├── .gitmodules ├── LICENSE ├── README.md ├── pve_homelab_installer.sh ├── pve_homelab_toolbox.sh └── src ├── ddclient └── pve_homelab_ct_ddclient_installer.sh ├── guacamole ├── config │ ├── guacamole_duo_sw.sh │ ├── guacamole_totp_sw.sh │ ├── guacamole_tuneup.sh │ └── guacamole_upgrade_sw.sh ├── guacamole_sw.sh ├── pve_homelab_ct_guacamole_installer.sh ├── pve_homelab_ct_guacamole_toolbox.sh └── update-ct.sh ├── guacardp ├── config │ └── bookmarks-ahuacate.json ├── guacardp_sw.sh └── pve_homelab_ct_guacardp_installer.sh ├── hassio ├── automations │ ├── Bedroom Master - Floor Sensor (Blueprint).yaml │ ├── Bedroom Master - Switch Rodret_01 (Blueprint).yaml │ ├── Notification Android TV - Cellular Incoming.yaml │ ├── Notification LG TV - Incoming Cellular.yaml │ ├── Notification LG TV - Incoming WhatsApp.yaml │ ├── Notification Light - Incoming Cellular Call Flash.yaml │ └── Notification Light - Incoming WhatsApp Call Flash.yaml ├── buttons │ ├── background.png │ ├── livetv.png │ └── tvcontrols.png ├── configuration YAML Edits │ └── configuration.yaml ├── headers │ └── now-playing.png ├── images │ ├── Thumbs.db │ ├── icon_phone.png │ ├── icon_whatsapp.png │ ├── notification_sign_1024x1024_doorbell1.png │ ├── notification_sign_1024x1024_electricfail.png │ ├── notification_sign_1024x1024_front_door_open.png │ ├── notification_sign_1024x1024_incoming_call.png │ └── notification_sign_1024x1024_robber.png └── tv_logo │ ├── ABC Australia.png │ ├── AUX1.png │ ├── AUX2.png │ ├── AXN +1.png │ ├── AXN HD.png │ ├── AXN Sci-Fi.png │ ├── Alice.png │ ├── Animal Planet.png │ ├── Bluetooth.png │ ├── Boing.png │ ├── Boomerang.png │ ├── CD.png │ ├── Canale5 HD.png │ ├── Canali TV.png │ ├── Cartoon Network.png │ ├── Cartoonito.png │ ├── Cielo HD.png │ ├── DMAX.png │ ├── Deejay TV HD.png │ ├── EuroSport HD.png │ ├── Eurosport 2 HD.png │ ├── Fire Tv.png │ ├── Focus.png │ ├── IRIS.png │ ├── Italia1 HD.png │ ├── K2.png │ ├── LA7 HD.png │ ├── La 5.png │ ├── Marantz.png │ ├── Media Player.png │ ├── NOVE.png │ ├── Netflix.png │ ├── Nick Junior.png │ ├── Nickelodeon.png │ ├── Premium Action +24.png │ ├── Premium Action HD.png │ ├── Premium Calcio 1 HD.png │ ├── Premium Calcio 2.png │ ├── Premium Calcio 3.png │ ├── Premium Calcio 4.png │ ├── Premium Calcio 5.png │ ├── Premium Calcio 6.png │ ├── Premium Calcio.png │ ├── Premium Cinema +24.jpg │ ├── Premium Cinema 2 +24.jpg │ ├── Premium Cinema 2 HD.png │ ├── Premium Cinema HD.png │ ├── Premium Comedy.png │ ├── Premium Crime +24.jpg │ ├── Premium Crime HD.png │ ├── Premium Emotion.png │ ├── Premium Energy.png │ ├── Premium Extra 1 - GF.jpg │ ├── Premium Joi.png │ ├── Premium Mya.png │ ├── Premium Sport HD.jpg │ ├── Premium Stories.png │ ├── Ps4.png │ ├── RSI LA 1.png │ ├── RSI LA 2.png │ ├── Rai 1 HD.png │ ├── Rai 2 HD.png │ ├── Rai 3 HD.png │ ├── Rai 4.png │ ├── Rai Gulp.png │ ├── Rai Movie.png │ ├── Rai News 24.png │ ├── Rai Premium.png │ ├── Rai Sport 1.png │ ├── Rai Sport 2.png │ ├── Rai YoYo.png │ ├── Real Time HD.png │ ├── Rete4 HD.png │ ├── SBS Australia.png │ ├── SKY.png │ ├── Sky 3D.PNG │ ├── Sky Arte HD.png │ ├── Sky Atlantic +1 HD.png │ ├── Sky Atlantic HD.png │ ├── Sky Calcio 1 HD.png │ ├── Sky Calcio 10.png │ ├── Sky Calcio 11.png │ ├── Sky Calcio 12.png │ ├── Sky Calcio 2 HD.png │ ├── Sky Calcio 3 HD.png │ ├── Sky Calcio 4 HD.png │ ├── Sky Calcio 5 HD.png │ ├── Sky Calcio 6 HD.png │ ├── Sky Calcio 7 HD.png │ ├── Sky Calcio 8 HD.png │ ├── Sky Calcio 9.png │ ├── Sky Sport 1 HD.png │ ├── Sky Sport 2 HD.png │ ├── Sky Sport 24 HD.png │ ├── Sky Sport 3 HD.png │ ├── Sky Sport F1 HD.png │ ├── Sky Sport MotoGP HD.png │ ├── Sky Sport Plus HD.png │ ├── Sky Supercalcio HD.png │ ├── Sky TG24 HD.png │ ├── Sky TG24.png │ ├── Sky Uno +1 HD.png │ ├── Sky Uno HD.png │ ├── Spotify.png │ ├── Super Tennis HD.png │ ├── Super!.png │ ├── TGCOM24.png │ ├── TV Audio.png │ ├── TV8.png │ ├── Thumbs.db │ ├── Tuner.png │ ├── Wii.png │ ├── cielo.png │ ├── deejay.png │ ├── frisbee.png │ ├── italia 2.png │ ├── paramount.png │ ├── rainews24.png │ ├── realtime.png │ ├── sportitalia.jpg │ ├── sportitalia.png │ ├── supertennis.png │ ├── teleradiostereo.png │ └── tv_off.png ├── pihole ├── config │ ├── addon-updatelists_installer.sh │ ├── my_adlists.txt │ ├── my_blacklist_url.txt │ ├── my_regex_blacklist_url.txt │ ├── my_regex_whitelist_url.txt │ ├── my_whitelist_url.txt │ ├── unbound_pihole.conf │ ├── update-pihole.sh │ └── update-pihole_installer.sh ├── pihole_upgrade_sw.sh ├── pve_homelab_ct_pihole_installer.sh └── pve_homelab_ct_pihole_toolbox.sh ├── sftpgo ├── pve_homelab_ct_sftpgo_installer.sh └── sftpgo_sw.sh ├── syncthing ├── pve_homelab_ct_syncthing_installer.sh └── syncthing_sw.sh ├── tails ├── config │ ├── background_update_tails_iso.sh │ └── hook_script_update_tails_iso.sh └── pve_homelab_vm_tails_installer.sh ├── tailscale ├── config │ └── bookmarks-ahuacate.json ├── pve_homelab_ct_tailscale_installer.sh └── tailscale_sw.sh ├── testlab ├── config │ ├── index_port_443.html │ ├── index_port_80.html │ └── test_site ├── pve_homelab_ct_testlab_installer.sh └── testlab_sw.sh └── unifi-controller ├── config └── unifi-controller_backup.sh ├── pve_homelab_ct_unifi-controller_installer.sh ├── pve_homelab_ct_unifi-controller_toolbox.sh └── unifi-controller_sw.sh /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "common"] 2 | path = common 3 | url = https://github.com/ahuacate/common.git 4 | branch = main 5 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 ahuacate 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /pve_homelab_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_installer.sh 4 | # Description: Installer script for PVE Homelab 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Bash command to run script --------------------------------------------------- 8 | 9 | #---- Source Github 10 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_installer.sh)" 11 | 12 | #---- Source local Git 13 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_installer.sh 14 | 15 | #---- Installer Vars --------------------------------------------------------------- 16 | 17 | # Git server 18 | GIT_SERVER='https://github.com' 19 | # Git user 20 | GIT_USER='ahuacate' 21 | # Git repository 22 | GIT_REPO='pve-homelab' 23 | # Git branch 24 | GIT_BRANCH='main' 25 | # Git common 26 | GIT_COMMON='0' 27 | 28 | # Edit this list to set installer products. 29 | # vm_LIST=( "name:build:vm_type:desc" ) 30 | # name ---> name of the main application 31 | # build_model ---> build model/version of the name (i.e omv build version for a nas) 32 | # vm_type ---> 'vm' or 'ct' 33 | # desc ---> description of the main application name 34 | # Fields must match GIT_APP_SCRIPT dir and filename: 35 | # i.e ...//${GIT_REPO}___installer.sh '(i.e .../ubuntu/pve_nas_ct_nas_installer.sh') 36 | vm_LIST=( "pihole:pihole:ct:DNS sinkhole with optional dhcp server" 37 | "ddclient:ddclient:ct:dynamic dns updater" 38 | "guacamole:guacamole:ct:clientless remote desktop gateway" 39 | "guacardp:guacardp:ct:guacamole rdp client" 40 | "sftpgo:sftpgo:ct:sftpgo server" 41 | "syncthing:syncthing:ct:continuous file synchronization program" 42 | "tailscale:tailscale:ct:Zero config VPN service for remote access" 43 | "tails:tails:vm:Leave no trace OS" 44 | "testlab:testlab:ct:testlab CT with nginx and more" 45 | "unifi-controller:unifi-controller:ct:unifi controller" ) 46 | 47 | #----------------------------------------------------------------------------------- 48 | # NO NOT EDIT HERE DOWN 49 | #---- Dependencies ----------------------------------------------------------------- 50 | 51 | #---- Check for Internet connectivity 52 | 53 | # List of well-known websites to test connectivity (in case one is blocked) 54 | websites=( "google.com 443" "github.com 443" "cloudflare.com 443" "apple.com 443" "amazon.com 443" ) 55 | # Loop through each website in the list 56 | for website in "${websites[@]}" 57 | do 58 | # Test internet connectivity 59 | nc -zw1 $website > /dev/null 2>&1 60 | # Check the exit status of the ping command 61 | if [ $? = 0 ] 62 | then 63 | # Flag to track if internet connection is up 64 | connection_up=0 65 | break 66 | else 67 | # Flag to track if internet connection is down 68 | connection_up=1 69 | fi 70 | done 71 | # On connection fail 72 | if [ "$connection_up" = 1 ] 73 | then 74 | echo "Checking for internet connectivity..." 75 | echo -e "Internet connectivity status: \033[0;31mDown\033[0m\n\nCannot proceed without a internet connection.\nFix your PVE hosts internet connection and try again..." 76 | echo 77 | exit 0 78 | fi 79 | 80 | #---- Static Variables ------------------------------------------------------------- 81 | 82 | #---- Set Package Installer Temp Folder 83 | 84 | # Set 'rep_temp' dir 85 | REPO_TEMP='/tmp' 86 | # Change to 'repo temp' dir 87 | cd $REPO_TEMP 88 | 89 | #---- Local Repo path (check if local) 90 | 91 | # For local SRC a 'developer_settings.git' file must exist in repo dir 92 | REPO_PATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P | sed "s/${GIT_USER}.*/$GIT_USER/" )" 93 | 94 | #---- Other Variables -------------------------------------------------------------- 95 | #---- Other Files ------------------------------------------------------------------ 96 | 97 | #---- Package loader 98 | 99 | # Check for local source 100 | if [ -f "$REPO_PATH/common/bash/src/pve_repo_loader.sh" ] && [ "$(sed -n 's/^dev_git_mount=//p' $REPO_PATH/developer_settings.git 2> /dev/null)" = 0 ] 101 | then 102 | # Download Local loader (developer) 103 | source $REPO_PATH/common/bash/src/pve_repo_loader.sh 104 | else 105 | # Download Github loader 106 | wget -qL - https://raw.githubusercontent.com/$GIT_USER/common/main/bash/src/pve_repo_loader.sh -O $REPO_TEMP/pve_repo_loader.sh 107 | chmod +x "$REPO_TEMP/pve_repo_loader.sh" 108 | source $REPO_TEMP/pve_repo_loader.sh 109 | fi 110 | 111 | #---- Body ------------------------------------------------------------------------- 112 | 113 | #---- Run Installer 114 | 115 | # Run repo installer (repo product selector) 116 | source $REPO_PATH/$GIT_REPO/common/bash/src/pve_repo_installer_main.sh 117 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /pve_homelab_toolbox.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_toolbox.sh 4 | # Description: Toolbox script for VM/LXC/CT and Apps 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Bash command to run script --------------------------------------------------- 8 | 9 | #---- Source Github 10 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_toolbox.sh)" 11 | 12 | #---- Source local Git 13 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_toolbox.sh 14 | 15 | #---- Installer Vars --------------------------------------------------------------- 16 | 17 | # Git server 18 | GIT_SERVER='https://github.com' 19 | # Git user 20 | GIT_USER='ahuacate' 21 | # Git repository 22 | GIT_REPO='pve-homelab' 23 | # Git branch 24 | GIT_BRANCH='main' 25 | # Git common 26 | GIT_COMMON='0' 27 | 28 | #----------------------------------------------------------------------------------- 29 | # NO NOT EDIT HERE DOWN 30 | #---- Dependencies ----------------------------------------------------------------- 31 | 32 | #---- Check for Internet connectivity 33 | 34 | # List of well-known websites to test connectivity (in case one is blocked) 35 | websites=( "google.com 443" "github.com 443" "cloudflare.com 443" "apple.com 443" "amazon.com 443" ) 36 | # Loop through each website in the list 37 | for website in "${websites[@]}" 38 | do 39 | # Test internet connectivity 40 | nc -zw1 $website > /dev/null 2>&1 41 | # Check the exit status of the ping command 42 | if [ $? = 0 ] 43 | then 44 | # Flag to track if internet connection is up 45 | connection_up=0 46 | break 47 | else 48 | # Flag to track if internet connection is down 49 | connection_up=1 50 | fi 51 | done 52 | # On connection fail 53 | if [ "$connection_up" = 1 ] 54 | then 55 | echo "Checking for internet connectivity..." 56 | echo -e "Internet connectivity status: \033[0;31mDown\033[0m\n\nCannot proceed without a internet connection.\nFix your PVE hosts internet connection and try again..." 57 | echo 58 | exit 0 59 | fi 60 | 61 | #---- Static Variables ------------------------------------------------------------- 62 | 63 | #---- Set Package Installer Temp Folder 64 | 65 | # Set 'rep_temp' dir 66 | REPO_TEMP='/tmp' 67 | # Change to 'repo temp' dir 68 | cd $REPO_TEMP 69 | 70 | #---- Local Repo path (check if local) 71 | # For local SRC a 'developer_settings.git' file must exist in repo dir 72 | REPO_PATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P | sed "s/${GIT_USER}.*/$GIT_USER/" )" 73 | 74 | #---- Other Variables -------------------------------------------------------------- 75 | #---- Other Files ------------------------------------------------------------------ 76 | 77 | #---- Package loader 78 | 79 | # Check for local source 80 | if [ -f "$REPO_PATH/common/bash/src/pve_repo_loader.sh" ] && [ "$(sed -n 's/^dev_git_mount=//p' $REPO_PATH/developer_settings.git 2> /dev/null)" = 0 ] 81 | then 82 | # Download Local loader (developer) 83 | source $REPO_PATH/common/bash/src/pve_repo_loader.sh 84 | else 85 | # Download Github loader 86 | wget -qL - https://raw.githubusercontent.com/$GIT_USER/common/main/bash/src/pve_repo_loader.sh -O $REPO_TEMP/pve_repo_loader.sh 87 | chmod +x "$REPO_TEMP/pve_repo_loader.sh" 88 | source $REPO_TEMP/pve_repo_loader.sh 89 | fi 90 | 91 | #---- Body ------------------------------------------------------------------------- 92 | 93 | #---- Run Installer 94 | 95 | # Run repo installer (repo product selector) 96 | source $REPO_PATH/$GIT_REPO/common/bash/src/pve_repo_toolbox_main.sh 97 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/ddclient/pve_homelab_ct_ddclient_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_ddclient_installer.sh 4 | # Description: This script is for creating a ddClient CT 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Bash command to run script --------------------------------------------------- 8 | 9 | #---- Source Github 10 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_installer.sh)" 11 | 12 | #---- Source local Git 13 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_installer.sh 14 | 15 | #---- Source ----------------------------------------------------------------------- 16 | #---- Dependencies ----------------------------------------------------------------- 17 | 18 | # Check SMTP Status 19 | check_smtp_status 20 | 21 | #---- Static Variables ------------------------------------------------------------- 22 | 23 | # Easy Script Section Head 24 | SECTION_HEAD='Homelab ddclient' 25 | 26 | # PVE host IP 27 | PVE_HOST_IP=$(hostname -i) 28 | PVE_HOSTNAME=$(hostname) 29 | 30 | # SSHd Status (0 is enabled, 1 is disabled) 31 | SSH_ENABLE=1 32 | 33 | # Developer enable git mounts inside CT (0 is enabled, 1 is disabled) 34 | DEV_GIT_MOUNT_ENABLE=1 35 | 36 | # Set file source (path/filename) of preset variables for 'pvesource_ct_createvm.sh' 37 | PRESET_VAR_SRC="$( dirname "${BASH_SOURCE[0]}" )/$( basename "${BASH_SOURCE[0]}" )" 38 | 39 | #---- Other Variables -------------------------------------------------------------- 40 | 41 | #---- Common Machine Variables 42 | # VM Type ( 'ct' or 'vm' only lowercase ) 43 | VM_TYPE='ct' 44 | # Use DHCP. '0' to disable, '1' to enable. 45 | NET_DHCP='1' 46 | # Set address type 'dhcp4'/'dhcp6' or '0' to disable. 47 | NET_DHCP_TYPE='dhcp4' 48 | # CIDR IPv4 49 | CIDR='24' 50 | # CIDR IPv6 51 | CIDR6='64' 52 | # SSHd Port 53 | SSH_PORT='22' 54 | 55 | #----[COMMON_GENERAL_OPTIONS] 56 | # Hostname 57 | HOSTNAME='ddclient' 58 | # Description for the Container (one word only, no spaces). Shown in the web-interface CT’s summary. 59 | DESCRIPTION='' 60 | # Virtual OS/processor architecture. 61 | ARCH='amd64' 62 | # Allocated memory or RAM (MiB). 63 | MEMORY='256' 64 | # Limit number of CPU sockets to use. Value 0 indicates no CPU limit. 65 | CPULIMIT='0' 66 | # CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. 67 | CPUUNITS='1024' 68 | # The number of cores assigned to the vm/ct. Do not edit - its auto set. 69 | CORES='1' 70 | 71 | #----[COMMON_NET_OPTIONS] 72 | # Bridge to attach the network device to. 73 | BRIDGE='vmbr0' 74 | # A common MAC address with the I/G (Individual/Group) bit not set. 75 | HWADDR="" 76 | # Controls whether this interface’s firewall rules should be used. 77 | FIREWALL='1' 78 | # VLAN tag for this interface (value 0 for none, or VLAN[2-N] to enable). 79 | TAG='0' 80 | # VLAN ids to pass through the interface 81 | TRUNKS="" 82 | # Apply rate limiting to the interface (MB/s). Value "" for unlimited. 83 | RATE="" 84 | # MTU - Maximum transfer unit of the interface. 85 | MTU="" 86 | 87 | #----[COMMON_NET_DNS_OPTIONS] 88 | # Nameserver server IP (IPv4 or IPv6) (value "" for none). 89 | NAMESERVER='192.168.1.5' 90 | # Search domain name (local domain) 91 | SEARCHDOMAIN='local' 92 | 93 | #----[COMMON_NET_STATIC_OPTIONS] 94 | # IP address (IPv4). Only works with static IP (DHCP=0). 95 | IP='192.168.1.252' 96 | # IP address (IPv6). Only works with static IP (DHCP=0). 97 | IP6='' 98 | # Default gateway for traffic (IPv4). Only works with static IP (DHCP=0). 99 | GW='192.168.1.5' 100 | # Default gateway for traffic (IPv6). Only works with static IP (DHCP=0). 101 | GW6='' 102 | 103 | #---- PVE CT 104 | #----[CT_GENERAL_OPTIONS] 105 | # Unprivileged container. '0' to disable, '1' to enable/yes. 106 | CT_UNPRIVILEGED='1' 107 | # Memory swap 108 | CT_SWAP='512' 109 | # OS 110 | CT_OSTYPE='ubuntu' 111 | # Onboot startup 112 | CT_ONBOOT='1' 113 | # Timezone 114 | CT_TIMEZONE='host' 115 | # Root credentials (leave blank for no pwd) 116 | CT_PASSWORD='' 117 | # Virtual OS/processor architecture. 118 | CT_ARCH='amd64' 119 | 120 | #----[CT_FEATURES_OPTIONS] 121 | # Allow using fuse file systems in a container. 122 | CT_FUSE='0' 123 | # For unprivileged containers only: Allow the use of the keyctl() system call. 124 | CT_KEYCTL='0' 125 | # Allow mounting file systems of specific types. (Use 'nfs' or 'cifs' or 'nfs;cifs' for both or leave empty "") 126 | CT_MOUNT='' 127 | # Allow nesting. Best used with unprivileged containers with additional id mapping. 128 | CT_NESTING='0' 129 | # A public key for connecting to the root account over SSH (insert path). 130 | 131 | #----[CT_ROOTFS_OPTIONS] 132 | # Virtual Disk Size (GB). 133 | CT_SIZE='1' 134 | # Explicitly enable or disable ACL support. 135 | CT_ACL='1' 136 | 137 | #----[CT_STARTUP_OPTIONS] 138 | # Startup and shutdown behavior ( '--startup order=1,up=1,down=1' ). 139 | # Order is a non-negative number defining the general startup order. Up=1 means first to start up. Shutdown in done with reverse ordering so down=1 means last to shutdown. 140 | # Up: Startup delay. Defines the interval between this container start and subsequent containers starts. For example, set it to 240 if you want to wait 240 seconds before starting other containers. 141 | # Down: Shutdown timeout. Defines the duration in seconds Proxmox VE should wait for the container to be offline after issuing a shutdown command. By default this value is set to 60, which means that Proxmox VE will issue a shutdown request, wait 60s for the machine to be offline, and if after 60s the machine is still online will notify that the shutdown action failed. 142 | CT_ORDER='2' 143 | CT_UP='30' 144 | CT_DOWN='60' 145 | 146 | #----[CT_NET_OPTIONS] 147 | # Name of the network device as seen from inside the VM/CT. 148 | CT_NAME='eth0' 149 | CT_TYPE='veth' 150 | 151 | #----[CT_OTHER] 152 | # OS Version 153 | CT_OSVERSION='22.04' 154 | # CTID numeric ID of the given container. 155 | CTID='252' 156 | 157 | #----[App_UID_GUID] 158 | # App user 159 | APP_USERNAME='home' 160 | # App user group 161 | APP_GRPNAME='homelab' 162 | 163 | # PiHole Password 164 | APP_PASSWORD='ahuacate' 165 | 166 | #---- Other Files ------------------------------------------------------------------ 167 | 168 | # Required PVESM Storage Mounts for CT ( new version ) 169 | unset pvesm_required_LIST 170 | pvesm_required_LIST=() 171 | while IFS= read -r line 172 | do 173 | [[ "$line" =~ ^\#.*$ ]] && continue 174 | pvesm_required_LIST+=( "$line" ) 175 | done << EOF 176 | # Example 177 | EOF 178 | 179 | #---- Body ------------------------------------------------------------------------- 180 | 181 | #---- Introduction 182 | source $COMMON_PVE_SRC_DIR/pvesource_ct_intro.sh 183 | 184 | #---- Setup PVE CT Variables 185 | # Ubuntu NAS (all) 186 | source $COMMON_PVE_SRC_DIR/pvesource_set_allvmvars.sh 187 | 188 | #---- Create OS CT 189 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createvm.sh 190 | 191 | #---- Configure New CT OS 192 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntubasics.sh 193 | 194 | # Homelab CT unprivileged mapping 195 | if [ "$CT_UNPRIVILEGED" = 1 ] 196 | then 197 | source $COMMON_PVE_SRC_DIR/pvesource_ct_homelab_ctidmapping.sh 198 | fi 199 | 200 | #---- ddclient --------------------------------------------------------------------- 201 | 202 | section "Install ddclient" 203 | 204 | #---- Installing ddclient 205 | msg "Installing ddclient..." 206 | pct exec $CTID -- apt-get install ddclient -y 207 | echo 208 | 209 | msg "Perform a dynamic DNS test run..." 210 | pct exec $CTID -- bash -c 'ddclient -daemon=0 -debug -verbose -noquiet -force' 211 | echo 212 | 213 | #---- Finish Line ------------------------------------------------------------------ 214 | section "Completion Status." 215 | 216 | msg "Success. ${HOSTNAME^} installed. There is no WebGUI for ddclient. CLI configuration only. SSH to your ddclient from your PVE host: 217 | 218 | -- ${WHITE}pct enter ${CTID}${NC}\n" 219 | echo 220 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacamole/config/guacamole_duo_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: guacamole_duo_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../../common" 11 | SHARED="$DIR/../../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | 16 | #---- Other Variables -------------------------------------------------------------- 17 | 18 | # Guacamole latest version 19 | GUAC_VERSION="${GUAC_VERSION:-1.5.1}" 20 | 21 | # Get Tomcat Version 22 | TOMCAT=$(ls /etc/ | grep tomcat) 23 | 24 | # Get Current Guacamole Version 25 | VERSION=$(grep -oP 'Guacamole.API_VERSION = "\K[0-9\.]+' /var/lib/${TOMCAT}/webapps/guacamole/guacamole-common-js/modules/Version.js) 26 | GUAC_VERSION="${GUAC_VERSION:-${VERSION}}" 27 | 28 | # Set SERVER to be the preferred download server from the Apache CDN 29 | SERVER="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VERSION}" 30 | 31 | #---- Other Files ------------------------------------------------------------------ 32 | #---- Body ------------------------------------------------------------------------- 33 | 34 | #---- Prerequisites 35 | 36 | # Run Bash Header 37 | source $COMMON/bash/src/basic_bash_utility.sh 38 | 39 | # Check for Duo extensions and upgrade if found 40 | for file in /etc/guacamole/extensions/guacamole-auth-duo*.jar 41 | do 42 | if [[ -f "$file" ]] 43 | then 44 | echo -e "${RED}WARNING:${NC}\nDuo extension is already installed. Skipping this installation..." 