diff --git a/Lib.sh b/Lib.sh index 1fed703..1c05451 100644 --- a/Lib.sh +++ b/Lib.sh @@ -11,6 +11,32 @@ mkcd(){ cd "$1" } +CpItem(){ + [ -f "${ScopePath}$1" ] && cpfile "$1" + [ -d "${ScopePath}$1" ] && cpdir "$1" +} + +CpItems(){ + for p in $@ + do + CpItem "$p" + done +} + +CpSub(){ + LBase="$1"; shift + RBase="$1"; shift + for s in $@ + do + CpItems ${LBase}${s}${RBase} + done +} + +CpSufx(){ + Base="$1"; shift + CpSub "$Base" "" $@ +} + cpfile(){ echo "$1" rm -rf "./$1" && \ diff --git a/Server/Repo.Update.sh b/Server/Repo.Update.sh index 3169468..00cdf1d 100755 --- a/Server/Repo.Update.sh +++ b/Server/Repo.Update.sh @@ -6,32 +6,24 @@ h=home/pi SetScope Root mkcd ./Root - mkdir -vp ./etc - for p in \ - diycron + CpSufx etc/ diycron + + for f in \ + diycron ncshell OneShot.AfterBoot bittorrentd \ + Shiori ShioriFeed \ + CringeInoltro WinDog \ + TelegramIndex WebFileManager \ + SpaccCraft do - cp -v /etc/$p ./etc/$p + cpfile "etc/systemd/system/$f.service" done - mkdir -vp ./etc/systemd/system - cp -v \ - /etc/systemd/system/diycron.service \ - ./etc/systemd/system/ + CpSufx "etc/nginx/sites-available/*." conf old + CpSufx "Server/Scripts/Backup/*." sh cfg + CpItem Server/Scripts/OneShot.AfterBoot.sh - mkdir -vp ./etc/nginx/sites-available - cp -v \ - /etc/nginx/sites-available/*.conf /etc/nginx/sites-available/*.old \ - ./etc/nginx/sites-available/ - - mkdir -vp ./Server/Scripts/Backup - cp -v \ - /Server/Scripts/Backup/*.sh /Server/Scripts/Backup/*.cfg \ - ./Server/Scripts/Backup/ - - mkdir -vp ./Server/Start - cp -v /Server/Start/bittorrentd ./Server/Start/ - - cpdir Transfers/aria2/Conf + CpItem Server/Start/bittorrentd + CpItem Transfers/aria2/Conf cd .. diff --git a/Server/Root/Server/Scripts/Backup/CloudBackup.sh b/Server/Root/Server/Scripts/Backup/CloudBackup.sh index 5e135f3..8e2fae8 100755 --- a/Server/Root/Server/Scripts/Backup/CloudBackup.sh +++ b/Server/Root/Server/Scripts/Backup/CloudBackup.sh @@ -27,6 +27,7 @@ BackPathCrypt "Invidious-User" "${BackupKey_Git_Invidious}" ".7z" #BackPathCrypt "wallabag-data" "${BackupKey_Git_wallabag}" BackPathCrypt "FreshRSS-data" "${BackupKey_Git_FreshRSS}" #BackPathCrypt "shiori-data" "${BackupKey_Git_Shiori}" +# "${BackupKey_Git_aria2}" ".7z" GitPush cd .. diff --git a/Server/Root/Server/Scripts/OneShot.AfterBoot.sh b/Server/Root/Server/Scripts/OneShot.AfterBoot.sh new file mode 100755 index 0000000..80947c9 --- /dev/null +++ b/Server/Root/Server/Scripts/OneShot.AfterBoot.sh @@ -0,0 +1,6 @@ +#!/bin/sh +cd "$( dirname "$( realpath "$0" )" )" + +sh ./MountRoots.sh & + +while true; do sleep 30; done diff --git a/Server/Root/Server/Start/bittorrentd b/Server/Root/Server/Start/bittorrentd index 4c334ee..c17cdbb 100755 --- a/Server/Root/Server/Start/bittorrentd +++ b/Server/Root/Server/Start/bittorrentd @@ -2,9 +2,13 @@ cd /Transfers/aria2 # Backup -7z a -mx9 -mmt1 "./Service.$(date "+%Y-%m-%d.%H:%M:%S").bak" ./Service +7z a -mx9 -mmt1 "./Service.$(date "+%Y-%m-%d.%H:%M:%S").bak.7z" ./Service -# Download updated trackers from today's lists, add them to aria2.conf -# with bt-tracker= ... +while true +do + # Get global trackers updated today + Trackers="$(for i in $(curl https://ngosang.github.io/trackerslist/trackers_best.txt; curl https://newtrackon.com/api/stable); do echo "$i,"; done)" + [ -n "$Trackers" ] && Trackers="--bt-tracker=$(echo $(echo "$Trackers") | sed 's/ //g')" -aria2c --conf-path=./Conf/Server.conf --daemon=false + aria2c --conf-path=./Conf/Server.conf --daemon=false $Trackers +done diff --git