├── Creacion-cuentas
├── aws
├── az
└── gcp
├── Hardening
└── links
├── OpenVPN
└── openvpn-install-troll.sh
├── Owncloud
└── Intalacion_Owncloud
└── Pi-hole
└── Listas bloqueo Pi-Hole
/Creacion-cuentas/aws:
--------------------------------------------------------------------------------
1 | #Cuenta AWS
2 |
3 | ##Creamosuna cuenta en el portal:
4 |
5 | https://portal.aws.amazon.com/billing/signup#/start
6 |
7 | Rellenamos la informaciónde contacto y de pago:
8 |
9 | Confirmamos mediante el numero de teléfono y seleccionamos el plan “Gratis”:
10 |
11 | ###Iniciamos en la consola con el usuario y contraseña
12 |
13 | https://aws.amazon.com/es/
14 |
15 |
--------------------------------------------------------------------------------
/Creacion-cuentas/az:
--------------------------------------------------------------------------------
1 | Cuentas AZ
2 |
3 | #Creamosuna cuenta en el portal:
4 |
5 | https://azure.microsoft.com
6 |
7 | ##Servicios gratuitosque ofrecen siempre:
8 |
9 | https://azure.microsoft.com/es-es/free/#new-products
10 |
11 |
12 | Creamos la cuenta con nuestro correo:
13 |
14 | Validamos la cuenta con el numero de teléfono.
15 | En el caso de Azureno acepta tarjetas prepago
16 |
17 |
18 | ###Iniciamos en el portal de Azure
19 |
20 | https://portal.azure.com/#home
21 |
--------------------------------------------------------------------------------
/Creacion-cuentas/gcp:
--------------------------------------------------------------------------------
1 | Cuenta GCP
2 |
3 | #Accedemos al portal:
4 | https://cloud.google.com/
5 |
6 | Creamos la cuenta con nuestro correo:
7 |
8 | Introducimos nuestro número de tarjeta:
9 |
10 | ##Iniciamos en la consola:
11 | https://cloud.google.com/
12 |
13 |
--------------------------------------------------------------------------------
/Hardening/links:
--------------------------------------------------------------------------------
1 | Comprobaciondel hardening mediante Lynis
2 |
3 | #Clonamos y descargamos el repositorio
4 |
5 | https://github.com/CISOfy/lynis
6 |
7 | git clone https://github.com/CISOfy/lynis
8 |
9 | ##Ejecutamos el script
10 |
11 | cd lynis; ./lynisauditsystem
12 |
13 |
14 | Otros scripts para customizar nuestro VPS
15 |
16 | https://github.com/Jsitech/JShielder
17 |
18 | https://github.com/konstruktoid/hardening
19 |
20 | https://fwhibbit.es/en/basic-security-configuration-for-a-vps
21 |
22 | https://github.com/akcryptoguy/vps-harden
23 |
--------------------------------------------------------------------------------
/OpenVPN/openvpn-install-troll.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # https://github.com/hlapwcvps/Navajanegra/openvpn-install-troll.sh
4 | #
5 | # Copyright (c) Trolencio Corp
6 |
7 |
8 | if grep -qs "Ubuntu 16.04" "/etc/os-release"; then
9 | echo 'Ubuntu 16.04 is no longer supported in the current version of openvpn-install
10 | Use an older version if Ubuntu 16.04 support is needed: https://git.io/vpn1604'
11 | exit
12 | fi
13 |
14 | # Detect Debian users running the script with "sh" instead of bash
15 | if readlink /proc/$$/exe | grep -q "dash"; then
16 | echo "Este script debe ser ejecutado con bash, no con sh. No seas lamer"
17 | exit
18 | fi
19 |
20 | if [[ "$EUID" -ne 0 ]]; then
21 | echo "Necesitas ser root para ejecutar esto. Si no tienes permisos tambien valdria la supervision de un adulto"
22 | exit
23 | fi
24 |
25 | if [[ ! -e /dev/net/tun ]]; then
26 | echo "La interfaz TUN no esta disponible.
27 | Necesitas habilitar la interfaz TUN antes de ejecutar este script"
28 | exit
29 | fi
30 |
31 | if [[ -e /etc/debian_version ]]; then
32 | OS=debian
33 | GROUPNAME=nogroup
34 | elif [[ -e /etc/centos-release || -e /etc/redhat-release ]]; then
35 | OS=centos
36 | GROUPNAME=nobody
37 | else
38 | echo "A ver melon... Donde estas ejecutando esto? Esto solo funka en Debian, Ubuntu o CentOS. No das una..."
