vahagn/shtemaran
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Files moved from scripts.

Browse Source
This commit is contained in:
Vahagn Khachatryan
2021-10-24 20:39:49 +01:00
parent ffbdf4140d
commit ecd1ef42b6
35 changed files with 757 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -1,3 +1,3 @@
# mycloud
# My Clould Configurations and Scripts
These are scripts for my cloud.

67
bin/arch/backup.git.sh Executable file
View File

@@ -0,0 +1,67 @@
#!/bin/bash
CD=cd
DATE=/bin/date
TAR=/bin/tar
BZIP2=/bin/bzip2
GIT=/usr/bin/git
GPG=/usr/bin/gpg
PASS=/home/vahagn/.gnupg/backup-passphrase
SRC=/home/vahagn/git
KEEP=5
BACKUP_DIR=/home/vahagn/gdrive/backup
TIMESTAMP=`$DATE +%Y%m%d-%H:%M%z`
LOG=/mnt/hdd/backup/backup.git.$TIMESTAMP.log
BACKUP=$BACKUP_DIR/git.$TIMESTAMP.tar.bz2.gpg
SIGNATURE=$BACKUP_DIR/git.$TIMESTAMP.tar.bz2.sig
#
# debug
#
#LOG=/home/vahagn/devel/scripts/backup/log.log
#BACKUP=/home/vahagn/devel/scripts/backup/git.tar.bz2.gpg
#SRC=/home/vahagn/git/scripts.git
#
# Header
#
echo Starting $LOG | tee -a $LOG
echo start `$DATE` | tee -a $LOG
#
# Sync with BitBucket upstream repos.
#
$CD $SRC/scripts.git
$GIT fetch
$CD $SRC/test.git
$GIT fetch
#
# cd to git directory and then bzip2 all content and crypt it.
#
$CD $SRC
($TAR -cvp . | $BZIP2 -c | $GPG -c --passphrase-file $PASS --output $BACKUP --batch --quiet ) 2>&1| tee -a $LOG
#
# Remove old files
#
$CD $BACKUP_DIR
i=0
for FILE in `ls -t git.*.tar.bz2.gpg`; do
if [ $i -ge $KEEP ]; then
echo "$FILE is removed to meet keep number of backups $KEEP." | tee -a $LOG
rm $FILE 2>&1| tee -a $LOG
fi;
i=$(($i+1))
done
i=0
for FILE in `ls -t git.*.tar.bz2.sig`; do
if [ $i -ge $KEEP ]; then
echo "$FILE is removed to meet keep number of backups $KEEP." | tee -a $LOG
rm $FILE 2>&1| tee -a $LOG
fi;
i=$(($i+1))
done
#
# Footer
#
echo end `$DATE` | tee -a $LOG

12
bin/arch/backup.mybook.vahagn.sh Executable file
View File

@@ -0,0 +1,12 @@
#!/bin/bash
DATE=/bin/date
SYNC="/usr/bin/rsync -auAX --delete"
TIMESTAMP=`$DATE +%Y%m%d-%H:%M%z`
LOG=/mnt/hdd/backup/backup.mybook.vahagn.$TIMESTAMP.log
echo Starting $LOG | tee -a $LOG
echo start `$DATE` | tee -a $LOG
$SYNC /mnt/mybook/vahagn /mnt/hdd/backup | tee -a $LOG
echo end `$DATE` | tee -a $LOG

