--- created: 2024-11-04T19:30:12.000Z type: note updated: 2024-12-04T03:46:28.000Z --- # Beelink Ubuntu and Docker July 2024 ## Dashkiosk ```bash Mon Jul 01 2024 09:58:10 GMT-0700 (Mountain Standard Time) apt install snapd -y apt install sudo links unzip nginx git nano ncdu -y snap install dashkiosk snap install ubuntu-frame wpe-webkit-mir-kiosk snap set wpe-webkit-mir-kiosk daemon=true snap set wpe-webkit-mir-kiosk url=http://localhost:9400/receiver exit ``` ```bash Mon Jul 01 2024 10:08:55 GMT-0700 (Mountain Standard Time) wpe-webkit-mir-kiosk.cog http://localhost:9400/receiver # ^C /snap/wpe-webkit-mir-kiosk/current/bin/setup.sh wpe-webkit-mir-kiosk.cog http://localhost:9400/receiver # ^C snap set ubuntu-frame daemon=true exit reboot ``` ## authorized_keys ```bash Mon Jul 01 2024 10:08:58 GMT-0700 (Mountain Standard Time) cat /root/.ssh/authorized_keys nano /root/.ssh/authorized_keys ``` ```config Mon Jul 01 2024 10:09:00 GMT-0700 (Mountain Standard Time) ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7khmvc9lTWHALZ/IOMcJNz/1SuvrU53fI43v4PxIJN # 92532396 2023-12-27 mikep@DESKTOP-VP94SPB ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGq7b8qtm4fgNxW2lxm+qoxm8Wz7+1uhLQCg7xSlKYL1 # 92683771 2024-01-01 mikep@DESKTOP-BMV4V66 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJqLFW9kYMp9lOTXXYafxLiUADFFKeM5KDzt02E3XeRP # 92691378 2024-01-01 cphar@DESKTOP-KA0LMMJ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBkS+uvWevmhYNos6MJKVi2auAx6x+xlyOnnvbdEstsz # 92797978 2024-01-03 mikep@DESKTOP-GNECR7R ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKf5fo63+vyYa8E06+HOPg24e9VMsvv/kBsHKGjBBUyz # 92895319 2024-01-05 mike@mike-B365M-DS3H ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGM6ANLH/4dS0YqlsCyoXkznzkgIsDqCTk3YX01XVWd8 # 92909911 2024-01-06 mikep@DESKTOP-H6JG91B ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOwAv1vrRA29GYL0DFSE8nmD5q3gL+vVtFSwhrXObDo4 # 93288214 2024-01-13 infineon\phares@ISCN5CG3256CPS ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH1xPVOisKwW6Xwo/Yh1kx2smt2HJU2/pRjTJf4KdGXo # 97267150 2024-03-28 mike@mike-Default-string ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDz5WqCKsoaxV+LG/kufLNuiE9K3lqp+B3AqeKXGusX # 97442032 2024-04-01 lphar@DESKTOP-1238PEQ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID09PhrjIpeNBmUeycnT3xKF8F5TcGL3ZKAvU9YdLj7H # 98747144 2024-04-25 mike@mike-Default-string ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIaZyTLpafZta8W8Uv6uWpgbbj4QL5dde9Rlf06PfdYc # 98824914 2024-04-26 k0308@DESKTOP-0UJ8DD5 # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEFpucyp3FAHn8/9cXvfRegi09DkR6XLugoniEyQ9w0T # 98824924 2024-04-26 mille@DESKTOP-QL2HGEH ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOn/Ptg/k3rOJn32GxrL2J3Bazt/3M9fGWjzP+CW1qXK # 100900455 2024-06-03 lphares0907@penguin ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPMIxGucViHMHFXoM2VBPlvLvMgqNi2BUtTE/D4n778M # 101638217 2024-06-14 mikep@DESKTOP-VVO6KCM ``` ## Create Users ```bash Mon Jul 01 2024 10:09:02 GMT-0700 (Mountain Standard Time) adduser lphares mkdir /home/lphares/.ssh cp /root/.ssh/authorized_keys /home/lphares/.ssh/authorized_keys chown lphares:lphares -R /home/lphares adduser bmiller mkdir /home/bmiller/.ssh cp /root/.ssh/authorized_keys /home/bmiller/.ssh/authorized_keys chown bmiller:bmiller -R /home/bmiller ``` ## Log ```bash Mon Jul 01 2024 10:09:04 GMT-0700 (Mountain Standard Time) ln -s /var/log/nginx /var/www/html/log-nginx ls -la /var/www/html exit ``` ```bash Mon Jul 01 2024 10:09:06 GMT-0700 (Mountain Standard Time) cp ~/.bash_history /etc/bash_history_2024-07-01.txt cat /etc/bash_history_2024-07-01.txt exit ``` ```bash Mon Jul 01 2024 10:09:08 GMT-0700 (Mountain Standard Time) apt install smartmontools smartctl -i /dev/sda ```support is: Enabled ``` ## no-ip2 ```bash Mon Jul 01 2024 10:09:26 GMT-0700 (Mountain Standard Time) cd /usr/local/src/ wget http://www.noip.com/client/linux/noip-duc-linux.tar.gz tar xf noip-duc-linux.tar.gz ls cd noip-2.1.9-1/ apt-get install make gcc -y make install # mikepharesjr@msn.com # See KeePass cat /usr/local/etc/no-ip2.conf noip2 -C -u 9zh94yf -p xrtvLiRNhScX cat /usr/local/etc/no-ip2.conf # cd /usr/local/src/noip-2.1.9-1/binaries # ./noip2-x86_64 -S # cd .. noip2 -S exit ``` ## Directory Share ```bash Mon Jul 01 2024 10:32:52 GMT-0700 (Mountain Standard Time) systemctl restart ssh adduser bmiller lphares sudo usermod -a -G lphares bmiller newgrp lphares # chmod 755 -R /home/lphares/dorico/ # chmod 750 /home/lphares # chmod 750 /home/bmiller ``` ## Free File Sync ## nginx ```bash Mon Jul 01 2024 10:32:58 GMT-0700 (Mountain Standard Time) nginx -t systemctl start nginx nginx -s reload ``` ## certbot ```bash Mon Jul 01 2024 10:33:01 GMT-0700 (Mountain Standard Time) # https://certbot.eff.org/instructions?ws=nginx&os=ubuntufocal apt-get remove certbot -y snap install --classic certbot ln -s /snap/bin/certbot /usr/bin/certbot mkdir -p /var/www/certbot/.well-known/acme-challenge touch /var/www/certbot/.well-known/acme-challenge/smwqgmeNx04tA3HC05I8_gtpqLTkjRAotHdfp0E5LnM # certbot --nginx certbot certonly --nginx # mikepharesjr@msn.com # 1: affirm.ddns.net # 2: ansible.ddns.net # 3: assistant.ddns.net # 4: casa.ddns.net # 5: dashkiosk.ddns.net # 6: dockge.ddns.net # 7: emby.ddns.net # 8: filebrowser.ddns.net # 9: gogs.ddns.net # 10: gogs3757.ddns.net # 11: immich.ddns.net # 12: immich3757.ddns.net # 13: invoice.ddns.net # 14: music.ddns.net # 15: music3757.ddns.net # 16: nextcloud.ddns.net # 17: owncast.ddns.net # 18: phares.ddns.net # 19: phares3757.ddns.net # 20: photoprism.ddns.net # 21: pihole.ddns.net # 22: proxmox.ddns.net # 23: readeck.ddns.net # 24: syncthing.ddns.net # 25: uptimekuma.ddns.net # 26: vaultwarden.ddns.net # 27: vscodium.ddns.net # 19,10,12,15,1 # always pick phares3757 first! # http://immich3757.ddns.net/.well-known/acme-challenge/smwqgmeNx04tA3HC05I8_gtpqLTkjRAotHdfp0E5LnM systemctl list-timers # q # /etc/crontab/ # /etc/cron.*/* certbot renew --dry-run # https://www.f5.com/company/blog/nginx/using-free-ssltls-certificates-from-lets-encrypt-with-nginx nano /etc/logrotate.d/letsencrypt ``` ```conf Mon Jul 01 2024 10:33:05 GMT-0700 (Mountain Standard Time) /var/log/letsencrypt/*.log { rotate 12 weekly compress missingok } ``` ```bash Mon Jul 01 2024 10:33:09 GMT-0700 (Mountain Standard Time) nginx -t systemctl start nginx nginx -s reload ``` ## Docker ```bash Mon Jul 01 2024 10:36:06 GMT-0700 (Mountain Standard Time) docker run hello-world docker ps -a docker volume list apt install podman-docker -y exit reboot ``` ## Dockge ```bash Mon Jul 01 2024 10:39:48 GMT-0700 (Mountain Standard Time) curl -fsSL https://get.docker.com -o get-docker.sh sh get-docker.sh rm get-docker.sh mkdir -p /opt/stacks /opt/dockge cd /opt/dockge curl https://raw.githubusercontent.com/louislam/dockge/master/compose.yaml --output compose.yaml docker compose up -d # docker-compose up -d ``` ## Copy Slideshow Photos ```bash Mon Jul 01 2024 11:31:59 GMT-0700 (Mountain Standard Time) lvs -a lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE% mkdir /mnt/usb mount /dev/sdb2 /mnt/usb cp -R /mnt/usb/var/www/html/Images-c9dbce3b-Results/thumbs/ /var/www/html/Images-c9dbce3b-Results/thumbs/ umount /mnt/usb exit reboot # http://192.168.11.2:9400/admin # Slideshow # http://127.0.0.1:8080/slideshow/index.html?nocache=2024-07-01-11-36 # Local # http://192.168.11.2:8080/slideshow/index.html?nocache=2024-07-01-11-36 ``` ## Kestra ```bash # L:\Git\Linux-Ubuntu-Server\opt\copy\kestra\compose.yaml ``` ## Immich ```bash Mon Jul 01 2024 14:45:57 GMT-0700 (Mountain Standard Time) usermod -a -G docker phares id # uid=0(root) gid=0(root) groups=0(root),1003(docker) su phares # uid=1000(phares) gid=1000(phares) groups=1000(phares),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),101(lxd),1003(docker) docker-compose exec immich_server id # uid=0(root) gid=0(root) groups=0(root) docker run --rm -it -v "/var/immich/photos:/host" ubuntu /bin/bash # Error response from daemon: error while creating mount source path '/var/immich/photos' mkdir h: read-only file system docker run --rm -it -v "/:/host" ubuntu /bin/bash docker run --rm -it -v "/home/phares:/host" ubuntu /bin/bash mkdir /host/test-2024-07-01 exit ls /home/phares/test-2024-07-01 rm -r /home/phares/test-2024-07-01 lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE% # L:\Git\Linux-Ubuntu-Server\opt\copy\immich\.env # L:\Git\Linux-Ubuntu-Server\opt\copy\immich\compose.yaml ``` ## Incus - [incus](https://github.com/zabbly/incus) ```bash Mon Jul 01 2024 15:23:58 GMT-0700 (Mountain Standard Time) curl -fsSL https://pkgs.zabbly.com/key.asc | gpg --show-keys --fingerprint mkdir -p /etc/apt/keyrings/ curl -fsSL https://pkgs.zabbly.com/key.asc -o /etc/apt/keyrings/zabbly.asc sh -c 'cat < /etc/apt/sources.list.d/zabbly-incus-lts-6.0.sources Enabled: yes Types: deb URIs: https://pkgs.zabbly.com/incus/lts-6.0 Suites: $(. /etc/os-release && echo ${VERSION_CODENAME}) Components: main Architectures: $(dpkg --print-architecture) Signed-By: /etc/apt/keyrings/zabbly.asc EOF' apt-get update apt-get install incus -y incus config set core.https_address :8443 exit reboot ``` - [incus-containers-step-by-step](https://discussion.scottibyte.com/t/incus-containers-step-by-step/349) ```bash Mon Jul 01 2024 15:35:02 GMT-0700 (Mountain Standard Time) apt install virt-viewer -y usermod -aG incus-admin phares newgrp incus-admin groups exit reboot ``` ```bash Mon Jul 01 2024 15:36:00 GMT-0700 (Mountain Standard Time) apt install zfsutils-linux -y exit reboot ``` ```bash Mon Jul 01 2024 15:38:21 GMT-0700 (Mountain Standard Time) incus admin init ``` ```yaml Mon Jul 01 2024 15:42:37 GMT-0700 (Mountain Standard Time) config: core.https_address: '[::]:8443' networks: - config: ipv4.address: auto ipv6.address: none description: "" name: incusbr0 type: "" project: default storage_pools: - config: size: 132GiB description: "" name: default driver: zfs profiles: - config: {} description: "" devices: eth0: name: eth0 network: incusbr0 type: nic root: path: / pool: default type: disk name: default projects: [] cluster: null ``` ```bash Mon Jul 01 2024 15:42:42 GMT-0700 (Mountain Standard Time) incus list incus image list images: incus launch images:ubuntu/22.04 first ``` -[incus-virtual-machine-custom-installation](https://discussion.scottibyte.com/t/incus-virtual-machine-custom-installation/407) ```bash Mon Jul 01 2024 15:50:23 GMT-0700 (Mountain Standard Time) incus launch images:ubuntu/22.04/desktop Desktop --vm --console=vga # (remote-viewer:7483): Gtk-WARNING **: 22:53:14.753: cannot open