39 | exit
40 | fi
41 |
42 | newclient () {
43 | # Generates the custom client.ovpn
44 | cp /etc/openvpn/server/client-common.txt ~/$1.ovpn
45 | echo "" >> ~/$1.ovpn
46 | cat /etc/openvpn/server/easy-rsa/pki/ca.crt >> ~/$1.ovpn
47 | echo "" >> ~/$1.ovpn
48 | echo "" >> ~/$1.ovpn
49 | sed -ne '/BEGIN CERTIFICATE/,$ p' /etc/openvpn/server/easy-rsa/pki/issued/$1.crt >> ~/$1.ovpn
50 | echo "" >> ~/$1.ovpn
51 | echo "" >> ~/$1.ovpn
52 | cat /etc/openvpn/server/easy-rsa/pki/private/$1.key >> ~/$1.ovpn
53 | echo "" >> ~/$1.ovpn
54 | echo "" >> ~/$1.ovpn
55 | sed -ne '/BEGIN OpenVPN Static key/,$ p' /etc/openvpn/server/ta.key >> ~/$1.ovpn
56 | echo "" >> ~/$1.ovpn
57 | }
58 |
59 | if [[ -e /etc/openvpn/server/server.conf ]]; then
60 | while :
61 | do
62 | clear
63 | echo "Segun veo, ya tienes instalado OpenVPN..."
64 | echo
65 | echo "Asi que, que se te antoja ahora?"
66 | echo " 1) Introducir un nuevo usuario"
67 | echo " 2) Eliminar un usuario"
68 | echo " 3) Eliminar OpenVPN"
69 | echo " 4) Salir"
70 | read -p "Elige numerito [1-4]: " option
71 | case $option in
72 | 1)
73 | echo
74 | echo "Escribe un nombre para el certificado del cliente."
75 | echo "Por favor, solo una palabra, sin caractares especiales, de lo contrario petare."
76 | read -p "Nombre cliente: " -e CLIENT
77 | cd /etc/openvpn/server/easy-rsa/
78 | EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-client-full $CLIENT nopass
79 | # Generates the custom client.ovpn
80 | newclient "$CLIENT"
81 | echo
82 | echo "He introducido el cliente $CLIENT , y he dejado su configuracion en:" ~/"$CLIENT.ovpn"
83 | exit
84 | ;;
85 | 2)
86 | # This option could be documented a bit better and maybe even be simplified
87 | # ...but what can I say, I want some sleep too
88 | NUMBEROFCLIENTS=$(tail -n +2 /etc/openvpn/server/easy-rsa/pki/index.txt | grep -c "^V")
89 | if [[ "$NUMBEROFCLIENTS" = '0' ]]; then
90 | echo
91 | echo "No existen clientes. Has pensado en crearlos primero...?"
92 | exit
93 | fi
94 | echo
95 | echo "Elige el certificado de cliente que quieres eliminar:"
96 | tail -n +2 /etc/openvpn/server/easy-rsa/pki/index.txt | grep "^V" | cut -d '=' -f 2 | nl -s ') '
97 | if [[ "$NUMBEROFCLIENTS" = '1' ]]; then
98 | read -p "Elige un cliente [1]: " CLIENTNUMBER
99 | else
100 | read -p "Elige un cliente [1-$NUMBEROFCLIENTS]: " CLIENTNUMBER
101 | fi
102 | CLIENT=$(tail -n +2 /etc/openvpn/server/easy-rsa/pki/index.txt | grep "^V" | cut -d '=' -f 2 | sed -n "$CLIENTNUMBER"p)
103 | echo
104 | read -p "No se que te habra hecho, pero de verdad quieres eliminar el acceso para el cliente $CLIENT? [y/N]: " -e REVOKE
105 | if [[ "$REVOKE" = 'y' || "$REVOKE" = 'Y' ]]; then
106 | cd /etc/openvpn/server/easy-rsa/
107 | ./easyrsa --batch revoke $CLIENT
108 | EASYRSA_CRL_DAYS=3650 ./easyrsa gen-crl
109 | rm -f pki/reqs/$CLIENT.req
110 | rm -f pki/private/$CLIENT.key
111 | rm -f pki/issued/$CLIENT.crt
112 | rm -f /etc/openvpn/server/crl.pem
113 | cp /etc/openvpn/server/easy-rsa/pki/crl.pem /etc/openvpn/server/crl.pem
114 | # CRL is read with each client connection, when OpenVPN is dropped to nobody
115 | chown nobody:$GROUPNAME /etc/openvpn/server/crl.pem
116 | echo
117 | echo "Pues ya esta. El certificado para el cliente $CLIENT ha sido eliminado!"