51
bin/arch/backup.root.sh Executable file
View File

@@ -0,0 +1,51 @@
#!/bin/bash
DATE=/bin/date
RSYNC=/usr/bin/rsync
TIMESTAMP=`$DATE +%Y%m%d-%H:%M%z`
LOGFILE=/mnt/hdd/backup/log/backup.mybook.public.$TIMESTAMP.log
LOG="/usr/bin/tee -a $LOGFILE"
function term() {
echo "Terminating." | $LOG
exit 1
}
trap term INT
function backup() {
ORIG_DIR=$1
MIRROR_DIR=$2
echo "Sync $ORIG_DIR to $MIRROR_DIR"
$RSYNC -aXv --delete --force $ORIG_DIR $MIRROR_DIR | $LOG
}
function backupwd() {
ORIG_DIR=$1
MIRROR_DIR=192.168.0.6:/DataVolume/$2
backup $ORIG_DIR $MIRROR_DIR
}
#
# Log Header
#
echo Starting $LOGFILE | $LOG
echo start `$DATE` | $LOG
#
# Sync folders
#
backupwd "/srv/gitlab/" "backup/gitlab"
backupwd "/srv/nextcloud/" "backup/nextcloud"
backupwd "/mnt/hdd/public/_captured_MY_VIDEO/" "public/_captured_MY_VIDEO"
backupwd "/mnt/hdd/public/pix/" "public/pix"
backupwd "/mnt/hdd/public/music/" "public/music"
backupwd "/mnt/hdd/public/books/" "public/books"
backupwd "/mnt/hdd/vahagn/" "backup/vahagn"
backup "/srv/gitlab" "/mnt/hdd/backup/gitlab"
backup "/srv/nextcloud" "/mnt/hdd/backup/nextcloud"
#
# Log Footer
#
echo end `$DATE` | $LOG

102
bin/backup.hdd.sh Executable file
View File

@@ -0,0 +1,102 @@
#!/bin/bash
#set -x
DATE=/bin/date
RSYNC=/usr/bin/rsync
TIMESTAMP=`$DATE +%Y%m%d-%H:%M%z`
LOGFILE=/mnt/hdd/backup/log/backup.$TIMESTAMP.log
LOG="/usr/bin/tee -a $LOGFILE"
function term() {
echo "Terminating." | $LOG
exit 1
}
trap term INT
function backup() {
ORIG_DIR=$1
MIRROR_DIR=$2
shift 2
echo ""
echo "Sync $ORIG_DIR to $MIRROR_DIR"
echo "========================================================"
# Use --progress if interactive.
$RSYNC -aAXv --delete --force "$@" $ORIG_DIR $MIRROR_DIR 2>&1 | $LOG
if [ $? -ne 0 ]; then
echo "There were errors while backing up $ORIG_DIR"
fi
echo ""
}
function backuphdd() {
HDD_ORIG=/mnt/hdd
HDD_MIRROR=/mnt/hdd2
ORIG_DIR=$HDD_ORIG/$1
MIRROR_DIR=$HDD_MIRROR/$(dirname $1)
backup $ORIG_DIR $MIRROR_DIR
}
function backupwd() {
ORIG_DIR=$1
MIRROR_DIR=192.168.0.6:/DataVolume/$2
backup $ORIG_DIR $MIRROR_DIR
}
function backuplusntag() {
ORIG_DIR="vahagn@192.168.0.3:$1"
MIRROR_DIR=$2
backup $ORIG_DIR $MIRROR_DIR -e "ssh -i /home/vahagn/.ssh/id_rsa"
}
function backupyerevak() {
ORIG_DIR="vahagn@yerevak.vostan.org:$1"
MIRROR_DIR=$2
backup $ORIG_DIR $MIRROR_DIR -e "ssh -i /home/vahagn/.ssh/id_rsa -p 24"
}
#
# Log Header
#
echo Starting $LOGFILE | $LOG
echo start `$DATE` | $LOG
#
# Sync folders
#
backup "/srv/nextcloud" "/mnt/hdd/backup/docker"
backup "/var/lib/docker/volumes" "/mnt/hdd/backup/docker"
backup "/src/gerbera/music" "/mnt/hdd/public"
#backup "/srv/gitlab" "/mnt/hdd/backup/gitlab"
#backup "/srv/git" "/mnt/hdd/backup/git"
#
# Backup Lusntag
#
backuplusntag "/home/vahagn/msdos" "/mnt/hdd/backup"
backuplusntag "/home/vahagn/devel" "/mnt/hdd/backup/lusntag"
backuplusntag "/var/www" "/mnt/hdd/backup/lusntag"
backuplusntag "/etc/nginx" "/mnt/hdd/backup/lusntag/etc"
#
# Backup Yerevak
#
backupyerevak "/home/vahagn/devel" "/mnt/hdd/backup/yerevak"
#
# Backup hdd1 to hdd2
#
backuphdd "backup"
backuphdd "vahagn"
for i in $(ls /mnt/hdd/public); do
if [ $i != "movies" ]; then
backuphdd "public/$i"
fi
done
#
# Log Footer
#
echo end `$DATE` | $LOG

