2022-10-29 18:33:05 +05:30
|
|
|
---
|
|
|
|
|
|
|
|
title: "Setup trimurti (Debian ARM64)"
|
|
|
|
date: 2022-07-23T08:00:30+05:30
|
|
|
|
draft: false
|
|
|
|
toc: true
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
## Stage 0000: Immediate initial setup
|
|
|
|
|
|
|
|
|
|
|
|
### Set hostname
|
|
|
|
|
|
|
|
```bash
|
|
|
|
hostnamectl set-hostname trimurti
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Set timezone
|
|
|
|
|
|
|
|
```bash
|
|
|
|
timedatectl set-timezone Asia/Kolkata
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Set DNS Servers
|
|
|
|
|
|
|
|
```bash
|
|
|
|
nmcli connection modify "$(nmcli -g name,device connection show | grep "eth0" | cut -f1 -d":")" ipv4.dns "1.1.1.2,1.0.0.2"
|
|
|
|
nmcli connection modify "$(nmcli -g name,device connection show | grep "eth0" | cut -f1 -d":")" ipv4.ignore-auto-dns yes
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Enable loading the Wireguard kernel module at boot.
|
|
|
|
|
|
|
|
```bash
|
|
|
|
echo "wireguard" | tee /etc/modules-load.d/wireguard.conf
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Modify motd
|
|
|
|
|
|
|
|
```bash
|
|
|
|
echo "\n# added by PRATHAM\n/home/pratham/.scripts/_trimurti/motd/show_logs.sh" | tee -a /etc/profile
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### REBOOT! (hostname needs to come in effect)
|
|
|
|
|
|
|
|
```bash
|
|
|
|
reboot +0
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Generate SSH keys
|
|
|
|
|
|
|
|
```bash
|
|
|
|
cd $HOME/.ssh
|
|
|
|
ssh-keygen -t ed25519 -f flameboi
|
|
|
|
ssh-keygen -t ed25519 -f gitea
|
|
|
|
ssh-keygen -t ed25519 -f github
|
|
|
|
ssh-keygen -t ed25519 -f gitlab
|
|
|
|
ssh-keygen -t ed25519 -f sentinel
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Reboot
|
|
|
|
|
|
|
|
```bash
|
|
|
|
reboot +0
|
|
|
|
```
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
## Stage 0010
|
|
|
|
|
|
|
|
|
|
|
|
### apt configuration
|
|
|
|
|
2022-10-29 19:37:48 +05:30
|
|
|
`sudo` is not needed, switch to `doas`
|
|
|
|
|
|
|
|
```bash
|
|
|
|
echo "Package: sudo
|
|
|
|
Pin: release *
|
|
|
|
Pin-Priority: -1" | tee /etc/apt/preferences.d/90_sudo
|
|
|
|
```
|
|
|
|
|
2022-10-29 18:33:05 +05:30
|
|
|
```bash
|
|
|
|
echo "# this file was edited by Pratham Patel
|
|
|
|
|
|
|
|
# bookworm
|
|
|
|
deb http://deb.debian.org/debian/ bookworm main contrib non-free-firmware
|
|
|
|
deb-src http://deb.debian.org/debian/ bookworm main contrib non-free-firmware
|
|
|
|
|
|
|
|
|
|
|
|
# bookworm-security
|
|
|
|
deb http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware
|
|
|
|
deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware
|
|
|
|
|
|
|
|
|
|
|
|
# bookworm-updates
|
|
|
|
deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free-firmware
|
|
|
|
deb-src http://deb.debian.org/debian/ bookworm-updates main contrib non-free-firmware" | tee /etc/apt/sources.list
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Package management
|
|
|
|
|
|
|
|
```bash
|
|
|
|
apt-get update
|
|
|
|
apt-get upgrade
|
|
|
|
apt-get dist-upgrade
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Install packages
|
|
|
|
|
|
|
|
```bash
|
|
|
|
# necessary pkgs
|
|
|
|
apt install -y bind9-dnsutils console-setup curl fdisk ffmpeg findutils git git-delta git-email git-man libpam-google-authenticator neovim network-manager openssh-client openssh-server openssl plocate rename rsync signify-openbsd tmux tree wget wireguard zsh zsh-autosuggestions zsh-common zsh-syntax-highlighting
|
|
|
|
systemctl enable --now NetworkManager.service
|
|
|
|
|
|
|
|
# monitoring
|
|
|
|
apt install -y btop htop iotop nload iperf iperf3
|
|
|
|
|
|
|
|
# containerisation stuff
|
2022-11-02 08:11:52 +05:30
