From dbdcde20eb1c9e1a9e5561506084cf6d3c910260 Mon Sep 17 00:00:00 2001
From: octospacc <octo@tutamail.com>
Date: Fri, 14 Apr 2023 18:47:33 +0200
Subject: [PATCH] Upd

---
 Lib.sh                                        |  6 +++
 Server/Home/.config/aria2/Server.conf         | 42 +++++++++++++++++++
 Server/Repo.Update.sh                         | 39 ++++++++++++-----
 Server/Root/etc/diycron                       |  7 +++-
 .../etc/nginx/sites-available/SpaccCloud.conf | 36 ++++++++--------
 .../etc/nginx/sites-available/fediii.conf     | 25 +++++++++++
 .../Root/etc/nginx/sites-available/fren.conf  | 25 +++++++++++
 7 files changed, 150 insertions(+), 30 deletions(-)
 create mode 100644 Lib.sh
 create mode 100644 Server/Home/.config/aria2/Server.conf
 create mode 100644 Server/Root/etc/nginx/sites-available/fediii.conf
 create mode 100644 Server/Root/etc/nginx/sites-available/fren.conf

diff --git a/Lib.sh b/Lib.sh
new file mode 100644
index 0000000..77a40d4
--- /dev/null
+++ b/Lib.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+mkcd(){
+	mkdir -vp "$1" && \
+	cd "$1"
+}
diff --git a/Server/Home/.config/aria2/Server.conf b/Server/Home/.config/aria2/Server.conf
new file mode 100644
index 0000000..ab6c9e6
--- /dev/null
+++ b/Server/Home/.config/aria2/Server.conf
@@ -0,0 +1,42 @@
+# Promemoria, link per prendere spunto:
+# * https://gist.github.com/qzm/a54559726896d5e6bf21adf2363ad334
+# * https://libreddit.kavin.rocks/r/seedboxes/comments/fz2od8/unlimited_seeding_with_aria2/
+# ** https://pastebin.com/Yyqubrci
+
+
+# Start in the background
+daemon=true
+
+# Avoid spam of debug messages
+log-level=notice
+
+# Directory for downloads
+dir=/media/Disk/Transfers/BitTorrent
+
+# Today no IPv6 on my WAN, so let's avoid overhead
+disable-ipv6=true
+
+# Remote control
+enable-rpc=true
+
+
+# [ BitTorrent ]
+
+# Store metadata to .torrent files
+bt-save-metadata=true
+
+# Peer discovery on the global Internet
+enable-dht=true
+
+# LAN peer discovery
+# Note: it can cause privacy issues, and with many torrents it could flood the LAN
+bt-enable-lpd=true
+
+# Peer exchange for more efficient transmission
+enable-peer-exchange=true
+
+# Seed forever
+seed-ratio=0.0
+
+# [ --- ]
+
diff --git a/Server/Repo.Update.sh b/Server/Repo.Update.sh
index 9f67663..1e7aacf 100755
--- a/Server/Repo.Update.sh
+++ b/Server/Repo.Update.sh
@@ -1,17 +1,34 @@
 #!/bin/sh
 cd "$( dirname "$( realpath "$0" )" )"
-cd ./Root
+. ../Lib.sh
 
-cp -v /etc/diycron ./etc/diycron
+h=home/pi
 
-cp -v \
-	/etc/systemd/system/diycron.service \
-	./etc/systemd/system/
+mkcd ./Root
+	for p in \
+		diycron
+	do
+		cp -v /etc/$p ./etc/$p
+	done
 
-cp -v \
-	/etc/nginx/sites-available/*.conf /etc/nginx/sites-available/*.old \
-	./etc/nginx/sites-available/
+	cp -v \
+		/etc/systemd/system/diycron.service \
+		./etc/systemd/system/
 
-cp -v \
-	/Server/Scripts/Backup/*.sh /Server/Scripts/Backup/*.cfg \
-	./Server/Scripts/Backup/
+	cp -v \
+		/etc/nginx/sites-available/*.conf /etc/nginx/sites-available/*.old \
+		./etc/nginx/sites-available/
+
+	cp -v \
+		/Server/Scripts/Backup/*.sh /Server/Scripts/Backup/*.cfg \
+		./Server/Scripts/Backup/
+
+cd ..
+
+mkcd ./Home
+	mkdir -vp ./.config
+	for p in \
+		aria2
+	do
+		cp -vrT /$h/.config/$p ./.config/$p
+	done
diff --git a/Server/Root/etc/diycron b/Server/Root/etc/diycron
index 2124690..95a7487 100755
--- a/Server/Root/etc/diycron
+++ b/Server/Root/etc/diycron
@@ -13,7 +13,7 @@ hm2s() { echo $((($1*60*60) + ($2*60))); }
 # Setting variables (that always have a "Job" prefix) for each job, to prevent multiple execution.
 ResetJobs() {
 	for Job in \
-		1 2
+		1 2 Certs
 	do eval "Job$Job=0"
 	done
 }
@@ -37,8 +37,11 @@ do
 		#If $(IsDayMin $(hm2s 4 30)) && test $(($(date +%s) / 86400 % 2)) = 0 && sleep 60 && reboot # System reboot every 2 days (every even day)
 		If $(IsDayMin $(hm2s 4 30)) && sleep 60 && reboot # System reboot every night
 
