Rundeck fun

nano docker-compose.yaml version: '3' services: rundeck: image: 'rundeck/rundeck:3.4.6' restart: unless-stopped environment: RUNDECK_GRAILS_URL: 'https://rundeck.domain.com' RUNDECK_SERVER_FORWARDED: 'true' RUNDECK_DATABASE_DRIVER: org.mariadb.jdbc.Driver RUNDECK_DATABASE_USERNAME: rundeck RUNDECK_DATABASE_PASSWORD: rundeck RUNDECK_DATABASE_URL: jdbc:mysql://mysql/rundeck?autoReconnect=true&useSSL=false ports: - 127.0.0.1:4440:4440 volumes: - ./data/data:/home/rundeck/server/data - ./data/projects:/home/rundeck/projects - ./data/realm.properties:/home/rundeck/server/config/realm.properties depends_on: - "mysql" mysql: image: mysql:5.7 restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD=root - MYSQL_DATABASE=rundeck - MYSQL_USER=rundeck - MYSQL_PASSWORD=rundeck volumes: - ./data/db:/var/lib/mysql First you’ll want to comment out - ./data/realm.properties:/home/rundeck/server/config/realm.properties then docker exec -it rundeck_rundeck_1 cat /home/rundeck/server/config/realm.properties > .
MORE →

Usenet Basics

Here’s a quick rundown of how usenet works: The three things required are a server, indexer, and downloaders. Server: Where you download the articles from. (Eweka, SuperNews) Indexer: A search engine for the usenet servers. (NZBGeek, NZBCat, DogNZB) Downloader: This is used to download and extract the files since they are put into RAR files. (NZBGet, SABnzbd) Arr software searches via the indexer which then sends the .
MORE →

How to get systemd on WSL2

MORE →

Headscale Notes

Client SSS If you don’t want to use magic DNS like myself. I was having issues with it so I did this. Add the following to ~/.bashrc this will allow you to SSH to clients in the following way tailssh $USER $HOSTNAME you can also just run tailssh and that will show you all of the servers function tailssh () { if [[ -z $1 ]] && [[ -z $2 ]]; then tailscale status | grep -v 'filter/INPUT' | column -t else host=$(tailscale status | grep $2 | awk '{ print $1 }') ssh ${1}@${host} fi } Now we need to install column apt install bsdmainutils
MORE →

How to set up Headscale

Here I will walk you through setting up Headscale Create Directories mkdir -p /opt/headscale/config /opt/headscale/bin Install Reqs apt install -y wireguard-tools nginx apt-transport-https Generate Key wg genkey > /opt/headscale/config/private.key Download newest release from HERE wget https://github.com/juanfont/headscale/releases/download/v0.10.8/headscale_0.10.8_linux_amd64 -O /opt/headscale/bin/headscale Add headscale ~/.bashrc echo PATH=$PATH:/opt/headscale/bin >> ~/.bashrc Source the new PATH source ~/.bashrc Download darp file wget https://raw.
MORE →

Apaches Alias with ProxyPass

I was trying to get an alias to work with a ProxyPass. This is pretty easy in NGiNX you just add locations where they need to be, but it appears in Apache/HTTPD you have to specify to ignore the location without the ProxyPass Module The below needs to be added into your VirtualHost. This specific use was for the AppRise_API server Alias "/s" "/opt/apprise/server/apprise_api/static" <Directory "/opt/apprise/server/apprise_api/static"> AllowOverride None Require all granted </Directory> ReWriteEngine on ProxyPassMatch ^/s !
MORE →

Use Gotify CLI with just curl and jq

Install Reqs apt install -y curl jq Add to bashrc file nano ~/.bashrc function gotify() { if [[ -z "$1"] || -z "$2" || -z "$3" ]]; then echo echo "Usage: gotify [title] [message] [priority]"; echo else source /etc/gotify.conf URL="${URL}/message?token=${TOKEN}" command=$(curl -s "${URL}" -F "title=${1}" -F "message=${2}" -F "priority=${3}" | jq '.id') && echo "Sent with ID: ${command}" unset URL; unset TOKEN fi } Add config nano /etc/gotify.
MORE →

Get toast notifications in windows for gotify

Below is how to recieve toast-notifications for gotify on windows We have to allow powershell scripts run set-executionpolicy remotesigned as admin in powershell Install BurntToast in powershell. Open powershell as admin then type Install-Module -Name BurntToast it will ask some questions just hit yes to all of them Download websocat_win64.exe from Github HERE Below is the script param ($domain="p.domain.com", $token="AAAAAAAA") C:\Users\user\Downloads\websocat_win64.
MORE →

Proxy website through NGiNX to get on the TOR network

This tutorial assumings the set up below NGINX CLEARWEB (web site hosted via SSL port 443) -> NGINX (reverse proxy for HTTPS website, converts website to HTTP and rewrites all 'DOMAIN.COM' to new .ONION address) -> TOR PROXY SERVICE Install Tor apt install tor Configure Tor nano /etc/tor/torrc Add the lines below to the file above HiddenServiceDir /var/lib/tor/domain.com/ HiddenServicePort 80 127.0.0.1:4879 Find Tor hostname
MORE →

Install Debian using RS232 serial cable

The following is for Windows Download Putty Choose serial and select the COM? you can find the com number from device manager under [Ports (COM & LPT)] Now that we have a serial connection go ahead and plug in the netinstall iso usb drive created using Rufus from Debian website hit tab to enter cmd to boot remove quiet after the --- and replace with console=ttyS0,115200n8 example below.
MORE →

