diff --git a/old/restore.sh b/old/restore.sh deleted file mode 100644 index 68cca42..0000000 --- a/old/restore.sh +++ /dev/null @@ -1,330 +0,0 @@ -#!/bin/bash - -# =========================================================================== -# This script must be executed by root privilege -if [[ $(id -u) -ne 0 ]]; then - echo -e "\e[1;31mThis script MUST be executed with root privilege.\e[0m\n" - exit 1 -fi - -# =========================================================================== -# Double check if do run this script -echo -e "\e[1;2;31m[VPS USE ONLY] - Are you sure you want to run this script to re-configure you system???\e[0m" -read -p "Yes/No: " YON -[[ $YON != 'Yes' && $YON != 'YES' && $YON != 'yes' && $YON != 'y' && $YON != 'Y' ]] && exit 2 -echo -e "\e[1;2;33m[VPS USE ONLY] - AGAIN, are you sure you want to run this script to re-configure you system???\e[0m" -read -p "Yes/No: " YON -[[ $YON != 'Yes' && $YON != 'YES' && $YON != 'yes' && $YON != 'y' && $YON != 'Y' ]] && exit 3 - -# =========================================================================== -# extract backup files -vps=`find . -name vps*.tar.xz` -if [[ ! -f flg && $vps != '' ]]; then - echo -e "\n\e[1;34mExtracting backups to current dir...\e[0m\n" - tar -I pixz -xmf vps*.xz - touch flg -elif [[ -f flg ]]; then - echo -e "\n\e[1;32mAlready extracted, doing nothing.\e[0m\n" -else - echo -e "\n\e[1;31mThere is no backup file right here, plz check.\e[0m\n" - exit 4 -fi - -# =========================================================================== -# sone prerequisites in aspect of path & content -echo -e "\n\e[1;34mPreparing initial env...\e[0m\n" -rm -rf /opt/* -mkdir -p /opt/logs -mkdir -p /opt/logs/rclone -mkdir -p /opt/temp -mkdir -p /opt/webdav/{alist,onedrive,wd} -mkdir -p /root/.pip -cp -rf configs scripts source-code websites /opt/ -cp /opt/configs/pip.conf /root/.pip - -# =========================================================================== -# set hostame -echo -e "\n\e[1;34mConfig hostname...\e[0m\n" -echo -ne "\e[1;34mPlz specify hostname: \e[0m" -read -t 600 host -hostnamectl set-hostname $host -name=`hostname` -cat /etc/hosts | grep -q $name -[[ $? -ne 0 ]] && sed -i "/^127/ s|$| $name|g" /etc/hosts - -# =========================================================================== -# config self-defined environment variable and function -echo -e "\n\e[1;34mconfig self-defined environment variable and function...\e[0m\n" -cat /root/.bashrc | grep -q 'toolbox' -[[ $? -ne 0 ]] && echo 'source /opt/scripts/utool/toolbox.sh' >> /root/.bashrc -source /root/.bashrc -chmod +x /opt/scripts/utool/utool.py -rm -rf /usr/local/bin/utool -ln -s /opt/scripts/utool/utool.py /usr/local/bin/utool - -# =========================================================================== -# set apt sources -echo -e "\n\e[1;34mConfig apt source list...\e[0m\n" -cat > /etc/apt/sources.list << EOF -deb https://mirrors.tuna.tsinghua.edu.cn/debian/ $(lsb_release -sc) main contrib non-free -deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ $(lsb_release -sc) main contrib non-free -deb https://mirrors.tuna.tsinghua.edu.cn/debian/ $(lsb_release -sc)-updates main contrib non-free -deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ $(lsb_release -sc)-updates main contrib non-free -deb https://mirrors.tuna.tsinghua.edu.cn/debian/ $(lsb_release -sc)-backports main contrib non-free -deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ $(lsb_release -sc)-backports main contrib non-free -deb https://mirrors.tuna.tsinghua.edu.cn/debian-security $(lsb_release -sc)-security main contrib non-free -deb-src https://mirrors.tuna.tsinghua.edu.cn/debian-security $(lsb_release -sc)-security main contrib non-free -EOF -echo -e "\n\e[1;34mUpdating system...