phares3757/notes-infineon
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a6071a407373ce3185814654a6cf0158c91cdb9b
notes-infineon/_-Review/beelink.md
Mike Phares a6071a4073 2024-06-03
2024-06-03 07:04:29 -07:00

822 lines
29 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
type: "topic"
Brand: "Beelink"
GPU: "Intel Celeron 11th Gen N5095 2.9GHz"
SSD: "M.2 SATA3 2280"
RAM: "8GB DDR4"
created: "2024-04-02T01:49:25.791Z"
updated: "2024-04-08T16:54:34.096Z"
---
# Beelink
```bash
apt-get update
apt-get upgrade
reboot
ip a
lsb_release -a
apt-get install links unzip net-tools ufw nginx git nano ncdu -y
ncdu
ufw enable
ufw allow from 192.168.0.0/24 to any port 22 comment "01) SSH"
ufw allow to 0.0.0.0/0 port 80 comment "02) HTTP"
ufw allow to 0.0.0.0/0 port 443 comment "03) HTTPS"
ufw status numbered
cd /home/mike/
wget https://dot.net/v1/dotnet-install.sh -O dotnet-install.sh
chmod +x ./dotnet-install.sh
./dotnet-install.sh --channel 7.0
ln -s /home/mike/.dotnet/dotnet /usr/local/bin/dotnet
dotnet --info
export DOTNET_ROOT=$HOME/.dotnet
export PATH=$PATH:$HOME/.dotnet:$HOME/.dotnet/tools
dotnet --info
timedatectl set-timezone America/Phoenix
timedatectl
snap install dashkiosk
snap restart dashkiosk
snap install ubuntu-frame wpe-webkit-mir-kiosk
ufw status numbered
snap set wpe-webkit-mir-kiosk url=http://localhost:9400/receiver
wpe-webkit-mir-kiosk.cog http://localhost:9400/receiver
/snap/wpe-webkit-mir-kiosk/current/bin/setup.sh
wpe-webkit-mir-kiosk.cog http://localhost:9400/receiver
snap set ubuntu-frame daemon=true
apt-get install -y ca-certificates
openssl s_client -showcerts -connect DESKTOP-H6JG91B:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >DESKTOP-H6JG91B.crt
nano /etc/hosts
nano /etc/nginx/sites-available/default
echo >/etc/nginx/sites-available/default && nano /etc/nginx/sites-available/default
```
```conf
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
try_files $uri $uri/ =404;
}
}
server {
ssl_certificate 'laundry.phares.myftp.org.crt';
ssl_certificate_key 'laundry.phares.myftp.org.key';
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
listen [::]:443 ssl http2;
server_name laundry.phares.myftp.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:80/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
server {
ssl_certificate 'laundry.phares.myftp.org.crt';
ssl_certificate_key 'laundry.phares.myftp.org.key';
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
listen [::]:443 ssl http2;
server_name dashkiosk.laundry.phares.myftp.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:9400/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
server {
ssl_certificate 'laundry.phares.myftp.org.crt';
ssl_certificate_key 'laundry.phares.myftp.org.key';
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
listen [::]:443 ssl http2;
server_name gogs.laundry.phares.myftp.org;
client_max_body_size 5000m;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:3000/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
server {
ssl_certificate 'laundry.phares.myftp.org.crt';
ssl_certificate_key 'laundry.phares.myftp.org.key';
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
listen [::]:443 ssl http2;
server_name nextcloud.laundry.phares.myftp.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8081/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
server {
ssl_certificate 'laundry.phares.myftp.org.crt';
ssl_certificate_key 'laundry.phares.myftp.org.key';
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
listen [::]:443 ssl http2;
server_name photoprism.laundry.phares.myftp.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:2342/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
server {
ssl_certificate 'laundry.phares.myftp.org.crt';
ssl_certificate_key 'laundry.phares.myftp.org.key';
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
listen [::]:443 ssl http2;
