phares3757/linux-proxmox-server
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: phares3757:main
Branches Tags
phares3757:main
phares3757:11-25
phares3757:11-23
...
pull from: phares3757:11-23
Branches Tags
phares3757:11-25
phares3757:11-23
phares3757:main

1 Commits
main ... 11-23

Author SHA1 Message Date
Mike Phares
b32f5ee0b8 2024-11-23 2024-11-23 22:34:08 -07:00
32 changed files with 887 additions and 18 deletions
Show Stats Expand all files Collapse all files

3
.gitignore vendored
View File

@ -43,15 +43,18 @@
!etc/dnsmasq.d/* !etc/dnsmasq.d/*
!etc/fstab/* !etc/fstab/*
!etc/netplan/* !etc/netplan/*
!etc/nginx/include/*
!etc/nginx/sites-available/* !etc/nginx/sites-available/*
!etc/mysql/mariadb.conf.d/* !etc/mysql/mariadb.conf.d/*
!etc/php/* !etc/php/*
!etc/postgresql/* !etc/postgresql/*
!etc/wsl/* !etc/wsl/*
!etc/dnsmasq.d/SDN/*
!etc/letsencrypt/**/* !etc/letsencrypt/**/*
!opt/copy/**/* !opt/copy/**/*
!opt/dockge/**/*.yaml
!root/**/*container !root/**/*container
!home/podman/**/*volume !home/podman/**/*volume

8
.vscode/settings.json vendored
View File

@ -3,5 +3,11 @@
"*.container": "ini", "*.container": "ini",
"*.org": "ini", "*.org": "ini",
"*.net": "ini" "*.net": "ini"
} },
"cSpell.words": [
"diskstation",
"dockge",
"neko",
"phares"
]
} }

