Client DNS If you don’t want to use magic DNS like myself. I was having issues with it so I did this. Add the following to ~/.bashrc this will allow you to SSH to clients in the following way tailssh $USER $HOSTNAME you can also just run tailssh and that will show you all of the servers function tailssh () { if [[ -z $1 ]] && [[ -z $2 ]]; then tailscale status | grep -v 'filter/INPUT' | column -t else host=$(tailscale status | grep $2 | awk '{ print $1 }') ssh ${1}@${host} fi } Now we need to install column apt install bsdmainutils

Here I will walk you through setting up Headscale Create Directories mkdir -p /opt/headscale/config /opt/headscale/bin Install Reqs apt install -y wireguard-tools nginx apt-transport-https Generate Key wg genkey > /opt/headscale/config/private.key Download newest release from HERE wget https://github.com/juanfont/headscale/releases/download/v0.15.0-beta5/headscale_0.15.0-beta5_linux_amd64 -O /opt/headscale/bin/headscale Add headscale ~/.bashrc echo PATH=$PATH:/opt/headscale/bin >> ~/.bashrc Source the new PATH source ~/.bashrc Create config Create a config in /opt/headscale/config/config.yml nano config.yaml --- # The url clients will connect to. # Typically this will be a domain.

I was trying to get an alias to work with a ProxyPass. This is pretty easy in NGiNX you just add locations where they need to be, but it appears in Apache/HTTPD you have to specify to ignore the location without the ProxyPass Module The below needs to be added into your VirtualHost. This specific use was for the AppRise_API server Alias "/s" "/opt/apprise/server/apprise_api/static" <Directory "/opt/apprise/server/apprise_api/static"> AllowOverride None Require all granted </Directory> ReWriteEngine on ProxyPassMatch ^/s !

Install Reqs apt install -y curl jq Add to bashrc file nano ~/.bashrc function gotify() { if [[ -z "$1"] || -z "$2" || -z "$3" ]]; then echo echo "Usage: gotify [title] [message] [priority]"; echo else source /etc/gotify.conf URL="${URL}/message?token=${TOKEN}" command=$(curl -s "${URL}" -F "title=${1}" -F "message=${2}" -F "priority=${3}" | jq '.id') && echo "Sent with ID: ${command}" unset URL; unset TOKEN fi } Add config nano /etc/gotify.conf URL="https://URL.COM" TOKEN="APP_TOKEN"

Below is how to recieve toast-notifications for gotify on windows We have to allow powershell scripts run set-executionpolicy remotesigned as admin in powershell Install BurntToast in powershell. Open powershell as admin then type Install-Module -Name BurntToast it will ask some questions just hit yes to all of them Download websocat_win64.exe from Github HERE Below is the script param ($domain="p.domain.com", $token="AAAAAAAA") C:\Users\user\Downloads\websocat_win64.exe "wss://$domain/stream?token=$token" | %{ convertfrom-json $_ } | where-object {$_.

This tutorial assumings the set up below NGINX CLEARWEB (web site hosted via SSL port 443) -> NGINX (reverse proxy for HTTPS website, converts website to HTTP and rewrites all 'DOMAIN.COM' to new .ONION address) -> TOR PROXY SERVICE Install Tor apt install tor Configure Tor nano /etc/tor/torrc Add the lines below to the file above HiddenServiceDir /var/lib/tor/domain.com/ HiddenServicePort 80 127.0.0.1:4879 Find Tor hostname cat /var/lib/tor/domain.com/hostname Now it’s time to configure NGiNX

The following is for Windows Download Putty Choose serial and select the COM? you can find the com number from device manager under [Ports (COM & LPT)] Now that we have a serial connection go ahead and plug in the netinstall iso usb drive created using Rufus from Debian website hit tab to enter cmd to boot remove quiet after the --- and replace with console=ttyS0,115200n8 example below. This will make the installer use the serial port

Install exiftool apt install -y exiftool Use EXIFTOOL If you want to loop thru folder (this assumes no spaces in file names) for a in *.jpg; do exiftool -all= "${a}"; done If you want to only do a specific file do exiftool -all= file.jpg

HERE is the script that you can add to cron. Don’t forget to update the file with your influx creds and provisioned upload/download. mkdir /root/scripts wget https://leffler.tech/uploads/2021/09/28/speedtest2influx.sh -O /root/scripts/speedtest2influx.sh echo '0 * * * * root /root/scripts/speedtest2influx.sh' >> /etc/cronab HERE is the json for the dashboard

Here is a quick rundown on how to make a simple Debian box into a router Removed un-needed items apt purge iptables Install required items apt install bridge-utils firewalld dnsmasq Enable IP Forwarding sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf Find NICs ip a to find the NICs Now we create the bridge. This is assuming your device has three NICs and you want two for LAN and one for WAN nano /etc/network/interfaces

nano /etc/telegraf/telegraf.d/input-hdhr.conf [[inputs.exec]] commands = ["curl http://<IP-OF-DEVICE>/status.json"] timeout = "5s" data_format = "json" name_override = "HDHomeRun" tag_keys = ["Resource"] [inputs.exec.tags] device="<IP-OF-DEVICE>" HERE is the json for the dashboard This might get updated, might not.

