diff --git a/Centos-MicroNas.sh b/Centos-MicroNas.sh deleted file mode 100644 index 55dbf35..0000000 --- a/Centos-MicroNas.sh +++ /dev/null @@ -1,58 +0,0 @@ -#ProxmoxCT Note use privileged container with nesting enabled # - -#EPEL Repo -rpm --rebuilddb -dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm -rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8 - -#Webmin repo -cat << 'EOF' >> /etc/yum.repos.d/webmin.repo -[Webmin] -name=Webmin -#baseurl=https://download.webmin.com/download/yum -mirrorlist=https://download.webmin.com/download/yum/mirrorlist -enabled=1 -EOF -rpm --import https://download.webmin.com/jcameron-key.asc - -#Install -dnf --setopt=install_weak_deps=False --best --refresh -y install samba samba-common cronie nfs-utils webmin openssh-server nano nload htop avahi wsdd - -#Webin config -service webmin stop -systemctl start webmin -sed -i -e '/port=/c\port=80' -e 's/ssl=/c\ssl=0/g' -e 's/ipv6=/c\ipv6=0/g' /etc/webmin/miniserv.conf -echo "servers=Services & Tools" >> /etc/webmin/webmin.catnames -cat << 'EOF' >> /etc/webmin/webmin.cats -filter=cluster -exports=servers -filemin=servers -useradmin=servers -mailboxes= -EOF - -#Samba config -sed -i -e '/map to guest =/c\map to guest = never' /etc/samba/smb.conf - -#Avahi config -cat << 'EOF' >> /etc/avahi/services/smb.service - - - - %h - - _smb._tcp - 445 - - - _device-info._tcp - 0 - model=RackMac - - -EOF - -#Restart services -service webmin stop -systemctl enable --now smb nfs-server webmin avahi-daemon wsdd -systemctl restart smb nfs-server webmin avahi-daemon wsdd \ No newline at end of file diff --git a/DBUG-output.sh b/DBUG-output.sh deleted file mode 100644 index 43b9c2d..0000000 --- a/DBUG-output.sh +++ /dev/null @@ -1,15 +0,0 @@ -# Set debug flag as desired -DEBUG=1 -# DEBUG=0 - -if [ "$DEBUG" -eq "1" ]; then - OUT='/dev/tty' -else - OUT='/dev/null' -fi - -# actual script use commands like this -command > $OUT 2>&1 - -# or like this if you need -command 2> $OUT \ No newline at end of file diff --git a/Debian-MicroNas.sh b/Debian-MicroNas.sh deleted file mode 100644 index bc41302..0000000 --- a/Debian-MicroNas.sh +++ /dev/null @@ -1,55 +0,0 @@ -#ProxmoxCT Note use privileged container with nesting enabled # - -#Prerequisite packages -export DEBIAN_FRONTEND=noninteractive -apt install --no-install-recommends wget gnupg2 apt-transport-https -y - -#Webin repo -wget -qO - https://download.webmin.com/jcameron-key.asc | sudo apt-key add - -echo "deb https://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list - -#Wsdd(Web Service Discovery host daemon) repo -wget -O - https://pkg.ltec.ch/public/conf/ltec-ag.gpg.key|apt-key add - -echo "deb https://pkg.ltec.ch/public/ `lsb_release -cs` main" > /etc/apt/sources.list.d/wsdd.list - -#Install -apt update -debconf-set-selections <<<"samba-common samba-common/do_debconf boolean true" -apt install --no-install-recommends samba samba-vfs-modules cron nfs-kernel-server webmin openssh-server nano nload htop avahi-daemon avahi-utils wsdd -y - -#Webmin config -sed -i -e '/port=/c\port=80' -e 's/ssl=/c\ssl=0/g' -e 's/ipv6=/c\ipv6=0/g' /etc/webmin/miniserv.conf -echo "servers=Services & Tools" >> /etc/webmin/webmin.catnames -cat << 'EOF' >> /etc/webmin/webmin.cats -filter=cluster -exports=servers -filemin=servers -useradmin=servers -mailboxes= -EOF - - -#Samba config -sed -i -e '/map to guest =/c\map to guest = never' /etc/samba/smb.conf - -#Avahi config -cat << 'EOF' >> /etc/avahi/services/smb.service - - - - %h - - _smb._tcp - 445 - - - _device-info._tcp - 0 - model=RackMac - - -EOF - -#Restart services -systemctl enable --now smbd nfs-kernel-server webmin avahi-daemon wsdd -systemctl restart smbd nfs-kernel-server webmin avahi-daemon wsdd \ No newline at end of file diff --git a/ISO-Repack.md b/ISO-Repack.md deleted file mode 100644 index 70d8dce..0000000 --- a/ISO-Repack.md +++ /dev/null @@ -1,35 +0,0 @@ -# Repack linux ISO - -Commands expect to be in a root shell - -## Install needed tools -mkisofs xorriso isohybrid - -## Editing ISO image - -Create workspace -`mkdir /tmp/custom_iso` -Mount image and extract it since it is read only -``` -mount -t iso9660 -o loop ~/original.iso /mnt/` -tar cf - /mnt/. | (cd /tmp/custom_iso; tar xfp -) -``` -You can now modify the files for editing the bootloader config for example! - -## Back into an iso - -### Legacy only -Rebuild iso with mkisofs -`mkisofs -o output.iso -b syslinux/isolinux.bin -c syslinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -J -R -V "Custom ISO" /tmp/custom_iso` -Bless it with isohybrid -`isohybrid output.iso` - -### EFI and Legacy -Rebuild iso with mkisofs -`mkisofs -o output.iso -b syslinux/isolinux.bin -J -R -l -c syslinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -eltorito-alt-boot -e boot/grub/efi.img -no-emul-boot -graft-points -V "Custom ISO" /tmp/custom_iso` -Bless it with isohybrid -`isohybrid --uefi output.iso` - -### Sources -https://gist.github.com/AkdM/2cd3766236582ed0263920d42c359e0f -https://tuxfixer.com/mount-modify-edit-repack-create-uefi-iso-including-kickstart-file/ \ No newline at end of file diff --git a/InfoAtLoginPromt.sh b/InfoAtLoginPromt.sh deleted file mode 100644 index 1ed125a..0000000 --- a/InfoAtLoginPromt.sh +++ /dev/null @@ -1,4 +0,0 @@ -#IP address on host promts (add to /etc/issue) -: \4{} -#IP address on motd (add to .bashrc) -echo "IP: $(ip -o -4 addr list "" | awk '{print $4}' | cut -d/ -f1)" \ No newline at end of file diff --git a/Migrate-SecureBootKey.md b/Migrate-SecureBootKey.md deleted file mode 100644 index 0d38b36..0000000 --- a/Migrate-SecureBootKey.md +++ /dev/null @@ -1,37 +0,0 @@ -# Migrate Secureboot key -## Export Ubuntu -Copy following files -* Private Key: /var/lib/shim-signed/mok/MOK.priv -* Public Key: /var/lib/shim-signed/mok/MOK.der - -## Export Fedora -Copy following files -* Symlink to Private Key: /etc/pki/akmods/private/private_key.priv -* Symlink to Public Key: /etc/pki/akmods/certs/private_key.priv - -## Import Ubuntu -Using source.priv and source.der files in current directory to import -``` -cp source.priv /var/lib/shim-signed/mok/MOK.priv -cp source.der /var/lib/shim-signed/mok/MOK.der -``` - -## Import Fedora -Using source.priv and source.der files in current directory to import -``` -dnf install akmods kmodtool - -KEYNAME="$(hostname)"-"$(od -vAn -N4 -tu4 < /dev/urandom | awk '{print $1}')" - -cp source.der /etc/pki/akmods/certs/${KEYNAME}.der -cp source.priv /etc/pki/akmods/private/${KEYNAME}.priv - -chgrp akmods /etc/pki/akmods/certs/${KEYNAME}.* -chgrp akmods /etc/pki/akmods/private/${KEYNAME}.* - -chmod g+r /etc/pki/akmods/certs/${KEYNAME}.* -chmod g+r /etc/pki/akmods/private/${KEYNAME}.* - -ln -nsf /etc/pki/akmods/certs/${KEYNAME}.der /etc/pki/akmods/certs/public_key.der -ln -nsf /etc/pki/akmods/private/${KEYNAME}.priv /etc/pki/akmods/private/private_key.priv -``` \ No newline at end of file diff --git a/Multicore Gzip.md b/Multicore Gzip.md deleted file mode 100644 index 9ceb72f..0000000 --- a/Multicore Gzip.md +++ /dev/null @@ -1,13 +0,0 @@ -## Install -``` -apt install pigz -``` -## Compress -``` -tar cf - [inputdir] | pigz -[compression level (0 = none, 1 = minimal, 9 = maximum)] -p[cores] > [output.tar.gz] -``` -## Extract -``` -unpigz < [input.tar.gz] | (cd [extract location] && tar xvf -) -``` - diff --git a/Mysql-alternate-Repo-Setup-DebUbu.sh b/Mysql-alternate-Repo-Setup-DebUbu.sh deleted file mode 100644 index f41ced2..0000000 --- a/Mysql-alternate-Repo-Setup-DebUbu.sh +++ /dev/null @@ -1,5 +0,0 @@ -Dist=$(grep -oP '(?<=^ID=).+' /etc/os-release | tr -d '"') -DistVersion=$(grep -oP '(?<=^VERSION_CODENAME=).+' /etc/os-release | tr -d '"') - -wget -qO - http://repo.mysql.com/RPM-GPG-KEY-mysql | apt-key add - -echo "deb http://repo.mysql.com/apt/"$Dist"/ "$DistVersion" mysql-8.0" >/etc/apt/sources.list.d/mysql.list \ No newline at end of file diff --git a/Nginx-Core_CMS-Config b/Nginx-Core_CMS-Config deleted file mode 100644 index 938150a..0000000 --- a/Nginx-Core_CMS-Config +++ /dev/null @@ -1,60 +0,0 @@ -sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r CMS_Config.txt' -e '/#ConfHere/c\' Base_Nginx_Config.txt - - -###################################### -Base_Nginx_Config.txt Content example -###################################### - -#generated by certbot from here -server { - listen 443 ssl; - listen [::]:443 ssl; - server_name www.DOMAINname; - return 301 http://DOMAINname$request_uri; -} - -server { - listen 443 ssl; - listen [::]:443 ssl; - - -#ConfHere - -} -#generated by certbot to here - - -server { - listen 80; - listen [::]:80; - server_name www.DOMAINname; - return 301 http://DOMAINname$request_uri; -} - -server { - listen 80; - listen [::]:80; - - -#ConfHere - -} - -############################### -CMS_Config.txt Content example -############################### - - - gzip on; - gzip_proxied any; - gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon; - gzip_comp_level 2; - gzip_disable "msie6"; - gzip_buffers 16 8k; - - - location / { - #try_files $uri $uri/ =404; - try_files $uri $uri/ /index.php$is_args$args; - #try_files $uri $uri/ $uri.html $uri.php$is_args$query_string; - } diff --git