ShogunIsHere/instance-setup-stuff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bruh moment

Browse Source 
whitespace/formatting diff
This commit is contained in:
Kaushik Narayan R
2026-02-15 16:27:20 -08:00
parent 8bffdd60bc
commit 4495f333d8
51 changed files with 736 additions and 717 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
actual_server-update
View File

@@ -3,9 +3,9 @@
mkdir -p "${HOME}"/update_logs
logFile=${HOME}/update_logs/$(date +%y_%m).log
{
echo -e "\n[+] updating actual\n"
echo -e "\n[+] updating actual\n"
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
} &>>"$logFile"

26
api.spotify-manager.knravish.me.conf
View File

@@ -1,17 +1,17 @@
server {
server_name api.spotify-manager.knravish.me;
server_name api.spotify-manager.knravish.me;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:9001;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:9001;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
listen 80;
listen 80;
}

28
auth.knravish.me.conf
View File

@@ -1,21 +1,21 @@
server {
server_name auth.knravish.me;
index index.html index.htm;
server_name auth.knravish.me;
index index.html index.htm;
set $upstream http://127.0.0.1:9091;
set $upstream http://127.0.0.1:9091;
location / {
include /etc/nginx/snippets/proxy.conf;
proxy_pass $upstream;
}
location / {
include /etc/nginx/snippets/proxy.conf;
proxy_pass $upstream;
}
location = /api/verify {
proxy_pass $upstream;
}
location = /api/verify {
proxy_pass $upstream;
}
location /api/authz/ {
proxy_pass $upstream;
}
location /api/authz/ {
proxy_pass $upstream;
}
listen 80;
listen 80;
}

48
authelia/nginx_snippets/authelia-location.conf
View File

@@ -2,31 +2,31 @@ set $upstream_authelia http://127.0.0.1:9091/api/authz/auth-request;
## Virtual endpoint created by nginx to forward auth requests.
location /internal/authelia/authz {
## Essential Proxy Configuration
internal;
proxy_pass $upstream_authelia;
## Essential Proxy Configuration
internal;
proxy_pass $upstream_authelia;
## Headers
## The headers starting with X-* are required.
proxy_set_header X-Original-Method $request_method;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Content-Length "";
proxy_set_header Connection "";
## Headers
## The headers starting with X-* are required.
proxy_set_header X-Original-Method $request_method;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Content-Length "";
proxy_set_header Connection "";
## Basic Proxy Configuration
proxy_pass_request_body off;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Timeout if the real server is dead
proxy_redirect http:// $scheme://;
proxy_http_version 1.1;
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 4 32k;
client_body_buffer_size 128k;
## Basic Proxy Configuration
proxy_pass_request_body off;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Timeout if the real server is dead
proxy_redirect http:// $scheme://;
proxy_http_version 1.1;
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 4 32k;
client_body_buffer_size 128k;
## Advanced Proxy Configuration
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
## Advanced Proxy Configuration
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
}

44
authelia_server-backup
View File

@@ -7,33 +7,33 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] authelia backup\n"
echo -e "\n[+] authelia backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
cp -pr "${VOLUME_PATH}"/* /tmp/"${USER}"-backup
cp -pr "${VOLUME_PATH}"/* /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Authelia" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Authelia" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Authelia" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Authelia" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
} &>>"$logFile"

8
authelia_server-update
View File

@@ -3,9 +3,9 @@
mkdir -p "${HOME}"/update_logs
logFile=${HOME}/update_logs/$(date +%y_%m).log
{
echo -e "\n[+] updating authelia\n"
echo -e "\n[+] updating authelia\n"
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
} &>>"$logFile"

20
budget.knravish.me.conf
View File

@@ -1,16 +1,16 @@
server {
server_name budget.knravish.me;
index index.html index.htm;
server_name budget.knravish.me;
index index.html index.htm;
include /etc/nginx/snippets/authelia-location.conf;
include /etc/nginx/snippets/authelia-location.conf;
set $upstream http://127.0.0.1:5006;
set $upstream http://127.0.0.1:5006;
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
listen 80;
listen 80;
}

28
dash.knravish.me.conf
View File

@@ -1,18 +1,18 @@
server {
server_name dash.knravish.me;
index index.html index.htm;
server_name dash.knravish.me;
index index.html index.htm;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:3000;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:3000;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
listen 80;
listen 80;
}

14
file_transfers copy.ps1
View File

@@ -3,14 +3,14 @@ $remote_home_folder = "your_default_user@1.2.3.4"
$key = "your.private.key"
function TransferFile {
param (
[Parameter(Mandatory)]
[string]$FileName,
[ValidateNotNullOrEmpty()]
[string]$DestPath = ""
)
param (
[Parameter(Mandatory)]
[string]$FileName,
[ValidateNotNullOrEmpty()]
[string]$DestPath = ""
)
scp -i "${dirname}\${key}" "${dirname}\${FileName}" "${remote_home_folder}:${DestPath}"
scp -i "${dirname}\${key}" "${dirname}\${FileName}" "${remote_home_folder}:${DestPath}"
}
# backups

