Pi-hole DNS

2024-07-29 17:36:55 -07:00 · 2024-07-29 17:36:55 -07:00 · 01853e0ba2
commit 01853e0ba2
parent 8945386a8d
12 changed files with 207 additions and 28 deletions
--- a/.gitignore
+++ b/.gitignore
@ -5,6 +5,8 @@

 !*/

+!.vscode/*
+
 !etc/*.md
 !etc/bash_history*
 !etc/group*
@ -21,6 +23,7 @@
 !etc/lighttpd/lighttpd.conf
 !etc/network/interfaces
 !etc/passwd
+!etc/pihole/custom.list
 !etc/pihole/dhcp.leases
 !etc/pihole/index.nginx-debian.html
 !etc/pihole/setupVars.conf
--- a/.vscode/mklink.md
+++ b/.vscode/mklink.md
@ -0,0 +1,5 @@
+# mklink
+
+```bash Sat Jul 27 2024 07:50:14 GMT-0700 (Mountain Standard Time)
+mklink "L:\Git\Linux-Ubuntu-Server\.vscode\rebuild-ubuntu-beelink.md" "D:\5-Other-Small\Kanban\Phares\tasks\rebuild-ubuntu-beelink.md"
+```
--- a/.vscode/rebuild-ubuntu-beelink.md
+++ b/.vscode/rebuild-ubuntu-beelink.md
@ -0,0 +1 @@
+D:/5-Other-Small/Kanban/Phares/tasks/rebuild-ubuntu-beelink.md
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -0,0 +1,5 @@
+{
+    "files.associations": {
+        "*.container": "ini"
+    }
+}
--- a/etc/beelink.md
+++ b/etc/beelink.md
@ -2,8 +2,6 @@

 ## Ubuntu and Docker End of July 2024

-### Dashkiosk
-
 ### authorized_keys

 ```bash Thu Jul 25 2024 16:02:13 GMT-0700 (Mountain Standard Time)
@ -364,6 +362,20 @@ reboot
 nano /etc/default/grub
 ```

+```conf Fri Jul 26 2024 10:45:47 GMT-0700 (Mountain Standard Time)
+# https://opensource.com/article/22/8/disable-ipv6
+# GRUB_CMDLINE_LINUX_DEFAULT=""
+GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash"
+# GRUB_CMDLINE_LINUX=""
+GRUB_CMDLINE_LINUX="ipv6.disable=1"
+```
+
+```bash Fri Jul 26 2024 10:45:51 GMT-0700 (Mountain Standard Time)
+grub-mkconfig
+exit
+reboot
+```
+
 ### Fix Unbond (Move up next time!!!)

 ```conf Fri Jul 26 2024 10:45:41 GMT-0700 (Mountain Standard Time)
@ -379,20 +391,6 @@ systemctl disable --now unbound-resolvconf.service
 service unbound restart
 ```

-```conf Fri Jul 26 2024 10:45:47 GMT-0700 (Mountain Standard Time)
-# https://opensource.com/article/22/8/disable-ipv6
-# GRUB_CMDLINE_LINUX_DEFAULT=""
-GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash"
-# GRUB_CMDLINE_LINUX=""
-GRUB_CMDLINE_LINUX="ipv6.disable=1"
-```
-
-```bash Fri Jul 26 2024 10:45:51 GMT-0700 (Mountain Standard Time)
-grub-mkconfig
-exit
-reboot
-```
-
 ### Cockpit (Move up next time!!!)

