Simple router using Debian and Firewall-cmd as a base

Here is a quick rundown on how to make a simple Debian box into a router Removed un-needed items apt purge iptables Install required items apt install bridge-utils firewalld dnsmasq Enable IP Forwarding sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf Find NICs ip a to find the NICs Now we create the bridge. This is assuming your device has three NICs and you want two for LAN and one for WAN
MORE →

HDHomeRun metrics using Grafana, InfluxDB, and Telegraf

MORE →

Blog Backend

MORE →

Generate Wildcard cert with acme.sh

MORE →

Fix Nextcloud Issues

Below is how to fix the Your web server is not properly set up to resolve /.well-known/webfinger /.well-known/nodeinfo error if using NGiNX since everything else I could find was for Apache/HTTPD. Add the following to your NGiNX config file for nextcloud. Usualy found in /etc/nginx/sites-enabled/ or /etc/nginx/conf.d/ location = /.well-known/webfinger { return 301 $scheme://$host/index.php/.well-known/webfinger; } location = /.well-known/nodeinfo { return 301 $scheme://$host/index.php/.well-known/nodeinfo; } ACPu errors when doing stuff on the command line.
MORE →

Git fun

Here’s some simple things to do with git When updating a repo this is the simplest way to do it git config --global user.name FIRST_NAME LAST_NAME | this sets the person who made the commit (first/last name) git config --global user.email [email protected] | this sets the person who made the commit (email) git diff | this is the see any lines you’ve changed git status | this will show which branch your on and which files have changed (not the contents of the file like git diff, but just the files themselves)
MORE →

Restic systemd

init repo apt install -y restic export AWS_ACCESS_KEY_ID='KEY_ID_HERE' export AWS_SECRET_ACCESS_KEY='ACCESS_KEY_HERE' export RESTIC_REPOSITORY="REPO_HERE_IS_USE_MINIO" export RESTIC_PASSWORD='RANDOM_PASSWD_HERE' restic init Service time nano /etc/systemd/system/restic-backup.service [Unit] Description=restic Wants=restic.timer [Service] Type=oneshot User=root Group=root Environment=AWS_ACCESS_KEY_ID='KEY_ID_HERE' Environment=AWS_SECRET_ACCESS_KEY='ACCESS_KEY_HERE' Environment=RESTIC_REPOSITORY="REPO_HERE_IS_USE_MINIO" Environment=RESTIC_PASSWORD='RANDOM_PASSWD_HERE' ExecStartPre=/bin/bash -c '/usr/bin/mysqldump --defaults-file=/root/.my.cnf --all-databases > /opt/backup/mysqldump.sql' ExecStart=/bin/bash -c '/usr/bin/restic --exclude={/dev,/media,/mnt,/proc,/run,/sys,/tmp,/var/tmp,/var/lib/mysql,/swap*} backup / && /usr/bin/restic forget --prune --keep-daily 5 --keep-weekly 15 --keep-monthly 15' ExecStartPost=/usr/bin/rm /opt/backup/mysqldump.sql [Install] WantedBy=multi-user.target Timer time nano /etc/systemd/system/restic-backup.timer [Unit] Description=restic Requires=restic.service [Timer] Unit=restic.service OnCalendar=daily AccuracySec=1h Persistent=true [Install] WantedBy=timers.
MORE →

perl/awk/sed/cut fun

sed With the last g all text is replaced not just the first Replace text inline using sed (does not work with symlinks) sed -i 's/TO_BE_REPLACED/NEW_TEXT/g' FILE_HERE Replace text output to stdout sed 's/TO_BE_REPLACED/NEW_TEXT/g' FILE_HERE awk Show specific column of line awk '{ print $N }' where N is column number cut cut -d' ' -fN where d is the delimiter and N is the colum number perl Replace new line with space
MORE →

Vi/m Fun

I’m honesly not sure if these are vi or vim specific as I use a mac and Debian machine, but here’s some fun stuff I’ve learned over the years. I started as a nano person, but am finaly sitting down and using vi/m more and more. In command mode (make sure to hit esc) Go to start of file gg Go to end of file G Delete from line to start of file dgg
MORE →

tar.xz Max Options

MORE →

urBackup Appliance Fun

Here’s some fun stuff to learn about the urbackup appliance By default there is no firewall, but it’s locked down so one’s not needed, but I installed one anyway You should be able to sudo su - from the admin user, if not; shut the appliance down, then in grub hit e, then add init=/bin/bash at the end of the line that says quiet, then CTRL+X to boot, then echo 'admin ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.
MORE →