500
etc/bash_history_2024-11-23.txt Normal file
View File

@ -0,0 +1,500 @@
nginx -t
nginx -s reload
exit
ln -s /var/log/nginx /var/www/html/log-nginx
ls -la /var/www/html
cp ~/.bash_history /etc/bash_history_2024-11-05.txt
cat /etc/bash_history_2024-11-05.txt
exit
apt-get install podman -y
apt-cache rdepends podman-compose
apt-get install podman-compose -y
apt-get install sudo
mkdir /home/podman/.ssh
cp /root/.ssh/authorized_keys /home/podman/.ssh/authorized_keys
chown podman:podman -R /home/podman
adduser podman sudo
loginctl enable-linger
sudo -iu podman
podman --version
sudo -iu podman
sudo -iu podman
mkdir -p /run/user/1000/
chown -R podman:podman /run/user/1000/
sudo -iu podman
sudo -iu podman
sudo -iu podman
systemctl --user start uptime-kuma-server
systemctl start uptime-kuma-server
sudo -iu podman
sudo -iu podman
find / -name "*fedora*" 2>/dev/null
nano /usr/share/lxc/config/fedora.common.conf
nano /usr/share/lxc/config/fedora.common.conf
nano /usr/share/lxc/config/fedora.common.conf
nano /usr/share/lxc/config/fedora.common.conf
nano /usr/share/lxc/config/fedora.userns.conf
sudo -iu podman
sudo -iu podman
sudo -iu podman
sudo -iu podman
sudo -iu podman
sudo -iu podman
sudo -iu podman
chown -R podman:podman /home/podman
sudo -iu podman
apt install podman-quadlet
ls -la /usr/libexec/podman
systemctl -l | grep -i rootlessport
ps aux | grep rootlessport
whereis podman-generate-systemd
exit
clear
apt list --installed
sudo -iu podman
exit
sudo -iu podman
exit
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/ubuntu.sh)"
apt-get install podman-compose -y
exit
pip3 install podman-compose
systemctl enable podmand
apt install podman
systemctl enable podmand
podman --version
systemctl enable podman.socket
systemctl start podman.socket
systemctl status podman.socket
apt-get install cockpit cockpit-podman -y
systemctl enable --now cockpit.socket
sudo -iu podman
apt install software-properties-common uidmap -y
sudo -iu podman
apt-get install -y libapparmor-dev
cd /tmp/acme.sh
ls /root/.acme.sh/
./acme.sh --issue --dns dns_duckdns -d '*.phares.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory
cd /tmp
git clone https://github.com/acmesh-official/acme.sh.git
cd /tmp/acme.sh
./acme.sh --install -m mikepharesjr@msn.com
export DuckDNS_Token=1d3fc707-7052-4459-a624-fb01250f00b9
echo $DuckDNS_Token
./acme.sh --register-account -m mikepharesjr@msn.com
./acme.sh --set-default-ca --server letsencrypt
./acme.sh --issue --dns dns_duckdns -d '*.phares.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory
ls
ls /root/.acme.sh/
cd /root/.acme.sh/
cp -R \*.phares.duckdns.org_ecc/ wild-phares
cd wild-phares/
ls
mv \*.phares.duckdns.org.cer phares.duckdns.org.cer
mv \*.phares.duckdns.org.conf phares.duckdns.org.conf
mv \*.phares.duckdns.org.csr phares.duckdns.org.csr
mv \*.phares.duckdns.org.csr.conf phares.duckdns.org.csr.conf
mv \*.phares.duckdns.org.key phares.duckdns.org.key
ls
cd ..
cd ..
cd /tmp/
cd acme.sh/
ls
./acme.sh --issue --dns dns_duckdns -d '*.affirm.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory
cp -R \*.affirm.duckdns.org_ecc/ wild-affirm
cp -R \*.affirm.duckdns.org_ecc/ wild-affirm
cp -R /root/.acme.sh/\*.affirm.duckdns.org_ecc/ /root/.acme.sh/wild-affirm
mv /root/.acme.sh/\*.affirm.duckdns.org.cer /root/.acme.sh/affirm.duckdns.org.cer
mv /root/.acme.sh/\*.affirm.duckdns.org.conf /root/.acme.sh/affirm.duckdns.org.conf
mv /root/.acme.sh/\*.affirm.duckdns.org.csr /root/.acme.sh/affirm.duckdns.org.csr
mv /root/.acme.sh/\*.affirm.duckdns.org.csr.conf /root/.acme.sh/affirm.duckdns.org.csr.conf
mv /root/.acme.sh/\*.affirm.duckdns.org.key /root/.acme.sh/affirm.duckdns.org.key
mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.cer /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer
mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.conf /root/.acme.sh/wild-affirm/affirm.duckdns.org.conf
mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.csr /root/.acme.sh/wild-affirm/affirm.duckdns.org.csr
mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.csr.conf /root/.acme.sh/wild-affirm/affirm.duckdns.org.csr.conf
mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key
nginx -t
nginx -s reload
exit
rm -R /root/.acme.sh/affirm.duckdns.org_ecc/
cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs
cd /root/.acme.sh/
ls -la
cd /tmp/
cd acme.sh/
./acme.sh --issue --dns dns_duckdns -d '*.bchs.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory
cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.cer /root/.acme.sh/wild-bchs/bchs.duckdns.org.cer
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.conf
