MySpace/Docs
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: MySpace:2d06663a3ca5dbd0d3b876af4e29f66a693c233e
Branches Tags
MySpace:master
..
compare: MySpace:d3dd02206d2af9d5e3331dcbcd9f50404140cbb7
Branches Tags
MySpace:master

No commits in common. "2d06663a3ca5dbd0d3b876af4e29f66a693c233e" and "d3dd02206d2af9d5e3331dcbcd9f50404140cbb7" have entirely different histories.
2d06663a3c ... d3dd02206d

7 changed files with 0 additions and 277 deletions
Show Stats Expand all files Collapse all files

58
BashScripts/add-openvpn-client.sh
View File

@ -1,58 +0,0 @@
# Make sure script is ran as root
if [[ $EUID -ne 0 ]]; then
exec sudo /bin/bash "$0" "$@"
fi
DIR=$(pwd)
for i in {1..255}; do
CLIENT_NAME="client$i"
if [ ! -f "/etc/openvpn/easy-rsa/pki/issued/$CLIENT_NAME.crt" ]; then
break
fi
done
read -e -p "Enter client name: " -i "$CLIENT_NAME" CLIENT_NAME
if [ -f "/etc/openvpn/easy-rsa/pki/issued/$CLIENT_NAME.crt" ]; then
echo Client $CLIENT_NAME already exists...
exit 1
fi
cd /etc/openvpn/easy-rsa
./easyrsa gen-req $CLIENT_NAME nopass
./easyrsa sign-req client $CLIENT_NAME
CA_CERT=$(cat "/etc/openvpn/ca.crt")
CLIENT_CERT=$(cat "/etc/openvpn/easy-rsa/pki/issued/$CLIENT_NAME.crt")
CLIENT_KEY=$(cat "/etc/openvpn/easy-rsa/pki/private/$CLIENT_NAME.key")
TA_KEY=$(cat "/etc/openvpn/ta.key")
cd "$DIR"
cat > $CLIENT_NAME.conf <<EOL
dev tun
persist-tun
persist-key
cipher AES-256-CBC
ncp-ciphers AES-256-GCM:AES-128-GCM
auth SHA1
# tls-client
client
resolv-retry infinite
remote home.myspace.nu 1294 udp
# remote-cert-tls server
float
verb 3
<ca>
$CA_CERT
</ca>
<cert>
$CLIENT_CERT
</cert>
<key>
$CLIENT_KEY
</key>
key-direction 1
<tls-auth>
$TA_KEY
</tls-auth>
EOL

81
BashScripts/install-openvpn-server.sh
View File

@ -1,81 +0,0 @@
# Install using: sudo su -c "bash <(wget -qO- /url/to/install-openvpn-server.sh)"
# Make sure script is ran as root
if [[ $EUID -ne 0 ]]; then
exec sudo /bin/bash "$0" "$@"
fi
read -e -p "Enter lan NIC: " -i $(ip route | grep default | sed -e 's/^.*dev.//' -e 's/.proto.*//') NIC_NAME
read -e -p "Enter VPN subnet: " -i "172.19.100" VPN_SUBNET
read -e -p "Enter LAN subnet: " -i "192.168.0" LAN_SUBNET
read -e -p "Enter VPN public hostname: " -i "home.myspace.nu" VPN_PUBLIC_HOST
read -e -p "Enter VPN public portnumber: " -i "1194" VPN_PUBLIC_PORT
if [ $(dpkg-query -W -f='${Status}' openvpn 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
echo "Installing OpenVPN..."
apt install openvpn easy-rsa -y
fi
if [ ! -d /etc/openvpn/easy-rsa ]; then
echo "Setting up Certificate Authority"
make-cadir /etc/openvpn/easy-rsa
cd /etc/openvpn/easy-rsa
./easyrsa init-pki
./easyrsa build-ca
./easyrsa gen-req myservername nopass
./easyrsa gen-dh
./easyrsa sign-req server myservername
cp pki/dh.pem pki/ca.crt pki/issued/myservername.crt pki/private/myservername.key /etc/openvpn/
fi
if [ ! -d /var/log/openvpn ]; then
mkdir -p /var/log/openvpn
fi
if ufw status | grep -q "Status: active"; then
echo Adding firewall rules...
ufw allow $VPN_PUBLIC_PORT/udp
ufw allow OpenSSH
ufw enable
ufw status verbose
echo You might need to enable NAT / MASQUERADE forwarding in /etc/ufw/before.rules
systemctl restart ufw
fi
if [ ! -f /etc/openvpn/myserver.conf ]; then
tee /etc/openvpn/myserver.conf > /dev/null <<EOL
port $VPN_PUBLIC_PORT
proto udp
dev tun
ca ca.crt
cert myservername.crt
key myservername.key
dh dh.pem
server $VPN_SUBNET.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route $LAN_SUBNET.0 255.255.255.0"
keepalive 10 120
tls-auth ta.key 0
cipher AES-256-CBC
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
verb 3
explicit-exit-notify 1
EOL
fi
if [ ! -f /etc/openvpn/ta.key ]; then
openvpn --genkey secret /etc/openvpn/ta.key
fi
sed -i -e 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf
systemctl start openvpn@myserver
echo Settings up NAT rules...
iptables -t nat -A POSTROUTING -s $VPN_SUBNET.0/24 -o $NIC_NAME -j MASQUERADE
iptables -A FORWARD -i tun0 -o $NIC_NAME -j ACCEPT
iptables -A FORWARD -i $NIC_NAME -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
apt install iptables-persistent -y
netfilter-persistent save

