Upd server

Lib.sh

@@ -11,6 +11,32 @@ mkcd(){
 	cd "$1"
 }
 
+CpItem(){
+	[ -f "${ScopePath}$1" ] && cpfile "$1"
+	[ -d "${ScopePath}$1" ] && cpdir "$1"
+}
+
+CpItems(){
+	for p in $@
+	do
+		CpItem "$p"
+	done
+}
+
+CpSub(){
+	LBase="$1"; shift
+	RBase="$1"; shift
+	for s in $@
+	do
+		CpItems ${LBase}${s}${RBase}
+	done
+}
+
+CpSufx(){
+	Base="$1"; shift
+	CpSub "$Base" "" $@
+}
+
 cpfile(){
     echo "$1"
     rm -rf "./$1" && \

Server/Repo.Update.sh

@@ -6,32 +6,24 @@ h=home/pi
 
 SetScope Root
 mkcd ./Root
-	mkdir -vp ./etc
-	for p in \
-		diycron
+	CpSufx etc/ diycron
+
+	for f in \
+		diycron ncshell OneShot.AfterBoot bittorrentd \
+		Shiori ShioriFeed \
+		CringeInoltro WinDog \
+		TelegramIndex WebFileManager \
+		SpaccCraft
 	do
-		cp -v /etc/$p ./etc/$p
+		cpfile "etc/systemd/system/$f.service"
 	done
 
-	mkdir -vp ./etc/systemd/system
-	cp -v \
-		/etc/systemd/system/diycron.service \
-		./etc/systemd/system/
+	CpSufx "etc/nginx/sites-available/*." conf old
+	CpSufx "Server/Scripts/Backup/*." sh cfg
+	CpItem Server/Scripts/OneShot.AfterBoot.sh
 
-	mkdir -vp ./etc/nginx/sites-available
-	cp -v \
-		/etc/nginx/sites-available/*.conf /etc/nginx/sites-available/*.old \
-		./etc/nginx/sites-available/
-
-	mkdir -vp ./Server/Scripts/Backup
-	cp -v \
-		/Server/Scripts/Backup/*.sh /Server/Scripts/Backup/*.cfg \
-		./Server/Scripts/Backup/
-
-	mkdir -vp ./Server/Start
-	cp -v /Server/Start/bittorrentd ./Server/Start/
-
-	cpdir Transfers/aria2/Conf
+	CpItem Server/Start/bittorrentd
+	CpItem Transfers/aria2/Conf
 
 cd ..
 

Server/Root/Server/Scripts/Backup/CloudBackup.sh

@@ -27,6 +27,7 @@ BackPathCrypt "Invidious-User" "${BackupKey_Git_Invidious}" ".7z"
 #BackPathCrypt "wallabag-data" "${BackupKey_Git_wallabag}"
 BackPathCrypt "FreshRSS-data" "${BackupKey_Git_FreshRSS}"
 #BackPathCrypt "shiori-data" "${BackupKey_Git_Shiori}"
+# "${BackupKey_Git_aria2}" ".7z"
 GitPush
 cd ..
 

Server/Root/Server/Scripts/OneShot.AfterBoot.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+cd "$( dirname "$( realpath "$0" )" )"
+
+sh ./MountRoots.sh &
+
+while true; do sleep 30; done

Server/Root/Server/Start/bittorrentd

@@ -2,9 +2,13 @@
 cd /Transfers/aria2
 
 # Backup
-7z a -mx9 -mmt1 "./Service.$(date "+%Y-%m-%d.%H:%M:%S").bak" ./Service
+7z a -mx9 -mmt1 "./Service.$(date "+%Y-%m-%d.%H:%M:%S").bak.7z" ./Service
 
-# Download updated trackers from today's lists, add them to aria2.conf
-# with bt-tracker= ...
+while true
+do
+	# Get global trackers updated today
+	Trackers="$(for i in $(curl https://ngosang.github.io/trackerslist/trackers_best.txt; curl https://newtrackon.com/api/stable); do echo "$i,"; done)"
+	[ -n "$Trackers" ] && Trackers="--bt-tracker=$(echo $(echo "$Trackers") | sed 's/ //g')"
 
-aria2c --conf-path=./Conf/Server.conf --daemon=false
+	aria2c --conf-path=./Conf/Server.conf --daemon=false $Trackers
+done