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr.conf
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.key /root/.acme.sh/wild-bchs/bchs.duckdns.org.key
cd /root/.acme.sh/
ls
cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs
cp -R /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.cer /root/.acme.sh/wild-bchs/bchs.duckdns.org.cer
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.conf
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr.conf
mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.key /root/.acme.sh/wild-bchs/bchs.duckdns.org.key
exit
nginx -t
nginx -t
nginx -s reload
nginx -s reload
exit
nano /etc/cockpit/cockpit.conf
systemctl restart cockpit
journalctl -u cockpit
systemctl restart cockpit.service
systemctl restart cockpit.socket
exit
systemctl restart cockpit.socket
systemctl restart cockpit.service
journalctl -u cockpit
systemctl stop cockpit
systemctl stop cockpit.socket
exit
mv /etc/cockpit/ws-certs.d/0-self-signed.cert /etc/cockpit/ws-certs.d/0-self-signed.cert.old
mv /etc/cockpit/ws-certs.d/0-self-signed.key /etc/cockpit/ws-certs.d/0-self-signed.key.old
cp /root/.acme.sh/wild-affirm/fullchain.cer /etc/cockpit/ws-certs.d/0-self-signed.cert
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /etc/cockpit/ws-certs.d/0-self-signed.key
systemctl start cockpit
journalctl -xeu cockpit.service
systemctl start cockpit
systemctl start cockpit.socket
systemctl start cockpit
systemctl status cockpit.service
ls -la /etc/cockpit/ws-certs.d
exit
chmod 774 -R /etc/cockpit/ws-certs.d
systemctl start cockpit
systemctl status cockpit.service
systemctl start cockpit.socket
systemctl start cockpit
systemctl stop cockpit
systemctl start cockpit
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /etc/cockpit/ws-certs.d/0-self-signed.cert
ls -la /etc/cockpit/ws-certs.d
chmod 774 -R /etc/cockpit/ws-certs.d
ls -la /etc/cockpit/ws-certs.d
systemctl start cockpit
journalctl -u cockpit
systemctl start cockpit.soket
systemctl start cockpit.socket
cat /etc/cockpit/ws-certs.d/0-self-signed.cert
exit
cat /etc/cockpit/ws-certs.d/0-self-signed.key
exit
systemctl start cockpit
exit
systemctl stop cockpit
systemctl stop cockpit.socket
systemctl start cockpit
systemctl start cockpit.socket
journalctl -u cockpit
journalctl -u cockpit
journalctl --rotate
journalctl --vacuum-time=1s
journalctl -u cockpit
journalctl -u cockpit
journalctl -u cockpit
journalctl -u cockpit
nano /etc/cockpit/cockpit.conf
ngnix -t
nginx -t
nginx -s reload
exit
sudo -iu podman
exit
cp ~/.bash_history /etc/bash_history_2024-11-11.txt
cat /etc/bash_history_2024-11-11.txt
ls
ls -la
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)"
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)"
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)"
/etc/network/interfaces
ls /etc/network/interfaces
cat /etc/network/interfaces
ping 192.168.31.31
ping 192.168.31.32
ngnix -t
nginx -s reload
links http://192.168.31.31:3001
links http://192.168.31.31:3001
links http://192.168.31.31
links http://192.168.31.31:3002
links http://192.168.31.32:3001
nginx -s reload
nginx -s reload
nginx -s reload
nginx -s reload
links http://192.168.31.65:3001
links https://192.168.31.65:3001
links http://192.168.31.12:8006
links http://192.168.31.12:8006
nginx -s reload
nginx -s reload
cat /etc/systemd/system/getty@.service.d/autologin.conf
pct enter 100
nginx -s reload
pct enter 100
pct enter 101
pct enter 100
nginx -s reload
pct enter 100
mkdir /mnt/vm-100-disk-0
mount /dev/pve/vm-100-disk-0 /mnt/vm-100-disk-0
cd /mnt/vm-100-disk-0
ls -la
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /certs/server.cert
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key
mkdir /mnt/vm-100-disk-0/certs
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key
ls
cd certs/
ls
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /certs/server.cert
nano /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /mnt/vm-100-disk-0/certs/server.cert
cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /mnt/vm-100-disk-0/certs/server.key
ls
ls -la
umount /mnt/vm-100-disk-0
cd /
umount /mnt/vm-100-disk-0
cd /mnt/vm-100-disk-0
ls
pct enter 100
pct enter 100
pct enter 100
links http://192.168.31.39:3001
links http://192.168.31.39:3004
links https://192.168.31.39:3001
nginx -s reload
links https://192.168.31.39:3001
ip a
pct enter 100
pct enter 100
pct enter 100
nginx -s reload
pct enter 100
nano /etc/hosts
pct enter 100
ping mattermost.phares.duckdns.org
curl https://mattermost.phares.duckdns.org
pct enter 100
exit
links http://192.168.31.12:8084/
cp /var/www/html /var/www/html-quartz
cp -R /var/www/html /var/www/html-quartz
