30 KiB
30 KiB
created, type, updated
| created | type | updated |
|---|---|---|
| 2024-11-04T19:30:12.000Z | note | 2024-12-04T03:46:28.000Z |
Beelink Ubuntu and Docker July 2024
Dashkiosk
apt install snapd -y
apt install sudo links unzip nginx git nano ncdu -y
snap install dashkiosk
snap install ubuntu-frame wpe-webkit-mir-kiosk
snap set wpe-webkit-mir-kiosk daemon=true
snap set wpe-webkit-mir-kiosk url=http://localhost:9400/receiver
exit
wpe-webkit-mir-kiosk.cog http://localhost:9400/receiver
# ^C
/snap/wpe-webkit-mir-kiosk/current/bin/setup.sh
wpe-webkit-mir-kiosk.cog http://localhost:9400/receiver
# ^C
snap set ubuntu-frame daemon=true
exit
reboot
authorized_keys
cat /root/.ssh/authorized_keys
nano /root/.ssh/authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7khmvc9lTWHALZ/IOMcJNz/1SuvrU53fI43v4PxIJN # 92532396 2023-12-27 mikep@DESKTOP-VP94SPB
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGq7b8qtm4fgNxW2lxm+qoxm8Wz7+1uhLQCg7xSlKYL1 # 92683771 2024-01-01 mikep@DESKTOP-BMV4V66
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJqLFW9kYMp9lOTXXYafxLiUADFFKeM5KDzt02E3XeRP # 92691378 2024-01-01 cphar@DESKTOP-KA0LMMJ
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBkS+uvWevmhYNos6MJKVi2auAx6x+xlyOnnvbdEstsz # 92797978 2024-01-03 mikep@DESKTOP-GNECR7R
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKf5fo63+vyYa8E06+HOPg24e9VMsvv/kBsHKGjBBUyz # 92895319 2024-01-05 mike@mike-B365M-DS3H
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGM6ANLH/4dS0YqlsCyoXkznzkgIsDqCTk3YX01XVWd8 # 92909911 2024-01-06 mikep@DESKTOP-H6JG91B
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOwAv1vrRA29GYL0DFSE8nmD5q3gL+vVtFSwhrXObDo4 # 93288214 2024-01-13 infineon\phares@ISCN5CG3256CPS
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH1xPVOisKwW6Xwo/Yh1kx2smt2HJU2/pRjTJf4KdGXo # 97267150 2024-03-28 mike@mike-Default-string
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDz5WqCKsoaxV+LG/kufLNuiE9K3lqp+B3AqeKXGusX # 97442032 2024-04-01 lphar@DESKTOP-1238PEQ
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID09PhrjIpeNBmUeycnT3xKF8F5TcGL3ZKAvU9YdLj7H # 98747144 2024-04-25 mike@mike-Default-string
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIaZyTLpafZta8W8Uv6uWpgbbj4QL5dde9Rlf06PfdYc # 98824914 2024-04-26 k0308@DESKTOP-0UJ8DD5
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEFpucyp3FAHn8/9cXvfRegi09DkR6XLugoniEyQ9w0T # 98824924 2024-04-26 mille@DESKTOP-QL2HGEH
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOn/Ptg/k3rOJn32GxrL2J3Bazt/3M9fGWjzP+CW1qXK # 100900455 2024-06-03 lphares0907@penguin
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPMIxGucViHMHFXoM2VBPlvLvMgqNi2BUtTE/D4n778M # 101638217 2024-06-14 mikep@DESKTOP-VVO6KCM