45 | echo 46 | return 47 | fi 48 | done 49 | 50 | #---- Install Guacamole extension 51 | 52 | # Download Guacamole extension 53 | wget -q --show-progress -O guacamole-auth-duo-${GUAC_VERSION}.tar.gz ${SERVER}/binary/guacamole-auth-duo-${GUAC_VERSION}.tar.gz 54 | if [ $? -ne 0 ] 55 | then 56 | echo -e "${RED}WARNING:${NC}\nFailed to download: ${WHITE}guacamole-auth-duo-${GUAC_VERSION}.tar.gz${NC}" 57 | echo 58 | return 59 | fi 60 | 61 | # Stop services 62 | pct_stop_systemctl "$TOMCAT" 63 | pct_stop_systemctl "guacd" 64 | 65 | # Install 66 | tar -xzf guacamole-auth-duo-${GUAC_VERSION}.tar.gz 67 | cp guacamole-auth-duo-${GUAC_VERSION}/guacamole-auth-duo-${GUAC_VERSION}.jar /etc/guacamole/extensions/ 68 | echo -e "Duao extension status: ${YELLOW}installed${NC}" 69 | 70 | # Clean up 71 | rm -rf "guacamole-auth-duo-${GUAC_VERSION}" 72 | rm -f "guacamole-auth-duo-${GUAC_VERSION}.tar.gz" 73 | 74 | # Restart services 75 | pct_start_systemctl "$TOMCAT" 76 | pct_start_systemctl "guacd" 77 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacamole/config/guacamole_totp_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: guacamole_totp_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../../common" 11 | SHARED="$DIR/../../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | #---- Other Variables -------------------------------------------------------------- 16 | 17 | # Guacamole latest version 18 | GUAC_VERSION="${GUAC_VERSION:-1.5.1}" 19 | 20 | # Get Tomcat Version 21 | TOMCAT=$(ls /etc/ | grep tomcat) 22 | 23 | # Get Current Guacamole Version 24 | VERSION=$(grep -oP 'Guacamole.API_VERSION = "\K[0-9\.]+' /var/lib/${TOMCAT}/webapps/guacamole/guacamole-common-js/modules/Version.js) 25 | GUAC_VERSION="${GUAC_VERSION:-${VERSION}}" 26 | 27 | # Set SERVER to be the preferred download server from the Apache CDN 28 | SERVER="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VERSION}" 29 | 30 | #---- Other Files ------------------------------------------------------------------ 31 | #---- Body ------------------------------------------------------------------------- 32 | 33 | #---- Prerequisites 34 | 35 | # Run Bash Header 36 | source $COMMON/bash/src/basic_bash_utility.sh 37 | 38 | # Check for TOTP extensions and upgrade if found 39 | for file in /etc/guacamole/extensions/guacamole-auth-totp*.jar 40 | do 41 | if [[ -f $file ]] 42 | then 43 | echo -e "${RED}WARNING:${NC}\nTOTP extension is already installed. Skipping this installation..." 44 | echo 45 | return 46 | fi 47 | done 48 | 49 | #---- Install Guacamole extension 50 | 51 | # Download Guacamole extension 52 | wget -q --show-progress -O guacamole-auth-totp-${GUAC_VERSION}.tar.gz ${SERVER}/binary/guacamole-auth-totp-${GUAC_VERSION}.tar.gz 53 | if [ $? -ne 0 ] 54 | then 55 | echo -e "${RED}WARNING:${NC}\nFailed to download: ${WHITE}guacamole-auth-totp-${GUAC_VERSION}.tar.gz${NC}" 56 | echo 57 | return 58 | fi 59 | 60 | # Stop services 61 | pct_stop_systemctl "$TOMCAT" 62 | pct_stop_systemctl "guacd" 63 | 64 | # Install 65 | tar -xzf guacamole-auth-totp-${GUAC_VERSION}.tar.gz 66 | cp guacamole-auth-totp-${GUAC_VERSION}/guacamole-auth-totp-${GUAC_VERSION}.jar /etc/guacamole/extensions/ 67 | echo -e "TOTP extension status: ${YELLOW}installed${NC}" 68 | 69 | # Clean up 70 | rm -rf "guacamole-auth-totp-${GUAC_VERSION}" 71 | rm -f "guacamole-auth-totp-${GUAC_VERSION}.tar.gz" 72 | 73 | # Restart services 74 | pct_start_systemctl "$TOMCAT" 75 | pct_start_systemctl "guacd" 76 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacamole/config/guacamole_tuneup.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: guacamole_tuneup.sh 4 | # Description: Source script for CT SW 5 | # This script is for tuning the performance of Guacamole and MySQL 6 | # ---------------------------------------------------------------------------------- 7 | 8 | #---- Source ----------------------------------------------------------------------- 9 | 10 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 11 | COMMON="$DIR/../../../common" 12 | SHARED="$DIR/../../../shared" 13 | 14 | #---- Dependencies ----------------------------------------------------------------- 15 | 16 | # # Check for Crudini installation 17 | # if [[ ! $(dpkg -s crudini 2> /dev/null) ]] 18 | # then 19 | # apt-get install -y crudini > /dev/null 20 | # fi 21 | 22 | #---- Static Variables ------------------------------------------------------------- 23 | 24 | # Tune JAVA via systemd unit 25 | # Set the memory value 26 | java_mem=512 27 | java_mem_heap=1 28 | 29 | #---- Other Variables -------------------------------------------------------------- 30 | 31 | # Get Tomcat Version 32 | TOMCAT=$(ls /etc/ | grep tomcat) 33 | 34 | 35 | #---- Other Files ------------------------------------------------------------------ 36 | #---- Body ------------------------------------------------------------------------- 37 | 38 | #---- Prerequisites 39 | 40 | # Run Bash Header 41 | source $COMMON/bash/src/basic_bash_utility.sh 42 | 43 | 44 | # Stop services 45 | pct_stop_systemctl "$TOMCAT" 46 | pct_stop_systemctl "guacd" 47 | pct_stop_systemctl "mysql.service" 48 | 49 | #---- Tune Guacamole mysqld 50 | 51 | # Set 'mysql' variables to reduce memory usage 52 | # These settings are for basic home Guacamole setup to enable remote access etc 53 | # This action replaces the file '/etc/mysql/my.cnf' 54 | cat < /etc/mysql/my.cnf 55 | # 56 | # The MySQL database server configuration file. 57 | # 58 | # You can copy this to one of: 59 | # - "/etc/mysql/my.cnf" to set global options, 60 | # - "~/.my.cnf" to set user-specific options. 61 | # 62 | # One can use all long options that the program supports. 63 | # Run program with --help to get a list of available options and with 64 | # --print-defaults to see which it would actually understand and use. 65 | # 66 | # For explanations see 67 | # http://dev.mysql.com/doc/mysql/en/server-system-variables.html 68 | 69 | # 70 | # * IMPORTANT: Additional settings that can override those from this file! 71 | # The files must end with '.cnf', otherwise they'll be ignored. 72 | # 73 | 74 | !includedir /etc/mysql/conf.d/ 75 | !includedir /etc/mysql/mysql.conf.d/ 76 | 77 | [mysqld] 78 | # 79 | # * Fine Tuning 80 | # 81 | performance_schema = off 82 | key_buffer_size = 8M 83 | tmp_table_size = 1M 84 | innodb_buffer_pool_size = 1M 85 | innodb_log_buffer_size = 1M 86 | max_connections = 5 87 | sort_buffer_size = 512K 88 | read_buffer_size = 256K 89 | read_rnd_buffer_size = 512K 90 | join_buffer_size = 128K 91 | thread_stack = 196K 92 | binlog_cache_size = 0M 93 | EOF 94 | 95 | 96 | #---- Tune JAVA via systemd unit 97 | 98 | # Define the unit file path 99 | unit_file="/lib/systemd/system/${TOMCAT}.service" 100 | 101 | # Check if the Environment line for CATALINA_OPTS exists 102 | if grep -q '^Environment="CATALINA_OPTS=-Xmx[0-9]*m"$' "$unit_file"; then 103 | # Replace the memory value in the existing line 104 | sed -i '/^Environment="CATALINA_OPTS=-Xmx[0-9]*m"$/c\Environment="CATALINA_OPTS=-Xmx'"$java_mem"'m"' "$unit_file" 105 | else 106 | # Add the missing Environment line for CATALINA_OPTS 107 | sed -i '/\[Service\]/a Environment="CATALINA_OPTS=-Xmx'"$java_mem"'m"' "$unit_file" 108 | fi 109 | 110 | # Check if the Environment line for UseG1G exists 111 | if grep -q '^Environment="\$CATALINA_OPTS -XX:+UseG[0-9]*G"$' "$unit_file"; then 112 | # Replace the memory value in the existing line 113 | sed -i '/^Environment="\$CATALINA_OPTS -XX:+UseG[0-9]*G"$/c\Environment="\$CATALINA_OPTS -XX:+UseG'"$java_mem_heap"'G"' "$unit_file" 114 | else 115 | # Add the missing Environment line for UseG1G 116 | sed -i '/\[Service\]/a Environment="\$CATALINA_OPTS -XX:+UseG'"$java_mem_heap"'G"' "$unit_file" 117 | fi 118 | 119 | # Reload the systemd daemon to apply the changes 120 | sudo systemctl daemon-reload 121 | 122 | 123 | # Restart services 124 | pct_start_systemctl "mysql.service" 125 | pct_start_systemctl "$TOMCAT" 126 | pct_start_systemctl "guacd" 127 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacamole/config/guacamole_upgrade_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: guacamole_upgrade_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../../common" 11 | SHARED="$DIR/../../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | #---- Other Variables -------------------------------------------------------------- 16 | #---- Other Files ------------------------------------------------------------------ 17 | #---- Body ------------------------------------------------------------------------- 18 | 19 | #---- Prerequisites 20 | 21 | # Run Bash Header 22 | source $COMMON/bash/src/basic_bash_utility.sh 23 | 24 | # Update CT 25 | apt-get update -y 26 | apt-get upgrade -y 27 | 28 | # Download upgrade script 29 | wget -q --show-progress -O guac-upgrade.sh https://raw.githubusercontent.com/MysticRyuujin/guac-install/main/guac-upgrade.sh 30 | if [ $? -ne 0 ] 31 | then 32 | echo -e "${RED}WARNING:${NC}\nFailed to download: ${WHITE}guac-upgrade.sh${NC}" 33 | echo 34 | return 35 | fi 36 | chmod +x guac-upgrade.sh 37 | 38 | #---- Install Guacamole upgrade 39 | # Run updater script 40 | ./guac-upgrade.sh 41 | 42 | # Clean up 43 | rm -f "guac-upgrade.sh" 44 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacamole/guacamole_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: guacamole_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../common" 11 | SHARED="$DIR/../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | 16 | # Update these variables as required for your specific instance 17 | app="${REPO_PKG_NAME,,}" # App name 18 | app_uid="$APP_USERNAME" # App UID 19 | app_guid="$APP_GRPNAME" # App GUID 20 | user_pwd="$USER_PWD" # MySQL password 21 | mfa="$MFA" # Two-factor authentication (TOTP, Duo or none) 22 | 23 | #---- Other Variables -------------------------------------------------------------- 24 | 25 | # Guacamole latest version 26 | GUAC_VERSION="${GUAC_VERSION:-1.5.1}" 27 | 28 | #---- Firewall variables 29 | # Guacamole port 30 | GUAC_PORT=8080 31 | # SSH port 32 | SSH_PORT=22 33 | # Local network 34 | LOCAL_NET=$(hostname -I | awk -F'.' -v OFS="." '{ print $1,$2,"0.0/24" }') 35 | 36 | #---- Other Files ------------------------------------------------------------------ 37 | #---- Body ------------------------------------------------------------------------- 38 | 39 | #---- Prerequisites 40 | 41 | # Run Bash Header 42 | source $COMMON/bash/src/basic_bash_utility.sh 43 | 44 | # Update locales 45 | export LANGUAGE=en_US.UTF-8 46 | export LANG=en_US.UTF-8 47 | sudo locale-gen en_US.UTF-8 48 | 49 | # Update Ubuntu 50 | apt-get update -y 51 | apt-get upgrade -y 52 | 53 | # Install Crudini 54 | apt-get install crudini -y 55 | 56 | # Add Packages 57 | apt-get install software-properties-common -y 58 | add-apt-repository -y universe 59 | apt-get update -y 60 | 61 | 62 | #---- Install Guacamole SW 63 | 64 | # Download upgrade script 65 | wget -q --show-progress -O guac-install.sh https://raw.githubusercontent.com/MysticRyuujin/guac-install/main/guac-install.sh 66 | if [ $? -ne 0 ] 67 | then 68 | echo -e "WARNING:${NC}\nFailed to download: ${WHITE}guac-install.sh${NC}" 69 | echo 70 | return 71 | fi 72 | # Set script permissions 73 | chmod +x guac-install.sh 74 | 75 | # Run installer 76 | ./guac-install.sh --mysqlpwd ${user_pwd} --guacpwd ${user_pwd} --${mfa} --installmysql 2> /dev/null 77 | 78 | # Allow ports 79 | sudo ufw allow $GUAC_PORT/tcp 80 | sudo ufw allow $SSH_PORT 81 | # Enable ufw 82 | sudo ufw enable 83 | sudo ufw reload 84 | 85 | # Run guacamole tune 86 | source $DIR/config/guacamole_tuneup.sh 87 | 88 | 89 | #---- Install fail2ban 90 | 91 | # Install fail2ban 92 | apt-get install fail2ban -y 93 | 94 | # Configure fail2ban default 95 | cat < /etc/fail2ban/jail.local 96 | [DEFAULT] 97 | bantime = 8h 98 | maxretry = 5 99 | ignoreip = 127.0.0.1/8 ${LOCAL_NET} 100 | ignoreself = true 101 | 102 | [sshd] 103 | enabled = true 104 | EOF 105 | 106 | cat < /etc/fail2ban/jail.d/guacamole-auth.conf 107 | [guacamole-auth] 108 | enabled = true 109 | port = http,https,80,443 110 | filter = guacamole 111 | EOF 112 | 113 | cat < /etc/fail2ban/filter.d/guacamole-auth.conf 114 | [Definition] 115 | failregex = \bAuthentication attempt from \[(?:,.*)?\] for user ".*" failed\. 116 | ignoreregex = 117 | EOF 118 | 119 | # Start fail2ban 120 | systemctl enable fail2ban.service 121 | pct_start_systemctl "fail2ban.service" 122 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacamole/pve_homelab_ct_guacamole_toolbox.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_guacamole_toolbox.sh 4 | # Description: Toolbox script for CT 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | #---- Dependencies ----------------------------------------------------------------- 9 | #---- Static Variables ------------------------------------------------------------- 10 | 11 | # Repo package name 12 | REPO_PKG_NAME='guacamole' 13 | 14 | #---- Other Variables -------------------------------------------------------------- 15 | #---- Other Files ------------------------------------------------------------------ 16 | #---- Body ------------------------------------------------------------------------- 17 | 18 | #---- Prerequisites 19 | 20 | # Pushing scripts to CT 21 | pct push $CTID $REPO_TEMP/${GIT_REPO}.tar.gz /tmp/${GIT_REPO}.tar.gz 22 | pct exec $CTID -- tar -zxf /tmp/${GIT_REPO}.tar.gz -C /tmp 23 | 24 | #---- Run toolbox component 25 | 26 | section "Select a Guacamole toolbox option" 27 | OPTIONS_VALUES_INPUT=( "TYPE01" "TYPE02" "TYPE03" "TYPE03" "TYPE00" ) 28 | OPTIONS_LABELS_INPUT=( "Upgrade Guacamole application" \ 29 | "Guacamole tune-up (reduce memory usage)" \ 30 | "Install Guacamole TOTP $(if [ "$(pct exec $CTID -- bash -c '[[ -f /etc/guacamole/extensions/guacamole-auth-totp*.jar ]]; echo $?')" = 0 ]; then echo "( installed & active )"; fi)" \ 31 | "Install Guacamole Duo $(if [ "$(pct exec $CTID -- bash -c '[[ -f /etc/guacamole/extensions/guacamole-auth-duo*.jar ]]; echo $?')" = 0 ]; then echo "( installed & active )"; fi)" \ 32 | "None. Exit this installer" ) 33 | makeselect_input2 34 | singleselect SELECTED "$OPTIONS_STRING" 35 | 36 | if [ "$RESULTS" = 'TYPE01' ] 37 | then 38 | #---- Upgrade Guacamole tools 39 | pct exec $CTID -- bash -c "/tmp/$GIT_REPO/src/$REPO_PKG_NAME/config/guacamole_upgrade_sw.sh" 40 | elif [ "$RESULTS" = 'TYPE02' ] 41 | then 42 | #---- Guacamole tune-up 43 | pct exec $CTID -- bash -c "/tmp/$GIT_REPO/src/$REPO_PKG_NAME/config/guacamole_tuneup.sh" 44 | elif [ "$RESULTS" = 'TYPE03' ] 45 | then 46 | #---- Create Guacamole TOTP 47 | pct exec $CTID -- bash -c "/tmp/$GIT_REPO/src/$REPO_PKG_NAME/config/guacamole_totp_sw.sh" 48 | elif [ "$RESULTS" = 'TYPE04' ] 49 | then 50 | #---- Create Guacamole Duo 51 | pct exec $CTID -- bash -c "/tmp/$GIT_REPO/src/$REPO_PKG_NAME/config/guacamole_duo_sw.sh" 52 | elif [ "$RESULTS" = 'TYPE00' ] 53 | then 54 | # Exit installation 55 | msg "You have chosen not to proceed. Aborting. Bye..." 56 | echo 57 | sleep 1 58 | fi 59 | 60 | #---- Finish Line ------------------------------------------------------------------ 61 | 62 | section "Completion Status." 63 | 64 | msg "Success. Task complete." 65 | echo 66 | 67 | #---- Cleanup 68 | # Clean up CT tmp files 69 | pct exec $CTID -- bash -c "rm -R /tmp/$GIT_REPO &> /dev/null; rm /tmp/${GIT_REPO}.tar.gz &> /dev/null" 70 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacamole/update-ct.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: update-ct.sh 4 | # Description: System.d updater for CT OS and installed applications 5 | # Note: Customize for each OS and application. 6 | # ---------------------------------------------------------------------------------- 7 | 8 | #---- Source ----------------------------------------------------------------------- 9 | 10 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 11 | 12 | #---- Dependencies ----------------------------------------------------------------- 13 | 14 | # Run Bash Header 15 | source $DIR/basic_bash_utility.sh 16 | 17 | #---- Static Variables ------------------------------------------------------------- 18 | #---- Static Variables ------------------------------------------------------------- 19 | #---- Other Variables -------------------------------------------------------------- 20 | #---- Other Files ------------------------------------------------------------------ 21 | 22 | # Stop list of systemd services 23 | # Enter all the SW 'system.d.service' here 24 | systemd_LIST=() 25 | while IFS= read -r line; 26 | do 27 | [[ "$line" =~ ^\#.*$ ]] && continue 28 | systemd_LIST+=( "$line" ) 29 | done << EOF 30 | $(ls /etc/ | grep tomcat) 31 | guacd.service 32 | EOF 33 | 34 | #---- Functions -------------------------------------------------------------------- 35 | #---- Body ------------------------------------------------------------------------- 36 | 37 | #---- Stop services 38 | 39 | # Stop any running systemd service or applications in order to perform upgrades 40 | for line in "${systemd_LIST[@]}" 41 | do 42 | pct_stop_systemctl "$line" 43 | done 44 | 45 | #---- Update & Upgrade OS 46 | 47 | # Update OS 48 | apt-get update -y 49 | apt-get upgrade -y 50 | 51 | # Custom software upgrade commands here 52 | 53 | #---- Restart services 54 | 55 | # Restart services 56 | for line in "${systemd_LIST[@]}" 57 | do 58 | pct_start_systemctl "$line" 59 | done 60 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacardp/config/bookmarks-ahuacate.json: -------------------------------------------------------------------------------- 1 | {"guid":"root________","title":"","index":0,"dateAdded":1663504083387000,"lastModified":1663564475537000,"id":1,"typeCode":2,"type":"text/x-moz-place-container","root":"placesRoot","children":[{"guid":"menu________","title":"menu","index":0,"dateAdded":1663504083387000,"lastModified":1663564475537000,"id":2,"typeCode":2,"type":"text/x-moz-place-container","root":"bookmarksMenuFolder"},{"guid":"toolbar_____","title":"toolbar","index":1,"dateAdded":1663504083387000,"lastModified":1663563517210000,"id":3,"typeCode":2,"type":"text/x-moz-place-container","root":"toolbarFolder","children":[{"guid":"YcI-LIELpRu9","title":"Pi-Hole","index":0,"dateAdded":1663505227669000,"lastModified":1663506191534000,"id":23,"typeCode":1,"iconUri":"http://pi.hole/admin/img/favicons/apple-touch-icon.png","type":"text/x-moz-place","uri":"http://pi.hole/admin/login.php","keyword":"pi.hole","postData":null},{"guid":"oA1eBMDmC2mj","title":"pfSense","index":1,"dateAdded":1663504855904000,"lastModified":1663506196283000,"id":22,"typeCode":1,"type":"text/x-moz-place","uri":"http://pfsense.local/","keyword":"pfsense","postData":null},{"guid":"3IAe_bvFDU6x","title":"","index":2,"dateAdded":1663563435745000,"lastModified":1663563444103000,"id":28,"typeCode":3,"type":"text/x-moz-place-separator"},{"guid":"-MFe4Om7ylMb","title":"Sonarr","index":3,"dateAdded":1663504565641000,"lastModified":1663504587138000,"id":17,"typeCode":1,"type":"text/x-moz-place","uri":"http://sonarr.local:8989/","keyword":"sonarr","postData":null},{"guid":"yknZVo1oFD-5","title":"Radarr","index":4,"dateAdded":1663504608622000,"lastModified":1663504641840000,"id":18,"typeCode":1,"type":"text/x-moz-place","uri":"http://radarr.local:7878/radarr/","keyword":"radarr","postData":null},{"guid":"Ia8OwAke4Sg6","title":"Lidarr","index":5,"dateAdded":1663563185513000,"lastModified":1663563467175000,"id":24,"typeCode":1,"type":"text/x-moz-place","uri":"http://lidarr.local:8686/","keyword":"lidarr","postData":null},{"guid":"wMIqKs-khASr","title":"Readarr","index":6,"dateAdded":1663563351273000,"lastModified":1663563458026000,"id":26,"typeCode":1,"type":"text/x-moz-place","uri":"http://readarr.local:8787/","keyword":"readarr","postData":null},{"guid":"DEp7ItKo9yxp","title":"Whisparr","index":7,"dateAdded":1663563385306000,"lastModified":1663563475044000,"id":27,"typeCode":1,"type":"text/x-moz-place","uri":"http://whisparr.local:6969/","keyword":"whisparr","postData":null},{"guid":"YMw2s9FwCQ5B","title":"Prowlarr","index":8,"dateAdded":1663563315010000,"lastModified":1663563489686000,"id":25,"typeCode":1,"type":"text/x-moz-place","uri":"http://prowlarr.local:9696/","keyword":"prowlarr","postData":null},{"guid":"iI_mDGRG1r9k","title":"","index":9,"dateAdded":1663563502804000,"lastModified":1663563510748000,"id":29,"typeCode":3,"type":"text/x-moz-place-separator"},{"guid":"NNGt9sSRDkMk","title":"Jellyfin","index":10,"dateAdded":1663504669232000,"lastModified":1663504679990000,"id":19,"typeCode":1,"type":"text/x-moz-place","uri":"http://jellyfin.local:8096/","keyword":"jellyfin","postData":null},{"guid":"SA1wkEKVMrtC","title":"","index":11,"dateAdded":1663563513898000,"lastModified":1663563517210000,"id":30,"typeCode":3,"type":"text/x-moz-place-separator"},{"guid":"fbwgMDXNnR8D","title":"SABnzbd","index":12,"dateAdded":1663504714971000,"lastModified":1663504749879000,"id":20,"typeCode":1,"type":"text/x-moz-place","uri":"http://sabnzbd.local:8080/","keyword":"sabnzbd","postData":null},{"guid":"fbwgMDXNnR8X","title":"NZBGet","index":12,"dateAdded":1663504714971000,"lastModified":1663504749879000,"id":20,"typeCode":1,"type":"text/x-moz-place","uri":"http://nzbget.local:6789/","keyword":"nzbget","postData":null},{"guid":"eE2jpa4XkK3D","title":"Deluge","index":13,"dateAdded":1663504769224000,"lastModified":1663504776871000,"id":21,"typeCode":1,"type":"text/x-moz-place","uri":"http://deluge.local:8112/","keyword":"deluge","postData":null}]},{"guid":"unfiled_____","title":"unfiled","index":3,"dateAdded":1663504083387000,"lastModified":1663504084394000,"id":5,"typeCode":2,"type":"text/x-moz-place-container","root":"unfiledBookmarksFolder"},{"guid":"mobile______","title":"mobile","index":4,"dateAdded":1663504083446000,"lastModified":1663504084394000,"id":6,"typeCode":2,"type":"text/x-moz-place-container","root":"mobileFolder"}]} -------------------------------------------------------------------------------- /src/guacardp/guacardp_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: guacardp_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../common" 11 | SHARED="$DIR/../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | 16 | # Update these variables as required for your specific instance 17 | app="${REPO_PKG_NAME,,}" # App name 18 | app_uid="$APP_USERNAME" # App UID 19 | app_guid="$APP_GRPNAME" # App GUID 20 | 21 | #---- Other Variables -------------------------------------------------------------- 22 | #---- Other Files ------------------------------------------------------------------ 23 | #---- Body ------------------------------------------------------------------------- 24 | 25 | #---- Prerequisites 26 | 27 | # Run Bash Header 28 | source $COMMON/bash/src/basic_bash_utility.sh 29 | 30 | # Update locales 31 | sudo locale-gen en_US.UTF-8 32 | 33 | # Add Packages 34 | apt-get install software-properties-common -y 2> /dev/null 35 | apt-get install unzip -y 2> /dev/null 36 | apt-get install fontconfig -y 2> /dev/null 37 | 38 | # Add Google font package 39 | wget -O /tmp/fonts.zip https://fonts.google.com/download?family=Open%20Sans 40 | mkdir -p /usr/share/fonts/googlefonts 41 | mkdir -p /usr/share/fonts/opentype 42 | unzip /tmp/fonts.zip -d /usr/share/fonts/googlefonts 43 | chmod -R --reference=/usr/share/fonts/opentype /usr/share/fonts/googlefonts 44 | sudo fc-cache -fv 45 | 46 | # Install video drivers 47 | if [ "$(ls -l /dev/dri | grep renderD128 > /dev/null; echo $?)" = 0 ] 48 | then 49 | GPU=$(lspci | grep VGA | cut -d ":" -f3 | sed -e 's/^[ \t]*//') 50 | # Intel GPU 51 | if [[ "$GPU" =~ ^Intel.* ]] 52 | then 53 | # Install drivers 54 | # apt-get install i965-va-driver -y 55 | apt-get install intel-media-va-driver-non-free -y 56 | fi 57 | fi 58 | 59 | # Install ffmpeg 60 | apt-get install ffmpeg -y 61 | 62 | 63 | #---- Create new user 64 | 65 | # Add user 66 | useradd -m -p $(perl -e 'print crypt($ARGV[0], "password")' ahuacate) admin 67 | usermod -aG sudo admin 68 | usermod -s /bin/bash admin 69 | sudo -u admin xdg-user-dirs-update 70 | echo "admin ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/admin 71 | 72 | 73 | #---- Install RDP SW 74 | 75 | # Install the desktop environment 76 | apt-get install xfce4 xfce4-goodies -y 77 | # Fix /etc/nsswitch.conf after xfce4 install 78 | sed -i 's/hosts:.