another shuffle
This commit is contained in:
parent
5a03e3cf79
commit
fe08e5d1df
|
@ -1,3 +0,0 @@
|
|||
This folder contains drop-ins you can modify & use for various services.
|
||||
|
||||
Copy, modify, restart/reload your service and you're done!
|
|
@ -36,6 +36,7 @@ ufw allow from 10.0.0.0/24 proto udp to any port 5060
|
|||
ufw allow from 192.168.1.0/24 proto udp to any port 24000:26000
|
||||
ufw allow from 192.168.156.0/24 proto udp to any port 24000:26000
|
||||
ufw allow from 10.0.0.0/24 proto udp to any port 24000:26000
|
||||
ufw allow in on wwan0 proto udp to any port 24000:26000
|
||||
```
|
||||
Enable ufw.
|
||||
```
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
ip route add 192.168.156.0/24 via 192.168.1.xxx
|
|
@ -0,0 +1,83 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Run this script with "(sudo) bash <filename> <args>".
|
||||
|
||||
# Exit on error.
|
||||
#set -eux # debug on
|
||||
set -e
|
||||
|
||||
# Timestamp
|
||||
DATE_STAMP=$(date '+%s')
|
||||
|
||||
############ REMOTE
|
||||
# Host must have SSH keys setup.
|
||||
# Must have access to the below paths & access to the database.
|
||||
SSH_REMOTE_HOST='host'
|
||||
SSH_REMOTE_USER='root'
|
||||
|
||||
# The user to run the _REMOTE_ nextcloud install uses.
|
||||
# For running commands etc.
|
||||
NEXTCLOUD_REMOTE_USER='nextcloud'
|
||||
NEXTCLOUD_REMOTE_DATABASE_NAME='nextcloud'
|
||||
|
||||
# Paths.
|
||||
PHP_REMOTE_BIN='php'
|
||||
NEXTCLOUD_REMOTE_FILE_DATA='/nextcloud/data'
|
||||
NEXTCLOUD_REMOTE_FILE_ROOT='/var/www/nextcloud/htdocs'
|
||||
|
||||
REMOTE_NC_MAINTAINANCE_ON="ssh $SSH_REMOTE_USER@$SSH_REMOTE_HOST sudo -u $NEXTCLOUD_REMOTE_USER $PHP_REMOTE_BIN $NEXTCLOUD_REMOTE_FILE_ROOT/occ maintenance:mode --on"
|
||||
|
||||
REMOTE_NC_MAINTAINANCE_OFF="ssh $SSH_REMOTE_USER@$SSH_REMOTE_HOST sudo -u $NEXTCLOUD_REMOTE_USER $PHP_REMOTE_BIN $NEXTCLOUD_REMOTE_FILE_ROOT/occ maintenance:mode --off"
|
||||
|
||||
REMOTE_DB_CREATE_DUMP="ssh $SSH_REMOTE_USER@$SSH_REMOTE_HOST mysqldump --single-transaction $NEXTCLOUD_REMOTE_DATABASE_NAME > /tmp/nextcloud-$DATE_STAMP.sql"
|
||||
|
||||
############ LOCAL
|
||||
NEXTCLOUD_USER='nextcloud'
|
||||
NEXTCLOUD_DATABASE_NAME='nextcloud'
|
||||
|
||||
# Paths.
|
||||
PHP_BIN='php'
|
||||
NEXTCLOUD_FILE_DATA='/nextcloud/data'
|
||||
NEXTCLOUD_FILE_ROOT='/var/www/nextcloud/htdocs'
|
||||
|
||||
NC_MAINTAINANCE_ON="sudo -u $NEXTCLOUD_USER $PHP_BIN $NEXTCLOUD_FILE_ROOT/occ maintenance:mode --on"
|
||||
|
||||
NC_MAINTAINANCE_OFF="sudo -u $NEXTCLOUD_USER $PHP_BIN $NEXTCLOUD_FILE_ROOT/occ maintenance:mode --off"
|
||||
|
||||
GET_DB_DUMP_FROM_REMOTE="rsync --progress -Aavx $SSH_REMOTE_USER@$SSH_REMOTE_HOST:/tmp/nextcloud-$DATE_STAMP.sql /tmp/nextcloud-$DATE_STAMP.sql"
|
||||
|
||||
GET_DATA_FILES_FROM_REMOTE="rsync --progress -Aavx $SSH_REMOTE_USER@$SSH_REMOTE_HOST:$NEXTCLOUD_REMOTE_FILE_DATA/. $NEXTCLOUD_FILE_DATA"
|
||||
|
||||
GET_NC_FILES_FROM_REMOTE="rsync --progress -Aavx $SSH_REMOTE_USER@$SSH_REMOTE_HOST:$NEXTCLOUD_REMOTE_FILE_ROOT/. $NEXTCLOUD_FILE_ROOT"