7
bin/deluge-tunnel.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/sh
ssh -N \
-D *:1080 \
-L *:58846:127.0.0.1:58846 \
-L *:8112:127.0.0.1:8112 \
yerevak

8
bin/docker-calibre.sh Executable file
View File

@@ -0,0 +1,8 @@
sudo docker create \
--name=calibre --restart=always \
-v /srv/calibre/books:/books \
-v /srv/calibre/config:/calibre-web/config \
-v /etc/localtime:/etc/localtime:ro \
-e PGID=33 -e PUID=33 -p 8095:8083 \
technosoft2000/calibre-web

13
bin/docker-gerbera.sh Executable file
View File

@@ -0,0 +1,13 @@
docker run \
-d \
--net=host \
--name gerbera \
--hostname gerbera \
--restart always \
--volume /srv/gerbera/config:/root/.config \
--volume /srv/gerbera/music:/mnt/music \
--volume /srv/gerbera/video:/mnt/video \
--volume /mnt/hdd2/public/movies:/mnt/hdd_video \
--volume /mnt/hdd/public/music:/mnt/hdd_music \
gerbera/gerbera

12
bin/docker-gitlab.sh Executable file
View File

@@ -0,0 +1,12 @@
sudo docker run --detach \
--name gitlab \
--hostname gitlab \
--env GITLAB_OMNIBUS_CONFIG="external_url 'http://gitlab.vostan.org/'; gitlab_rails['lfs_enabled'] = true; gitlab_rails['gitlab_signin_enabled'] = false;" \
--publish 8443:443 \
--publish 8080:80 \
--publish 8022:22 \
--restart always \
--volume /srv/gitlab/config:/etc/gitlab \
--volume /srv/gitlab/logs:/var/log/gitlab \
--volume /srv/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ce:latest

7
bin/docker-nextcloud.sh Executable file
View File

@@ -0,0 +1,7 @@
sudo docker run \
--name nextcloud \
-d \
--publish 8090:80 \
--restart always \
--volume /srv/nextcloud:/var/www/html \
nextcloud

1
bin/lsync.sh Executable file
View File

@@ -0,0 +1 @@
rsync -av --progress --inplace --append-verify --remove-source-files -e "ssh -p 24" /mnt/ssd/deluge/done/$1 lusntag.vostan.org:/mnt/home/vahagn/tmp/tmp

BIN
bin/lusntag.socks5.bat Normal file
View File

Binary file not shown.

BIN
bin/lusntag.socks5.ps1 Normal file
View File

Binary file not shown.

BIN
bin/lusntag.socks5.sh Normal file
View File

Binary file not shown.

3
bin/rtorrent.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/sh
sudo ip netns exec soghancq sudo -u vahagn rtorrent -o http_capath=/etc/ssl/certs

3
bin/socks5-hrat.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/sh
ssh -D 192.168.0.4:1085 127.0.0.1 -N

3
bin/socks5-yerevak.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/sh
ssh -N -D 192.168.0.4:1080 yerevak

1
bin/suspend.sh Executable file
View File

@@ -0,0 +1 @@
sudo systemctl suspend

16
bin/upload.ready.deluge.sh Executable file
View File

@@ -0,0 +1,16 @@
#!/bin/bash
set -x
if [ "$1" != "no-progress" ]; then
PROG=--progress
else
shift
fi
if [ ! -z "$*" ]; then
for i in "$@"; do
/usr/bin/rsync -av --inplace --progress --append-verify "/mnt/ssd/deluge/done/$i" "hrat:tmp/tmp/done/"
done
else
/usr/bin/rsync -av --inplace --append-verify $PROG /mnt/ssd/deluge/done hrat:tmp/tmp
fi

BIN
bin/yerevak.socks5.ps1 Normal file
View File

Binary file not shown.