46
foundry_server-backup
View File

@@ -7,34 +7,34 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] foundry backup\n"
echo -e "\n[+] foundry backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
systemctl --user stop "${USER}"-start.service
systemctl --user stop "${USER}"-start.service
cp -pr "${FOUNDRY_DATA_PATH}"/* /tmp/"${USER}"-backup
cp -pr "${FOUNDRY_DATA_PATH}"/* /tmp/"${USER}"-backup
systemctl --user restart "${USER}"-start.service
systemctl --user restart "${USER}"-start.service
rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v
if [ $? -ne 0 ]; then
curl -Ss \
-H "Title: Foundry VTT" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v
if [ $? -ne 0 ]; then
curl -Ss \
-H "Title: Foundry VTT" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Foundry VTT" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Foundry VTT" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
} &>>"$logFile"

60
ghost_server-backup
View File

@@ -6,40 +6,40 @@
mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] ghost backup\n"
echo -e "\n[+] ghost backup\n"
cd "${BLOG_PATH}" || exit
cd "${BLOG_PATH}" || exit
if ! /usr/bin/expect "${HOME}"/"${USER}"-credentials.exp; then
curl -Ss \
-H "Title: Ghost Blog" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed - ghost backup failure" \
"${NOTIF_URL}"
rm -r "${BLOG_PATH}"/backup*
exit 1
fi
if ! /usr/bin/expect "${HOME}"/"${USER}"-credentials.exp; then
curl -Ss \
-H "Title: Ghost Blog" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed - ghost backup failure" \
"${NOTIF_URL}"
rm -r "${BLOG_PATH}"/backup*
exit 1
fi
echo "[+] local backup taken"
echo "[+] local backup taken"
if ! rclone copyto "${BLOG_PATH}"/backup*.zip "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Ghost Blog" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed - rclone failure" \
"${NOTIF_URL}"
rm -r "${BLOG_PATH}"/backup*
exit 1
fi
if ! rclone copyto "${BLOG_PATH}"/backup*.zip "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Ghost Blog" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed - rclone failure" \
"${NOTIF_URL}"
rm -r "${BLOG_PATH}"/backup*
exit 1
fi
curl -Ss \
-H "Title: Ghost Blog" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r "${BLOG_PATH}"/backup*
curl -Ss \
-H "Title: Ghost Blog" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r "${BLOG_PATH}"/backup*
} &>>"$logFile"

72
ghost_server-config.production copy.json
View File

@@ -1,38 +1,38 @@
{
"url": "https://blog.knravish.me",
"server": {
"port": 2368,
"host": "127.0.0.1"
},
"database": {
"client": "mysql",
"connection": {
"host": "postgres_hostname",
"user": "postgres_username",
"password": "postgres_password",
"database": "defaultdb",
"port": <postgres_port>,
"ssl": {
"ca": "<postgres_ssl_ca_cert_rsa_contents>",
"rejectUnauthorized": true
}
}
},
"mail": {
"transport": "Direct"
},
"logging": {
"transports": [
"file",
"stdout"
]
},
"process": "systemd",
"paths": {
"contentPath": "/var/www/blog.knravish.me/content"
},
"bootstrap-socket": {
"port": 8000,
"host": "localhost"
}
"url": "https://blog.knravish.me",
"server": {
"port": 2368,
"host": "127.0.0.1"
},
"database": {
"client": "mysql",
"connection": {
"host": "postgres_hostname",
"user": "postgres_username",
"password": "postgres_password",
"database": "defaultdb",
"port": <postgres_port>,
"ssl": {
"ca": "<postgres_ssl_ca_cert_rsa_contents>",
"rejectUnauthorized": true
}
}
},
"mail": {
"transport": "Direct"
},
"logging": {
"transports": [
"file",
"stdout"
]
},
"process": "systemd",
"paths": {
"contentPath": "/var/www/blog.knravish.me/content"
},
"bootstrap-socket": {
"port": 8000,
"host": "localhost"
}
}

30
git.knravish.me.conf
View File

@@ -1,18 +1,18 @@
server {
server_name git.knravish.me;
index index.html index.htm;
server {
server_name git.knravish.me;
index index.html index.htm;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:3001;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:3001;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
listen 80;
listen 80;
}

52
gitea_server-backup
View File

@@ -7,38 +7,38 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] gitea backup\n"
echo -e "\n[+] gitea backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop gitea
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop gitea
cp -pr "${VOLUME_PATH}"/config /tmp/"${USER}"-backup
cp -pr "${VOLUME_PATH}"/data /tmp/"${USER}"-backup
cp -pr "${VOLUME_PATH}"/config /tmp/"${USER}"-backup
cp -pr "${VOLUME_PATH}"/data /tmp/"${USER}"-backup
# shellcheck disable=SC2024
sudo docker exec -u "${PUID}:${PGID}" -it gitea-postgres sh -c \
'pg_dumpall -c --if-exists -U gitea' >/tmp/"${USER}"-backup/db.out
# shellcheck disable=SC2024
sudo docker exec -u "${PUID}:${PGID}" -it gitea-postgres sh -c \
'pg_dumpall -c --if-exists -U gitea' >/tmp/"${USER}"-backup/db.out
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start gitea
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start gitea
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Gitea" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
exit 1
fi
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Gitea" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Gitea" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Gitea" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
} &>>"$logFile"

