add scripts from dmzscripts repo to scripts
This commit is contained in:
parent
d3e2cec3a7
commit
5e4f55af5b
25
scripts/addsubdomain/addsub.sh
Executable file
25
scripts/addsubdomain/addsub.sh
Executable file
@ -0,0 +1,25 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
## Generate TLS certificate for a new subdomain
|
||||||
|
|
||||||
|
DMZKEYFILE="~/.ssh/dmz"
|
||||||
|
|
||||||
|
NGINXHOST=$1
|
||||||
|
SUBDOMAIN=$2
|
||||||
|
|
||||||
|
if [[ -z "$NGINXHOST" ]]; then
|
||||||
|
echo "Set Nginx Host"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z "$SUBDOMAIN" ]]; then
|
||||||
|
echo "Set subdomain"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
ssh-add -t 200 $DMZKEYFILE
|
||||||
|
torsocks scp ./remotecmd $NGINXHOST:/root/remotecmd.sh
|
||||||
|
torsocks scp ./subdomain.krov.dmz.rs $NGINXHOST:/etc/nginx/sites-available/
|
||||||
|
torsocks scp ./subdomain.krov.dmz.rs.https $NGINXHOST:/etc/nginx/sites-available/
|
||||||
|
|
||||||
|
torsocks ssh $NGINXHOST "chmod +x /root/remotecmd.sh; /root/remotecmd.sh $SUBDOMAIN"
|
||||||
|
|
22
scripts/addsubdomain/remotecmd
Executable file
22
scripts/addsubdomain/remotecmd
Executable file
@ -0,0 +1,22 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
SUBDOMAIN=$1
|
||||||
|
|
||||||
|
if [[ -z "$SUBDOMAIN" ]]; then
|
||||||
|
echo "Set subdomain"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
sed -i 's/subdomain/'$SUBDOMAIN'/g' /etc/nginx/sites-available/subdomain.krov.dmz.rs
|
||||||
|
sed -i 's/subdomain/'$SUBDOMAIN'/g' /etc/nginx/sites-available/subdomain.krov.dmz.rs.https
|
||||||
|
mkdir /var/www/"$SUBDOMAIN"krovdmzrs/
|
||||||
|
mv /etc/nginx/sites-available/subdomain.krov.dmz.rs /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs
|
||||||
|
mv /etc/nginx/sites-available/subdomain.krov.dmz.rs.https /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs.https
|
||||||
|
ln -s /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs /etc/nginx/sites-enabled/"$SUBDOMAIN".krov.dmz.rs
|
||||||
|
service nginx reload
|
||||||
|
certbot certonly -d "$SUBDOMAIN".krov.dmz.rs,"$SUBDOMAIN".krov.decentrala.org --webroot -w /var/www/"$SUBDOMAIN"krovdmzrs
|
||||||
|
cat /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs.https > /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs.all
|
||||||
|
mv /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs.all /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs
|
||||||
|
rm /etc/nginx/sites-available/"$SUBDOMAIN".krov.dmz.rs.https
|
||||||
|
service nginx reload
|
||||||
|
rm /root/remotecmd.sh
|
10
scripts/addsubdomain/subdomain.krov.dmz.rs
Normal file
10
scripts/addsubdomain/subdomain.krov.dmz.rs
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
index index.html index.htm index.nginx-debian.html;
|
||||||
|
|
||||||
|
server_name subdomain.krov.dmz.rs subdomain.krov.decentrala.org;
|
||||||
|
|
||||||
|
root /var/www/subdomainkrovdmzrs;
|
||||||
|
}
|
18
scripts/addsubdomain/subdomain.krov.dmz.rs.https
Normal file
18