display: incus config trust add DESKTOP-GNECR7R ``` ```conf Mon Jul 01 2024 19:43:52 GMT-0700 (Mountain Standard Time) Client DESKTOP-GNECR7R certificate add token: # ... ``` ```PowerShell Mon Jul 01 2024 16:27:58 GMT-0700 (Mountain Standard Time) incus remote add phares.ddns.net 192.168.11.2 incus remote list incus remote switch phares.ddns.net incus list incus console Desktop --type=vga ``` ```bash Mon Jul 01 2024 19:43:45 GMT-0700 (Mountain Standard Time) apt install openvswitch-switch -y ``` ```bash Mon Jul 01 2024 19:43:48 GMT-0700 (Mountain Standard Time) # netplan apply # incus profile create bridgeprofile # incus profile device add bridgeprofile eth0 nic nictype=bridged parent=bridge0 # incus launch images:ubuntu/22.04 second --profile default --profile bridgeprofile incus list incus launch images:ubuntu/22.04 second incus exec second bash # snap install lxdmosaic # https://192.168.11.2:8443/ui/ # incus config set core.https_address [::] # incus config set core.trust_password 1178thisIsA7 # incus config set core.https_address :8443 nano lxconsole.crt # ... incus config trust add-certificate lxconsole.crt incus config set core.https_address=[::]:8443 ``` ## Docker html-to-pdf - [docker-html-to-pdf](https://github.com/pinkeen/docker-html-to-pdf) ```bash Mon Jul 01 2024 20:41:43 GMT-0700 (Mountain Standard Time) timedatectl set-timezone America/Phoenix cd /home/phares # cd /var/www/html/pdf mkdir -p /var/www/html/pdf url="http://192.168.11.2:5001" backup_time=$(date +'%H-%M-%S') backup_date=$(date +'%Y-%m-%d') echo "${backup_date}---${backup_time}.pdf" # docker run -v "$(pwd):/workspace" pink33n/html-to-pdf --url http://google.com --pdf out.pdf docker run -v "$(pwd):/workspace" pink33n/html-to-pdf --url "${url}" --pdf "${backup_date}---${backup_time}.pdf" mv "${backup_date}---${backup_time}.pdf" /var/www/html/pdf/. ls -la /var/www/html/pdf # rm /var/www/html/pdf/* ``` ## Incus Import from Proxmox - [incus](https://github.com/zabbly/incus) ```bash Tue Jul 02 2024 17:07:43 GMT-0700 (Mountain Standard Time) # 115-turnkey-gitea rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-115-turnkey-gitea.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-115-turnkey-gitea-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-115-2024_07_02-16_08_37.tar.gz incus launch proxmox-115-turnkey-gitea-image 115-turnkey-gitea -c boot.autostart=true incus exec 115-turnkey-gitea bash # # 118-turnkey-oddo rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-118-turnkey-oddo.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-118-turnkey-oddo-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-118-2024_07_02-16_14_09.tar.gz incus launch proxmox-118-turnkey-oddo-image 118-turnkey-oddo -c boot.autostart=true incus exec 118-turnkey-oddo bash # ``` ```bash Tue Jul 02 2024 17:07:46 GMT-0700 (Mountain Standard Time) # 122-vaultwarden rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-122-vaultwarden.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-122-vaultwarden-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-122-2024_07_02-16_41_20.tar.gz incus launch proxmox-122-vaultwarden-image 122-vaultwarden -c boot.autostart=true incus exec 122-vaultwarden bash # ``` ## Incus Import from Proxmox Maybe ```bash Not done # 114-turnkey-ansible rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-114-turnkey-ansible.