44
homepage_server-backup
View File

@@ -7,33 +7,33 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] homepage backup\n"
echo -e "\n[+] homepage backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
cp -pr "${VOLUME_PATH}"/* /tmp/"${USER}"-backup
cp -pr "${VOLUME_PATH}"/* /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Homepage" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Homepage" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Homepage" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Homepage" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
} &>>"$logFile"

16
homepage_server-geticon
View File

@@ -9,14 +9,14 @@ svg_url=${base_url}/svg/${1}.svg
png_url=${base_url}/png/${1}.png
if ! curl -I "${svg_url}" | grep -E "HTTP/.* 404" >/dev/null; then
curl -Ss -O --output-dir "${VOLUME_PATH}"/icons "${svg_url}"
echo "svg"
exit 0
curl -Ss -O --output-dir "${VOLUME_PATH}"/icons "${svg_url}"
echo "svg"
exit 0
elif ! curl -I "${png_url}" | grep -E "HTTP/.* 404" >/dev/null; then
curl -Ss -O --output-dir "${VOLUME_PATH}"/icons "${png_url}"
echo "png"
exit 0
curl -Ss -O --output-dir "${VOLUME_PATH}"/icons "${png_url}"
echo "png"
exit 0
else
echo "Not Found"
exit 1
echo "Not Found"
exit 1
fi

12
homepage_server-getimage
View File

@@ -8,11 +8,11 @@ headers=$(curl -SsIXGET "$1")
status_code=$(echo "$headers" | grep -E "HTTP/.* [0-9]{3}" | awk '{print $2}')
if [[ $status_code == "200" ]]; then
ext=$(echo "$headers" | grep "content-type:" | awk -F/ '{print $2}' | tr -d " \t\n\r")
curl -Ss -o "${VOLUME_PATH}"/images/"${2}"."${ext}" "${1}"
echo "found"
exit 0
ext=$(echo "$headers" | grep "content-type:" | awk -F/ '{print $2}' | tr -d " \t\n\r")
curl -Ss -o "${VOLUME_PATH}"/images/"${2}"."${ext}" "${1}"
echo "found"
exit 0
else
echo "Not Found"
exit 1
echo "Not Found"
exit 1
fi

8
homepage_server-update
View File

@@ -3,9 +3,9 @@
mkdir -p "${HOME}"/update_logs
logFile=${HOME}/update_logs/$(date +%y_%m).log
{
echo -e "\n[+] updating homepage\n"
echo -e "\n[+] updating homepage\n"
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
} &>>"$logFile"

3
instance-bash_autocompletions
View File

@@ -1,3 +0,0 @@
#!/bin/bash
complete -W "$(compgen -u)" workas

3
instance-bash_completion Normal file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
complete -W "$(compgen -u | sed 's/$/@/')" workas

