Nill Ringil Nill-R

## caddy.service
[Unit]
Description=Caddy HTTP/2 web server
Documentation=https://caddyserver.com/docs
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service

[Service]
Restart=on-abnormal

; User and group the process will run as.

## default
http://:80 {
log / /var/log/caddy/access.log "{combined}"
errors /var/log/caddy/error.log
status 418 /
}

## caddy_install.bash
#!/bin/bash
apt -y install curl
CADDY_TELEMETRY=on curl -s https://getcaddy.com | bash -s personal http.cache,http.cgi,http.cors,http.expires,http.filter,http.forwardproxy,http.geoip,http.ipfilter,http.locale,http.login,http.minify,http.nobots,http.ratelimit,http.realip,tls.dns.cloudflare,tls.dns.namecheap,tls.dns.vultr
setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy
mkdir -p /etc/caddy/ssl
mkdir -p /etc/caddy/sites-enabled
mkdir -p /etc/caddy/sites-available
chown -R www-data:www-data /etc/caddy
chmod 0750 /etc/caddy/ssl
echo "import /etc/caddy/sites-enabled/*" >/etc/caddy/Caddyfile

## mariadb_backup_scripts_install.bash
#!/bin/bash
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
rm -rf /etc/apt/sources.list.d/mariadb.list.old*
apt update
apt -y install git mariadb-server mariadb-backup qpress
red=$'\e[1;31m'
grn=$'\e[1;32m'
yel=$'\e[1;33m'
blu=$'\e[1;34m'
mag=$'\e[1;35m'

## create_db_and_user.bash
#!/bin/bash

EXPECTED_ARGS=2
E_BADARGS=65
MYSQL=`which mysql`
PASS=`tr -cd '[:alnum:]' < /dev/urandom | fold -w24 | head -n1`
echo $PASS

Q1="CREATE DATABASE IF NOT EXISTS $1;"
Q2="GRANT USAGE ON *.* TO $2@localhost IDENTIFIED BY '$PASS';"

## run_it_first.bash
#!/usr/bin/env bash

apt update
apt -y install gdebi
cd $(mktemp -d backup.XXXXXXX)
TEMP_DIR=`pwd`
wget http://www.tataranovich.com/debian/pool/sid/main/t/tataranovich-keyring/tataranovich-keyring_2020.06.12_all.deb
gdebi --n tataranovich-keyring_2020.06.12_all.deb
printf "deb http://www.tataranovich.com/ubuntu bionic main\n" >/etc/apt/sources.list.d/mc.list
apt update

## badips-ipset.sh
#!/bin/bash
# Script for blocking IPs which have been reported to www.badips.com
#   via ipsets.
#
# - THIS SCRIPT DOES NOT BLOCK ANYTHING -
# This script only updates ipsets with applicable data from
# badips.com. Actually blocking the ips in that ipset is left
# up to the user (so that you may do so however you prefer).
#
# Additionally, this script does not persist the ipsets through

## xmlrpc.conf
location = /xmlrpc.php {
    allow 122.248.245.244;
    allow 54.217.201.243;
    allow 54.232.116.4;
    allow 192.0.80.0/20;
    allow 192.0.96.0/20;
    allow 192.0.112.0/20;
    allow 195.234.108.0/22;
    deny all;
    access_log off;

## ssl-checks.bash
#!/usr/bin/env bash
#
# Program: SSL Certificate Check <ssl-cert-check>
#
# Source code home: https://github.com/Matty9191/ssl-cert-check
#
# Documentation: http://prefetch.net/articles/checkcertificate.html
#
# Author: Matty < matty91 at gmail dot com >
# Edited by Nill Rinov for Telegram

## yggdrasil_install.bash
#!/bin/bash

gpg --fetch-keys https://neilalexander.s3.dualstack.eu-west-2.amazonaws.com/deb/key.txt
gpg --export 569130E8CA20FBC4CB3FDE555898470A764B32C9 | apt-key add -
echo 'deb http://neilalexander.s3.dualstack.eu-west-2.amazonaws.com/deb/ debian yggdrasil' | tee /etc/apt/sources.list.d/yggdrasil.list
apt-get update
apt-get -y install yggdrasil
wget https://gist.github.com/Nill-R/e09566aa33c841fe73aeac373f734f05/raw/bed12fcde5901bd2f3320ab6e936ff6eeaae2421/20-yggdrasil.conf -O /etc/rsyslog.d/20-yggdrasil.conf ; systemctl restart rsyslog
wget https://gist.github.com/Nill-R/cb84b232a0baf6550d4733849c76175d/raw/a150a6333ff122a12c5e311d83a115d86177d728/yggdrasil -O /etc/logrotate.d/yggdrasil
	[Unit]
	Description=Caddy HTTP/2 web server
	Documentation=https://caddyserver.com/docs
	After=network-online.target
	Wants=network-online.target systemd-networkd-wait-online.service