54
Docker/backupContainer.sh
View File

@ -1,54 +0,0 @@
#!/bin/bash
CONTAINER_NAME="$1"
BACKUP_DIR="$2"
VOLUME_NAME="$3"
if [ -z "$BACKUP_DIR" ]; then
echo "Usage: $0 <container_name> <backup_directory> <volume_name>"
exit 1
fi
if [ ! -d "$BACKUP_DIR" ]; then
echo "Directory $BACKUP_DIR does not exist"
exit 1
fi
#docker stop "$CONTAINER_NAME"
#docker commit "$CONTAINER_NAME" "${CONTAINER_NAME}_backup"
#docker save -o "$BACKUP_DIR/${CONTAINER_NAME}_backup.tar" "${CONTAINER_NAME}_backup"
#docker start "$CONTAINER_NAME"
#docker image rm -f "${CONTAINER_NAME}_backup"
# Backup volume
if [ "$VOLUME_NAME" ]; then
echo "Backup up volume $VOLUME_NAME"
docker run --rm -v "$VOLUME_NAME":/data -v "$BACKUP_DIR":/backup busybox tar czf /backup/"$VOLUME_NAME".tar.gz -C /data .
fi
# Extract image name
# IMAGE=$(docker inspect --format '{{.Config.Image}}' "$CONTAINER_NAME")
IMAGE="${CONTAINER_NAME}_backup"
# Extract ports
PORTS=$(docker inspect --format '{{json .HostConfig.PortBindings}}' "$CONTAINER_NAME" | jq -r 'to_entries | map("-p \(.value[0].HostPort):\(.key | sub("/tcp|/udp"; ""))") | join(" ")')
# Extract volumes
VOLUMES=$(docker inspect --format '{{json .Mounts}}' "$CONTAINER_NAME" | jq -r '.[] | select(.Type == "bind" or .Type == "volume") | "-v " + .Source + ":" + .Destination' | xargs)
# Extract environment variables
ENV_VARS=$(docker inspect --format '{{json .Config.Env}}' "$CONTAINER_NAME" | jq -r 'map("-e " + .) | join(" ")')
# Extract network mode
NETWORK_MODE=$(docker inspect --format '{{.HostConfig.NetworkMode}}' "$CONTAINER_NAME")
[ "$NETWORK_MODE" != "default" ] && NETWORK="--network=$NETWORK_MODE" || NETWORK=""
# Extract restart policy
RESTART_POLICY=$(docker inspect --format '{{.HostConfig.RestartPolicy.Name}}' "$CONTAINER_NAME")
[ "$RESTART_POLICY" != "no" ] && RESTART="--restart=$RESTART_POLICY" || RESTART=""
# Extract privileged mode
PRIVILEGED=$(docker inspect --format '{{.HostConfig.Privileged}}' "$CONTAINER_NAME")
[ "$PRIVILEGED" == "true" ] && PRIV="--privileged" || PRIV=""
# Extract entrypoint (if set)
ENTRYPOINT=$(docker inspect --format '{{json .Config.Entrypoint}}' "$CONTAINER_NAME" | jq -r 'if . != null then "--entrypoint \"" + join(" ") + "\"" else "" end')
# Extract command (CMD)
CMD=$(docker inspect --format '{{json .Config.Cmd}}' "$CONTAINER_NAME" | jq -r 'if . != null then join(" ") else "" end')
# Construct final `docker run` command
RUN_COMMAND="docker run -d --name $CONTAINER_NAME $PORTS $VOLUMES $ENV_VARS $NETWORK $RESTART $PRIV $ENTRYPOINT $IMAGE $CMD"
# echo "$RUN_COMMAND"
echo "$RUN_COMMAND" > "$BACKUP_DIR/${CONTAINER_NAME}_deploy.sh"

