Update playbooks

roles/files/debian/setup/crontabs/root

@@ -0,0 +1,22 @@
+# VIM Default Editor
+@reboot export VISUAL=vim
+@reboot export EDITOR=vim
+
+# Fix tmux bug
+@reboot tmux
+
+# Network mount
+* * * * * mount.cifs "//255.255.255.0/SAMBA-MOUNT" "/mnt/backups/" -o credentials="/root/.samba/credentials"
+
+# Start services
+@reboot sleep 30 && tmux new-session -d -s "start_services" "bash /root/scripts/start_services.sh"
+
+# Backups
+0 */4 * * * tmux new-session -d -s "Borg Backups" bash /root/scripts/backup.sh
+
+# Docker Cleanup
+0 0 1 * *  docker system prune --all --volumes --force
+
+# ACME
+52 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
+0 */7 * * * tmux new-session -d -s "Acme SSL Updater" bash /root/scripts/acme_ssl.sh

roles/files/debian/setup/samba/credentials

@@ -0,0 +1,2 @@
+username=USERNAME
+password=PASSWORD

roles/files/debian/setup/scripts/.env.sample

@@ -0,0 +1,2 @@
+CF_Token=REPLACE_WITH_YOUR_TOKEN
+DuckDNS_Token=REPLACE_WITH_YOUR_TOKEN

roles/files/debian/setup/scripts/acme_scripts/cloudflare.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Read CF_Token and ACME_Email from .env
+source ".env"
+
+/root/.acme.sh/acme.sh --upgrade --auto-upgrade
+/root/.acme.sh/acme.sh --register-account -m noehbernasol0@gmail.com
+
+# Array of domains
+domains=("*.06222001.xyz" "06222001.xyz")
+legacy_domains=()
+all_domains=("${domains[@]}" "${legacy_domains[@]}")
+
+# Whether to force update or not
+force_update=false
+echo "===== Force update domains: " $force_update " ====="
+
+# Loop through the domains and execute the commands for each one
+for domain in "${all_domains[@]}"
+do
+
+    # Issue the certificate using acme.sh
+	echo "====== Registering domain:" $domain " ======"
+	if $force_update ; then
+		/root/.acme.sh/acme.sh --force --issue --dns dns_cf --keylength 4096 -d "$domain" --server letsencrypt
+	else
+		/root/.acme.sh/acme.sh --issue --dns dns_cf --keylength 4096 -d "$domain" --server letsencrypt
+	fi
+
+done
+
+echo "===== Reloading firewall ====="
+service nginx reload 
+echo "===== Done ====="

roles/files/debian/setup/scripts/acme_scripts/duckdns.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Read DuckDNS_Token and ACME_Email from .env
+source ".env"
+
+/root/.acme.sh/acme.sh --upgrade --auto-upgrade
+/root/.acme.sh/acme.sh --register-account -m noehbernasol0@gmail.com
+
+# Array of main domains
+domains=("*.keannu1.duckdns.org" "keannu1.duckdns.org")
+legacy_domains=()
+all_domains=("${domains[@]}" "${legacy_domains[@]}")
+
+# Whether to force update or not
+force_update=false
+echo "===== Force update domains: " $force_update " ====="
+
+# Loop through the domains and execute the commands for each one
+for domain in "${all_domains[@]}"
+do
+
+    # Issue the certificate using acme.sh
+	echo "====== Registering domain:" $domain " ======"
+	if $force_update ; then
+		/root/.acme.sh/acme.sh --insecure --force --issue --dns dns_duckdns -d "$domain"
+	else
+		/root/.acme.sh/acme.sh --insecure --issue --dns dns_duckdns -d "$domain"
+	fi
+
+done
+
+echo "===== Reloading firewall ====="
+service nginx reload 
+echo "===== Done ====="

roles/files/debian/setup/scripts/backup.sh

@@ -0,0 +1,75 @@
+#!/bin/bash
+
+current_date=$(date "+%B %-d %Y%l:%M %p")
+
+env BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=yes
+env BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
+
+echo "Timestamp: $current_date"
+
+# Check if the required mount point exists
+if ! df -h | grep -q "^//255\.255\.255\.255/SAMBA-MOUNT.*\/mnt/backups$"; then
+    echo "Error: Required mount point //255.255.255.255/SAMBA-MOUNT not found or not mounted at /mnt/backups."
+    exit 1
+fi
+
+function backup() {
+	# $1 - Backup Name
+	# $2 - Directory
+	# $3 - Extras
+	
+	if [ "$1" == "" ] || [ "$2" == "" ]; then
+		echo "Missing arguments!"
+		exit
+	fi
+	
+	# Root backup directory
+	root_directory="/mnt/backups/"
+
+	echo "Starting backups for: $1"
+	
+	# Check if the backup directory exists
+	if [ ! -d "$root_directory/$1" ]; then
+		echo "Backup directory does not exist for $1. Initializing one"
+		borg init --encryption=none "$root_directory/$1"
+	else
+		echo "Backup directory already exists for $1"
+	fi
+	
+	borg create --stats --progress --compression lz4 "$root_directory/$1"::"$current_date" "$2" $3
+	echo "Cleaning old backups"
+	borg prune --stats "$root_directory/$1" -d 6
+	borg compact "$root_directory/$1"
+	echo "Backup for $1 finished"
+}
+
+## Docker Projects
+
+## Root Docker Projects Directory
+docker_projects="/mnt/nvme/files/docker projects/"
+
+# Sample Entry
+backup "sample" "$docker_projects/sample_project"
+
+## Non-Docker Directories
+
+# Bash Scripts
+backup "bash-scripts" "/root/scripts"
+
+# ACME
+backup "acme" "/root/.acme.sh" '--exclude "*.tmp"'
+
+# Crontab
+backup "cron" "/var/spool/cron/crontabs"
+
+# Nginx
+backup "nginx" "/etc/nginx" '--exclude "*.tmp"'
+
+# Syncthing
+backup "syncthing" "/root/.config/syncthing" '--exclude "*.tmp"'
+
+# Samba
+backup "samba" "/etc/samba"
+
+# Samba Credentials
+backup "samba_credentials" "/root/.samba"

roles/files/debian/setup/scripts/renew_ssl.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+scripts_directory="/root/scripts/acme_scripts"
+
+# Execute all .sh files in the directory
+for script in "$scripts_directory"/*.sh; do
+   echo "--Executing $script--"
+   bash "$script"
+done

roles/files/debian/setup/scripts/start_services.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+## Docker Projects
+
+# Root Docker Projects Directory
+docker_projects="/mnt/nvme/files/docker projects"
+
+# Sample Entry
+cd "$docker_projects/sample_project" && docker-compose down && docker-compose up -d
+
+## Non-Docker Projects
+
+# Syncthing
+systemctl start syncthing@root.service
+
+