+	# Try to renew SSL certs every 5 days at 4 AM
+		Ifn $JobCerts && If $(IsDayMin $(hm2s 4 0)) && test $(($(date +%s) / 86400 % 9)) = 0 && JobCerts=1 && sleep 60 && /Server/Scripts/RenewCerts.sh
+
 	# Status of all jobs is reset at one time of the day, before or after all execute or have executed (in time).
 		If $(IsDayMin $(hm2s 0 0)) && ResetJobs
 	# Cooldown to wait at each cycle, to save on resources (Should always be less than 60 seconds!).
-	sleep 5
+		sleep 5
 done
diff --git a/Server/Root/etc/nginx/sites-available/SpaccCloud.conf b/Server/Root/etc/nginx/sites-available/SpaccCloud.conf
index 943fdc2..4f7d61c 100644
--- a/Server/Root/etc/nginx/sites-available/SpaccCloud.conf
+++ b/Server/Root/etc/nginx/sites-available/SpaccCloud.conf
@@ -15,20 +15,22 @@
 #	}
 #}
 
-server {
-	listen 443 ssl;
-	server_name spacccloud-wfm.octt.eu.org;
-	ssl_certificate /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/fullchain.pem;
-	ssl_certificate_key /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/privkey.pem;
-	ssl_prefer_server_ciphers on;
-	location / {
-		proxy_http_version 1.1;
-		proxy_pass http://localhost:7580;
-		proxy_set_header Access-Control-Allow-Origin https://spacccloud.octt.eu.org http://192.168.1.25 http://192.168.1.25:8080;
-		proxy_set_header X-Real-IP $remote_addr;
-		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-		proxy_set_header X-Forwarded-Proto $scheme;
-		proxy_set_header Upgrade $http_upgrade;
-		proxy_set_header Connection "upgrade";
-	}
-}
+#server {
+#	listen 443 ssl;
+#	server_name spacccloud-wfm.octt.eu.org;
+#	ssl_certificate /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/fullchain.pem;
+#	ssl_certificate_key /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/privkey.pem;
+#	ssl_prefer_server_ciphers on;
+#	location / {
+#		proxy_http_version 1.1;
+#		proxy_pass http://localhost:7580;
+#		#add_header Access-Control-Allow-Origin "https://spacccloud.octt.eu.org http://192.168.1.25 http://192.168.1.25:8080";
+#		proxy_set_header X-Real-IP $remote_addr;
+#		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+#		proxy_set_header X-Forwarded-Proto $scheme;
+#		proxy_set_header Upgrade $http_upgrade;
+#		proxy_set_header Connection "upgrade";
+#		sub_filter '</body>' '<script src="//spacccloud.octt.eu.org/WfmInject.js"></script></body>';
+#		sub_filter_once on;
+#	}
+#}
diff --git a/Server/Root/etc/nginx/sites-available/fediii.conf b/Server/Root/etc/nginx/sites-available/fediii.conf
new file mode 100644
index 0000000..b5ddbbd
--- /dev/null
+++ b/Server/Root/etc/nginx/sites-available/fediii.conf
@@ -0,0 +1,25 @@
+server {
+	listen 443 ssl;
+	server_name fediii.octt.eu.org;
+	ssl_certificate /etc/letsencrypt/live/fediii.octt.eu.org/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/fediii.octt.eu.org/privkey.pem; 
+	ssl_prefer_server_ciphers on;
+	location / {
+		proxy_http_version 1.1;
+		proxy_pass http://localhost:8331;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "upgrade";
+		sub_filter '</body>' '<link rel="stylesheet" href="/fediii-static/Kbin.css"/><script src="/fediii-static/Kbin.js"></script></body>';
+		sub_filter_once on;
+	}
+	location /fediii-static/ {
+		root /Server/www/;
+		add_header Access-Control-Allow-Origin *;
+		try_files $uri $uri.html $uri/index.html index.html;
+		autoindex off;
+	}
+}
diff --git a/Server/Root/etc/nginx/sites-available/fren.conf b/Server/Root/etc/nginx/sites-available/fren.conf
new file mode 100644
index 0000000..634bad6
--- /dev/null
+++ b/Server/Root/etc/nginx/sites-available/fren.conf
@@ -0,0 +1,25 @@
+server {
+	listen 443 ssl;
+	server_name fren.octt.eu.org;
+	ssl_certificate /etc/letsencrypt/live/fren.octt.eu.org/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/fren.octt.eu.org/privkey.pem; 
+	ssl_prefer_server_ciphers on;
+	location / {
+		proxy_http_version 1.1;
+		proxy_pass https://poliverso.org;
+		#proxy_pass http://localhost:8331;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "upgrade";
+		proxy_set_header Accept-Encoding ''; # Needed for sub_filter
+		#sub_filter 'poliverso.org' 'fren.octt.eu.org';
+		sub_filter '>var baseurl = "https://poliverso.org";</script>' '>var baseurl = "https://fren.octt.eu.org";</script>';
+		sub_filter '="https://poliverso.org/' '="https://fren.octt.eu.org/';
+		sub_filter '<a href="#content"' '<p style="font-size: larger; background: #222222; color: #eeeeee;">NOTICE: Content autonomously proxied from <code>poliverso.org</code>. NOT FOR PUBLIC USE!</p><a href="#content"';
+		sub_filter '</body>' '<link id="fediiiCss" rel="stylesheet" href="//fediii.octt.eu.org/fediii-static/Friendica.css"/><script src="//fediii.octt.eu.org/fediii-static/Lib0.js"></script><script id="fediiiJs" src="//fediii.octt.eu.org/fediii-static/Friendica.js"></script></body>';
+		sub_filter_once off;
+	}
+}