Create Users
adduser lphares
mkdir /home/lphares/.ssh
cp /root/.ssh/authorized_keys /home/lphares/.ssh/authorized_keys
chown lphares:lphares -R /home/lphares
adduser bmiller
mkdir /home/bmiller/.ssh
cp /root/.ssh/authorized_keys /home/bmiller/.ssh/authorized_keys
chown bmiller:bmiller -R /home/bmiller
Log
ln -s /var/log/nginx /var/www/html/log-nginx
ls -la /var/www/html
exit
cp ~/.bash_history /etc/bash_history_2024-07-01.txt
cat /etc/bash_history_2024-07-01.txt
exit
apt install smartmontools
smartctl -i /dev/sda
```support is: Enabled
no-ip2
cd /usr/local/src/
wget http://www.noip.com/client/linux/noip-duc-linux.tar.gz
tar xf noip-duc-linux.tar.gz
ls
cd noip-2.1.9-1/
apt-get install make gcc -y
make install
# mikepharesjr@msn.com
# See KeePass
cat /usr/local/etc/no-ip2.conf
noip2 -C -u 9zh94yf -p xrtvLiRNhScX
cat /usr/local/etc/no-ip2.conf
# cd /usr/local/src/noip-2.1.9-1/binaries
# ./noip2-x86_64 -S
# cd ..
noip2 -S
exit
Directory Share
systemctl restart ssh
adduser bmiller lphares
sudo usermod -a -G lphares bmiller
newgrp lphares
# chmod 755 -R /home/lphares/dorico/
# chmod 750 /home/lphares
# chmod 750 /home/bmiller
Free File Sync
nginx
nginx -t
systemctl start nginx
nginx -s reload
certbot
# https://certbot.eff.org/instructions?ws=nginx&os=ubuntufocal
apt-get remove certbot -y
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
mkdir -p /var/www/certbot/.well-known/acme-challenge
touch /var/www/certbot/.well-known/acme-challenge/smwqgmeNx04tA3HC05I8_gtpqLTkjRAotHdfp0E5LnM
# certbot --nginx
certbot certonly --nginx
# mikepharesjr@msn.com
# 1: affirm.ddns.net
# 2: ansible.ddns.net
# 3: assistant.ddns.net
# 4: casa.ddns.net
# 5: dashkiosk.ddns.net
# 6: dockge.ddns.net
# 7: emby.ddns.net
# 8: filebrowser.ddns.net
# 9: gogs.ddns.net
# 10: gogs3757.ddns.net
# 11: immich.ddns.net
# 12: immich3757.ddns.net
# 13: invoice.ddns.net
# 14: music.ddns.net
# 15: music3757.ddns.net
# 16: nextcloud.ddns.net
# 17: owncast.ddns.net
# 18: phares.ddns.net
# 19: phares3757.ddns.net
# 20: photoprism.ddns.net
# 21: pihole.ddns.net
# 22: proxmox.ddns.net
# 23: readeck.ddns.net
# 24: syncthing.ddns.net
# 25: uptimekuma.ddns.net
# 26: vaultwarden.ddns.net
# 27: vscodium.ddns.net
# 19,10,12,15,1
# always pick phares3757 first!
# http://immich3757.ddns.net/.well-known/acme-challenge/smwqgmeNx04tA3HC05I8_gtpqLTkjRAotHdfp0E5LnM
systemctl list-timers
# q
# /etc/crontab/
# /etc/cron.*/*
certbot renew --dry-run
# https://www.f5.com/company/blog/nginx/using-free-ssltls-certificates-from-lets-encrypt-with-nginx
nano /etc/logrotate.d/letsencrypt
/var/log/letsencrypt/*.log {
rotate 12
weekly
compress
missingok
}
nginx -t
systemctl start nginx
nginx -s reload
Docker
docker run hello-world
docker ps -a
docker volume list
apt install podman-docker -y
exit
reboot
Dockge
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
rm get-docker.sh
mkdir -p /opt/stacks /opt/dockge
cd /opt/dockge
curl https://raw.githubusercontent.com/louislam/dockge/master/compose.yaml --output compose.yaml