*/hosts: files dns/g' /etc/nsswitch.conf 79 | # Install X stuff 80 | apt-get install xorg dbus-x11 x11-xserver-utils -y 81 | # Install XRDP on Ubuntu 82 | apt-get install xrdp ufw -y 83 | # Edit /etc/xrdp/xrdp.ini 84 | echo 'exec startxfce4' >> /etc/xrdp/xrdp.ini 85 | systemctl restart xrdp.service 86 | # Set RDP display 87 | update-alternatives --set x-session-manager /usr/bin/xfce4-session 88 | # Add the xrdp user to the “ssl-cert” group 89 | usermod -a -G ssl-cert xrdp 90 | systemctl restart xrdp 91 | # Configure System firewall 92 | ufw allow from 192.168.0.0/24 to any port 3389 93 | ufw reload 94 | 95 | # Fix - Authentication Required to Create Managed Color Device 96 | cat << EOF > /etc/polkit-1/localauthority.conf.d/02-allow-colord.conf 97 | polkit.addRule(function(action, subject) { 98 | if ((action.id == "org.freedesktop.color-manager.create-device" || 99 | action.id == "org.freedesktop.color-manager.create-profile" || 100 | action.id == "org.freedesktop.color-manager.delete-device" || 101 | action.id == "org.freedesktop.color-manager.delete-profile" || 102 | action.id == "org.freedesktop.color-manager.modify-device" || 103 | action.id == "org.freedesktop.color-manager.modify-profile") && 104 | subject.isInGroup("{users}")) { 105 | return polkit.Result.YES; 106 | } 107 | }); 108 | EOF 109 | 110 | 111 | #---- Install firefox 112 | 113 | # Add the Mozilla Team PPA 114 | add-apt-repository ppa:mozillateam/ppa -y 2> /dev/null 115 | # Increase the priority of it's firefox package 116 | printf 'Package: firefox\nPin: release o=LP-PPA-mozillateam\nPin-Priority: 1500\n' | tee /etc/apt/preferences.d/mozilla-firefox 117 | # Install Firefox 118 | apt-get install firefox -y 119 | # Copy Firefox bookmark preset file to CT 120 | cp $DIR/config/bookmarks-ahuacate.json /home/admin/Desktop/bookmarks-ahuacate.json 121 | 122 | 123 | #---- Configure audio 124 | 125 | wget http://c-nergy.be/downloads/xRDP/xrdp-installer-1.4.2.zip -P /tmp 126 | unzip /tmp/xrdp-installer-1.4.2.zip -d /tmp 127 | sleep 1 128 | chmod +x /tmp/xrdp-installer-1.4.2.sh 129 | su -c '/tmp/xrdp-installer-1.4.2.sh -s' admin 130 | 131 | 132 | #---- Configure Admin User profile 133 | 134 | if [ "$(ls -l /dev/dri | grep renderD128 > /dev/null; echo $?)" = 0 ] 135 | then 136 | GPU=$(lspci | grep VGA | cut -d ":" -f3 | sed -e 's/^[ \t]*//') 137 | # Intel GPU 138 | if [[ "$GPU" =~ ^Intel.* ]] 139 | then 140 | # Set user environment variable 141 | # echo 'export LIBVA_DRIVER_NAME=i965' >> /home/admin/.profile 142 | echo 'export LIBVA_DRIVER_NAME=iHD' >> /home/admin/.profile 143 | echo 'export MOZ_X11_EGL=1' >> /home/admin/.profile 144 | # echo 'export MOZ_DISABLE_RDD_SANDBOX=1' >> /home/admin/.profile 145 | fi 146 | fi 147 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/guacardp/pve_homelab_ct_guacardp_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_guacardp_installer.sh 4 | # Description: This script is for creating a Guacamole RDP CT 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Bash command to run script --------------------------------------------------- 8 | 9 | #---- Source Github 10 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_installer.sh)" 11 | 12 | #---- Source local Git 13 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_installer.sh 14 | 15 | #---- Source ----------------------------------------------------------------------- 16 | #---- Dependencies ----------------------------------------------------------------- 17 | 18 | # Check SMTP Status 19 | check_smtp_status 20 | 21 | #---- Static Variables ------------------------------------------------------------- 22 | 23 | # Easy Script Section Head 24 | SECTION_HEAD='PVE Guaca RDP' 25 | 26 | # PVE host IP 27 | PVE_HOST_IP=$(hostname -i) 28 | PVE_HOSTNAME=$(hostname) 29 | 30 | # SSHd Status (0 is enabled, 1 is disabled) 31 | SSH_ENABLE=1 32 | 33 | # Developer enable git mounts inside CT (0 is enabled, 1 is disabled) 34 | DEV_GIT_MOUNT_ENABLE=1 35 | 36 | # Set file source (path/filename) of preset variables for 'pvesource_ct_createvm.sh' 37 | PRESET_VAR_SRC="$( dirname "${BASH_SOURCE[0]}" )/$( basename "${BASH_SOURCE[0]}" )" 38 | 39 | #---- Other Variables -------------------------------------------------------------- 40 | 41 | #---- Common Machine Variables 42 | # VM Type ( 'ct' or 'vm' only lowercase ) 43 | VM_TYPE='ct' 44 | # Use DHCP. '0' to disable, '1' to enable. 45 | NET_DHCP='1' 46 | # Set address type 'dhcp4'/'dhcp6' or '0' to disable. 47 | NET_DHCP_TYPE='dhcp4' 48 | # CIDR IPv4 49 | CIDR='24' 50 | # CIDR IPv6 51 | CIDR6='64' 52 | # SSHd Port 53 | SSH_PORT='22' 54 | 55 | #----[COMMON_GENERAL_OPTIONS] 56 | # Hostname 57 | HOSTNAME='guacardp' 58 | # Description for the Container (one word only, no spaces). Shown in the web-interface CT’s summary. 59 | DESCRIPTION='' 60 | # Virtual OS/processor architecture. 61 | ARCH='amd64' 62 | # Allocated memory or RAM (MiB). 63 | MEMORY='1024' 64 | # Limit number of CPU sockets to use. Value 0 indicates no CPU limit. 65 | CPULIMIT='0' 66 | # CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. 67 | CPUUNITS='1024' 68 | # The number of cores assigned to the vm/ct. Do not edit - its auto set. 69 | CORES='1' 70 | 71 | #----[COMMON_NET_OPTIONS] 72 | # Bridge to attach the network device to. 73 | BRIDGE='vmbr0' 74 | # A common MAC address with the I/G (Individual/Group) bit not set. 75 | HWADDR="" 76 | # Controls whether this interface’s firewall rules should be used. 77 | FIREWALL='1' 78 | # VLAN tag for this interface (value 0 for none, or VLAN[2-N] to enable). 79 | TAG='0' 80 | # VLAN ids to pass through the interface 81 | TRUNKS="" 82 | # Apply rate limiting to the interface (MB/s). Value "" for unlimited. 83 | RATE="" 84 | # MTU - Maximum transfer unit of the interface. 85 | MTU="" 86 | 87 | #----[COMMON_NET_DNS_OPTIONS] 88 | # Nameserver server IP (IPv4 or IPv6) (value "" for none). 89 | NAMESERVER='192.168.1.5' 90 | # Search domain name (local domain) 91 | SEARCHDOMAIN='local' 92 | 93 | #----[COMMON_NET_STATIC_OPTIONS] 94 | # IP address (IPv4). Only works with static IP (DHCP=0). 95 | IP='192.168.1.250' 96 | # IP address (IPv6). Only works with static IP (DHCP=0). 97 | IP6='' 98 | # Default gateway for traffic (IPv4). Only works with static IP (DHCP=0). 99 | GW='192.168.1.5' 100 | # Default gateway for traffic (IPv6). Only works with static IP (DHCP=0). 101 | GW6='' 102 | 103 | #---- PVE CT 104 | #----[CT_GENERAL_OPTIONS] 105 | # Unprivileged container. '0' to disable, '1' to enable/yes. 106 | CT_UNPRIVILEGED='1' 107 | # Memory swap 108 | CT_SWAP='512' 109 | # OS 110 | CT_OSTYPE='ubuntu' 111 | # Onboot startup 112 | CT_ONBOOT='1' 113 | # Timezone 114 | CT_TIMEZONE='host' 115 | # Root credentials (leave blank for no pwd) 116 | CT_PASSWORD='' 117 | # Virtual OS/processor architecture. 118 | CT_ARCH='amd64' 119 | 120 | #----[CT_FEATURES_OPTIONS] 121 | # Allow using fuse file systems in a container. 122 | CT_FUSE='0' 123 | # For unprivileged containers only: Allow the use of the keyctl() system call. 124 | CT_KEYCTL='0' 125 | # Allow mounting file systems of specific types. (Use 'nfs' or 'cifs' or 'nfs;cifs' for both or leave empty "") 126 | CT_MOUNT='' 127 | # Allow nesting. Best used with unprivileged containers with additional id mapping. 128 | CT_NESTING='0' 129 | # A public key for connecting to the root account over SSH (insert path). 130 | 131 | #----[CT_ROOTFS_OPTIONS] 132 | # Virtual Disk Size (GB). 133 | CT_SIZE='5' 134 | # Explicitly enable or disable ACL support. 135 | CT_ACL='1' 136 | 137 | #----[CT_STARTUP_OPTIONS] 138 | # Startup and shutdown behavior ( '--startup order=1,up=1,down=1' ). 139 | # Order is a non-negative number defining the general startup order. Up=1 means first to start up. Shutdown in done with reverse ordering so down=1 means last to shutdown. 140 | # Up: Startup delay. Defines the interval between this container start and subsequent containers starts. For example, set it to 240 if you want to wait 240 seconds before starting other containers. 141 | # Down: Shutdown timeout. Defines the duration in seconds Proxmox VE should wait for the container to be offline after issuing a shutdown command. By default this value is set to 60, which means that Proxmox VE will issue a shutdown request, wait 60s for the machine to be offline, and if after 60s the machine is still online will notify that the shutdown action failed. 142 | CT_ORDER='3' 143 | CT_UP='30' 144 | CT_DOWN='60' 145 | 146 | #----[CT_NET_OPTIONS] 147 | # Name of the network device as seen from inside the VM/CT. 148 | CT_NAME='eth0' 149 | CT_TYPE='veth' 150 | 151 | #----[CT_OTHER] 152 | # OS Version (NOTE: Guacamole will not install on 22.04 - SSL3 errors with Mysql) 153 | CT_OSVERSION='22.04' 154 | # CTID numeric ID of the given container. 155 | CTID='250' 156 | 157 | #----[App_UID_GUID] 158 | # App user 159 | APP_USERNAME='home' 160 | # App user group 161 | APP_GRPNAME='homelab' 162 | 163 | #----[REPO_PKG_NAME] 164 | # Repo package name 165 | REPO_PKG_NAME='guacardp' 166 | 167 | 168 | #---- Other Files ------------------------------------------------------------------ 169 | 170 | # Required PVESM Storage Mounts for CT ( new version ) 171 | unset pvesm_required_LIST 172 | pvesm_required_LIST=() 173 | while IFS= read -r line; do 174 | [[ "$line" =~ ^\#.*$ ]] && continue 175 | pvesm_required_LIST+=( "$line" ) 176 | done << EOF 177 | # Example 178 | EOF 179 | 180 | #---- Body ------------------------------------------------------------------------- 181 | 182 | #---- Introduction 183 | source $COMMON_PVE_SRC_DIR/pvesource_ct_intro.sh 184 | 185 | #---- Setup PVE CT Variables 186 | # Ubuntu NAS (all) 187 | source $COMMON_PVE_SRC_DIR/pvesource_set_allvmvars.sh 188 | 189 | #---- Create OS CT 190 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createvm.sh 191 | 192 | #---- Configure New CT OS 193 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntubasics.sh 194 | 195 | # Homelab CT unprivileged mapping 196 | if [ "$CT_UNPRIVILEGED" = 1 ] 197 | then 198 | source $COMMON_PVE_SRC_DIR/pvesource_ct_homelab_ctidmapping.sh 199 | fi 200 | 201 | # VA-API Install & Setup for CT 202 | source $COMMON_PVE_SRC_DIR/pvesource_ct_medialab_vaapipassthru.sh 203 | 204 | #---- Guacamole -------------------------------------------------------------------- 205 | 206 | 207 | #---- Prerequistes 208 | 209 | section "Prerequisites" 210 | 211 | # Start /restart container (required to boot and restart) 212 | pct_start_waitloop 213 | sleep 5 214 | pct_stop_waitloop 215 | pct_start_waitloop 216 | 217 | 218 | #---- Run SW install 219 | 220 | section "Install Guacamole RDP software" 221 | 222 | # Pushing scripts to CT 223 | msg "Pushing repo scripts to CT..." 224 | pct push $CTID $REPO_TEMP/${GIT_REPO}.tar.gz /tmp/${GIT_REPO}.tar.gz 225 | pct exec $CTID -- tar -zxf /tmp/${GIT_REPO}.tar.gz -C /tmp 226 | 227 | # Guacamole SW 228 | pct exec $CTID -- bash -c "export REPO_PKG_NAME=$REPO_PKG_NAME APP_USERNAME=$APP_USERNAME APP_GRPNAME=$APP_GRPNAME && /tmp/$GIT_REPO/src/$REPO_PKG_NAME/guacardp_sw.sh" 229 | 230 | # Reboot the CT 231 | pct_stop_waitloop 232 | pct_start_waitloop 233 | 234 | #---- Finish Line ------------------------------------------------------------------ 235 | section "Completion Status." 236 | 237 | #---- Set display text 238 | unset display_msg1 239 | # Web access URL 240 | if [ -n "${IP}" ] && [ ! "$IP" = 'dhcp' ] 241 | then 242 | display_msg1+=( "${IP}" ) 243 | elif [ -n "${IP6}" ] && [ ! "$IP6" = 'dhcp' ] 244 | then 245 | display_msg1+=( "${IP6}" ) 246 | elif [ ${IP} == 'dhcp' ] || [ "$IP6" = 'dhcp' ] 247 | then 248 | display_msg1+=( "$(pct exec $CTID -- bash -c "hostname -I | sed 's/ //g'") (not static)" ) 249 | fi 250 | display_msg1+=( "$(pct exec $CTID -- bash -c "hostname | sed 's/ //g'").$(pct exec $CTID -- bash -c "hostname -d | sed 's/ //g'") (Recommended to use FQDN)" ) 251 | 252 | msg_box "Guaca-RDP installation was a success. Your new PVE CT details are: 253 | 254 | $(printf '%s\n' "${display_msg1[@]}" | indent2) 255 | 256 | Guaca-RDP login credentials are: 257 | 258 | $(printf "Username|admin 259 | Password|ahuacate" | column -t -s "|" | indent2) 260 | 261 | Login to your new Guaca-RDP machine and start the Firefox application. Navigate to the Firefox option 'Manage Bookmarks' and restore our preset bookmark file located on your desktop: 'bookmarks-ahuacate.json'. Our bookmark preset file includes all the local server URLs for Radarr, Sonarr and more. 262 | 263 | More information about configuring a Guacamole RDP connection here: https://github.com/ahuacate/homelab" 264 | echo 265 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/hassio/automations/Bedroom Master - Floor Sensor (Blueprint).yaml: -------------------------------------------------------------------------------- 1 | alias: Bedroom Master - Floor Sensor (Blueprint) 2 | description: "" 3 | use_blueprint: 4 | path: Blackshome/sensor-light.yaml 5 | input: 6 | motion_trigger: 7 | - binary_sensor.sensor_vallhorn_01_occupancy 8 | - binary_sensor.sensor_vallhorn_02_occupancy 9 | light_switch: 10 | entity_id: light.master_bedroom_bedside_lamps 11 | time_delay: 0.5 12 | include_light_control: 13 | - use_brightness 14 | light_brightness: 80 15 | include_light_colour_control: disable_colour_control 16 | light_colour_temperature: 6000 17 | include_bypass: 18 | - bypass_enabled_turn_on 19 | - bypass_enabled_turn_off 20 | motion_bypass_lights_on: 21 | - update.switch_rodret_01_firmware 22 | motion_bypass_lights_off: 23 | - update.switch_rodret_01_firmware 24 | include_sun: sun_disabled 25 | include_ambient: ambient_disabled 26 | ambient_light_sensor: sensor.sensor_vallhorn_01_illuminance 27 | ambient_light_options: ambient_light_option_enabled 28 | ambient_light_value: 20 29 | include_night_lights: night_lights_enabled 30 | night_lights_conditions: 31 | - time_enabled 32 | night_lights_entity_state: [] 33 | night_lights_after_time: "21:00:00" 34 | night_lights_before_time: "10:00:00" 35 | night_time_delay: 0.1 36 | include_bypass_auto_off: [] 37 | include_night_light_control: 38 | - use_brightness 39 | - use_transition 40 | night_light_brightness: 10 41 | include_night_light_colour_control: disable_colour_control 42 | night_light_colour_temperature: 3000 43 | night_lights: 44 | entity_id: light.master_bedroom_bedside_lamps 45 | motion_bypass_lights_stop: [] 46 | -------------------------------------------------------------------------------- /src/hassio/automations/Bedroom Master - Switch Rodret_01 (Blueprint).yaml: -------------------------------------------------------------------------------- 1 | alias: Bedroom Master - Switch Rodret_01 (Blueprint) 2 | description: Controls lights changing day/evening brightness 3 | use_blueprint: 4 | path: damru/ikea_E2201-E2213_ZHA-Z2M_control-anything.yaml 5 | input: 6 | remote_device: 99bbbbbb3183264d54bf7ad35765c051 7 | on_press_action: 8 | - choose: 9 | - conditions: 10 | - condition: time 11 | after: "21:00:00" 12 | before: "08:00:00" 13 | - condition: state 14 | entity_id: light.master_bedroom_bedside_lamps 15 | state: "off" 16 | sequence: 17 | - action: light.turn_on 18 | metadata: {} 19 | data: 20 | kelvin: 3000 21 | brightness_pct: 10 22 | target: 23 | entity_id: light.master_bedroom_bedside_lamps 24 | - conditions: 25 | - condition: time 26 | after: "08:00:00" 27 | before: "21:00:00" 28 | - condition: state 29 | entity_id: light.master_bedroom_bedside_lamps 30 | state: "off" 31 | sequence: 32 | - action: light.turn_on 33 | metadata: {} 34 | data: 35 | kelvin: 5000 36 | brightness_pct: 80 37 | target: 38 | entity_id: light.master_bedroom_bedside_lamps 39 | off_press_action: 40 | - condition: state 41 | entity_id: light.master_bedroom_bedside_lamps 42 | state: "on" 43 | - action: light.turn_off 44 | metadata: {} 45 | data: 46 | transition: 2 47 | target: 48 | entity_id: light.master_bedroom_bedside_lamps 49 | -------------------------------------------------------------------------------- /src/hassio/automations/Notification Android TV - Cellular Incoming.yaml: -------------------------------------------------------------------------------- 1 | alias: Notification Android TV - Cellular Incoming 2 | description: Android TV notification of incoming cellular call 3 | triggers: 4 | - entity_id: 5 | - sensor.sm_g950f_phone_state 6 | - sensor.sm_n975f_phone_state 7 | to: ringing 8 | trigger: state 9 | conditions: 10 | - condition: state 11 | entity_id: media_player.android_tv 12 | state: "on" 13 | actions: 14 | - repeat: 15 | sequence: 16 | action: notify.android_tv 17 | data: 18 | data: null 19 | title: Incoming Phone Call 20 | message: >- 21 | The Van Door is {% if 22 | is_state('binary_sensor.i_o_linc_1f_0b_58_sensor', 'off') %}Closed{% 23 | else %}Open{% endif %}! color: gray position: center duration: 5 24 | fontsize: max transparency: "75%" interrupt: 1 icon: 25 | url: >- 26 | {% if is_state('binary_sensor.i_o_linc_1f_0b_58_sensor', 'off') 27 | %} http://192.168.1.192/img/gd_closed.png {% else %} 28 | http://192.168.1.192/img/gd_open.png {% endif %} 29 | image: 30 | path: /www/images/ 31 | while: 32 | - condition: or 33 | conditions: 34 | - condition: state 35 | entity_id: sensor.sm_g950f_phone_state 36 | state: ringing 37 | - condition: state 38 | entity_id: sensor.sm_n975f_phone_state 39 | state: ringing 40 | mode: single 41 | -------------------------------------------------------------------------------- /src/hassio/automations/Notification LG TV - Incoming Cellular.yaml: -------------------------------------------------------------------------------- 1 | alias: Notification LG TV - Incoming Cellular 2 | description: LG TV notification of incoming cellular call 3 | triggers: 4 | - entity_id: 5 | - sensor.sm_g950f_phone_state 6 | - sensor.sm_n975f_phone_state 7 | to: ringing 8 | trigger: state 9 | conditions: 10 | - condition: state 11 | entity_id: media_player.lg_webos_smart_tv 12 | state: "on" 13 | actions: 14 | - repeat: 15 | sequence: 16 | - action: notify.lg_webos_smart_tv 17 | data: 18 | message: Answer your phone — it’s ringing! 19 | title: Incoming Call 20 | - delay: 21 | seconds: 5 22 | while: 23 | - condition: or 24 | conditions: 25 | - condition: state 26 | entity_id: sensor.sm_g950f_phone_state 27 | state: ringing 28 | - condition: state 29 | entity_id: sensor.sm_n975f_phone_state 30 | state: ringing 31 | mode: single 32 | -------------------------------------------------------------------------------- /src/hassio/automations/Notification LG TV - Incoming WhatsApp.yaml: -------------------------------------------------------------------------------- 1 | alias: Notification LG TV - Incoming WhatsApp 2 | description: LG TV notification of incoming WhatsApp call 3 | triggers: 4 | - entity_id: 5 | - sensor.sm_g950f_last_notification 6 | - sensor.sm_n975f_last_notification 7 | - sensor.new_phone_last_notification 8 | for: 9 | hours: 0 10 | minutes: 0 11 | seconds: 0 12 | trigger: state 13 | conditions: 14 | - condition: state 15 | entity_id: media_player.lg_webos_smart_tv 16 | state: "on" 17 | - condition: template 18 | value_template: |- 19 | {{ trigger.entity_id in [ 20 | 'sensor.sm_g950f_last_notification', 21 | 'sensor.sm_n975f_last_notification', 22 | 'sensor.new_phone_last_notification'] 23 | and state_attr(trigger.entity_id, 'package') == 'com.whatsapp' 24 | and state_attr(trigger.entity_id, 'category') == 'call' 25 | and 'incoming voice call' in state_attr(trigger.entity_id, 'android.text')|lower }} 26 | actions: 27 | - repeat: 28 | count: 2 29 | sequence: 30 | - action: notify.lg_webos_smart_tv 31 | data: 32 | message: Answer your WhatsApp — it’s ringing! 33 | title: Incoming Call 34 | - delay: 35 | seconds: 5 36 | mode: single 37 | -------------------------------------------------------------------------------- /src/hassio/automations/Notification Light - Incoming Cellular Call Flash.yaml: -------------------------------------------------------------------------------- 1 | alias: Notification Light - Incoming Cellular Call Flash 2 | description: Colour flash lights on incoming calls and return lights to previous state 3 | triggers: 4 | - entity_id: 5 | - sensor.sm_g950f_phone_state 6 | - sensor.sm_n975f_phone_state 7 | to: ringing 8 | trigger: state 9 | conditions: [] 10 | actions: 11 | - action: scene.create 12 | metadata: {} 13 | data: 14 | scene_id: rollback 15 | snapshot_entities: > 16 | {{ expand('light.incoming_call_light_flash') | 17 | map(attribute='entity_id') | list }} 18 | - repeat: 19 | sequence: 20 | - target: 21 | entity_id: > 22 | {{ expand('light.incoming_call_light_flash') | 23 | selectattr('attributes.supported_color_modes', 'defined') | 24 | selectattr('attributes.supported_color_modes', 'search', 25 | 'rgb|rgbw|rgbww|xy|hs') | map(attribute='entity_id') | list }} 26 | data: 27 | brightness_pct: "{{ brightness_high }}" 28 | color_name: "{{ col1 }}" 29 | action: light.turn_on 30 | - target: 31 | entity_id: > 32 | {{ expand('light.incoming_call_light_flash') | 33 | selectattr('attributes.supported_color_modes', 'defined') | 34 | rejectattr('attributes.supported_color_modes', 'search', 35 | 'rgb|rgbw|rgbww|xy|hs') | map(attribute='entity_id') | list }} 36 | data: 37 | brightness_pct: "{{ brightness_high }}" 38 | action: light.turn_on 39 | - delay: "{{ flash_delay }}" 40 | - target: 41 | entity_id: > 42 | {{ expand('light.incoming_call_light_flash') | 43 | selectattr('attributes.supported_color_modes', 'defined') | 44 | selectattr('attributes.supported_color_modes', 'search', 45 | 'rgb|rgbw|rgbww|xy|hs') | map(attribute='entity_id') | list }} 46 | data: 47 | brightness_pct: "{{ brightness_low }}" 48 | color_name: "{{ col2 }}" 49 | action: light.turn_on 50 | - target: 51 | entity_id: > 52 | {{ expand('light.incoming_call_light_flash') | 53 | selectattr('attributes.supported_color_modes', 'defined') | 54 | rejectattr('attributes.supported_color_modes', 'search', 55 | 'rgb|rgbw|rgbww|xy|hs') | map(attribute='entity_id') | list }} 56 | data: 57 | brightness_pct: "{{ brightness_low }}" 58 | action: light.turn_on 59 | - delay: "{{ flash_delay }}" 60 | while: 61 | - condition: or 62 | conditions: 63 | - condition: state 64 | entity_id: sensor.sm_g950f_phone_state 65 | state: ringing 66 | - condition: state 67 | entity_id: sensor.sm_n975f_phone_state 68 | state: ringing 69 | - action: light.turn_on 70 | metadata: {} 71 | data: 72 | brightness_pct: 5 73 | target: 74 | entity_id: light.incoming_call_light_flash 75 | - delay: "00:00:02" 76 | - action: scene.turn_on 77 | metadata: {} 78 | target: 79 | entity_id: scene.rollback 80 | data: {} 81 | - delay: "00:00:02" 82 | - action: scene.delete 83 | metadata: {} 84 | data: {} 85 | target: 86 | entity_id: scene.rollback 87 | variables: 88 | col1: green 89 | col2: white 90 | brightness_high: 100 91 | brightness_low: 10 92 | flash_count: 10 93 | flash_delay: "00:00:01" 94 | mode: single 95 | -------------------------------------------------------------------------------- /src/hassio/automations/Notification Light - Incoming WhatsApp Call Flash.yaml: -------------------------------------------------------------------------------- 1 | alias: Notification Light - Incoming WhatsApp Call Flash 2 | description: >- 3 | Colour flash lights on incoming WhatsApp calls and return lights to previous 4 | state 5 | triggers: 6 | - entity_id: 7 | - sensor.sm_g950f_last_notification 8 | - sensor.sm_n975f_last_notification 9 | - sensor.new_phone_last_notification 10 | for: 11 | hours: 0 12 | minutes: 0 13 | seconds: 0 14 | trigger: state 15 | conditions: 16 | - condition: template 17 | value_template: |- 18 | {{ trigger.entity_id in [ 19 | 'sensor.sm_g950f_last_notification', 20 | 'sensor.sm_n975f_last_notification', 21 | 'sensor.new_phone_last_notification'] 22 | and state_attr(trigger.entity_id, 'package') == 'com.whatsapp' 23 | and state_attr(trigger.entity_id, 'category') == 'call' 24 | and 'incoming voice call' in state_attr(trigger.entity_id, 'android.text')|lower }} 25 | actions: 26 | - action: scene.create 27 | metadata: {} 28 | data: 29 | scene_id: rollback 30 | snapshot_entities: > 31 | {{ expand('light.incoming_call_light_flash') | 32 | map(attribute='entity_id') | list }} 33 | - repeat: 34 | count: "{{ flash_count }}" 35 | sequence: 36 | - target: 37 | entity_id: > 38 | {{ expand('light.incoming_call_light_flash') | 39 | selectattr('attributes.supported_color_modes', 'defined') | 40 | selectattr('attributes.supported_color_modes', 'search', 41 | 'rgb|rgbw|rgbww|xy|hs') | map(attribute='entity_id') | list }} 42 | data: 43 | brightness_pct: "{{ brightness_high }}" 44 | color_name: "{{ col1 }}" 45 | action: light.turn_on 46 | - target: 47 | entity_id: > 48 | {{ expand('light.incoming_call_light_flash') | 49 | selectattr('attributes.supported_color_modes', 'defined') | 50 | rejectattr('attributes.supported_color_modes', 'search', 51 | 'rgb|rgbw|rgbww|xy|hs') | map(attribute='entity_id') | list }} 52 | data: 53 | brightness_pct: "{{ brightness_high }}" 54 | action: light.turn_on 55 | - delay: "{{ flash_delay }}" 56 | - target: 57 | entity_id: > 58 | {{ expand('light.incoming_call_light_flash') | 59 | selectattr('attributes.supported_color_modes', 'defined') | 60 | selectattr('attributes.supported_color_modes', 'search', 61 | 'rgb|rgbw|rgbww|xy|hs') | map(attribute='entity_id') | list }} 62 | data: 63 | brightness_pct: "{{ brightness_low }}" 64 | color_name: "{{ col2 }}" 65 | action: light.turn_on 66 | - target: 67 | entity_id: > 68 | {{ expand('light.incoming_call_light_flash') | 69 | selectattr('attributes.supported_color_modes', 'defined') | 70 | rejectattr('attributes.supported_color_modes', 'search', 71 | 'rgb|rgbw|rgbww|xy|hs') | map(attribute='entity_id') | list }} 72 | data: 73 | brightness_pct: "{{ brightness_low }}" 74 | action: light.turn_on 75 | - delay: "{{ flash_delay }}" 76 | - action: scene.turn_on 77 | metadata: {} 78 | target: 79 | entity_id: scene.rollback 80 | data: {} 81 | - action: scene.delete 82 | metadata: {} 83 | data: {} 84 | target: 85 | entity_id: scene.rollback 86 | variables: 87 | col1: green 88 | col2: white 89 | brightness_high: 100 90 | brightness_low: 10 91 | flash_count: 10 92 | flash_delay: "00:00:01" 93 | mode: single 94 | -------------------------------------------------------------------------------- /src/hassio/buttons/background.