Here is a quick rundown on how to make a simple Debian box into a router Removed un-needed items apt purge iptables Install required items apt install bridge-utils firewalld dnsmasq Enable IP Forwarding sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf Find NICs ip a to find the NICs Now we create the bridge. This is assuming your device has three NICs and you want two for LAN and one for WAN nano /etc/network/interfaces

nano /etc/telegraf/telegraf.d/input-hdhr.conf [[inputs.exec]] commands = ["curl http://<IP-OF-DEVICE>/status.json"] timeout = "5s" data_format = "json" name_override = "HDHomeRun" tag_keys = ["Resource"] [inputs.exec.tags] device="<IP-OF-DEVICE>" HERE is the json for the dashboard This might get updated, might not.

How this blog is deployed ClearNet: gitea (main repo) -> metroline (custom hugo build container) -> github release (via custom container to clone from gitea and push to github) -> cloudflare pages (this is auto when there’s a commit in the github repo) TOR: gitea (main repo) -> metroline (custom hugo build container) -> rsync (custom container to push to web server) -> webserver (proxied via link HERE ) I had to do it this way since CloudFlare Pages only work with Github.

acme.sh --issue --dns dns_cf --keylength 4096 -d domain.com -d '*.domain.com'

Below is how to fix the Your web server is not properly set up to resolve /.well-known/webfinger /.well-known/nodeinfo error if using NGiNX since everything else I could find was for Apache/HTTPD. Add the following to your NGiNX config file for nextcloud. Usualy found in /etc/nginx/sites-enabled/ or /etc/nginx/conf.d/ location = /.well-known/webfinger { return 301 $scheme://$host/index.php/.well-known/webfinger; } location = /.well-known/nodeinfo { return 301 $scheme://$host/index.php/.well-known/nodeinfo; } ACPu errors when doing stuff on the command line.

Here’s some simple things to do with git When updating a repo this is the simplest way to do it git config --global user.name FIRST_NAME LAST_NAME | this sets the person who made the commit (first/last name) git config --global user.email [email protected] | this sets the person who made the commit (email) git diff | this is the see any lines you’ve changed git status | this will show which branch your on and which files have changed (not the contents of the file like git diff, but just the files themselves)

init repo apt install -y restic export AWS_ACCESS_KEY_ID='KEY_ID_HERE' export AWS_SECRET_ACCESS_KEY='ACCESS_KEY_HERE' export RESTIC_REPOSITORY="REPO_HERE_IS_USE_MINIO" export RESTIC_PASSWORD='RANDOM_PASSWD_HERE' restic init Service time nano /etc/systemd/system/restic-backup.service [Unit] Description=restic Wants=restic.timer [Service] Type=oneshot User=root Group=root Environment=AWS_ACCESS_KEY_ID='KEY_ID_HERE' Environment=AWS_SECRET_ACCESS_KEY='ACCESS_KEY_HERE' Environment=RESTIC_REPOSITORY="REPO_HERE_IS_USE_MINIO" Environment=RESTIC_PASSWORD='RANDOM_PASSWD_HERE' ExecStartPre=/bin/bash -c '/usr/bin/mysqldump --defaults-file=/root/.my.cnf --all-databases > /opt/backup/mysqldump.sql' ExecStart=/bin/bash -c '/usr/bin/restic --exclude={/dev,/media,/mnt,/proc,/run,/sys,/tmp,/var/tmp,/var/lib/mysql,/swap*} backup / && /usr/bin/restic forget --prune --keep-daily 5 --keep-weekly 15 --keep-monthly 15' ExecStartPost=/usr/bin/rm /opt/backup/mysqldump.sql [Install] WantedBy=multi-user.target Timer time nano /etc/systemd/system/restic-backup.timer [Unit] Description=restic Requires=restic.service [Timer] Unit=restic.service OnCalendar=daily AccuracySec=1h Persistent=true [Install] WantedBy=timers.

sed With the last g all text is replaced not just the first Replace text inline using sed (does not work with symlinks) sed -i 's/TO_BE_REPLACED/NEW_TEXT/g' FILE_HERE Replace text output to stdout sed 's/TO_BE_REPLACED/NEW_TEXT/g' FILE_HERE awk Show specific column of line awk '{ print $N }' where N is column number cut cut -d' ' -fN where d is the delimiter and N is the colum number perl Replace new line with space

I’m honesly not sure if these are vi or vim specific as I use a mac and Debian machine, but here’s some fun stuff I’ve learned over the years. I started as a nano person, but am finaly sitting down and using vi/m more and more. In command mode (make sure to hit esc) Go to start of file gg Go to end of file G Delete from line to start of file dgg

To use max XZ compression and all cores add export XZ_OPT='-T0 -9' to the end of your ~/.bashrc file. To use all cores add export XZ_OPT='-T0' to the end of your ~/.bashrc file. To use max XZ compression add export XZ_OPT='-9' to the end of your ~/.bashrc file. Then exit terminal and go back or source ~/.bashrc

Here’s some fun stuff to learn about the urbackup appliance By default there is no firewall, but it’s locked down so one’s not needed, but I installed one anyway You should be able to sudo su - from the admin user, if not; shut the appliance down, then in grub hit e, then add init=/bin/bash at the end of the line that says quiet, then CTRL+X to boot, then echo 'admin ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.