Server/Root/Transfers/aria2/Conf/Server.conf

@@ -11,21 +11,19 @@
 
 # [ Misc ]
 
-# Start as non-blocking - kept disabled for use within a systemd service
-# daemon=true
+# Start as blocking for use within a systemd service
+daemon=false
 
 # Moderate logging to file
 log-level=notice
 log=/Transfers/aria2/Service/Log.log
 
-# Directory for storing downloads
-dir=/Transfers/Storage
-
 # Remote control
 enable-rpc=true
 rpc-listen-all=true
 rpc-listen-port=6800
 rpc-allow-origin-all=true
+rpc-secret=octt.pi
 
 # Session data persistance
 save-session=/Transfers/aria2/Service/Session.dat
@@ -33,6 +31,9 @@ input-file=/Transfers/aria2/Service/Session.dat
 save-cookies=/Transfers/aria2/Service/Cookies.txt
 load-cookies=/Transfers/aria2/Service/Cookies.txt
 
+# Directory for storing downloads
+dir=/Transfers/Storage
+
 # Keep completed downloads in session (for seeding + stats)
 force-save=true
 
@@ -46,6 +47,10 @@ dht-file-path=/Transfers/aria2/Service/DHT.dat
 # Note: if too high, some could end up in swap, and decrease performance
 disk-cache=32MB
 
+# Mapping files in memory consumes high ram
+# Note: can have issues on 32-bit systems
+enable-mmap=false
+
 
 
 # [ Connections ]
@@ -54,10 +59,10 @@ disk-cache=32MB
 disable-ipv6=true
 
 # - 2x default
-max-connection-per-server=2
+max-connection-per-server=4
 
-# Max connections per file
-split=10
+# Max connections per file - 2x default
+split=15
 
 # Don't use multiple peers when file smaller than:
 min-split-size=2M
@@ -73,7 +78,7 @@ bt-load-saved-metadata=true
 # Don't account seeding torrents in global downloads limit
 bt-detach-seed-only=true
 
-# Port ranges
+# Ports or ranges of - More ports avoids too much saturation (?)
 listen-port=6881-6883
 dht-listen-port=6881-6883
 
@@ -89,7 +94,7 @@ bt-lpd-interface=wlan0
 enable-peer-exchange=true
 
 # Max peers per torrent
-bt-max-peers=50
+bt-max-peers=100
 
 # Seed forever
 seed-ratio=0.0

Server/Root/etc/nginx/sites-available/SpaccCloud.conf

@@ -1,36 +1,36 @@
-#server {
-#	listen 443 ssl;
-#	server_name spacccloud.octt.eu.org;
-#	ssl_certificate /etc/letsencrypt/live/spacccloud.octt.eu.org/fullchain.pem;
-#	ssl_certificate_key /etc/letsencrypt/live/spacccloud.octt.eu.org/privkey.pem;
-#	ssl_prefer_server_ciphers on;
-#	location / {
-#		proxy_http_version 1.1;
-#		proxy_pass http://localhost:8080;
-#		proxy_set_header X-Real-IP $remote_addr;
-#		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-#		proxy_set_header X-Forwarded-Proto $scheme;
-#		proxy_set_header Upgrade $http_upgrade;
-#		proxy_set_header Connection "upgrade";
-#	}
-#}
+server {
+	listen 443 ssl;
+	server_name spacccloud.octt.eu.org;
+	ssl_certificate /etc/letsencrypt/live/spacccloud.octt.eu.org/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/spacccloud.octt.eu.org/privkey.pem;
+	ssl_prefer_server_ciphers on;
+	location / {
+		proxy_http_version 1.1;
+		proxy_pass http://localhost:8560;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "upgrade";
+	}
+}
 