docker compose up -d
# docker-compose up -d
Copy Slideshow Photos
lvs -a
lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE%
mkdir /mnt/usb
mount /dev/sdb2 /mnt/usb
cp -R /mnt/usb/var/www/html/Images-c9dbce3b-Results/thumbs/ /var/www/html/Images-c9dbce3b-Results/thumbs/
umount /mnt/usb
exit
reboot
# http://192.168.11.2:9400/admin
# Slideshow
# http://127.0.0.1:8080/slideshow/index.html?nocache=2024-07-01-11-36
# Local
# http://192.168.11.2:8080/slideshow/index.html?nocache=2024-07-01-11-36
Kestra
# L:\Git\Linux-Ubuntu-Server\opt\copy\kestra\compose.yaml
Immich
usermod -a -G docker phares
id
# uid=0(root) gid=0(root) groups=0(root),1003(docker)
su phares
# uid=1000(phares) gid=1000(phares) groups=1000(phares),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),101(lxd),1003(docker)
docker-compose exec immich_server id
# uid=0(root) gid=0(root) groups=0(root)
docker run --rm -it -v "/var/immich/photos:/host" ubuntu /bin/bash
# Error response from daemon: error while creating mount source path '/var/immich/photos' mkdir h: read-only file system
docker run --rm -it -v "/:/host" ubuntu /bin/bash
docker run --rm -it -v "/home/phares:/host" ubuntu /bin/bash
mkdir /host/test-2024-07-01
exit
ls /home/phares/test-2024-07-01
rm -r /home/phares/test-2024-07-01
lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE%
# L:\Git\Linux-Ubuntu-Server\opt\copy\immich\.env
# L:\Git\Linux-Ubuntu-Server\opt\copy\immich\compose.yaml
Incus
curl -fsSL https://pkgs.zabbly.com/key.asc | gpg --show-keys --fingerprint
mkdir -p /etc/apt/keyrings/
curl -fsSL https://pkgs.zabbly.com/key.asc -o /etc/apt/keyrings/zabbly.asc
sh -c 'cat <<EOF > /etc/apt/sources.list.d/zabbly-incus-lts-6.0.sources
Enabled: yes
Types: deb
URIs: https://pkgs.zabbly.com/incus/lts-6.0
Suites: $(. /etc/os-release && echo ${VERSION_CODENAME})
Components: main
Architectures: $(dpkg --print-architecture)
Signed-By: /etc/apt/keyrings/zabbly.asc
EOF'
apt-get update
apt-get install incus -y
incus config set core.https_address :8443
exit
reboot
apt install virt-viewer -y
usermod -aG incus-admin phares
newgrp incus-admin
groups
exit
reboot
apt install zfsutils-linux -y
exit
reboot
incus admin init
config:
core.https_address: '[::]:8443'
networks:
- config:
ipv4.address: auto
ipv6.address: none
description: ""
name: incusbr0
type: ""
project: default
storage_pools:
- config:
size: 132GiB
description: ""
name: default
driver: zfs
profiles:
- config: {}
description: ""
devices:
eth0:
name: eth0
network: incusbr0
type: nic
root:
path: /
pool: default
type: disk
name: default
projects: []
cluster: null
incus list
incus image list images:
incus launch images:ubuntu/22.04 first
-incus-virtual-machine-custom-installation
incus launch images:ubuntu/22.04/desktop Desktop --vm --console=vga
# (remote-viewer:7483): Gtk-WARNING **: 22:53:14.753: cannot open display:
incus config trust add DESKTOP-GNECR7R
Client DESKTOP-GNECR7R certificate add token:
# ...
incus remote add phares.ddns.net 192.168.11.2
incus remote list
incus remote switch phares.ddns.net
incus list
incus console Desktop --type=vga
apt install openvswitch-switch -y
# netplan apply
# incus profile create bridgeprofile
# incus profile device add bridgeprofile eth0 nic nictype=bridged parent=bridge0
# incus launch images:ubuntu/22.04 second --profile default --profile bridgeprofile
incus list
incus launch images:ubuntu/22.04 second
incus exec second bash
# snap install lxdmosaic
# https://192.168.11.2:8443/ui/
# incus config set core.https_address [::]
# incus config set core.trust_password 1178thisIsA7
# incus config set core.https_address :8443
nano lxconsole.crt
# ...
incus config trust add-certificate lxconsole.crt
incus config set core.https_address=[::]:8443
Docker html-to-pdf
timedatectl set-timezone America/Phoenix
cd /home/phares
# cd /var/www/html/pdf
mkdir -p /var/www/html/pdf
url="http://192.168.11.2:5001"
backup_time=$(date +'%H-%M-%S')
backup_date=$(date +'%Y-%m-%d')
echo "${backup_date}---${backup_time}.pdf"
# docker run -v "$(pwd):/workspace" pink33n/html-to-pdf --url http://google.com --pdf out.pdf
docker run -v "$(pwd):/workspace" pink33n/html-to-pdf --url "${url}" --pdf "${backup_date}---${backup_time}.pdf"
mv "${backup_date}---${backup_time}.pdf" /var/www/html/pdf/.
ls -la /var/www/html/pdf
# rm /var/www/html/pdf/*
Incus Import from Proxmox
# 115-turnkey-gitea
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-115-turnkey-gitea.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-115-turnkey-gitea-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-115-2024_07_02-16_08_37.tar.gz
incus launch proxmox-115-turnkey-gitea-image 115-turnkey-gitea -c boot.autostart=true
incus exec 115-turnkey-gitea bash
#
# 118-turnkey-oddo
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-118-turnkey-oddo.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-118-turnkey-oddo-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-118-2024_07_02-16_14_09.tar.gz
incus launch proxmox-118-turnkey-oddo-image 118-turnkey-oddo -c boot.autostart=true
incus exec 118-turnkey-oddo bash
#
# 122-vaultwarden
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-122-vaultwarden.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-122-vaultwarden-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-122-2024_07_02-16_41_20.tar.gz
incus launch proxmox-122-vaultwarden-image 122-vaultwarden -c boot.autostart=true
incus exec 122-vaultwarden bash
#
Incus Import from Proxmox Maybe
# 114-turnkey-ansible
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-114-turnkey-ansible.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-114-turnkey-ansible-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-114-2024_07_02-16_07_21.tar.gz
incus launch proxmox-114-turnkey-ansible-image 114-turnkey-ansible -c boot.autostart=true
incus exec 114-turnkey-ansible bash
#
# 116-turnkey-invoice
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-116-turnkey-invoice.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-116-turnkey-invoice-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-116-2024_07_02-16_09_49.tar.gz
incus launch proxmox-116-turnkey-invoice-image 116-turnkey-invoice -c boot.autostart=true
incus exec 116-turnkey-invoice bash
#
# 117-turnkey-nextcloud
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-117-turnkey-nextcloud.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-117-turnkey-nextcloud-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-117-2024_07_02-16_12_14.tar.gz
incus launch proxmox-117-turnkey-nextcloud-image 117-turnkey-nextcloud -c boot.autostart=true
incus exec 117-turnkey-nextcloud bash
#
# 119-turnkey-observium
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-119-turnkey-observium.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-119-turnkey-observium-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-119-2024_07_02-16_16_59.tar.gz
incus launch proxmox-119-turnkey-observium-image 119-turnkey-observium -c boot.autostart=true
incus exec 119-turnkey-observium bash
#
# 120-turnkey-zoneminder
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-120-turnkey-zoneminder.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-120-turnkey-zoneminder-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-120-2024_07_02-16_19_58.tar.gz