\e[0m\n" -apt update && apt upgrade -y - -# =========================================================================== -# install some frequently used software -echo -e "\n\e[1;34mInstalling some tools...\e[0m\n" -apt install lrzsz unzip vim gcc g++ make automake curl wget gnupg2 aria2 jq apt-transport-https \ - ca-certificates lsb-release debian-archive-keyring oathtool ufw ruby ruby-dev qbittorrent-nox\ - git shc tmux htop pwgen imagemagick bash-completion dnsutils ghostscript nethogs ffmpeg iftop \ - python3-pip python3-dev golang net-tools ethtool tcpflow lshw rsync parallel rclone pigz pbzip2 \ - pixz neofetch mlocate ncdu dstat fzf tldr nscd inotify-hookable inotify-tools vsftpd mtr bridge-utils -y - -# =========================================================================== -# update pip3 setuptools and install jupyter lab -echo -e "\n\e[1;34mupdate pip3 setuptools and install jupyter lab...\e[0m\n" -pip3 install --upgrade setuptools -i https://pypi.tuna.tsinghua.edu.cn/simple -pip3 install --upgrade pip -i https://pypi.tuna.tsinghua.edu.cn/simple -pip3 install ipython -i https://pypi.tuna.tsinghua.edu.cn/simple -pip3 install jupyterlab -i https://pypi.tuna.tsinghua.edu.cn/simple -# cp /root/.jupyter/jupyter_lab_config.py /root/.jupyter/jupyter_lab_config_origin.py -# cp /opt/configs/jupyter/jupyter_lab_config.py /root/.jupyter/ -# nohup jupyter lab --allow-root > /dev/null 2>&1 & - -# =========================================================================== -# configure vim -echo -e "\n\e[1;34mConfig vim editor...\e[0m\n" -cd /opt/configs/tools/ -[[ -d vim ]] && rm -rf vim -unzip -q vimConfig.zip -cd vim && bash install.sh -cd .. && rm -rf vim - -# =========================================================================== -# config ssh git ufw and aria2 -echo -e "\n\e[1;34mConfig publickey ssh && git && ufw && aria2...\e[0m\n" -cd /opt/configs/rsa/ -cp -f VPS* Github* config /root/.ssh/ -cat VPS.pub > /root/.ssh/authorized_keys -echo '' >> /root/.ssh/authorized_keys -chmod 600 /root/.ssh/* - -git config --global user.name 'mffan0922' -git config --global user.email 'mffan0922@163.com' - -# ufw allow 22 -# ufw allow 80 -# ufw allow 443 -ufw disable - -cp -rf /opt/configs/aria2/ /etc/ -> /etc/aria2/aria2.session - -# =========================================================================== -# install nginx -echo -e "\n\e[1;34mInstalling nginx...\e[0m\n" -apt install libpcre3 libpcre3-dev openssl libssl-dev zlib1g-dev libgeoip-dev -y -cd /opt/source-code/nginx-1.22.0/ -./configure --prefix=/usr/local/nginx \ ---with-select_module \ ---with-poll_module \ ---with-threads \ ---with-file-aio \ ---with-http_ssl_module \ ---with-http_v2_module \ ---with-http_realip_module \ ---with-http_addition_module \ ---with-http_geoip_module \ ---with-http_sub_module \ ---with-http_dav_module \ ---with-http_flv_module \ ---with-http_mp4_module \ ---with-http_gunzip_module \ ---with-http_gzip_static_module \ ---with-http_auth_request_module \ ---with-http_random_index_module \ ---with-http_secure_link_module \ ---with-http_degradation_module \ ---with-http_slice_module \ ---with-http_stub_status_module \ ---with-mail \ ---with-mail_ssl_module \ ---with-stream \ ---with-stream_ssl_module \ ---with-stream_realip_module \ ---with-stream_geoip_module \ ---with-stream_ssl_preread_module \ ---user=www-data \ ---group=www-data \ ---add-module=/opt/source-code/nginx-1.22.0/modules/headers-more-nginx-module -make -j 4 && make install -[[ -f /usr/sbin/nginx ]] && rm -rf /usr/sbin/nginx -ln -s /usr/local/nginx/sbin/nginx /usr/sbin/nginx -cp -rf /opt/configs/nginx/nginx.conf /usr/local/nginx/conf/ -cp -rf /opt/configs/nginx/nginx.service /lib/systemd/system/ -systemctl enable nginx.service -systemctl start nginx.service - -# =========================================================================== -# get https certificates -echo -e "\n\e[1;34mSetting https...