a/NginxArgToRev.md b/NginxArgToRev.md deleted file mode 100644 index 40d583e..0000000 --- a/NginxArgToRev.md +++ /dev/null @@ -1,18 +0,0 @@ -#### Input: dom.ain/UrLocation/?set=123 - - - -#### Nginx Conf - -###### Required when directing to domain -``` -resolver 1.1.1.1 [::1]:5353 valid=30s; -``` - - -``` -location /UrLocation { - proxy_pass https://other.domain/json.htm?type=command&&switchcmd=Set%20Level&level=$arg_set; -} -``` -#### result: https://other.domain/json.htm?type=command&&switchcmd=Set%20Level&level=123 \ No newline at end of file diff --git a/Options-AsVar_whiptail.sh b/Options-AsVar_whiptail.sh deleted file mode 100644 index cec8745..0000000 --- a/Options-AsVar_whiptail.sh +++ /dev/null @@ -1,4 +0,0 @@ -args=("Option 1:" "Option 1 Desription" OFF) -args+=("Option 2: " "Option 2 Desription" OFF) -args+=("Option 3: " "Option 3 Desription" OFF) -option=$(whiptail --nocancel --title "Title" --checklist "Features" 11 110 5 "${args[@]}" 3>&1 1>&2 2>&3) diff --git a/Proxmox-ARM_CT.md b/Proxmox-ARM_CT.md deleted file mode 100644 index 2922831..0000000 --- a/Proxmox-ARM_CT.md +++ /dev/null @@ -1,16 +0,0 @@ -Install `qemu-user-static` on the proxmox host -Add an `armhf` or `arm64(aarch64)` image to the proxmox image store -Use this image to create a container - - -## Image links -Always download `rootfs.tar.xz` -(Distro releases current as of 20-10-2021) -### armhf -* Alpine https://uk.images.linuxcontainers.org/images/alpine/3.14/armhf/default/ -* Debian https://uk.images.linuxcontainers.org/images/debian/bullseye/armhf/default/ -* Ubuntu https://uk.images.linuxcontainers.org/images/ubuntu/focal/armhf/default/ -### arm64 -* Alpine https://uk.images.linuxcontainers.org/images/alpine/3.14/arm64/default/ -* Debian https://uk.images.linuxcontainers.org/images/debian/bullseye/arm64/default/ -* Ubuntu https://uk.images.linuxcontainers.org/images/ubuntu/focal/arm64/default/ \ No newline at end of file diff --git a/Proxmox-SMTPMail.sh b/Proxmox-SMTPMail.sh deleted file mode 100644 index e8aa1e3..0000000 --- a/Proxmox-SMTPMail.sh +++ /dev/null @@ -1,34 +0,0 @@ -#Proxmox Use SMTP to send mail -#Vars -MailFromName=$(hostname) -MailFormAddress=noreply@domain.com -MailFromServer=mail.provider.com -MailFromServerPort=465 -MailFromPasswd= -MailTo=administrator@domain.com - -#install dependencies -apt install libsasl2-modules -y - -#Generating Configs -echo "[$MailFromServer]:$MailFromServerPort $MailFormAddress:$MailFromPasswd" > /etc/postfix/sasl_passwd -echo "/.+/ $MailFromName<$MailFormAddress>" > /etc/postfix/sender_canonical_maps -echo "/From:.*/ REPLACE From: $MailFromName<$MailFormAddress>" > /etc/postfix/header_check -sed -i '/relayhost/c\' /etc/postfix/main.cf -cat << EOF >> /etc/postfix/main.cf -#Custom PostfixSMTP config -relayhost = [$MailFromServer]:$MailFromServerPort -smtp_tls_wrappermode = yes -smtp_tls_security_level = encrypt -smtp_use_tls = yes -smtp_sasl_auth_enable = yes -smtp_sasl_security_options = -smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd -smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt -sender_canonical_classes = envelope_sender, header_sender -sender_canonical_maps = regexp:/etc/postfix/sender_canonical_maps -smtp_header_checks = regexp:/etc/postfix/header_check -EOF - -postmap /etc/postfix/sasl_passwd -systemctl restart postfix \ No newline at end of file diff --git a/README.md b/README.md index 5229d16..daefc54 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,4 @@ -# linux +# Linux Snipits + +Migrated to [brammp/SnipitRepo](https://git.bprieshof.nl/brammp/SnipitRepo)/Linux diff --git a/SSH.md b/SSH.md deleted file mode 100644 index bd1c0ac..0000000 --- a/SSH.md +++ /dev/null @@ -1,42 +0,0 @@ -## SSH SOCSK (ProxyTunnel) -#### Command -`ssh -C -D @` - -* -C : enables compression -* -D : specifies Socks proxyport - -### Firefox -1. go to Edit -> Preferences -> Advanced -> Network -> Connection -> Settings... -2. check "Manual proxy configuration" -3. make sure "Use this proxy server for all protocols" is cleared -4. clear "HTTP Proxy", "SSL Proxy", "FTP Proxy", and "Gopher Proxy" fields -5. enter "127.0.0.1" for "SOCKS Host" -6. enter "1080" (or whatever port you chose) for Port. - -## SSH Remote forward (makes local port apear on remote machine) - -#### Port to be internaly binded on remote machine - -`ssh -R :
: @` - -#### Port to be binded to remote machine - -`ssh -g -R *::
: @` - -* -R : Remote forward -* -N : Do not execute a remote command -* -g : forward to remote network - -### SSHD config (on remote where ports are forwarded to) -* GatewayPorts no : only allows the remote system to connect -* GatewayPorts yes: allows the remote network to connect to the forwarded port -* GatewayPorts clientspecified : allows the remote network to connect to the forwarded port when -g switch is used - - -## SSH Local forward (makes remote port apear on local machine) - -#### Remote port to be binded on local machine - -`ssh -L :
: @` - -* -L : Local forward \ No newline at end of file diff --git a/VarModifiers.sh b/VarModifiers.sh deleted file mode 100644 index 2fba4a1..0000000 --- a/VarModifiers.sh +++ /dev/null @@ -1,6 +0,0 @@ -option="${option// /}" #Removes Spaces -option="${option/:/ }" #First : to Space -option="${option//:/ }" #All : to Space -option="${option//:}" #Removes : -option="${option,,}" #Removes LowerCase -option="${option//'"'}" #Removes " \ No newline at end of file diff --git a/apt-Whiptail.sh b/apt-Whiptail.sh deleted file mode 100644 index fd8ec4c..0000000 --- a/apt-Whiptail.sh +++ /dev/null @@ -1,3 +0,0 @@ -PKGM="debconf-apt-progress -- apt" #enable progresbar -PKGI="${PKGM} install -y" #Setting single install var -PKGA="debconf-apt-progress -- add-apt-repository" \ No newline at end of file diff --git a/apt-cacher-ng.md b/apt-cacher-ng.md deleted file mode 100644 index 0a98912..0000000 --- a/apt-cacher-ng.md +++ /dev/null @@ -1,31 +0,0 @@ -# apt-cacher-ng -Default port 3142 -## Deb(ubuntu/debian) repos work out of the box server sided -### client -`echo 'Acquire::http::Proxy "http://:";' > /etc/apt/apt.conf.d/01proxy` - -## For Centos are modifications needed -### Server -`curl https://www.centos.org/download/full-mirrorlist.csv | sed 's/^.*"http:/http:/' | sed 's/".*$//' | grep ^http >/etc/apt-cacher-ng/centos_mirrors` - -SSL Passthrough -#### /etc/apt-cacher-ng/acng.conf -``` -VfilePatternEx: ^/\?release=[0-9]+&arch= -VfilePatternEx: ^(/\?release=[0-9]+&arch=.*|.*/RPM-GPG-KEY-.*|/metalink\?repo=epel\$ -VfilePatternEx = (^|.*/)repodata/.*\.(yaml|yml)(\.gz|\.bz2|\.lzma|\.xz)?$ -Remap-centos: file:centos_mirrors /centos - -#PassThroughPattern: .* # this would allow CONNECT to everything - -``` - -### Client (installer) -use http://mirror.centos.org/centos/8/BaseOS/x86_64/os/ as repo and set proxy to : - -### Client (DNF) -make sure to set repos to use base url -add folowing to /etc/dnf/dnf.conf -``` -proxy=http://: -``` \ No newline at end of file diff --git a/apt-webmin.sh b/apt-webmin.sh deleted file mode 100644 index 4eef7a2..0000000 --- a/apt-webmin.sh +++ /dev/null @@ -1,10 +0,0 @@ -apt update -apt-get install apt-transport-https gnupg2 -y - -wget http://www.webmin.com/jcameron-key.asc -apt-key add jcameron-key.asc -rm jcameron-key.asc - -echo "deb https://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list -apt-get update -apt-get install webmin -y \ No newline at end of file diff --git a/autoupdate-gitea.md b/autoupdate-gitea.md deleted file mode 100644 index 78c6af8..0000000 --- a/autoupdate-gitea.md +++ /dev/null @@ -1,52 +0,0 @@ -# gitea update tool -Tool from `https://github.com/CMiksche/gitea-auto-update` -or get local from `https://git.bprieshof.nl/Tools/gitea-auto-update` - -requires python 3.7+ - -# Install tool -## ubuntu 18.04 -``` -add-apt-repository ppa:deadsnakes/ppa -apt install python3.7 python3-pip - -python3.8 -m pip install gitea-auto-update -``` -##debian 10,ubuntu 20.04 -``` -apt install python3-pip -y -pip3 install gitea-auto-update -``` - -# Configuring -### all os's -Add the following to `/etc/gitea/auto-update.ini` -``` -[Gitea] -site=http://localhost:3000/api/v1/version -apiUrl=https://api.github.com/repos/go-gitea/gitea/releases/latest -system=linux-amd64 -file=/usr/local/bin/gitea -tmpDir=/tmp/ -buildFromSource= -sourceDir= -logFile=/var/log/gitupdate.log -``` - - - -## Cron job -### ubuntu 18.04 -Add the following to `/etc/crontab` -``` -0 5 * * 7 root /usr/bin/python3.8 /usr/local/bin/gitea-auto-update --settings=/etc/gitea/auto-update.ini -``` -### debian 10,ubuntu 20.04 -Add the following to `/etc/crontab` -``` -0 5 * * 7 root /usr/local/bin/gitea-auto-update --settings=/etc/gitea/auto-update.ini -``` -# Run manual update` -``` -gitea-auto-update --settings=/etc/gitea/auto-update.ini -``` \ No newline at end of file diff --git a/bash-script-Flag.sh b/bash-script-Flag.sh deleted file mode 100644 index 6687a59..0000000 --- a/bash-script-Flag.sh +++ /dev/null @@ -1,17 +0,0 @@ -if [ "$1" != "-l" ]; then - echo "Normal mode" - IMODE=n - fi - -if [ "$1" = "-l" ]; then - echo "Legacy mode"; - IMODE=l -fi - - - -if [ $IMODE = n ]; then - echo "New Menu" -elif [ $IMODE = l ]; then - echo "Legacy Menu" -fi diff --git a/curl-Functions-authchecker.md b/curl-Functions-authchecker.md deleted file mode 100644 index 1d8766e..0000000 --- a/curl-Functions-authchecker.md +++ /dev/null @@ -1,73 +0,0 @@ -# Authchecker functions for curl -## curl keeps asking for password until correct, and downloads file - -``` -function getcurlsec { - -local curlurl="$1" -local curluser="$2" -local curloutput="$3" - -while true; do - curl --fail --user "$curluser" "$curlurl" -o "$curloutput" - local EC=$? - if [ $EC -eq 0 ]; then - break - fi -done - -} -``` - -Syntax: `getcurlsec ` - - -## curl downloads file using given credentials - -``` -function getcurlsecwpassword { - -local curlurl="$1" -local curluser="$2" -local curlpassword="$3" -local curloutput="$4" - curl --fail --user "$curluser":"$curlpassword" "$curlurl" -o "$curloutput" - local EC=$? - if [ $EC -eq 0 ]; then - echo "Password correct" - else - echo "Password incorrect" - fi -} -``` - -Syntax: `getcurlsecwpassword ` - - -## curl keeps asking for password until correct, and stores username and password as var - -``` -function checkusercurl { - -local curlurl="$1" -curluser="$2" - -while true; do - read -s -p "Enter password for user $curluser: " curlpassword - echo ""; - curl -s --fail --user "$curluser":"$curlpassword" "$curlurl" -o /dev/null - local EC=$? - if [ $EC -eq 0 ]; then - echo "Password correct" - break - fi - echo "Incorrect password" - unset curlpassword -done - -} -``` - -Syntax: `checkusercurl ` -username wil become var: curluser -password wil become var: $curlpassword \ No newline at end of file diff --git a/debian10-LXC.md b/debian10-LXC.md deleted file mode 100644 index 585b8c6..0000000 --- a/debian10-LXC.md +++ /dev/null @@ -1,74 +0,0 @@ -# Setup LXC on debian 10 - -Install packages and add unprivileged user -``` -apt install lxc libvirt0 libpam-cgfs bridge-utils uidmap -useradd lxcuser -cat /etc/s*id|grep lxcuser -``` - -Put the following in /etc/default/lxc-net -``` -USE_LXC_BRIDGE="true" -``` - -Put the following in /etc/lxc/default.conf -``` -lxc.idmap = u 0 -lxc.idmap = g 0 -lxc.mount.auto = proc:mixed sys:ro cgroup:mixed -lxc.apparmor.profile = unconfined -lxc.apparmor.allow_nesting = 1 -lxc.net.0.type = veth -lxc.net.0.link = lxcbr0 -lxc.net.0.flags = up -lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx -``` - -Give root acces to unprivileged user space -``` -echo "root::" >> /etc/subuid -echo "root::" >> /etc/subgid -``` - -Enable and start lxc network service -``` -systemctl enable --now lxc-net -``` -enable unprivileged user namespaces for kernels < 5.10 -``` -echo kernel.unprivileged_userns_clone=1 >> /etc/sysctl.conf -sysctl -p -``` - - -# Extra config KB -* Create Container `lxc-create -t download -n -- -d debian -r buster -a amd64` -* Container config `/var/lib/lxc//config` -* add to Container config to start on boot `lxc.start.auto = 1` -* add to Container config for static ip -``` -lxc.net.0.ipv4.address = 10.0.3./24 -lxc.net.0.ipv4.gateway = 10.0.3.1 -``` - - -# UFW forwarding - -also dont forget to add the extenal port as allow rule -add to /etc/ufw/before.rules - -to begin of file before *filter -``` -*nat -:PREROUTING ACCEPT [0:0] --A PREROUTING -i enp0s3 -p tcp --dport -j DNAT --to : -COMMIT -``` - -to end of file before last COMMIT -``` -#LXC forwards --A FORWARD -o lxcbr0 -j ACCEPT --A FORWARD -i lxcbr0 -j ACCEPT -``` diff --git a/docs/rffmpeg/Master-Install.md b/docs/rffmpeg/Master-Install.md deleted file mode 100644 index 8f3feb4..0000000 --- a/docs/rffmpeg/Master-Install.md +++ /dev/null @@ -1,78 +0,0 @@ -## Prerequisites: -* A running jellyfin server on the master - -## Step 1: Configuring Jellyfin and preparing the server - -### Transcode temp folder -#### Sharing the the local trancode folder -Make the new trancode folder -``` -mkdir /var/lib/jellyfin/transcoding-temp -``` -NFS is the recomend way of sharing this folder, but SMB/CIFS shoud also work -``` -apt -y install nfs-kernel-server -echo '/var/lib/jellyfin/transcoding-temp /24(rw,sync,no_subtree_check)' >> /etc/exports -systemctl restart nfs-kernel-server -``` -Set the following setting in jellyfin "Transcode path" in the Playback settings to "/var/lib/jellyfin/transcoding-temp" - -#### Useing a existing remote share trancode folder -Make sure the folder is mounted at"/var/lib/jellyfin/transcoding-temp" -Set the following setting in jellyfin "Transcode path" in the Playback settings to "/var/lib/jellyfin/transcoding-temp" - -### Jellyfin user -Generating sshkey pair without password -``` -sudo -u jellyfin mkdir -p /var/lib/jellyfin/.ssh -sudo -u jellyfin ssh-keygen -t rsa -f /var/lib/jellyfin/.ssh/id_rsa -``` -Set the jellyfin user to login as bash in /etc/passwd - -## Step 2: Install slave/render servers - -### Getting info -Run `cat /etc/passwd | grep jellyfin:` to get user info, i will refer to it as `` -Run `cat /etc/group | grep jellyfin:`, to get group info, i will refer to it as `` -Run `cat /var/lib/jellyfin/.ssh/id_rsa.pub` To get ssh-key for sending commands , i will refer to it as `` -Get the ip of the master, i will refer to it as `` - -### Installing on the remote slave -Use the info you collected en follow "Slave-install.md" -``` -sudo -u jellyfin ssh -i /var/lib/jellyfin/.ssh/id_rsa jellyfin@ -``` -When connected to the master exit the session with the slave server -Repeat these steps for all slave server - -### Adding local system as slave -``` -echo 'ssh-rsa ' | sudo -u jellyfin tee /var/lib/jellyfin/.ssh/authorized_keys -sudo -u jellyfin ssh -i /var/lib/jellyfin/.ssh/id_rsa jellyfin@localhost -``` - -## Step 3: Installing rffmpeg -``` -mkdir /etc/rffmpeg /opt/rffmpeg -wget https://raw.githubusercontent.com/joshuaboniface/rffmpeg/master/rffmpeg.yml.sample -O /etc/rffmpeg/rffmpeg.yml -wget https://raw.githubusercontent.com/joshuaboniface/rffmpeg/master/rffmpeg.py -O /opt/rffmpeg/rffmpeg.py -ln -s /usr/local/bin/rffmpeg.py /opt/rffmpeg/ffmpeg -ln -s /usr/local/bin/rffmpeg.py /opt/rffmpeg/ffprobe -``` -## Step 3: Configuring rffmpeg -Add to the host section of /etc/rffmpeg/rffmpeg.yml -Example of the section in the config file -``` -remote: - # A YAML list of remote hosts to connect to - hosts: - - 192.168.1.2 - - 192.168.1.3 -``` -if you also want the local system to render add localhost or 127.0.0.1 - - -## Step 4: Set jellyfin to use rffmpeg -Set the following setting in jellyfin "FFmpeg path" in the Playback settings to "/opt/rffmpeg/ffmpeg" - -## Done diff --git a/docs/rffmpeg/README.md b/docs/rffmpeg/README.md deleted file mode 100644 index 15df1e6..0000000 --- a/docs/rffmpeg/README.md +++ /dev/null @@ -1,2 +0,0 @@ -This Guide uses NFS for saring the Transcode tmp folder -This tool expects the media folder(s) to be mounted/located at same location as master(Jellyfin) server \ No newline at end of file diff --git a/docs/rffmpeg/Slave-Install.md b/docs/rffmpeg/Slave-Install.md deleted file mode 100644 index ff00dd6..0000000 --- a/docs/rffmpeg/Slave-Install.md +++ /dev/null @@ -1,43 +0,0 @@ -## Prerequisites: -* You set up the master following Master-Install.md and have the information reddy -* A Clean install of ubuntu linux with ssh-server enabled -* The media folder accessible on the same location as the jellyfin server - -## Step 1: Setting up the user -``` -mkdir -p /var/lib/jellyfin/.ssh -echo "" >> /etc/passwd -echo "" >> /etc/group -echo "jellyfin:*:17928:0:99999:7:::" >> /etc/shadow -``` -Reboot the system just to make sure changes are piked up - -``` -echo '' >> /var/lib/jellyfin/.ssh/authorized_keys -chmod 755 -R /var/lib/jellyfin/ -chown -R jellyfin:jellyfin /var/lib/jellyfin/ -``` - -## Step 2: setting up the Transcode temp folder -if you are not using NFS make sure the folder is mounted to "/var/lib/jellyfin/transcoding-temp" and skip the rest of step 2 - -### Setting up NFS Client -``` -apt install nfs-common -y -mkdir -p /var/lib/jellyfin/transcoding-temp -chmod 777 /var/lib/jellyfin/transcoding-temp -echo ':/var/lib/jellyfin/transcoding-temp /var/lib/jellyfin/transcoding-temp nfs defaults,vers=3,sync 0 0' >> /etc/fstab -sudo mount -a -``` - -## Step 3: Install the jellyfin version of ffmpeg -``` -apt install apt-transport-https -y -add-apt-repository universe -y -wget -O - https://repo.jellyfin.org/ubuntu/jellyfin_team.gpg.key | sudo apt-key add - -echo "deb [arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/ubuntu $( lsb_release -c -s ) main" >> /etc/apt/sources.list.d/jellyfin.list -apt update -apt install jellyfin-ffmpeg -y -``` -## Done -Continue reading "Master-Install.md" \ No newline at end of file diff --git a/git-UpdateCheck.sh b/git-UpdateCheck.sh deleted file mode 100644 index f95018f..0000000 --- a/git-UpdateCheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#Git update checker -## Will folow localy checked-out branch -## Make sure localy altered files (config,upload folder, etc) are setup in .gitignore -git remote update - -UPSTREAM=${1:-'@{u}'} -LOCAL=$(git rev-parse @) -REMOTE=$(git rev-parse "$UPSTREAM") -BASE=$(git merge-base @ "$UPSTREAM") - -if [ $LOCAL = $REMOTE ]; then - echo "Up-to-date" -elif [ $LOCAL = $BASE ]; then - echo "Update available, Pulling form git" - git pull -else - echo "Diverged" -fi \ No newline at end of file diff --git a/scripts/Deb11Upgrade_Basic.sh b/scripts/Deb11Upgrade_Basic.sh deleted file mode 100644 index 5def1ea..0000000 --- a/scripts/Deb11Upgrade_Basic.