server_name ~(pi-hole).laundry.phares.myftp.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8005/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
server {
ssl_certificate 'laundry.phares.myftp.org.crt';
ssl_certificate_key 'laundry.phares.myftp.org.key';
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
listen [::]:443 ssl http2;
server_name syncthing.laundry.phares.myftp.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8384/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
}
```
```bash
systemctl restart nginx
nginx -t
nginx -s reload
nano /home/mike/laundry.phares.myftp.org.conf
echo >/home/mike/laundry.phares.myftp.org.conf && nano /home/mike/laundry.phares.myftp.org.conf
```
```conf
[req]
default_bits = 2048
default_keyfile = laundry.phares.myftp.org.key
distinguished_name = req_distinguished_name
req_extensions = req_ext
x509_extensions = v3_ca
[req_distinguished_name]
countryName = Country Name (2 letter code)
countryName_default = US
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Arizona
localityName = Locality Name (eg, city)
localityName_default = Anthem
organizationName = Organization Name (eg, company)
organizationName_default = Phares
organizationalUnitName = organizationalunit
organizationalUnitName_default = Development
commonName = Common Name (e.g. server FQDN or YOUR name)
commonName_default = laundry.phares.myftp.org
commonName_max = 64
[req_ext]
subjectAltName = @alt_names
[v3_ca]
subjectAltName = @alt_names
[alt_names]
DNS.1 = laundry.phares.myftp.org
DNS.2 = dashkiosk.laundry.phares.myftp.org
DNS.3 = gogs.laundry.phares.myftp.org
DNS.4 = nextcloud.laundry.phares.myftp.org
DNS.5 = photoprism.laundry.phares.myftp.org
DNS.6 = pi-hole.laundry.phares.myftp.org
DNS.7 = syncthing.laundry.phares.myftp.org
DNS.8 = beelink.server
DNS.9 = beelink
DNS.10 = localhost
DNS.11 = 127.0.0.1
```
```bash
rm /etc/nginx/laundry.phares.myftp.org.key
rm /etc/nginx/laundry.phares.myftp.org.crt
ls /etc/nginx
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/laundry.phares.myftp.org.key -out /etc/nginx/laundry.phares.myftp.org.crt -config /home/mike/laundry.phares.myftp.org.conf
ls /etc/nginx
apt install update-manager-core
exit
do-release-upgrade
exit
adduser gogs
cd /home/gogs
wget https://dl.gogs.io/0.13.0/gogs_0.13.0_linux_amd64.tar.gz
tar -xvzf gogs_0.13.0_linux_amd64.tar.gz
rm gogs_0.13.0_linux_amd64.tar.gz
cd gogs
ufw status numbered
./gogs web
mkdir /home/gogs/gogs-repositories
chown gogs /home/gogs -R
chgrp gogs /home/gogs -R
nano /home/gogs/gogs/custom/conf/app.ini
nano /etc/systemd/system/gogs-daemon.service
systemctl enable gogs-daemon
systemctl start gogs-daemon
systemctl status gogs-daemon.service
systemctl daemon-reload
journalctl -fu gogs-daemon.service
journalctl --rotate
journalctl --vacuum-time=1s
cd /home/gogs
git clone https://github.com/Kos-M/GogsThemes
exit
cp ~/.bash_history /home/mike/bash-history-2023-10-17.txt
chown mike /home/mike -R
chgrp mike /home/mike -R
exit
adduser pi-hole
cd pi-hole
curl -sSL https://install.pi-hole.net | bash
```
```conf
# http://pi.hole/admin
# http://192.168.1.62/admin
fUiY4SYS
```
```conf
nano /etc/lighttpd/lighttpd.conf
```
```conf
server.port = 8005
```
```conf
service lighttpd restart
pihole -a -p 4hink
apt install unbound
; https://docs.pi-hole.net/guides/dns/unbound/
nano /etc/unbound/unbound.conf.d/pi-hole.conf
```
```conf
server:
# If no logfile is specified, syslog is used
# logfile: "/var/log/unbound/unbound.log"
verbosity: 0
interface: 127.0.0.1
port: 5335
do-ip4: yes
do-udp: yes
do-tcp: yes
# May be set to yes if you have IPv6 connectivity
do-ip6: no
# You want to leave this to no unless you have *native* IPv6. With 6to4 and
# Terredo tunnels your web browser should favor IPv4 for the same reasons
prefer-ip6: no
# Use this only when you downloaded the list of primary root servers!
# If you use the default dns-root-data package, unbound will find it automatically
#root-hints: "/var/lib/unbound/root.hints"