How this blog is deployed ClearNet: gitea (main repo) -> metroline (custom hugo build container) -> github release (via custom container to clone from gitea and push to github) -> cloudflare pages (this is auto when there’s a commit in the github repo) TOR: gitea (main repo) -> metroline (custom hugo build container) -> rsync (custom container to push to web server) -> webserver (proxied via link HERE ) I had to do it this way since CloudFlare Pages only work with Github.

acme.sh --issue --dns dns_cf --keylength 4096 -d domain.com -d '*.domain.com'

Below is how to fix the Your web server is not properly set up to resolve /.well-known/webfinger /.well-known/nodeinfo error if using NGiNX since everything else I could find was for Apache/HTTPD. Add the following to your NGiNX config file for nextcloud. Usualy found in /etc/nginx/sites-enabled/ or /etc/nginx/conf.d/ location = /.well-known/webfinger { return 301 $scheme://$host/index.php/.well-known/webfinger; } location = /.well-known/nodeinfo { return 301 $scheme://$host/index.php/.well-known/nodeinfo; } ACPu errors when doing stuff on the command line.

init repo apt install -y restic export AWS_ACCESS_KEY_ID='KEY_ID_HERE' export AWS_SECRET_ACCESS_KEY='ACCESS_KEY_HERE' export RESTIC_REPOSITORY="REPO_HERE_IS_USE_MINIO" export RESTIC_PASSWORD='RANDOM_PASSWD_HERE' restic init Service time nano /etc/systemd/system/restic-backup.service [Unit] Description=restic Wants=restic.timer [Service] Type=oneshot User=root Group=root Environment=AWS_ACCESS_KEY_ID='KEY_ID_HERE' Environment=AWS_SECRET_ACCESS_KEY='ACCESS_KEY_HERE' Environment=RESTIC_REPOSITORY="REPO_HERE_IS_USE_MINIO" Environment=RESTIC_PASSWORD='RANDOM_PASSWD_HERE' ExecStartPre=/bin/bash -c '/usr/bin/mysqldump --defaults-file=/root/.my.cnf --all-databases > /opt/backup/mysqldump.sql' ExecStart=/bin/bash -c '/usr/bin/restic --exclude={/dev,/media,/mnt,/proc,/run,/sys,/tmp,/var/tmp,/var/lib/mysql,/swap*} backup / && /usr/bin/restic forget --prune --keep-daily 5 --keep-weekly 15 --keep-monthly 15' ExecStartPost=/usr/bin/rm /opt/backup/mysqldump.sql [Install] WantedBy=multi-user.target Timer time nano /etc/systemd/system/restic-backup.timer [Unit] Description=restic Requires=restic.service [Timer] Unit=restic.service OnCalendar=daily AccuracySec=1h Persistent=true [Install] WantedBy=timers.

sed With the last g all text is replaced not just the first Replace text inline using sed (does not work with symlinks) sed -i 's/TO_BE_REPLACED/NEW_TEXT/g' FILE_HERE Replace text output to stdout sed 's/TO_BE_REPLACED/NEW_TEXT/g' FILE_HERE awk Show specific column of line awk '{ print $N }' where N is column number cut cut -d' ' -fN where d is the delimiter and N is the colum number perl Replace new line with space

I’m honesly not sure if these are vi or vim specific as I use a mac and Debian machine, but here’s some fun stuff I’ve learned over the years. I started as a nano person, but am finaly sitting down and using vi/m more and more. In command mode (make sure to hit esc) Go to start of file gg Go to end of file G Delete from line to start of file dgg

To use max XZ compression and all cores add export XZ_OPT='-T0 -9' to the end of your ~/.bashrc file. To use all cores add export XZ_OPT='-T0' to the end of your ~/.bashrc file. To use max XZ compression add export XZ_OPT='-9' to the end of your ~/.bashrc file. Then exit terminal and go back or source ~/.bashrc

Here’s some fun stuff to learn about the urbackup appliance By default there is no firewall, but it’s locked down so one’s not needed, but I installed one anyway You should be able to sudo su - from the admin user, if not; shut the appliance down, then in grub hit e, then add init=/bin/bash at the end of the line that says quiet, then CTRL+X to boot, then echo 'admin ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.

This is just basic hints, not a full guide This assumes you have some basic linux knowledge Download identity and storagenode from github (I like to download these things to /opt/storj/) Create auth token HERE Create identity HERE (This took about 4 hours on my node | E3-1280 V2) storagenode setup. This will create config file and other needed files in ~/.local/share/storj/storagenode/config.yaml and ~/.local/share/storj/storagenode/storage Now you need to edit ~/.local/share/storj/storagenode/config.yaml and make changes as needed (wallet, identity files and data storage locations, email, storage size)

./imapsync --host1 server1.domain.com --user1 [email protected] --password1 'password' --host2 server2.domain.com --user2 [email protected] --password2 'password' --delete2 --delete2 will preform a 1 way sync from server1 to server2

The files might change, but pretty much just add /S as a switch to the software to do it quietly UrBackup Client *.exe /S $programfiles\UrBackup\Uninstall.exe /S

This is still a WIP. Prepare image Download Appliance Unzip unzip urbackup-app-10-0.img.zip Now upload unzipped image somewhere public. Backblaze/S3 would be a great use for this Write image to disk in ServerCheap.net Create new instance Shutdown new instance Enable Rescue Mode SSH into rescued device using creds given Install required software apt update; apt install curl Download image and burn to disk curl https://URL-TO-FILE/urbackup-system-disk.img | dd of=/dev/vda You should now be able to disable rescue mode and boot it up

By default the policyd is using IPv6. This needs to be forced to use IPv4 since the VPS I’m using doesn’t seem to have IPv6 enabled nano /etc/supervisor/conf.d/policyd.conf Replace command=/srv/modoboa/env/bin/python /srv/modoboa/instance/manage.py policy_daemon with command=/srv/modoboa/env/bin/python /srv/modoboa/instance/manage.py policy_daemon --host 127.0.0.1

git clone https://github.com/modoboa/modoboa-installer cd modoboa-installer ./run.py --stop-after-configfile-check domain.com nano installer.cfg Add the folloing to installer.cfg [database] engine = mysql host = 127.0.0.1 install = true