Implement lots of shortcodes for shell commands

This commit is contained in:
RealStickman 2023-06-02 19:25:19 +02:00
parent f6c35976c7
commit 932e7dd8de
9 changed files with 180 additions and 57 deletions

View File

@ -7,46 +7,68 @@ visible: true
## Getting ACME.SH
[shuser]
```sh
git clone https://github.com/acmesh-official/acme.sh.git
cd ./acme.sh
./acme.sh --install -m my@example.com
./acme.sh --install -m [EMAIL]
```
[/shuser]
## First time ZeroSSL registration
[shuser]
```sh
.acme.sh/acme.sh --register-account -m (email)
.acme.sh/acme.sh --register-account -m [EMAIL]
```
[/shuser]
## Issue new certificate
Needs root to start a server on port 80
[shroot]
```sh
.acme.sh/acme.sh --issue --standalone -d (url)
.acme.sh/acme.sh --issue --standalone -d [DOMAIN]
```
[/shroot]
## Issue new certificate with DNS API
> [Official Documentation](https://github.com/acmesh-official/acme.sh/wiki/dnsapi)
### Gandi
```sh
export GANDI_LIVEDNS_KEY="(api key)"
```
[shuser]
```sh
.acme.sh/acme.sh --issue --dns dns_gandi_livedns -d (domain)
export GANDI_LIVEDNS_KEY="[API KEY]"
```
[/shuser]
[shuser]
```sh
.acme.sh/acme.sh --issue --dns dns_gandi_livedns -d [DOMAIN]
```
[/shuser]
## Install certificate
Make sure to create the `/etc/acme-sh/(url)` directory
[shuser]
```sh
export url={URL} \
export url=[URL] \
&& mkdir -p /etc/acme-sh/{$url} \
&& .acme.sh/acme.sh --install-cert -d $url \
--key-file /etc/acme-sh/{$url}/key.pem \
@ -54,6 +76,8 @@ export url={URL} \
--reloadcmd "sudo systemctl restart nginx"
```
[/shuser]
## Systems Service & Timer
`/etc/systemd/system/acme-sh.service`
@ -87,7 +111,10 @@ WantedBy=timers.target
```
Enable timer
[shroot]
```sh
systemctl enable --now acme-sh.timer
```
[/shroot]

View File

@ -11,8 +11,12 @@ https://github.com/actualbudget/actual-server#persisting-server-data
https://actualbudget.github.io/docs/Installing/Docker#launch-container-using-docker-command
```
[shroot]
```sh
podman run -d --name actualbudget -p 5006:5006 \
-v /mnt/actualbudget:/data \
ghcr.io/actualbudget/actual-server:latest-alpine
```
[/shroot]

View File

@ -16,8 +16,12 @@ Podman in version `3.0` comes with the socket already enabled for the root user.
### Network and Pod
[shroot]
```sh
podman network create net_authentik
podman pod create --name pod_authentik --network net_authentik -p 9000:9000 -p 9443:9443
```
[/shroot]
#### Port Mappings