Storj Non-Docker using SystemD

This is just basic hints, not a full guide This assumes you have some basic linux knowledge Download identity and storagenode from github (I like to download these things to /opt/storj/) Create auth token HERE Create identity HERE (This took about 4 hours on my node | E3-1280 V2) storagenode setup. This will create config file and other needed files in ~/.local/share/storj/storagenode/config.yaml and ~/.local/share/storj/storagenode/storage Now you need to edit ~/.local/share/storj/storagenode/config.yaml and make changes as needed (wallet, identity files and data storage locations, email, storage size)
MORE →

imap-sync simple command

MORE →

htpassword generation opnsense/bsd

MORE →

Windows urBackup Silent Commands

MORE →

urBackup Appliance on ServerCheap

This is still a WIP. Prepare image Download Appliance Unzip unzip urbackup-app-10-0.img.zip Now upload unzipped image somewhere public. Backblaze/S3 would be a great use for this Write image to disk in ServerCheap.net Create new instance Shutdown new instance Enable Rescue Mode SSH into rescued device using creds given Install required software apt update; apt install curl
MORE →

Modoboa not sending email

MORE →

Modoboa using mariadb

MORE →

How to create keystrokes on Debian

This is very useful when working with VPSes where you can’t paste into the VNC connection (maybe I’m doing something wrong and you can?). Below is a quick piece of code I use. This should be ran as the user and not root. This sleeps for 5 seconds so you can navigate to where you need. sleep 5s; xdotool type CODE_TO_TYPE_HERE This is very easy and simple, but since I just switched to Debian full time from Windows it was a nice/easy way.
MORE →

Fix battery drain while sleeping with laptop

I recnetly decided to switch to Debian full time for my personal laptop (Lenovo Thinkpad X1 Yoga Gen 3), after using it for a week or so I noticed that when I closed the lid it would die after less than a day. After some googleing I found the answer and they are below. I also noticed that the machine never seemed to wake up like it did on Windows (just open it and it should come alive), after switching over to deep_sleep it fixed that issue.
MORE →

dd Tricks

Here’s a couple tips and tricks while using dd on Linux You can view the status of an on-going dd command (I always forget to run with progress or the version you’re using doesn’t have it) You will need another terminal window. Not a problem for me as I always use tmux, some people say screen it better. Find PID of dd process -> ps aux | grep -v grep | grep dd
MORE →

Sudo Fun

I always add a file into /etc/sudoers.d/, just remeber the last entry is trump, so it can overturn the first entries. Because of this I always like to name the files like below. /etc/sudoers.d/999_nick /etc/sudoers.d/001_rick /etc/sudoers.d/111_slick-rick /etc/sudoers.d/222_slick-nick This means if there’s an entry in 999_nick that conficts with any of the others it will trump the other configs. This is how to run without password and only specific program, this is useful, for example my telegraf config when it has to run an exec, but the telegraf user doesn’t have perms.
MORE →

Pleroma with Backblaze-B2 behind Cloudflare CDN

Make sure Backblaze is working with Cloudflare. This can be found HERE Uncomment out the below. I made my Backblaze URL s3.DOMAIN.COM nano /etc/pleroma/config.exs # Configure S3 support if desired. # The public S3 endpoint (base_url) is different depending on region and provider, # consult your S3 provider's documentation for details on what to use. # config :pleroma, Pleroma.Upload, uploader: Pleroma.Uploaders.S3, base_url: "https://s3.DOMAIN.COM/file" # config :pleroma, Pleroma.
MORE →

2014 MKZ Factory Door Code retrieval

You have to have at least two keys. Enter car as normal (DUH!! :-b) Find back up key slot, ours is under the cup holder insert, it has a little indent that looks like our key Put key in slot Put in accessory mode by pushing start without foot on brake Wait 3-5 seconds Shutoff car Remove key
MORE →

OPNSense as wireguard client and route LAN split tunnel

Install and configure wireguard I use the Wireguard install script to create the config we import into the wireguard. That is located HERE Generate your first wireguard config. After running the script above it will ask you for a client name, I would name it something relating to opnsense Install Wireguard on OPNSense | System -> Firmware -> Plug-ins -> select and install ‘os-wireguard’
MORE →