incus launch proxmox-120-turnkey-zoneminder-image 120-turnkey-zoneminder -c boot.autostart=true
incus exec 120-turnkey-zoneminder bash
#
# 121-turnkey-faveo-helpdesk
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-121-turnkey-faveo-helpdesk.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-121-turnkey-faveo-helpdesk-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-121-2024_07_02-16_21_18.tar.gz
incus launch proxmox-121-turnkey-faveo-helpdesk-image 121-turnkey-faveo-helpdesk -c boot.autostart=true
incus exec 121-turnkey-faveo-helpdesk bash
#
# 123-wastebin
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-123-wastebin.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-123-wastebin-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-123-2024_07_02-16_44_34.tar.gz
incus launch proxmox-123-wastebin-image 123-wastebin -c boot.autostart=true
incus exec 123-wastebin bash
#
# 124-readeck
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-124-readeck.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-124-readeck-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-124-2024_07_02-16_47_02.tar.gz
incus launch proxmox-124-readeck-image 124-readeck -c boot.autostart=true
incus exec 124-readeck bash
#
# 125-ntfy
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-125-ntfy.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-125-ntfy-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-125-2024_07_02-16_47_58.tar.gz
incus launch proxmox-125-ntfy-image 125-ntfy -c boot.autostart=true
incus exec 125-ntfy bash
#
# 126-commafeed
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-126-commafeed.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-126-commafeed-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-126-2024_07_02-16_49_32.tar.gz
incus launch proxmox-126-commafeed-image 126-commafeed -c boot.autostart=true
incus exec 126-commafeed bash
#
# 127-actualbudget
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-127-actualbudget.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-127-actualbudget-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-127-2024_07_02-16_50_52.tar.gz
incus launch proxmox-127-actualbudget-image 127-actualbudget -c boot.autostart=true
incus exec 127-actualbudget bash
#
# 128-forgejo
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-128-forgejo.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-128-forgejo-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-128-2024_07_02-16_52_26.tar.gz
incus launch proxmox-128-forgejo-image 128-forgejo -c boot.autostart=true
incus exec 128-forgejo bash
#
# 129-homepage
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-129-homepage.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-129-homepage-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-129-2024_07_02-16_53_41.tar.gz
incus launch proxmox-129-homepage-image 129-homepage -c boot.autostart=true
incus exec 129-homepage bash
#
# 132-redis
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-132-redis.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-132-redis-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-132-2024_07_02-16_55_20.tar.gz
incus launch proxmox-132-redis-image 132-redis -c boot.autostart=true
incus exec 132-redis bash
#
# 133-postgresql
rm /home/free-file-sync/proxmox/metadata.tar.gz
cp /home/free-file-sync/proxmox/vzdump-lxc-133-postgresql.tar.gz /home/free-file-sync/proxmox/metadata.tar.gz
incus image import --alias=proxmox-133-postgresql-image /home/free-file-sync/proxmox/metadata.tar.gz /home/free-file-sync/proxmox/vzdump-lxc-133-2024_07_02-16_56_14.tar.gz
incus launch proxmox-133-postgresql-image 133-postgresql -c boot.autostart=true
incus exec 133-postgresql bash
#
Import Immich to Docker
lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE%
docker start immich_postgres
gunzip < "/home/free-file-sync/proxmox/dump.sql.gz" \
| sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
| docker exec -i immich_postgres psql --username=postgres
cd /home
tar -tvf free-file-sync/proxmox/upload.tar
tar -tvf free-file-sync/proxmox/upload.tar usr/src/app/upload/library
docker run --rm --volumes-from immich_server -v $(pwd):/backup ubuntu bash -c "cd /usr/src/app/upload && ls -la"
docker run --rm --volumes-from immich_server -v $(pwd):/restore ubuntu tar xvf /restore/free-file-sync/proxmox/upload.tar --strip 1