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/buttons/background.png -------------------------------------------------------------------------------- /src/hassio/buttons/livetv.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/buttons/livetv.png -------------------------------------------------------------------------------- /src/hassio/buttons/tvcontrols.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/buttons/tvcontrols.png -------------------------------------------------------------------------------- /src/hassio/configuration YAML Edits/configuration.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/configuration YAML Edits/configuration.yaml -------------------------------------------------------------------------------- /src/hassio/headers/now-playing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/headers/now-playing.png -------------------------------------------------------------------------------- /src/hassio/images/Thumbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/images/Thumbs.db -------------------------------------------------------------------------------- /src/hassio/images/icon_phone.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/images/icon_phone.png -------------------------------------------------------------------------------- /src/hassio/images/icon_whatsapp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/images/icon_whatsapp.png -------------------------------------------------------------------------------- /src/hassio/images/notification_sign_1024x1024_doorbell1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/images/notification_sign_1024x1024_doorbell1.png -------------------------------------------------------------------------------- /src/hassio/images/notification_sign_1024x1024_electricfail.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/images/notification_sign_1024x1024_electricfail.png -------------------------------------------------------------------------------- /src/hassio/images/notification_sign_1024x1024_front_door_open.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/images/notification_sign_1024x1024_front_door_open.png -------------------------------------------------------------------------------- /src/hassio/images/notification_sign_1024x1024_incoming_call.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/images/notification_sign_1024x1024_incoming_call.png -------------------------------------------------------------------------------- /src/hassio/images/notification_sign_1024x1024_robber.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/images/notification_sign_1024x1024_robber.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/ABC Australia.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/ABC Australia.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/AUX1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/AUX1.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/AUX2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/AUX2.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/AXN +1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/AXN +1.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/AXN HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/AXN HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/AXN Sci-Fi.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/AXN Sci-Fi.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Alice.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Alice.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Animal Planet.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Animal Planet.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Bluetooth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Bluetooth.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Boing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Boing.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Boomerang.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Boomerang.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/CD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/CD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Canale5 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Canale5 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Canali TV.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Canali TV.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Cartoon Network.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Cartoon Network.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Cartoonito.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Cartoonito.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Cielo HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Cielo HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/DMAX.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/DMAX.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Deejay TV HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Deejay TV HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/EuroSport HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/EuroSport HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Eurosport 2 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Eurosport 2 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Fire Tv.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Fire Tv.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Focus.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Focus.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/IRIS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/IRIS.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Italia1 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Italia1 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/K2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/K2.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/LA7 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/LA7 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/La 5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/La 5.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Marantz.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Marantz.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Media Player.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Media Player.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/NOVE.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/NOVE.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Netflix.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Netflix.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Nick Junior.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Nick Junior.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Nickelodeon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Nickelodeon.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Action +24.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Action +24.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Action HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Action HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Calcio 1 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Calcio 1 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Calcio 2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Calcio 2.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Calcio 3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Calcio 3.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Calcio 4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Calcio 4.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Calcio 5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Calcio 5.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Calcio 6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Calcio 6.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Calcio.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Calcio.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Cinema +24.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Cinema +24.jpg -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Cinema 2 +24.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Cinema 2 +24.jpg -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Cinema 2 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Cinema 2 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Cinema HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Cinema HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Comedy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Comedy.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Crime +24.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Crime +24.jpg -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Crime HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Crime HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Emotion.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Emotion.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Energy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Energy.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Extra 1 - GF.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Extra 1 - GF.jpg -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Joi.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Joi.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Mya.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Mya.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Sport HD.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Sport HD.jpg -------------------------------------------------------------------------------- /src/hassio/tv_logo/Premium Stories.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Premium Stories.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Ps4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Ps4.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/RSI LA 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/RSI LA 1.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/RSI LA 2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/RSI LA 2.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai 1 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai 1 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai 2 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai 2 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai 3 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai 3 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai 4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai 4.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai Gulp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai Gulp.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai Movie.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai Movie.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai News 24.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai News 24.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai Premium.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai Premium.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai Sport 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai Sport 1.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai Sport 2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai Sport 2.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rai YoYo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rai YoYo.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Real Time HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Real Time HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Rete4 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Rete4 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/SBS Australia.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/SBS Australia.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/SKY.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/SKY.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky 3D.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky 3D.PNG -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Arte HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Arte HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Atlantic +1 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Atlantic +1 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Atlantic HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Atlantic HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 1 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 1 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 10.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 11.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 12.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 12.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 2 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 2 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 3 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 3 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 4 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 4 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 5 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 5 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 6 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 6 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 7 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 7 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 8 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 8 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Calcio 9.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Calcio 9.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Sport 1 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Sport 1 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Sport 2 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Sport 2 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Sport 24 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Sport 24 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Sport 3 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Sport 3 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Sport F1 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Sport F1 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Sport MotoGP HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Sport MotoGP HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Sport Plus HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Sport Plus HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Supercalcio HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Supercalcio HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky TG24 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky TG24 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky TG24.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky TG24.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Uno +1 HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Uno +1 HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Sky Uno HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Sky Uno HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Spotify.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Spotify.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Super Tennis HD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Super Tennis HD.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Super!.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Super!.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/TGCOM24.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/TGCOM24.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/TV Audio.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/TV Audio.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/TV8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/TV8.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Thumbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Thumbs.db -------------------------------------------------------------------------------- /src/hassio/tv_logo/Tuner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Tuner.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/Wii.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/Wii.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/cielo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/cielo.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/deejay.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/deejay.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/frisbee.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/frisbee.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/italia 2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/italia 2.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/paramount.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/paramount.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/rainews24.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/rainews24.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/realtime.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/realtime.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/sportitalia.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/sportitalia.jpg -------------------------------------------------------------------------------- /src/hassio/tv_logo/sportitalia.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/sportitalia.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/supertennis.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/supertennis.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/teleradiostereo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/teleradiostereo.png -------------------------------------------------------------------------------- /src/hassio/tv_logo/tv_off.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/hassio/tv_logo/tv_off.png -------------------------------------------------------------------------------- /src/pihole/config/addon-updatelists_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: addon-updatelists_installer.sh 4 | # Description: Installer script for PiHole addon 5 | # Thanks: https://github.com/jacklul/pihole-updatelists 6 | # ---------------------------------------------------------------------------------- 7 | 8 | #---- Source ----------------------------------------------------------------------- 9 | #---- Dependencies ----------------------------------------------------------------- 10 | #---- Static Variables ------------------------------------------------------------- 11 | 12 | #---- Repo variables 13 | # Git server 14 | GIT_SERVER='https://github.com' 15 | # Git user 16 | GIT_USER='ahuacate' 17 | # Git repository 18 | GIT_REPO='pve-homelab' 19 | # Git branch 20 | GIT_BRANCH='main' 21 | # Git common 22 | GIT_COMMON='0' 23 | 24 | #---- Other Variables -------------------------------------------------------------- 25 | #---- Other Files ------------------------------------------------------------------ 26 | #---- Body ------------------------------------------------------------------------- 27 | 28 | #---- Install PiHole Updatelists (Automatic weekly list updater) 29 | # Thanks to https://github.com/jacklul/pihole-updatelists 30 | 31 | # Prerequisites 32 | pct exec $CTID -- sudo apt-get install php-cli php-sqlite3 php-intl php-curl -yqq 33 | 34 | # Install PiHole-Updatelists 35 | pct exec $CTID -- bash -c 'wget -O - https://raw.githubusercontent.com/jacklul/pihole-updatelists/master/install.sh | sudo bash' 36 | 37 | # Disable Gravity update Also after each Pi-hole update) 38 | pct exec $CTID -- sed -e '/pihole updateGravity/ s/^#*/#/' -i /etc/cron.d/pihole 39 | 40 | 41 | #---- List Source 42 | msg_box "You can choose to use the default lists or the Ahuacate lists. We recommend the default list because in the long term you will likely create your own whitelists. 43 | 44 | Default lists are: 45 | AD LISTS 46 | -- https://v.firebog.net/hosts/lists.php?type=tick 47 | -- Ahuacate list ( optional ) 48 | 49 | WHITE LISTS 50 | -- https://raw.githubusercontent.com/anudeepND/whitelist/master/ 51 | domains/whitelist.txt 52 | -- Ahuacate list ( optional ) 53 | 54 | BLACK LISTS 55 | -- https://raw.githubusercontent.com/mmotti/pihole-regex/ 56 | master/regex.list 57 | -- Ahuacate list ( optional )" 58 | 59 | # Make selection 60 | OPTIONS_VALUES_INPUT=( "TYPE01" "TYPE02" ) 61 | OPTIONS_LABELS_INPUT=( "Default Lists ( Recommended )" "Ahuacate Lists" ) 62 | makeselect_input2 63 | singleselect SELECTED "$OPTIONS_STRING" 64 | 65 | if [ ${RESULTS} == TYPE01 ]; then 66 | # Default configuration file is /etc/pihole-updatelists.conf 67 | # my_adlists 68 | pct exec $CTID -- sed -i "s|^ADLISTS_URL=.*|ADLISTS_URL=\"https://v.firebog.net/hosts/lists.php?type=tick\"|" /etc/pihole-updatelists.conf 69 | # my_whitelist_url 70 | pct exec $CTID -- sed -i "s|^WHITELIST_URL=.*|WHITELIST_URL=\"https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt\"|" /etc/pihole-updatelists.conf 71 | # my_regex_blacklist_url 72 | pct exec $CTID -- sed -i "s|^REGEX_BLACKLIST_URL=.*|REGEX_BLACKLIST_URL=\"https://raw.githubusercontent.com/mmotti/pihole-regex/master/regex.list\"|" /etc/pihole-updatelists.conf 73 | elif [ ${RESULTS} == TYPE02 ]; then 74 | # Default configuration file is /etc/pihole-updatelists.conf 75 | # SRC Url 76 | MY_LIST_SRC="https://raw.githubusercontent.com/${GIT_USER}/${GIT_REPO}/main/src/pihole/source/config" 77 | # my_adlists 78 | pct exec $CTID -- sed -i "s|^ADLISTS_URL=.*|ADLISTS_URL=\"https://v.firebog.net/hosts/lists.php?type=tick ${MY_LIST_SRC}/my_adlists.txt\"|" /etc/pihole-updatelists.conf 79 | # my_whitelist_url 80 | pct exec $CTID -- sed -i "s|^WHITELIST_URL=.