	[Service]
	Restart=on-abnormal

	; User and group the process will run as.
	http://:80 {
	log / /var/log/caddy/access.log "{combined}"
	errors /var/log/caddy/error.log
	status 418 /
	}
	#!/bin/bash
	apt -y install curl
	CADDY_TELEMETRY=on curl -s https://getcaddy.com \| bash -s personal http.cache,http.cgi,http.cors,http.expires,http.filter,http.forwardproxy,http.geoip,http.ipfilter,http.locale,http.login,http.minify,http.nobots,http.ratelimit,http.realip,tls.dns.cloudflare,tls.dns.namecheap,tls.dns.vultr
	setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy
	mkdir -p /etc/caddy/ssl
	mkdir -p /etc/caddy/sites-enabled
	mkdir -p /etc/caddy/sites-available
	chown -R www-data:www-data /etc/caddy
	chmod 0750 /etc/caddy/ssl
	echo "import /etc/caddy/sites-enabled/*" >/etc/caddy/Caddyfile
	#!/bin/bash
	curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup \| sudo bash
	rm -rf /etc/apt/sources.list.d/mariadb.list.old*
	apt update
	apt -y install git mariadb-server mariadb-backup qpress
	red=$'\e[1;31m'
	grn=$'\e[1;32m'
	yel=$'\e[1;33m'
	blu=$'\e[1;34m'
	mag=$'\e[1;35m'
	#!/bin/bash

	EXPECTED_ARGS=2
	E_BADARGS=65
	MYSQL=`which mysql`
	PASS=`tr -cd '[:alnum:]' < /dev/urandom \| fold -w24 \| head -n1`
	echo $PASS

	Q1="CREATE DATABASE IF NOT EXISTS $1;"
	Q2="GRANT USAGE ON . TO $2@localhost IDENTIFIED BY '$PASS';"
	#!/usr/bin/env bash

	apt update
	apt -y install gdebi
	cd $(mktemp -d backup.XXXXXXX)
	TEMP_DIR=`pwd`
	wget http://www.tataranovich.com/debian/pool/sid/main/t/tataranovich-keyring/tataranovich-keyring_2020.06.12_all.deb
	gdebi --n tataranovich-keyring_2020.06.12_all.deb
	printf "deb http://www.tataranovich.com/ubuntu bionic main\n" >/etc/apt/sources.list.d/mc.list
	apt update
	#!/bin/bash
	# Script for blocking IPs which have been reported to www.badips.com
	# via ipsets.
	#
	# - THIS SCRIPT DOES NOT BLOCK ANYTHING -
	# This script only updates ipsets with applicable data from
	# badips.com. Actually blocking the ips in that ipset is left
	# up to the user (so that you may do so however you prefer).
	#
	# Additionally, this script does not persist the ipsets through
	location = /xmlrpc.php {
	allow 122.248.245.244;
	allow 54.217.201.243;
	allow 54.232.116.4;
	allow 192.0.80.0/20;
	allow 192.0.96.0/20;
	allow 192.0.112.0/20;
	allow 195.234.108.0/22;
	deny all;
	access_log off;
	#!/usr/bin/env bash
	#
	# Program: SSL Certificate Check <ssl-cert-check>
	#
	# Source code home: https://github.com/Matty9191/ssl-cert-check
	#
	# Documentation: http://prefetch.net/articles/checkcertificate.html
	#
	# Author: Matty < matty91 at gmail dot com >
	# Edited by Nill Rinov for Telegram
	#!/bin/bash

	gpg --fetch-keys https://neilalexander.s3.dualstack.eu-west-2.amazonaws.com/deb/key.txt
	gpg --export 569130E8CA20FBC4CB3FDE555898470A764B32C9 \| apt-key add -
	echo 'deb http://neilalexander.s3.dualstack.eu-west-2.amazonaws.com/deb/ debian yggdrasil' \| tee /etc/apt/sources.list.d/yggdrasil.list
	apt-get update
	apt-get -y install yggdrasil
	wget https://gist.github.com/Nill-R/e09566aa33c841fe73aeac373f734f05/raw/bed12fcde5901bd2f3320ab6e936ff6eeaae2421/20-yggdrasil.conf -O /etc/rsyslog.d/20-yggdrasil.conf ; systemctl restart rsyslog
	wget https://gist.github.com/Nill-R/cb84b232a0baf6550d4733849c76175d/raw/a150a6333ff122a12c5e311d83a115d86177d728/yggdrasil -O /etc/logrotate.d/yggdrasil