\e[0m\n" -cd /root/ && git clone git@github.com:acmesh-official/acme.sh.git -cd acme.sh && ./acme.sh --install -m mffan0922@163.com -alias acme.sh=~/.acme.sh/acme.sh -./acme.sh --issue --dns dns_ali -d rustle.cc -d *.rustle.cc -cp /root/.acme.sh/rustle.cc/fullchain.cer /opt/configs/certs/rustle.cc.cer -cp /root/.acme.sh/rustle.cc/rustle.cc.key /opt/configs/certs/ - -# =========================================================================== -# install jekyll -echo -e "\n\e[1;34mInstall jekyll blog env...\e[0m\n" -gem install jekyll jekyll-paginate - -# =========================================================================== -echo -e "\n\e[1;34mInstalling mysql server...\e[0m\n" -cd /opt/configs/mysql/ && dpkg -i mysql-apt-config_0.8.23-1_all.deb -apt update && apt upgrade -y -apt install mysql-server -y -# cp -f /opt/configs/mysql/mysql.cnf /etc/mysql/conf.d/ -systemctl restart mysql.service - -# =========================================================================== -# install php8.0 for nextcloud -echo -e "\n\e[1;34mInstall php8.0...\e[0m\n" -wget -O /usr/share/keyrings/php-archive-keyring.gpg https://packages.sury.org/php/apt.gpg -echo "deb [signed-by=/usr/share/keyrings/php-archive-keyring.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list -apt update && apt upgrade -y -apt install php8.0-fpm php8.0-cli php8.0-mysql php8.0-curl php8.0-gd \ - php8.0-mbstring php8.0-xml php8.0-zip php8.0-imap php8.0-opcache \ - php8.0-soap php8.0-gmp php8.0-bcmath php8.0-intl php8.0-imagick -y - -# =========================================================================== -# configure nextcloud -echo -e "\n\e[1;34mRestore nextcloud env...\e[0m\n" -apt install php8.0-memcache* memcached php8.0-apcu libmagickcore-6.q16-6-extra -y - -echo -e "\n\e[1;34mbackup origin php data and restore previous php data...\e[0m\n" -cp -rf /etc/php/ /tmp/ -cp -rf /opt/configs/php/8.0/fpm/pool.d/www.conf /etc/php/8.0/fpm/pool.d/www.conf -cp -rf /opt/configs/php/8.0/mods-available/apcu.ini /etc/php/8.0/mods-available/apcu.ini -cp -rf /opt/configs/php/8.0/cli/php.ini /etc/php/8.0/cli/php.ini -cp -rf /opt/configs/php/8.0/fpm/php.ini /etc/php/8.0/fpm/php.ini - -# =========================================================================== -# restore mysql data -echo -e "\n\e[1;34mrestore mysql data...\e[0m\n" -cp /opt/configs/mysql/*.gz /root -cd /root && gzip -d sql-*.gz -mysql -uroot < sql-*.sql -rm sql* - -# =========================================================================== -# configure frpc -echo -e "\n\e[1;34mRestore frpc env...\e[0m\n" -cp /opt/source-code/frpc/frpc.service /lib/systemd/system/ -cp /opt/source-code/frpc/frpc-free.service /lib/systemd/system/ -systemctl enable frpc.service -systemctl enable frpc-free.service -systemctl start frpc.service -systemctl start frpc-free.service - -# =========================================================================== -# configure cloudreve -echo -e "\n\e[1;34mRestore cloudreve env...\e[0m\n" -cp /opt/source-code/cloudreve/cloudreve.service /lib/systemd/system/ -systemctl enable cloudreve.service -systemctl start cloudreve.service - -# =========================================================================== -# configure navidrome -echo -e "\n\e[1;34mRestore navidrome env...\e[0m\n" -cp /opt/source-code/navidrome/navidrome.service /lib/systemd/system/ -systemctl enable navidrome.service -systemctl start navidrome.service - -# =========================================================================== -# configure calibre -echo -e "\n\e[1;34mStarting calibre...\e[0m\n" -nohup /usr/bin/python3 /opt/source-code/calibre-web/cps.py > /dev/null 2>&1 & - -# =========================================================================== -# configure blog -echo -e "\n\e[1;34mStarting blog...