certbot
noip2 -u 9zh94yf -p xrtvLiRNhScX
# https://certbot.eff.org/instructions?ws=nginx&os=ubuntufocal
certbot certonly --nginx
# mikepharesjr@msn.com
# 1: affirm.ddns.net
# 2: dashkiosk.ddns.net
# 3: dockge.ddns.net
# 4: gitea.ddns.net
# 5: gitea3757.ddns.net
# 6: immich.ddns.net
# 7: immich3757.ddns.net
# 8: incus.ddns.net
# 9: kestra.ddns.net
# 10: lxconsole.ddns.net
# 11: music.ddns.net
# 12: music3757.ddns.net
# 13: phares.ddns.net
# 14: phares3757.ddns.net
# 15: vaultwarden.ddns.net
# 14,1,5,7,12
# always pick phares3757 first!
listen" directive is not allowed here in
HP Printer
# apt-get install --assume-yes libcups2 cups libcups2-dev cups-bsd cups-client avahi-utils libavahi-client-dev libavahi-core-dev libavahi-common-dev libcupsimage2-dev libdbus-1-dev build-essential gtk2-engines-pixbuf ghostscript openssl libjpeg-dev libatk-adaptor libgail-common libsnmp-dev snmp-mibs-downloader libtool libtool-bin libusb-1.0-0-dev libusb-0.1-4 wget policykit-1 policykit-1-gnome automake1.11 python3-dbus.mainloop.pyqt5 python3-reportlab python3-notify2 python3-pyqt5 python3-dbus python3-gi python3-lxml python3-dev python3-pil python-is-python3 libsane libsane-dev sane-utils xsane -y
apt-get install --assume-yes libcups2t64 cups cups-bsd cups-client avahi-utils libavahi-client-dev libavahi-core-dev libavahi-common-dev libcupsimage2-dev libdbus-1-dev build-essential gtk2-engines-pixbuf ghostscript openssl libjpeg-dev libatk-adaptor libgail-common libsnmp-dev snmp-mibs-downloader libtool libtool-bin libusb-1.0-0-dev libusb-0.1-4 wget policykit-1 policykit-1-gnome automake1.11 python3-dbus.mainloop.pyqt5 python3-reportlab python3-notify2 python3-pyqt5 python3-dbus python3-gi python3-lxml python3-dev python3-pil python-is-python3 sane-utils xsane -y
Gitea Runner
cd /home/phares
wget https://gitea.com/gitea/act_runner/releases/download/v0.2.10/act_runner-0.2.10-linux-amd64
chmod +x act_runner-0.2.10-linux-amd64
./act_runner-0.2.10-linux-amd64 -v
./act_runner-0.2.10-linux-amd64 register --no-interactive --instance http://192.168.11.2:3000/ --token asdf
./act_runner-0.2.10-linux-amd64 daemon
cd /home/phares
cat .runner
./act_runner-0.2.10-linux-amd64 daemon
cp /home/phares/act_runner-0.2.10-linux-amd64 /usr/local/bin/act_runner
./act_runner-0.2.10-linux-amd64 register --no-interactive --config /etc/act_runner/config.yaml --instance http://192.168.11.2:3000/ --name beelink-cmd-phares3757 --token asdf
# gitea-runner
version: "3.8"
services:
runner:
environment:
# CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: ${INSTANCE_URL}
GITEA_RUNNER_LABELS: ${RUNNER_LABELS}
GITEA_RUNNER_NAME: ${RUNNER_NAME}
GITEA_RUNNER_REGISTRATION_TOKEN: ${REGISTRATION_TOKEN}
image: gitea/act_runner:nightly
volumes:
# - ./config.yaml:/config.yaml
- runner-data:/data
- /var/run/docker.sock:/var/run/docker.sock
networks: {}
volumes:
runner-data:
driver: local
# ID 11
INSTANCE_URL=http://192.168.11.2:3000/
REGISTRATION_TOKEN=DjgUzQsGB4LgNeSpbHe2nLreB6gb7eYj4AbgcwYD
RUNNER_NAME=beelink-dockge-phares3757
RUNNER_LABELS=
certbot duckdns
noip2 -u 9zh94yf -p xrtvLiRNhScX
# https://certbot.eff.org/instructions?ws=nginx&os=ubuntufocal
certbot certonly --nginx
# mikepharesjr@msn.com
# 1: affirm.ddns.net
# 2: codeserver.ddns.net
# 3: dashkiosk.ddns.net
# 4: dockge.ddns.net
# 5: docmost.ddns.net
# 6: gitea.ddns.net
# 7: immich.ddns.net
# 8: incus.ddns.net
# 9: kestra.ddns.net
# 10: lxconsole.ddns.net
# 11: music.ddns.net
# 12: phares.ddns.net
# 13: phares3757.ddns.net
# 14: quartz.ddns.net
# 15: vaultwarden.ddns.net
# 16: phares.duckdns.org
# 17: docmost.phares.duckdns.org
# 18: gitea.phares.duckdns.org
# 19: immich.phares.duckdns.org
# 20: music.phares.duckdns.org
# 21: quartz.phares.duckdns.org
# 22: vaultwarden.phares.duckdns.org
# 13 1 16 17 18 19 20 21 22
# This certificate expires on 2024-10-19
Pi-hole