View File

@ -9,6 +9,10 @@ visible: false
### Debian
[shroot]
```sh
apt install bind9
```
sudo apt install bind9
```
[/shroot]

View File

@ -11,10 +11,14 @@ The VM template needs a few cloud-init tools installed before we can use it with
### Debian
[shroot]
```sh
apt install cloud-init cloud-initramfs-growroot
```
[/shroot]
### AlmaLinux
## Config file

View File

@ -7,78 +7,102 @@ visible: true
## Installation
[shroot]
```sh
apt install isc-dhcp-server
```
[/shroot]
## Configuration
Edit `/etc/default/isc-dhcp-server`
```
INTERFACESv4="{INTERFACE 1} {INTERFACE 2}"
INTERFACESv4="[INTERFACE 1] [INTERFACE 2]"
```
Edit `/etc/dhcp/dhcpd.conf` to set a subnet
```
subnet {NETADDRESS} netmask {SUBNETMASK} {
range {FIRST DHCP} {LAST DHCP};
option subnet-mask {SUBNETMASK};
option routers {GATEWAY};
option domain-name "{NAME}";
option domain-name-servers {DNS SERVER};
subnet [NETADDRESS] netmask [SUBNETMASK] {
range [FIRST DHCP] [LAST DHCP];
option subnet-mask [SUBNETMASK];
option routers [GATEWAY];
option domain-name "[NAME]";
option domain-name-servers [DNS SERVER];
}
```
Edit `/etc/network/interfaces`
```
auto {INTERFACE}
iface {INTERFACE} inet static
address {ADDRESS}
network {NETADDRESS}
netmask {NETMASK}
broadcast {BROADCAST}
auto [INTERFACE]
iface [INTERFACE] inet static
address [ADDRESS]
network [NETADDRESS]
netmask [NETMASK]
broadcast [BROADCAST]
```
Enable the interface
[shroot]
```sh
ifup {INTERFACE}
ifup [INTERFACE]
```
[/shroot]
Restart DHCP Server
[shroot]
```sh
systemctl restart isc-dhcp-server.service
```
[/shroot]
### Enable routing
[shroot]
```sh
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.d/80-forwarding.conf
sysctl -p /etc/sysctl.d/80-forwarding.conf
```
[/shroot]
[shroot]
```sh
iptables -t nat -A POSTROUTING -o (WAN interface) -j MASQUERADE
iptables -A FORWARD -i (LAN interface) -j ACCEPT
iptables -t nat -A POSTROUTING -o [WAN INTERFACE] -j MASQUERADE
iptables -A FORWARD -i [LAN INTERFACE] -j ACCEPT
```
[/shroot]
Make iptables permanent
Select `Yes` during the installation to save current rules
[shroot]
```sh
apt install iptables-persistent
```
[/shroot]
### Enable DHCP-managed fixed IP address
```
host (hostname) {
hardware ethernet (mac);
fixed-address (ip address);
host [HOSTNAME] {
hardware ethernet [MAC ADDRESS];
fixed-address [IP ADDRESS];
}
```
@ -97,19 +121,19 @@ update-static-leases on;
ddns-domainname "testpdns";
ddns-rev-domainname "in-addr.arpa.";
key "(keyname)" {
key "[KEYNAME]" {
algorithm hmac-md5;
secret "(key)";
secret "[KEY]";
};
zone testpdns {
primary 127.0.0.1;
key (keyname);
key [KEYNAME];
}
zone 7.168.192.in-addr.arpa. {
primary 127.0.0.1;
key (keyname);
key [KEYNAME];
}
```
@ -117,12 +141,20 @@ zone 7.168.192.in-addr.arpa. {
DHCP Request
[shroot]
```sh
dhclient -v
```
[/shroot]
Release IP
[shroot]
```sh
# dhclient -v -r
dhclient -v -r
```
[/shroot]

View File

@ -1,18 +1,20 @@
---
title: 'File Operations'
title: "File Operations"
visible: true
---
[toc]
## Workings of file permissions
### Change permissions
To change file permissions use `chmod (-R) XXX (path)`
XXX signify the permissions for the file's owner/group/others respectively
To change file permissions use `chmod (-R) XXX [PATH]`
XXX signify the permissions for the file's owner/group/others respectively
Each X goes from 0 to 7.
What each number means can be easily calculated by looking at what the individual bit values mean.
What each number means can be easily calculated by looking at what the individual bit values mean.
```
0 -> No Permission
@ -21,18 +23,20 @@ What each number means can be easily calculated by looking at what the individua
1 -> Execute Permission
```
A value of 5 therefor gives the permissions "Read" and "Execute".
*To enter a folder, you need the read as well as the execute permission!*
A value of 5 therefor gives the permissions "Read" and "Execute".
_To enter a folder, you need the read as well as the execute permission!_
### Change user and group
Use `chown` to change the owner and group of a file or directory.
If you only want to change the user or the group, only specify the part left or right of `:` respectively.
If you only want to change the user or the group, only specify the part left or right of `:` respectively.
Example:
`chown (-R) (owner):(group) (path)`
`chown (-R) [OWNER]:[GROUP] [PATH]`
## Find biggest files
`find . -type f -print0 | xargs -0 du -s | sort -n | tail -(amount) | cut -f2 | xargs -I{} du -sh {}`
`find . -type f -printf "%s %p\n" | sort -nr | head -5`
`find . -type f -print0 | xargs -0 du -s | sort -n | tail -[AMOUNT] | cut -f2 | xargs -I{} du -sh {}`
`find . -type f -printf "%s %p\n" | sort -nr | head -5`