links http://192.168.31.12:8084/
nginx -s reload
nginx -s reload
links http://192.168.31.12:8084/
ls -la /var/www/html-quartz
r -r /var/www/html-quartz/log-nginx
rm -R /var/www/html-quartz/log-nginx
ls -la /var/www/html-quartz
mv /var/www/html-quartz/index.nginx-debian.html index.html
links http://192.168.31.12:8084/
ls
mv index.html /var/www/html-quartz/
ls
links http://192.168.31.12:8084/
links http://192.168.31.12:8084/
exit
cd /run/user/1000/
cd systemd/
ls -la
nano generator.late/
cd generator.late/
ls
cd ..
mkdir /run/user/1000/systemd/generator
cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
cd generator
ls
sudo -iu podman
sudo -iu podman
ls -la /run/user/1000/systemd/generator/neko-server.service
ls -la /run/user/1000/systemd/generator
ls -la /run/user/1000/systemd
mkdir /run/user/1000/systemd/generator
cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
sudo -iu podman
nginx -s reload
nginx -s reload
sudo -iu podman
cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
mkdir /run/user/1000/systemd/generator
cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
exit
mkdir /run/user/1000/systemd/generator
cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
sudo -iu podman
nginx -s reload
exit
cat /etc/network/interfaces
apt update
apt install dnsmasq -y
systemctl disable --now dnsmasq
apt install frr-pythontools -y
exit
exit
cat /etc/network/interfaces
nginx -s reload
links http://192.168.32.100:3001
curl http://192.168.32.100:3001
curl http://192.168.32.100:3001
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu2404-vm.sh)"
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu2404-vm.sh)"
bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/adguard.sh)"
curl http://192.168.32.100:3001
snap remove addguard
snap remove addguardhome
snap remove adguardhome
snap remove adguard
snap remove adguard-home
snap install adguard-home
curl http:192.168.31.12:3000
curl http://192.168.31.12:3000
nginx -s reload
nginx -s reload
curl http:192.168.31.100:3002
curl http://192.168.31.100:3002
curl http://192.168.31.100:3000
curl http://192.168.31.100:3001
curl http://192.168.31.100:3001
ping 192.168.32.100
curl http://192.168.32.100:3002
curl http://192.168.32.100:3001
links http://192.168.32.100:3001/
nginx -s reload
pct enter 100
curl http://192.168.32.100:3001
curl http://192.168.32.100:3001/dashboardroot
nano /etc/dnsmasq.d/SDN/ethers
pct enter 100
nano /etc/hosts
pct enter 100
pct enter 100
nano /etc/hosts
pct modify /etc/hosts 100
exit
cat /var/lib/misc/dnsmasq.SDN.leases
exit
mviewcl
lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE%
docker
exit
snap info
snap
snap find
snap list
exit
cd /tmp
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
docker ps -a
exit
cd /tmp
mkdir -p /opt/stacks /opt/dockge
cd /opt/dockge
curl https://raw.githubusercontent.com/louislam/dockge/master/compose.yaml --output compose.yaml
docker compose up -d
nginx -s reload
nginx -s reload
apt install podman-docker
/usr/libexec/podman/quadlet -dryrun --user
apt install podman-docker
docker down
docker
docker stop
docker ls
docker ps a
docker ps -a
docker stop c
nginx -s reload
docker compose up -d
docker ps -a
docker stop c
docker compose up -d
nginx -s reload
curl http://192.168.31.12:5800
nginx -s reload
nginx -s reload
nginx -s reload
docker exec -it firefox bash
docker ps -a
docker exec -it 1 bash
docker exec -it 1 sh
exit
exit
exit
docker exec -it 1 bash
docker exec -it firefox bash
docker ps a
docker ps -a
docker exec -it 1 bash
docker exec -it 1 sh
snap list
nginx -s reload
snap install dotnet-sdk --classic --channel latest/stable
export DOTNET_ROOT=/snap/dotnet-sdk/current
~/.bashrc
dotnet --info
exit
cd /tmp/
git clone https://33aada599f8e245782e68931fe2629a959af5d26@gitea.phares.duckdns.org/phares3757/one-review.git
cd one-review/
git checkout origin/11-17
git log -1
docker compose -up
docker compose up
docker compose up
nano docker-compose.yaml
exit
links http://localhost:5001
links http://192.168.11.2:5001
exit
nginx -s reload
links http://localhost:5000/Products
exit
cd /tmp/
cd one-review/
nano docker-compose.yaml
docker compose up
docker ps -a\
docker ps -a
docker images ls
docker image ls
git pull origin 11-17
git log -1
git reset --hard
git log -1
git pull origin 11-17
git log -1
docker compose up
docker ps -a
docker image ls
docker compose up
docker compose up
dotnet run --project src/OneReview
dotnet run --project src/OneReview
docker image ls
docker image ls
docker image rm 0f
docker image rm 0f
docker ps -a
docker container rm e5
docker image rm 0f
docker compose up
exit
nginx -t
nginx -s reload