1
bin/yerevak_download.sh Executable file
View File

@@ -0,0 +1 @@
rsync -av --progress -e "ssh -p 24" yerevak.vostan.org:/mnt/ssd/deluge/done/$1 $2

8
docker/docker-calibre.sh Executable file
View File

@@ -0,0 +1,8 @@
sudo docker create \
--name=calibre --restart=always \
-v /srv/calibre/books:/books \
-v /srv/calibre/config:/calibre-web/config \
-v /etc/localtime:/etc/localtime:ro \
-e PGID=33 -e PUID=33 -p 8095:8083 \
technosoft2000/calibre-web

18
docker/gerbera/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
version: '2'
services:
gerbera:
hostname: gerbera
image: gerbera/gerbera:latest
network_mode: host
volumes:
- gerbera:/root/.config
- /srv/gerbera/music:/music
- /srv/gerbera/cached:/cached/cartoons
- /mnt/hdd2_2/movies:/video/movies
- /home/vahagn/tmp/tmp/done:/newvideo/new
restart: always
volumes:
gerbera:

27
docker/gitea/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
version: "3"
networks:
gitea:
external: false
services:
server:
image: gitea/gitea:1.12.6
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
restart: always
networks:
- gitea
volumes:
- gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "222:22"
volumes:
gitea:

50
docker/nextcloud/docker-compose.yml Normal file
View File

@@ -0,0 +1,50 @@
version: '2'
services:
nextcloud:
image: nextcloud:20
ports:
- 8092:80
volumes:
- /srv/nextcloud:/var/www/html
restart: always
links:
- db
db:
image: postgres
restart: always
volumes:
- db:/var/lib/postgresql/data
environment:
- POSTGRES_DB=nextcloud
- POSTGRES_USER=nextcloud
- POSTGRES_PASSWORD=nextcloud123
app:
image: nextcloud:20-fpm-alpine
restart: always
volumes:
- nextcloud:/var/www/html
links:
- db
depends_on:
- db
web:
image: nginx:alpine
restart: always
ports:
#- 8090:80
- 8090:80
links:
- app
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
- nextcloud:/var/www/html:ro
volumes:
db:
nextcloud:

173
docker/nextcloud/nginx.conf Normal file
View File

@@ -0,0 +1,173 @@
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.16.0.0/12;
set_real_ip_from 192.168.0.0/16;
real_ip_header X-Real-IP;
#gzip on;
upstream php-handler {
server app:9000;
}
server {
listen 80;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /var/www/html;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
location = /.well-known/carddav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location / {
rewrite ^ /index.php;
}
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
# fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {
try_files $uri /index.php$request_uri;
# Optional: Don't log access to other assets
access_log off;
}
}
}

7
motd/hrat.motd Normal file
View File

@@ -0,0 +1,7 @@
__
\ \ _____ _ _ _ _ ____
/ / / _ | | | | | | | / _ \
/ /___| | |_| |_| |_| | |_| | | |
(______| | \________/\_____/ |_|
|_|

7
motd/lusntag.motd Normal file
View File

@@ -0,0 +1,7 @@
_ _
| | ____ _ |_\_ ___ _ _ _ ___
| | / _ \ _ | | | | | __/ _ \| | | | | |/ _ \
| |__| | | | |_| |_| | |_) | |/) / |_| | | | (_) |_
\____|_| |_|___,\___/ \___/| |\_/\_________/\__ _|
|_| |_|

9
motd/yerevak.motd Normal file
View File

@@ -0,0 +1,9 @@

_ _ _
| |__ ____ | |_ _ _ _| |
| __|_/ _ \| _|_ _ | | | | | | | _
| |__| | | |_| |_| | |_| |_| |_| | |_| |
\____/| | \____/\___\_______ _/\__ |
|_| |_|


20
service/ssh_lusntag.service Normal file
View File

@@ -0,0 +1,20 @@
[Unit]
#SourcePath=/etc/init.d/rpcbind
Description=SSH lusntag.vostan.org
#DefaultDependencies=no
Before=shutdown.target
After=network-online.target local-fs.target
Wants=network-online.target
Conflicts=shutdown.target
[Service]
Type=simple
User=vahagn
Group=vahagn
Restart=always
RestartSec=5s
WorkingDirectory=/tmp
ExecStart=/usr/bin/ssh -N -R *:8022:127.0.0.1:22 -R *:58846:127.0.0.1:58846 -R *:8112:127.0.0.1:8112 -p 8080 -i /home/vahagn/.ssh/id_rsa vahagn@lusntag.vostan.org
[Install]
WantedBy=multi-user.target