274
instance-setup
View File

@@ -21,8 +21,8 @@ cat instance-bash_aliases | tee -a ~/.bash_aliases
cat instance-bash_aliases | sudo tee -a /etc/skel/.bash_aliases
# some useful autocompletions
chmod 774 instance-bash_autocompletions
./instance-bash_autocompletions
cat instance-bash_completion | tee -a ~/.bash_completion
cat instance-bash_completion | sudo tee -a /etc/skel/.bash_completion
cd ~ || exit
sudo apt-get update
@@ -30,11 +30,11 @@ sudo apt-get upgrade -y
sudo pro attach "$UBUNTU_PRO_TOKEN"
if [[ $(cloud-init query platform) == 'oracle' ]]; then
# https://www.reddit.com/r/oraclecloud/comments/r8lkf7/a_quick_tips_to_people_who_are_having_issue/
echo "[+] disabling ufw and netfilter rules (OCI default)"
sudo ufw disable
sudo iptables -I INPUT -j ACCEPT
sudo iptables-save | sudo dd of=/etc/iptables/rules.v4
# https://www.reddit.com/r/oraclecloud/comments/r8lkf7/a_quick_tips_to_people_who_are_having_issue/
echo "[+] disabling ufw and netfilter rules (OCI default)"
sudo ufw disable
sudo iptables -I INPUT -j ACCEPT
sudo iptables-save | sudo dd of=/etc/iptables/rules.v4
fi
echo "[+] packages"
@@ -48,42 +48,42 @@ sudo install -m 0775 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \
https://download.docker.com/linux/ubuntu $(lsb_release -cs 2>/dev/null) stable" |
sudo tee /etc/apt/sources.list.d/docker.list >/dev/null
sudo tee /etc/apt/sources.list.d/docker.list >/dev/null
echo "[+] nginx"
# http://nginx.org/en/linux_packages.html#Ubuntu
curl -L https://nginx.org/keys/nginx_signing.key | gpg --dearmor |
sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
expected_nginx_fingerprint='573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62'
if ! gpg --dry-run --quiet --no-keyring --import --import-options \
import-show /usr/share/keyrings/nginx-archive-keyring.gpg |
grep -c $expected_nginx_fingerprint; then
echo -e "\n[!] Nginx GPG key fingerprint does not match, aborting...\n"
sudo rm /usr/share/keyrings/nginx-archive-keyring.gpg
exit 1
import-show /usr/share/keyrings/nginx-archive-keyring.gpg |
grep -c $expected_nginx_fingerprint; then
echo -e "\n[!] Nginx GPG key fingerprint does not match, aborting...\n"
sudo rm /usr/share/keyrings/nginx-archive-keyring.gpg
exit 1
fi
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/ubuntu $(lsb_release -cs 2>/dev/null) nginx" |
sudo tee /etc/apt/sources.list.d/nginx.list
sudo tee /etc/apt/sources.list.d/nginx.list
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" |
sudo tee /etc/apt/preferences.d/99nginx
sudo tee /etc/apt/preferences.d/99nginx
echo "[+] syncthing"
sudo curl -L -o /etc/apt/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg
echo "deb [signed-by=/etc/apt/keyrings/syncthing-archive-keyring.gpg]\
https://apt.syncthing.net/ syncthing stable-v2" |
sudo tee /etc/apt/sources.list.d/syncthing.list
sudo tee /etc/apt/sources.list.d/syncthing.list
echo -e "Package: *\nPin: origin apt.syncthing.net\nPin-Priority: 990\n" |
sudo tee /etc/apt/preferences.d/syncthing.pref
sudo tee /etc/apt/preferences.d/syncthing.pref
echo "[+] putting it all together"
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin nginx syncthing -y
if ! sudo docker run hello-world | grep -c 'installation appears to be working correctly'; then
echo -e "\n[!] Docker installation failed, aborting...\n"
exit 1
echo -e "\n[!] Docker installation failed, aborting...\n"
exit 1
fi
echo "[+] rclone"
@@ -101,65 +101,65 @@ sudo ln -s /snap/bin/certbot /usr/bin/certbot
echo "[+] add users for applications"
# format - tool name underscore 'server'
users=(
"actual_server"
"authelia_server"
"foundry_server"
"ghost_server"
"gitea_server"
"homepage_server"
"mealie_server"
"memos_server"
"minecraft_server"
"pwpush_server"
"shlink_server"
"spotmgr_server"
"stirling_server"
"syncthing_server"
"vikunja_server"
"wg_server"
"actual_server"
"authelia_server"
"foundry_server"
"ghost_server"
"gitea_server"
"homepage_server"
"mealie_server"
"memos_server"
"minecraft_server"
"pwpush_server"
"shlink_server"
"spotmgr_server"
"stirling_server"
"syncthing_server"
"vikunja_server"
"wg_server"
)
for username in "${users[@]}"; do
sudo useradd -m -U -s /bin/bash "${username}"
sudo useradd -m -U -s /bin/bash "${username}"
# setup script
sudo cp ~/"${username}"-setup /home/"${username}"/
sudo chmod 774 /home/"${username}"/"${username}"-setup
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-setup
sudo cp ~/"${username}"-env /home/"${username}"/
sudo chmod 600 /home/"${username}"/"${username}"-env
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-env
# setup script
sudo cp ~/"${username}"-setup /home/"${username}"/
sudo chmod 774 /home/"${username}"/"${username}"-setup
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-setup
sudo cp ~/"${username}"-env /home/"${username}"/
sudo chmod 600 /home/"${username}"/"${username}"-env
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-env
# user services won't linger by default
sudo loginctl enable-linger "${username}"
# user services won't linger by default
sudo loginctl enable-linger "${username}"
done
# admin privileges, needed for anyone running docker
admin_users=(
"actual_server"
"authelia_server"
"ghost_server"
"gitea_server"
"homepage_server"
"mealie_server"
"memos_server"
"pwpush_server"
"shlink_server"
"spotmgr_server"
"stirling_server"
"vikunja_server"
"wg_server"
"actual_server"
"authelia_server"
"ghost_server"
"gitea_server"
"homepage_server"
"mealie_server"
"memos_server"
"pwpush_server"
"shlink_server"
"spotmgr_server"
"stirling_server"
"vikunja_server"
"wg_server"
)
for username in "${admin_users[@]}"; do
sudo usermod -aG sudo "${username}"
echo "${username} ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/"${username}"
sudo usermod -aG sudo "${username}"
echo "${username} ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/"${username}"
# compose files
sudo cp ~/"${username}"-compose_template.yaml /home/"${username}"/
sudo chmod 664 /home/"${username}"/"${username}"-compose_template.yaml
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-compose_template.yaml
sudo cp ~/"${username}"-compose.yaml /home/"${username}"/
sudo chmod 600 /home/"${username}"/"${username}"-compose.yaml
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-compose.yaml
# compose files
sudo cp ~/"${username}"-compose_template.yaml /home/"${username}"/
sudo chmod 664 /home/"${username}"/"${username}"-compose_template.yaml