7
etc/dnsmasq.d/README Normal file
View File

@ -0,0 +1,7 @@
# All files in this directory will be read by dnsmasq as
# configuration files, except if their names end in
# ".dpkg-dist",".dpkg-old" or ".dpkg-new"
#
# This can be changed by editing /etc/default/dnsmasq

24
etc/dnsmasq.d/SDN/00-default.conf Normal file
View File

@ -0,0 +1,24 @@
except-interface=lo
enable-ra
quiet-ra
bind-dynamic
no-hosts
dhcp-leasefile=/var/lib/misc/dnsmasq.SDN.leases
dhcp-hostsfile=/etc/dnsmasq.d/SDN/ethers
dhcp-ignore=tag:!known
dhcp-option=26,1500
ra-param=*,mtu:1500,0
# Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave.
dhcp-option=252,"\n"
# Send microsoft-specific option to tell windows to release the DHCP lease
# when it shuts down. Note the "i" flag, to tell dnsmasq to send the
# value as a four-byte integer - that's what microsoft wants.
dhcp-option=vendor:MSFT,2,1i
# If a DHCP client claims that its name is "wpad", ignore that.
# This fixes a security hole. see CERT Vulnerability VU#598349
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore

3
etc/dnsmasq.d/SDN/10-SDN.conf Normal file
View File

@ -0,0 +1,3 @@
dhcp-option=tag:SDN-192.168.32.1-25,option:router,192.168.32.1
dhcp-range=set:SDN-192.168.32.1-25,192.168.32.1,static,255.255.255.128,infinite
interface=SDN

2
etc/dnsmasq.d/SDN/ethers Normal file
View File

@ -0,0 +1,2 @@
BC:24:11:D6:FC:B3,192.168.32.100
BC:24:11:6A:65:00,192.168.32.101

3
etc/group
View File

@ -59,3 +59,6 @@ cockpit-ws:x:117:
cockpit-wsinstance:x:118: cockpit-wsinstance:x:118:
polkitd:x:997: polkitd:x:997:
podman:x:1000: podman:x:1000:
frrvty:x:119:frr
frr:x:120:
docker:x:996:

4
etc/group-
View File

@ -18,7 +18,7 @@ voice:x:22:
cdrom:x:24: cdrom:x:24:
floppy:x:25: floppy:x:25:
tape:x:26: tape:x:26:
sudo:x:27: sudo:x:27:podman
audio:x:29: audio:x:29:
dip:x:30: dip:x:30:
www-data:x:33: www-data:x:33:
@ -59,3 +59,5 @@ cockpit-ws:x:117:
cockpit-wsinstance:x:118: cockpit-wsinstance:x:118:
polkitd:x:997: polkitd:x:997:
podman:x:1000: podman:x:1000:
frrvty:x:119:frr
frr:x:120:

3
etc/gshadow
View File

@ -59,3 +59,6 @@ cockpit-ws:!::
cockpit-wsinstance:!:: cockpit-wsinstance:!::
polkitd:!*:: polkitd:!*::
podman:!:: podman:!::
frrvty:!::frr
frr:!::
docker:!::