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-114-turnkey-ansible-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-114-2024_07_02-16_07_21.tar.gz incus launch proxmox-114-turnkey-ansible-image 114-turnkey-ansible -c boot.autostart=true incus exec 114-turnkey-ansible bash # # 116-turnkey-invoice rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-116-turnkey-invoice.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-116-turnkey-invoice-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-116-2024_07_02-16_09_49.tar.gz incus launch proxmox-116-turnkey-invoice-image 116-turnkey-invoice -c boot.autostart=true incus exec 116-turnkey-invoice bash # # 117-turnkey-nextcloud rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-117-turnkey-nextcloud.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-117-turnkey-nextcloud-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-117-2024_07_02-16_12_14.tar.gz incus launch proxmox-117-turnkey-nextcloud-image 117-turnkey-nextcloud -c boot.autostart=true incus exec 117-turnkey-nextcloud bash # # 119-turnkey-observium rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-119-turnkey-observium.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-119-turnkey-observium-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-119-2024_07_02-16_16_59.tar.gz incus launch proxmox-119-turnkey-observium-image 119-turnkey-observium -c boot.autostart=true incus exec 119-turnkey-observium bash # # 120-turnkey-zoneminder rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-120-turnkey-zoneminder.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-120-turnkey-zoneminder-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-120-2024_07_02-16_19_58.tar.gz incus launch proxmox-120-turnkey-zoneminder-image 120-turnkey-zoneminder -c boot.autostart=true incus exec 120-turnkey-zoneminder bash # # 121-turnkey-faveo-helpdesk rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-121-turnkey-faveo-helpdesk.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-121-turnkey-faveo-helpdesk-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-121-2024_07_02-16_21_18.tar.gz incus launch proxmox-121-turnkey-faveo-helpdesk-image 121-turnkey-faveo-helpdesk -c boot.autostart=true incus exec 121-turnkey-faveo-helpdesk bash # ``` ```bash Not done # 123-wastebin rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-123-wastebin.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-123-wastebin-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-123-2024_07_02-16_44_34.tar.gz incus launch proxmox-123-wastebin-image 123-wastebin -c boot.autostart=true incus exec 123-wastebin bash # # 124-readeck rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-124-readeck.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-124-readeck-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-124-2024_07_02-16_47_02.tar.gz incus launch proxmox-124-readeck-image 124-readeck -c boot.autostart=true incus exec 124-readeck bash # # 125-ntfy rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-125-ntfy.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-125-ntfy-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-125-2024_07_02-16_47_58.tar.gz incus launch proxmox-125-ntfy-image 125-ntfy -c boot.autostart=true incus exec 125-ntfy bash # # 126-commafeed rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-126-commafeed.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-126-commafeed-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-126-2024_07_02-16_49_32.tar.gz incus launch proxmox-126-commafeed-image 126-commafeed -c boot.autostart=true incus exec 126-commafeed bash # # 127-actualbudget rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-127-actualbudget.