*|WHITELIST_URL=\"${MY_LIST_SRC}/my_whitelist_url.txt https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt\"|" /etc/pihole-updatelists.conf 81 | # my_regex_whitelist_url 82 | pct exec $CTID -- sed -i "s|^REGEX_WHITELIST_URL=.*|REGEX_WHITELIST_URL=\"${MY_LIST_SRC}/my_regex_whitelist_url.txt\"|" /etc/pihole-updatelists.conf 83 | # my_blacklist_url 84 | pct exec $CTID -- sed -i "s|^BLACKLIST_URL=.*|BLACKLIST_URL=\"${MY_LIST_SRC}/my_blacklist_url.txt\"|" /etc/pihole-updatelists.conf 85 | # my_regex_blacklist_url 86 | pct exec $CTID -- sed -i "s|^REGEX_BLACKLIST_URL=.*|REGEX_BLACKLIST_URL=\"${MY_LIST_SRC}/my_regex_blacklist_url.txt https://raw.githubusercontent.com/mmotti/pihole-regex/master/regex.list\"|" /etc/pihole-updatelists.conf 87 | fi 88 | 89 | #--- Update lists 90 | pct exec $CTID -- bash -c 'sudo pihole-updatelists' 91 | 92 | #---- Finish Line ------------------------------------------------------------------ -------------------------------------------------------------------------------- /src/pihole/config/my_adlists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/pihole/config/my_adlists.txt -------------------------------------------------------------------------------- /src/pihole/config/my_blacklist_url.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/pihole/config/my_blacklist_url.txt -------------------------------------------------------------------------------- /src/pihole/config/my_regex_blacklist_url.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/pihole/config/my_regex_blacklist_url.txt -------------------------------------------------------------------------------- /src/pihole/config/my_regex_whitelist_url.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ahuacate/pve-homelab/58ae96bad7a05203eb600e623d2c827538704638/src/pihole/config/my_regex_whitelist_url.txt -------------------------------------------------------------------------------- /src/pihole/config/my_whitelist_url.txt: -------------------------------------------------------------------------------- 1 | https://audiobookbay.nl/ 2 | 192.168.1.13 -------------------------------------------------------------------------------- /src/pihole/config/unbound_pihole.conf: -------------------------------------------------------------------------------- 1 | server: 2 | # If no logfile is specified, syslog is used 3 | # logfile: "/var/log/unbound/unbound.log" 4 | verbosity: 0 5 | 6 | interface: 127.0.0.1 7 | port: 5335 8 | do-ip4: yes 9 | do-udp: yes 10 | do-tcp: yes 11 | 12 | # May be set to yes if you have IPv6 connectivity 13 | do-ip6: no 14 | 15 | # You want to leave this to no unless you have *native* IPv6. With 6to4 and 16 | # Terredo tunnels your web browser should favor IPv4 for the same reasons 17 | prefer-ip6: no 18 | 19 | # Use this only when you downloaded the list of primary root servers! 20 | # If you use the default dns-root-data package, unbound will find it automatically 21 | #root-hints: "/var/lib/unbound/root.hints" 22 | 23 | # Trust glue only if it is within the server's authority 24 | harden-glue: yes 25 | 26 | # Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS 27 | harden-dnssec-stripped: yes 28 | 29 | # Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes 30 | # see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details 31 | use-caps-for-id: no 32 | 33 | # Reduce EDNS reassembly buffer size. 34 | # IP fragmentation is unreliable on the Internet today, and can cause 35 | # transmission failures when large DNS messages are sent via UDP. Even 36 | # when fragmentation does work, it may not be secure; it is theoretically 37 | # possible to spoof parts of a fragmented DNS message, without easy 38 | # detection at the receiving end. Recently, there was an excellent study 39 | # >>> Defragmenting DNS - Determining the optimal maximum UDP response size for DNS <<< 40 | # by Axel Koolhaas, and Tjeerd Slokker (https://indico.dns-oarc.net/event/36/contributions/776/) 41 | # in collaboration with NLnet Labs explored DNS using real world data from the 42 | # the RIPE Atlas probes and the researchers suggested different values for 43 | # IPv4 and IPv6 and in different scenarios. They advise that servers should 44 | # be configured to limit DNS messages sent over UDP to a size that will not 45 | # trigger fragmentation on typical network links. DNS servers can switch 46 | # from UDP to TCP when a DNS response is too big to fit in this limited 47 | # buffer size. This value has also been suggested in DNS Flag Day 2020. 48 | edns-buffer-size: 1232 49 | 50 | # Perform prefetching of close to expired message cache entries 51 | # This only applies to domains that have been frequently queried 52 | prefetch: yes 53 | 54 | # One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1. 55 | num-threads: 1 56 | 57 | # Ensure kernel buffer is large enough to not lose messages in traffic spikes 58 | so-rcvbuf: 1m 59 | 60 | # Ensure privacy of local IP ranges 61 | private-address: 192.168.0.0/16 62 | private-address: 169.254.0.0/16 63 | private-address: 172.16.0.0/12 64 | private-address: 10.0.0.0/8 65 | private-address: fd00::/8 66 | private-address: fe80::/10 67 | -------------------------------------------------------------------------------- /src/pihole/config/update-pihole.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: update-pihole.sh 4 | # Description: Source script for PiHole SW and Add-on updater 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | #---- Dependencies ----------------------------------------------------------------- 9 | 10 | # Check for Internet connectivity 11 | if nc -zw1 google.com 443; then 12 | echo 13 | else 14 | echo "Checking for internet connectivity..." 15 | echo -e "Internet connectivity status: \033[0;31mDown\033[0m\n\nCannot proceed without a internet connection.\nFix your PVE hosts internet connection and try again..." 16 | echo 17 | exit 0 18 | fi 19 | 20 | #---- Static Variables ------------------------------------------------------------- 21 | 22 | #---- Repo variables 23 | # Git server 24 | GIT_SERVER='https://github.com' 25 | # Git user 26 | GIT_USER='ahuacate' 27 | # Git repository 28 | GIT_REPO='pve-homelab' 29 | # Git branch 30 | GIT_BRANCH='main' 31 | # Git common 32 | GIT_COMMON='0' 33 | 34 | #---- Other Variables -------------------------------------------------------------- 35 | #---- Other Files ------------------------------------------------------------------ 36 | #---- Body ------------------------------------------------------------------------- 37 | 38 | 39 | # Check for PiHole Updatelists script updates 40 | if [ -f /usr/local/sbin/pihole-updatelists ];then 41 | sudo pihole-updatelists --update --git-branch=master 42 | fi 43 | 44 | 45 | # Update PiHole SW 46 | PIHOLE_UPDATE="$(sudo pihole -up --check-only)" 47 | if ! grep -q 'Everything is up to date' <<< "${PIHOLE_UPDATE}" ; then 48 | sudo pihole -up 49 | if [[ $? -eq 0 ]] ; then 50 | echo "$(date "+%h %d %T") update: success" >> /var/log/pihole.log 51 | # Patch for Updatelists script 52 | sudo sed -e '/pihole updateGravity/ s/^#*/#/' -i /etc/cron.d/pihole 53 | reboot 54 | fi 55 | else 56 | echo "$(date "+%h %d %T") update: nothing to do" >> /var/log/pihole.log 57 | fi -------------------------------------------------------------------------------- /src/pihole/config/update-pihole_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: update-pihole_installer.sh 4 | # Description: Installer for PiHole SW and Add-on updater 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | #---- Dependencies ----------------------------------------------------------------- 9 | #---- Static Variables ------------------------------------------------------------- 10 | #---- Other Variables -------------------------------------------------------------- 11 | #---- Other Files ------------------------------------------------------------------ 12 | #---- Body ------------------------------------------------------------------------- 13 | 14 | # Push updater script to CT 15 | pct push $CTID ${SRC_DIR}/pihole/config/update-pihole.sh /usr/local/sbin/update-pihole.sh 16 | pct exec $CTID -- bash -c 'sudo chmod a+x /usr/local/sbin/update-pihole.sh' 17 | 18 | # Create a systemd service for the updater 19 | cat << 'EOF' > ${DIR}/update-pihole.service 20 | [Unit] 21 | Description=Update pihole 22 | After=network-online.target 23 | 24 | [Service] 25 | Type=oneshot 26 | ExecStart=/usr/local/sbin/update-pihole.sh 27 | EOF 28 | pct push $CTID ${DIR}/update-pihole.service /etc/systemd/system/update-pihole.service 29 | 30 | # Create a systemd timer 31 | # Default time is Monday 03:00 32 | cat << 'EOF' > ${DIR}/update-pihole.timer 33 | [Unit] 34 | Description=Timer for updating pihole 35 | Wants=network-online.target 36 | 37 | [Timer] 38 | OnBootSec= 39 | OnCalendar=Mon *-*-* 03:00:00 40 | Persistent=true 41 | 42 | [Install] 43 | WantedBy=timers.target 44 | EOF 45 | pct push $CTID ${DIR}/update-pihole.timer /etc/systemd/system/update-pihole.timer 46 | 47 | # Enable systemd timer 48 | pct exec $CTID -- bash -c 'sudo systemctl --quiet daemon-reload' 49 | pct exec $CTID -- bash -c 'sudo systemctl --quiet enable --now update-pihole.timer' 50 | 51 | #---- Finish Line ------------------------------------------------------------------ -------------------------------------------------------------------------------- /src/pihole/pihole_upgrade_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pihole_upgrade_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | #---- Dependencies ----------------------------------------------------------------- 9 | #---- Static Variables ------------------------------------------------------------- 10 | 11 | #---- Terminal settings 12 | RED=$'\033[0;31m' 13 | YELLOW=$'\033[1;33m' 14 | GREEN=$'\033[0;32m' 15 | WHITE=$'\033[1;37m' 16 | NC=$'\033[0m' 17 | UNDERLINE=$'\033[4m' 18 | printf '\033[8;40;120t' 19 | 20 | #---- Other Variables -------------------------------------------------------------- 21 | #---- Other Files ------------------------------------------------------------------ 22 | #---- Body ------------------------------------------------------------------------- 23 | 24 | #---- Prerequisites 25 | 26 | # Update CT 27 | apt-get update -y 28 | apt-get upgrade -y 29 | 30 | # Perform Pi-Hole upgrade 31 | sudo pihole -up 32 | 33 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/pihole/pve_homelab_ct_pihole_toolbox.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_pihole_toolbox.sh 4 | # Description: Toolbox script for CT 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | #---- Dependencies ----------------------------------------------------------------- 9 | #---- Static Variables ------------------------------------------------------------- 10 | #---- Other Variables -------------------------------------------------------------- 11 | #---- Other Files ------------------------------------------------------------------ 12 | #---- Body ------------------------------------------------------------------------- 13 | 14 | #---- Prerequisites 15 | #---- Run toolbox component 16 | section "Select a Pi-Hole toolbox option" 17 | OPTIONS_VALUES_INPUT=( "TYPE01" "TYPE00" ) 18 | OPTIONS_LABELS_INPUT=( "Upgrade Pi-Hole application" \ 19 | "None. Exit this installer" ) 20 | makeselect_input2 21 | singleselect SELECTED "$OPTIONS_STRING" 22 | 23 | if [ "$RESULTS" = 'TYPE01' ] 24 | then 25 | #---- Upgrade Pi-Hole tools 26 | pct push $CTID $SRC_DIR/$APP_BUILD/pihole_upgrade_sw.sh /tmp/pihole_upgrade_sw.sh 27 | pct exec $CTID -- bash -c "/tmp/pihole_upgrade_sw.sh" 28 | elif [ "$RESULTS" = 'TYPE00' ] 29 | then 30 | # Exit installation 31 | msg "You have chosen not to proceed. Aborting. Bye..." 32 | echo 33 | sleep 1 34 | fi 35 | 36 | #---- Finish Line ------------------------------------------------------------------ 37 | 38 | section "Completion Status" 39 | 40 | msg "Success. Task complete." 41 | echo 42 | 43 | #---- Cleanup 44 | # Clean up CT tmp files 45 | pct exec $CTID -- bash -c "rm -R /tmp/$GIT_REPO &> /dev/null; rm /tmp/${GIT_REPO}.tar.gz &> /dev/null" 46 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/sftpgo/pve_homelab_ct_sftpgo_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_sftpgo_installer.sh 4 | # Description: This script is for creating a sftpgo CT 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Bash command to run script --------------------------------------------------- 8 | 9 | #---- Source Github 10 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_installer.sh)" 11 | 12 | #---- Source local Git 13 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_installer.sh 14 | 15 | #---- Source ----------------------------------------------------------------------- 16 | #---- Dependencies ----------------------------------------------------------------- 17 | 18 | # Check PVE host subid mapping 19 | check_host_subid 20 | 21 | # Check SMTP Status 22 | check_smtp_status 23 | 24 | #---- Static Variables ------------------------------------------------------------- 25 | 26 | # Easy Script Section Head 27 | SECTION_HEAD='PVE SFTPGo' 28 | 29 | # PVE host IP 30 | PVE_HOST_IP=$(hostname -i) 31 | PVE_HOSTNAME=$(hostname) 32 | 33 | # SSHd Status (0 is enabled, 1 is disabled) 34 | SSH_ENABLE=1 35 | 36 | # Developer enable git mounts inside CT (0 is enabled, 1 is disabled) 37 | DEV_GIT_MOUNT_ENABLE=1 38 | 39 | # Set file source (path/filename) of preset variables for 'pvesource_ct_createvm.sh' 40 | PRESET_VAR_SRC="$( dirname "${BASH_SOURCE[0]}" )/$( basename "${BASH_SOURCE[0]}" )" 41 | 42 | 43 | #---- Other Variables -------------------------------------------------------------- 44 | 45 | #---- Common Machine Variables 46 | # VM Type ( 'ct' or 'vm' only lowercase ) 47 | VM_TYPE='ct' 48 | # Use DHCP. '0' to disable, '1' to enable. 49 | NET_DHCP='1' 50 | # Set address type 'dhcp4'/'dhcp6' or '0' to disable. 51 | NET_DHCP_TYPE='dhcp4' 52 | # CIDR IPv4 53 | CIDR='24' 54 | # CIDR IPv6 55 | CIDR6='64' 56 | # SSHd Port 57 | SSH_PORT='22' 58 | 59 | #----[COMMON_GENERAL_OPTIONS] 60 | # Hostname 61 | HOSTNAME='sftpgo' 62 | # Description for the Container (one word only, no spaces). Shown in the web-interface CT’s summary. 63 | DESCRIPTION='' 64 | # Virtual OS/processor architecture. 65 | ARCH='amd64' 66 | # Allocated memory or RAM (MiB). 67 | MEMORY='1024' 68 | # Limit number of CPU sockets to use. Value 0 indicates no CPU limit. 69 | CPULIMIT='0' 70 | # CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. 71 | CPUUNITS='1024' 72 | # The number of cores assigned to the vm/ct. Do not edit - its auto set. 73 | CORES='1' 74 | 75 | #----[COMMON_NET_OPTIONS] 76 | # Bridge to attach the network device to. 77 | BRIDGE='vmbr0' 78 | # A common MAC address with the I/G (Individual/Group) bit not set. 79 | HWADDR="" 80 | # Controls whether this interface’s firewall rules should be used. 81 | FIREWALL='1' 82 | # VLAN tag for this interface (value 0 for none, or VLAN[2-N] to enable). 83 | TAG='80' 84 | # VLAN ids to pass through the interface 85 | TRUNKS="" 86 | # Apply rate limiting to the interface (MB/s). Value "" for unlimited. 87 | RATE="" 88 | # MTU - Maximum transfer unit of the interface. 89 | MTU="" 90 | 91 | #----[COMMON_NET_DNS_OPTIONS] 92 | # Nameserver server IP (IPv4 or IPv6) (value "" for none). 93 | NAMESERVER='192.168.80.5' 94 | # Search domain name (local domain) 95 | SEARCHDOMAIN='local' 96 | 97 | #----[COMMON_NET_STATIC_OPTIONS] 98 | # IP address (IPv4). Only works with static IP (DHCP=0). 99 | IP='192.168.80.150' 100 | # IP address (IPv6). Only works with static IP (DHCP=0). 101 | IP6='' 102 | # Default gateway for traffic (IPv4). Only works with static IP (DHCP=0). 103 | GW='192.168.80.5' 104 | # Default gateway for traffic (IPv6). Only works with static IP (DHCP=0). 105 | GW6='' 106 | 107 | #---- PVE CT 108 | #----[CT_GENERAL_OPTIONS] 109 | # Unprivileged container. '0' to disable, '1' to enable/yes. 110 | CT_UNPRIVILEGED='1' 111 | # Memory swap 112 | CT_SWAP='512' 113 | # OS 114 | CT_OSTYPE='ubuntu' 115 | # Onboot startup 116 | CT_ONBOOT='1' 117 | # Timezone 118 | CT_TIMEZONE='host' 119 | # Root credentials (leave blank for no pwd) 120 | CT_PASSWORD='' 121 | # Virtual OS/processor architecture. 122 | CT_ARCH='amd64' 123 | 124 | #----[CT_FEATURES_OPTIONS] 125 | # Allow using fuse file systems in a container. 126 | CT_FUSE='0' 127 | # For unprivileged containers only: Allow the use of the keyctl() system call. 128 | CT_KEYCTL='0' 129 | # Allow mounting file systems of specific types. (Use 'nfs' or 'cifs' or 'nfs;cifs' for both or leave empty "") 130 | CT_MOUNT='nfs;cifs' 131 | # Allow nesting. Best used with unprivileged containers with additional id mapping. 132 | CT_NESTING='1' 133 | # A public key for connecting to the root account over SSH (insert path). 134 | 135 | #----[CT_ROOTFS_OPTIONS] 136 | # Virtual Disk Size (GB). 137 | CT_SIZE='5' 138 | # Explicitly enable or disable ACL support. 139 | CT_ACL='1' 140 | 141 | #----[CT_STARTUP_OPTIONS] 142 | # Startup and shutdown behavior ( '--startup order=1,up=1,down=1' ). 143 | # Order is a non-negative number defining the general startup order. Up=1 means first to start up. Shutdown in done with reverse ordering so down=1 means last to shutdown. 144 | # Up: Startup delay. Defines the interval between this container start and subsequent containers starts. For example, set it to 240 if you want to wait 240 seconds before starting other containers. 145 | # Down: Shutdown timeout. Defines the duration in seconds Proxmox VE should wait for the container to be offline after issuing a shutdown command. By default this value is set to 60, which means that Proxmox VE will issue a shutdown request, wait 60s for the machine to be offline, and if after 60s the machine is still online will notify that the shutdown action failed. 146 | CT_ORDER='2' 147 | CT_UP='30' 148 | CT_DOWN='60' 149 | 150 | #----[CT_NET_OPTIONS] 151 | # Name of the network device as seen from inside the VM/CT. 152 | CT_NAME='eth0' 153 | CT_TYPE='veth' 154 | 155 | #----[CT_OTHER] 156 | # OS Version 157 | CT_OSVERSION='22.04' 158 | # CTID numeric ID of the given container. 159 | CTID='250' 160 | 161 | #----[App_UID_GUID] 162 | # App user 163 | APP_USERNAME='home' 164 | # App user group 165 | APP_GRPNAME='homelab' 166 | 167 | #----[REPO_PKG_NAME] 168 | # Repo package name 169 | REPO_PKG_NAME='sftpgo' 170 | 171 | 172 | #---- Other Files ------------------------------------------------------------------ 173 | 174 | # Required PVESM Storage Mounts for CT ( new version ) 175 | unset pvesm_required_LIST 176 | pvesm_required_LIST=() 177 | while IFS= read -r line 178 | do 179 | [[ "$line" =~ ^\#.*$ ]] && continue 180 | pvesm_required_LIST+=( "$line" ) 181 | done << EOF 182 | # Example 183 | backup:CT settings backup storage 184 | cctv:CCTV storage 185 | public:General public storage 186 | video:All video libraries (i.e movies, series, homevideos) 187 | EOF 188 | 189 | #---- Body ------------------------------------------------------------------------- 190 | 191 | #---- Introduction 192 | source $COMMON_PVE_SRC_DIR/pvesource_ct_intro.sh 193 | 194 | #---- Setup PVE CT Variables 195 | # Ubuntu NAS (all) 196 | source $COMMON_PVE_SRC_DIR/pvesource_set_allvmvars.sh 197 | 198 | #---- Create OS CT 199 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createvm.sh 200 | 201 | #---- Pre-Configuring PVE CT 202 | section "Pre-Configure ${HOSTNAME^} ${VM_TYPE^^}" 203 | 204 | # Homelab CT unprivileged mapping 205 | if [ "$CT_UNPRIVILEGED" = 1 ] 206 | then 207 | source $COMMON_PVE_SRC_DIR/pvesource_ct_homelab_ctidmapping.sh 208 | fi 209 | 210 | # Create CT Bind Mounts 211 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createbindmounts.sh 212 | 213 | #---- Configure New CT OS 214 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntubasics.sh 215 | 216 | #---- Create MediaLab Group and User 217 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntu_addhomelabuser.sh 218 | 219 | 220 | #---- SFTPGo ----------------------------------------------------------------------- 221 | 222 | #---- Install SFTPGo 223 | section "Install sFTPGo software" 224 | 225 | # Start CT 226 | pct_start_waitloop 227 | 228 | # Pushing scripts to CT 229 | msg "Pushing repo scripts to CT..." 230 | pct push $CTID $REPO_TEMP/${GIT_REPO}.tar.gz /tmp/${GIT_REPO}.tar.gz 231 | pct exec $CTID -- tar -zxf /tmp/${GIT_REPO}.tar.gz -C /tmp 232 | 233 | # SFTPGo SW 234 | pct exec $CTID -- bash -c "export REPO_PKG_NAME=$REPO_PKG_NAME APP_USERNAME=$APP_USERNAME APP_GRPNAME=$APP_GRPNAME && /tmp/$GIT_REPO/src/$REPO_PKG_NAME/sftpgo_sw.sh" 235 | 236 | # Reboot the CT 237 | pct_stop_waitloop 238 | pct_start_waitloop 239 | 240 | 241 | #---- Finish Line ------------------------------------------------------------------ 242 | section "Completion Status." 243 | 244 | #---- Set display text 245 | # Get port 246 | port=8080 247 | # Get IP type (ip -4 addr show eth0) 248 | if [[ $(pct exec $CTID -- ip addr show eth0 | grep dynamic) ]]; then 249 | ip_type='dhcp - best use dhcp IP reservation' 250 | else 251 | ip_type='static IP' 252 | fi 253 | # Web access URL 254 | unset display_msg1 255 | display_msg1=( "http://$(pct exec $CTID -- hostname).$(pct exec $CTID -- hostname -d):$port/" ) 256 | display_msg1+=( "http://$(pct exec $CTID -- hostname -I | sed -r 's/\s+//g'):$port/ ($ip_type)" ) 257 | 258 | 259 | msg_box "SFTPGo CT installation was a success. The first start-up may take a few seconds so be patient. Web-interface is available on: 260 | 261 | $(printf '%s\n' "${display_msg1[@]}" | indent2) 262 | 263 | We recommend you configure remote access to SFTPGo using HAProxy. The default sFTP port is 2121. 