\e[0m\n" -nohup /usr/bin/ruby2.7 /usr/local/bin/jekyll b -s /opt/source-code/blog/ -d /opt/websites/blog/ --trace --watch --incremental > /dev/null 2>&1 & - -# =========================================================================== -# configure alist -echo -e "\n\e[1;34mConfig alist...\e[0m\n" -cp /opt/source-code/alist/alist.service /lib/systemd/system/ -systemctl enable alist.service -systemctl start alist.service - -# =========================================================================== -# configure rclone -echo -e "\n\e[1;34mConfig rclone...\e[0m\n" -cp -rf /opt/configs/rclone /root/.config/ - -# =========================================================================== -# install php-8.1 & nodejs 16x -echo -e "\n\e[1;34mInstall php-8.1 & nodejs 16x for monica...\e[0m\n" -apt install -y php8.1 php8.1-bcmath php8.1-curl php8.1-gd php8.1-gmp php8.1-intl \ - php8.1-mbstring php8.1-mysql php8.1-redis php8.1-xml php8.1-zip -curl -sSL https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer -curl -fsSL https://deb.nodesource.com/setup_16.x | bash - -apt-get install -y nodejs -npm install --global yarn -cd /opt/source-code/monica/ -composer install --no-interaction --no-dev -yarn install -yarn run production -php artisan key:generate -php artisan setup:production -v - -# =========================================================================== -echo -e "\n\e[1;34mRemove no longer required packages...\e[0m\n" -apt autoremove -y - -# =========================================================================== -echo -e "\n\e[1;34mRestart nginx mariadb php and cloudreve services...\e[0m\n" -systemctl restart nginx.service -systemctl restart mysql.service -systemctl restart cloudreve.service - -# =========================================================================== -echo -e "\n\e[1;34mimprove nextcloud performance...\e[0m\n" -chown -R www-data:www-data /opt/websites/ -# cd /opt/websites/nextcloud/ -# sudo -u www-data php8.0 occ config:app:set files max_chunk_size --value 0 -# sudo -u www-data php8.0 occ files:scan --all - -# =========================================================================== -echo -e "\n\e[1;34mConfig crontabs and set correct timezone...\e[0m\n" -cp -f /opt/configs/crontabs/* /var/spool/cron/crontabs/ -timedatectl set-timezone Asia/Shanghai - -# =========================================================================== -echo -e "\n\e[1;31m基本环境已经安装完成,还需要手动配置如下:\e[0m\n" -echo " 1. 查看Homepage/Wiki/Nav站点是否可以正常访问" -echo " 2. 查看blog生成日志是否正常" -echo " 3. 访问nextcloud/cloudreve站点,是否可以正常登陆,并手动优化" -echo " 4. 手动配置Jupyter Lab" -echo " 5. 检查Navidrome是否能正常播放音乐" -echo " 6. 手动运行一次qbittorrent-nox,并配置相关选项" -echo " 7. 需要手动配置koel,并运行" -echo " 8. 检查frp的运行状态" -echo " 9. 直接访问Calibre Web,看是否可以正常访问" -echo " 10. 需要手动配置monica,并运行" -echo " 11. 手动安装jellyfin,因为可能安装包无法下载,需要去腾讯云主机下载传过来再安装" -echo " 12. 访问Alist主页,看是否可以正常访问" -echo " 13. 访问uptime status,看是否可以正常访问" -echo " 14. 手动安装bashit" -echo " 15. 重启系统" - - diff --git a/update/backups.sh b/update/backups.sh index d9bd7aa..f5d174b 100644 --- a/update/backups.sh +++ b/update/backups.sh @@ -13,12 +13,13 @@ cp -rf /etc/pip.conf /opt/configs/conf/ cp -rf /etc/apt/sources.list /opt/configs/conf/ cp -rf /etc/ssh/sshd_config /opt/configs/conf/ cp -rf /root/.bashrc /opt/configs/conf/bashrc +cp -rf /root/.vim_runtime/my_configs.vim /opt/configs/conf/ cp -rf /root/.ssh/config /opt/configs/conf/ -cp -rf /root/.ssh/authorized_keys /opt/configs/conf/ +cp -rf /etc/samba/smb.conf /opt/configs/conf/ cp -rf /root/.acme.sh/*ecc /opt/configs/acme/ cd /opt && t=`date +%Y%m%dT%H%M%S` -rsync -av --delete apps configs logs scripts websites wd/72-Backups/VPS/ > /opt/logs/rsync/rsync_${t}.log +rsync --delete-after -avz apps configs logs scripts websites wd/72-Backups/VPS/ > /opt/logs/rsync/rsync_${t}.log cd /opt/logs/rsync/ let count=`ls | wc -l` if [[ $count -gt 10 ]]; then diff --git a/update/restore.sh b/update/restore.sh new file mode 100644 index 0000000..7f10c20 --- /dev/null +++ b/update/restore.sh @@ -0,0 +1,328 @@ +#!