twilio Fun
Call Forwarding using TwiML Bins
Login to your account at Twilio. Create TwiML Bin HERE Add a Friendly Name and some TwiML, and then click create. (create a friendly name) Paste the example into the box <Response> <Dial> +12345559876 </Dial> </Response> | replace 2345559876 with your phone number Configure this TwiML bin on your Twilio number HERE Go to Voice & Fax Accept Incoming Voice Calls Configure With Webhook, TwiML Bin, Function, Studio Flow, Proxy Service A Call Comes In TwiML Bin Choose the TwiML Bin you created earlier Lookup up numbers with Twilio API and get a nice pretty JSON output.
tmux Fun
By default the prefix is Ctrl+B for tmux
How to save pane to file Use prefix + :
We need to puts those lines into a buffer by typing in capture-pane -S -150 | Replace -150 with however many lines you’d like to save, or - for all lines.
Hit return (enter)
Now we have to save the buffer to a file by doing the following prefix + :
Type in save-buffer filename.
Autorestic Fun
Install autorestic with the below
curl https://raw.githubusercontent.com/cupcakearmy/autorestic/master/install.sh | bash
Now we install the config with the below
cat <<EOF > /root/.autorestic.yml version: 2 global: forget: keep-daily: 5 keep-weekly: 15 keep-monthly: 15 backends: storj: type: s3 path: https://gateway.us1.storjshare.io/bucket.name.here env: aws_access_key_id: aws_secret_access_key: backblaze: type: s3 path: https://s3.us-west-002.backblazeb2.com/bucket-name-here env: aws_access_key_id: aws_secret_access_key: locations: root: from: - / to: - storj - backblaze options: backup: exclude: - /dev - /media - /mnt - /proc - /run - /sys - /tmp - /var/tmp - /var/lib/mysql - /swap* EOF Now autorestic is installed
DynamicDNS with Cloudflare bash
Here is a bash script I use to update DDNS with CloudFlare, I could use ddclient, but I like this it works for me
apt -y install dnsutils jq curl
#!/usr/bin/env bash # A bash script to update a Cloudflare DNS A record with the external IP of the source machine # Used to provide DDNS service for my home # Needs the DNS record pre-creating on Cloudflare ## Based on https://gist.
Gitea Auth using Authentik Proxy Outpost
RIGHT NOW GITEA KEEPS LOGGED IN AS FIRST USER SO IT’S NOT PERFECT, THERE’S A KNOWN ISSUE We need to update the logout button to the authentik logout URL: wget -O /var/lib/gitea/custom/templates/base/head_navbar.tmpl https://raw.githubusercontent.com/go-gitea/gitea/main/templates/base/head_navbar.tmpl
Replace the old logout URL with the new: sed -i 's#/user/logout#/akprox/sign_out#g' /var/lib/gitea/custom/templates/base/head_navbar.tmpl
I did notice when replacing the URL to logout it doesn’t directly log you out, but will be logged out next time you try to do anything Now it’s time to config gitea; nano /etc/gitea/app.
Grafana Auth using Authentik Proxy Outpost
nano /etc/grafana/grafana.ini
[auth.proxy] # Defaults to false, but set to true to enable this feature enabled = true # HTTP Header name that will contain the username or email header_name = X-authentik-username # HTTP Header property, defaults to `username` but can also be `email` header_property = username # Set to `true` to enable auto sign up of users who do not exist in Grafana DB. Defaults to `true`. auto_sign_up = false # Define cache time to live in minutes # If combined with Grafana LDAP integration it is also the sync interval sync_ttl = 60 # Limit where auth proxy requests come from by configuring a list of IP addresses.
Rundeck fun
nano docker-compose.yaml
version: '3' services: rundeck: image: 'rundeck/rundeck:3.4.8' restart: unless-stopped environment: RUNDECK_GRAILS_URL: 'https://rundeck.domain.com' RUNDECK_SERVER_FORWARDED: 'true' RUNDECK_DATABASE_DRIVER: org.mariadb.jdbc.Driver RUNDECK_DATABASE_USERNAME: rundeck RUNDECK_DATABASE_PASSWORD: rundeck RUNDECK_DATABASE_URL: jdbc:mysql://mysql/rundeck?autoReconnect=true&useSSL=false ports: - 127.0.0.1:4440:4440 volumes: - ./data/data:/home/rundeck/server/data - ./data/projects:/home/rundeck/projects - ./data/realm.properties:/home/rundeck/server/config/realm.properties depends_on: - "mysql" mysql: image: mysql:5.7 restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD=root - MYSQL_DATABASE=rundeck - MYSQL_USER=rundeck - MYSQL_PASSWORD=rundeck volumes: - ./data/db:/var/lib/mysql First you’ll want to comment out - ./data/realm.properties:/home/rundeck/server/config/realm.properties then docker exec -it rundeck_rundeck_1 cat /home/rundeck/server/config/realm.properties > ./data/realm.properties to get the file.
Usenet Basics
Here’s a quick rundown of how usenet works:
The three things required are a server, indexer, and downloaders.