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-127-actualbudget-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-127-2024_07_02-16_50_52.tar.gz incus launch proxmox-127-actualbudget-image 127-actualbudget -c boot.autostart=true incus exec 127-actualbudget bash # # 128-forgejo rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-128-forgejo.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-128-forgejo-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-128-2024_07_02-16_52_26.tar.gz incus launch proxmox-128-forgejo-image 128-forgejo -c boot.autostart=true incus exec 128-forgejo bash # # 129-homepage rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-129-homepage.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-129-homepage-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-129-2024_07_02-16_53_41.tar.gz incus launch proxmox-129-homepage-image 129-homepage -c boot.autostart=true incus exec 129-homepage bash # # 132-redis rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-132-redis.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-132-redis-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-132-2024_07_02-16_55_20.tar.gz incus launch proxmox-132-redis-image 132-redis -c boot.autostart=true incus exec 132-redis bash # # 133-postgresql rm /home/free-file-sync/proxmox/metadata.tar.gz cp /home/free-file-sync/proxmox/vzdump-lxc-133-postgresql.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz incus image import --alias=proxmox-133-postgresql-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-133-2024_07_02-16_56_14.tar.gz incus launch proxmox-133-postgresql-image 133-postgresql -c boot.autostart=true incus exec 133-postgresql bash # ``` ## Import Immich to Docker - [backup-and-restore](https://immich.app/docs/administration/backup-and-restore/) ```bash Tue Jul 02 2024 20:01:04 GMT-0700 (Mountain Standard Time) lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE% docker start immich_postgres gunzip < "/home/free-file-sync/proxmox/dump.sql.gz" \ | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \ | docker exec -i immich_postgres psql --username=postgres ``` ```bash cd /home tar -tvf free-file-sync/proxmox/upload.tar tar -tvf free-file-sync/proxmox/upload.tar usr/src/app/upload/library docker run --rm --volumes-from immich_server -v $(pwd):/backup ubuntu bash -c "cd /usr/src/app/upload && ls -la" docker run --rm --volumes-from immich_server -v $(pwd):/restore ubuntu tar xvf /restore/free-file-sync/proxmox/upload.tar --strip 1 ``` ## certbot ```bash Tue Jul 02 2024 23:04:12 GMT-0700 (Mountain Standard Time) noip2 -u 9zh94yf -p xrtvLiRNhScX # https://certbot.eff.org/instructions?ws=nginx&os=ubuntufocal certbot certonly --nginx # mikepharesjr@msn.com # 1: affirm.ddns.net # 2: dashkiosk.ddns.net # 3: dockge.ddns.net # 4: gitea.ddns.net # 5: gitea3757.ddns.net # 6: immich.ddns.net # 7: immich3757.ddns.net # 8: incus.ddns.net # 9: kestra.ddns.net # 10: lxconsole.ddns.net # 11: music.ddns.net # 12: music3757.ddns.net # 13: phares.ddns.net # 14: phares3757.ddns.net # 15: vaultwarden.ddns.net # 14,1,5,7,12 # always pick phares3757 first! listen" directive is not allowed here in ``` ## HP Printer ```bash # apt-get install --assume-yes libcups2 cups libcups2-dev cups-bsd cups-client avahi-utils libavahi-client-dev libavahi-core-dev libavahi-common-dev libcupsimage2-dev libdbus-1-dev build-essential gtk2-engines-pixbuf ghostscript openssl libjpeg-dev libatk-adaptor libgail-common libsnmp-dev