264 | 265 | More information about configuring SFTPGo here: https://github.com/ahuacate/homelab and https://docs.sftpgo.com/2.6/" 266 | echo 267 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/sftpgo/sftpgo_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: sftpgo_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../common" 11 | SHARED="$DIR/../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | 16 | # Update these variables as required for your specific instance 17 | app="${REPO_PKG_NAME,,}" # App name 18 | app_uid="$APP_USERNAME" # App UID 19 | app_guid="$APP_GRPNAME" # App GUID 20 | 21 | #---- Other Variables -------------------------------------------------------------- 22 | 23 | #---- Firewall variables 24 | # SSH port 25 | SSH_PORT=22 26 | # FTP ports 27 | SFTPGO_PORT=2022 28 | FTPGO_PORT=2121 29 | # WebDAV Port 30 | WEBDAV_PORT=10080 31 | # Local network 32 | LOCAL_NET=$(hostname -I | awk -F'.' -v OFS="." '{ print $1,$2,"0.0/16" }') 33 | 34 | #---- Other Files ------------------------------------------------------------------ 35 | #---- Body ------------------------------------------------------------------------- 36 | 37 | #---- Prerequisites 38 | 39 | # Run update & upgrade 40 | apt-get update && apt-get upgrade -y 41 | apt-get install apt-transport-https -y 42 | 43 | # Run Bash Header 44 | source $COMMON/bash/src/basic_bash_utility.sh 45 | 46 | # Add Repos 47 | apt install software-properties-common -y 48 | apt update -y 49 | add-apt-repository ppa:sftpgo/sftpgo -y 50 | apt update -y 51 | 52 | #---- Install sFTPGo 53 | apt install sftpgo -y 54 | 55 | 56 | 57 | # # Create app .service with correct user startup 58 | pct_stop_systemctl "sftpgo.service" 59 | sudo chown -R $app_uid:$app_guid /etc/sftpgo /var/lib/sftpgo 60 | mkdir -p /etc/systemd/system/sftpgo.service.d 61 | 62 | sudo tee /etc/systemd/system/sftpgo.service.d/override.conf > /dev/null <<-EOF 63 | [Service] 64 | User=home 65 | Group=homelab 66 | EOF 67 | 68 | systemctl daemon-reload 69 | pct_start_systemctl "sftpgo.service" 70 | 71 | #---- Configure firewall 72 | # Restrict access to local network only and HA Proxy 73 | sudo ufw allow from $LOCAL_NET to any port $SSH_PORT 74 | sudo ufw allow from $LOCAL_NET to any port 8080 # Allow HTTP interface 75 | sudo ufw allow from $LOCAL_NET to any port $SFTPGO_PORT # Allow SFTPGo 76 | sudo ufw allow from $LOCAL_NET to any port $FTPGO_PORT # Allow FTPGo 77 | sudo ufw allow from $LOCAL_NET to any port $WEBDAV_PORT # Allow WebDAV 78 | sudo ufw default deny incoming 79 | sudo ufw default allow outgoing 80 | 81 | # Enable ufw 82 | sudo ufw enable 83 | 84 | 85 | #---- Install fail2ban 86 | # Install fail2ban 87 | apt-get install fail2ban -y 88 | 89 | # Configure fail2ban 90 | cat < /etc/fail2ban/jail.local 91 | [DEFAULT] 92 | bantime = 8h 93 | ignoreip = 127.0.0.1/8 ${LOCAL_NET} 94 | ignoreself = true 95 | 96 | [sshd] 97 | enabled = true 98 | EOF 99 | 100 | # Restart fail2ban 101 | sudo service fail2ban restart 102 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/syncthing/pve_homelab_ct_syncthing_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_syncthing_installer.sh 4 | # Description: This script is for creating a Syncthing CT 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Bash command to run script --------------------------------------------------- 8 | 9 | #---- Source Github 10 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_installer.sh)" 11 | 12 | #---- Source local Git 13 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_installer.sh 14 | 15 | #---- Source ----------------------------------------------------------------------- 16 | #---- Dependencies ----------------------------------------------------------------- 17 | 18 | # Check PVE host subid mapping 19 | check_host_subid 20 | 21 | # Check SMTP Status 22 | check_smtp_status 23 | 24 | #---- Static Variables ------------------------------------------------------------- 25 | 26 | # Easy Script Section Head 27 | SECTION_HEAD='PVE Syncthing' 28 | 29 | # PVE host IP 30 | PVE_HOST_IP=$(hostname -i) 31 | PVE_HOSTNAME=$(hostname) 32 | 33 | # SSHd Status (0 is enabled, 1 is disabled) 34 | SSH_ENABLE=1 35 | 36 | # Developer enable git mounts inside CT (0 is enabled, 1 is disabled) 37 | DEV_GIT_MOUNT_ENABLE=1 38 | 39 | # Set file source (path/filename) of preset variables for 'pvesource_ct_createvm.sh' 40 | PRESET_VAR_SRC="$( dirname "${BASH_SOURCE[0]}" )/$( basename "${BASH_SOURCE[0]}" )" 41 | 42 | 43 | #---- Other Variables -------------------------------------------------------------- 44 | 45 | #---- Common Machine Variables 46 | # VM Type ( 'ct' or 'vm' only lowercase ) 47 | VM_TYPE='ct' 48 | # Use DHCP. '0' to disable, '1' to enable. 49 | NET_DHCP='1' 50 | # Set address type 'dhcp4'/'dhcp6' or '0' to disable. 51 | NET_DHCP_TYPE='dhcp4' 52 | # CIDR IPv4 53 | CIDR='24' 54 | # CIDR IPv6 55 | CIDR6='64' 56 | # SSHd Port 57 | SSH_PORT='22' 58 | 59 | #----[COMMON_GENERAL_OPTIONS] 60 | # Hostname 61 | HOSTNAME='syncthing' 62 | # Description for the Container (one word only, no spaces). Shown in the web-interface CT’s summary. 63 | DESCRIPTION='' 64 | # Virtual OS/processor architecture. 65 | ARCH='amd64' 66 | # Allocated memory or RAM (MiB). 67 | MEMORY='1024' 68 | # Limit number of CPU sockets to use. Value 0 indicates no CPU limit. 69 | CPULIMIT='0' 70 | # CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. 71 | CPUUNITS='1024' 72 | # The number of cores assigned to the vm/ct. Do not edit - its auto set. 73 | CORES='1' 74 | 75 | #----[COMMON_NET_OPTIONS] 76 | # Bridge to attach the network device to. 77 | BRIDGE='vmbr0' 78 | # A common MAC address with the I/G (Individual/Group) bit not set. 79 | HWADDR="" 80 | # Controls whether this interface’s firewall rules should be used. 81 | FIREWALL='1' 82 | # VLAN tag for this interface (value 0 for none, or VLAN[2-N] to enable). 83 | TAG='0' 84 | # VLAN ids to pass through the interface 85 | TRUNKS="" 86 | # Apply rate limiting to the interface (MB/s). Value "" for unlimited. 87 | RATE="" 88 | # MTU - Maximum transfer unit of the interface. 89 | MTU="" 90 | 91 | #----[COMMON_NET_DNS_OPTIONS] 92 | # Nameserver server IP (IPv4 or IPv6) (value "" for none). 93 | NAMESERVER='192.168.1.5' 94 | # Search domain name (local domain) 95 | SEARCHDOMAIN='local' 96 | 97 | #----[COMMON_NET_STATIC_OPTIONS] 98 | # IP address (IPv4). Only works with static IP (DHCP=0). 99 | IP='192.168.1.4' 100 | # IP address (IPv6). Only works with static IP (DHCP=0). 101 | IP6='' 102 | # Default gateway for traffic (IPv4). Only works with static IP (DHCP=0). 103 | GW='192.168.1.5' 104 | # Default gateway for traffic (IPv6). Only works with static IP (DHCP=0). 105 | GW6='' 106 | 107 | #---- PVE CT 108 | #----[CT_GENERAL_OPTIONS] 109 | # Unprivileged container. '0' to disable, '1' to enable/yes. 110 | CT_UNPRIVILEGED='1' 111 | # Memory swap 112 | CT_SWAP='512' 113 | # OS 114 | CT_OSTYPE='ubuntu' 115 | # Onboot startup 116 | CT_ONBOOT='1' 117 | # Timezone 118 | CT_TIMEZONE='host' 119 | # Root credentials (leave blank for no pwd) 120 | CT_PASSWORD='' 121 | # Virtual OS/processor architecture. 122 | CT_ARCH='amd64' 123 | 124 | #----[CT_FEATURES_OPTIONS] 125 | # Allow using fuse file systems in a container. 126 | CT_FUSE='0' 127 | # For unprivileged containers only: Allow the use of the keyctl() system call. 128 | CT_KEYCTL='0' 129 | # Allow mounting file systems of specific types. (Use 'nfs' or 'cifs' or 'nfs;cifs' for both or leave empty "") 130 | CT_MOUNT='nfs;cifs' 131 | # Allow nesting. Best used with unprivileged containers with additional id mapping. 132 | CT_NESTING='1' 133 | # A public key for connecting to the root account over SSH (insert path). 134 | 135 | #----[CT_ROOTFS_OPTIONS] 136 | # Virtual Disk Size (GB). 137 | CT_SIZE='5' 138 | # Explicitly enable or disable ACL support. 139 | CT_ACL='1' 140 | 141 | #----[CT_STARTUP_OPTIONS] 142 | # Startup and shutdown behavior ( '--startup order=1,up=1,down=1' ). 143 | # Order is a non-negative number defining the general startup order. Up=1 means first to start up. Shutdown in done with reverse ordering so down=1 means last to shutdown. 144 | # Up: Startup delay. Defines the interval between this container start and subsequent containers starts. For example, set it to 240 if you want to wait 240 seconds before starting other containers. 145 | # Down: Shutdown timeout. Defines the duration in seconds Proxmox VE should wait for the container to be offline after issuing a shutdown command. By default this value is set to 60, which means that Proxmox VE will issue a shutdown request, wait 60s for the machine to be offline, and if after 60s the machine is still online will notify that the shutdown action failed. 146 | CT_ORDER='2' 147 | CT_UP='30' 148 | CT_DOWN='60' 149 | 150 | #----[CT_NET_OPTIONS] 151 | # Name of the network device as seen from inside the VM/CT. 152 | CT_NAME='eth0' 153 | CT_TYPE='veth' 154 | 155 | #----[CT_OTHER] 156 | # OS Version 157 | CT_OSVERSION='22.04' 158 | # CTID numeric ID of the given container. 159 | CTID='250' 160 | 161 | #----[App_UID_GUID] 162 | # App user 163 | APP_USERNAME='home' 164 | # App user group 165 | APP_GRPNAME='homelab' 166 | 167 | #----[REPO_PKG_NAME] 168 | # Repo package name 169 | REPO_PKG_NAME='syncthing' 170 | 171 | 172 | #---- Other Files ------------------------------------------------------------------ 173 | 174 | # Required PVESM Storage Mounts for CT ( new version ) 175 | unset pvesm_required_LIST 176 | pvesm_required_LIST=() 177 | while IFS= read -r line 178 | do 179 | [[ "$line" =~ ^\#.*$ ]] && continue 180 | pvesm_required_LIST+=( "$line" ) 181 | done << EOF 182 | # Example 183 | audio:Audiobooks and podcasts 184 | backup:CT settings backup storage 185 | books:Ebooks and Magazines 186 | music:Music, Albums and Songs 187 | video:All video libraries (i.e movies, series, homevideos) 188 | EOF 189 | 190 | #---- Body ------------------------------------------------------------------------- 191 | 192 | #---- Introduction 193 | source $COMMON_PVE_SRC_DIR/pvesource_ct_intro.sh 194 | 195 | #---- Setup PVE CT Variables 196 | # Ubuntu NAS (all) 197 | source $COMMON_PVE_SRC_DIR/pvesource_set_allvmvars.sh 198 | 199 | #---- Create OS CT 200 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createvm.sh 201 | 202 | #---- Pre-Configuring PVE CT 203 | section "Pre-Configure ${HOSTNAME^} ${VM_TYPE^^}" 204 | 205 | # Homelab CT unprivileged mapping 206 | if [ "$CT_UNPRIVILEGED" = 1 ] 207 | then 208 | source $COMMON_PVE_SRC_DIR/pvesource_ct_homelab_ctidmapping.sh 209 | fi 210 | 211 | # Create CT Bind Mounts 212 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createbindmounts.sh 213 | 214 | #---- Configure New CT OS 215 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntubasics.sh 216 | 217 | #---- Create MediaLab Group and User 218 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntu_addhomelabuser.sh 219 | 220 | 221 | #---- Syncthing -------------------------------------------------------------------- 222 | 223 | #---- Install Syncthing 224 | section "Install Syncthing software" 225 | 226 | # Start CT 227 | pct_start_waitloop 228 | 229 | # Pushing scripts to CT 230 | msg "Pushing repo scripts to CT..." 231 | pct push $CTID $REPO_TEMP/${GIT_REPO}.tar.gz /tmp/${GIT_REPO}.tar.gz 232 | pct exec $CTID -- tar -zxf /tmp/${GIT_REPO}.tar.gz -C /tmp 233 | 234 | # Syncthing SW 235 | pct exec $CTID -- bash -c "export REPO_PKG_NAME=$REPO_PKG_NAME APP_USERNAME=$APP_USERNAME APP_GRPNAME=$APP_GRPNAME && /tmp/$GIT_REPO/src/$REPO_PKG_NAME/syncthing_sw.sh" 236 | 237 | # Reboot the CT 238 | pct_stop_waitloop 239 | pct_start_waitloop 240 | 241 | 242 | #---- Finish Line ------------------------------------------------------------------ 243 | section "Completion Status." 244 | 245 | #---- Set display text 246 | # Get port 247 | port=8384 248 | # Get IP type (ip -4 addr show eth0) 249 | if [[ $(pct exec $CTID -- ip addr show eth0 | grep dynamic) ]]; then 250 | ip_type='dhcp - best use dhcp IP reservation' 251 | else 252 | ip_type='static IP' 253 | fi 254 | # Web access URL 255 | unset display_msg1 256 | display_msg1=( "http://$(pct exec $CTID -- hostname).$(pct exec $CTID -- hostname -d):$port/" ) 257 | display_msg1+=( "http://$(pct exec $CTID -- hostname -I | sed -r 's/\s+//g'):$port/ ($ip_type)" ) 258 | 259 | 260 | msg_box "Syncthing CT installation was a success. The first start-up may take a few seconds so be patient. Web-interface is available on: 261 | 262 | $(printf '%s\n' "${display_msg1[@]}" | indent2) 263 | 264 | We recommend you configure remote access to Syncthing using HAProxy. 265 | 266 | More information about configuring Syncthing here: https://github.com/ahuacate/homelab and https://docs.syncthing.net/index.html" 267 | echo 268 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/syncthing/syncthing_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: syncthing_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../common" 11 | SHARED="$DIR/../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | 16 | # Update these variables as required for your specific instance 17 | app="${REPO_PKG_NAME,,}" # App name 18 | app_uid="$APP_USERNAME" # App UID 19 | app_guid="$APP_GRPNAME" # App GUID 20 | 21 | #---- Other Variables -------------------------------------------------------------- 22 | 23 | #---- Firewall variables 24 | # SSH port 25 | SSH_PORT=22 26 | SYNCTHING_PORT=8384 27 | # Local network 28 | LOCAL_NET=$(hostname -I | awk -F'.' -v OFS="." '{ print $1,$2,"0.0/24" }') 29 | 30 | #---- Other Files ------------------------------------------------------------------ 31 | #---- Body ------------------------------------------------------------------------- 32 | 33 | #---- Prerequisites 34 | 35 | # Run update & upgrade 36 | apt-get update && apt-get upgrade -y 37 | apt-get install apt-transport-https -y 38 | 39 | # Run Bash Header 40 | source $COMMON/bash/src/basic_bash_utility.sh 41 | 42 | #---- Install syncthing 43 | apt-get install syncthing -y 44 | 45 | # Create app .service with correct user startup 46 | cat </dev/null 47 | [Unit] 48 | Description=Syncthing - BAMF Open Source File Synchronization for %I 49 | Documentation=man:syncthing(1) 50 | After=network.target 51 | 52 | [Service] 53 | User=$app_uid 54 | ExecStart=/usr/bin/syncthing -no-browser -gui-address="0.0.0.0:8384" -no-restart -logflags=0 55 | Restart=on-failure 56 | SuccessExitStatus=3 4 57 | RestartForceExitStatus=3 4 58 | 59 | [Install] 60 | WantedBy=multi-user.target 61 | EOF 62 | 63 | # Systemd enable 64 | systemctl enable $app.service 65 | 66 | 67 | #---- Configure firewall 68 | sudo ufw allow $SSH_PORT 69 | sudo ufw allow from $LOCAL_NET to any port $SSH_PORT 70 | # Optional additional ports 71 | sudo ufw allow syncthing # Allow Syncthing 72 | sudo ufw allow syncthing-gui # Allow Syncthing 73 | sudo ufw default deny incoming 74 | sudo ufw default allow outgoing 75 | 76 | # Enable ufw 77 | sudo ufw enable 78 | 79 | 80 | #---- Install fail2ban 81 | # Install fail2ban 82 | apt-get install fail2ban -y 83 | 84 | # Configure fail2ban 85 | cat < /etc/fail2ban/jail.local 86 | [DEFAULT] 87 | bantime = 8h 88 | ignoreip = 127.0.0.1/8 ${LOCAL_NET} 89 | ignoreself = true 90 | 91 | [sshd] 92 | enabled = true 93 | EOF 94 | 95 | # Restart fail2ban 96 | sudo service fail2ban restart 97 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/tails/config/background_update_tails_iso.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: background_update_tails_iso.sh 4 | # Description: This script is for updating Tails after shutdown 5 | # Require: Requires Proxmox hook-script 6 | # Notes: Script is run by a nohup parent hook-script 7 | # ---------------------------------------------------------------------------------- 8 | 9 | #---- Functions -------------------------------------------------------------------- 10 | 11 | # Function to update VM configuration and handle lock retries 12 | update_vm_config() { 13 | local retries=5 14 | local delay=10 15 | local attempt=0 16 | 17 | # Gracefully stop the VM 18 | if qm status "$VMID" | grep -q "status: running"; then 19 | qm stop "$VMID" 20 | fi 21 | 22 | # If the VM is still running, force stop it 23 | if qm status "$VMID" | grep -q "status: running"; then 24 | echo "Graceful stop failed. Forcing stop." 25 | PID=$(ps aux | grep "kvm" | grep "\-id $VMID" | awk '{print $2}') 26 | kill -9 "$PID" 27 | sleep 5 # Give some time for the VM to stop 28 | fi 29 | 30 | # Update VMID config file 31 | while (( attempt < retries )); do 32 | if qm set "$VMID" --cdrom "${ISO_STORAGE_PREFIX}:iso/$ISO_FILENAME_LATEST,media=cdrom"; then 33 | find "$ISO_PATH" -name 'tails-amd64-*.iso' ! -name "$ISO_FILENAME_LATEST" -exec rm -f {} + # Remove old Tails ISO files except the latest one 34 | return 0 35 | else 36 | echo "Failed to update VM configuration. Retrying in $delay seconds..." 37 | sleep $delay 38 | (( attempt++ )) 39 | delay=$(( delay * 2 )) # Exponential backoff 40 | fi 41 | done 42 | } 43 | 44 | #---- Body ------------------------------------------------------------------------- 45 | 46 | #---- Get VM ID from arguments 47 | VMID=$1 48 | if [ -z "$VMID" ]; then 49 | echo "Usage: $0 " 50 | exit 1 51 | fi 52 | 53 | #--- Install lynx 54 | if [[ ! $(dpkg -s lynx 2> /dev/null) ]]; then 55 | apt-get install lynx -y 56 | fi 57 | 58 | # Define URL and download path 59 | TAILS_BASE_URL='https://mirrors.edge.kernel.org/tails/stable' 60 | ISO_PATH="/var/lib/vz/template/iso" 61 | 62 | # Extract ISO path prefix from VM configuration 63 | ISO_STORAGE_PREFIX=$(qm config "$VMID" | grep -oP "(?<=^ide2: )[a-zA-Z0-9\-]+(?=:iso/)") 64 | 65 | # Fetch the latest Tails ISO directory 66 | ISO_DIR_LATEST=$(lynx -dump -listonly "$TAILS_BASE_URL" | grep 'tails-amd64-' | awk '{print $2}' | sort -V | tail -n 1 | xargs basename) 67 | ISO_FILENAME_LATEST="${ISO_DIR_LATEST}.iso" 68 | ISO_URL="${TAILS_BASE_URL}/${ISO_DIR_LATEST}/${ISO_FILENAME_LATEST}" 69 | 70 | # Full path of the latest ISO file 71 | ISO_FILEPATH="${ISO_PATH}/${ISO_FILENAME_LATEST}" 72 | 73 | # Check if the latest ISO exists and matches the current ISO file 74 | if [ -f "$ISO_FILEPATH" ]; then 75 | if qm config "$VMID" | grep -q "${ISO_STORAGE_PREFIX}:iso/${ISO_FILENAME_LATEST}"; then 76 | echo "The ISO file is already up to date. No further action needed." 77 | exit 0 78 | fi 79 | fi 80 | 81 | 82 | #---- Run ISO update after stopping VM 83 | # Tails requires updating 84 | 85 | # Check if the latest ISO exists 86 | if [ ! -f "$ISO_FILEPATH" ]; then 87 | # Download the latest ISO file 88 | wget -qNLc -T 15 -c "$ISO_URL" -P "$ISO_PATH" 89 | fi 90 | 91 | # Update the VM configuration to use the latest ISO file 92 | if update_vm_config; then 93 | echo "ISO updated successfully." 94 | fi 95 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/tails/config/hook_script_update_tails_iso.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: hook_script_update_tails_iso.sh 4 | # Description: This script is a Proxmox hook-script 5 | # Require: Requires 'background_update_tails_iso.sh' bash script 6 | # ---------------------------------------------------------------------------------- 7 | 8 | #---- Body ------------------------------------------------------------------------- 9 | echo "hook parameters: $1 $2 [$0]" 10 | 11 | #---- Set Args 12 | VMID=$1 13 | EVENT=$2 14 | 15 | #---- Run the update only on post-start event 16 | if [ "$EVENT" == "post-stop" ]; then 17 | nohup /var/lib/vz/snippets/background_update_tails_iso.sh "$VMID" &>/dev/null & 18 | sleep 5s 19 | fi 20 | #----------------------------------------------------------------------------------- 21 | -------------------------------------------------------------------------------- /src/tailscale/config/bookmarks-ahuacate.json: -------------------------------------------------------------------------------- 1 | {"guid":"root________","title":"","index":0,"dateAdded":1663504083387000,"lastModified":1663564475537000,"id":1,"typeCode":2,"type":"text/x-moz-place-container","root":"placesRoot","children":[{"guid":"menu________","title":"menu","index":0,"dateAdded":1663504083387000,"lastModified":1663564475537000,"id":2,"typeCode":2,"type":"text/x-moz-place-container","root":"bookmarksMenuFolder"},{"guid":"toolbar_____","title":"toolbar","index":1,"dateAdded":1663504083387000,"lastModified":1663563517210000,"id":3,"typeCode":2,"type":"text/x-moz-place-container","root":"toolbarFolder","children":[{"guid":"YcI-LIELpRu9","title":"Pi-Hole","index":0,"dateAdded":1663505227669000,"lastModified":1663506191534000,"id":23,"typeCode":1,"iconUri":"http://pi.hole/admin/img/favicons/apple-touch-icon.png","type":"text/x-moz-place","uri":"http://pi.hole/admin/login.php","keyword":"pi.hole","postData":null},{"guid":"oA1eBMDmC2mj","title":"pfSense","index":1,"dateAdded":1663504855904000,"lastModified":1663506196283000,"id":22,"typeCode":1,"type":"text/x-moz-place","uri":"http://pfsense.local/","keyword":"pfsense","postData":null},{"guid":"3IAe_bvFDU6x","title":"","index":2,"dateAdded":1663563435745000,"lastModified":1663563444103000,"id":28,"typeCode":3,"type":"text/x-moz-place-separator"},{"guid":"-MFe4Om7ylMb","title":"Sonarr","index":3,"dateAdded":1663504565641000,"lastModified":1663504587138000,"id":17,"typeCode":1,"type":"text/x-moz-place","uri":"http://sonarr.local:8989/","keyword":"sonarr","postData":null},{"guid":"yknZVo1oFD-5","title":"Radarr","index":4,"dateAdded":1663504608622000,"lastModified":1663504641840000,"id":18,"typeCode":1,"type":"text/x-moz-place","uri":"http://radarr.local:7878/radarr/","keyword":"radarr","postData":null},{"guid":"Ia8OwAke4Sg6","title":"Lidarr","index":5,"dateAdded":1663563185513000,"lastModified":1663563467175000,"id":24,"typeCode":1,"type":"text/x-moz-place","uri":"http://lidarr.local:8686/","keyword":"lidarr","postData":null},{"guid":"wMIqKs-khASr","title":"Readarr","index":6,"dateAdded":1663563351273000,"lastModified":1663563458026000,"id":26,"typeCode":1,"type":"text/x-moz-place","uri":"http://readarr.local:8787/","keyword":"readarr","postData":null},{"guid":"DEp7ItKo9yxp","title":"Whisparr","index":7,"dateAdded":1663563385306000,"lastModified":1663563475044000,"id":27,"typeCode":1,"type":"text/x-moz-place","uri":"http://whisparr.local:6969/","keyword":"whisparr","postData":null},{"guid":"YMw2s9FwCQ5B","title":"Prowlarr","index":8,"dateAdded":1663563315010000,"lastModified":1663563489686000,"id":25,"typeCode":1,"type":"text/x-moz-place","uri":"http://prowlarr.local:9696/","keyword":"prowlarr","postData":null},{"guid":"iI_mDGRG1r9k","title":"","index":9,"dateAdded":1663563502804000,"lastModified":1663563510748000,"id":29,"typeCode":3,"type":"text/x-moz-place-separator"},{"guid":"NNGt9sSRDkMk","title":"Jellyfin","index":10,"dateAdded":1663504669232000,"lastModified":1663504679990000,"id":19,"typeCode":1,"type":"text/x-moz-place","uri":"http://jellyfin.local:8096/","keyword":"jellyfin","postData":null},{"guid":"SA1wkEKVMrtC","title":"","index":11,"dateAdded":1663563513898000,"lastModified":1663563517210000,"id":30,"typeCode":3,"type":"text/x-moz-place-separator"},{"guid":"fbwgMDXNnR8D","title":"SABnzbd","index":12,"dateAdded":1663504714971000,"lastModified":1663504749879000,"id":20,"typeCode":1,"type":"text/x-moz-place","uri":"http://sabnzbd.local:8080/","keyword":"sabnzbd","postData":null},{"guid":"fbwgMDXNnR8X","title":"NZBGet","index":12,"dateAdded":1663504714971000,"lastModified":1663504749879000,"id":20,"typeCode":1,"type":"text/x-moz-place","uri":"http://nzbget.local:6789/","keyword":"nzbget","postData":null},{"guid":"eE2jpa4XkK3D","title":"Deluge","index":13,"dateAdded":1663504769224000,"lastModified":1663504776871000,"id":21,"typeCode":1,"type":"text/x-moz-place","uri":"http://deluge.local:8112/","keyword":"deluge","postData":null}]},{"guid":"unfiled_____","title":"unfiled","index":3,"dateAdded":1663504083387000,"lastModified":1663504084394000,"id":5,"typeCode":2,"type":"text/x-moz-place-container","root":"unfiledBookmarksFolder"},{"guid":"mobile______","title":"mobile","index":4,"dateAdded":1663504083446000,"lastModified":1663504084394000,"id":6,"typeCode":2,"type":"text/x-moz-place-container","root":"mobileFolder"}]} -------------------------------------------------------------------------------- /src/tailscale/pve_homelab_ct_tailscale_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_tailscale_installer.sh 4 | # Description: This script is for creating a Tailscale CT 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Bash command to run script --------------------------------------------------- 8 | 9 | #---- Source Github 10 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_installer.sh)" 11 | 12 | #---- Source local Git 13 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_installer.sh 14 | 15 | #---- Source ----------------------------------------------------------------------- 16 | #---- Dependencies ----------------------------------------------------------------- 17 | 18 | # Check PVE host subid mapping 19 | check_host_subid 20 | 21 | # Check SMTP Status 22 | check_smtp_status 23 | 24 | #---- Static Variables ------------------------------------------------------------- 25 | 26 | # Easy Script Section Head 27 | SECTION_HEAD='PVE Tailscale' 28 | 29 | # PVE host IP 30 | PVE_HOST_IP=$(hostname -i) 31 | PVE_HOSTNAME=$(hostname) 32 | 33 | # SSHd Status (0 is enabled, 1 is disabled) 34 | SSH_ENABLE=1 35 | 36 | # Developer enable git mounts inside CT (0 is enabled, 1 is disabled) 37 | DEV_GIT_MOUNT_ENABLE=1 38 | 39 | # Set file source (path/filename) of preset variables for 'pvesource_ct_createvm.sh' 40 | PRESET_VAR_SRC="$( dirname "${BASH_SOURCE[0]}" )/$( basename "${BASH_SOURCE[0]}" )" 41 | 42 | 43 | #---- Other Variables -------------------------------------------------------------- 44 | 45 | #---- Common Machine Variables 46 | # VM Type ( 'ct' or 'vm' only lowercase ) 47 | VM_TYPE='ct' 48 | # Use DHCP. '0' to disable, '1' to enable. 49 | NET_DHCP='1' 50 | # Set address type 'dhcp4'/'dhcp6' or '0' to disable. 51 | NET_DHCP_TYPE='dhcp4' 52 | # CIDR IPv4 53 | CIDR='24' 54 | # CIDR IPv6 55 | CIDR6='64' 56 | # SSHd Port 57 | SSH_PORT='22' 58 | 59 | #----[COMMON_GENERAL_OPTIONS] 60 | # Hostname 61 | HOSTNAME='tailscale' 62 | # Description for the Container (one word only, no spaces). Shown in the web-interface CT’s summary. 