4
etc/gshadow-
View File

@ -18,7 +18,7 @@ voice:*::
cdrom:*:: cdrom:*::
floppy:*:: floppy:*::
tape:*:: tape:*::
sudo:*:: sudo:*::podman
audio:*:: audio:*::
dip:*:: dip:*::
www-data:*:: www-data:*::
@ -59,3 +59,5 @@ cockpit-ws:!::
cockpit-wsinstance:!:: cockpit-wsinstance:!::
polkitd:!*:: polkitd:!*::
podman:!:: podman:!::
frrvty:!::frr
frr:!::

12
etc/hosts
View File

@ -1,5 +1,13 @@
127.0.0.1 localhost.localdomain localhost 127.0.0.1 localhost.localdomain localhost
127.0.1.1 uptimekuma.affirm.duckdns.org
#
192.168.0.11 mattermost.phares.duckdns.org
192.168.0.11 vaultwarden.phares.duckdns.org
192.168.0.11 gitea.phares.duckdns.org
#
192.168.31.12 pve.affirm.duckdns.org pve 192.168.31.12 pve.affirm.duckdns.org pve
192.168.31.12 cockpit.affirm.duckdns.org
# The following lines are desirable for IPv6 capable hosts # The following lines are desirable for IPv6 capable hosts
@ -8,6 +16,4 @@ fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes ff02::1 ip6-allnodes
ff02::2 ip6-allrouters ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
192.168.0.11 mattermost.phares.duckdns.org

20
etc/nginx/include/adguard.conf Normal file
View File

@ -0,0 +1,20 @@
server {
# touch /etc/nginx/include/adguard.affirm.duckdns.org
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/adguard.affirm.duckdns.org.key -out /etc/nginx/include/adguard.affirm.duckdns.org.crt -config /etc/nginx/include/adguard.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name adguard.affirm.duckdns.org;
client_max_body_size 5000m;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.31.12:3002/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}

20
etc/nginx/include/chat.conf Normal file
View File

@ -0,0 +1,20 @@
server {
# touch /etc/nginx/include/chat.affirm.duckdns.org
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/chat.affirm.duckdns.org.key -out /etc/nginx/include/chat.affirm.duckdns.org.crt -config /etc/nginx/include/chat.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name chat.affirm.duckdns.org;
client_max_body_size 5000m;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://192.168.0.31:5001/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}

24
etc/nginx/include/cockpit.conf Normal file
View File

@ -0,0 +1,24 @@
server {
# touch /etc/nginx/include/cockpit.affirm.duckdns.org
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/cockpit.affirm.duckdns.org.key -out /etc/nginx/include/cockpit.affirm.duckdns.org.crt -config /etc/nginx/include/cockpit.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name cockpit.affirm.duckdns.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://127.0.0.1:9090/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
gzip off;
}
}

18
etc/nginx/include/diskstation.conf Normal file
View File

@ -0,0 +1,18 @@
server {
# touch /etc/nginx/include/diskstation.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name diskstation.affirm.duckdns.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://192.168.0.31:5001/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}

20
etc/nginx/include/dockge.conf Normal file
View File

@ -0,0 +1,20 @@
server {
# touch /etc/nginx/include/dockge.affirm.duckdns.org
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/dockge.affirm.duckdns.org.key -out /etc/nginx/include/dockge.affirm.duckdns.org.crt -config /etc/nginx/include/dockge.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name dockge.affirm.duckdns.org;
client_max_body_size 5000m;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.31.12:5002/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}

18
etc/nginx/include/drive.conf Normal file
View File

@ -0,0 +1,18 @@
server {
# touch /etc/nginx/include/drive.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name drive.affirm.duckdns.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://192.168.0.31:5001/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}

19
etc/nginx/include/firefox.conf Normal file
View File

@ -0,0 +1,19 @@
server {
# touch /etc/nginx/include/firefox.affirm.duckdns.org
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/firefox.affirm.duckdns.org.key -out /etc/nginx/include/firefox.affirm.duckdns.org.crt -config /etc/nginx/include/firefox.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name firefox.affirm.duckdns.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.31.12:5800/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}