This is just basic hints, not a full guide This assumes you have some basic linux knowledge Download identity and storagenode from github (I like to download these things to /opt/storj/) Create auth token HERE Create identity HERE (This took about 4 hours on my node | E3-1280 V2) storagenode setup. This will create config file and other needed files in ~/.local/share/storj/storagenode/config.yaml and ~/.local/share/storj/storagenode/storage Now you need to edit ~/.local/share/storj/storagenode/config.yaml and make changes as needed (wallet, identity files and data storage locations, email, storage size)

./imapsync --host1 server1.domain.com --user1 [email protected] --password1 'password' --host2 server2.domain.com --user2 [email protected] --password2 'password' --delete2 --delete2 will preform a 1 way sync from server1 to server2

On most Linux distros it is possible to generate the htpasswd file entries simply using the htpasswd command line util. On FreeBSD the easiest way to accomplish the same task is using OpenSSL itself openssl passwd -apr1 >> /path/to/htpasswd.file Enter the password twice and the hash will be printed into the file Then open the file and add the username followed with a : before the hash It will look like username:password_hash

The files might change, but pretty much just add /S as a switch to the software to do it quietly UrBackup Client *.exe /S $programfiles\UrBackup\Uninstall.exe /S

This is still a WIP. Prepare image Download Appliance Unzip unzip urbackup-app-10-0.img.zip Now upload unzipped image somewhere public. Backblaze/S3 would be a great use for this Write image to disk in ServerCheap.net Create new instance Shutdown new instance Enable Rescue Mode SSH into rescued device using creds given Install required software apt update; apt install curl Download image and burn to disk curl https://URL-TO-FILE/urbackup-system-disk.img | dd of=/dev/vda You should now be able to disable rescue mode and boot it up

By default the policyd is using IPv6. This needs to be forced to use IPv4 since the VPS I’m using doesn’t seem to have IPv6 enabled nano /etc/supervisor/conf.d/policyd.conf Replace command=/srv/modoboa/env/bin/python /srv/modoboa/instance/manage.py policy_daemon with command=/srv/modoboa/env/bin/python /srv/modoboa/instance/manage.py policy_daemon --host 127.0.0.1

git clone https://github.com/modoboa/modoboa-installer cd modoboa-installer ./run.py --stop-after-configfile-check domain.com nano installer.cfg Add the folloing to installer.cfg [database] engine = mysql host = 127.0.0.1 install = true

This is very useful when working with VPSes where you can’t paste into the VNC connection (maybe I’m doing something wrong and you can?). Below is a quick piece of code I use. This should be ran as the user and not root. This sleeps for 5 seconds so you can navigate to where you need. sleep 5s; xdotool type CODE_TO_TYPE_HERE This is very easy and simple, but since I just switched to Debian full time from Windows it was a nice/easy way.

I recnetly decided to switch to Debian full time for my personal laptop (Lenovo Thinkpad X1 Yoga Gen 3), after using it for a week or so I noticed that when I closed the lid it would die after less than a day. After some googleing I found the answer and they are below. I also noticed that the machine never seemed to wake up like it did on Windows (just open it and it should come alive), after switching over to deep_sleep it fixed that issue.

Here’s a couple tips and tricks while using dd on Linux You can view the status of an on-going dd command (I always forget to run with progress or the version you’re using doesn’t have it) You will need another terminal window. Not a problem for me as I always use tmux, some people say screen it better. Find PID of dd process -> ps aux | grep -v grep | grep dd

I always add a file into /etc/sudoers.d/, just remeber the last entry is trump, so it can overturn the first entries. Because of this I always like to name the files like below. /etc/sudoers.d/999_nick /etc/sudoers.d/001_rick /etc/sudoers.d/111_slick-rick /etc/sudoers.d/222_slick-nick This means if there’s an entry in 999_nick that conficts with any of the others it will trump the other configs. This is how to run without password and only specific program, this is useful, for example my telegraf config when it has to run an exec, but the telegraf user doesn’t have perms.

Make sure Backblaze is working with Cloudflare. This can be found HERE Uncomment out the below. I made my Backblaze URL s3.DOMAIN.COM nano /etc/pleroma/config.exs # Configure S3 support if desired. # The public S3 endpoint (base_url) is different depending on region and provider, # consult your S3 provider's documentation for details on what to use. # config :pleroma, Pleroma.Upload, uploader: Pleroma.Uploaders.S3, base_url: "https://s3.DOMAIN.COM/file" # config :pleroma, Pleroma.Uploaders.S3, bucket: "BUCKET_NAME", # bucket_namespace: "my-namespace", # truncated_namespace: nil, streaming_enabled: true, strip_exif: true # # Configure S3 credentials: config :ex_aws, :s3, access_key_id: "0000000000000000000000000", secret_access_key: "AAAAAAAAAAAAAAAAAAAAA", # region: "us-west-002", scheme: "https://" # # For using third-party S3 clones like wasabi, also do: config :ex_aws, :s3, host: "s3.

You have to have at least two keys. Enter car as normal (DUH!! :-b) Find back up key slot, ours is under the cup holder insert, it has a little indent that looks like our key Put key in slot Put in accessory mode by pushing start without foot on brake Wait 3-5 seconds Shutoff car Remove key Put 2nd key in place Put in accessory mode by pushing start without foot on brake once again

Install and configure wireguard I use the Wireguard install script to create the config we import into the wireguard. That is located HERE Generate your first wireguard config. After running the script above it will ask you for a client name, I would name it something relating to opnsense Install Wireguard on OPNSense | System -> Firmware -> Plug-ins -> select and install ‘os-wireguard’ Get to wireguard config | Refresh the page, then go to VPN -> Wireguard