/bin/bash -e +NOT_ROOT=1 +NOT_CHECK=2 +NOT_FOUND_FILE=3 +WRONG_OPTION=4 +ABORT=9 + +# ============================================================================================================= +# Do the following on the physical machine with a monitor +# ------------------------------------------------------------------------------------------------------------- +# modify /etc/ssh/sshd_config, enable root login, permit password authentication, and restart sshd service +# ------------------------------------------------------------------------------------------------------------- +# modify /etc/network/interfaces, using `ip addr` to get netcard name +# ------------------------------------------------------------------------------------------------------------- +# DHCP +# auto enp1s0 +# allow-hotplug enp1s0 +# iface enp1s0 inet dhcp +# ------------------------------------------------------------------------------------------------------------- +# Manually set +# auto enp2s0 +# allow-hotplug enp2s0 +# iface enp2s0 inet static +# address 192.168.123.54 +# netmask 255.255.255.0 +# gateway 192.168.123.1 +# ------------------------------------------------------------------------------------------------------------- +# configure wireless, using `ifconfig -a` to get all card names, including usb wireless adapter +# auto wlx90de80ca01ec +# allow-hotplug wlx90de80ca01ec +# iface wlx90de80ca01ec inet dhcp +# wpa-conf /opt/configs/conf/wpa.conf +# wpa_passphrase wifi_name wifi_passwd >> /opt/configs/conf/wpa.conf -- need to modify content, using clear text password +# Firstly, testing wireless when there is a wired network, when everything is OK, then do the following: +# ifdown enp2s0 &&ifdown wlx90de80ca01ec && ifup wlx90de80ca01ec +# Finally, pull out the wired network +# ------------------------------------------------------------------------------------------------------------- +# add ssd to fstab +# - set disl reserve space: tune2fs -m 0 /dev/sda +# - /etc/fstab:UUID=c10abddb-35be-4e8e-92cd-96be8a96cb5f /opt/wd ext4 defaults 0 0 +# ------------------------------------------------------------------------------------------------------------- +# lack of bluetooth drivers and wireless net card(Intel AX201)drivers -- ibt-0040-1050.sfi +# cp ibt-0040-0041.sfi ibt-0040-1050.sfi +# cp ibt-0040-0041.ddc ibt-0040-1050.ddc + +# ============================================================================================================= +# This script must be executed by root privilege +if [[ $(id -u) -ne 0 ]]; then + echo -e "\e[1;31mThis script MUST be executed with root privilege.\e[0m\n" + exit $NOT_ROOT +fi + +# ============================================================================================================= +# Check if do run this script +echo -e "\e[1;2;31m[VPS USE ONLY] - Are you sure you want to run this script to re-configure your system???\e[0m" +read -p "Yes/No: " YON +[[ $YON != 'Yes' && $YON != 'YES' && $YON != 'yes' && $YON != 'y' && $YON != 'Y' ]] && exit $NOT_CHECK + +# ============================================================================================================= +# extract backup files +read -p "Next will extract the backup file to current dir, [(S)kip|(A)bort|(Y)es]: " SAY +if [[ $SAY == 's' || $SAY == 'S' || $SAY == 'skip' || $SAY == 'Skip' || $SAY == 'SKIP' ]]; then + : +elif [[ $SAY == 'a' || $SAY == 'A' || $SAY == 'abort' || $SAY == 'Abort' || $SAY == 'ABORT' ]]; then + exit $ABORT +elif [[ $SAY == 'y' || $SAY == 'Y' || $SAY == 'yes' || $SAY == 'Yes' || $SAY == 'YES' ]]; then + vps=`find . -name VPS*.tar.gz` + if [[ ! -f flg && $vps != '' ]]; then + echo -e "\n\e[1;34mExtracting backups to current dir...