View File

@ -8,19 +8,19 @@ visible: true
## Other drives
Find uuid with `sudo blkid`
`UUID=(uuid) (mountpath) (filesystem) defaults,noatime 0 2`
`UUID=[UUID] [MOUNTPATH] [FILESYSTEM] defaults,noatime 0 2`
## Samba shares
```sh
//(ip)/(path)/ (mountpath) cifs uid=0,credentials=(path to credentials file),iocharset=utf8,noperm,nofail 0 0
```
//[IP]/[PATH]/ [MOUNTPATH] cifs uid=0,credentials=[CREDENTIALS FILE],iocharset=utf8,noperm,nofail 0 0
```
Example credentials file:
```
user=(user)
password=(password)
user=[USER]
password=[PASSWORD]
domain=WORKGROUP
```

View File

@ -9,29 +9,41 @@ visible: true
Create a gitea user
[shroot]
```sh
useradd -m git
mkdir /etc/gitea
chown git:git -R /etc/gitea
```
[/shroot]
Create the .ssh directory for the git user
[shuser]
```sh
sudo -u git mkdir -p /home/git/.ssh
```
[/shuser]
Get the user id of git with `id git`
## Podman
### Network and Pod
[shroot]
```sh
podman network create net_gitea
podman pod create --name pod_gitea --network net_gitea -p 127.0.0.1:5432:5432 -p 3000:3000 -p 127.0.0.1:2222:22
```
[/shroot]
#### Port Mappings
```
@ -42,8 +54,10 @@ podman pod create --name pod_gitea --network net_gitea -p 127.0.0.1:5432:5432 -p
### Database
[shroot]
```sh
# podman run --name giteadb \
podman run --name giteadb \
-e PGDATA=/var/lib/postgresql/data/pgdata \
-e POSTGRES_USER=gitea \
-e POSTGRES_PASSWORD=gitea \
@ -53,12 +67,16 @@ podman pod create --name pod_gitea --network net_gitea -p 127.0.0.1:5432:5432 -p
-d docker.io/postgres:14
```
[/shroot]
### Application
[shroot]
```sh
# podman run --name gitea \
-e USER_UID=(uid) \
-e USER_GID=(gid) \
podman run --name gitea \
-e USER_UID=[UID] \
-e USER_GID=[GID] \
-e GITEA__database__DB_TYPE=postgres \
-e GITEA__database__HOST=giteadb:5432 \
-e GITEA__database__NAME=gitea \
@ -72,6 +90,8 @@ podman pod create --name pod_gitea --network net_gitea -p 127.0.0.1:5432:5432 -p
-d docker.io/gitea/gitea:latest
```
[/shroot]
**NOTE:** gitea's /data directory must not contain permissions too open. Otherwise the SSH redirection set up below will fail.
`0750` for directories and `0640` is known to work.
@ -81,6 +101,8 @@ The next few lines are used to set up ssh-redirection to gitea if it is used to
Create SSH Keys for gitea
[shuser]
```sh
sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"
sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys
@ -94,6 +116,8 @@ EOF
chmod +x /usr/local/bin/gitea
```
[/shuser]
We've now finished setting up the ssh-redirection.
After that, connect to the Server on port 3000 to finish the installation
The first registered user will be made admin
@ -102,25 +126,37 @@ The first registered user will be made admin
Gitea comes with a management cli. To access it, change into the Container first and su into the user "git".
[shroot]
```sh
podman exec -it gitea bash
su git
```
[/shroot]
### User Management
List users:
[shroot]
```sh
gitea admin user list
```
[/shroot]
Change user password:
[shroot]
```sh
gitea admin user change-password -u (user) -p (password)
gitea admin user change-password -u [USER] -p [PASSWORD]
```
[/shroot]
## Package Management
### Container Registry
@ -129,12 +165,20 @@ Gitea comes with a built-in container registry.
#### Login
[shuser]
```sh
podman login gitea.exu.li
```
[/shuser]
#### Push image
[shuser]
```sh
podman push <IMAGE ID> docker://gitea.exu.li/<OWNER>/<IMAGE>:<TAG>
podman push [IMAGE ID] docker://gitea.exu.li/[OWNER]/[IMAGE]:[TAG]
```
[/shuser]