|
|
|
apt install -y aardvark-dns bridge-utils podman podman-compose slirp4netns buildah-
|
2022-10-29 18:33:05 +05:30
|
|
|
|
|
|
|
# download clients
|
2022-11-19 18:40:07 +05:30
|
|
|
apt install -y aria2 wget2 yt-dlp
|
2022-10-29 18:33:05 +05:30
|
|
|
|
|
|
|
# android-stuff
|
|
|
|
apt install -y adb fastboot
|
|
|
|
|
|
|
|
# coreutils-rust
|
2022-11-19 18:38:22 +05:30
|
|
|
apt install -y bat fd-find ripgrep tre-command
|
2022-10-29 18:33:05 +05:30
|
|
|
#apt install -y skim
|
|
|
|
|
|
|
|
# system utils
|
2022-11-19 18:40:07 +05:30
|
|
|
apt install -y eatmydata hd-idle hdparm smartmontools ssmtp tldr wakeonlan
|
2022-10-29 18:33:05 +05:30
|
|
|
|
|
|
|
# compression
|
|
|
|
apt install -y tar unrar-free unzip xz-utils zip
|
|
|
|
|
|
|
|
# cockpit
|
|
|
|
apt install -y cockpit cockpit-doc cockpit-machines cockpit-pcp cockpit-networkmanager cockpit-packagekit cockpit-podman cockpit-sosreport cockpit-system cockpit-ws
|
|
|
|
|
|
|
|
# optional?
|
|
|
|
#apt install -y cron
|
|
|
|
|
|
|
|
# software devel
|
|
|
|
apt install -y meld
|
|
|
|
|
|
|
|
# kernel-devel
|
|
|
|
apt install -y autoconf bc bison build-essential cmake fakeroot flex gdb-multiarch libc6-dev libelf-dev libncurses-dev libssl-dev make openocd
|
|
|
|
|
|
|
|
# virtualisation
|
2022-10-29 18:39:46 +05:30
|
|
|
apt install -y libvirt-clients libvirt-daemon-system qemu-efi-aarch64 qemu-system qemu-system-common qemu-system-gui qemu-system-misc qemu-user qemu-user-static qemu-utils
|
|
|
|
#libvirt-daemon-kvm
|
2022-10-29 18:33:05 +05:30
|
|
|
|
|
|
|
# network filesystems
|
2022-10-29 18:44:42 +05:30
|
|
|
apt install -y cifs-utils nfs-common nfs-kernel-server nfswatch
|
2022-10-29 18:33:05 +05:30
|
|
|
# try to use NFS
|
|
|
|
#apt install -y samba samba-common samba-common-bin
|
|
|
|
|
|
|
|
# zfs
|
|
|
|
apt install -y dpkg-dev linux-headers-arm64
|
|
|
|
DEBIAN_FRONTEND=noninteractive apt install -y zfs-dkms zfs-zed zfsutils-linux
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Add user
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 09:08:37 +05:30
|
|
|
usermod -a -G adb,audio,cdrom,dip,floppy,games,netdev,plugdev,sys,systemd-journal,uucp,video pratham
|
2022-10-29 18:33:05 +05:30
|
|
|
|
|
|
|
echo "permit persist keepenv pratham" | tee -a /etc/doas.conf
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Reboot
|
|
|
|
|
|
|
|
```bash
|
|
|
|
reboot +0
|
|
|
|
```
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
## Stage 0011: Install stuff
|
|
|
|
|
|
|
|
|
|
|
|
### vim-plug (Neovim)
|
|
|
|
|
|
|
|
```bash
|
|
|
|
sh -c 'curl -fLo "${XDG_DATA_HOME:-$HOME/.local/share}"/nvim/site/autoload/plug.vim --create-dirs https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim'
|
|
|
|
```
|
|
|
|
|
|
|
|
**Open `nvim` and type `:PlugInstall`**
|
|
|
|
|
|
|
|
|
|
|
|
### Enable systemd services
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas systemctl enable cockpit.socket cockpit.service
|
|
|
|
doas systemctl enable podman.socket
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
## Stage 0100: ZFS
|
|
|
|
|
|
|
|
|
|
|
|
### Enable necessary services
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas systemctl enable zfs-import-cache.service
|
|
|
|
doas systemctl enable zfs-import-scan.service
|
|
|
|
doas systemctl enable zfs-mount.service
|
|
|
|
doas systemctl enable zfs-share.service
|
|
|
|
doas systemctl enable zfs-zed.service
|
|
|
|
doas systemctl enable zfs.target
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Make sure an import cache file exists
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zpool set cachefile=/etc/zfs/zpool.cache brahmaand
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Creating a new zpool?