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-compose_template.yaml
sudo cp ~/"${username}"-compose.yaml /home/"${username}"/
sudo chmod 600 /home/"${username}"/"${username}"-compose.yaml
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-compose.yaml
done
echo "[+] distribute and apply respective config files"
@@ -167,100 +167,100 @@ echo "[+] distribute and apply respective config files"
echo -e "\t[-] rclone"
for username in "${users[@]}"; do
sudo mkdir -p /home/"${username}"/.config/rclone/
sudo cp ~/.config/rclone/rclone.conf /home/"${username}"/.config/rclone/
sudo chmod -R 600 /home/"${username}"/.config/rclone/rclone.conf
sudo chown -R "${username}":"${username}" /home/"${username}"/
sudo mkdir -p /home/"${username}"/.config/rclone/
sudo cp ~/.config/rclone/rclone.conf /home/"${username}"/.config/rclone/
sudo chmod -R 600 /home/"${username}"/.config/rclone/rclone.conf
sudo chown -R "${username}":"${username}" /home/"${username}"/
done
# consider switching to acme.sh instead of certbot to avoid snap
echo -e "\t[-] nginx and certbot"
cert_subdomains=(
"api.spotify-manager"
"auth"
"budget"
"dash"
"git"
"lnk"
"notes"
"paste"
"planning"
"pdf"
"recipes"
"syncthing"
"vpn"
"vtt"
"api.spotify-manager"
"auth"
"budget"
"dash"
"git"
"lnk"
"notes"
"paste"
"planning"
"pdf"
"recipes"
"syncthing"
"vpn"
"vtt"
)
# ghost handles SSL by itself, might be worth looking into it to either shift to certbot
for subdomain in "${cert_subdomains[@]}"; do
# revoke existing certs if any
sudo certbot revoke -n --delete-after-revoke --cert-name "${subdomain}"."${domain}"
sudo cp ~/"${subdomain}"."${domain}".conf /etc/nginx/conf.d/
sudo chmod 664 /etc/nginx/conf.d/"${subdomain}"."${domain}".conf
sudo chown root:root /etc/nginx/conf.d/"${subdomain}"."${domain}".conf
if ! sudo nginx -t; then
echo -e "\n\t[!] Bad Nginx config for ${subdomain}.${domain}, aborting...\n"
exit 1
fi
sudo nginx -s reload
# revoke existing certs if any
sudo certbot revoke -n --delete-after-revoke --cert-name "${subdomain}"."${domain}"
sudo cp ~/"${subdomain}"."${domain}".conf /etc/nginx/conf.d/
sudo chmod 664 /etc/nginx/conf.d/"${subdomain}"."${domain}".conf
sudo chown root:root /etc/nginx/conf.d/"${subdomain}"."${domain}".conf
if ! sudo nginx -t; then
echo -e "\n\t[!] Bad Nginx config for ${subdomain}.${domain}, aborting...\n"
exit 1
fi
sudo nginx -s reload
# ----------------------------------------------------------------------
# STOP!
# Check DNS records before proceeding
# ----------------------------------------------------------------------
# ----------------------------------------------------------------------
# STOP!
# Check DNS records before proceeding
# ----------------------------------------------------------------------
# https://letsencrypt.org/docs/duplicate-certificate-limit/#description
# certbot has 5 per week duplicate cert limit. use --test-cert flag for testing
if ! sudo certbot -n --nginx --agree-tos -m "${email_address}" -d "${subdomain}"."${domain}"; then
echo -e "\n\t[!] Certbot failed to get cert for ${subdomain}.${domain}, aborting...\n"
exit 1
fi
sudo nginx -s reload
# https://letsencrypt.org/docs/duplicate-certificate-limit/#description
# certbot has 5 per week duplicate cert limit. use --test-cert flag for testing
if ! sudo certbot -n --nginx --agree-tos -m "${email_address}" -d "${subdomain}"."${domain}"; then
echo -e "\n\t[!] Certbot failed to get cert for ${subdomain}.${domain}, aborting...\n"
exit 1
fi
sudo nginx -s reload
done
echo -e "\t[-] user-specific files"
# bash variable expansion ftw - https://stackoverflow.com/a/63821858/7630441
user_files=(
"authelia_server-configuration.yaml"
"foundry_server-start.service"
"ghost_server-config.production.json"
"ghost_server-credentials.exp"
"minecraft_server-start.service"
"minecraft_server-start.socket"
"pwpush_server-settings.yaml"
"authelia_server-configuration.yaml"
"foundry_server-start.service"
"ghost_server-config.production.json"
"ghost_server-credentials.exp"
"minecraft_server-start.service"
"minecraft_server-start.socket"
"pwpush_server-settings.yaml"
)
for f in "${user_files[@]}"; do
username=${f%%-*} # strips the part from before the hyphen
sudo cp ~/"${f}" /home/"${username}"/
sudo chmod 664 /home/"${username}"/"${f}"
sudo chown "${username}":"${username}" /home/"${username}"/"${f}"
username=${f%%-*} # strips the part from before the hyphen
sudo cp ~/"${f}" /home/"${username}"/
sudo chmod 664 /home/"${username}"/"${f}"
sudo chown "${username}":"${username}" /home/"${username}"/"${f}"
done
echo -e "[+] cronjobs: backups, updates"
for username in "${users[@]}"; do
sudo cp ~/"${username}"-backup /home/"${username}"/
sudo chmod 774 /home/"${username}"/"${username}"-backup
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-backup
sudo cp ~/"${username}"-update /home/"${username}"/
sudo chmod 774 /home/"${username}"/"${username}"-update
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-update
sudo cp ~/"${username}"-backup /home/"${username}"/
sudo chmod 774 /home/"${username}"/"${username}"-backup
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-backup
sudo cp ~/"${username}"-update /home/"${username}"/
sudo chmod 774 /home/"${username}"/"${username}"-update
sudo chown "${username}":"${username}" /home/"${username}"/"${username}"-update
{
# first add some useful env vars that aren't in cron's exec env
echo "USER=$username"
echo "XDG_RUNTIME_DIR=/run/user/$(id -u "$username")"
echo "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$(id -u "$username")/bus"
# then the defined cronjob
cat ~/"${username}"-cronjob
} >~/"${username}".cronjobs
{
# first add some useful env vars that aren't in cron's exec env
echo "USER=$username"
echo "XDG_RUNTIME_DIR=/run/user/$(id -u "$username")"
echo "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$(id -u "$username")/bus"
# then the defined cronjob
cat ~/"${username}"-cronjob
} >~/"${username}".cronjobs
# install to crontab
sudo crontab -u "${username}" ~/"${username}".cronjobs
rm ~/"${username}".cronjobs
# install to crontab
sudo crontab -u "${username}" ~/"${username}".cronjobs
rm ~/"${username}".cronjobs
done
# shellcheck disable=SC2024
@@ -270,5 +270,5 @@ sudo crontab -u ubuntu ~/ubuntu.cronjobs
rm ~/ubuntu.cronjobs
for username in "${users[@]}"; do
chmod ug+x "${username}"-teardown
chmod ug+x "${username}"-teardown
done