 - [cockpit](https://cockpit-project.org/)
--- a/etc/dnsmasq.d/05-pihole-custom-cname.conf
+++ b/etc/dnsmasq.d/05-pihole-custom-cname.conf
@ -0,0 +1,45 @@
+cname=affirm.ddns.net,beelink.server
+cname=affirm.phares.duckdns.org,beelink.server
+cname=ansible.ddns.net,beelink.server
+cname=assistant.ddns.net,beelink.server
+cname=casa.ddns.net,beelink.server
+cname=cockpit.ddns.net,beelink.server
+cname=codeserver.ddns.net,beelink.server
+cname=dashkiosk.ddns.net,beelink.server
+cname=dockge.ddns.net,beelink.server
+cname=docmost.ddns.net,beelink.server
+cname=emby.ddns.net,beelink.server
+cname=filebrowser.ddns.net,beelink.server
+cname=free.file.sync.root,beelink.server
+cname=gitea.ddns.net,beelink.server
+cname=gitea.phares.duckdns.org,beelink.server
+cname=gogs.ddns.net,beelink.server
+cname=haos.ddns.net,beelink.server
+cname=immich.ddns.net,beelink.server
+cname=immich.phares.duckdns.org,beelink.server
+cname=incus.ddns.net,beelink.server
+cname=invoice.ddns.net,beelink.server
+cname=kestra.ddns.net,beelink.server
+cname=lxconsole.ddns.net,beelink.server
+cname=music.ddns.net,beelink.server
+cname=music.phares.duckdns.org,beelink.server
+cname=nextcloud.ddns.net,beelink.server
+cname=owncast.ddns.net,beelink.server
+cname=pgadmin.ddns.net,beelink.server
+cname=phares.ddns.net,beelink.server
+cname=phares.duckdns.org,beelink.server
+cname=phares3757.ddns.net,beelink.server
+cname=photoprism.ddns.net,beelink.server
+cname=pihole.ddns.net,beelink.server
+cname=proxmox.ddns.net,beelink.server
+cname=quartz.ddns.net,beelink.server
+cname=quartz.phares.duckdns.org,beelink.server
+cname=readeck.ddns.net,beelink.server
+cname=syncthing.ddns.net,beelink.server
+cname=terraform.ddns.net,beelink.server
+cname=umbrel.ddns.net,beelink.server
+cname=uptimekuma.ddns.net,beelink.server
+cname=vaultwarden.ddns.net,beelink.server
+cname=vaultwarden.phares.duckdns.org,beelink.server
+cname=vscodium.ddns.net,beelink.server
+cname=wekan.ddns.net,beelink.server
--- a/etc/nginx/sites-available/default
+++ b/etc/nginx/sites-available/default
@ -11,7 +11,7 @@ include /etc/nginx/include/affirm.conf;
 # include /etc/nginx/include/ansible.conf;
 # include /etc/nginx/include/assistant.conf;
 # include /etc/nginx/include/casa.conf;
-include /etc/nginx/include/codeserver.conf;
+# include /etc/nginx/include/codeserver.conf;
 include /etc/nginx/include/dashkiosk.conf;
 # include /etc/nginx/include/dockge.conf;
 # include /etc/nginx/include/docmost.conf;
@ -19,11 +19,12 @@ include /etc/nginx/include/dashkiosk.conf;
 # include /etc/nginx/include/filebrowser.conf;
 # include /etc/nginx/include/gogs.conf;
 include /etc/nginx/include/gitea.conf;
+include /etc/nginx/include/ha.conf;
 include /etc/nginx/include/immich.conf;
-include /etc/nginx/include/incus.conf;
+# include /etc/nginx/include/incus.conf;
 # include /etc/nginx/include/invoice.conf;
-include /etc/nginx/include/lxconsole.conf;
-include /etc/nginx/include/kestra.conf;
+# include /etc/nginx/include/lxconsole.conf;
+# include /etc/nginx/include/kestra.conf;
 include /etc/nginx/include/music.conf;