20
service/ssh_socks5.service Normal file
View File

@@ -0,0 +1,20 @@
[Unit]
#SourcePath=/etc/init.d/rpcbind
Description=Local SOCKS5
#DefaultDependencies=no
Before=shutdown.target
After=network-online.target local-fs.target
Wants=network-online.target
Conflicts=shutdown.target
[Service]
Type=simple
User=vahagn
Group=vahagn
Restart=always
RestartSec=1s
WorkingDirectory=/tmp
ExecStart=/usr/bin/ssh -N -D 0.0.0.0:1080 -i /home/vahagn/.ssh/id_rsa vahagn@127.0.0.1
[Install]
WantedBy=multi-user.target

20
service/ssh_yerevak.service Normal file
View File

@@ -0,0 +1,20 @@
[Unit]
#SourcePath=/etc/init.d/rpcbind
Description=SSH lusntag.vostan.org
#DefaultDependencies=no
Before=shutdown.target
After=network-online.target local-fs.target
Wants=network-online.target
Conflicts=shutdown.target
[Service]
Type=simple
User=vahagn
Group=vahagn
Restart=always
RestartSec=5s
WorkingDirectory=/tmp
ExecStart=/usr/bin/ssh -N -R *:8022:127.0.0.1:22 -p 24 -i /home/vahagn/.ssh/id_rsa vahagn@yerevak.vostan.org
[Install]
WantedBy=multi-user.target

20
service/tun2socks.service Normal file
View File

@@ -0,0 +1,20 @@
# Automatically generated by systemd-sysv-generator
[Unit]
Description=tun0 to SOCKS5 tunel
Before=shutdown.target
After=network-online.target local-fs.target
Wants=network-online.target ssh_socks5.service
Conflicts=shutdown.target
[Service]
Type=simple
Restart=always
GuessMainPID=no
RemainAfterExit=yes
WorkingDirectory=/tmp
ExecStartPre=/usr/local/sbin/tun2socks_pre.sh
ExecStart=/sbin/ip netns exec soghancq /usr/local/sbin/tun2socks --tundev tun0 --netif-ipaddr 10.0.0.2 --netif-netmask 255.255.255.0 --socks-server-addr 127.0.0.1:1080 --udpgw-remote-server-addr 127.0.0.1:7300
[Install]
WantedBy=multi-user.target

45
service/tun2socks_pre.sh Normal file
View File

@@ -0,0 +1,45 @@
#!/bin/sh
NETNS=soghancq
IP=/sbin/ip
NS="$IP netns exec $NETNS"
#
# Set ip forwarding.
# Do it from /ete/sysctl.conf
#sysctl -w net.ipv4.ip_forward=1
#
# Create network namesapce.
#
$IP netns add $NETNS
#
# Peer to peer to default namespace.
#
$IP link add veth0 type veth peer name veth1
$IP addr add 10.1.1.1/30 dev veth0
$IP link set veth0 up
$IP link set veth1 netns $NETNS
$NS $IP addr add 10.1.1.2/30 dev veth1
$NS $IP link set veth1 up
$NS $IP route add 127.0.0.0/24 via 10.1.1.1 metric 5
$NS $IP route add 192.168.0.0/24 via 10.1.1.1 metric 5
#$NS $IP route add 8.8.8.8 via 10.1.1.1 metric 5
#
# Configure tun0 which goes through socks5.
#
$NS $IP tuntap add dev tun0 mode tun user root
$IP link set tun0 netns $NETNS
$NS $IP addr add 10.0.0.1/24 dev tun0
$NS $IP link set dev tun0 up
$NS $IP route add default via 10.0.0.2 metric 6
#$NS /usr/local/sbin/tun2socks \
# --tundev tun0 \
# --netif-ipaddr 10.0.0.2 \
# --netif-netmask 255.255.255.0 \
# --socks-server-addr 127.0.0.1:1080 \
# --udpgw-remote-server-addr 127.0.0.1:7300 &

24
yerevak/.ssh/config Normal file
View File

@@ -0,0 +1,24 @@
# Note that value for 'User' must be 'git'.
Host lusntag
HostName lusntag.vostan.org
Port 8080
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa
User vahagn
Host yerevak
HostName yerevak.vostan.org
Port 24
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa
User vahagn
Host hrat
HostName 192.168.0.4
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa
User vahagn
ProxyCommand=ssh -W %h:%p lusntag