sudo apt install netplan.io openvswitch-switch
nano /etc/netplan/network.yaml
network:
1. Open CMD as Administrator | |
2. Paste the following commands into the Cmd: One by one, follow the order. | |
cscript slmgr.vbs /ipk "SERIAL NUMBER HERE" | |
Replace SERIAL NUMBER HER with any of these, according your Windows 10 installation type. | |
Home/Core TX9XD-98N7V-6WMQ6-BX7FG-H8Q99 | |
Home/Core (Country Specific) PVMJN-6DFY6-9CCP6-7BKTT-D3WVR | |
Home/Core (Single Language) 7HNRX-D7KGG-3K4RQ-4WPJ4-YTDFH |
server | |
{ | |
# Listen | |
listen 80; | |
listen [::]:80; | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
# Server Name and Alias | |
server_name urbackup.example.com; |
deb http://deb.debian.org/debian/ bookworm main non-free-firmware | |
deb-src http://deb.debian.org/debian/ bookworm main non-free-firmware | |
deb http://security.debian.org/debian-security bookworm-security main non-free-firmware | |
deb-src http://security.debian.org/debian-security bookworm-security main non-free-firmware | |
deb http://deb.debian.org/debian/ bookworm-updates main non-free-firmware | |
deb-src http://deb.debian.org/debian/ bookworm-updates main non-free-firmware | |
deb [arch=amd64 by-hash=yes signed-by=/usr/share/keyrings/3cx-archive-keyring.gpg] http://repo.3cx.com/debian/2001 bookworm main |
### The original Author of this package had enabled CloudFlare JS verification. As a result, this automated script will not work. | |
### Therefore you have to download each package and install it manually. | |
## Change Directory | |
cd /tmp/ | |
## Update opkg | |
opkg update | |
## If wget not installed already |
## You need to remove the default dnsmasq package. | |
## If you remove straight, it will stop resolving DNS, and that is why we are going to use these following commands | |
opkg update; cd /tmp/ && opkg download dnsmasq-full; opkg install ipset libnettle8 libnetfilter-conntrack3; | |
opkg remove dnsmasq; opkg install dnsmasq-full --cache /tmp/; rm -f /tmp/dnsmasq-full*.ipk; | |
## Install wget if you don't have it. | |
## You can skip that if you can upload those files using SCP | |
## Check the official repo as those endpoints update frequently therefore change it accordingly | |
opkg install wget | |
wget https://downloads.sourceforge.net/project/v2raya/openwrt/v2raya.pub -O /etc/opkg/keys/94cc2a834fb0aa03 |
# Install Duplicity | |
sudo apt-get update | |
sudo apt-get install duplicity duply python-boto screen | |
#Create a profile of backup. | |
duply backupfullserver create | |
#Generate Secure Password for GPG |
If you don't know what Wireguard is, well, you should. It's fast, easy to setup and highly configurable. We will configure Wireguard for multiple users with various restrictions using iptables.
This should fit most setups (not mine though 😉)
## Remove Existing Host Files | |
rm /etc/ssh/ssh_host_* | |
## Regenerate Host Files | |
ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N "" | |
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" | |
## Enable Host Files | |
sed -i 's/^HostKey \/etc\/ssh\/ssh_host_\(dsa\|ecdsa\)_key$/\#HostKey \/etc\/ssh\/ssh_host_\1_key/g' /etc/ssh/sshd_config |
## Seed | |
## xeob8mPP2VPHBXHCexEPGjOMdBKgQ7qCv2tRC6BXSfQ2ahAeEHC374OyOykUYCyRKU/n8Azv6cw6/MLwNZq9HSYEPfKNFTKhJG2vKZUmFNzc9RDzxya9Lp9VsE34P/tWL4EBO+c7an3Lvi9vXYI79uTbVMcdmNQP5ZrQ6AIZYwCc/N1jdM71muV4Vc94jY9aRsmQvC6bOrxgHlAcWrUw8irEbUNCg5xe5INpnCjbRSXnojisx07zmNDSQ5BUH4LXhRok/uIuGg5qqJaans+FegDc1+aN2L2cTlcefYjTJnMNIjzuPFBClbaAszDTcmQ7wjF7TdYZgJTd3V+754+RlQ== | |
## WireGuard Server Configuration | |
[Interface] | |
Address = 172.73.74.1/24 | |
ListenPort = 12345 | |
PrivateKey = wLgZoPI44SU67MXktUnRMNYz4WbLTYIWweX03cBXukQ= | |
## Allow communication between WireGuard peers and MASQUERADE traffic | |
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; |