118 | else
119 | echo
120 | echo "Al final has recogido cable y hemos abortado la eliminacion del certificado del cliente $CLIENT !"
121 | fi
122 | exit
123 | ;;
124 | 3)
125 | echo
126 | read -p "Piensalo, de verdad lo quieres eliminar OpenVPN? [y/N]: " -e REMOVE
127 | if [[ "$REMOVE" = 'y' || "$REMOVE" = 'Y' ]]; then
128 | PORT=$(grep '^port ' /etc/openvpn/server/server.conf | cut -d " " -f 2)
129 | PROTOCOL=$(grep '^proto ' /etc/openvpn/server/server.conf | cut -d " " -f 2)
130 | if pgrep firewalld; then
131 | IP=$(firewall-cmd --direct --get-rules ipv4 nat POSTROUTING | grep '\-s 10.8.0.0/24 '"'"'!'"'"' -d 10.8.0.0/24 -j SNAT --to ' | cut -d " " -f 10)
132 | # Using both permanent and not permanent rules to avoid a firewalld reload.
133 | firewall-cmd --remove-port=$PORT/$PROTOCOL
134 | firewall-cmd --zone=trusted --remove-source=10.8.0.0/24
135 | firewall-cmd --permanent --remove-port=$PORT/$PROTOCOL
136 | firewall-cmd --permanent --zone=trusted --remove-source=10.8.0.0/24
137 | firewall-cmd --direct --remove-rule ipv4 nat POSTROUTING 0 -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to $IP
138 | firewall-cmd --permanent --direct --remove-rule ipv4 nat POSTROUTING 0 -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to $IP
139 | else
140 | systemctl disable --now openvpn-iptables.service
141 | rm -f /etc/systemd/system/openvpn-iptables.service
142 | fi
143 | if sestatus 2>/dev/null | grep "Current mode" | grep -q "enforcing" && [[ "$PORT" != '1194' ]]; then
144 | semanage port -d -t openvpn_port_t -p $PROTOCOL $PORT
145 | fi
146 | systemctl disable --now openvpn-server@server.service
147 | rm -rf /etc/openvpn/server
148 | rm -f /etc/systemd/system/openvpn-server@server.service.d/disable-limitnproc.conf
149 | rm -f /etc/sysctl.d/30-openvpn-forward.conf
150 | if [[ "$OS" = 'debian' ]]; then
151 | apt-get remove --purge -y openvpn
152 | else
153 | yum remove openvpn -y
154 | fi
155 | echo
156 | echo "Estaras contento, OpenVPN ha sido eliminado!"
157 | else
158 | echo
159 | echo "Al final has recogido cable y hemos abortado la eliminacion de OpenVPN"
160 | fi
161 | exit
162 | ;;
163 | 4) exit;;
164 | esac
165 | done
166 | else
167 | clear
168 | echo 'Hola, bienvenido a este instalador de OpenVPN "Troll Edition"!'
169 | echo
170 | # OpenVPN setup and first user creation
171 | echo "Necesito hacerte unas cuantas preguntas antes de empezar, para ir conociendonos y eso."
172 | echo "Estamos aqui para instalar OpenVPN y lo que surja."
173 | echo "Puedes dejar las opciones por defento que te voy poniendo si te parecen correctas y simplemente pulsar intro"
174 | echo
175 | echo "Cuanto dinero tienes?"
176 | echo
177 | echo "Ahora, dime la IPv4 de la interfaz donde quieres que ponga OpenVPN"
178 | echo "Escuchando."
179 | # Autodetect IP address and pre-fill for the user
180 | IP=$(ip addr | grep 'inet' | grep -v inet6 | grep -vE '127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -1)
181 | read -p "Direccion IP: " -e -i $IP IP
182 | # If $IP is a private IP address, the server must be behind NAT
183 | if echo "$IP" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168)'; then
184 | echo
185 | echo "Este servidor se encuentra detras de un NAT. Dime la IPv4 publica o el hostname"
186 | read -p "IP publica / hostname: " -e PUBLICIP
187 | fi
188 | echo
189 | echo "Que protocolo quieres usar para las conexiones de OpenVPN?"