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/bin/bash - -##################################################################### -# @description: # -# Debian 10 to Debian 11 upgrade tool for basic debian 10 system # -# # -# @author: Bram Prieshof # -##################################################################### - -#ScriptVars -UpgradeDist=deb11 -InstalledOptions=("${SelectedOptions[@]}" "${EnabledAons[@]}") -Sysup2Date=no - -#OS Detection -dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release") -dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release") - -if [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then - CurDist=deb10 -else - echo "This OS in not eligible for this upgrade" - exit -fi - -#PackageManager-config -PKGM=apt -PKGUC="$PKGM update" -PKGUP="$PKGM upgrade -y" -PKGI="${PKGM} install -y --no-install-recommends" - -#Update current release -if [ $Sysup2Date = no ]; then - echo "The system will now update the packages for the current release" - read -r -s -p $'Press enter to continue, or ctrl+c to quit' - $PKGUC - DEBIAN_FRONTEND=noninteractive $PKGUP -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" - $PKGM dist-upgrade -y - $PKGM clean all - $PKGM autoremove -y - sed -i -e '/Sysup2Date=no/c\Sysup2Date=yes' "$0" - echo "The current release is up to date," - echo "please reboot the system and re-run this scipt to continue" - exit -fi - -echo "The system will now update the repositories to the new release and update all packages" -read -r -s -p $'Press enter to continue, or ctrl+c to quit' - -#Update Debian repo's -sed -i -e 's/buster/bullseye/g' -e 's#http://security.debian.org/debian-security#https://deb.debian.org/debian-security#g' -e 's#http://security.debian.org#https://deb.debian.org/debian-security#g' -e 's#bullseye/updates#bullseye-security#g' /etc/apt/sources.list -#Update Hetzner mirrror repo's -sed -i -e 's/buster/bullseye/g' /etc/apt/sources.list.d/hetzner* -e 's#bullseye/updates#bullseye-security#g' /etc/apt/sources.list.d/hetzner* - -#Running updates -$PKGM update -DEBIAN_FRONTEND=noninteractive $PKGUP --without-new-pkgs -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -DEBIAN_FRONTEND=noninteractive $PKGM full-upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -$PKGM autoremove -y - -echo "Upgrade finished, please reboot the system" diff --git a/scripts/Ufw-AddCustomRule-SSH_4242.sh b/scripts/Ufw-AddCustomRule-SSH_4242.sh deleted file mode 100644 index a45724e..0000000 --- a/scripts/Ufw-AddCustomRule-SSH_4242.sh +++ /dev/null @@ -1,39 +0,0 @@ -############################################################### -# @description: # -# Add Custom rule to UFW for limiting ssh(4242/tcp) # -# # -# @author: Bram Prieshof # -############################################################### - -#Sed in a function to detect line from $FindLine and insert the content of $AddLine on a new line above the match -UpdateFile () { - file="$1" - sed -i 's/'"$FindLine"'/'"$AddLine"'\n&/g' $file - unset FindLine AddLine -} - -#Delete Existng SSH(4242/tcp) rule(s) -ufw delete limit 4242/tcp - -#Add needed filters (IPv4) -FindLine="# End required lines" -AddLine=":ufw-user-limit - [0:0]\n:ufw-user-limit-accept - [0:0]" -UpdateFile /etc/ufw/after.rules - -#Add needed filters (IPv6) -FindLine="# End required lines" -AddLine=":ufw6-user-limit - [0:0]\n:ufw6-user-limit-accept - [0:0]" -UpdateFile /etc/ufw/after6.rules - -#Add custom SSH(4242/tcp) limit rule (IPv4) -FindLine="# don't delete the 'COMMIT' line or these rules won't be processed" -AddLine="### SSH limit tcp\n-A ufw-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --set\n-A ufw-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 15 -j ufw-user-limit\n-A ufw-after-input -p tcp --dport 4242 -j ufw-user-limit-accept\n" -UpdateFile /etc/ufw/after.rules - -#Add custom SSH(4242/tcp) limit rule (IPv6) -FindLine="# don't delete the 'COMMIT' line or these rules won't be processed" -AddLine="### SSH limit tcp\n-A ufw6-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --set\n-A ufw6-after-input -p tcp --dport 4242 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 15 -j ufw6-user-limit\n-A ufw6-after-input -p tcp --dport 4242 -j ufw6-user-limit-accept\n" -UpdateFile /etc/ufw/after6.rules - -#Reload ufw rules -ufw reload diff --git a/scripts/detect-os-V1.sh b/scripts/detect-os-V1.sh deleted file mode 100644 index f281be1..0000000 --- a/scripts/detect-os-V1.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -source /etc/os-release - -#echo used Vars for testing only -echo $VERSION - -#formaring $VERSION to a useable fromat -VERSION=$(echo $VERSION | grep -o '[0-9]\+.' | tr -d '\n') - -#echo used Vars for testing only -echo $ID -echo $VERSION - -#example if statement - -if [ "$ID" = "debian" ]; then - echo "Execute Commands" -elif [ "$ID" = "ubuntu" ]; then - echo "Executue Ubuntu version detection" - if [[ "$VERSION" == "18.04"* ]]; then - echo "this ubuntu Ubuntu 18.04" - elif [[ "$VERSION" == "16.04"* ]]; then - echo "this ubuntu 16.04" - else - echo "this version of ubuntu is not yet supported" - fi -elif [ "$ID" = "centos" ]; then - echo "Executue Centos Commands" -elif [ "$ID" = "rhel" ]; then - echo "Executue Red hat enterpise Linux Commands" -else - echo "this OS is not yet supported" -fi \ No newline at end of file diff --git a/scripts/detect-os-V2.sh b/scripts/detect-os-V2.sh deleted file mode 100644 index 83037a6..0000000 --- a/scripts/detect-os-V2.sh +++ /dev/null @@ -1,21 +0,0 @@ -dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release") -dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release") - -if [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"18.04"* ]]; then - echo "Ubuntu 18.04 Detected" - shortdist=ubu1804 -elif [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"20.04"* ]]; then - echo "Ubuntu 20.04 Detected" - shortdist=ubu2004 -elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then - echo "Debian 10 Detected" - shortdist=deb10 -elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then - echo "Centos 8 Detected" - shortdist=cent10 -else - echo "This OS in not supported" -fi - -unset dist_ver -unset dist diff --git a/scripts/installgit.sh b/scripts/installgit.sh deleted file mode 100644 index 3fd9834..0000000 --- a/scripts/installgit.sh +++ /dev/null @@ -1,215 +0,0 @@ -##----------## -# Menu # -##----------## - -echo "Ubuntu 18.04 gitea install script." -echo "Domein without www:" -read domain -while true; do - read -p "Does www.${domain} exist in DNS -> yes/no?" yn - case $yn in - [Yy]* ) domainwww=1 - break;; - [Nn]* ) domainwww=0 - break;; - * ) echo "choose yes or no.";; - esac -done -echo "System password:" -read password -echo "Administrator email:" -read email - -##----------------## -# Pre-Config # -##----------------## - -apt install -y software-properties-common -add-apt-repository -y ppa:certbot/certbot -apt update -apt upgrade -y -apt install -y mysql-server nginx git -timedatectl set-timezone Europe/Amsterdam -sed -i 's/#/vm.swappiness=10/g' /etc/sysctl.conf -sed -i 's/#/vm.vfs_cache_pressure=50/g' /etc/sysctl.conf -sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw -sed -i "\$a0 3 * * 1 root apt update >/dev/null 2>&1&& apt upgrade -y >/dev/null 2>&1" /etc/crontab -systemctl restart cron -ufw allow OpenSSH -ufw allow 443/tcp -ufw allow 80/tcp -ufw limit ssh -echo "y" | ufw enable - -##------------------## -# MySQL Config # -##------------------## - -# mysql_secure_installation automated -mysqladmin -u root password "$password" -mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')" -mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User=''" -mysql -u root -p"$password" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'" -mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;" -mysql -u root -p"$password" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$password"';" -mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" -mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;" - -rm /etc/mysql/my.cnf -cat > /etc/mysql/my.cnf <<- "EOF" -# - "/etc/mysql/my.cnf" to set global options, -[mysqld_safe] -socket = /var/run/mysqld/mysqld.sock -nice = 0 - -[mysqld] -user = mysql -pid-file = /var/run/mysqld/mysqld.pid -socket = /var/run/mysqld/mysqld.sock -port = 3306 -basedir = /usr -datadir = /var/lib/mysql -tmpdir = /tmp -lc-messages-dir = /usr/share/mysql -skip-external-locking - -innodb_buffer_pool_size = 1G # (adjust value here, 50%-70% of total RAM) -innodb_log_file_size = 256M -innodb_flush_log_at_trx_commit = 1 # may change to 2 or 0 -innodb_flush_method = O_DIRECT -bind-address = 127.0.0.1 -key_buffer_size = 16M -max_allowed_packet = 16M -thread_stack = 192K -thread_cache_size = 8 -myisam-recover-options = BACKUP -#max_connections = 100 -#table_open_cache = 64 -#thread_concurrency = 10 -query_cache_limit = 1M -query_cache_size = 16M -log_error = /var/log/mysql/error.log -expire_logs_days = 10 -max_binlog_size = 100M -EOF - -db_pass=$(date +%s|sha256sum|base64|head -c 32) -mysql -u root -p"$password" -e "CREATE DATABASE "giteadb" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" -mysql -u root -p"$password" -e "GRANT ALL ON "giteadb".