20
lnk.knravish.me.conf
View File

@@ -1,14 +1,14 @@
server {
server_name lnk.knravish.me;
charset utf-8;
server_name lnk.knravish.me;
charset utf-8;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:8080;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:8080;
}
listen 80;
listen 80;
}

44
mealie_server-backup
View File

@@ -7,33 +7,33 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] mealie backup\n"
echo -e "\n[+] mealie backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
cp -pr "${VOLUME_PATH}"/* /tmp/"${USER}"-backup
cp -pr "${VOLUME_PATH}"/* /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Mealie" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Mealie" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Mealie" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Mealie" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
} &>>"$logFile"

2
mealie_server-setup
View File

@@ -5,7 +5,7 @@
echo -e "\n[+] setting up mealie\n\n-------\n"
envsubst < "${HOME}"/"${USER}"-compose_template.yaml > "${HOME}"/"${USER}"-compose.yaml
envsubst <"${HOME}"/"${USER}"-compose_template.yaml >"${HOME}"/"${USER}"-compose.yaml
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d

8
mealie_server-update
View File

@@ -3,9 +3,9 @@
mkdir -p "${HOME}"/update_logs
logFile=${HOME}/update_logs/$(date +%y_%m).log
{
echo -e "\n[+] updating mealie\n"
echo -e "\n[+] updating mealie\n"
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
} &>>"$logFile"

44
memos_server-backup
View File

@@ -7,33 +7,33 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] memos backup\n"
echo -e "\n[+] memos backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
cp -pr "${VOLUME_PATH}"/* /tmp/"${USER}"-backup
cp -pr "${VOLUME_PATH}"/* /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Memos" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Memos" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Memos" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Memos" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
} &>>"$logFile"

8
memos_server-update
View File

@@ -3,9 +3,9 @@
mkdir -p "${HOME}"/update_logs
logFile=${HOME}/update_logs/$(date +%y_%m).log
{
echo -e "\n[+] updating memos\n"
echo -e "\n[+] updating memos\n"
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
} &>>"$logFile"

54
minecraft_server-backup
View File

@@ -7,39 +7,39 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] minecraft backup\n"
echo -e "\n[+] minecraft backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
insock=${HOME}/${USER}.stdin
insock=${HOME}/${USER}.stdin
# https://www.reddit.com/r/admincraft/comments/vgdbi/minecraft_backups_saveoff_and_saveall/
echo "/save-off" >"${insock}"
echo "/save-all" >"${insock}"
systemctl --user stop "${USER}"-start.{socket,service}
# https://www.reddit.com/r/admincraft/comments/vgdbi/minecraft_backups_saveoff_and_saveall/
echo "/save-off" >"${insock}"
echo "/save-all" >"${insock}"
systemctl --user stop "${USER}"-start.{socket,service}
cp -pr "${DATA_PATH}"/* /tmp/"${USER}"-backup
cp -pr "${DATA_PATH}"/* /tmp/"${USER}"-backup
systemctl --user restart "${USER}"-start.{socket,service}
echo "/save-on" >"${insock}"
systemctl --user restart "${USER}"-start.{socket,service}
echo "/save-on" >"${insock}"
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Minecraft Server" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Minecraft Server" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Minecraft Server" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Minecraft Server" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
} &>>"$logFile"

28
notes.knravish.me.conf
View File

@@ -1,18 +1,18 @@
server {
server_name notes.knravish.me;
index index.html index.htm;
server_name notes.knravish.me;
index index.html index.htm;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:5230;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:5230;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
listen 80;
listen 80;
}

28
paste.knravish.me.conf
View File

@@ -1,18 +1,18 @@
server {
server_name paste.knravish.me;
index index.html index.htm;
server_name paste.knravish.me;
index index.html index.htm;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:5100;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:5100;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
listen 80;
listen 80;
}

28
pdf.knravish.me.conf
View File

@@ -1,18 +1,18 @@
server {
server_name pdf.knravish.me;
index index.html index.htm;
server_name pdf.knravish.me;
index index.html index.htm;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:8081;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:8081;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
listen 80;
listen 80;
}