190 | echo " 1) UDP (recommendado)"
191 | echo " 2) TCP"
192 | read -p "Protocolo [1-2]: " -e -i 1 PROTOCOL
193 | case $PROTOCOL in
194 | 1)
195 | PROTOCOL=udp
196 | ;;
197 | 2)
198 | PROTOCOL=tcp
199 | ;;
200 | esac
201 | echo
202 | echo "En que puerto quieres que escuche OpenVPN?"
203 | read -p "Puerto: " -e -i 1194 PORT
204 | echo
205 | echo "Que DNS quieres usar con OpenVPN?"
206 | echo " 1) El configurado actualmente en el sistema"
207 | echo " 2) 1.1.1.1"
208 | echo " 3) Google"
209 | echo " 4) OpenDNS"
210 | echo " 5) Verisign"
211 | read -p "DNS [1-5]: " -e -i 1 DNS
212 | echo
213 | echo "Para terminar, escribe un nombre para el certificado del cliente."
214 | echo "Por favor, solo una palabra, sin caractares especiales, de lo contrario petare."
215 | read -p "Nombre cliente: " -e -i client CLIENT
216 | echo
217 | echo "Ok, eso es todo lo que necesitaba. Ya estoy preparado para configurar el servidor de OpenVPN."
218 | read -n1 -r -p "Aporrea cualquier tecla para continuar y que no se detenga la ciencia..."
219 | # If running inside a container, disable LimitNPROC to prevent conflicts
220 | if systemd-detect-virt -cq; then
221 | mkdir /etc/systemd/system/openvpn-server@server.service.d/ 2>/dev/null
222 | echo '[Service]
223 | LimitNPROC=infinity' > /etc/systemd/system/openvpn-server@server.service.d/disable-limitnproc.conf
224 | fi
225 | if [[ "$OS" = 'debian' ]]; then
226 | apt-get update
227 | apt-get install openvpn iptables openssl ca-certificates -y
228 | else
229 | # Else, the distro is CentOS
230 | yum install epel-release -y
231 | yum install openvpn iptables openssl ca-certificates -y
232 | fi
233 | # Get easy-rsa
234 | EASYRSAURL='https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.5/EasyRSA-nix-3.0.5.tgz'
235 | wget -O ~/easyrsa.tgz "$EASYRSAURL" 2>/dev/null || curl -Lo ~/easyrsa.tgz "$EASYRSAURL"
236 | tar xzf ~/easyrsa.tgz -C ~/
237 | mv ~/EasyRSA-3.0.5/ /etc/openvpn/server/
238 | mv /etc/openvpn/server/EasyRSA-3.0.5/ /etc/openvpn/server/easy-rsa/
239 | chown -R root:root /etc/openvpn/server/easy-rsa/
240 | rm -f ~/easyrsa.tgz
241 | cd /etc/openvpn/server/easy-rsa/
242 | # Create the PKI, set up the CA and the server and client certificates
243 | ./easyrsa init-pki
244 | ./easyrsa --batch build-ca nopass
245 | EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-server-full server nopass
246 | EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-client-full $CLIENT nopass
247 | EASYRSA_CRL_DAYS=3650 ./easyrsa gen-crl
248 | # Move the stuff we need
249 | cp pki/ca.crt pki/private/ca.key pki/issued/server.crt pki/private/server.key pki/crl.pem /etc/openvpn/server
250 | # CRL is read with each client connection, when OpenVPN is dropped to nobody
251 | chown nobody:$GROUPNAME /etc/openvpn/server/crl.pem
252 | # Generate key for tls-auth
253 | openvpn --genkey --secret /etc/openvpn/server/ta.key
254 | # Create the DH parameters file using the predefined ffdhe2048 group
255 | echo '-----BEGIN DH PARAMETERS-----
256 | MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
257 | +8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
258 | 87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
259 | YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
260 | 7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
261 | ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
262 | -----END DH PARAMETERS-----' > /etc/openvpn/server/dh.pem
263 | # Generate server.conf
264 | echo "port $PORT
265 | proto $PROTOCOL
266 | dev tun
267 | sndbuf 0
268 | rcvbuf 0
269 | ca ca.crt
270 | cert server.crt
271 | key server.key