 # include /etc/nginx/include/nextcloud.conf;
 # include /etc/nginx/include/owncast.conf;
@ -36,6 +37,7 @@ include /etc/nginx/include/quartz.conf;
 # include /etc/nginx/include/readeck.conf;
 # include /etc/nginx/include/syncthing.conf;
 # include /etc/nginx/include/terraform.conf;
+include /etc/nginx/include/umbrel.conf;
 # include /etc/nginx/include/uptimekuma.conf;
 include /etc/nginx/include/vaultwarden.conf;
 # include /etc/nginx/include/vscodium.conf;
--- a/etc/pihole/custom.list
+++ b/etc/pihole/custom.list
@ -0,0 +1,84 @@
+192.168.0.21 free.file.sync.k0308
+192.168.0.31 free.file.sync.media
+192.168.0.41 free.file.sync.mikep
+192.168.0.42 free.file.sync.lphar
+192.168.0.43 free.file.sync.loft
+192.168.11.2 beelink.server
+192.168.11.3 solar.iot
+192.168.11.4 NPI84AE43.printer
+192.168.11.5 kristy.laptop
+192.168.11.6 kristy.desktop
+192.168.11.7 samsung.tv
+192.168.11.8 playstation5.console
+192.168.11.9 ultra.roku
+192.168.11.10 asus.laptop
+192.168.11.11 logan.desktop
+192.168.11.12 trigkey.desktop
+192.168.11.13 mackenzie.tv
+192.168.11.14 infineon.iscn5cg3256cps.com
+192.168.11.15 yamaha.main.iot
+192.168.11.16 chelsea.desktop
+192.168.11.17 raspberry.server
+192.168.11.18 xbox.one.console
+192.168.11.19 2519.usb
+192.168.11.20 minisforum.desktop
+192.168.11.21 minisforum.desktop
+192.168.11.22 atom.usb
+192.168.11.23 knew.desktop
+192.168.11.72 mackenzie.macbook
+192.168.11.73 mackenzie.laptop
+192.168.11.74 jason.console
+192.168.11.75 samsung.chromebook
+192.168.11.76 donna.phone
+192.168.11.77 donna.tablet
+192.168.11.78 laundry.iot
+192.168.11.79 porch.back.iot
+192.168.11.80 entry.light.iot
+192.168.11.81 entry.lamp.iot
+192.168.11.82 chelsea.school
+192.168.11.83 xbox.one.console
+192.168.11.84 samsung.tv
+192.168.11.85 plug.1.iot
+192.168.11.86 zero.server
+192.168.11.87 office.echo
+192.168.11.88 unknown.unknown
+192.168.11.89 logan.school
+192.168.11.90 upstairs.iot
+192.168.11.91 switch.console
+192.168.11.92 living.iot
+192.168.11.93 mike.phone
+192.168.11.94 master.echo
+192.168.11.95 logan.phone
+192.168.11.96 kristy.paperwhite
+192.168.11.97 chelsea.iot
+192.168.11.98 garage.left.iot
+192.168.11.99 garage.right.iot
+192.168.11.100 logan.iot
+192.168.11.101 porch.front.iot
+192.168.11.102 kristy.phone
+192.168.11.103 clock.iot
+192.168.11.104 chelsea.old.school
+192.168.11.105 lamp.iot
+192.168.11.106 pictures.iot
+192.168.11.107 chelsea.chromebook
+192.168.11.108 kitchen.echo
+192.168.11.109 saya.phone
+192.168.11.110 infineon.iscn5cg3256cps.com
+192.168.11.111 green.echo
+192.168.11.112 playstation5.console
+192.168.11.113 kristy.fire
+192.168.11.114 oculas.console
+192.168.11.115 chelsea.fire
+192.168.11.116 chelsea.phone
+192.168.11.117 logan.tablet
+192.168.11.118 alarm.iot
+192.168.11.119 trigkey.desktop
+192.168.11.120 master.iot
+192.168.11.121 ikea.iot
+192.168.11.122 sprinklers.iot
+192.168.11.123 chelsea.echo
+192.168.11.124 mackenzie.phone
+192.168.11.125 loft.echo
+192.168.11.126 logan.chromebook
+192.168.11.253 sengled.color.iot
+192.168.11.254 sengled.white.iot
--- a/etc/systemd/system/snap.certbot.renew.timer
+++ b/etc/systemd/system/snap.certbot.renew.timer
@ -7,8 +7,8 @@ X-Snappy=yes