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zpool create -o ashift=12 -o autotrim=on brahmaand /dev/sda
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs set atime=off brahmaand
|
|
|
|
doas zfs set primarycache=all brahmaand
|
|
|
|
doas zfs set recordsize=1M brahmaand
|
|
|
|
doas zfs set xattr=sa brahmaand
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs create brahmaand/containers
|
|
|
|
doas zfs create brahmaand/containers/volumes
|
|
|
|
doas zfs create brahmaand/containers/volumes/blog
|
|
|
|
doas zfs create brahmaand/containers/volumes/caddy
|
|
|
|
doas zfs create brahmaand/containers/volumes/mach
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs create brahmaand/containers/volumes/gitea
|
|
|
|
doas zfs create brahmaand/containers/volumes/gitea/database
|
|
|
|
doas zfs set recordsize=8K brahmaand/containers/volumes/gitea/database
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs create brahmaand/containers/volumes/nextcloud
|
|
|
|
doas zfs create brahmaand/containers/volumes/nextcloud/database
|
|
|
|
doas zfs set recordsize=8K brahmaand/containers/volumes/nextcloud/database
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs create brahmaand/torrents
|
|
|
|
doas zfs set recordsize=16K brahmaand/torrents
|
|
|
|
doas zfs create brahmaand/torrents/downloads
|
|
|
|
doas zfs create brahmaand/torrents/downloads/.incomplete
|
|
|
|
doas zfs create brahmaand/torrents/config
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas chown pratham:pratham -vR /brahmaand
|
|
|
|
doas chown pratham:pratham -vR /brahmaand/torrents
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs allow -u pratham create,destroy,mount,snapshot,send,hold brahmaand
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zpool export brahmaand
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zpool import
|
|
|
|
doas zpool import -d /dev/disk/by-id <pool-id>
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zpool set cachefile=/etc/zfs/zpool.cache brahmaand
|
2022-10-29 18:33:05 +05:30
|
|
|
|
|
|
|
zpool status -v
|
|
|
|
zfs list
|
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zpool scrub brahmaand
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Reboot
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas reboot +0
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
## Stage 0101: Containers
|
|
|
|
|
|
|
|
|
|
|
|
### Pull images
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
sleep 60 && podman pull docker.io/library/postgres:15-alpine
|
2022-10-29 18:33:05 +05:30
|
|
|
sleep 60 && podman pull docker.io/library/caddy:alpine
|
|
|
|
sleep 60 && podman pull docker.io/klakegg/hugo:ext-debian
|
|
|
|
sleep 60 && podman pull docker.io/library/nextcloud:production
|
|
|
|
sleep 60 && podman pull docker.io/klakegg/hugo:alpine
|
|
|
|
sleep 60 && podman pull docker.io/gitea/gitea:latest
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Get fs ready
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs set atime=off brahmaand
|
|
|
|
doas zfs set primarycache=all brahmaand
|
|
|
|
doas zfs set recordsize=1M brahmaand
|
|
|
|
doas zfs set xattr=sa brahmaand
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs create brahmaand/containers