* TO '"gitea"'@'localhost' IDENTIFIED BY '"$db_pass"';" -mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" -echo $db_pass > ~/db-pass.txt - -##------------------## -# Nginx Config # -##------------------## - -cat < /etc/nginx/sites-available/"$domain" -server { - server_name git.ictmaatwerk.com; - client_max_body_size 40M; - listen 80 ; - - location / { - proxy_pass http://localhost:3000; - } - - location /.well-known { - alias /var/www/git.ictmaatwerk.com/.well-known; - } - - -} -EOF -ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/ -mkdir -p /var/www/"$domain"/html -chmod -R 755 /var/www -systemctl restart nginx -##-------------## -# Certbot # -##-------------## -apt install -y python-certbot-nginx -if [ $domainwww = 1 ]; then - certbot --nginx -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos - -elif [ $domainwww = 0 ]; then - certbot --nginx -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos -fi - - -debconf-set-selections <<< "postfix postfix/mailname string $domain" -debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" -apt install -y mailutils -sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf -sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf -sed -i 's/relayhost =/mydestination = '$domain', localhost.'$domain', '$domain'/g' /etc/postfix/main.cf -cat < /etc/aliases -# See man 5 aliases for format -postmaster: root -root: $email -EOF -newaliases - - -##-----------## -# gitea # -##-----------## -wget https://dl.gitea.io/gitea/1.7.0/gitea-1.7.0-linux-amd64 -O gitea -chmod +x gitea - -adduser \ - --system \ - --shell /bin/bash \ - --gecos 'Git Version Control' \ - --group \ - --disabled-password \ - --home /home/git \ - git - -mkdir -p /var/lib/gitea/{custom,data,log} -chown -R git:git /var/lib/gitea/ -chmod -R 750 /var/lib/gitea/ -mkdir /etc/gitea -chown root:git /etc/gitea -chmod 770 /etc/gitea -mv gitea /usr/local/bin/gitea - -cat < /etc/systemd/system/gitea.service -[Unit] -Description=Gitea (Git with a cup of tea) -After=syslog.target -After=network.target -After=mysqld.service -#After=postgresql.service -#After=memcached.service -#After=redis.service - -[Service] -# Modify these two values and uncomment them if you have -# repos with lots of files and get an HTTP error 500 because -# of that -### -#LimitMEMLOCK=infinity -#LimitNOFILE=65535 -RestartSec=2s -Type=simple -User=git -Group=git -WorkingDirectory=/var/lib/gitea/ -ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini -Restart=always -Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea -# If you want to bind Gitea to a port below 1024 uncomment -# the two values below -### -#CapabilityBoundingSet=CAP_NET_BIND_SERVICE -#AmbientCapabilities=CAP_NET_BIND_SERVICE - -[Install] -WantedBy=multi-user.target - -EOF - -echo certbot --nginx -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos > activatessl.sh -echo "Please put config here: /etc/gitea/app.ini" -echo "then run: systemctl enable gitea && systemctl start gitea" -echo "if service starts then reboot the system to finsh the installation" \ No newline at end of file diff --git a/scripts/kweb.sh b/scripts/kweb.sh deleted file mode 100644 index 69568cd..0000000 --- a/scripts/kweb.sh +++ /dev/null @@ -1,10 +0,0 @@ -service php-fpm53 stop -service php-fpm54 stop -service php-fpm55 stop -service php-fpm56 stop -service php-fpm70 stop -service php-fpm71 stop -service php-fpm72 stop -service php-fpm73 stop -service httpd stop -service nginx stop \ No newline at end of file diff --git a/scripts/proxmox/update-lxc-Image.sh b/scripts/proxmox/update-lxc-Image.sh deleted file mode 100644 index a202405..0000000 --- a/scripts/proxmox/update-lxc-Image.sh +++ /dev/null @@ -1,23 +0,0 @@ -curl https://uk.images.linuxcontainers.org/ | awk -F "|" '/<\/*t[rd]>.*/ {print $3, $5, $7, $9, $11}' > /tmp/updatetimestapmps - -#Debian 10 (Buster) -dbts=$(cat /tmp/updatetimestapmps | grep debian |grep buster |grep cloud| grep amd64 | awk '{ print $5 }') -wget https://uk.images.linuxcontainers.org/images/debian/buster/amd64/cloud/"$dbts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyDebianBuster.tar.xz - -#Ubuntu (Bionic Beaver) -ubts=$(cat /tmp/updatetimestapmps | grep ubuntu |grep bionic |grep cloud| grep amd64 | awk '{ print $5 }') -wget https://uk.images.linuxcontainers.org/images/ubuntu/bionic/amd64/cloud/"$ubts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyUbuntuBionicBeaver.tar.xz - -#Ubuntu 20.04 (FocalFossa) -ufts=$(cat /tmp/updatetimestapmps | grep ubuntu |grep focal |grep cloud| grep amd64 | awk '{ print $5 }') -wget https://uk.images.linuxcontainers.org/images/ubuntu/focal/amd64/cloud/"$ufts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyUbuntuFocalFossa.tar.xz - -#Centos 8 -c8ts=$(cat /tmp/updatetimestapmps | grep "centos 8" | grep -v '8-Stream' |grep cloud| grep amd64 | awk '{ print $5 }') -wget https://uk.images.linuxcontainers.org/images/centos/8/amd64/cloud/"$c8ts"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyCentos8.tar.xz - -#Alpine 3.12 -alpine312=$(cat /tmp/updatetimestapmps | grep "alpine" | grep '3.12' |grep default| grep amd64 | awk '{ print $5 }') -wget https://uk.images.linuxcontainers.org/images/alpine/3.12/amd64/default/"$alpine312"/rootfs.tar.xz -O /var/lib/vz/template/cache/DailyAlpine3.12.tar.xz - -rm /tmp/updatetimestapmps \ No newline at end of file diff --git a/scripts/rweb.sh b/scripts/rweb.sh deleted file mode 100644 index ab46b05..0000000 --- a/scripts/rweb.sh +++ /dev/null @@ -1,10 +0,0 @@ -service php-fpm53 restart -service php-fpm54 restart -service php-fpm55 restart -service php-fpm56 restart -service php-fpm70 restart -service php-fpm71 restart -service php-fpm72 restart -service php-fpm73 restart -service httpd restart -service nginx restart \ No newline at end of file diff --git a/scripts/servstat.sh b/scripts/servstat.sh deleted file mode 100644 index 54e30d6..0000000 --- a/scripts/servstat.sh +++ /dev/null @@ -1,10 +0,0 @@ -service php-fpm53 status -service php-fpm54 status -service php-fpm55 status -service php-fpm56 status -service php-fpm70 status -service php-fpm71 status -service php-fpm72 status -service php-fpm73 status -service httpd status -service nginx status \ No newline at end of file diff --git a/scripts/sweb.sh b/scripts/sweb.sh deleted file mode 100644 index f297901..0000000 --- a/scripts/sweb.sh +++ /dev/null @@ -1,10 +0,0 @@ -service php-fpm53 start -service php-fpm54 start -service php-fpm55 start -service php-fpm56 start -service php-fpm70 start -service php-fpm71 start -service php-fpm72 start -service php-fpm73 start -service httpd start -service nginx start \ No newline at end of file diff --git a/scripts/tc/Setup-TC-Generic-Kiosk.sh b/scripts/tc/Setup-TC-Generic-Kiosk.sh deleted file mode 100644 index fe4aaaf..0000000 --- a/scripts/tc/Setup-TC-Generic-Kiosk.sh +++ /dev/null @@ -1,168 +0,0 @@ -#!/bin/bash - -#########Tested on######### -## Debian 9(i386) ## -# Hp t5740e # -## Debian 9(amd64) ## -# Dell Optiplex Fx160 # -########################### - - -echo "Debian 9 Thin client install script." -echo "Full url including http(s)://:" -read url - - -apt update - -# get software -apt install xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes -y - -# dir -mkdir -p /home/kiosk/.config/openbox - -mkdir -p /home/kiosk/Bureaublad -# create group -groupadd kiosk - -# create user if not exists -id -u kiosk &>/dev/null || useradd -m kiosk -g kiosk -s /bin/bash - -# rights -chown -R kiosk:kiosk /home/kiosk - -# create config -echo oldurl=${url} > /var/log/browserurl.log - -sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config - -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/gui/grub-4x3.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-4x3.png -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/gui/grub-16x9.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-16x9.png -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/gui/joy-ictm.tar.gz -O /tmp/joy-ictm.tar.gz -tar -zxf /tmp/joy-ictm.tar.gz -C /usr/share/plymouth/themes/ - -sed -i 's|GRUB_TIMEOUT=5|GRUB_TIMEOUT=1|g' /etc/default/grub -sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT="quiet"|GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"|g' /etc/default/grub -update-grub -plymouth-set-default-theme -R joy-ictm - -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/20auto-upgrades -O /etc/apt/apt.conf.d/20auto-upgrades -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/50unattended-upgrades -O /etc/apt/apt.conf.d/50unattended-upgrades - -if [ -e "/etc/lightdm/lightdm.conf" ]; then - mv /etc/lightdm/lightdm.conf /etc/lightdm/lightdm.conf.backup -fi -cat > /etc/lightdm/lightdm.conf << EOF -[SeatDefaults] -autologin-user=kiosk -EOF - -# create autostart -if [ -e "/home/kiosk/.config/openbox/autostart" ]; then - mv /home/kiosk/.config/openbox/autostart /home/kiosk/.config/openbox/autostart.backup -fi - -cat > /home/kiosk/.config/openbox/autostart << EOF -#!