|
||||
|
||||
#########
|
||||
|
||||
# Enable remote maintainance mode.
|
||||
${REMOTE_NC_MAINTAINANCE_ON}
|
||||
|
||||
# Make remote dump.
|
||||
${REMOTE_DB_CREATE_DUMP}
|
||||
|
||||
# Enable local maintainance mode.
|
||||
${NC_MAINTAINANCE_ON}
|
||||
|
||||
# Sync nc files.
|
||||
${GET_NC_FILES_FROM_REMOTE}
|
||||
|
||||
# Sync files.
|
||||
${GET_DATA_FILES_FROM_REMOTE}
|
||||
|
||||
# Get database dump.
|
||||
${GET_DB_DUMP_FROM_REMOTE}
|
||||
|
||||
# Disable remote maintainance mode.
|
||||
${REMOTE_NC_MAINTAINANCE_OFF}
|
||||
|
||||
# Restore database dump.
|
||||
# You can't script this due to the redirection.
|
||||
mysql $NEXTCLOUD_DATABASE_NAME < /tmp/nextcloud-$DATE_STAMP.sql && rm /tmp/nextcloud-$DATE_STAMP.sql
|
||||
|
||||
# Disable local maintainance mode.
|
||||
${NC_MAINTAINANCE_OFF}
|
||||
|
||||
echo "$DATE_STAMP OK" >> /tmp/nc-sync.log
|
|
@ -53,6 +53,11 @@ server {
|
|||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
# Proxy Let's Encrypt to acme upstream.
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
proxy_pass http://acme;
|
||||
}
|
||||
|
||||
location / {
|
||||
return 301 https://\$host\$request_uri;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,51 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Run this script with "(sudo) bash <filename> <args>".
|
||||
|
||||
# Exit on error.
|
||||
set -e
|
||||
|
||||
[[ ! "$1" == "yes" ]] && (
|
||||
printf "
|
||||
This script modifies networking and will reboot your system!
|
||||
Please ensure you have backup access.
|
||||
|
||||
DO NOT USE THIS IF YOU HAVE NO DHCP OR NEED STATIC IP ADDRESSING!!
|
||||
|
||||
To confirm, please re-run this script with \"yes\"
|
||||
|
||||
\"%s yes\".\n" "$0"
|
||||
exit 1;
|
||||
)
|
||||
|
||||
# Enable systemd-resolved & link stub-resolv.conf.
|
||||
systemctl enable --now systemd-resolved
|
||||
|
||||
ln -sf /var/run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
|
||||
|
||||
cat << EOF > /etc/systemd/network/10-default-dhcp.network
|
||||
[Match]
|
||||
Name=*
|
||||
|
||||
[Network]
|
||||
DHCP=yes
|
||||
|
||||
DNSOverTLS=opportunistic
|
||||
|
||||
DNS=1.1.1.1
|
||||
|
||||
DNS=1.0.0.1
|
||||
|
||||
# Link discovery causes some issues so disable it.
|
||||
LLDP=no
|
||||
EOF
|
||||
|
||||
# Before rebooting ensure old networking isn't started on boot.
|
||||
systemctl disable networking
|
||||
systemctl enable systemd-networkd
|
||||
|
||||
# Final warning.
|
||||
printf 'Rebooting in 30 seconds, hit ctrl+c to cancel.\n'
|
||||
sleep 30;
|
||||
|
||||
halt --reboot
|
Loading…
Reference in New Issue