-#server {
-#	listen 443 ssl;
-#	server_name spacccloud-wfm.octt.eu.org;
-#	ssl_certificate /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/fullchain.pem;
-#	ssl_certificate_key /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/privkey.pem;
-#	ssl_prefer_server_ciphers on;
-#	location / {
-#		proxy_http_version 1.1;
-#		proxy_pass http://localhost:7580;
-#		#add_header Access-Control-Allow-Origin "https://spacccloud.octt.eu.org http://192.168.1.25 http://192.168.1.25:8080";
-#		proxy_set_header X-Real-IP $remote_addr;
-#		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-#		proxy_set_header X-Forwarded-Proto $scheme;
-#		proxy_set_header Upgrade $http_upgrade;
-#		proxy_set_header Connection "upgrade";
-#		sub_filter '</body>' '<script src="//spacccloud.octt.eu.org/WfmInject.js"></script></body>';
-#		sub_filter_once on;
-#	}
-#}
+server {
+	listen 443 ssl;
+	server_name spacccloud-wfm.octt.eu.org;
+	ssl_certificate /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/privkey.pem;
+	ssl_prefer_server_ciphers on;
+	location / {
+		proxy_http_version 1.1;
+		proxy_pass http://localhost:7580;
+		#add_header Access-Control-Allow-Origin "https://spacccloud.octt.eu.org http://192.168.1.25 http://192.168.1.25:8080";
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "upgrade";
+		sub_filter '</body>' '<script src="//spacccloud.octt.eu.org/WfmInject.js"></script></body>';
+		sub_filter_once on;
+	}
+}

Server/Root/etc/nginx/sites-available/root.conf

@@ -1,21 +1,70 @@
 server {
 	listen 80;
 	rewrite ^ https://$host$request_uri? permanent;
+#	location / {
+#		#resolver 127.0.0.1;
+#		proxy_http_version 1.1;
+#		proxy_pass https://127.0.0.1$request_uri?;
+#		proxy_set_header Host $host;
+#		proxy_set_header X-Real-IP $remote_addr;
+#		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+#		proxy_set_header X-Forwarded-Proto $scheme;
+#		proxy_set_header Upgrade $http_upgrade;
+#	}
 }
 
 server {
+	listen 80;
+	listen 443 ssl;
+	server_name octt.ddns.net;
+	ssl_certificate /etc/letsencrypt/live/octt.ddns.net/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/octt.ddns.net/privkey.pem;
+	ssl_prefer_server_ciphers on;
+	rewrite ^ $scheme://hlb0.octt.eu.org$request_uri? permanent;
+}
+
+server {
+	listen 80;
 	listen 81;
 	listen 443 ssl;
 	server_name hlb0.octt.eu.org;
 	ssl_certificate /etc/letsencrypt/live/hlb0.octt.eu.org/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/hlb0.octt.eu.org/privkey.pem; 
 	ssl_prefer_server_ciphers on;
+	error_page 403 = /404.html;
 	error_page 404 = /404.html;
 	location / {
 		root /Server/www/root;
+		if ($request_uri ~ ^([^.\?]*[^/])$) {
+			return 301 $1/;
+		}
+		try_files $uri $uri/ $uri.html;
 		#try_files $uri =404;
-		try_files $uri $uri.html $uri/index.html index.html;
+		#try_files $uri $uri.html $uri/index.html index.html;
 		autoindex off;
 		#error_page 404 = /404.html;
+		#rewrite  ^/(\?.*)?$ index.html$1 permanent;
+	}
+	location /Drive/ {
+		root /Server/www;
+		autoindex on;
+		sub_filter '</head>' '<meta name="viewport" content="width=device-width, initial-scale=1.0"/></head>';
+		sub_filter_once on;
+	}
+	location /Drive/Telegram/ {
+		rewrite ^/Drive/Telegram/(.*)$ /$1 break;
+		proxy_http_version 1.1;
+		proxy_pass http://localhost:8095;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Upgrade $http_upgrade;
+		sub_filter '<a href="/" id="title-a"' '<a style="position: absolute;" href="/Drive/">/Drive/</a><a style="margin-left: 3em;" href="/Drive/Telegram/" id="title-a"';
+		sub_filter '<link href="/'  '<link href="/Drive/Telegram/';
+		sub_filter '<a href="/'     '<a href="/Drive/Telegram/';
+		sub_filter '<img src="/'    '<img src="/Drive/Telegram/';
+		sub_filter '<source src="/' '<source src="/Drive/Telegram/';
+		sub_filter_once off;
 	}
 }

