosk.sh # ; \
+#in-target bash /root/Setup-TC-Generic-Kiosk.sh
+

Linux/Scripts/tc/update-url.sh

@@ -0,0 +1,13 @@
+echo "Thin client url updater."
+echo "enter the full url including http(s)://"
+read url
+
+source /var/log/browserurl.log
+
+sed -i "s|$oldurl|$url|g" /home/kiosk/Bureaublad/chromium.desktop
+sed -i "s|$oldurl|$url|g" /home/kiosk/Desktop/chromium.desktop
+sed -i "s|$oldurl|$url|g" /home/kiosk/.config/openbox/autostart
+
+echo oldurl=${url} > /var/log/browserurl.log
+
+echo "Done!"

README.md

@@ -1,2 +1,3 @@
-# RandomSinpits
+# Snipits
 
+By brammp