32
etc/nginx/include/kuma.conf Normal file
View File

@ -0,0 +1,32 @@
server {
# touch /etc/nginx/include/kuma.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name kuma.affirm.duckdns.org;
client_max_body_size 5000m;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.31.12:3001/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
# [Container]
# AutoUpdate=registry
# ContainerName=uptime-kuma-server
# Environment="UPTIME_KUMA_SSL_CERT=/certs/server.cert"
# Environment="UPTIME_KUMA_SSL_KEY=/certs/server.key"
# Image=docker.io/louislam/uptime-kuma:1
# PodmanArgs=--add-host=cockpit.phares.duckdns.org:192.168.11.2
# PodmanArgs=--add-host=mattermost.phares.duckdns.org:192.168.11.2
# PublishPort=3004:3001
# Volume=uptime-kuma-server-data.volume:/app/data:rw
# Volume=/home/podman/wild-phares/fullchain.cer:/certs/server.cert:ro
# Volume=/home/podman/wild-phares/phares.duckdns.org.key:/certs/server.key:ro

24
etc/nginx/include/neko.conf Normal file
View File

@ -0,0 +1,24 @@
server {
# touch /etc/nginx/include/neko.affirm.duckdns.org
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/neko.affirm.duckdns.org.key -out /etc/nginx/include/neko.phares.duckdns.org.crt -config /etc/nginx/include/neko.phares.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name neko.affirm.duckdns.org;
location / {
# https://neko.m1k1o.net/#/getting-started/reverse-proxy
proxy_pass http://192.168.31.12:8082;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Protocol $scheme;
}
}

19
etc/nginx/include/photos.conf Normal file
View File

@ -0,0 +1,19 @@
server {
# touch /etc/nginx/include/photos.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name photos.affirm.duckdns.org;
client_max_body_size 5000m;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://192.168.0.31:5001/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}

19
etc/nginx/include/products.conf Normal file
View File

@ -0,0 +1,19 @@
server {
# touch /etc/nginx/include/products.affirm.duckdns.org
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/products.affirm.duckdns.org.key -out /etc/nginx/include/products.affirm.duckdns.org.crt -config /etc/nginx/include/products.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name products.affirm.duckdns.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.31.12:5005/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}

22
etc/nginx/include/pve.conf Normal file
View File

@ -0,0 +1,22 @@
server {
# touch /etc/nginx/include/pve.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name pve.affirm.duckdns.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://192.168.31.12:8006/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
client_max_body_size 500M;
}
}

23
etc/nginx/include/quartz.conf Normal file
View File

@ -0,0 +1,23 @@
server {
listen 8084 default_server;
root /var/www/html-quartz;
index index.html index.htm;
server_name _;
location / {
try_files $uri $uri/ =404;
}
}
server {
# touch /etc/nginx/include/quartz.affirm.duckdns.org
ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer;
# ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer;
ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key;
ssl_protocols TLSv1.2 TLSv1.3;
listen 443 ssl http2;
server_name quartz.affirm.duckdns.org;
root /var/www/html-quartz;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri.html $uri/ =404;
}
}