# Trust glue only if it is within the server's authority
harden-glue: yes
# Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS
harden-dnssec-stripped: yes
# Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes
# see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details
use-caps-for-id: no
# Reduce EDNS reassembly buffer size.
# IP fragmentation is unreliable on the Internet today, and can cause
# transmission failures when large DNS messages are sent via UDP. Even
# when fragmentation does work, it may not be secure; it is theoretically
# possible to spoof parts of a fragmented DNS message, without easy
# detection at the receiving end. Recently, there was an excellent study
# >>> Defragmenting DNS - Determining the optimal maximum UDP response size for DNS <<<
# by Axel Koolhaas, and Tjeerd Slokker (https://indico.dns-oarc.net/event/36/contributions/776/)
# in collaboration with NLnet Labs explored DNS using real world data from the
# the RIPE Atlas probes and the researchers suggested different values for
# IPv4 and IPv6 and in different scenarios. They advise that servers should
# be configured to limit DNS messages sent over UDP to a size that will not
# trigger fragmentation on typical network links. DNS servers can switch
# from UDP to TCP when a DNS response is too big to fit in this limited
# buffer size. This value has also been suggested in DNS Flag Day 2020.
edns-buffer-size: 1232
# Perform prefetching of close to expired message cache entries
# This only applies to domains that have been frequently queried
prefetch: yes
# One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1.
num-threads: 1
# Ensure kernel buffer is large enough to not lose messages in traffic spikes
so-rcvbuf: 1m
# Ensure privacy of local IP ranges
private-address: 192.168.0.0/16
private-address: 169.254.0.0/16
private-address: 172.16.0.0/12
private-address: 10.0.0.0/8
private-address: fd00::/8
private-address: fe80::/10
```
```conf
service unbound restart
# http://beelink:8005/admin/settings.php?tab=dns
# https://docs.pi-hole.net/guides/dns/unbound/
127.0.0.1#5335
```
```bash
apt-get install syncthing
apt-get install apt-transport-https
adduser syncthing
cat /etc/passwd | cut -d: -f1
systemctl enable syncthing@syncthing.service
systemctl start syncthing@syncthing.service
systemctl status syncthing@syncthing.service
journalctl -e -u syncthing@syncthing.service
nano /home/syncthing/.config/syncthing/config.xml
```
```xml
<address>0.0.0.0:8384</address>
```
```bash
systemctl restart syncthing@syncthing.service
chown syncthing /home/syncthing -R
chgrp syncthing /home/syncthing -R
```
```bash
ufw status numbered
ufw allow from 192.168.1.0/26 to any port 22 comment "01) SSH"
ufw allow to 0.0.0.0/0 port 80 comment "02) HTTP"
ufw allow to 0.0.0.0/0 port 443 comment "03) HTTPS"
ufw allow from 192.168.1.0/26 to any port 53 comment "04) DNS"
ufw allow from 192.168.1.0/26 to any port 67 comment "05) Unknown"
ufw allow from 192.168.11.0/24 to any port 8005 comment "06) SSH"