 [Timer]
 Unit=snap.certbot.renew.service
-OnCalendar=*-*-* 05:54
-OnCalendar=*-*-* 14:00
+OnCalendar=*-*-* 11:27
+OnCalendar=*-*-* 15:45

 [Install]
 WantedBy=timers.target
--- a/home/podman/.config/containers/systemd/vaultwarden-db-data.volume
+++ b/home/podman/.config/containers/systemd/vaultwarden-db-data.volume
@ -0,0 +1 @@
+[Volume]
--- a/home/podman/.config/containers/systemd/vaultwarden-db.container
+++ b/home/podman/.config/containers/systemd/vaultwarden-db.container
@ -0,0 +1,28 @@
+[Container]
+AutoUpdate=registry
+ContainerName=vaultwarden-db
+Environment="POSTGRES_DB=vaultwarden"
+Environment="POSTGRES_PASSWORD=vaultwarden"
+Environment="POSTGRES_USER=vaultwarden"
+Image=docker.io/library/postgres:14
+# Network=vaultwarden.network
+# Pod=vaultwarden.pod
+PublishPort=5435:5432
+Volume=vaultwarden-db-data.volume:/var/lib/postgresql/data:Z
+
+[Service]
+Restart=no
+
+[Install]
+WantedBy=multi-user.target default.target
+
+# podman pull docker.io/library/postgres:14
+# systemctl --user daemon-reload
+# systemctl --user start vaultwarden-db
+# systemctl --user status vaultwarden-db
+# journalctl -fu vaultwarden-db.service
+# podman logs vaultwarden-db
+# systemctl --user stop vaultwarden-db
+# systemctl --user disable vaultwarden-db
+# podman exec -ti vaultwarden-db /bin/sh
+# podman exec -ti vaultwarden-db /bin/bash
--- a/home/podman/.config/containers/systemd/vaultwarden-server.container
+++ b/home/podman/.config/containers/systemd/vaultwarden-server.container
@ -1,25 +1,32 @@
 [Container]
 AutoUpdate=registry
 ContainerName=vaultwarden-server
-Image=docker.io/vaultwarden/server:latest
+Image=docker.io/vaultwarden/server:1.31.0
 # Network=vaultwarden.network
 # Pod=vaultwarden.pod
 PublishPort=5008:80
 Volume=vaultwarden-server-data.volume:/data:rw
 Environment="ADMIN_TOKEN=7jrceE25+m5vPMK9jmVT8VsMM/0Svoiz4YEpLYHHT2hSaJPIlXcP8lOXwR5GpdaM"
+# Environment="ADMIN_TOKEN=$argon2id$v=19$m=65540,t=3,p=4$U3JuRm84cFpHOC9Rbi9ZOWdzdXU2RFl5ajZka2trNnBJWTJCZW1BT3VUOD0$tc54DJ7/6bA5iNgSFF9KtKktP8u4mMU8unrGiL8hJMY"
+# Environment="ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$U3JuRm84cFpHOC9Rbi9ZOWdzdXU2RFl5ajZka2trNnBJWTJCZW1BT3VUOD0$$tc54DJ7/6bA5iNgSFF9KtKktP8u4mMU8unrGiL8hJMY"
+Environment="DATABASE_URL=postgresql://vaultwarden:vaultwarden@192.168.11.2:5435/vaultwarden"
 Environment="DOMAIN=https://vaultwarden.phares.duckdns.org"
 Environment="SIGNUPS_ALLOWED=true"
-Environment="SMTP_FROM=user@example.com"
-Environment="SMTP_HOST=smtp-relay.sendinblue.com"
-Environment="SMTP_PASSWORD=sendinblue password"
+Environment="SMTP_FROM=phares@centurylink.net"
+Environment="SMTP_HOST=smtp.centurylink.net"
+Environment="SMTP_PASSWORD=0jbeze5r#OQqne73yFlp"
 Environment="SMTP_PORT=587"
-Environment="SMTP_SSL=true"
-Environment="SMTP_USERNAME=user@example.com"
+Environment="SMTP_SSL=false"
+Environment="SMTP_USERNAME=phares@centurylink.net"
 Environment="WEBSOCKET_ENABLED=true"

 [Service]
 Restart=no

+[Unit]
+Requires=vaultwarden-db.service
+After=vaultwarden-db.service
+
 [Install]
 WantedBy=multi-user.target default.target
				`@ -0,0 +1 @@`
				`D:/5-Other-Small/Kanban/Phares/tasks/rebuild-ubuntu-beelink.md`