|
|
|
|
doas zfs create brahmaand/containers/volumes
|
|
|
|
doas zfs create brahmaand/containers/volumes/blog
|
|
|
|
doas zfs create brahmaand/containers/volumes/caddy
|
|
|
|
doas zfs create brahmaand/containers/volumes/gitea
|
|
|
|
doas zfs create brahmaand/containers/volumes/mach
|
|
|
|
doas zfs create brahmaand/containers/volumes/nextcloud
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs create brahmaand/torrents
|
|
|
|
doas zfs set recordsize=16K brahmaand/torrents
|
|
|
|
doas zfs create brahmaand/torrents/downloads
|
|
|
|
doas zfs create brahmaand/torrents/downloads/.incomplete
|
|
|
|
doas zfs create brahmaand/torrents/config
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas chown pratham:pratham -vR /brahmaand/containers/volumes
|
|
|
|
doas chown pratham:pratham -vR /brahmaand/torrents
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-11-02 16:17:26 +05:30
|
|
|
doas zfs allow -u pratham send,snapshot,hold brahmaand
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Create directories for mounting container volumes
|
|
|
|
|
|
|
|
```bash
|
|
|
|
mkdir -vp /brahmaand/containers/volumes/caddy/{site,ssl/{private,certs},caddy_{data,config}}
|
|
|
|
mkdir -vp /brahmaand/containers/volumes/gitea/{database,web}
|
|
|
|
mkdir -vp /brahmaand/containers/volumes/nextcloud/{database,web}
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Enable workaround for "root-less containers can't ping hosts"
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
grep net.ipv4.ping_group_range /etc/sysctl.conf || echo "net.ipv4.ping_group_range=0 $(grep pratham /etc/subuid | awk -F ":" '{print $2 + $3}')" | doas tee -a /etc/sysctl.conf
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Hugo
|
|
|
|
|
|
|
|
```bash
|
2022-10-31 10:03:15 +05:30
|
|
|
git clone --recursive git@gitlab.com:thefossguy/blog.git /brahmaand/containers/volumes/blog
|
|
|
|
cd /brahmaand/containers/volumes/blog
|
|
|
|
git remote rm origin
|
2022-10-31 10:10:30 +05:30
|
|
|
git remote add origin git@git.thefossguy.com:thefossguy/blog.git
|
2022-10-31 10:03:15 +05:30
|
|
|
|
|
|
|
git clone --recursive git@gitlab.com:thefossguy/machines.git /brahmaand/containers/volumes/mach
|
|
|
|
cd /brahmaand/containers/volumes/mach
|
|
|
|
git remote rm origin
|
2022-10-31 10:10:30 +05:30
|
|
|
git remote add origin git@git.thefossguy.com:thefossguy/machines.git
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Caddy
|
|
|
|
|
|
|
|
1. Visit the [Cloudflare dashboard](https://dash.cloudflare.com/)
|
|
|
|
2. Select domain
|
|
|
|
3. On the left sidebar, select 'SSL/TLS'. Make sure _Encryption Mode_ is **Full (strict)**.
|
|
|
|
4. Under 'SSL/TLS', goto '**Origin Server**'.
|
|
|
|
5. Create a new Certificate **with default values**.
|
|
|
|
6. Populate `/brahmaand/containers/volumes/caddy/ssl/{certs/certificate.pem,private/key.pem}`.
|
|
|
|
7. Change permissions for `/brahmaand/containers/volumes/caddy/ssl/private`.
|
|
|
|
|
|
|
|
```bash
|
|
|
|
chmod 700 -v /brahmaand/containers/volumes/caddy/ssl/private
|
|
|
|
chmod 600 -v /brahmaand/containers/volumes/caddy/ssl/private/key.pem
|
|
|
|
```
|
|
|
|
|
|
|
|
Copy `Caddyfile` to the appropriate directory.