Remove all data using exiftool

MORE →

Speedtest-cli with Grafana, InfluxDB, and Telegraf

MORE →

Simple router using Debian and Firewall-cmd as a base

Here is a quick rundown on how to make a simple Debian box into a router Removed un-needed items apt purge iptables Install required items apt install bridge-utils firewalld dnsmasq Enable IP Forwarding sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf Find NICs ip a to find the NICs Now we create the bridge. This is assuming your device has three NICs and you want two for LAN and one for WAN
MORE →

HDHomeRun metrics using Grafana, InfluxDB, and Telegraf

MORE →

Blog Backend

How this blog is deployed ClearNet: gitea (main repo) -> metroline (custom hugo build container) -> github release (via custom container to clone from gitea and push to github) -> cloudflare pages (this is auto when there’s a commit in the github repo) TOR: gitea (main repo) -> metroline (custom hugo build container) -> rsync (custom container to push to web server) -> webserver (proxied via link HERE ) I had to do it this way since CloudFlare Pages only work with Github.
MORE →

Generate Wildcard cert with acme.sh

MORE →

Fix Nextcloud Issues

Below is how to fix the Your web server is not properly set up to resolve /.well-known/webfinger /.well-known/nodeinfo error if using NGiNX since everything else I could find was for Apache/HTTPD. Add the following to your NGiNX config file for nextcloud. Usualy found in /etc/nginx/sites-enabled/ or /etc/nginx/conf.d/ location = /.well-known/webfinger { return 301 $scheme://$host/index.php/.well-known/webfinger; } location = /.well-known/nodeinfo { return 301 $scheme://$host/index.php/.well-known/nodeinfo; } ACPu errors when doing stuff on the command line.
MORE →

Git fun

Here’s some simple things to do with git When updating a repo this is the simplest way to do it git config --global user.name FIRST_NAME LAST_NAME | this sets the person who made the commit (first/last name) git config --global user.email [email protected] | this sets the person who made the commit (email) git diff | this is the see any lines you’ve changed git status | this will show which branch your on and which files have changed (not the contents of the file like git diff, but just the files themselves)
MORE →

Restic systemd

init repo apt install -y restic export AWS_ACCESS_KEY_ID='KEY_ID_HERE' export AWS_SECRET_ACCESS_KEY='ACCESS_KEY_HERE' export RESTIC_REPOSITORY="REPO_HERE_IS_USE_MINIO" export RESTIC_PASSWORD='RANDOM_PASSWD_HERE' restic init Service time nano /etc/systemd/system/restic-backup.service [Unit] Description=restic Wants=restic.timer [Service] Type=oneshot User=root Group=root Environment=AWS_ACCESS_KEY_ID='KEY_ID_HERE' Environment=AWS_SECRET_ACCESS_KEY='ACCESS_KEY_HERE' Environment=RESTIC_REPOSITORY="REPO_HERE_IS_USE_MINIO" Environment=RESTIC_PASSWORD='RANDOM_PASSWD_HERE' ExecStartPre=/bin/bash -c '/usr/bin/mysqldump --defaults-file=/root/.my.cnf --all-databases > /opt/backup/mysqldump.sql' ExecStart=/bin/bash -c '/usr/bin/restic --exclude={/dev,/media,/mnt,/proc,/run,/sys,/tmp,/var/tmp,/var/lib/mysql,/swap*} backup / && /usr/bin/restic forget --prune --keep-daily 5 --keep-weekly 15 --keep-monthly 15' ExecStartPost=/usr/bin/rm /opt/backup/mysqldump.sql [Install] WantedBy=multi-user.target Timer time nano /etc/systemd/system/restic-backup.timer [Unit] Description=restic Requires=restic.service [Timer] Unit=restic.service OnCalendar=daily AccuracySec=1h Persistent=true [Install] WantedBy=timers.
MORE →

perl/awk/sed/cut fun

sed With the last g all text is replaced not just the first Replace text inline using sed (does not work with symlinks) sed -i 's/TO_BE_REPLACED/NEW_TEXT/g' FILE_HERE Replace text output to stdout sed 's/TO_BE_REPLACED/NEW_TEXT/g' FILE_HERE awk Show specific column of line awk '{ print $N }' where N is column number cut cut -d' ' -fN where d is the delimiter and N is the colum number perl Replace new line with space
MORE →

Vi/m Fun

I’m honesly not sure if these are vi or vim specific as I use a mac and Debian machine, but here’s some fun stuff I’ve learned over the years. I started as a nano person, but am finaly sitting down and using vi/m more and more. In command mode (make sure to hit esc) Go to start of file gg Go to end of file G Delete from line to start of file dgg
MORE →

tar.xz Max Options

MORE →

urBackup Appliance Fun

Here’s some fun stuff to learn about the urbackup appliance By default there is no firewall, but it’s locked down so one’s not needed, but I installed one anyway You should be able to sudo su - from the admin user, if not; shut the appliance down, then in grub hit e, then add init=/bin/bash at the end of the line that says quiet, then CTRL+X to boot, then echo 'admin ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.
MORE →

Storj Non-Docker using SystemD

This is just basic hints, not a full guide This assumes you have some basic linux knowledge Download identity and storagenode from github (I like to download these things to /opt/storj/) Create auth token HERE Create identity HERE (This took about 4 hours on my node | E3-1280 V2) storagenode setup. This will create config file and other needed files in ~/.local/share/storj/storagenode/config.yaml and ~/.local/share/storj/storagenode/storage Now you need to edit ~/.local/share/storj/storagenode/config.yaml and make changes as needed (wallet, identity files and data storage locations, email, storage size)
MORE →

imap-sync simple command

MORE →