snmp-mibs-downloader libtool libtool-bin libusb-1.0-0-dev libusb-0.1-4 wget policykit-1 policykit-1-gnome automake1.11 python3-dbus.mainloop.pyqt5 python3-reportlab python3-notify2 python3-pyqt5 python3-dbus python3-gi python3-lxml python3-dev python3-pil python-is-python3 libsane libsane-dev sane-utils xsane -y apt-get install --assume-yes libcups2t64 cups cups-bsd cups-client avahi-utils libavahi-client-dev libavahi-core-dev libavahi-common-dev libcupsimage2-dev libdbus-1-dev build-essential gtk2-engines-pixbuf ghostscript openssl libjpeg-dev libatk-adaptor libgail-common libsnmp-dev snmp-mibs-downloader libtool libtool-bin libusb-1.0-0-dev libusb-0.1-4 wget policykit-1 policykit-1-gnome automake1.11 python3-dbus.mainloop.pyqt5 python3-reportlab python3-notify2 python3-pyqt5 python3-dbus python3-gi python3-lxml python3-dev python3-pil python-is-python3 sane-utils xsane -y ``` ## Gitea Runner ```bash Fri Jul 19 2024 12:32:07 GMT-0700 (Mountain Standard Time) cd /home/phares wget https://gitea.com/gitea/act_runner/releases/download/v0.2.10/act_runner-0.2.10-linux-amd64 chmod +x act_runner-0.2.10-linux-amd64 ./act_runner-0.2.10-linux-amd64 -v ./act_runner-0.2.10-linux-amd64 register --no-interactive --instance http://192.168.11.2:3000/ --token asdf ./act_runner-0.2.10-linux-amd64 daemon ``` ```bash Fri Jul 19 2024 13:37:50 GMT-0700 (Mountain Standard Time) cd /home/phares cat .runner ./act_runner-0.2.10-linux-amd64 daemon ``` ```bash Fri Jul 19 2024 13:40:38 GMT-0700 (Mountain Standard Time) cp /home/phares/act_runner-0.2.10-linux-amd64 /usr/local/bin/act_runner ./act_runner-0.2.10-linux-amd64 register --no-interactive --config /etc/act_runner/config.yaml --instance http://192.168.11.2:3000/ --name beelink-cmd-phares3757 --token asdf ``` ```yml Fri Jul 19 2024 13:53:13 GMT-0700 (Mountain Standard Time) # gitea-runner version: "3.8" services: runner: environment: # CONFIG_FILE: /config.yaml GITEA_INSTANCE_URL: ${INSTANCE_URL} GITEA_RUNNER_LABELS: ${RUNNER_LABELS} GITEA_RUNNER_NAME: ${RUNNER_NAME} GITEA_RUNNER_REGISTRATION_TOKEN: ${REGISTRATION_TOKEN} image: gitea/act_runner:nightly volumes: # - ./config.yaml:/config.yaml - runner-data:/data - /var/run/docker.sock:/var/run/docker.sock networks: {} volumes: runner-data: driver: local ``` ```conf Fri Jul 19 2024 13:55:08 GMT-0700 (Mountain Standard Time) # ID 11 INSTANCE_URL=http://192.168.11.2:3000/ REGISTRATION_TOKEN=DjgUzQsGB4LgNeSpbHe2nLreB6gb7eYj4AbgcwYD RUNNER_NAME=beelink-dockge-phares3757 RUNNER_LABELS= ``` ## certbot duckdns ```bash Sun Jul 21 2024 12:02:19 GMT-0700 (Mountain Standard Time) noip2 -u 9zh94yf -p xrtvLiRNhScX # https://certbot.eff.org/instructions?ws=nginx&os=ubuntufocal certbot certonly --nginx # mikepharesjr@msn.com # 1: affirm.ddns.net # 2: codeserver.ddns.net # 3: dashkiosk.ddns.net # 4: dockge.ddns.net # 5: docmost.ddns.net # 6: gitea.ddns.net # 7: immich.ddns.net # 8: incus.ddns.net # 9: kestra.ddns.net # 10: lxconsole.ddns.net # 11: music.ddns.net # 12: phares.ddns.net # 13: phares3757.ddns.net # 14: quartz.ddns.net # 15: vaultwarden.ddns.net # 16: phares.duckdns.org # 17: docmost.phares.duckdns.org # 18: gitea.phares.duckdns.org # 19: immich.phares.duckdns.org # 20: music.phares.duckdns.org # 21: quartz.phares.duckdns.org # 22: vaultwarden.phares.duckdns.org # 13 1 16 17 18 19 20 21 22 # This certificate expires on 2024-10-19 ``` ## Pi-hole ```bash Sun Jul 21 2024 19:03:16 GMT-0700 (Mountain Standard Time) # https://canyoublockit.com/ curl -sSL https://install.pi-hole.net | bash apt install