272 | dh dh.pem
273 | auth SHA512
274 | tls-auth ta.key 0
275 | topology subnet
276 | server 10.8.0.0 255.255.255.0
277 | ifconfig-pool-persist ipp.txt" > /etc/openvpn/server/server.conf
278 | echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server/server.conf
279 | # DNS
280 | case $DNS in
281 | 1)
282 | # Locate the proper resolv.conf
283 | # Needed for systems running systemd-resolved
284 | if grep -q "127.0.0.53" "/etc/resolv.conf"; then
285 | RESOLVCONF='/run/systemd/resolve/resolv.conf'
286 | else
287 | RESOLVCONF='/etc/resolv.conf'
288 | fi
289 | # Obtain the resolvers from resolv.conf and use them for OpenVPN
290 | grep -v '#' $RESOLVCONF | grep 'nameserver' | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | while read line; do
291 | echo "push \"dhcp-option DNS $line\"" >> /etc/openvpn/server/server.conf
292 | done
293 | ;;
294 | 2)
295 | echo 'push "dhcp-option DNS 1.1.1.1"' >> /etc/openvpn/server/server.conf
296 | echo 'push "dhcp-option DNS 1.0.0.1"' >> /etc/openvpn/server/server.conf
297 | ;;
298 | 3)
299 | echo 'push "dhcp-option DNS 8.8.8.8"' >> /etc/openvpn/server/server.conf
300 | echo 'push "dhcp-option DNS 8.8.4.4"' >> /etc/openvpn/server/server.conf
301 | ;;
302 | 4)
303 | echo 'push "dhcp-option DNS 208.67.222.222"' >> /etc/openvpn/server/server.conf
304 | echo 'push "dhcp-option DNS 208.67.220.220"' >> /etc/openvpn/server/server.conf
305 | ;;
306 | 5)
307 | echo 'push "dhcp-option DNS 64.6.64.6"' >> /etc/openvpn/server/server.conf
308 | echo 'push "dhcp-option DNS 64.6.65.6"' >> /etc/openvpn/server/server.conf
309 | ;;
310 | esac
311 | echo "keepalive 10 120
312 | cipher AES-256-CBC
313 | user nobody
314 | group $GROUPNAME
315 | persist-key
316 | persist-tun
317 | status openvpn-status.log
318 | verb 3
319 | crl-verify crl.pem" >> /etc/openvpn/server/server.conf
320 | # Enable net.ipv4.ip_forward for the system
321 | echo 'net.ipv4.ip_forward=1' > /etc/sysctl.d/30-openvpn-forward.conf
322 | # Enable without waiting for a reboot or service restart
323 | echo 1 > /proc/sys/net/ipv4/ip_forward
324 | if pgrep firewalld; then
325 | # Using both permanent and not permanent rules to avoid a firewalld
326 | # reload.
327 | # We don't use --add-service=openvpn because that would only work with
328 | # the default port and protocol.
329 | firewall-cmd --add-port=$PORT/$PROTOCOL
330 | firewall-cmd --zone=trusted --add-source=10.8.0.0/24
331 | firewall-cmd --permanent --add-port=$PORT/$PROTOCOL
332 | firewall-cmd --permanent --zone=trusted --add-source=10.8.0.0/24
333 | # Set NAT for the VPN subnet
334 | firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to $IP
335 | firewall-cmd --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to $IP
336 | else
337 | # Create a service to set up persistent iptables rules
338 | echo "[Unit]
339 | Before=network.target
340 | [Service]
341 | Type=oneshot
342 | ExecStart=/sbin/iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to $IP
343 | ExecStart=/sbin/iptables -I INPUT -p $PROTOCOL --dport $PORT -j ACCEPT
344 | ExecStart=/sbin/iptables -I FORWARD -s 10.8.0.0/24 -j ACCEPT
345 | ExecStart=/sbin/iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
346 | ExecStop=/sbin/iptables -t nat -D POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to $IP
347 | ExecStop=/sbin/iptables -D INPUT -p $PROTOCOL --dport $PORT -j ACCEPT
348 | ExecStop=/sbin/iptables -D FORWARD -s 10.8.0.0/24 -j ACCEPT
349 | ExecStop=/sbin/iptables -D FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
350 | RemainAfterExit=yes
351 | [Install]
352 | WantedBy=multi-user.target" > /etc/systemd/system/openvpn-iptables.service