40
Docker/installPortainer.sh
View File

@ -1,40 +0,0 @@
#!/bin/bash
PRIMARY_NIC=$(ip route | awk '/default/ {print $5}')
IP_ADDRESS=$(ip -4 addr show "$PRIMARY_NIC" | awk '/inet / {print $2}' | cut -d/ -f1)
if ! [ -x "$(command -v docker)" ]; then
read -p "Docker not detected. Do you want to install it?" -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
echo "Installing docker"
# https://docs.docker.com/engine/install/ubuntu/
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get -y install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
else
exit 1
fi
fi
if [ ! "$(docker ps -a -q -f name=portainer)" ]; then
echo "Installing portainer"
if ! (docker volume ls --format "{{.Name}}" | grep -q "^portainer_data$"); then
echo "Create portainer volume"
docker volume create portainer_data
fi
docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:lts
fi
echo "You can now access Portainer on https://$IP_ADDRESS:9443"

25
Docker/restoreContainer.sh
View File

@ -1,25 +0,0 @@
#!/bin/bash
CONTAINER_NAME="$1"
BACKUP_DIR="$2"
VOLUME_NAME="$3"
if [ -z "$BACKUP_DIR" ]; then
echo "Usage: $0 <container_name> <backup_directory> <volume_name>"
exit 1
fi
if [ ! -d "$BACKUP_DIR" ]; then
echo "Directory $BACKUP_DIR does not exist"
exit 1
fi
# Load image
docker load -i "$BACKUP_DIR/${CONTAINER_NAME}_backup.tar"
if [ ! -f "${BACKUP_DIR}/${VOLUME_NAME}".tar.gz ]; then
echo "Restoring volume ${VOLUME_NAME}"
docker volume create "$VOLUME_NAME"
docker run --rm -v "$VOLUME_NAME":/data -v "$BACKUP_DIR":/backup busybox tar xzf /backup/"$VOLUME_NAME".tar.gz -C /data
fi
echo "Restore complete. Deploy using: ${BACKUP_DIR}/${CONTAINER_NAME}_deploy.sh"

6
Node.JS.md
View File

@ -39,9 +39,3 @@ Sök efter uppdateringar för bara production
<pre><code>npm install -g npm-check-updates <pre><code>npm install -g npm-check-updates
ncu -u ncu -u
npm install</code></pre> npm install</code></pre>
### Rensa npm cache
Detta ska normalt inte behövas då npm detekterar fel automatiskt.
<pre><code>npm cache clean --force</code></pre>

13
Windows/PostInstall/Windows-Tweaks.bat
View File

@ -43,11 +43,6 @@ REG ADD HKEY_CLASSES_ROOT\Directory\background\shell\cmd /v "Extended" /d "" /F
REG ADD HKEY_CLASSES_ROOT\Directory\shell\Powershell /v "Extended" /d "" /F >nul 2>&1 REG ADD HKEY_CLASSES_ROOT\Directory\shell\Powershell /v "Extended" /d "" /F >nul 2>&1
REG ADD HKEY_CLASSES_ROOT\Directory\background\shell\Powershell /v "Extended" /d "" /F >nul 2>&1 REG ADD HKEY_CLASSES_ROOT\Directory\background\shell\Powershell /v "Extended" /d "" /F >nul 2>&1
echo Enabling numlock during login screen
reg add "HKEY_USERS\.DEFAULT\Control Panel\Keyboard" /v InitialKeyboardIndicators /t REG_SZ /d 2 /f
echo Enabling numlock when logged in
reg add "HKEY_CURRENT_USER\Control Panel\Keyboard" /v InitialKeyboardIndicators /t REG_SZ /d 2 /f
echo Disabling password complexity. echo Disabling password complexity.
@rem secedit /export /cfg "%cd%\secconfig.cfg" @rem secedit /export /cfg "%cd%\secconfig.cfg"
( (
@ -87,14 +82,6 @@ if %ERRORLEVEL% EQU 1 (
echo You must restart the computer before changes are in effect. echo You must restart the computer before changes are in effect.
) )
choice /C yn /M "Disable adds?"
if %ERRORLEVEL% EQU 1 (
echo Disabling adds
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Start_IrisRecommendations /t REG_DWORD /d 0 /f >nul 2>&1
echo Disabling Copilot
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsCopilot" /v TurnOffWindowsCopilot /t REG_DWORD /d 1 /f >nul 2>&1
)
echo. echo.
echo All done! echo All done!
popd popd