/bin/bash -sleep 1; spacefm --desktop & - chromium \ - --no-first-run \ - --disable \ - --disable-translate \ - --disable-infobars \ - --disable-suggestions-service \ - --disable-save-password-bubble \ - --disable-session-crashed-bubble \ - --incognito \ - "${url}" -EOF - -#creating app files - -cat > /home/kiosk/Bureaublad/chromium.desktop << EOF -[Desktop Entry] -Version=1.0 -Name=Chromium -GenericName=Web Browser -GenericName[nl]=Webbrowser -Comment=Access the Internet -Comment[nl]=Verbinding maken met internet -Exec=/usr/bin/chromium --no-first-run --disable --disable-translate --disable-infobars --disable-suggestions-service --disable-save-password-bubble --disable-session-crashed-bubble --incognito ${url} -Terminal=false -X-MultipleArgs=false -Type=Application -Icon=chromium.png -Categories=Network;WebBrowser; -MimeType=text/html;text/xml;application/xhtml_xml;application/x-mimearchive;x-scheme-handler/http;x-scheme-handler/https; -StartupWMClass=chromium -StartupNotify=true -EOF - -cat > /home/kiosk/Bureaublad/nedit.desktop << EOF -[Desktop Entry] -Version=1.0 -Name=NEdit -Name[en]=NEdit -Name[nl]=NEdit -Exec=nedit-nc %F -Icon=nedit -Terminal=false -Type=Application -MimeType=text/plain; -Categories=Motif;Utility;TextTools; -Keywords=Customizable;Scripts;Powerful; -GenericName=Text Editor -GenericName[en]=Text Editor -GenericName[nl]=Tekstverwerker -EOF - -cat > /home/kiosk/Bureaublad/shutdown.desktop << EOF -[Desktop Entry] -Encoding=UTF-8 -Version=1.0 -Type=Application -Terminal=false -Exec=shutdown-menu -Name=Shutdown -Icon=/usr/share/icons/Adwaita/64x64/actions/system-shutdown-symbolic.symbolic.png -EOF - -cp -r /home/kiosk/Bureaublad/ /home/kiosk/Desktop - -# rights for apps folder -chown -R kiosk:kiosk /home/kiosk/Bureaublad -chown -R kiosk:kiosk /home/kiosk/Desktop - - -# setting user power privileges -cat > /etc/sudoers.d/powerctl << EOF -# Cmnd alias specification -Cmnd_Alias SHUTDOWN = /sbin/shutdown -Cmnd_Alias REBOOT = /sbin/reboot - -# User privilege specification -kiosk ALL=SHUTDOWN -kiosk ALL=NOPASSWD: SHUTDOWN -kiosk ALL=REBOOT -kiosk ALL=NOPASSWD: REBOOT -EOF - -cat > /usr/bin/shutdown-menu << EOF -gmessage "Weet u zeker dat u de computer wilt afsluiten?" -center -title "Shutdown" -font "Sans bold 10" -default "Cancel" -buttons "_Annuleren":1,"_Opnieuw opstarten":3,"_Afsluiten":4 >/dev/null - -case \$? in -1) -echo "Exit";; -3) -pkill spacefm -sudo shutdown -r now;; -4) -pkill spacefm -sudo shutdown -h now;; -esac -EOF -chmod 775 /usr/bin/shutdown-menu - -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/update-url.sh -O /root/update-url.sh - -echo "Done!" \ No newline at end of file diff --git a/scripts/tc/Setup-TC-t510-Kiosk.sh b/scripts/tc/Setup-TC-t510-Kiosk.sh deleted file mode 100644 index 2501643..0000000 --- a/scripts/tc/Setup-TC-t510-Kiosk.sh +++ /dev/null @@ -1,176 +0,0 @@ -#!/bin/bash - -#######Made for:####### -## Debian 9 ## -# Hp t510 # -####################### - -echo "Debian 9 Thin client install script." -echo "Full url including http(s)://:" -read url - -apt-get update - - -# get software -apt-get install xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes xserver-xorg-video-openchrome -y - -# dir -mkdir -p /home/kiosk/.config/openbox -mkdir -p /home/kiosk/Bureaublad - -# create group -groupadd kiosk - -# create user if not exists -id -u kiosk &>/dev/null || useradd -m kiosk -g kiosk -s /bin/bash - -# rights -chown -R kiosk:kiosk /home/kiosk - -# create config -echo oldurl=${url} > /var/log/browserurl.log - -sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config - -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/gui/grub-4x3.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-4x3.png -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/gui/grub-16x9.png -O /usr/share/desktop-base/softwaves-theme/grub/grub-16x9.png -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/gui/joy-ictm.tar.gz -O /tmp/joy-ictm.tar.gz -tar -zxf /tmp/joy-ictm.tar.gz -C /usr/share/plymouth/themes/ - -sed -i 's|GRUB_TIMEOUT=5|GRUB_TIMEOUT=1|g' /etc/default/grub -sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT="quiet"|GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"|g' /etc/default/grub -update-grub -plymouth-set-default-theme -R joy-ictm - - -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/20auto-upgrades -O /etc/apt/apt.conf.d/20auto-upgrades -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/config/50unattended-upgrades -O /etc/apt/apt.conf.d/50unattended-upgrades - -if [ -e "/etc/lightdm/lightdm.conf" ]; then - mv /etc/lightdm/lightdm.conf /etc/lightdm/lightdm.conf.backup -fi -cat > /etc/lightdm/lightdm.conf << EOF -[SeatDefaults] -autologin-user=kiosk -EOF - -# create autostart -if [ -e "/home/kiosk/.config/openbox/autostart" ]; then - mv /home/kiosk/.config/openbox/autostart /home/kiosk/.config/openbox/autostart.backup -fi - -cat > /home/kiosk/.config/openbox/autostart << EOF -#!/bin/bash -sleep 1; spacefm --desktop & - chromium \ - --no-first-run \ - --disable \ - --disable-translate \ - --disable-infobars \ - --disable-suggestions-service \ - --disable-save-password-bubble \ - --disable-session-crashed-bubble \ - --incognito \ - "${url}" -EOF - -#creating app files - -cat > /home/kiosk/Bureaublad/chromium.desktop << EOF -[Desktop Entry] -Version=1.0 -Name=Chromium -GenericName=Web Browser -GenericName[nl]=Webbrowser -Comment=Access the Internet -Comment[nl]=Verbinding maken met internet -Exec=/usr/bin/chromium --no-first-run --disable --disable-translate --disable-infobars --disable-suggestions-service --disable-save-password-bubble --disable-session-crashed-bubble --incognito ${url} -Terminal=false -X-MultipleArgs=false -Type=Application -Icon=chromium.png -Categories=Network;WebBrowser; -MimeType=text/html;text/xml;application/xhtml_xml;application/x-mimearchive;x-scheme-handler/http;x-scheme-handler/https; -StartupWMClass=chromium -StartupNotify=true -EOF - -cat > /home/kiosk/Bureaublad/nedit.desktop << EOF -[Desktop Entry] -Version=1.0 -Name=NEdit -Name[en]=NEdit -Name[nl]=NEdit -Exec=nedit-nc %F -Icon=nedit -Terminal=false -Type=Application -MimeType=text/plain; -Categories=Motif;Utility;TextTools; -Keywords=Customizable;Scripts;Powerful; -GenericName=Text Editor -GenericName[en]=Text Editor -GenericName[nl]=Tekstverwerker -EOF - -cat > /home/kiosk/Bureaublad/shutdown.desktop << EOF -[Desktop Entry] -Encoding=UTF-8 -Version=1.0 -Type=Application -Terminal=false -Exec=shutdown-menu -Name=Shutdown -Icon=/usr/share/icons/Adwaita/64x64/actions/system-shutdown-symbolic.symbolic.png -EOF - -cp -r /home/kiosk/Bureaublad/ /home/kiosk/Desktop - -# rights for apps folder -chown -R kiosk:kiosk /home/kiosk/Bureaublad -chown -R kiosk:kiosk /home/kiosk/Desktop - - -# setting user power privileges -cat > /etc/sudoers.d/powerctl << EOF -# Cmnd alias specification -Cmnd_Alias SHUTDOWN = /sbin/shutdown -Cmnd_Alias REBOOT = /sbin/reboot - -# User privilege specification -kiosk ALL=SHUTDOWN -kiosk ALL=NOPASSWD: SHUTDOWN -kiosk ALL=REBOOT -kiosk ALL=NOPASSWD: REBOOT -EOF - -cat > /usr/bin/shutdown-menu << EOF -gmessage "Weet u zeker dat u de computer wilt afsluiten?" -center -title "Shutdown" -font "Sans bold 10" -default "Cancel" -buttons "_Annuleren":1,"_Opnieuw opstarten":3,"_Afsluiten":4 >/dev/null - -case \$? in -1) -echo "Exit";; -3) -pkill spacefm -sudo shutdown -r now;; -4) -pkill spacefm -sudo shutdown -h now;; -esac -EOF -chmod 775 /usr/bin/shutdown-menu - - -wget https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/update-url.sh -O /root/update-url.sh - -cat > /etc/modprobe.d/blacklist-framebuffer.conf << EOF -blacklist tridentfb -blacklist vesafb -blacklist vfb -blacklist viafb -blacklist vt8623fb -blacklist udlfb -EOF - -echo "Done!" \ No newline at end of file diff --git a/scripts/tc/config/20auto-upgrades b/scripts/tc/config/20auto-upgrades deleted file mode 100644 index 7587020..0000000 --- a/scripts/tc/config/20auto-upgrades +++ /dev/null @@ -1,4 +0,0 @@ -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::AutocleanInterval "7"; -APT::Periodic::Unattended-Upgrade "1"; \ No newline at end of file diff --git a/scripts/tc/config/50unattended-upgrades b/scripts/tc/config/50unattended-upgrades deleted file mode 100644 index bcc6af6..0000000 --- a/scripts/tc/config/50unattended-upgrades +++ /dev/null @@ -1,25 +0,0 @@ -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::AutocleanInterval "7"; -APT::Periodic::Unattended-Upgrade "1"; -Unattended-Upgrade::Mail "root"; - -// Automatically upgrade packages from these -Unattended-Upgrade::Origins-Pattern { - "o=Debian,a=stable"; - "o=Debian,a=stable-updates"; - "o=Debian,a=proposed-updates"; - "origin=Debian,codename=${distro_codename},label=Debian-Security"; -}; - -// You can specify your own packages to NOT automatically upgrade here -Unattended-Upgrade::Package-Blacklist { -// "vim"; -// "libc6"; -// "libc6-dev"; -// "libc6-i686"; - -}; - -Unattended-Upgrade::MailOnlyOnError "false"; -Unattended-Upgrade::Automatic-Reboot "false"; \ No newline at end of file diff --git