Server: Where you download the articles from. (Eweka, SuperNews)
Indexer: A search engine for the usenet servers. (NZBGeek, NZBCat, DogNZB)
Downloader: This is used to download and extract the files since they are put into RAR files. (NZBGet, SABnzbd)
Arr software searches via the indexer which then sends the .nzb file to the downloader.
Headscale Notes
Client DNS If you don’t want to use magic DNS like myself. I was having issues with it so I did this.
Add the following to ~/.bashrc this will allow you to SSH to clients in the following way tailssh $USER $HOSTNAME you can also just run tailssh and that will show you all of the servers
function tailssh () { if [[ -z $1 ]] && [[ -z $2 ]]; then tailscale status | grep -v 'filter/INPUT' | column -t else host=$(tailscale status | grep $2 | awk '{ print $1 }') ssh ${1}@${host} fi } Now we need to install column apt install bsdmainutils
How to set up Headscale
Here I will walk you through setting up Headscale
Create Directories
mkdir -p /opt/headscale/config /opt/headscale/bin
Install Reqs
apt install -y wireguard-tools nginx apt-transport-https
Generate Key
wg genkey > /opt/headscale/config/private.key
Download newest release from HERE
wget https://github.com/juanfont/headscale/releases/download/v0.15.0-beta5/headscale_0.15.0-beta5_linux_amd64 -O /opt/headscale/bin/headscale
Add headscale ~/.bashrc echo PATH=$PATH:/opt/headscale/bin >> ~/.bashrc
Source the new PATH source ~/.bashrc
Create config Create a config in /opt/headscale/config/config.yml
nano config.yaml
--- # The url clients will connect to. # Typically this will be a domain.
Apaches Alias with ProxyPass
I was trying to get an alias to work with a ProxyPass. This is pretty easy in NGiNX you just add locations where they need to be, but it appears in Apache/HTTPD you have to specify to ignore the location without the ProxyPass Module
The below needs to be added into your VirtualHost. This specific use was for the AppRise_API server
Alias "/s" "/opt/apprise/server/apprise_api/static" <Directory "/opt/apprise/server/apprise_api/static"> AllowOverride None Require all granted </Directory> ReWriteEngine on ProxyPassMatch ^/s !
Get toast notifications in windows for gotify
Below is how to recieve toast-notifications for gotify on windows
We have to allow powershell scripts run set-executionpolicy remotesigned as admin in powershell
Install BurntToast in powershell. Open powershell as admin then type Install-Module -Name BurntToast it will ask some questions just hit yes to all of them
Download websocat_win64.exe from Github HERE
Below is the script
param ($domain="p.domain.com", $token="AAAAAAAA") C:\Users\user\Downloads\websocat_win64.exe "wss://$domain/stream?token=$token" | %{ convertfrom-json $_ } | where-object {$_.
Proxy website through NGiNX to get on the TOR network
This tutorial assumings the set up below
NGINX CLEARWEB (web site hosted via SSL port 443) -> NGINX (reverse proxy for HTTPS website, converts website to HTTP and rewrites all 'DOMAIN.COM' to new .ONION address) -> TOR PROXY SERVICE
Install Tor
apt install tor
Configure Tor
nano /etc/tor/torrc
Add the lines below to the file above
HiddenServiceDir /var/lib/tor/domain.com/ HiddenServicePort 80 127.0.0.1:4879 Find Tor hostname
cat /var/lib/tor/domain.com/hostname
Now it’s time to configure NGiNX
Install Debian using RS232 serial cable
The following is for Windows
Download Putty
Choose serial and select the COM? you can find the com number from device manager under [Ports (COM & LPT)]
Now that we have a serial connection go ahead and plug in the netinstall iso usb drive created using Rufus from Debian website
hit tab to enter cmd to boot
remove quiet after the --- and replace with console=ttyS0,115200n8 example below. This will make the installer use the serial port
Simple router using Debian and Firewall-cmd as a base
Here is a quick rundown on how to make a simple Debian box into a router Removed un-needed items
apt purge iptables
Install required items
apt install bridge-utils firewalld dnsmasq
Enable IP Forwarding
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
Find NICs
ip a to find the NICs
Now we create the bridge. This is assuming your device has three NICs and you want two for LAN and one for WAN
nano /etc/network/interfaces
Blog Backend
How this blog is deployed
ClearNet: gitea (main repo) -> metroline (custom hugo build container) -> github release (via custom container to clone from gitea and push to github) -> cloudflare pages (this is auto when there’s a commit in the github repo)
TOR: gitea (main repo) -> metroline (custom hugo build container) -> rsync (custom container to push to web server) -> webserver (proxied via link HERE )
I had to do it this way since CloudFlare Pages only work with Github.
Fix Nextcloud Issues
Below is how to fix the Your web server is not properly set up to resolve /.well-known/webfinger /.well-known/nodeinfo error if using NGiNX since everything else I could find was for Apache/HTTPD.
Add the following to your NGiNX config file for nextcloud. Usualy found in /etc/nginx/sites-enabled/ or /etc/nginx/conf.d/
location = /.well-known/webfinger { return 301 $scheme://$host/index.php/.well-known/webfinger; } location = /.well-known/nodeinfo { return 301 $scheme://$host/index.php/.well-known/nodeinfo; } ACPu errors when doing stuff on the command line.