|
|
|
|
|
|
|
|
```bash
|
|
|
|
cp -v Caddyfile /brahmaand/containers/volumes/caddy/
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Cockpit
|
|
|
|
|
|
|
|
something-something enable SSL for cockpit
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas cp cockpit.conf /etc/cockpit/cockpit.conf
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Generate container secrets for passwords
|
|
|
|
|
|
|
|
```bash
|
|
|
|
openssl rand -base64 20 | podman secret create gitea_database_user_password -
|
|
|
|
openssl rand -base64 20 | podman secret create nextcloud_database_user_password -
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Enable user lingering
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas loginctl enable-linger
|
2022-10-29 18:33:05 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Start containers
|
|
|
|
|
|
|
|
```bash
|
|
|
|
podman-compose -f master-compose.yml up -d
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Generate systemd files and enable them
|
|
|
|
|
|
|
|
```bash
|
|
|
|
cd $HOME/.config/systemd/user
|
|
|
|
|
|
|
|
podman generate systemd -f --name caddy-vishwambhar --new
|
|
|
|
podman generate systemd -f --name gitea-chitragupta --new
|
|
|
|
podman generate systemd -f --name gitea-govinda --new
|
|
|
|
podman generate systemd -f --name hugo-mahayogi --new
|
|
|
|
podman generate systemd -f --name hugo-vaikunthnatham --new
|
|
|
|
podman generate systemd -f --name nextcloud-chitragupta --new
|
|
|
|
podman generate systemd -f --name nextcloud-govinda --new
|
|
|
|
|
|
|
|
systemctl --user daemon-reload
|
|
|
|
|
|
|
|
systemctl --user enable container-caddy-vishwambhar container-gitea-chitragupta container-gitea-govinda container-hugo-mahayogi container-hugo-vaikunthnatham container-nextcloud-chitragupta container-nextcloud-govinda
|
|
|
|
```
|
|
|
|
|
|
|
|
---
|
|
|
|
|
2022-10-29 19:37:48 +05:30
|
|
|
## Stage 0111: sharing zpool
|
|
|
|
|
|
|
|
### exports
|
|
|
|
|
|
|
|
[docs](https://manpages.debian.org/testing/nfs-kernel-server/exports.5.en.html)
|
|
|
|
|
|
|
|
Add the following lines to the `/etc/exports` file:
|
|
|
|
|
|
|
|
```
|
|
|
|
/brahmaand 10.0.0.0/8(ro,insecure,subtree_check,crossmnt)
|
|
|
|
```
|
|
|
|
|
|
|
|
Then, export it.
|
|
|
|
|
|
|
|
```bash
|
2022-11-02 16:17:26 +05:30
|
|
|
doas exportfs -rva
|
2022-10-29 19:37:48 +05:30
|
|
|
```
|
|
|
|
|
|
|
|
---
|
2022-10-29 18:33:05 +05:30
|
|
|
|
2022-10-29 19:37:48 +05:30
|
|
|
## Stage 1000: cron
|
2022-10-29 18:33:05 +05:30
|
|
|
|
|
|
|
### user crontab
|
|
|
|
|
|
|
|
```bash
|
|
|
|
# always add ">/dev/null 2>&1" at the end of cronjobs
|
|
|
|
# to prevnet a `dead.letter` in $HOME/
|
|
|
|
|
|
|
|
|
|
|
|
# check if containers are running or not; restart if stopped
|
|
|
|
*/5 * * * * bash /home/pratham/.scripts/_trimurti/cron/pratham/maintenance.sh >/dev/null 2>&1
|
|
|
|
|
|
|
|
|
|
|
|
# run Nextcloud cron
|
|
|
|
*/5 * * * * podman exec -u www-data nextcloud-govinda /usr/local/bin/php -f /var/www/html/cron.php >/dev/null 2>&1
|
|
|
|
|
|
|
|
|
|
|
|
# Nextcloud: scan files for all users and perform cleanup
|
|
|
|
10 */2 * * * podman exec -u www-data nextcloud-govinda /usr/local/bin/php -f /var/www/html/occ files:scan --all >/dev/null 2>&1
|
|
|
|
40 */2 * * * podman exec -u www-data nextcloud-govinda /usr/local/bin/php -f /var/www/html/occ files:cleanup >/dev/null 2>&1
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### root crontab
|
|
|
|
|
|
|
|
```bash
|
|
|
|
# always add ">/dev/null 2>&1" at the end of cronjobs
|
|
|
|
# to prevnet a `dead.letter` in $HOME/
|
|
|
|
|
|
|
|
|
|
|
|
# update fs database every 6 hours
|
|
|
|
* */6 * * * updatedb >/dev/null 2>&1
|
|
|
|
|
|
|
|
|
|
|
|
# create zfs snapshots every Friday
|
|
|
|
0 0 * * 5 bash /home/pratham/.scripts/_trimurti/cron/root/zfs-bak.sh >/dev/null 2>&1
|
|
|
|
|
|
|
|
|
|
|
|
# start scrub
|
|
|
|
# on the first Friday of every month
|
|
|
|
# at 2100 hours
|
|
|
|
0 21 * * 5 [ $(date +\%d) -le 07 ] && /sbin/zpool scrub >/dev/null 2>&1
|
|
|
|
```
|