63 | DESCRIPTION='' 64 | # Virtual OS/processor architecture. 65 | ARCH='amd64' 66 | # Allocated memory or RAM (MiB). 67 | MEMORY='2048' 68 | # Limit number of CPU sockets to use. Value 0 indicates no CPU limit. 69 | CPULIMIT='0' 70 | # CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. 71 | CPUUNITS='1024' 72 | # The number of cores assigned to the vm/ct. Do not edit - its auto set. 73 | CORES='1' 74 | 75 | #----[COMMON_NET_OPTIONS] 76 | # Bridge to attach the network device to. 77 | BRIDGE='vmbr0' 78 | # A common MAC address with the I/G (Individual/Group) bit not set. 79 | HWADDR="" 80 | # Controls whether this interface’s firewall rules should be used. 81 | FIREWALL='1' 82 | # VLAN tag for this interface (value 0 for none, or VLAN[2-N] to enable). 83 | TAG='0' 84 | # VLAN ids to pass through the interface 85 | TRUNKS="" 86 | # Apply rate limiting to the interface (MB/s). Value "" for unlimited. 87 | RATE="" 88 | # MTU - Maximum transfer unit of the interface. 89 | MTU="" 90 | 91 | #----[COMMON_NET_DNS_OPTIONS] 92 | # Nameserver server IP (IPv4 or IPv6) (value "" for none). 93 | NAMESERVER='192.168.1.5' 94 | # Search domain name (local domain) 95 | SEARCHDOMAIN='local' 96 | 97 | #----[COMMON_NET_STATIC_OPTIONS] 98 | # IP address (IPv4). Only works with static IP (DHCP=0). 99 | IP='192.168.1.4' 100 | # IP address (IPv6). Only works with static IP (DHCP=0). 101 | IP6='' 102 | # Default gateway for traffic (IPv4). Only works with static IP (DHCP=0). 103 | GW='192.168.1.5' 104 | # Default gateway for traffic (IPv6). Only works with static IP (DHCP=0). 105 | GW6='' 106 | 107 | #---- PVE CT 108 | #----[CT_GENERAL_OPTIONS] 109 | # Unprivileged container. '0' to disable, '1' to enable/yes. 110 | CT_UNPRIVILEGED='1' 111 | # Memory swap 112 | CT_SWAP='512' 113 | # OS 114 | CT_OSTYPE='ubuntu' 115 | # Onboot startup 116 | CT_ONBOOT='1' 117 | # Timezone 118 | CT_TIMEZONE='host' 119 | # Root credentials (leave blank for no pwd) 120 | CT_PASSWORD='' 121 | # Virtual OS/processor architecture. 122 | CT_ARCH='amd64' 123 | 124 | #----[CT_FEATURES_OPTIONS] 125 | # Allow using fuse file systems in a container. 126 | CT_FUSE='0' 127 | # For unprivileged containers only: Allow the use of the keyctl() system call. 128 | CT_KEYCTL='0' 129 | # Allow mounting file systems of specific types. (Use 'nfs' or 'cifs' or 'nfs;cifs' for both or leave empty "") 130 | CT_MOUNT='' 131 | # Allow nesting. Best used with unprivileged containers with additional id mapping. 132 | CT_NESTING='0' 133 | # A public key for connecting to the root account over SSH (insert path). 134 | 135 | #----[CT_ROOTFS_OPTIONS] 136 | # Virtual Disk Size (GB). 137 | CT_SIZE='10' 138 | # Explicitly enable or disable ACL support. 139 | CT_ACL='1' 140 | 141 | #----[CT_STARTUP_OPTIONS] 142 | # Startup and shutdown behavior ( '--startup order=1,up=1,down=1' ). 143 | # Order is a non-negative number defining the general startup order. Up=1 means first to start up. Shutdown in done with reverse ordering so down=1 means last to shutdown. 144 | # Up: Startup delay. Defines the interval between this container start and subsequent containers starts. For example, set it to 240 if you want to wait 240 seconds before starting other containers. 145 | # Down: Shutdown timeout. Defines the duration in seconds Proxmox VE should wait for the container to be offline after issuing a shutdown command. By default this value is set to 60, which means that Proxmox VE will issue a shutdown request, wait 60s for the machine to be offline, and if after 60s the machine is still online will notify that the shutdown action failed. 146 | CT_ORDER='2' 147 | CT_UP='30' 148 | CT_DOWN='60' 149 | 150 | #----[CT_NET_OPTIONS] 151 | # Name of the network device as seen from inside the VM/CT. 152 | CT_NAME='eth0' 153 | CT_TYPE='veth' 154 | 155 | #----[CT_OTHER] 156 | # OS Version 157 | CT_OSVERSION='22.04' 158 | # CTID numeric ID of the given container. 159 | CTID='250' 160 | 161 | #----[App_UID_GUID] 162 | # App user 163 | APP_USERNAME='home' 164 | # App user group 165 | APP_GRPNAME='homelab' 166 | 167 | #----[REPO_PKG_NAME] 168 | # Repo package name 169 | REPO_PKG_NAME='tailscale' 170 | 171 | 172 | #---- Other Files ------------------------------------------------------------------ 173 | 174 | # Required PVESM Storage Mounts for CT ( new version ) 175 | unset pvesm_required_LIST 176 | pvesm_required_LIST=() 177 | while IFS= read -r line 178 | do 179 | [[ "$line" =~ ^\#.*$ ]] && continue 180 | pvesm_required_LIST+=( "$line" ) 181 | done << EOF 182 | # Example 183 | EOF 184 | 185 | #---- Body ------------------------------------------------------------------------- 186 | 187 | #---- Introduction 188 | source $COMMON_PVE_SRC_DIR/pvesource_ct_intro.sh 189 | 190 | #---- Setup PVE CT Variables 191 | # Ubuntu NAS (all) 192 | source $COMMON_PVE_SRC_DIR/pvesource_set_allvmvars.sh 193 | 194 | #---- Create OS CT 195 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createvm.sh 196 | 197 | #---- Pre-Configuring PVE CT 198 | section "Pre-Configure ${HOSTNAME^} ${VM_TYPE^^}" 199 | 200 | # Homelab CT unprivileged mapping 201 | if [ "$CT_UNPRIVILEGED" = 1 ] 202 | then 203 | source $COMMON_PVE_SRC_DIR/pvesource_ct_homelab_ctidmapping.sh 204 | fi 205 | 206 | # VA-API Install & Setup for CT 207 | source $COMMON_PVE_SRC_DIR/pvesource_ct_medialab_vaapipassthru.sh 208 | 209 | #---- Custom CT unprivileged mapping 210 | echo -e "lxc.cgroup2.devices.allow: c 10:200 rwm 211 | lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file" >> /etc/pve/lxc/$CTID.conf 212 | 213 | 214 | #---- Tailscale -------------------------------------------------------------------- 215 | 216 | #---- Install Tailscale 217 | section "Install Tailscale software" 218 | 219 | # Start CT 220 | pct_start_waitloop 221 | 222 | # Pushing scripts to CT 223 | msg "Pushing repo scripts to CT..." 224 | pct push $CTID $REPO_TEMP/${GIT_REPO}.tar.gz /tmp/${GIT_REPO}.tar.gz 225 | pct exec $CTID -- tar -zxf /tmp/${GIT_REPO}.tar.gz -C /tmp 226 | 227 | # Tailscale SW 228 | pct exec $CTID -- bash -c "export REPO_PKG_NAME=$REPO_PKG_NAME APP_USERNAME=$APP_USERNAME APP_GRPNAME=$APP_GRPNAME && /tmp/$GIT_REPO/src/$REPO_PKG_NAME/tailscale_sw.sh" 229 | 230 | #---- Finish Line ------------------------------------------------------------------ 231 | section "Completion Status." 232 | 233 | #---- Set display text 234 | unset display_msg1 235 | # Web access URL 236 | display_msg1=( "SSH log into your Proxmox host and run these commands:" ) 237 | display_msg1+=( " -- pct enter $CTID" ) 238 | display_msg1+=( " -- sudo tailscale up --ssh" ) 239 | display_msg1+=( "Follow the terminal screen directions." ) 240 | 241 | msg_box "Tailscale CT installation was a success. Your next step is to connect and authenticate your Tailscale Ubuntu CT with your Tailscale tailnet private network: 242 | 243 | $(printf '%s\n' "${display_msg1[@]}" | indent2) 244 | 245 | The next step is to use a authentication method. We use Gmail. Then to disable Tailscale key expiry open the 'Machines page' of the admin console webpage, select your Tailscale server and in the far right menu select the 'Disable Key Expiry' option. 246 | 247 | Your Tailscale CT is a Ubuntu Linux machine prebuilt with remote desktop (RDP) support and Mozilla Firefox. Your RDP Ubuntu login credentials are: 248 | 249 | $(printf "Username|admin 250 | Password|ahuacate" | column -t -s "|" | indent2) 251 | 252 | Connect to the Tailscale CT using a RDP client (Microsoft remote desktop connection), a tailnet IP address obtained from Tailscale App, and login into Ubuntu and start the Firefox application. Navigate to the Firefox option 'Manage Bookmarks' and restore our preset bookmark file located on your desktop: 'bookmarks-ahuacate.json'. Our bookmark preset file includes all the local server URLs for Radarr, Sonarr and more. 253 | 254 | More information about configuring Tailscale, GPU accelerated Firefox and SSH here: https://github.com/ahuacate/homelab and https://tailscale.com/kb/guides/" 255 | echo 256 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/tailscale/tailscale_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: tailscale_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../common" 11 | SHARED="$DIR/../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | 16 | # Update these variables as required for your specific instance 17 | app="${REPO_PKG_NAME,,}" # App name 18 | app_uid="$APP_USERNAME" # App UID 19 | app_guid="$APP_GRPNAME" # App GUID 20 | 21 | #---- Other Variables -------------------------------------------------------------- 22 | 23 | #---- Firewall variables 24 | # SSH port 25 | SSH_PORT=22 26 | # Local network 27 | LOCAL_NET=$(hostname -I | awk -F'.' -v OFS="." '{ print $1,$2,"0.0/24" }') 28 | 29 | #---- Other Files ------------------------------------------------------------------ 30 | #---- Body ------------------------------------------------------------------------- 31 | 32 | #---- Prerequisites 33 | 34 | # Run Bash Header 35 | source $COMMON/bash/src/basic_bash_utility.sh 36 | 37 | # Update locales 38 | sudo locale-gen en_US.UTF-8 39 | 40 | # Install prerequisites 41 | apt-get install ca-certificates wget -y 42 | 43 | # Update locales 44 | sudo locale-gen en_US.UTF-8 45 | 46 | # Add Packages 47 | apt-get install software-properties-common -y 2> /dev/null 48 | apt-get install unzip -y 2> /dev/null 49 | apt-get install fontconfig -y 2> /dev/null 50 | apt-get install curl -y 2> /dev/null 51 | 52 | # Add Google font package 53 | wget -O /tmp/fonts.zip https://fonts.google.com/download?family=Open%20Sans 54 | mkdir -p /usr/share/fonts/googlefonts 55 | mkdir -p /usr/share/fonts/opentype 56 | unzip /tmp/fonts.zip -d /usr/share/fonts/googlefonts 57 | chmod -R --reference=/usr/share/fonts/opentype /usr/share/fonts/googlefonts 58 | sudo fc-cache -fv 59 | 60 | # Install video drivers 61 | if [ "$(ls -l /dev/dri | grep renderD128 > /dev/null; echo $?)" = 0 ] 62 | then 63 | GPU=$(lspci | grep VGA | cut -d ":" -f3 | sed -e 's/^[ \t]*//') 64 | # Intel GPU 65 | if [[ "$GPU" =~ ^Intel.* ]] 66 | then 67 | # Install drivers 68 | # apt-get install i965-va-driver -y 69 | apt-get install intel-media-va-driver-non-free -y 70 | fi 71 | fi 72 | 73 | # Install ffmpeg 74 | apt-get install ffmpeg -y 75 | 76 | 77 | #---- Create new user 78 | 79 | # Add user 80 | useradd -m -p $(perl -e 'print crypt($ARGV[0], "password")' ahuacate) admin 81 | usermod -aG sudo admin 82 | usermod -s /bin/bash admin 83 | sudo -u admin xdg-user-dirs-update 84 | echo "admin ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/admin 85 | 86 | # Create ~/.ssh folder 87 | # Create .ssh directory for the user 88 | sudo -u admin mkdir -p /home/admin/.ssh 89 | # Set correct permissions for .ssh directory 90 | sudo -u admin chmod 700 /home/admin/.ssh 91 | # Optional: Generate SSH keys for the user (uncomment if needed) 92 | # sudo -u admin ssh-keygen -t rsa -b 4096 -C "admin@example.com" -f /home/admin/.ssh/id_rsa -N "" 93 | # Ensure the correct ownership 94 | chown -R admin:admin /home/admin/.ssh 95 | # Add SSH configuration to the config file 96 | sudo -u admin bash -c 'cat < /home/admin/.ssh/config 97 | Host pve-01 98 | HostName 192.168.1.101 99 | User root 100 | IdentityFile ~/.ssh/id_ed25519-pve 101 | 102 | Host pve-02 103 | HostName 192.168.1.102 104 | User root 105 | IdentityFile ~/.ssh/id_ed25519-pve 106 | 107 | Host pve-03 108 | HostName 192.168.1.103 109 | User root 110 | IdentityFile ~/.ssh/id_ed25519-pve 111 | 112 | Host pve-04 113 | HostName 192.168.1.104 114 | User root 115 | IdentityFile ~/.ssh/id_ed25519-pve 116 | 117 | Host pve-05 118 | HostName 192.168.1.105 119 | User root 120 | IdentityFile ~/.ssh/id_ed25519-pve 121 | 122 | Host nas-01 123 | HostName nas-01.local 124 | User admin 125 | IdentityFile ~/.ssh/id_ed25519-pve 126 | EOF' 127 | 128 | # Set correct permissions for the config file 129 | sudo -u admin chmod 600 /home/admin/.ssh/config 130 | # Ensure the correct ownership of .ssh directory and contents 131 | chown -R admin:admin /home/admin/.ssh 132 | 133 | 134 | #---- Install RDP SW 135 | 136 | # Install the desktop environment 137 | apt-get install xfce4 xfce4-goodies -y 138 | # Fix /etc/nsswitch.conf after xfce4 install 139 | sed -i 's/hosts:.*/hosts: files dns/g' /etc/nsswitch.conf 140 | # Install X stuff 141 | apt-get install xorg dbus-x11 x11-xserver-utils -y 142 | # Install XRDP on Ubuntu 143 | apt-get install xrdp ufw -y 144 | # Edit /etc/xrdp/xrdp.ini 145 | echo 'exec startxfce4' >> /etc/xrdp/xrdp.ini 146 | systemctl restart xrdp.service 147 | # Set RDP display 148 | update-alternatives --set x-session-manager /usr/bin/xfce4-session 149 | # Add the xrdp user to the “ssl-cert” group 150 | usermod -a -G ssl-cert xrdp 151 | systemctl restart xrdp 152 | # Configure System firewall 153 | ufw allow from 192.168.0.0/24 to any port 3389 154 | ufw reload 155 | 156 | # Fix - Authentication Required to Create Managed Color Device 157 | cat << EOF > /etc/polkit-1/localauthority.conf.d/02-allow-colord.conf 158 | polkit.addRule(function(action, subject) { 159 | if ((action.id == "org.freedesktop.color-manager.create-device" || 160 | action.id == "org.freedesktop.color-manager.create-profile" || 161 | action.id == "org.freedesktop.color-manager.delete-device" || 162 | action.id == "org.freedesktop.color-manager.delete-profile" || 163 | action.id == "org.freedesktop.color-manager.modify-device" || 164 | action.id == "org.freedesktop.color-manager.modify-profile") && 165 | subject.isInGroup("{users}")) { 166 | return polkit.Result.YES; 167 | } 168 | }); 169 | EOF 170 | 171 | 172 | #---- Install firefox 173 | 174 | # Add the Mozilla Team PPA 175 | add-apt-repository ppa:mozillateam/ppa -y 2> /dev/null 176 | # Increase the priority of it's firefox package 177 | printf 'Package: firefox\nPin: release o=LP-PPA-mozillateam\nPin-Priority: 1500\n' | tee /etc/apt/preferences.d/mozilla-firefox 178 | # Install Firefox 179 | apt-get install firefox -y 180 | # Copy Firefox bookmark preset file to CT 181 | cp $DIR/config/bookmarks-ahuacate.json /home/admin/Desktop/bookmarks-ahuacate.json 182 | 183 | 184 | #---- Configure audio 185 | 186 | wget http://c-nergy.be/downloads/xRDP/xrdp-installer-1.4.2.zip -P /tmp 187 | unzip /tmp/xrdp-installer-1.4.2.zip -d /tmp 188 | sleep 1 189 | chmod +x /tmp/xrdp-installer-1.4.2.sh 190 | su -c '/tmp/xrdp-installer-1.4.2.sh -s' admin 191 | 192 | 193 | #---- Configure Home User profile 194 | 195 | if [ "$(ls -l /dev/dri | grep renderD128 > /dev/null; echo $?)" = 0 ] 196 | then 197 | GPU=$(lspci | grep VGA | cut -d ":" -f3 | sed -e 's/^[ \t]*//') 198 | # Intel GPU 199 | if [[ "$GPU" =~ ^Intel.* ]] 200 | then 201 | # Set user environment variable 202 | # echo 'export LIBVA_DRIVER_NAME=i965' >> /home/admin/.profile 203 | echo 'export LIBVA_DRIVER_NAME=iHD' >> /home/admin/.profile 204 | echo 'export MOZ_X11_EGL=1' >> /home/admin/.profile 205 | # echo 'export MOZ_DISABLE_RDD_SANDBOX=1' >> /home/admin/.profile 206 | fi 207 | fi 208 | 209 | 210 | #---- Configure firewall 211 | sudo ufw allow $SSH_PORT 212 | sudo ufw allow from $LOCAL_NET to any port $SSH_PORT 213 | # Optional additional ports 214 | sudo ufw allow in on tailscale0 # Allow Tailscale 215 | sudo ufw default deny incoming 216 | sudo ufw default allow outgoing 217 | 218 | # Enable ufw 219 | sudo ufw enable 220 | 221 | 222 | #---- Install fail2ban 223 | # Install fail2ban 224 | apt-get install fail2ban -y 225 | 226 | # Configure fail2ban 227 | cat < /etc/fail2ban/jail.local 228 | [DEFAULT] 229 | bantime = 8h 230 | ignoreip = 127.0.0.1/8 ${LOCAL_NET} 231 | ignoreself = true 232 | 233 | [sshd] 234 | enabled = true 235 | EOF 236 | 237 | # Restart fail2ban 238 | sudo service fail2ban restart 239 | 240 | #---- Install Tailscale 241 | 242 | # Download Tailscale install script 243 | bash -c "$(curl -fsSL https://tailscale.com/install.sh)" &>/dev/null || exit 244 | 245 | # Reboot CT 246 | reboot 247 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/testlab/config/index_port_443.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Welcome to Test Site 5 | 6 | 7 |

Hello, World!

8 |

This is a HTTPS SSL Port 443 test page served by Nginx.

9 | 10 | -------------------------------------------------------------------------------- /src/testlab/config/index_port_80.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Welcome to Test Site 5 | 6 | 7 |

Hello, World!

8 |

This is a HTTP Port 80 test page served by Nginx.

9 | 10 | -------------------------------------------------------------------------------- /src/testlab/config/test_site: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80; 3 | server_name your_domain.com www.your_domain.com; 4 | 5 | root /var/www/test_site; 6 | index index_port_80.html; 7 | 8 | location / { 9 | try_files $uri $uri/ =404; 10 | } 11 | } 12 | 13 | server { 14 | listen 443 ssl; 15 | server_name your_domain.com www.your_domain.com; 16 | 17 | ssl_certificate /etc/nginx/ssl/test_site.crt; 18 | ssl_certificate_key /etc/nginx/ssl/test_site.key; 19 | 20 | root /var/www/test_site; 21 | index index_port_443.html; 22 | 23 | location / { 24 | try_files $uri $uri/ =404; 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/testlab/pve_homelab_ct_testlab_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_testlab_installer.sh 4 | # Description: This script is for creating a testlab CT 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Bash command to run script --------------------------------------------------- 8 | 9 | #---- Source Github 10 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_installer.sh)" 11 | 12 | #---- Source local Git 13 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_installer.sh 14 | 15 | #---- Source ----------------------------------------------------------------------- 16 | #---- Dependencies ----------------------------------------------------------------- 17 | 18 | # Check SMTP Status 19 | check_smtp_status 20 | 21 | #---- Static Variables ------------------------------------------------------------- 22 | 23 | # Easy Script Section Head 24 | SECTION_HEAD='Homelab testlab' 25 | 26 | # PVE host IP 27 | PVE_HOST_IP=$(hostname -i) 28 | PVE_HOSTNAME=$(hostname) 29 | 30 | # SSHd Status (0 is enabled, 1 is disabled) 31 | SSH_ENABLE=1 32 | 33 | # Developer enable git mounts inside CT (0 is enabled, 1 is disabled) 34 | DEV_GIT_MOUNT_ENABLE=1 35 | 36 | # Set file source (path/filename) of preset variables for 'pvesource_ct_createvm.sh' 37 | PRESET_VAR_SRC="$( dirname "${BASH_SOURCE[0]}" )/$( basename "${BASH_SOURCE[0]}" )" 38 | 39 | #---- Other Variables -------------------------------------------------------------- 40 | 41 | #---- Common Machine Variables 42 | # VM Type ( 'ct' or 'vm' only lowercase ) 43 | VM_TYPE='ct' 44 | # Use DHCP. '0' to disable, '1' to enable. 45 | NET_DHCP='1' 46 | # Set address type 'dhcp4'/'dhcp6' or '0' to disable. 47 | NET_DHCP_TYPE='dhcp4' 48 | # CIDR IPv4 49 | CIDR='24' 50 | # CIDR IPv6 51 | CIDR6='64' 52 | # SSHd Port 53 | SSH_PORT='22' 54 | 55 | #----[COMMON_GENERAL_OPTIONS] 56 | # Hostname 57 | HOSTNAME='testlab' 58 | # Description for the Container (one word only, no spaces). Shown in the web-interface CT’s summary. 59 | DESCRIPTION='' 60 | # Virtual OS/processor architecture. 61 | ARCH='amd64' 62 | # Allocated memory or RAM (MiB). 63 | MEMORY='512' 64 | # Limit number of CPU sockets to use. Value 0 indicates no CPU limit. 65 | CPULIMIT='0' 66 | # CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. 67 | CPUUNITS='1024' 68 | # The number of cores assigned to the vm/ct. Do not edit - its auto set. 69 | CORES='1' 70 | 71 | #----[COMMON_NET_OPTIONS] 72 | # Bridge to attach the network device to. 73 | BRIDGE='vmbr0' 74 | # A common MAC address with the I/G (Individual/Group) bit not set. 75 | HWADDR="" 76 | # Controls whether this interface’s firewall rules should be used. 77 | FIREWALL='1' 78 | # VLAN tag for this interface (value 0 for none, or VLAN[2-N] to enable). 79 | TAG='0' 80 | # VLAN ids to pass through the interface 81 | TRUNKS="" 82 | # Apply rate limiting to the interface (MB/s). Value "" for unlimited. 83 | RATE="" 84 | # MTU - Maximum transfer unit of the interface. 85 | MTU="" 86 | 87 | #----[COMMON_NET_DNS_OPTIONS] 88 | # Nameserver server IP (IPv4 or IPv6) (value "" for none). 89 | NAMESERVER='192.168.1.5' 90 | # Search domain name (local domain) 91 | SEARCHDOMAIN='local' 92 | 93 | #----[COMMON_NET_STATIC_OPTIONS] 94 | # IP address (IPv4). Only works with static IP (DHCP=0). 95 | IP='192.168.1.252' 96 | # IP address (IPv6). Only works with static IP (DHCP=0). 97 | IP6='' 98 | # Default gateway for traffic (IPv4). Only works with static IP (DHCP=0). 99 | GW='192.168.1.5' 100 | # Default gateway for traffic (IPv6). Only works with static IP (DHCP=0). 101 | GW6='' 102 | 103 | #---- PVE CT 104 | #----[CT_GENERAL_OPTIONS] 105 | # Unprivileged container. '0' to disable, '1' to enable/yes. 106 | CT_UNPRIVILEGED='1' 107 | # Memory swap 108 | CT_SWAP='512' 109 | # OS 110 | CT_OSTYPE='ubuntu' 111 | # Onboot startup 112 | CT_ONBOOT='1' 113 | # Timezone 114 | CT_TIMEZONE='host' 115 | # Root credentials (leave blank for no pwd) 116 | CT_PASSWORD='' 117 | # Virtual OS/processor architecture. 118 | CT_ARCH='amd64' 119 | 120 | #----[CT_FEATURES_OPTIONS] 121 | # Allow using fuse file systems in a container. 122 | CT_FUSE='0' 123 | # For unprivileged containers only: Allow the use of the keyctl() system call. 124 | CT_KEYCTL='0' 125 | # Allow mounting file systems of specific types. (Use 'nfs' or 'cifs' or 'nfs;cifs' for both or leave empty "") 126 | CT_MOUNT='' 127 | # Allow nesting. Best used with unprivileged containers with additional id mapping. 128 | CT_NESTING='0' 129 | # A public key for connecting to the root account over SSH (insert path). 130 | 131 | #----[CT_ROOTFS_OPTIONS] 132 | # Virtual Disk Size (GB). 133 | CT_SIZE='1' 134 | # Explicitly enable or disable ACL support. 135 | CT_ACL='1' 136 | 137 | #----[CT_STARTUP_OPTIONS] 138 | # Startup and shutdown behavior ( '--startup order=1,up=1,down=1' ). 139 | # Order is a non-negative number defining the general startup order. Up=1 means first to start up. Shutdown in done with reverse ordering so down=1 means last to shutdown. 140 | # Up: Startup delay. Defines the interval between this container start and subsequent containers starts. For example, set it to 240 if you want to wait 240 seconds before starting other containers. 141 | # Down: Shutdown timeout. Defines the duration in seconds Proxmox VE should wait for the container to be offline after issuing a shutdown command. By default this value is set to 60, which means that Proxmox VE will issue a shutdown request, wait 60s for the machine to be offline, and if after 60s the machine is still online will notify that the shutdown action failed. 142 | CT_ORDER='2' 143 | CT_UP='30' 144 | CT_DOWN='60' 145 | 146 | #----[CT_NET_OPTIONS] 147 | # Name of the network device as seen from inside the VM/CT. 148 | CT_NAME='eth0' 149 | CT_TYPE='veth' 150 | 151 | #----[CT_OTHER] 152 | # OS Version 153 | CT_OSVERSION='22.04' 154 | # CTID numeric ID of the given container. 155 | CTID='252' 156 | 157 | #----[App_UID_GUID] 158 | # App user 159 | APP_USERNAME='home' 160 | # App user group 161 | APP_GRPNAME='homelab' 162 | 163 | #----[REPO_PKG_NAME] 164 | # Repo package name 165 | REPO_PKG_NAME='testlab' 166 | 167 | #---- Other Files ------------------------------------------------------------------ 168 | 169 | # Required PVESM Storage Mounts for CT ( new version ) 170 | unset pvesm_required_LIST 171 | pvesm_required_LIST=() 172 | while IFS= read -r line 173 | do 174 | [[ "$line" =~ ^\#.