ufw allow from 192.168.0.0/26 to any port 22 comment "07) SSH"
ufw allow from 192.168.11.0/28 to any port 22 comment "08) SSH"
ufw allow from 192.168.21.0/28 to any port 22 comment "09) SSH"
ufw allow from 192.168.31.0/26 to any port 22 comment "10) SSH"
ufw allow from 192.168.41.0/26 to any port 22 comment "11) SSH"
ufw allow from 192.168.42.0/28 to any port 22 comment "12) SSH"
ufw allow from 192.168.43.0/26 to any port 22 comment "13) SSH"
ufw allow from 192.168.44.0/26 to any port 22 comment "14) SSH"
ufw allow to 0.0.0.0/0 port 22 comment "15) SSH"
ufw status numbered
```
```conf
To Action From
-- ------ ----
[ 1] 22 ALLOW IN 192.168.1.0/26 # 01) SSH
[ 2] 80 ALLOW IN Anywhere # 02) HTTP
[ 3] 443 ALLOW IN Anywhere # 03) HTTPS
[ 4] 53 ALLOW IN 192.168.1.0/26 # 04) DNS
[ 5] 67 ALLOW IN 192.168.1.0/26 # 05) Unknown
[ 6] 9400 ALLOW IN 192.168.1.0/26 # 06) dashkiosk
```
```bash
echo >/etc/hosts && nano /etc/hosts
nano /etc/hosts
```
```conf
127.0.0.1 localhost
127.0.0.1 beelink
127.0.1.1 laundry.phares.myftp.org
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
```
```bash
# adduser twingate
# curl -s https://binaries.twingate.com/client/linux/install.sh | bash
# twingate setup
# twingate start
# curl "https://binaries.twingate.com/connector/setup.sh" | sudo TWINGATE_ACCESS_TOKEN="eyJhbGciOiJFUzI1NiIsImtpZCI6IjlZSlNUMGR6YU5pRDhZR0h5SUdyTG1SVDZKTmMwbHJGMVFsNklseVJ6X1UiLCJ0eXAiOiJEQVQifQ.eyJudCI6IkFOIiwiYWlkIjoiMTczMDc3IiwiZGlkIjoiMTAwMzc4OSIsImp0aSI6IjIyNTJmMjIwLWNkNjQtNDlhYy04YjRhLTE0NDFjOWUyM2U5ZSIsImlzcyI6InR3aW5nYXRlIiwiYXVkIjoicGhhcmVzIiwiZXhwIjoxNjk4MDE0Mzc4LCJpYXQiOjE2OTgwMTA3NzgsInZlciI6IjQiLCJ0aWQiOiI1NzgzOSIsInJudyI6MTY5ODAxMTA3OCwicm5ldGlkIjoiNzIyNzcifQ.aQnQMUGqM5fBEbR781u-lCPjltfmb1TdZUJTNJ_GYiiSJiemJiIrVK80xHQlIpPB2kot34nxmpvVK4kZK64X3w" TWINGATE_REFRESH_TOKEN="AWOLHa11QFXENAyov_w-KQ5ZC-keHm2w_ActZP8M7hBpy2NOC7EDT2bkEpBCO-YLTd40Pp-pdplIJu0lvdvNBAGINHopYnX2XOgaMxS5tbPPTsHRlnQpckaXYuOwu28W0ORs8g" TWINGATE_NETWORK="phares" bash
# curl "https://binaries.twingate.com/connector/setup.sh" | TWINGATE_ACCESS_TOKEN="eyJhbGciOiJFUzI1NiIsImtpZCI6IjlZSlNUMGR6YU5pRDhZR0h5SUdyTG1SVDZKTmMwbHJGMVFsNklseVJ6X1UiLCJ0eXAiOiJEQVQifQ.eyJudCI6IkFOIiwiYWlkIjoiMTczMjIxIiwiZGlkIjoiMTAwNDI3NCIsImp0aSI6ImQxMWIwYWIzLWJjZTgtNDIxZS05MzAwLTA1ZmFkZDk5YjllMiIsImlzcyI6InR3aW5nYXRlIiwiYXVkIjoicGhhcmVzIiwiZXhwIjoxNjk4MDM3MTgzLCJpYXQiOjE2OTgwMzM1ODMsInZlciI6IjQiLCJ0aWQiOiI1NzgzOSIsInJudyI6MTY5ODAzMzg4Mywicm5ldGlkIjoiNzIyNzcifQ.7YqB5iz1lzsfb6adLPx53NNA3dJ1NnuzmNhyyi4FzPdMTGxn3qbHD1olvWpEEi69D8gAvF5K77DPwE1BHxo4Qw" TWINGATE_REFRESH_TOKEN="HypbNsUdue5Dh3s5W4ePR9RIkFDsjEGiNJFJDf_cLdixkn94ieMypUZMH_XIc4-13L_PuQ61M7RWG5rF21ZRAgFf1MuIMf5kJGhuQq_VG7_E_6Q8NMLAajP5W05jTofB-sY3Ig" TWINGATE_NETWORK="phares" bash
```
```bash
# https://ubuntu.com/server/docs/network-configuration
ip a
ip address show eno1
ls -l /etc/netplan/
echo >/etc/netplan/00-installer-config.yaml && nano /etc/netplan/00-installer-config.yaml
```
```yaml old
# This is the network config written by 'subiquity'
network:
ethernets:
enp2s0:
dhcp4: true
version: 2
```
```yaml new
network:
ethernets:
enp2s0:
addresses:
- 192.168.1.62/26
routes:
- to: default
via: 192.168.1.1
nameservers:
addresses: [205.171.3.25, 205.171.2.25]
version: 2
```
```bash
netplan apply
ip addr flush enp2s0
```
```bash Thu Dec 28 2023 13:45:50 GMT-0700 (Mountain Standard Time)
# ufw allow from 192.168.1.0/26 to any port 8005 comment "04) Pi-hole"
# ufw allow from 192.168.1.0/26 to any port 9400 comment "06) dashkiosk"
# ufw allow from 192.168.1.0/26 to any port 8384 comment "07) syncthing"
```
```bash Thu Dec 28 2023 14:08:10 GMT-0700 (Mountain Standard Time)
# https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-nextcloud-on-ubuntu-20-04
sudo -i
snap install nextcloud
snap changes nextcloud
snap info nextcloud
snap connections nextcloud
cat /snap/nextcloud/current/meta/snap.yaml
nextcloud.manual-install admin {KeePass-Password}
nextcloud.occ config:system:get trusted_domains
nextcloud.occ config:system:set trusted_domains 1 --value=nextcloud.laundry.phares.myftp.org
nextcloud.occ config:system:get trusted_domains
nano /etc/hosts
ls /var/snap/nextcloud/current/certs/live
nextcloud.disable-https
snap set nextcloud ports.http=8081
nextcloud.occ user:resetpassword admin
nano /home/gogs/gogs/custom/conf/app.ini
# mkdir -p /mnt1
# mount -t ntfs -o ro /dev/sdc1 /mnt1
# mount /dev/sda4 /mnt
# snap stop nextcloud
# cp -r /mnt1/b/ /mnt/1-Images-A/
# ls /var/snap/nextcloud/common/nextcloud/data
# mv /var/snap/nextcloud/common/nextcloud/data /mnt/1-Images-B
# mkdir -p /mnt/1-Images-C/nextcloud/data
# mv /mnt/1-Images-B /mnt/1-Images-C/nextcloud/data
# mkdir -p /mnt/2-Images-B/nextcloud/data
# mv /mnt/1-Images-C/nextcloud/data/1-Images-B/ /mnt/2-Images-B/nextcloud/data/
nano /var/snap/nextcloud/current/nextcloud/config/config.php
mkdir -p /var/snap/nextcloud/common/nextcloud/data
chmod -R 0770 /var/snap/nextcloud/common/nextcloud/data
# chmod -R 0770 /mnt/2-Images-B/nextcloud/data
# mkdir /mnt/1-Images-A
# mkdir /mnt/2-Images-B
# mkdir /mnt/3-Videos-A
# mkdir /mnt/4-Videos-B
# mkdir /mnt/5-Other-Small
# mkdir /mnt/6-Other-Large
# mkdir /mnt/6-Other-Large-B
# mkdir /mnt/7-Question
# mkdir /mnt/8-Move
# mkdir /mnt/9-Delete
snap start nextcloud
nextcloud.occ files:scan --all
# mv /mnt/1-Images-A/c /mnt/2-Images-B/nextcloud/data/admin/files/Photos/_
# nextcloud.occ files:scan --all
# mv /mnt/2-Images-B/nextcloud/data/admin/files/Photos/_ /mnt/2-Images-B/nextcloud/data/admin/files/Photos/Original
# chown -R root:root /mnt/2-Images-B/nextcloud/data
# chmod -R 0770 /mnt/2-Images-B/nextcloud/data
nextcloud.occ files:scan --all
snap set nextcloud php.memory-limit=-1
snap get nextcloud php.memory-limit
snap restart nextcloud
nextcloud.occ preview:generate-all -vvv
nextcloud.mysql-client
nextcloud.export -b
```
```conf
WARNING: This functionality is still experimental and under
development, use at your own risk. Note that the CLI interface is
unstable, so beware if using from within scripts.
Enabling maintenance mode... done
Exporting database...