\e[0m" + tar -I pixz -xmf VPS*.tar.gz + touch flg + elif [[ -f flg ]]; then + echo -e "\n\e[1;32mAlready extracted, doing nothing.\e[0m" + else + echo -e "\n\e[1;31mThere is no backup file right here, plz check.\e[0m" + exit $NOT_FOUND_FILE + fi +else + echo -e "\n\e[1;31mNeed to input correct option, exiting...\e[0m" + exit $WRONG_OPTION +fi + + +# ============================================================================================================= +# using tsinghua sources +echo -e "\n\e[1;34mUpdating the system...\e[0m" +cat > /etc/apt/sources.list << EOF +deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware +deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware +deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware +deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware +deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware +deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware +deb https://mirrors.tuna.tsinghua.edu.cn/debian-security bookworm-security main contrib non-free non-free-firmware +deb-src https://mirrors.tuna.tsinghua.edu.cn/debian-security bookworm-security main contrib non-free non-free-firmware +EOF +apt update && apt upgrade -y + + +# ============================================================================================================= +# install some frequently used software +echo -e "\n\e[1;34mInstalling some useful tools...\e[0m\n" +apt install lrzsz unzip vim gcc g++ make automake curl wget gnupg2 aria2 jq apt-transport-https \ + ca-certificates lsb-release debian-archive-keyring oathtool ufw ruby ruby-dev qbittorrent-nox \ + git shc tmux htop pwgen imagemagick bash-completion dnsutils ghostscript nethogs ffmpeg iftop \ + python3-pip python3-dev golang net-tools ethtool tcpflow lshw rsync parallel rclone pigz pbzip2 \ + pixz neofetch mlocate ncdu dstat fzf tldr nscd inotify-hookable inotify-tools vsftpd mtr bridge-utils \ + socat dos2unix samba libldap2-dev libsasl2-dev smartmontools parted libpcre3 libpcre3-dev openssl \ + libssl-dev zlib1g-dev libgeoip-dev libncurses-dev libpython3-dev fwupd virtualenv wpasupplicant -y + +curl -fsSL https://deb.nodesource.com/setup_20.x | bash - && apt-get install -y nodejs +fwupdmgr get-updates && fwupdmgr update + +# ============================================================================================================= +# restore files +echo -e "\n\e[1;34mRestoring files to /opt && do some configuring...\e[0m\n" +cp -rf VPS/* /opt/ +echo 'source /opt/configs/conf/envfile' >> /root/.bashrc +source /root/.bashrc + +cp /opt/configs/conf/pip.conf /etc/ +cp /opt/configs/conf/sysctl.conf /etc/ && sysctl -p +ln -s /opt/configs/tools/docker-compose /usr/bin/docker-compose +ln -s /opt/apps/syncthing/syncthing /usr/bin/syncthing +systemctl set-default multi-user.target +timedatectl set-timezone "Asia/Shanghai" +echo "Asia/Shanghai" > /etc/timezone +hostnamectl set-hostname "BeeLink" +echo 'supersede domain-name-servers 8.8.8.8, 8.8.4.4, 114.114.114.114;' >> /etc/dhcp/dhclient.conf +systemctl restart networking.service + +cp -rf /opt/configs/rsa/* /root/.ssh/ +cat /root/.ssh/*.pub > /root/.ssh/authorized_keys +chmod 600 /root/.ssh/* + +git config --global user.name 'gitea' +git config --global user.email 'mffan0922@163.com' +git config --global init.defaultBranch main +git config --global credential.helper store +git config --global core.filemode false +git config --global apply.whitespace nowarn +git config --global core.editor vim + +# ufw allow 22 +# ufw allow 80 +# ufw allow 443 +ufw disable + +# ============================================================================================================= +# bash it installation +cd /opt/configs/tools/ && tar -xzf bash_it.tar.gz +mv