*$ ]] && continue 175 | pvesm_required_LIST+=( "$line" ) 176 | done << EOF 177 | # Example 178 | EOF 179 | 180 | #---- Body ------------------------------------------------------------------------- 181 | 182 | #---- Introduction 183 | source $COMMON_PVE_SRC_DIR/pvesource_ct_intro.sh 184 | 185 | #---- Setup PVE CT Variables 186 | # Ubuntu NAS (all) 187 | source $COMMON_PVE_SRC_DIR/pvesource_set_allvmvars.sh 188 | 189 | #---- Create OS CT 190 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createvm.sh 191 | 192 | #---- Configure New CT OS 193 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntubasics.sh 194 | 195 | # Homelab CT unprivileged mapping 196 | if [ "$CT_UNPRIVILEGED" = 1 ] 197 | then 198 | source $COMMON_PVE_SRC_DIR/pvesource_ct_homelab_ctidmapping.sh 199 | fi 200 | 201 | #---- Testlab ---------------------------------------------------------------------- 202 | 203 | #---- Install Testlab SW 204 | section "Install Testlab SW" 205 | 206 | # Start CT 207 | pct_start_waitloop 208 | 209 | # Pushing scripts to CT 210 | msg "Pushing repo scripts to CT..." 211 | pct push $CTID $REPO_TEMP/${GIT_REPO}.tar.gz /tmp/${GIT_REPO}.tar.gz 212 | pct exec $CTID -- tar -zxf /tmp/${GIT_REPO}.tar.gz -C /tmp 213 | 214 | # Testlab SW 215 | pct exec $CTID -- bash -c "export REPO_PKG_NAME=$REPO_PKG_NAME APP_USERNAME=$APP_USERNAME APP_GRPNAME=$APP_GRPNAME && /tmp/$GIT_REPO/src/$REPO_PKG_NAME/testlab_sw.sh" 216 | 217 | # Reboot the CT 218 | pct_stop_waitloop 219 | pct_start_waitloop 220 | 221 | #---- Finish Line ------------------------------------------------------------------ 222 | section "Completion Status." 223 | 224 | CT_IP=$(pct exec $CTID -- bash -c "hostname -I | sed 's/ //g'") 225 | 226 | msg "Success. ${HOSTNAME^} installed. SSH to your testlab CT from your PVE host: 227 | 228 | -- ${WHITE}pct enter ${CTID}${NC}\n 229 | -- To enable HTTPS SSL 443 testing add your CERT & KEY using CLI: 230 | 1) nano /etc/nginx/ssl/test_site.key (paste SSL key) 231 | 2) nano /etc/nginx/ssl/test_site.crt (paste SSL cert) 232 | 3) nginx -t 233 | 4) systemctl reload nginx 234 | -- Local URL: http://$CT_IP or https://$CT_IP 235 | -- Installed Teslab SW: nginx\n" 236 | echo 237 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/testlab/testlab_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: testlab_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | 9 | DIR=$( cd "$( dirname "${BASH_SOURCE}" )" && pwd ) 10 | COMMON="$DIR/../../common" 11 | SHARED="$DIR/../../shared" 12 | 13 | #---- Dependencies ----------------------------------------------------------------- 14 | #---- Static Variables ------------------------------------------------------------- 15 | 16 | # Update these variables as required for your specific instance 17 | app="${REPO_PKG_NAME,,}" # App name 18 | app_uid="$APP_USERNAME" # App UID 19 | app_guid="$APP_GRPNAME" # App GUID 20 | 21 | #---- Other Variables -------------------------------------------------------------- 22 | 23 | #---- Firewall variables 24 | # SSH port 25 | PORT_80=80 26 | PORT_443=443 27 | # Local network 28 | LOCAL_NET=$(hostname -I | awk -F'.' -v OFS="." '{ print $1,$2,"0.0/24" }') 29 | 30 | #---- Other Files ------------------------------------------------------------------ 31 | #---- Body ------------------------------------------------------------------------- 32 | 33 | #---- Prerequisites 34 | 35 | # Run update & upgrade 36 | apt-get update && apt-get upgrade -y 37 | apt-get install apt-transport-https -y 38 | 39 | # Run Bash Header 40 | source $COMMON/bash/src/basic_bash_utility.sh 41 | 42 | #---- Install nginx 43 | apt-get install nginx -y 44 | 45 | # Stopping system.d 'nginx' unit 46 | if [ "$(systemctl is-active nginx)" == "active" ] 47 | then 48 | systemctl stop nginx 49 | while ! [[ "$(systemctl is-active nginx)" == "inactive" ]] 50 | do 51 | echo -n . 52 | done 53 | fi 54 | 55 | # Add group nginx 56 | sudo useradd -r -s /sbin/nologin nginx 57 | 58 | # Disable the Default Configuration 59 | rm /etc/nginx/sites-enabled/default 60 | 61 | # Create dirs 62 | mkdir -p /var/www/test_site # Create the Web Root Directory 63 | mkdir -p /etc/nginx/sites-available # Make site folder 64 | mkdir -p /etc/nginx/ssl # Make SSL folder 65 | 66 | # Copy Web files 67 | cp $DIR/config/index_port_80.html /var/www/test_site/ 68 | cp $DIR/config/index_port_443.html /var/www/test_site/ 69 | cp $DIR/config/test_site /etc/nginx/sites-available/test_site 70 | 71 | # Set SSL Cert & Key permissions 72 | if [ ! -f "/etc/nginx/ssl/test_site.crt" ]; then 73 | touch /etc/nginx/ssl/test_site.crt 74 | chown root:nginx /etc/nginx/ssl/test_site.crt 75 | chmod 640 /etc/nginx/ssl/test_site.crt 76 | 77 | else 78 | chmod 644 /etc/nginx/ssl/test_site.crt 79 | chown root:nginx /etc/nginx/ssl/test_site.crt 80 | chmod 640 /etc/nginx/ssl/test_site.crt 81 | fi 82 | if [ ! -f "/etc/nginx/ssl/test_site.key" ]; then 83 | touch /etc/nginx/ssl/test_site.key 84 | chown root:nginx /etc/nginx/ssl/test_site.key 85 | chmod 640 /etc/nginx/ssl/test_site.key 86 | else 87 | chown root:nginx /etc/nginx/ssl/test_site.key 88 | chmod 640 /etc/nginx/ssl/test_site.key 89 | fi 90 | 91 | # Verify Permissions 92 | chown -R www-data:www-data /var/www/test_site 93 | chmod -R 755 /var/www/test_site 94 | chown -R root:nginx /etc/nginx/ssl 95 | chmod 750 /etc/nginx/ssl 96 | 97 | # Create a symbolic link to enable the site configuration 98 | ln -s /etc/nginx/sites-available/test_site /etc/nginx/sites-enabled/ 99 | 100 | # Test and Reload nginx 101 | nginx -t 102 | 103 | # Starting system.d 'nginx.service' unit 104 | if [ "$(systemctl is-active nginx.service)" == "inactive" ] 105 | then 106 | systemctl start nginx.service 107 | while ! [[ "$(systemctl is-active nginx.service)" == "active" ]] 108 | do 109 | echo -n . 110 | done 111 | fi 112 | 113 | 114 | #---- Configure firewall 115 | 116 | # Configure the Firewall 117 | ufw allow 'Nginx Full' 118 | ufw allow $PORT_80 119 | ufw allow from $LOCAL_NET to any port $PORT_80 120 | ufw allow $PORT_443 121 | ufw allow from $LOCAL_NET to any port $PORT_443 122 | # Optional additional ports 123 | ufw default deny incoming 124 | ufw default allow outgoing 125 | 126 | # Enable ufw 127 | ufw enable 128 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/unifi-controller/config/unifi-controller_backup.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: unifi_controller_backup.sh 4 | # Description: Backup script for UniFi Controller settings to NAS 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | #---- Dependencies ----------------------------------------------------------------- 9 | #---- Static Variables ------------------------------------------------------------- 10 | 11 | # Update these variables as required for your specific instance 12 | app='' 13 | app_uid='' 14 | app_guid='' 15 | 16 | # Define the number of days 17 | days_to_keep=30 18 | 19 | # Define the NAS directory path 20 | nas_backup_dir="/mnt/backup/$app/autobackup" 21 | 22 | # Calculate the timestamp for files older than x days 23 | timestamp=$(date -d "$days_to_keep days ago" +%s) 24 | 25 | #---- Other Variables -------------------------------------------------------------- 26 | #---- Other Files ------------------------------------------------------------------ 27 | #---- Body ------------------------------------------------------------------------- 28 | 29 | #---- Prerequisites 30 | 31 | # Check if user exists 32 | if ! id -u "$app_uid" >/dev/null 2>&1; then 33 | exit 1 34 | fi 35 | 36 | # Check rw permissions 37 | if ! sudo -u $app_uid test -w "/mnt/backup"; then 38 | exit 1 39 | fi 40 | 41 | # Chk for network backup mount 42 | if [ -d /mnt/backup ] 43 | then 44 | sudo -u $app_uid mkdir -p $nas_backup_dir 45 | sudo -u $app_uid mkdir -p /mnt/backup/$app/manualbackup 46 | else 47 | exit 1 48 | fi 49 | 50 | # Chk for default user 'HOME' dir 51 | if [ -d "/home/$app_uid" ] 52 | then 53 | sudo -u $app_uid mkdir -p /home/$app_uid/unifi_autobackup 54 | chown $app_uid:$app_guid /home/$app_uid/unifi_autobackup 55 | else 56 | exit 1 57 | fi 58 | 59 | #---- Copy all UniFi backup unf files to default user HOME dir 60 | 61 | # Remove default user backup files 62 | rm -f /home/$app_uid/unifi_autobackup/* 2> /dev/null 63 | 64 | # Copy UniFi backup files to default user HOME 65 | cp -fR /usr/lib/unifi/data/backup/autobackup/* /home/$app_uid/unifi_autobackup/ 2> /dev/null 66 | chown -R $app_uid:$app_guid /home/$app_uid/unifi_autobackup/ 67 | 68 | 69 | #---- Copy all UniFi backup unf files to NAS 70 | 71 | # Remove aged UniFi backup files from NAS 72 | sudo -u $app_uid find "$nas_backup_dir/" -type f -mtime +"$days_to_keep" -exec rm {} \; 73 | 74 | # Copy UniFi backup to NAS 75 | sudo -u $app_uid cp -fR /home/$app_uid/unifi_autobackup/* "$nas_backup_dir/" 2> /dev/null 76 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/unifi-controller/pve_homelab_ct_unifi-controller_installer.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_unifi_installer.sh 4 | # Description: This script is for creating a UniFi Controller CT 5 | # Shout Out: https://glennr.nl/ 6 | # ---------------------------------------------------------------------------------- 7 | 8 | #---- Bash command to run script --------------------------------------------------- 9 | 10 | #---- Source Github 11 | # bash -c "$(wget -qLO - https://raw.githubusercontent.com/ahuacate/pve-homelab/main/pve_homelab_installer.sh)" 12 | 13 | #---- Source local Git 14 | # /mnt/pve/nas-01-git/ahuacate/pve-homelab/pve_homelab_installer.sh 15 | 16 | #---- Source ----------------------------------------------------------------------- 17 | #---- Dependencies ----------------------------------------------------------------- 18 | 19 | # # Check PVE host subid mapping 20 | # check_host_subid 21 | 22 | # # Check SMTP Status 23 | # check_smtp_status 24 | 25 | #---- Static Variables ------------------------------------------------------------- 26 | 27 | # Easy Script Section Head 28 | SECTION_HEAD='PVE UniFi Controller' 29 | 30 | # PVE host IP 31 | PVE_HOST_IP=$(hostname -i) 32 | PVE_HOSTNAME=$(hostname) 33 | 34 | # SSHd Status (0 is enabled, 1 is disabled) 35 | SSH_ENABLE=1 36 | 37 | # Developer enable git mounts inside CT (0 is enabled, 1 is disabled) 38 | DEV_GIT_MOUNT_ENABLE=1 39 | 40 | # Set file source (path/filename) of preset variables for 'pvesource_ct_createvm.sh' 41 | PRESET_VAR_SRC="$( dirname "${BASH_SOURCE[0]}" )/$( basename "${BASH_SOURCE[0]}" )" 42 | 43 | 44 | #---- Other Variables -------------------------------------------------------------- 45 | 46 | #---- Common Machine Variables 47 | # VM Type ( 'ct' or 'vm' only lowercase ) 48 | VM_TYPE='ct' 49 | # Use DHCP. '0' to disable, '1' to enable. 50 | NET_DHCP='0' 51 | # Set address type 'dhcp4'/'dhcp6' or '0' to disable. 52 | NET_DHCP_TYPE='dhcp4' 53 | # CIDR IPv4 54 | CIDR='24' 55 | # CIDR IPv6 56 | CIDR6='64' 57 | # SSHd Port 58 | SSH_PORT='22' 59 | 60 | #----[COMMON_GENERAL_OPTIONS] 61 | # Hostname 62 | HOSTNAME='unifi-controller' 63 | # Description for the Container (one word only, no spaces). Shown in the web-interface CT’s summary. 64 | DESCRIPTION='' 65 | # Virtual OS/processor architecture. 66 | ARCH='amd64' 67 | # Allocated memory or RAM (MiB). 68 | MEMORY='2048' 69 | # Limit number of CPU sockets to use. Value 0 indicates no CPU limit. 70 | CPULIMIT='0' 71 | # CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. 72 | CPUUNITS='1024' 73 | # The number of cores assigned to the vm/ct. Do not edit - its auto set. 74 | CORES='1' 75 | 76 | #----[COMMON_NET_OPTIONS] 77 | # Bridge to attach the network device to. 78 | BRIDGE='vmbr0' 79 | # A common MAC address with the I/G (Individual/Group) bit not set. 80 | HWADDR="" 81 | # Controls whether this interface’s firewall rules should be used. 82 | FIREWALL='1' 83 | # VLAN tag for this interface (value 0 for none, or VLAN[2-N] to enable). 84 | TAG='0' 85 | # VLAN ids to pass through the interface 86 | TRUNKS="" 87 | # Apply rate limiting to the interface (MB/s). Value "" for unlimited. 88 | RATE="" 89 | # MTU - Maximum transfer unit of the interface. 90 | MTU="" 91 | 92 | #----[COMMON_NET_DNS_OPTIONS] 93 | # Nameserver server IP (IPv4 or IPv6) (value "" for none). 94 | NAMESERVER='192.168.1.5' 95 | # Search domain name (local domain) 96 | SEARCHDOMAIN='local' 97 | 98 | #----[COMMON_NET_STATIC_OPTIONS] 99 | # IP address (IPv4). Only works with static IP (DHCP=0). 100 | IP='192.168.1.4' 101 | # IP address (IPv6). Only works with static IP (DHCP=0). 102 | IP6='' 103 | # Default gateway for traffic (IPv4). Only works with static IP (DHCP=0). 104 | GW='192.168.1.5' 105 | # Default gateway for traffic (IPv6). Only works with static IP (DHCP=0). 106 | GW6='' 107 | 108 | #---- PVE CT 109 | #----[CT_GENERAL_OPTIONS] 110 | # Unprivileged container. '0' to disable, '1' to enable/yes. 111 | CT_UNPRIVILEGED='1' 112 | # Memory swap 113 | CT_SWAP='512' 114 | # OS 115 | CT_OSTYPE='ubuntu' 116 | # Onboot startup 117 | CT_ONBOOT='1' 118 | # Timezone 119 | CT_TIMEZONE='host' 120 | # Root credentials (leave blank for no pwd) 121 | CT_PASSWORD='' 122 | # Virtual OS/processor architecture. 123 | CT_ARCH='amd64' 124 | 125 | #----[CT_FEATURES_OPTIONS] 126 | # Allow using fuse file systems in a container. 127 | CT_FUSE='0' 128 | # For unprivileged containers only: Allow the use of the keyctl() system call. 129 | CT_KEYCTL='0' 130 | # Allow mounting file systems of specific types. (Use 'nfs' or 'cifs' or 'nfs;cifs' for both or leave empty "") 131 | CT_MOUNT='nfs;cifs' 132 | # Allow nesting. Best used with unprivileged containers with additional id mapping. 133 | CT_NESTING='1' 134 | # A public key for connecting to the root account over SSH (insert path). 135 | 136 | #----[CT_ROOTFS_OPTIONS] 137 | # Virtual Disk Size (GB). 138 | CT_SIZE='10' 139 | # Explicitly enable or disable ACL support. 140 | CT_ACL='1' 141 | 142 | #----[CT_STARTUP_OPTIONS] 143 | # Startup and shutdown behavior ( '--startup order=1,up=1,down=1' ). 144 | # Order is a non-negative number defining the general startup order. Up=1 means first to start up. Shutdown in done with reverse ordering so down=1 means last to shutdown. 145 | # Up: Startup delay. Defines the interval between this container start and subsequent containers starts. For example, set it to 240 if you want to wait 240 seconds before starting other containers. 146 | # Down: Shutdown timeout. Defines the duration in seconds Proxmox VE should wait for the container to be offline after issuing a shutdown command. By default this value is set to 60, which means that Proxmox VE will issue a shutdown request, wait 60s for the machine to be offline, and if after 60s the machine is still online will notify that the shutdown action failed. 147 | CT_ORDER='2' 148 | CT_UP='30' 149 | CT_DOWN='60' 150 | 151 | #----[CT_NET_OPTIONS] 152 | # Name of the network device as seen from inside the VM/CT. 153 | CT_NAME='eth0' 154 | CT_TYPE='veth' 155 | 156 | #----[CT_OTHER] 157 | # OS Version (NOTE: Guacamole will not install on 22.04 - SSL3 errors with Mysql) 158 | CT_OSVERSION='22.04' 159 | # CTID numeric ID of the given container. 160 | CTID='250' 161 | 162 | #----[App_UID_GUID] 163 | # App user 164 | APP_USERNAME='home' 165 | # App user group 166 | APP_GRPNAME='homelab' 167 | 168 | #----[REPO_PKG_NAME] 169 | # Repo package name 170 | REPO_PKG_NAME='unifi' 171 | 172 | 173 | #---- Other Files ------------------------------------------------------------------ 174 | 175 | # Required PVESM Storage Mounts for CT ( new version ) 176 | unset pvesm_required_LIST 177 | pvesm_required_LIST=() 178 | while IFS= read -r line 179 | do 180 | [[ "$line" =~ ^\#.*$ ]] && continue 181 | pvesm_required_LIST+=( "$line" ) 182 | done << EOF 183 | # Example 184 | backup:CT settings backup storage 185 | EOF 186 | 187 | #---- Body ------------------------------------------------------------------------- 188 | 189 | #---- Introduction 190 | source $COMMON_PVE_SRC_DIR/pvesource_ct_intro.sh 191 | 192 | #---- Setup PVE CT Variables 193 | # Ubuntu NAS (all) 194 | source $COMMON_PVE_SRC_DIR/pvesource_set_allvmvars.sh 195 | 196 | # Check & create required PVE CT subfolders (all) 197 | source $COMMON_DIR/nas/src/nas_subfolder_installer_precheck.sh 198 | 199 | #---- Create OS CT 200 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createvm.sh 201 | 202 | #---- Pre-Configuring PVE CT 203 | section "Pre-Configure ${HOSTNAME^} ${VM_TYPE^^}" 204 | 205 | # Homelab CT unprivileged mapping 206 | if [ "$CT_UNPRIVILEGED" = 1 ] 207 | then 208 | source $COMMON_PVE_SRC_DIR/pvesource_ct_homelab_ctidmapping.sh 209 | fi 210 | 211 | # Create CT Bind Mounts 212 | source $COMMON_PVE_SRC_DIR/pvesource_ct_createbindmounts.sh 213 | 214 | #---- Configure New CT OS 215 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntubasics.sh 216 | 217 | #---- Create Homelab Group and User 218 | source $COMMON_PVE_SRC_DIR/pvesource_ct_ubuntu_addhomelabuser.sh 219 | 220 | 221 | #---- UniFi Controller ------------------------------------------------------------- 222 | 223 | #---- Install UniFi Controller 224 | section "Install UniFi Controller software" 225 | 226 | # Start CT 227 | pct_start_waitloop 228 | 229 | # UniFi SW 230 | pct push $CTID $SRC_DIR/unifi-controller/unifi-controller_sw.sh /tmp/unifi-controller_sw.sh -perms 755 231 | pct push $CTID $SRC_DIR/unifi-controller/config/unifi-controller_backup.sh /tmp/unifi-controller_backup.sh -perms 755 232 | pct exec $CTID -- bash -c "export REPO_PKG_NAME=$REPO_PKG_NAME APP_USERNAME=$APP_USERNAME APP_GRPNAME=$APP_GRPNAME && /tmp/unifi-controller_sw.sh" 233 | 234 | #---- Finish Line ------------------------------------------------------------------ 235 | section "Completion Status." 236 | 237 | #---- Set display text 238 | unset display_msg1 239 | # Web access URL 240 | display_msg1=( "https://$(pct exec $CTID -- bash -c "hostname | sed 's/ //g'").$(pct exec $CTID -- bash -c "hostname -d | sed 's/ //g'"):8443 (Recommended to use FQDN)" ) 241 | if [ -n "${IP}" ] && [ ! "$IP" = 'dhcp' ] 242 | then 243 | display_msg1+=( "https://$IP:8443" ) 244 | elif [ -n "${IP6}" ] && [ ! "$IP6" = 'dhcp' ] 245 | then 246 | display_msg1+=( "https://$IP6:8443" ) 247 | elif [ "$IP" = 'dhcp' ] || [ "$IP6" = 'dhcp' ] 248 | then 249 | display_msg1+=( "https://$(pct exec $CTID -- bash -c "hostname -I | sed 's/ //g'"):8443 (not static)" ) 250 | display_msg1+=( "UniFi Controller must be set with a static IP address. Set the container with a static IP or if using a non UniFi DHCP server make a DHCP IP reservation (i.e 192.168.1.4). Also add the hostname $(pct exec $CTID -- bash -c "hostname -I | sed 's/ //g'") to your PiHole Local DNS Records." ) 251 | fi 252 | 253 | msg_box "UniFi Controller installation was a success. Your UniFi Controller application address: 254 | 255 | $(printf '%s\n' "${display_msg1[@]}" | indent2) 256 | 257 | More information about configuring a UniFi Controller here: https://github.com/ahuacate/homelab" 258 | echo 259 | #----------------------------------------------------------------------------------- -------------------------------------------------------------------------------- /src/unifi-controller/pve_homelab_ct_unifi-controller_toolbox.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: pve_homelab_ct_unifi-controller_toolbox.sh 4 | # Description: Toolbox script for CT 5 | # Shout Out: https://glennr.nl/ 6 | # ---------------------------------------------------------------------------------- 7 | 8 | #---- Source ----------------------------------------------------------------------- 9 | #---- Dependencies ----------------------------------------------------------------- 10 | #---- Static Variables ------------------------------------------------------------- 11 | #---- Other Variables -------------------------------------------------------------- 12 | #---- Other Files ------------------------------------------------------------------ 13 | #---- Body ------------------------------------------------------------------------- 14 | 15 | #---- Prerequisites 16 | #---- Run toolbox component 17 | 18 | # Run Glennr UniFi easy update script 19 | pct exec $CTID -- bash -c "rm unifi-update.sh &> /dev/null; wget https://get.glennr.nl/unifi/update/unifi-update.sh && bash unifi-update.sh --skip" 20 | 21 | #---- Finish Line ------------------------------------------------------------------ -------------------------------------------------------------------------------- /src/unifi-controller/unifi-controller_sw.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # ---------------------------------------------------------------------------------- 3 | # Filename: unifi_sw.sh 4 | # Description: Source script for CT SW 5 | # ---------------------------------------------------------------------------------- 6 | 7 | #---- Source ----------------------------------------------------------------------- 8 | #---- Dependencies ----------------------------------------------------------------- 9 | #---- Static Variables ------------------------------------------------------------- 10 | 11 | # Update these variables as required for your specific instance 12 | app="${REPO_PKG_NAME,,}" # App name 13 | app_uid="$APP_USERNAME" # App UID 14 | app_guid="$APP_GRPNAME" # App GUID 15 | 16 | #---- Other Variables -------------------------------------------------------------- 17 | 18 | #---- Firewall variables 19 | # SSH port 20 | SSH_PORT=22 21 | # Local network 22 | LOCAL_NET=$(hostname -I | awk -F'.' -v OFS="." '{ print $1,$2,"0.0/24" }') 23 | 24 | #---- Other Files ------------------------------------------------------------------ 25 | #---- Body ------------------------------------------------------------------------- 26 | 27 | #---- Prerequisites 28 | 29 | # Update locales 30 | sudo locale-gen en_US.UTF-8 31 | 32 | # Install prerequisites 33 | apt-get install ca-certificates wget -y 34 | 35 | #---- Configure firewall 36 | sudo ufw allow $SSH_PORT 37 | sudo ufw allow from $LOCAL_NET to any port $SSH_PORT 38 | sudo ufw allow 8443 # UniFi Controller management port 39 | sudo ufw allow from $LOCAL_NET to any port 8443 40 | # UniFi STun & inform port 41 | sudo ufw allow 3478/udp 42 | sudo ufw allow 8080 43 | # Guest portal 44 | sudo ufw allow 8880 45 | sudo ufw allow 8843 46 | # Optional additional ports 47 | sudo ufw allow 5514/udp # Port used for remote syslog capture. 48 | sudo ufw allow 6789 # Port used for UniFi mobile speed test. 49 | sudo ufw allow 27117 # Port used for local-bound database communication. 50 | sudo ufw allow 5656-5699/udp # Ports used by AP-EDU broadcasting. 51 | sudo ufw allow 10001/udp # Port used for device discovery. 52 | sudo ufw allow 1900/udp # Port used for "Make application discoverable on L2 network" in the UniFi Network settings. 53 | # Enable ufw 54 | sudo ufw enable 55 | 56 | 57 | #---- Install fail2ban 58 | # Install fail2ban 59 | apt-get install fail2ban -y 60 | 61 | # Configure fail2ban 62 | cat < /etc/fail2ban/jail.local 63 | [DEFAULT] 64 | bantime = 8h 65 | ignoreip = 127.0.0.1/8 ${LOCAL_NET} 66 | ignoreself = true 67 | 68 | [sshd] 69 | enabled = true 70 | EOF 71 | 72 | # Restart fail2ban 73 | sudo service fail2ban restart 74 | 75 | #---- Install UniFi Controller 76 | 77 | # Download GlennR install script 78 | rm unifi-latest.sh &> /dev/null; wget https://get.glennr.nl/unifi/install/install_latest/unifi-latest.sh && bash unifi-latest.sh --skip --skip-swap --add-repository --local-controller 79 | 80 | #---- Install UniFi autobackup Cron copy script 81 | 82 | # Replace variables with values in the original script 83 | sed -i -e "s|^app=.*|app=\"$app\"|g" \ 84 | -e "s|^app_uid=.*|app_uid=\"$app_uid\"|g" \ 85 | -e "s|^app_guid=.*|app_guid=\"$app_guid\"|g" \ 86 | /tmp/unifi-controller_backup.sh 87 | 88 | # Copy 'unifi-controller_backup.sh' to /etc/cron.daily/ 89 | cp -f /tmp/unifi-controller_backup.sh /etc/cron.daily/ 90 | chmod +x /tmp/unifi-controller_backup.sh 91 | #----------------------------------------------------------------------------------- --------------------------------------------------------------------------------