scripts/addsubdomain/subdomain.krov.dmz.rs.https
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl ;
|
||||||
|
listen [::]:443 ssl ;
|
||||||
|
|
||||||
|
index index.html index.htm index.nginx-debian.html;
|
||||||
|
|
||||||
|
server_name subdomain.krov.dmz.rs subdomain.krov.decentrala.org;
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/subdomain.krov.dmz.rs/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/subdomain.krov.dmz.rs/privkey.pem;
|
||||||
|
ssl_dhparam /etc/ssl/dhparam.pem;
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||||
|
|
||||||
|
root /var/www/subdomainkrovdmzrs;
|
||||||
|
|
||||||
|
resolver 9.9.9.9;
|
||||||
|
}
|
49
scripts/ctcreate/ctcreate.sh
Executable file
49
scripts/ctcreate/ctcreate.sh
Executable file
@ -0,0 +1,49 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
## Create new Linux contanier at a proxmox host
|
||||||
|
|
||||||
|
DMZKEYFILE="~/.ssh/dmz"
|
||||||
|
|
||||||
|
PROXMOXHOST=$1
|
||||||
|
CTHOST=$2
|
||||||
|
|
||||||
|
GENPASS=$( echo $(shuf ../shared/english.txt | head) | sed "s/ //g")
|
||||||
|
|
||||||
|
if [[ -z "$PROXMOXHOST" ]]; then
|
||||||
|
echo "Set Proxmox Host"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z "$CTHOST" ]]; then
|
||||||
|
echo "Set CT hostname"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z "$GENPASS" ]]; then
|
||||||
|
echo "Set CT password"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
ssh-add -t 200 $DMZKEYFILE
|
||||||
|
torsocks scp ./remotecmd $PROXMOXHOST:/root/ctcreate.sh
|
||||||
|
|
||||||
|
torsocks ssh $PROXMOXHOST "chmod +x /root/ctcreate.sh; /root/ctcreate.sh $CTHOST $GENPASS" >> cmdoutput.txt
|
||||||
|
|
||||||
|
CREDS=$( tail -3 cmdoutput.txt)
|
||||||
|
|
||||||
|
rm cmdoutput.txt
|
||||||
|
|
||||||
|
printf "$CREDS\n" | gpg -e -r fram3d@dmz.rs -r sienna@dmz.rs --output ~/src/dmzadmin/credentials/krov/$CTHOST.gpg
|
||||||
|
|
||||||
|
CTIP=$(printf "$CREDS" | head -1 | cut -d'@' -f 2)
|
||||||
|
|
||||||
|
echo Host dmzkrov$CTHOST >> ~/.ssh/autoconfig
|
||||||
|
echo " Hostname" $CTIP >> ~/.ssh/autoconfig
|
||||||
|
echo " ProxyJump" dmzkrovtor12 >> ~/.ssh/autoconfig
|
||||||
|
echo " User" root >> ~/.ssh/autoconfig
|
||||||
|
echo " IdentityFile" /home/anon/.ssh/krov/tor11 >> ~/.ssh/autoconfig
|
||||||
|
echo " PasswordAuthentication" no >> ~/.ssh/autoconfig
|
||||||
|
|
||||||
|
ssh -R $CTIP
|
||||||
|
torsocks scp ./newct dmzkrov$CTHOST:/root/newct.sh
|
||||||
|
torsocks ssh dmzkrov$CTHOST "bash newct.sh; rm newct.sh"
|
||||||
|
torsocks ssh dmzkrov$CTHOST
|
5
scripts/ctcreate/newct
Normal file
5
scripts/ctcreate/newct
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
apt update
|
||||||
|
apt -y dist-upgrade
|
||||||
|
apt install unattended-upgrades
|
||||||
|
dpkg-reconfigure unattended-upgrades
|
41
scripts/ctcreate/remotecmd
Normal file
41
scripts/ctcreate/remotecmd
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
CTHOSTNAME=$1
|
||||||
|
CTPASS=$2
|
||||||
|
|
||||||
|
echo Creating $CTHOSTNAME ...