a/Server/Root/Transfers/aria2/Conf/Server.conf b/Server/Root/Transfers/aria2/Conf/Server.conf index bee1c05..3ef7804 100644 --- a/Server/Root/Transfers/aria2/Conf/Server.conf +++ b/Server/Root/Transfers/aria2/Conf/Server.conf @@ -11,21 +11,19 @@ # [ Misc ] -# Start as non-blocking - kept disabled for use within a systemd service -# daemon=true +# Start as blocking for use within a systemd service +daemon=false # Moderate logging to file log-level=notice log=/Transfers/aria2/Service/Log.log -# Directory for storing downloads -dir=/Transfers/Storage - # Remote control enable-rpc=true rpc-listen-all=true rpc-listen-port=6800 rpc-allow-origin-all=true +rpc-secret=octt.pi # Session data persistance save-session=/Transfers/aria2/Service/Session.dat @@ -33,6 +31,9 @@ input-file=/Transfers/aria2/Service/Session.dat save-cookies=/Transfers/aria2/Service/Cookies.txt load-cookies=/Transfers/aria2/Service/Cookies.txt +# Directory for storing downloads +dir=/Transfers/Storage + # Keep completed downloads in session (for seeding + stats) force-save=true @@ -46,6 +47,10 @@ dht-file-path=/Transfers/aria2/Service/DHT.dat # Note: if too high, some could end up in swap, and decrease performance disk-cache=32MB +# Mapping files in memory consumes high ram +# Note: can have issues on 32-bit systems +enable-mmap=false + # [ Connections ] @@ -54,10 +59,10 @@ disk-cache=32MB disable-ipv6=true # - 2x default -max-connection-per-server=2 +max-connection-per-server=4 -# Max connections per file -split=10 +# Max connections per file - 2x default +split=15 # Don't use multiple peers when file smaller than: min-split-size=2M @@ -73,7 +78,7 @@ bt-load-saved-metadata=true # Don't account seeding torrents in global downloads limit bt-detach-seed-only=true -# Port ranges +# Ports or ranges of - More ports avoids too much saturation (?) listen-port=6881-6883 dht-listen-port=6881-6883 @@ -89,7 +94,7 @@ bt-lpd-interface=wlan0 enable-peer-exchange=true # Max peers per torrent -bt-max-peers=50 +bt-max-peers=100 # Seed forever seed-ratio=0.0 diff --git a/Server/Root/etc/nginx/sites-available/SpaccCloud.conf b/Server/Root/etc/nginx/sites-available/SpaccCloud.conf index 4f7d61c..10e59b0 100644 --- a/Server/Root/etc/nginx/sites-available/SpaccCloud.conf +++ b/Server/Root/etc/nginx/sites-available/SpaccCloud.conf @@ -1,36 +1,36 @@ -#server { -# listen 443 ssl; -# server_name spacccloud.octt.eu.org; -# ssl_certificate /etc/letsencrypt/live/spacccloud.octt.eu.org/fullchain.pem; -# ssl_certificate_key /etc/letsencrypt/live/spacccloud.octt.eu.org/privkey.pem; -# ssl_prefer_server_ciphers on; -# location / { -# proxy_http_version 1.1; -# proxy_pass http://localhost:8080; -# proxy_set_header X-Real-IP $remote_addr; -# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -# proxy_set_header X-Forwarded-Proto $scheme; -# proxy_set_header Upgrade $http_upgrade; -# proxy_set_header Connection "upgrade"; -# } -#} +server { + listen 443 ssl; + server_name spacccloud.octt.eu.org; + ssl_certificate /etc/letsencrypt/live/spacccloud.octt.eu.org/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/spacccloud.octt.eu.org/privkey.pem; + ssl_prefer_server_ciphers on; + location / { + proxy_http_version 1.1; + proxy_pass http://localhost:8560; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } +} -#server { -# listen 443 ssl; -# server_name spacccloud-wfm.octt.eu.org; -# ssl_certificate /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/fullchain.pem; -# ssl_certificate_key /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/privkey.pem; -# ssl_prefer_server_ciphers