20
planning.knravish.me.conf
View File

@@ -1,16 +1,16 @@
server {
server_name planning.knravish.me;
index index.html index.htm;
server_name planning.knravish.me;
index index.html index.htm;
include /etc/nginx/snippets/authelia-location.conf;
include /etc/nginx/snippets/authelia-location.conf;
set $upstream http://127.0.0.1:3456;
set $upstream http://127.0.0.1:3456;
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
listen 80;
listen 80;
}

28
recipes.knravish.me.conf
View File

@@ -1,18 +1,18 @@
server {
server_name recipes.knravish.me;
index index.html index.htm;
server_name recipes.knravish.me;
index index.html index.htm;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:9925;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:9925;
proxy_redirect off;
proxy_set_header Access-Control-Allow-Origin *;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
listen 80;
listen 80;
}

12
shlink_server-setup
View File

@@ -5,16 +5,16 @@ echo -e "\n[+] setting up shlink\n\n-------\n"
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d
declare -A codes=(
["in"]="https://linkedin.com/in/kaushik-ravishankar"
["github"]="https://github.com/20kaushik02"
["folio"]="https://knravish.me"
["k23"]="https://k23.kurukshetraceg.org.in"
["in"]="https://linkedin.com/in/kaushik-ravishankar"
["github"]="https://github.com/20kaushik02"
["folio"]="https://knravish.me"
["k23"]="https://k23.kurukshetraceg.org.in"
)
# give it some time to start
sleep 1
for shortcode in "${!codes[@]}"; do
echo "$shortcode - ${codes[$shortcode]}"
sudo docker exec -it my_shlink shlink short-url:create -c "$shortcode" -rnf "${codes[$shortcode]}"
echo "$shortcode - ${codes[$shortcode]}"
sudo docker exec -it my_shlink shlink short-url:create -c "$shortcode" -rnf "${codes[$shortcode]}"
done

50
spotmgr_server-backup
View File

@@ -7,36 +7,36 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] spotify-manager backup\n"
echo -e "\n[+] spotify-manager backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start postgres
# shellcheck disable=SC2024
sudo docker exec -u "${PUID}:${PGID}" -it spotify-manager-postgres sh -c \
'pg_dumpall -c --if-exists -U postgres' >/tmp/"${USER}"-backup/db.out
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start postgres
# shellcheck disable=SC2024
sudo docker exec -u "${PUID}:${PGID}" -it spotify-manager-postgres sh -c \
'pg_dumpall -c --if-exists -U postgres' >/tmp/"${USER}"-backup/db.out
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Spotify Manager" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
exit 1
fi
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: Spotify Manager" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Spotify Manager" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Spotify Manager" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
} &>>"$logFile"

6
spotmgr_server-compose_template.yaml
View File

@@ -12,7 +12,11 @@ services:
- /etc/passwd:/etc/passwd:ro
user: ${PUID}:${PGID}
healthcheck:
test: ['CMD-SHELL', 'psql -U postgres -d spotify-manager -c "select version();"']
test:
[
'CMD-SHELL',
'psql -U postgres -d spotify-manager -c "select version();"',
]
interval: 1s
retries: 5
timeout: 5s

8
stirling_server-update
View File

@@ -3,9 +3,9 @@
mkdir -p "${HOME}"/update_logs
logFile=${HOME}/update_logs/$(date +%y_%m).log
{
echo -e "\n[+] updating stirling-pdf\n"
echo -e "\n[+] updating stirling-pdf\n"
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
} &>>"$logFile"

20
syncthing.knravish.me.conf
View File

@@ -1,16 +1,16 @@
server {
server_name syncthing.knravish.me;
index index.html index.htm;
server_name syncthing.knravish.me;
index index.html index.htm;
include /etc/nginx/snippets/authelia-location.conf;
include /etc/nginx/snippets/authelia-location.conf;
set $upstream http://127.0.0.1:8384;
set $upstream http://127.0.0.1:8384;
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
listen 80;
listen 80;
}

44
syncthing_server-backup
View File

@@ -7,33 +7,33 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] syncthing backup\n"
echo -e "\n[+] syncthing backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
syncthing cli operations shutdown
syncthing cli operations shutdown
cp -pr "${CONFIG_PATH}"/* /tmp/"${USER}"-backup
cp -pr "${CONFIG_PATH}"/* /tmp/"${USER}"-backup
systemctl --user restart syncthing.service
systemctl --user restart syncthing.service
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" --exclude ./*.db/** -v; then
curl -Ss \
-H "Title: Syncthing" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" --exclude ./*.db/** -v; then
curl -Ss \
-H "Title: Syncthing" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: Syncthing" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
curl -Ss \
-H "Title: Syncthing" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -r /tmp/"${USER}"-backup
} &>>"$logFile"

6
template/example_server-compose_template.yaml
View File

@@ -38,7 +38,11 @@ services:
- postgres_data:/var/lib/postgresql
user: ${PUID}:${PGID}
healthcheck:
test: ['CMD-SHELL', 'psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -c "select version();"']
test:
[
'CMD-SHELL',
'psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -c "select version();"',
]
interval: 1s
retries: 5
timeout: 5s

1
template/example_server-teardown
View File

@@ -12,4 +12,3 @@ sudo deluser --remove-all-files $username
# clean-up
sudo find / -user "$uid_num" -delete