a/scripts/tc/config/gui/grub-16x9.png b/scripts/tc/config/gui/grub-16x9.png deleted file mode 100644 index 8a0ced6..0000000 Binary files a/scripts/tc/config/gui/grub-16x9.png and /dev/null differ diff --git a/scripts/tc/config/gui/grub-4x3.png b/scripts/tc/config/gui/grub-4x3.png deleted file mode 100644 index 826a967..0000000 Binary files a/scripts/tc/config/gui/grub-4x3.png and /dev/null differ diff --git a/scripts/tc/config/gui/joy-ictm.tar.gz b/scripts/tc/config/gui/joy-ictm.tar.gz deleted file mode 100644 index cd53db8..0000000 Binary files a/scripts/tc/config/gui/joy-ictm.tar.gz and /dev/null differ diff --git a/scripts/tc/debian-generic-preseed.txt b/scripts/tc/debian-generic-preseed.txt deleted file mode 100644 index 308ed3b..0000000 --- a/scripts/tc/debian-generic-preseed.txt +++ /dev/null @@ -1,277 +0,0 @@ -#### Contents of the preconfiguration file (for stretch) -### Localization -# Preseeding only locale sets language, country and locale. -#d-i debian-installer/locale string en_US - -# The values can also be preseeded individually for greater flexibility. -d-i debian-installer/language string nl -d-i debian-installer/country string NL -d-i debian-installer/locale string nl_NL.UTF-8 -# Optionally specify additional locales to be generated. -#d-i localechooser/supported-locales multiselect en_US.UTF-8, nl_NL.UTF-8 - -# Keyboard selection. -d-i keyboard-configuration/xkb-keymap select us -# d-i keyboard-configuration/toggle select No toggling - -### Network configuration -# Disable network configuration entirely. This is useful for cdrom -# installations on non-networked devices where the network questions, -# warning and long timeouts are a nuisance. -#d-i netcfg/enable boolean false - -# netcfg will choose an interface that has link if possible. This makes it -# skip displaying a list if there is more than one interface. -d-i netcfg/choose_interface select auto - -# To pick a particular interface instead: -#d-i netcfg/choose_interface select eth1 - -# To set a different link detection timeout (default is 3 seconds). -# Values are interpreted as seconds. -#d-i netcfg/link_wait_timeout string 10 - -# If you have a slow dhcp server and the installer times out waiting for -# it, this might be useful. -#d-i netcfg/dhcp_timeout string 60 -#d-i netcfg/dhcpv6_timeout string 60 - -# If you prefer to configure the network manually, uncomment this line and -# the static network configuration below. -#d-i netcfg/disable_autoconfig boolean true - - -# Any hostname and domain names assigned from dhcp take precedence over -# values set here. However, setting the values still prevents the questions -# from being shown, even if values come from dhcp. -d-i netcfg/get_hostname string Thin-Client -d-i netcfg/get_domain string - -# If you want to force a hostname, regardless of what either the DHCP -# server returns or what the reverse DNS entry for the IP is, uncomment -# and adjust the following line. -#d-i netcfg/hostname string somehost - -# Disable that annoying WEP key dialog. -d-i netcfg/wireless_wep string -# The wacky dhcp hostname that some ISPs use as a password of sorts. -#d-i netcfg/dhcp_hostname string radish - -# If non-free firmware is needed for the network or other hardware, you can -# configure the installer to always try to load it, without prompting. Or -# change to false to disable asking. -#d-i hw-detect/load_firmware boolean true - -### Network console -# Use the following settings if you wish to make use of the network-console -# component for remote installation over SSH. This only makes sense if you -# intend to perform the remainder of the installation manually. -#d-i anna/choose_modules string network-console -#d-i network-console/authorized_keys_url string http://10.0.0.1/openssh-key -#d-i network-console/password password r00tme -#d-i network-console/password-again password r00tme - -### Mirror settings -# If you select ftp, the mirror/country string does not need to be set. -#d-i mirror/protocol string ftp -d-i mirror/country string manual -d-i mirror/http/hostname string ftp.nl.debian.org -d-i mirror/http/directory string /debian -d-i mirror/http/proxy string - -# Suite to install. -#d-i mirror/suite string testing -# Suite to use for loading installer components (optional). -#d-i mirror/udeb/suite string testing - -### Account setup -# Skip creation of a root account (normal user account will be able to -# use sudo). -#d-i passwd/root-login boolean false -# Alternatively, to skip creation of a normal user account. -d-i passwd/make-user boolean false - -# Root password, either in clear text -#d-i passwd/root-password password r00tme -#d-i passwd/root-password-again password r00tme -# or encrypted using a crypt(3) hash. -#d-i passwd/root-password-crypted password [crypt(3) hash] - - -### Clock and time zone setup -# Controls whether or not the hardware clock is set to UTC. -d-i clock-setup/utc boolean true - -# You may set this to any valid setting for $TZ; see the contents of -# /usr/share/zoneinfo/ for valid values. -d-i time/zone string Europe/Amsterdam - -# Controls whether to use NTP to set the clock during the install -d-i clock-setup/ntp boolean true -# NTP server to use. The default is almost always fine here. -#d-i clock-setup/ntp-server string ntp.example.com - -### Partitioning -## Partitioning example -# If the system has free space you can choose to only partition that space. -# This is only honoured if partman-auto/method (below) is not set. -#d-i partman-auto/init_automatically_partition select biggest_free - -# Alternatively, you may specify a disk to partition. If the system has only -# one disk the installer will default to using that, but otherwise the device -# name must be given in traditional, non-devfs format (so e.g. /dev/sda -# and not e.g. /dev/discs/disc0/disc). -# For example, to use the first SCSI/SATA hard disk: -#d-i partman-auto/disk string /dev/sda -# In addition, you'll need to specify the method to use. -# The presently available methods are: -# - regular: use the usual partition types for your architecture -# - lvm: use LVM to partition the disk -# - crypto: use LVM within an encrypted partition -d-i partman-auto/method string regular - -# If one of the disks that are going to be automatically partitioned -# contains an old LVM configuration, the user will normally receive a -# warning. This can be preseeded away... -#d-i partman-lvm/device_remove_lvm boolean true -# The same applies to pre-existing software RAID array: -d-i partman-md/device_remove_md boolean true -# And the same goes for the confirmation to write the lvm partitions. -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true - -# You can choose one of the three predefined partitioning recipes: -# - atomic: all files in one partition -# - home: separate /home partition -# - multi: separate /home, /var, and /tmp partitions -d-i partman-auto/choose_recipe select atomic - - - -# This makes partman automatically partition without confirmation. -d-i partman-md/confirm boolean true -d-i partman-partitioning/confirm_write_new_label boolean true -d-i partman/choose_partition select finish -d-i partman/confirm boolean true -d-i partman/confirm_nooverwrite boolean true - -## Controlling how partitions are mounted -# The default is to mount by UUID, but you can also choose "traditional" to -# use traditional device names, or "label" to try filesystem labels before -# falling back to UUIDs. -#d-i partman/mount_style select uuid - -### Base system installation -# Configure APT to not install recommended packages by default. Use of this -# option can result in an incomplete system and should only be used by very -# experienced users. -#d-i base-installer/install-recommends boolean false - -# The kernel image (meta) package to be installed; "none" can be used if no -# kernel is to be installed. -#d-i base-installer/kernel/image string linux-image-686 - -### Apt setup -# You can choose to install non-free and contrib software. -d-i apt-setup/non-free boolean true -d-i apt-setup/contrib boolean true - -# Uncomment this to add multiarch configuration for i386 -#d-i apt-setup/multiarch string i386 - - -### Package selection -tasksel tasksel/first multiselect standard - -# Individual additional packages to install -d-i pkgsel/include string openssh-server xorg chromium openbox lightdm nedit locales spacefm sudo gmessage unattended-upgrades plymouth plymouth-themes - -# Some versions of the installer can report back on what software you have -# installed, and what software you use. The default is not to report back, -# but sending reports helps the project determine what software is most -# popular and include it on CDs. -#popularity-contest popularity-contest/participate boolean false - -### Boot loader installation -# Grub is the default boot loader (for x86). If you want lilo installed -# instead, uncomment this: -#d-i grub-installer/skip boolean true -# To also skip installing lilo, and install no bootloader, uncomment this -# too: -#d-i lilo-installer/skip boolean true - - -# This is fairly safe to set, it makes grub install automatically to the MBR -# if no other operating