24
etc/nginx/sites-available/default
View File

@ -1,10 +1,14 @@
include /etc/nginx/include/adguard.conf; # https://adguard.affirm.duckddns.org # http://192.168.31.12:3002/; include /etc/nginx/include/adguard.conf; # https://adguard.affirm.duckdns.org # http://192.168.31.12:3002/;
include /etc/nginx/include/chat.conf; # https://chat.affirm.duckddns.org # https://192.168.31.12:5001/; include /etc/nginx/include/chat.conf; # https://chat.affirm.duckdns.org # https://192.168.31.12:5001/;
include /etc/nginx/include/cockpit.conf; # https://cockpit.affirm.duckddns.org # https://192.168.31.12:9090/; include /etc/nginx/include/cockpit.conf; # https://cockpit.affirm.duckdns.org # https://192.168.31.12:9090/;
include /etc/nginx/include/diskstation.conf; # https://diskstation.affirm.duckddns.org # https://192.168.31.12:5001/; include /etc/nginx/include/diskstation.conf; # https://diskstation.affirm.duckdns.org # https://192.168.31.12:5001/;
include /etc/nginx/include/drive.conf; # https://drive.affirm.duckddns.org # https://192.168.31.12:5001/; include /etc/nginx/include/dockge.conf; # https://dockge.affirm.duckdns.org # http://192.168.31.12:5002/;
include /etc/nginx/include/kuma.conf; # https://kuma.affirm.duckddns.org # http://192.168.31.37:3001/; include /etc/nginx/include/drive.conf; # https://drive.affirm.duckdns.org # https://192.168.31.12:5001/;
include /etc/nginx/include/neko.conf; # https://neko.affirm.duckddns.org # http://192.168.31.12:8082/; include /etc/nginx/include/firefox.conf; # https://firefox.affirm.duckdns.org # http://192.168.31.12:5800/;
include /etc/nginx/include/photos.conf; # https://photos.affirm.duckddns.org # https://192.168.31.12:5001/; include /etc/nginx/include/kuma.conf; # https://kuma.affirm.duckdns.org # http://192.168.32.100:3001/;
include /etc/nginx/include/pve.conf; # https://pve.affirm.duckddns.org # https://192.168.31.12:8006/; include /etc/nginx/include/neko.conf; # https://neko.affirm.duckdns.org # http://192.168.31.12:8082/;
include /etc/nginx/include/quartz.conf; # https://quartz.affirm.duckddns.org # http://192.168.31.12:8084/; include /etc/nginx/include/photos.conf; # https://photos.affirm.duckdns.org # https://192.168.31.12:5001/;
include /etc/nginx/include/products.conf; # https://products.affirm.duckdns.org # https://192.168.31.12:5005/;
include /etc/nginx/include/pve.conf; # https://pve.affirm.duckdns.org # https://192.168.31.12:8006/;
include /etc/nginx/include/quartz.conf; # https://quartz.affirm.duckdns.org # http://192.168.31.12:8084/;
# ssh root@free.file.sync.media -i C:/Users/phares/.ssh/id_ed25519

1
etc/passwd
View File

@ -32,3 +32,4 @@ cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin
cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin
polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin
podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash
frr:x:112:120:Frr routing suite,,,:/nonexistent:/usr/sbin/nologin

3
etc/passwd-
View File

@ -31,4 +31,5 @@ dnsmasq:x:109:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin
cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin
cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin
polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin
podman:x:1000:1000::/home/podman:/bin/bash podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash
frr:x:112:120::/nonexistent:/usr/sbin/nologin

2
etc/resolv.conf
View File

@ -1,2 +1,2 @@
search affirm.duckdns.org search affirm.duckdns.org
nameserver 192.168.31.1 nameserver 192.168.31.12

1
etc/shadow
View File

@ -32,3 +32,4 @@ cockpit-ws:!:20033::::::
cockpit-wsinstance:!:20033:::::: cockpit-wsinstance:!:20033::::::
polkitd:!*:20033:::::: polkitd:!*:20033::::::
podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7::: podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7:::
frr:!:20039::::::

1
etc/shadow-
View File

@ -31,3 +31,4 @@ dnsmasq:!:20033::::::
cockpit-ws:!:20033:::::: cockpit-ws:!:20033::::::
cockpit-wsinstance:!:20033:::::: cockpit-wsinstance:!:20033::::::
polkitd:!*:20033:::::: polkitd:!*:20033::::::
podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7:::

22
opt/dockge/compose.yaml Normal file
View File

@ -0,0 +1,22 @@
services:
dockge:
image: louislam/dockge:1
restart: unless-stopped
ports:
# Host Port : Container Port
- 5002:5001
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./data:/app/data
# If you want to use private registries, you need to share the auth file with Dockge:
# - /root/.docker/:/root/.docker
# Stacks Directory
# ⚠️ READ IT CAREFULLY. If you did it wrong, your data could end up writing into a WRONG PATH.
# ⚠️ 1. FULL path only. No relative path (MUST)
# ⚠️ 2. Left Stacks Path === Right Stacks Path (MUST)
- /opt/stacks:/opt/stacks
environment:
# Tell Dockge where is your stacks directory
- DOCKGE_STACKS_DIR=/opt/stacks