|
||||||
|
|
||||||
|
# Find last CT and get its ID
|
||||||
|
LASTID=$(pct list | cut -d" " -f1 | tail -1)
|
||||||
|
|
||||||
|
if [[ -z "$CTHOSTNAME" ]]; then
|
||||||
|
echo "CT hostname not set"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z "$CTPASS" ]]; then
|
||||||
|
echo "CT password not set"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z "$LASTID" ]]; then
|
||||||
|
LASTID=99
|
||||||
|
fi
|
||||||
|
|
||||||
|
NEWID=$(($LASTID + 1))
|
||||||
|
|
||||||
|
echo ID of new CT is: $NEWID
|
||||||
|
|
||||||
|
## Find the biggest free IP
|
||||||
|
for i in $(seq $((NEWID + 101)) 254); do ping -W 3 -c 3 192.168.1.$i || break; done
|
||||||
|
CTIP="192.168.1.$i"
|
||||||
|
|
||||||
|
pct create $NEWID local:vztmpl/debian-12-standard_12.2-1_amd64.tar.zst --arch amd64 --cores 2 --features nesting=1 --hostname $CTHOSTNAME --memory 2048 --net0 name=eth0,bridge=vmbr0,firewall=1,gw=192.168.1.1,gw6=2001:470:1f1a:1a4::5,ip=$CTIP/24,ip6=2001:470:1f1a:1a4::$(printf '%x' $((NEWID - 87)))/96,type=veth --onboot 1 --ostype debian --swap 1024 --unprivileged 1 --storage local-lvm --ssh-public-keys /root/.ssh/fram3d.pub --password $CTPASS
|
||||||
|
|
||||||
|
pct set $NEWID --rootfs local-lvm:vm-$NEWID-disk-0,size=32G
|
||||||
|
|
||||||
|
pct start $NEWID
|
||||||
|
|
||||||
|
echo "Creds:"
|
||||||
|
echo "root@$CTIP"
|
||||||
|
echo "root@2001:470:1f1a:1a4::$(printf '%x' $((NEWID - 87)))"
|
||||||
|
echo $CTPASS
|
16
scripts/luserinstall/luserinstall.sh
Executable file
16
scripts/luserinstall/luserinstall.sh
Executable file
@ -0,0 +1,16 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
## Install luser.deb to remote host
|
||||||
|
|
||||||
|
DMZKEYFILE="/home/anon/.ssh/dmz"
|
||||||
|
HOST="$1"
|
||||||
|
|
||||||
|
if [[ -z "$HOST" ]]; then
|
||||||
|
echo "Set Luser Host"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
cd ~/src/luser/build-deb
|
||||||
|
make
|
||||||
|
ssh-add -t 100 $DMZKEYFILE
|
||||||
|
torsocks scp luser.deb $HOST:~/
|
||||||
|
torsocks ssh $HOST "apt install -y /root/luser.deb ; rm /root/luser.deb"
|
2048
scripts/shared/english.txt
Normal file
2048
scripts/shared/english.txt
Normal file
File diff suppressed because it is too large
Load Diff
22
scripts/sshfsshared/sshfsshared.sh
Executable file
22
scripts/sshfsshared/sshfsshared.sh
Executable file
@ -0,0 +1,22 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
## Add accounts and shared folder for two users given as two arguments $1 and $2
|
||||||
|
|
||||||
|
USER1=$1
|
||||||
|
USER2=$2
|
||||||
|
HOST="$3"
|
||||||
|
|
||||||
|
if [[ -z "$USER1" ]]; then
|
||||||
|
echo "Set USER1"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z "$USER2" ]]; then
|
||||||
|
echo "Set USER2"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z "$HOST" ]]; then
|
||||||
|
HOST="dmzkrovsshfs12"
|
||||||
|
fi
|
||||||
|
|
||||||
|
torsocks ssh $HOST "adduser $USER1 ; adduser $USER2 ; groupadd $USER1$USER2 ; adduser $USER2 $USER1$USER2 ; adduser $USER1 $USER1$USER2 ; mkdir /var/shareddirs/$USER1$USER2 ; chown $USER1:$USER1$USER2 /var/shareddirs/$USER1$USER2 ; chmod 2770 /var/shareddirs/$USER1$USER2 "
|
Loading…
Reference in New Issue
Block a user