353 | systemctl enable --now openvpn-iptables.service
354 | fi
355 | # If SELinux is enabled and a custom port was selected, we need this
356 | if sestatus 2>/dev/null | grep "Current mode" | grep -q "enforcing" && [[ "$PORT" != '1194' ]]; then
357 | # Install semanage if not already present
358 | if ! hash semanage 2>/dev/null; then
359 | if grep -qs "CentOS Linux release 7" "/etc/centos-release"; then
360 | yum install policycoreutils-python -y
361 | else
362 | yum install policycoreutils-python-utils -y
363 | fi
364 | fi
365 | semanage port -a -t openvpn_port_t -p $PROTOCOL $PORT
366 | fi
367 | # And finally, enable and start the OpenVPN service
368 | systemctl enable --now openvpn-server@server.service
369 | # If the server is behind a NAT, use the correct IP address
370 | if [[ "$PUBLICIP" != "" ]]; then
371 | IP=$PUBLICIP
372 | fi
373 | # client-common.txt is created so we have a template to add further users later
374 | echo "client
375 | dev tun
376 | proto $PROTOCOL
377 | sndbuf 0
378 | rcvbuf 0
379 | remote $IP $PORT
380 | resolv-retry infinite
381 | nobind
382 | persist-key
383 | persist-tun
384 | remote-cert-tls server
385 | auth-nocache
386 | auth SHA512
387 | cipher AES-256-CBC
388 | setenv opt block-outside-dns
389 | key-direction 1
390 | verb 3" > /etc/openvpn/server/client-common.txt
391 | # Generates the custom client.ovpn
392 | newclient "$CLIENT"
393 | echo
394 | echo "Aparcao!"
395 | echo
396 | echo "He dejado la configuracion del cliente en:" ~/"$CLIENT.ovpn"
397 | echo "Si quieres introducir nuevos clientes, simplemente ejecuta este script de nuevo!"
398 | echo "Ve por la sombra"
399 | fi
400 |
--------------------------------------------------------------------------------
/Owncloud/Intalacion_Owncloud:
--------------------------------------------------------------------------------
1 | #Instalamos el repositorio para instalar PHP7.1
2 |
3 | sudo add-apt-repository ppa:ondrej/php
4 | sudo apt-get update
5 | sudo apt-get install -y php7.1 php7.1-cli php7.1-common php7.1-mbstring php7.1-gd php7.1-intl php7.1-xml php7.1-mysql php7.1-zip php7.1-curl php7.1-xmlrpc
6 |
7 | ##Instalamos Apache
8 | sudo apt-get install -y apache2 libapache2-mod-php
9 |
10 | ###Instalamos y customizamos MySQL
11 |
12 | sudo apt-get install -y mysql-server php-mysql
13 | sudo mysql_secure_installation
14 |
15 | sudo mysql -u root -p
16 | Enter password:
17 | CREATE DATABASE owncloud;
18 | GRANT ALL ON owncloud.* to 'owncloud'@'localhost' IDENTIFIED BY '_password_';
19 | FLUSH PRIVILEGES;
20 | quit
21 |
22 | ####Descargamos y otorgamos permisos para Owncloud
23 |
24 | cd /tmp
25 | wget https://download.owncloud.org/community/owncloud-10.2.0.tar.bz2
26 |
27 | cd /var/www/html
28 | sudo tar xjf /tmp/owncloud-10.2.0.tar.bz2
29 | sudo chown -R www-data:www-data owncloud
30 | sudo chmod -R 755 owncloud
31 | sudo rm -f /tmp/owncloud-10.2.0.tar.bz2
32 |
33 |
34 | #####Reiniciamos Apche y accedemos Owncloud para terminar la configuracion
35 |
36 | sudo systemctl restart apache2
37 |
38 | https://localhost/owncloud/
39 |
--------------------------------------------------------------------------------
/Pi-hole/Listas bloqueo Pi-Hole:
--------------------------------------------------------------------------------
1 | https://github.com/StevenBlack/hosts
2 | https://discourse.pihole.net/t/i-concatenated-every-blocklist-i-could-find/5184/13
3 | https://wally3k.github.io/
4 | https://github.com/pihole/pihole/wiki/Customising-sources-for-ad-lists
5 |
--------------------------------------------------------------------------------