This repo provides some useful scripts for setting up and configuring remote servers quickly.
- Utilities:
screenfetch htop nano - Hosting utils:
mariadb-server nginx-full certbot python3-certbot-nginx - Webmin (adds repo automatically):
webmin libsocket6-perl - Docker (adds repo automatically):
docker-ce docker-ce-cli containerd.io - docker-compose and bash autocompletion (using curl)
- Adding a sudo user & setting their password (if docker is installed also adds the user to the
dockergroup) - Setting the SSH server port to a random port above 49152 and disabling root access
Run as root:
wget https://raw.githubusercontent.com/das-kaesebrot/server-scripts/main/buster/install.sh -O install-tmp.sh && chmod +x install-tmp.sh && ./install-tmp.sh && rm install-tmp.shor as a privileged user:
sudo sh -c "wget https://raw.githubusercontent.com/das-kaesebrot/server-scripts/main/buster/install.sh -O install-tmp.sh && chmod +x install-tmp.sh && ./install-tmp.sh && rm install-tmp.sh"THIS SCRIPT HAS BEEN MADE OBSOLETE BY das-kaesebrot/wg-interactive AND WILL NOT BE UPDATED ANYMORE
This script allows you to interactively add peers to an existing WireGuard VPN configuration, appending the new peer to the server configuration and dumping a client configuration to the peers/ subfolder in the process.
You will be prompted for all required options.
Download:
wget https://raw.githubusercontent.com/das-kaesebrot/server-scripts/main/wireguard/add-peer-interactively.shTHIS SCRIPT HAS BEEN MADE OBSOLETE BY das-kaesebrot/nsupdate-dyn AND WILL NOT BE UPDATED ANYMORE
This script allows you to update multiple A records of subdomains of a given bind9 zone non-interactively and periodically (for example using a cron job) to your external IPv4 address, in case you have a dynamic one. It will only run an update if an IP change is detected, otherwise it will skip the update.
Be sure to replace all the required values in the script before running it (no trailing dots for domains, these will be added):
KEY="/path/to/your/key.conf"
DOMAINS=("1.dyn.example.com" "2.dyn.example.com")
ZONE="dyn.example.com"
SERVER="ns1.example.com"To download and install the script as a cron job, run the following commands in your shell as root or with sudo as a privileged user.
Download to current directory:
wget https://raw.githubusercontent.com/das-kaesebrot/server-scripts/main/nsupdate/do-nsupdate.shEdit the required values:
KEY="/path/to/your/key.conf"
DOMAINS=("1.dyn.example.com" "2.dyn.example.com")
ZONE="dyn.example.com"
SERVER="ns1.example.com"Open the cron job editor:
crontab -eAppend to your cron file:
# Dynamic DNS updates every 10 minutes
*/10 * * * * /path/to/script/do-nsupdate.shFeel free to replace the amount of minutes (*/10) to your liking.
This script will dump all databases into a file into the current directory and is supposed to be used in combination with rsnapshot.
Download to current directory:
wget https://raw.githubusercontent.com/das-kaesebrot/server-scripts/main/mysqldump/dump-all-databases.shLog in as root to your database and execute the following commands:
CREATE USER 'backupuser'@'localhost'; -- Create local backup user without password
GRANT SELECT, RELOAD, LOCK TABLES, SHOW VIEW ON *.* TO 'backupuser'@'localhost'; -- Grant read permissions on all databases to user
REVOKE SELECT, RELOAD, LOCK TABLES, SHOW VIEW ON mysql.* FROM 'backupuser'@'localhost'; -- Revoke perms from mysql system tables - this is optional but recommended for security purposes
FLUSH PRIVILEGES;Append to /etc/rsnapshot.conf (make sure to tab properly):
backup_script /path/to/script/dump-all-databases.sh mysqlbackup/