32
ubuntu_auto_apt_upgrade
View File

@@ -5,22 +5,22 @@ logFile=${HOME}/upgrade_logs/$(date +%y_%m).log
rebootDelayInMinutes=10
{
echo "[+] $(date -I'seconds')"
echo "[+] Auto apt upgrade starting..."
sudo apt-get update
echo "[+] $(date -I'seconds')"
echo "[+] Auto apt upgrade starting..."
sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get upgrade -y
if [[ -s /var/run/reboot-required ]]; then
curl -Ss \
-H "Title: System Reboot scheduled" \
-H "Priority: 3" \
-H "Tags: loudspeaker,reboot" \
-d "Rebooting in $rebootDelayInMinutes minutes. Reason: package updates" \
"${NOTIF_URL}"
echo "[!] Rebooting in $rebootDelayInMinutes minutes..."
echo 'sudo reboot' | at now + $rebootDelayInMinutes minutes
else
echo "[+] Upgrade complete, no reboot required."
fi
if [[ -s /var/run/reboot-required ]]; then
curl -Ss \
-H "Title: System Reboot scheduled" \
-H "Priority: 3" \
-H "Tags: loudspeaker,reboot" \
-d "Rebooting in $rebootDelayInMinutes minutes. Reason: package updates" \
"${NOTIF_URL}"
echo "[!] Rebooting in $rebootDelayInMinutes minutes..."
echo 'sudo reboot' | at now + $rebootDelayInMinutes minutes
else
echo "[+] Upgrade complete, no reboot required."
fi
} &>>"$logFile"

20
vpn.knravish.me.conf
View File

@@ -1,16 +1,16 @@
server {
server_name vpn.knravish.me;
index index.html index.htm;
server_name vpn.knravish.me;
index index.html index.htm;
include /etc/nginx/snippets/authelia-location.conf;
include /etc/nginx/snippets/authelia-location.conf;
set $upstream http://127.0.0.1:51821;
set $upstream http://127.0.0.1:51821;
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
listen 80;
listen 80;
}

20
vtt.knravish.me.conf
View File

@@ -1,16 +1,16 @@
server {
server_name vtt.knravish.me;
server_name vtt.knravish.me;
include /etc/nginx/snippets/authelia-location.conf;
include /etc/nginx/snippets/authelia-location.conf;
set $upstream http://127.0.0.1:30000;
set $upstream http://127.0.0.1:30000;
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/websocket.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
location / {
include /etc/nginx/snippets/proxy.conf;
include /etc/nginx/snippets/websocket.conf;
include /etc/nginx/snippets/authelia-authrequest.conf;
proxy_pass $upstream;
}
listen 80;
listen 80;
}

12
wg/all_proxied/PreDown copy.ps1 Normal file
View File

@@ -0,0 +1,12 @@
# WireGuard tunnel details
$wgInterface = Get-NetAdapter -Name $env:WIREGUARD_TUNNEL_NAME
# Delete the default 0.0.0.0/0 route using the interface index
route delete 0.0.0.0 mask 0.0.0.0 0.0.0.0 if $wgInterface.ifIndex
Set-Location "<path>\<to>\3proxy-0.9.4-x64\bin64\"
# Terminate any running instances of 3proxy.exe
# Stop-Process -Name "3proxy" -Force
# prefer taskkill for the /t option to end child processes
taskkill.exe /f /t /im 3proxy.exe

46
wg_server-backup
View File

@@ -7,34 +7,34 @@ mkdir -p "${HOME}"/backup_logs
logFile=${HOME}/backup_logs/$(date +%y_%m).log
{
echo -e "\n[+] wg-easy backup\n"
echo -e "\n[+] wg-easy backup\n"
mkdir -p /tmp/"${USER}"-backup
mkdir -p /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml stop
sudo cp -pr "${VOLUME_PATH}"/wg0.json /tmp/"${USER}"-backup
sudo cp -pr "${VOLUME_PATH}"/wg0.json /tmp/"${USER}"-backup
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml start
sudo chown "${USER}":"${USER}" /tmp/"${USER}"-backup/*
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: WG-Easy" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
exit 1
fi
sudo chown "${USER}":"${USER}" /tmp/"${USER}"-backup/*
if ! rclone copy /tmp/"${USER}"-backup "${BUCKET_PATH}" -v; then
curl -Ss \
-H "Title: WG-Easy" \
-H "Priority: 3" \
-H "Tags: warning,backup" \
-d "Backup not completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
exit 1
fi
curl -Ss \
-H "Title: WG-Easy" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
curl -Ss \
-H "Title: WG-Easy" \
-H "Priority: 2" \
-H "Tags: heavy_check_mark,backup" \
-d "Backup completed" \
"${NOTIF_URL}"
rm -rf /tmp/"${USER}"-backup
} &>>"$logFile"

8
wg_server-update
View File

@@ -3,9 +3,9 @@
mkdir -p "${HOME}"/update_logs
logFile=${HOME}/update_logs/$(date +%y_%m).log
{
echo -e "\n[+] updating wg-easy\n"
echo -e "\n[+] updating wg-easy\n"
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml pull &&
sudo docker compose -f "${HOME}"/"${USER}"-compose.yaml up -d --always-recreate-deps --remove-orphans &&
yes | sudo docker image prune -af
} &>>"$logFile"