Successfully exported /var/snap/nextcloud/common/backups/20231228-210650
Disabling maintenance mode... done
```
```bash Sun Dec 31 2023 23:09:31 GMT-0700 (Mountain Standard Time)
sudo -i
snap remove --purge nextcloud
snap install nextcloud
snap changes nextcloud
snap info nextcloud
snap connections nextcloud
cat /snap/nextcloud/current/meta/snap.yaml
nextcloud.manual-install mikepharesjr@msn.com {KeePass-Password}
nextcloud.occ config:system:get trusted_domains
nextcloud.occ config:system:set trusted_domains 1 --value=nextcloud.laundry.phares.myftp.org
nextcloud.occ config:system:get trusted_domains
nano /etc/hosts
ls /var/snap/nextcloud/current/certs/live
nextcloud.disable-https
snap set nextcloud ports.http=8081
nextcloud.occ user:resetpassword mikepharesjr@msn.com
nextcloud.occ config:system:set overwrite.cli.url --value=https://nextcloud.laundry.phares.myftp.org
nextcloud.occ config:system:set overwriteprotocol --value=https
cat /var/snap/nextcloud/current/nextcloud/config/config.php
snap start nextcloud
nextcloud.occ files:scan --all
snap set nextcloud php.memory-limit=-1
snap get nextcloud php.memory-limit
snap restart nextcloud
nextcloud.mysql-client
nextcloud.export -b
```
```bash
# mount -t drvfs D: /mnt/d
# ln -s '/mnt/d/1-Images-A/Images-7007a9df-Results/C)Resize/7007a9df/Original/()' '/var/snap/nextcloud/common/nextcloud/data/admin/files/Photos/()'
# chown -R root:root '/var/snap/nextcloud/common/nextcloud/data/admin/files/Photos/()'
# chmod 0770 '/var/snap/nextcloud/common/nextcloud/data/admin/files/Photos/()'
# ls '/var/snap/nextcloud/common/nextcloud/data/admin/files/Photos/()'
# nano /var/snap/nextcloud/current/nextcloud/config/autoconfig.php
# chown -R root:root '/mnt/d/data'
# chmod 0770 '/mnt/d/data'
mount /dev/sdb1 /mnt
cp -r '/mnt/K-A/1-Images-A/Images-7007a9df-Results/C)Resize/7007a9df/Original/()/' '/var/snap/nextcloud/common/nextcloud/data/mikepharesjr@msn.com/files/'
ls -la /home/mike/preview/
# cp -r /home/mike/preview/* /var/snap/nextcloud/common/nextcloud/data/appdata_oce2cq0odh1l/preview/
rsync -a -v -h --ignore-existing /home/mike/preview/ /var/snap/nextcloud/common/nextcloud/data/appdata_oce2cq0odh1l/preview/
chown -R root:root /var/snap/nextcloud/common/nextcloud/data/appdata_oce2cq0odh1l/preview/
ncdu /home/mike/preview/
ncdu /var/snap/nextcloud/common/nextcloud/data/appdata_oce2cq0odh1l/preview/
snap restart nextcloud
nextcloud.occ files:scan --all
nextcloud.occ preview:generate-all -vvv
```
```bash Sat Jan 27 2024 16:58:09 GMT-0700 (Mountain Standard Time)
sudo -i
wget http://www.observium.org/observium_installscript.sh
chmod +x observium_installscript.sh
./observium_installscript.sh
# 5
ufw allow from 192.168.1.0/26 to any port 161 comment "06) SNMP"
nano /etc/snmp/snmpd.conf
```
```conf
###########################################################################
#
# snmpd.conf
# An example configuration file for configuring the Net-SNMP agent ('snmpd')
# See snmpd.conf(5) man page for details
#
###########################################################################
# SECTION: System Information Setup
#
# syslocation: The [typically physical] location of the system.
# Note that setting this value here means that when trying to
# perform an snmp SET operation to the sysLocation.0 variable will make
# the agent return the "notWritable" error code. IE, including
# this token in the snmpd.conf file will disable write access to
# the variable.
# arguments: location_string
sysLocation server-beelink
sysContact Mike Phares <mikepharesjr@msn.com>
# sysservices: The proper value for the sysServices object.
# arguments: sysservices_number
sysServices 72
###########################################################################
# SECTION: Agent Operating Mode
#
# This section defines how the agent will operate when it
# is running.
# master: Should the agent operate as a master agent or not.
# Currently, the only supported master agent type for this token
# is "agentx".
#
# arguments: (on|yes|agentx|all|off|no)
master agentx
# agentaddress: The IP address and port number that the agent will listen on.
# By default the agent listens to any and all traffic from any
# interface on the default SNMP port (161). This allows you to
# specify which address, interface, transport type and port(s) that you
# want the agent to listen on. Multiple definitions of this token
# are concatenated together (using ':'s).
# arguments: [transport:]port[@interface/address],...
# agentaddress 127.0.0.1,[::1]
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
agentAddress udp:161,udp6:[::1]:161
###########################################################################
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# Views
# arguments viewname included [oid]
# system + hrSystem groups only
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid | -V view]