system is detected on the machine. -###d-i grub-installer/only_debian boolean true - -# This one makes grub-installer install to the MBR if it also finds some other -# OS, which is less safe as it might not be able to boot that other OS. -###d-i grub-installer/with_other_os boolean true - -# Due notably to potential USB sticks, the location of the MBR can not be -# determined safely in general, so this needs to be specified: -#d-i grub-installer/bootdev string /dev/sda -# To install to the first device (assuming it is not a USB stick): -#d-i grub-installer/bootdev string default - - -# Use the following option to add additional boot parameters for the -# installed system (if supported by the bootloader installer). -# Note: options passed to the installer will be added automatically. -#d-i debian-installer/add-kernel-opts string nousb - -### Finishing up the installation -# During installations from serial console, the regular virtual consoles -# (VT1-VT6) are normally disabled in /etc/inittab. Uncomment the next -# line to prevent this. -#d-i finish-install/keep-consoles boolean true - -# Avoid that last message about the install being complete. -d-i finish-install/reboot_in_progress note - -# This will prevent the installer from ejecting the CD during the reboot, -# which is useful in some situations. -#d-i cdrom-detect/eject boolean false - -# This is how to make the installer shutdown when finished, but not -# reboot into the installed system. -#d-i debian-installer/exit/halt boolean true -# This will power off the machine instead of just halting it. -#d-i debian-installer/exit/poweroff boolean true - -### Preseeding other packages -# Depending on what software you choose to install, or if things go wrong -# during the installation process, it's possible that other questions may -# be asked. You can preseed those too, of course. To get a list of every -# possible question that could be asked during an install, do an -# installation, and then run these commands: -# debconf-get-selections --installer > file -# debconf-get-selections >> file - - -#### Advanced options -### Running custom commands during the installation -# d-i preseeding is inherently not secure. Nothing in the installer checks -# for attempts at buffer overflows or other exploits of the values of a -# preconfiguration file like this one. Only use preconfiguration files from -# trusted locations! To drive that home, and because it's generally useful, -# here's a way to run any shell command you'd like inside the installer, -# automatically. - -# This first command is run as early as possible, just after -# preseeding is read. -#d-i preseed/early_command string anna-install some-udeb -# This command is run immediately before the partitioner starts. It may be -# useful to apply dynamic partitioner preseeding that depends on the state -# of the disks (which may not be visible when preseed/early_command runs). -#d-i partman/early_command \ -# string debconf-set partman-auto/disk "$(list-devices disk | head -n1)" -# This command is run just before the install finishes, but when there is -# still a usable /target directory. You can chroot to /target and use it -# directly, or use the apt-install and in-target commands to easily install -# packages and run commands in the target system. -d-i preseed/late_command string \ -in-target wget -O /root/Setup-TC-Generic-Kiosk.sh https://git.ictmaatwerk.com/bprieshof/Linux-scripts/raw/branch/master/tc/Setup-TC-Generic-Kiosk.sh # ; \ -#in-target bash /root/Setup-TC-Generic-Kiosk.sh - diff --git a/scripts/tc/update-url.sh b/scripts/tc/update-url.sh deleted file mode 100644 index f42cd49..0000000 --- a/scripts/tc/update-url.sh +++ /dev/null @@ -1,13 +0,0 @@ -echo "Thin client url updater." -echo "enter the full url including http(s)://" -read url - -source /var/log/browserurl.log - -sed -i "s|$oldurl|$url|g" /home/kiosk/Bureaublad/chromium.desktop -sed -i "s|$oldurl|$url|g" /home/kiosk/Desktop/chromium.desktop -sed -i "s|$oldurl|$url|g" /home/kiosk/.config/openbox/autostart - -echo oldurl=${url} > /var/log/browserurl.log - -echo "Done!" diff --git a/smokeping-setup.md b/smokeping-setup.md deleted file mode 100644 index 35f908a..0000000 --- a/smokeping-setup.md +++ /dev/null @@ -1,221 +0,0 @@ -# Setup Smokeping -Intructions for setting up SmokePing on Alpine Linux - -## Main(Master) -Needed packages: smokeping lighttpd - -make sure to empty the remote secret file (/etc/smokeping/smokeping_secrets), -you also need to correct the permissions `chown smokeping:smokeping /etc/smokeping/smokeping_secrets` - -Lighttpd (/etc/lighttpd/lighttpd.conf) -``` -# {{{ modules -server.modules = ( -# "mod_accesslog", - "mod_cgi" -) -# }}} - -# {{{ includes -include "mime-types.conf" -# }}} - -# {{{ CGI -cgi.assign = ( -".cgi" => "/usr/bin/perl" -) -# }}} - -# {{{ server settings -server.username = "smokeping" -server.groupname = "smokeping" -server.document-root = "/usr/share/webapps/smokeping" -server.pid-file = "/run/lighttpd.pid" -server.errorlog-use-syslog = "enable" -server.indexfiles = ("smokeping.cgi") -server.follow-symlink = "enable" -static-file.exclude-extensions = (".cgi") -# }}} - -# {{{ mod_accesslog -#accesslog.filename = "/var/log/lighttpd-access.log" -# }}} - -# vim: set ft=conf foldmethod=marker et : -``` - -Smokeping config (/etc/smokeping/config) -``` -*** General *** - -owner = MaintainerName -contact = some@address.nowhere -mailhost = my.mail.host -sendmail = /usr/sbin/sendmail -imgcache = /var/lib/smokeping/.simg -imgurl = img -datadir = /var/lib/smokeping -piddir = /var/run/smokeping -cgiurl = http://some.url/smokeping.cgi -tmail = /etc/smokeping/tmail -smokemail = /etc/smokeping/smokemail -syslogfacility = local0 - -#Use to overwrite system hostname -#display_name = HostName - -*** Database *** - -step = 300 -pings = 20 - -# consfn mrhb steps total - -AVERAGE 0.5 1 1008 -AVERAGE 0.5 12 4320 - MIN 0.5 12 4320 - MAX 0.5 12 4320 -AVERAGE 0.5 144 720 - MAX 0.5 144 720 - MIN 0.5 144 720 - -*** Presentation *** - -template = /etc/smokeping/basepage.html -htmltitle = yes -graphborders = no - -+ charts - -menu = Charts -title = The most interesting destinations - -++ stddev -sorter = StdDev(entries=>4) -title = Top Standard Deviation -menu = Std Deviation -format = Standard Deviation %f - -++ max -sorter = Max(entries=>5) -title = Top Max Roundtrip Time -menu = by Max -format = Max Roundtrip Time %f seconds - -++ loss -sorter = Loss(entries=>5) -title = Top Packet Loss -menu = Loss -format = Packets Lost %f - -++ median -sorter = Median(entries=>5) -title = Top Median Roundtrip Time -menu = by Median -format = Median RTT %f seconds - -+ overview - -width = 600 -height = 50 -range = 10h - -+ detail - -width = 600 -height = 200 -unison_tolerance = 2 - -"Last hour" 1h -"Last day" 24h -"Last week" 7d -"Last month" 30d -"Last year" 365d - - -*** Probes *** - -+FPing -binary = /usr/sbin/fping -step = 60 - -*** Slaves *** -secrets=/etc/smokeping/smokeping_secrets - - -*** Targets *** - -probe = FPing - -menu = Top -title = Network Latency Grapher -remark = Welcome to SmokePing. - -+ Internet -menu = Internet -title = Hosts on the internet - -++ cloudflare -#slaves = -host = 1.1.1.1 - -++ google -#slaves = -host = 8.8.8.8 - -``` - -Start and Enable services on boot `service smokeping start && service lighttpd start && rc-update add smokeping default && rc-update add lighttpd default` - -## Remote(Slave) - -### On Main -Add the name and a secret in in the secrets file`/etc/smokeping/smokeping_secrets` using the following format (one per line) `remotehostname:Secret` -Add the host to the slaves section using the following example: -``` -+remotehostname -display_name=Remote-Hostname -color=00ffff -``` -Add the host to the `slaves` section of the targets (should be seperated with a space) -Last step on main is to restart smokeping `service smokeping restart` - -### On Remote -Needed packages: smokeping - -Put a secret in `/etc/smokeping/secret.txt` -set its permissions `chown smokeping:smokeping /etc/smokeping/secret.txt && chmod 600 /etc/smokeping/secret.txt` - -Service file(/etc/init.d/smokeping-remote) -``` -#!/sbin/openrc-run -HostName=host1 -MainURL="http:///smokeping.cgi" - -depend() { - need net -} - -start() { - checkpath --directory --owner smokeping:smokeping /var/run/smokeping - - ebegin "Starting smokeping remote" - LC_ALL=C \ - start-stop-daemon --start --name smokeping \ - --pidfile /var/run/smokeping/smokeping.pid \ - --exec /usr/bin/smokeping \ - --user smokeping:smokeping \ - -- --master-url=$MainURL --cache-dir=/var/lib/smokeping --pid-dir=/var/run/smokeping --shared-secret=/etc/smokeping/secret.txt --slave-name=$HostName - eend $? -} - -stop() { - ebegin "Stopping smokeping Remote" - start-stop-daemon --stop \ - --pidfile /var/run/smokeping/smokeping.pid - eend $? -} -``` -Set permissions service file `chmod +x /etc/init.d/smokeping-remote` -Start and Enable service on boot `service smokeping-remote start && rc-update add smokeping-remote default` -Add to Root cron tab to auto reload after crash (/etc/crontabs/root) `echo '* * * * * openrc --no-stop' >> /etc/crontabs/root`