on; -# location / { -# proxy_http_version 1.1; -# proxy_pass http://localhost:7580; -# #add_header Access-Control-Allow-Origin "https://spacccloud.octt.eu.org http://192.168.1.25 http://192.168.1.25:8080"; -# proxy_set_header X-Real-IP $remote_addr; -# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -# proxy_set_header X-Forwarded-Proto $scheme; -# proxy_set_header Upgrade $http_upgrade; -# proxy_set_header Connection "upgrade"; -# sub_filter '' ''; -# sub_filter_once on; -# } -#} +server { + listen 443 ssl; + server_name spacccloud-wfm.octt.eu.org; + ssl_certificate /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/privkey.pem; + ssl_prefer_server_ciphers on; + location / { + proxy_http_version 1.1; + proxy_pass http://localhost:7580; + #add_header Access-Control-Allow-Origin "https://spacccloud.octt.eu.org http://192.168.1.25 http://192.168.1.25:8080"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + sub_filter '' ''; + sub_filter_once on; + } +} diff --git a/Server/Root/etc/nginx/sites-available/root.conf b/Server/Root/etc/nginx/sites-available/root.conf index 8ab7ee3..f9da11d 100644 --- a/Server/Root/etc/nginx/sites-available/root.conf +++ b/Server/Root/etc/nginx/sites-available/root.conf @@ -1,21 +1,70 @@ server { listen 80; rewrite ^ https://$host$request_uri? permanent; +# location / { +# #resolver 127.0.0.1; +# proxy_http_version 1.1; +# proxy_pass https://127.0.0.1$request_uri?; +# proxy_set_header Host $host; +# proxy_set_header X-Real-IP $remote_addr; +# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +# proxy_set_header X-Forwarded-Proto $scheme; +# proxy_set_header Upgrade $http_upgrade; +# } } server { + listen 80; + listen 443 ssl; + server_name octt.ddns.net; + ssl_certificate /etc/letsencrypt/live/octt.ddns.net/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/octt.ddns.net/privkey.pem; + ssl_prefer_server_ciphers on; + rewrite ^ $scheme://hlb0.octt.eu.org$request_uri? permanent; +} + +server { + listen 80; listen 81; listen 443 ssl; server_name hlb0.octt.eu.org; ssl_certificate /etc/letsencrypt/live/hlb0.octt.eu.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/hlb0.octt.eu.org/privkey.pem; ssl_prefer_server_ciphers on; + error_page 403 = /404.html; error_page 404 = /404.html; location / { root /Server/www/root; + if ($request_uri ~ ^([^.\?]*[^/])$) { + return 301 $1/; + } + try_files $uri $uri/ $uri.html; #try_files $uri =404; - try_files $uri $uri.html $uri/index.html index.html; + #try_files $uri $uri.html $uri/index.html index.html; autoindex off; #error_page 404 = /404.html; + #rewrite ^/(\?.*)?$ index.html$1 permanent; + } + location /Drive/ { + root /Server/www; + autoindex on; + sub_filter '' ''; + sub_filter_once on; + } + location /Drive/Telegram/ { + rewrite ^/Drive/Telegram/(.*)$ /$1 break; + proxy_http_version 1.1; + proxy_pass http://localhost:8095; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Upgrade $http_upgrade; + sub_filter '/Drive/> /var/log/diycron.log.old; sh /etc/diycron > /var/log/diycron.log" [Install] diff --git a/Server/Root/etc/systemd/system/ncshell.service b/Server/Root/etc/systemd/system/ncshell.service new file mode 100644 index 0000000..6812454 --- /dev/null +++ b/Server/Root/etc/systemd/system/ncshell.service @@ -0,0 +1,12 @@ +[Unit] +Description=ncshell +After=network.target +StartLimitIntervalSec=0 +[Service] +Type=simple +Restart=always +RestartSec=3 +User=ncshell +ExecStart=/usr/bin/ncshell +[Install] +WantedBy=multi-user.target