bash_it /root/.bash_it && cd /root/ +bash .bash_it/install.sh + +# ============================================================================================================= +# vim installation +cd /opt/configs/tools/ && tar -xzf vim_runtime.tar.gz +mv vim_runtime /root/.vim_runtime && cd /root/ +bash .vim_runtime/install_awesome_vimrc.sh +cp /opt/configs/conf/my_configs.vim /root/.vim_runtime/my_configs.vim +# modify /root/.bash_it/themes/brainy/brainy.theme.bash, where 'THEME_SHOW_PYTHON' to true +# modify /root/.bashrc, where change bash_it theme to brainy + +# ============================================================================================================= +# configure frpc +echo -e "\n\e[1;34mRestore frpc env...\e[0m\n" +cp /opt/apps/frp/frpc/frpc-overseas-free.service /lib/systemd/system/ +cp /opt/apps/frp/frpc/frpc-overseas-ssh.service /lib/systemd/system/ +cp /opt/apps/frp/frpc/frpc-overseas-gitea.service /lib/systemd/system/ +cp /opt/apps/frp/frpc/frpc-bilinat-ssh.service /lib/systemd/system/ +systemctl enable frpc-overseas-free.service +systemctl enable frpc-overseas-ssh.service +systemctl enable frpc-overseas-gitea.service +systemctl enable frpc-bilinat-ssh.service +systemctl start frpc-overseas-free.service +systemctl start frpc-overseas-ssh.service +systemctl start frpc-overseas-gitea.service +systemctl start frpc-bilinat-ssh.service + +# ============================================================================================================= +# get https certificates +echo -e "\n\e[1;34mSetting https...\e[0m\n" +cp /opt/configs/tools/acme.sh-3.0.6.tar.gz /root/ && cd /root/ +tar -xzf acme.sh-3.0.6.tar.gz +cd acme.sh-3.0.6/ && bash acme.sh --install -m mffan0922@163.com +alias acme.sh='~/.acme.sh/acme.sh' +cd /root/ && rm -rf acme.sh-3.0.6* +acme.sh --issue -d 'iced.eu.org' -d '*.iced.eu.org' --dns dns_cf +acme.sh --issue -d 'amble.eu.org' -d '*.amble.eu.org' --dns dns_cf +acme.sh --issue -d 'erratic.eu.org' -d '*.erratic.eu.org' --dns dns_cf +acme.sh --issue -d 'ephemeral.eu.org' -d '*.ephemeral.eu.org' --dns dns_cf +acme.sh --issue -d 'rustle.us.eu.org' -d '*.rustle.us.eu.org' --dns dns_cf +acme.sh --issue -d 'rustle.uk.eu.org' -d '*.rustle.uk.eu.org' --dns dns_cf +acme.sh --issue -d 'rustle.cn.eu.org' -d '*.rustle.cn.eu.org' --dns dns_cf +acme.sh --issue -d 'rustle.cc' -d '*.rustle.cc' --dns dns_ali + +# ============================================================================================================= +# install nginx +apt install libpcre3 libpcre3-dev openssl libssl-dev zlib1g-dev libgeoip-dev -y +cd /opt/apps/nginx/ +./configure --prefix=/usr/local/nginx \ + --with-select_module \ + --with-poll_module \ + --with-threads \ + --with-file-aio \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_geoip_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_auth_request_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_degradation_module \ + --with-http_slice_module \ + --with-http_stub_status_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-stream \ + --with-stream_ssl_module \ + --with-stream_realip_module \ + --with-stream_geoip_module \ + --with-stream_ssl_preread_module \ + --user=www-data \ + --group=www-data \ + --add-module=/opt/apps/nginx/modules/headers-more-nginx-module +make -j 4 && make install +[[ -f /usr/sbin/nginx ]] && rm -rf /usr/sbin/nginx +ln -s /usr/local/nginx/sbin/nginx /usr/sbin/nginx +cp -rf /opt/configs/nginx/nginx.conf /usr/local/nginx/conf/ +cp -rf /opt/configs/nginx/domain_confs/ /usr/local/nginx/conf/ +cp -rf /opt/configs/nginx/nginx.service /lib/systemd/system/ +systemctl enable nginx.service +systemctl start nginx.service + +# ============================================================================================================= +# install jekyll +echo -e "\n\e[1;34mInstall jekyll blog env...