# https://canyoublockit.com/
curl -sSL https://install.pi-hole.net | bash
apt install unbound -y
# https://docs.pi-hole.net/guides/dns/unbound/
nano /etc/unbound/unbound.conf.d/pi-hole.conf
server:
# If no logfile is specified, syslog is used
# logfile: "/var/log/unbound/unbound.log"
verbosity: 0
interface: 127.0.0.1
port: 5335
do-ip4: yes
do-udp: yes
do-tcp: yes
# May be set to yes if you have IPv6 connectivity
do-ip6: no
# You want to leave this to no unless you have *native* IPv6. With 6to4 and
# Terredo tunnels your web browser should favor IPv4 for the same reasons
prefer-ip6: no
# Use this only when you downloaded the list of primary root servers!
# If you use the default dns-root-data package, unbound will find it automatically
#root-hints: "/var/lib/unbound/root.hints"
# Trust glue only if it is within the server's authority
harden-glue: yes
# Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS
harden-dnssec-stripped: yes
# Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes
# see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details
use-caps-for-id: no
# Reduce EDNS reassembly buffer size.
# IP fragmentation is unreliable on the Internet today, and can cause
# transmission failures when large DNS messages are sent via UDP. Even
# when fragmentation does work, it may not be secure; it is theoretically
# possible to spoof parts of a fragmented DNS message, without easy
# detection at the receiving end. Recently, there was an excellent study
# >>> Defragmenting DNS - Determining the optimal maximum UDP response size for DNS <<<
# by Axel Koolhaas, and Tjeerd Slokker (https://indico.dns-oarc.net/event/36/contributions/776/)
# in collaboration with NLnet Labs explored DNS using real world data from the
# the RIPE Atlas probes and the researchers suggested different values for
# IPv4 and IPv6 and in different scenarios. They advise that servers should
# be configured to limit DNS messages sent over UDP to a size that will not
# trigger fragmentation on typical network links. DNS servers can switch
# from UDP to TCP when a DNS response is too big to fit in this limited
# buffer size. This value has also been suggested in DNS Flag Day 2020.
edns-buffer-size: 1232
# Perform prefetching of close to expired message cache entries
# This only applies to domains that have been frequently queried
prefetch: yes
# One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1.
num-threads: 1
# Ensure kernel buffer is large enough to not lose messages in traffic spikes
so-rcvbuf: 1m
# Ensure privacy of local IP ranges
private-address: 192.168.0.0/16
private-address: 169.254.0.0/16
private-address: 172.16.0.0/12
private-address: 10.0.0.0/8
private-address: fd00::/8
private-address: fe80::/10
service unbound restart
nano /etc/lighttpd/lighttpd.conf
...
server.port = 8007
...
pihole -up
service lighttpd restart
pihole -a -p 484C889D0ED1EA4AB930AA518FE3B15E
rm /etc/netplan/50-cloud-init.yaml
nano /etc/netplan/00-installer-config.yaml
network:
ethernets:
enp2s0:
addresses:
- 192.168.11.2/25
routes:
- to: default
via: 192.168.11.1
nameservers:
addresses: [205.171.3.25, 205.171.2.25]
version: 2
chmod 600 /etc/netplan/*.yaml
netplan apply
reboot