# Read-only access to everyone to the systemonly view
#rocommunity public default -V systemonly
#rocommunity6 public default -V systemonly
rocommunity fUy#YjMb6t6t573PRNe3 192.168.1.0/26
# SNMPv3 doesn't use communities, but users with (optionally) an
# authentication and encryption string. This user needs to be created
# with what they can view with rouser/rwuser lines in this file.
#
# createUser username (MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224) authpassphrase [DES|AES] [privpassphrase]
# e.g.
# createuser authPrivUser SHA-512 myauthphrase AES myprivphrase
#
# This should be put into /var/lib/snmp/snmpd.conf
#
# rouser: a SNMPv3 read-only access username
# arguments: username [noauth|auth|priv [OID | -V VIEW [CONTEXT]]]
rouser authPrivUser authpriv -V systemonly
# include a all *.conf files in a directory
```
```bash
systemctl restart snmpd
systemctl status snmpd
netstat -antup | grep -i 161
```
```yml
Beelink MINI S Mini PC Basic Specifications
Intel N5095(4C/4T, 4M Cache, 2GHz up to 2.9GHz)
CPU: Intel Celeron Processor N5095(4C/4T, 4M Cache, Up to 2.9GHz)
GPU: Intel UHD Graphics
RAM: 8GB Hard Disk: 128GB/256GB
Network: WiFi IEEE 802.11/b/g/n/ac, 2.4+5.8G WiFi, Ethernet 1000Mbps LAN, Bluetooth 4.0
Adapter: Input: 100-240V AC, 50/60Hz , Output: 12V 3A
Max Screen Resolution: 3840 x 2160@60Hz
Processor: 2.9 GHz celeron
RAM: 8 GB DDR4
Hard Drive: 256 GB SSD
Graphics Coprocessor: Intel UHD Graphics
Chipset Brand: Intel
Card Description: Integrated
Wireless Type: 2.4 GHz Radio Frequency
Number of USB 3.0 Ports: 4
Brand: Beelink
Series: MINIS(MINI S,MINIS Pro,MINI G,MINI X)
Item model number: Beelink
Hardware Platform: PC
Operating System: OS
Item Weight: 1.46 pounds
Package Dimensions: 8.46 x 5 x 2.24 inches
Color: Black
Processor Brand: Intel
Number of Processors: 4
Computer Memory Type: DDR4 SDRAM
Hard Drive Interface: Serial ATA
Hard Drive Rotational Speed: 1800.00
Optical Drive Type: 256
Power Source: Input: 100-120V AC, 50/60Hz
```
```yml Trigkey
Screen Resolution: 3840 x 2160
Max Screen Resolution: 3840 x 2160 pixels
Processor: 3.4 GHz celeron
RAM: 16 DDR4
Hard Drive: 500 GB SSD
Chipset Brand: Intel
Graphics Card Ram Size: 512.00
Number of USB 2.0 Ports: 2
Brand: TRIGKEY
Series: GREEN G4
Item model number: TRIGKEY Mini PC
Hardware Platform: PC
Operating System: OS
Item Weight: 1.25 pounds
Product Dimensions: 4.96 x 4.45 x 1.57 inches
Item Dimensions LxWxH: 4.96 x 4.45 x 1.57 inches
Processor Brand: Intel
Number of Processors: 4
Computer Memory Type: DDR4 SDRAM
Flash Memory Size: 512 MB
Hard Drive Interface: Solid State
```
```bash
root@beelink:~# adduser loganphares
info: Adding user `loganphares' ...
info: Selecting UID/GID from range 1000 to 59999 ...
info: Adding new group `loganphares' (1007) ...
info: Adding new user `loganphares' (1007) with group `loganphares (1007)' ...
info: Creating home directory `/home/loganphares' ...
info: Copying files from `/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Changing the user information for loganphares
Enter the new value, or press ENTER for the default
Full Name []: Logan Phares
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y
info: Adding new user `loganphares' to supplemental / extra groups `users' ...
info: Adding user `loganphares' to group `users' ...
root@beelink:~# cp /home/mike/.ssh/authorized_keys /home/loganphares/.ssh/authorized_keys
cp: cannot create regular file '/home/loganphares/.ssh/authorized_keys': No such file or directory
root@beelink:~# mkdir /home/loganphares/.ssh
root@beelink:~# cp /home/mike/.ssh/authorized_keys /home/loganphares/.ssh/authorized_keys
root@beelink:~# chown -R loganphares /home/loganphares
root@beelink:~# mkdir /home/loganphares/.ssh^C
root@beelink:~# usermod -a -G billmiller loganphares
usermod: group 'billmiller' does not exist
root@beelink:~# usermod -a -G billmillermusic loganphares
root@beelink:~# exit
```
Reference in New Issue View Git Blame Copy Permalink