unbound -y # https://docs.pi-hole.net/guides/dns/unbound/ nano /etc/unbound/unbound.conf.d/pi-hole.conf ``` ```conf Sun Jul 21 2024 19:03:14 GMT-0700 (Mountain Standard Time) server: # If no logfile is specified, syslog is used # logfile: "/var/log/unbound/unbound.log" verbosity: 0 interface: 127.0.0.1 port: 5335 do-ip4: yes do-udp: yes do-tcp: yes # May be set to yes if you have IPv6 connectivity do-ip6: no # You want to leave this to no unless you have *native* IPv6. With 6to4 and # Terredo tunnels your web browser should favor IPv4 for the same reasons prefer-ip6: no # Use this only when you downloaded the list of primary root servers! # If you use the default dns-root-data package, unbound will find it automatically #root-hints: "/var/lib/unbound/root.hints" # Trust glue only if it is within the server's authority harden-glue: yes # Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS harden-dnssec-stripped: yes # Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes # see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details use-caps-for-id: no # Reduce EDNS reassembly buffer size. # IP fragmentation is unreliable on the Internet today, and can cause # transmission failures when large DNS messages are sent via UDP. Even # when fragmentation does work, it may not be secure; it is theoretically # possible to spoof parts of a fragmented DNS message, without easy # detection at the receiving end. Recently, there was an excellent study # >>> Defragmenting DNS - Determining the optimal maximum UDP response size for DNS <<< # by Axel Koolhaas, and Tjeerd Slokker (https://indico.dns-oarc.net/event/36/contributions/776/) # in collaboration with NLnet Labs explored DNS using real world data from the # the RIPE Atlas probes and the researchers suggested different values for # IPv4 and IPv6 and in different scenarios. They advise that servers should # be configured to limit DNS messages sent over UDP to a size that will not # trigger fragmentation on typical network links. DNS servers can switch # from UDP to TCP when a DNS response is too big to fit in this limited # buffer size. This value has also been suggested in DNS Flag Day 2020. edns-buffer-size: 1232 # Perform prefetching of close to expired message cache entries # This only applies to domains that have been frequently queried prefetch: yes # One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1. num-threads: 1 # Ensure kernel buffer is large enough to not lose messages in traffic spikes so-rcvbuf: 1m # Ensure privacy of local IP ranges private-address: 192.168.0.0/16 private-address: 169.254.0.0/16 private-address: 172.16.0.0/12 private-address: 10.0.0.0/8 private-address: fd00::/8 private-address: fe80::/10 ``` ```bash Sun Jul 21 2024 19:03:10 GMT-0700 (Mountain Standard Time) service unbound restart nano /etc/lighttpd/lighttpd.conf ``` ```conf Sun Jul 21 2024 19:03:02 GMT-0700 (Mountain Standard Time) ... server.port = 8007 ... ``` ```bash Sun Jul 21 2024 19:02:59 GMT-0700 (Mountain Standard Time) pihole -up service lighttpd restart pihole -a -p 484C889D0ED1EA4AB930AA518FE3B15E rm /etc/netplan/50-cloud-init.yaml nano /etc/netplan/00-installer-config.yaml ``` ```yaml Sun Jul 21 2024 19:02:57 GMT-0700 (Mountain Standard Time) network: ethernets: enp2s0: addresses: - 192.168.11.2/25 routes: - to: default via: 192.168.11.1 nameservers: addresses: [205.171.3.25, 205.171.2.25] version: 2 ``` ```bash Sun Jul 21 2024 19:05:27 GMT-0700 (Mountain Standard Time) chmod 600 /etc/netplan/*.yaml netplan apply reboot ```