Server/Root/etc/systemd/system/CringeInoltro.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=CringeInoltro
+After=network.target
+StartLimitIntervalSec=0
+[Service]
+Type=simple
+Restart=always
+RestartSec=15
+User=pi
+ExecStart=/Server/CringeInoltro/StartCringeInoltro.py
+[Install]
+WantedBy=multi-user.target

Server/Root/etc/systemd/system/OneShot.AfterBoot.service

@@ -0,0 +1,11 @@
+[Unit]
+Description=OneShot.AfterBoot
+After=network.target
+[Service]
+User=root
+Type=exec
+ExecStart=/Server/Scripts/OneShot.AfterBoot.sh
+Restart=always
+RestartSec=10
+[Install]
+WantedBy=default.target

Server/Root/etc/systemd/system/Shiori.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Shiori
+After=network.target
+[Service]
+User=pi
+Type=exec
+ExecStart=/Server/Shiori/shiori --portable serve -p 8076
+WorkingDirectory=/Server/Shiori/
+Restart=always
+RestartSec=10
+[Install]
+WantedBy=default.target

Server/Root/etc/systemd/system/ShioriFeed.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=ShioriFeed
+After=network.target
+[Service]
+User=pi
+Type=exec
+ExecStart=/Server/Shiori/ShioriFeed.py
+WorkingDirectory=/Server/Shiori/
+Restart=always
+RestartSec=10
+[Install]
+WantedBy=default.target

Server/Root/etc/systemd/system/SpaccCraft.service

@@ -0,0 +1,14 @@
+[Unit]
+Description=spacccraft
+After=network.target
+StartLimitIntervalSec=0
+[Service]
+Type=simple
+Restart=always
+RestartSec=10
+CPUQuota=85%
+MemoryMax=384M
+User=pi
+ExecStart=/Server/SpaccCraft/StartSpaccCraft.sh
+[Install]
+WantedBy=multi-user.target

Server/Root/etc/systemd/system/TelegramIndex.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=TelegramIndex
+After=network.target
+StartLimitIntervalSec=0
+[Service]
+Type=simple
+Restart=always
+RestartSec=15
+User=pi
+WorkingDirectory=/Server/TelegramIndex-Fork
+ExecStart=/usr/bin/bash -c "set -a; source .env; python3 -m app"
+[Install]
+WantedBy=multi-user.target

Server/Root/etc/systemd/system/WebFileManager.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=WebFileManager
+After=network.target
+[Service]
+User=root
+Type=exec
+ExecStart=/usr/local/bin/filebrowser -a 0.0.0.0 -p 7580 -r /
+WorkingDirectory=/Server/SpaccCloud
+Restart=always
+RestartSec=10
+[Install]
+WantedBy=default.target

Server/Root/etc/systemd/system/WinDog.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=windog
+After=network.target
+StartLimitIntervalSec=0
+[Service]
+Type=simple
+Restart=always
+RestartSec=10
+User=pi
+ExecStart=/Server/WinDog/StartWinDog
+[Install]
+WantedBy=multi-user.target

Server/Root/etc/systemd/system/bittorrentd.service

@@ -0,0 +1,16 @@
+[Unit]
+Description=BitTorrent Daemon
+After=network.target
+StartLimitIntervalSec=0
+[Service]
+Type=simple
+Restart=always
+RestartSec=10
+User=pi
+#User=qbtuser
+ExecStart=/Server/Start/bittorrentd
+#CPUQuota=96%
+#MemoryHigh=300M
+#MemoryMax=384M
+[Install]
+WantedBy=multi-user.target

Server/Root/etc/systemd/system/diycron.service

@@ -5,9 +5,9 @@ StartLimitIntervalSec=0
 [Service]
 Type=simple
 Restart=always
-RestartSec=5
-CPUQuota=85%
-MemoryMax=384M
+RestartSec=10
+CPUQuota=90%
+MemoryMax=400M
 User=root
 ExecStart=sh -c "cat /var/log/diycron.log >> /var/log/diycron.log.old; sh /etc/diycron > /var/log/diycron.log"
 [Install]

Server/Root/etc/systemd/system/ncshell.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=ncshell
+After=network.target
+StartLimitIntervalSec=0
+[Service]
+Type=simple
+Restart=always
+RestartSec=3
+User=ncshell
+ExecStart=/usr/bin/ncshell
+[Install]
+WantedBy=multi-user.target