\e[0m\n" +gem install jekyll jekyll-paginate +jekyll b -s /opt/apps/blog/ -d /opt/websites/blog/ + +# ============================================================================================================= +# configure calibre +echo -e "\n\e[1;34mStarting calibre...\e[0m\n" +cd /opt/apps/calibre/calibre-web-0.6.20/ && rm -rf venv/ +virtualenv venv +source venv/bin/activate +pip3 install -r requirements.txt +deactivate +bash /opt/scripts/update/calibre.sh + +# ============================================================================================================= +# configure alist +echo -e "\n\e[1;34mConfig alist...\e[0m\n" +cp /opt/apps/alist/alist.service /lib/systemd/system/ +systemctl enable alist.service +systemctl start alist.service + +# ============================================================================================================= +# install docker +apt install curl vim wget gnupg dpkg apt-transport-https lsb-release ca-certificates +curl -sSL https://download.docker.com/linux/debian/gpg | gpg --dearmor > /usr/share/keyrings/docker-ce.gpg +echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-ce.gpg] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian $(lsb_release -sc) stable" > /etc/apt/sources.list.d/docker.list +apt update +apt install docker-ce docker-ce-cli containerd.io +cp /opt/configs/conf/daemon.json /etc/docker/ +docker network create -d bridge --subnet=10.10.0.0/24 --gateway 10.10.0.1 inner + +# docker - v2raya/dashboard/gitea/vaultwarden/mysql/photoprism/chatgpt +# docker-compose pull +# docker-compose up -d + +# docker - koel +# docker-compose pull +# docker-compose up -d +# docker exec -it koel bash +# cp .env.example .env +# - FORCE_HTTPS=true +# - APP_URL=https://koel.rustl.cc/ +# - database settings +# - MEDIA_PATH=/opt/apps/localcr/B_koel/local/music +# php artisan koel:init --no-assets +# php artisan koel:admin:change-password +# chown -R www-data:www-data /opt/apps/localcr/B_koel/local/ +# php artisan koel:sync +# /app/Models/User.php --> sprintf('https://www.rustle.cc/assets/img/logo.jpg', md5($this->email)) + +# ============================================================================================================= +# configure cloudreve +echo -e "\n\e[1;34mRestore cloudreve env...\e[0m\n" +cp /opt/apps/cloudreve/cloudreve.service /lib/systemd/system/ +systemctl enable cloudreve.service +systemctl start cloudreve.service + +# ============================================================================================================= +# configure syncthing +ln -s /opt/apps/syncthing/syncthing /usr/bin/syncthing +cp /opt/apps/syncthing/syncthing@root.service /lib/systemd/system/ +systemctl enable syncthing@root.service +systemctl start syncthing@root.service +# vim /root/.config/syncthing/config.xml + +# ============================================================================================================= +# configure samba +cp /opt/configs/conf/smb.conf /etc/samba/ +smbpasswd -a root +systemctl restart smbd.service +# net use * /delete + +# ============================================================================================================= +# POST INSTALLATION +echo -e "\n\e[1;34m[POST INSTALLATION] Wait, there is something to do...\e[0m\n" +echo -e "\e[1;32m 1. open v2raya, and pull the docker images" +echo -e "\e[1;32m 2. manually start qbittorrent, and modify password and more" +echo -e "\e[1;32m 3. manually start syncthing, and modify ~/.config/syncthing/config.xml" +echo -e "\e[1;32m 4. manually start cloudreve" +echo -e "\e[1;32m 5. manually start dockers" +echo -e "\e[1;32m 6. manually configure the cron service" +echo -e "\e[1;32m 7. manually configure samba service" +echo -e "\e[1;32m 9. reboot serer, and see if all service function properly" + +