Das Kommandozeilenwerkzeug install ist Bestandteil der GNU Coreutils und wurde speziell für das Installieren von Programmen, Skripten und Dateien entwickelt. Es vereint die Funktionen von cp, mkdir, chmod und chown in einem einzigen, leistungsstarken Befehl. Dies vereinfacht viele typische Aufgaben bei der Softwarebereitstellung.
syntax on " Enable syntax highlighting
set background=dark " Optimize color schemes for a dark background
au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal!
#!/bin/zsh
# Version 02.9
# Variables
NAMED_CONF_LOCAL="/etc/bind/named.conf.local"
CHECKZONE_CMD="named-checkzone"
# Function to parse zones and file paths
parse_zones() {
awk '/zone/ {gsub(/[\";]/, ""); zone=$2} /file/ {gsub(/[\";]/, ""); file=$2; print file}' "$NAMED_CONF_LOCAL"
}
# Main function
main() {
echo "Parsing $NAMED_CONF_LOCAL for zone files"
parse_zones | while read -r ZONE_FILE; do
if [ -z "$ZONE_FILE" ]; then
echo "No file specified for zone"
continue
fi
if [ -f "$ZONE_FILE" ]
#!/bin/zsh
# Version 01.0
# Script to test DNS zone propagation across ns1, ns2, and ns3
# Script Name: test_ns_zones.sh
# Variables
NS1="23.88.113.138"
NS2="116.202.112.180"
NS3="95.216.198.140"
# Check if a domain name argument is provided
if [ -z "$1" ]; then
echo "Usage: $0 <domain.tld>"
exit 1
fi
DOMAIN=$1
# Function to test a DNS query
function test_ns {
local NS=$1
echo "
=== Testing $DOMAIN on $NS ==="
dig @$NS $DOMAIN SOA +short
echo ""
echo "MX Record:"
dig @$NS $DOMAIN MX +short
echo ""
echo "A Record for mail.$DOMAIN:"
dig @$
#!/bin/zsh
# Version 01.0
# Script to add a new slave zone to /etc/bind/named.conf.local on ns2.dynproxy.net
# Script Name: bind_add_slave_zone.sh
# Variables
NAMED_CONF="/etc/bind/named.conf.local"
CACHE_DIR="/var/cache/bind"
# Check if a domain name argument is provided
if [ -z "$1" ]; then
echo "Usage: $0 <domain.tld>"
exit 1
fi
DOMAIN=$1
ZONE_FILE="$CACHE_DIR/db.$DOMAIN"
# Check if the zone configuration already exists
if grep -q "zone \"$DOMAIN\"" $NAMED_CONF; then
echo "Zone $DOMAIN already exists in $NAMED_CONF.
#!/bin/zsh
# Version 01.0
# Script to add a new slave zone to /etc/bind/named.conf.local on ns3.dynproxy.net
# Script Name: bind_add_slave_zone_ns3.sh
# Variables
NAMED_CONF="/etc/bind/named.conf.local"
CACHE_DIR="/var/cache/bind"
# Check if a domain name argument is provided
if [ -z "$1" ]; then
echo "Usage: $0 <domain.tld>"
exit 1
fi
DOMAIN=$1
ZONE_FILE="$CACHE_DIR/$DOMAIN.db"
# Check if the zone configuration already exists
if grep -q "zone \"$DOMAIN\"" $NAMED_CONF; then
echo "Zone $DOMAIN already exists in $NAMED_CONF.
#!/bin/zsh
# Version 01.0
# Script to add a new zone to /etc/bind/named.conf.local on ns1.dynproxy.net
# Script Name: bind_add_zone.sh
# Variables
NAMED_CONF="/etc/bind/named.conf.local"
ZONES_DIR="/etc/bind/zones"
# Check if a domain name argument is provided
if [ -z "$1" ]; then
echo "Usage: $0 <domain.tld>"
exit 1
fi
DOMAIN=$1
ZONE_FILE="$ZONES_DIR/db.$DOMAIN"
# Check if the zone file already exists
if [ -f "$ZONE_FILE" ]; then
echo "Zone file $ZONE_FILE already exists.
#!/bin/bash
# Script Version: 02
# Description: Drops all tables in a specified MySQL database. If only one argument is given, the user and database name will be the same.
# Check arguments
if [ $# -lt 1 ]; then
echo "Usage: $0 <DB_USER> [DB_NAME]"
exit 1
fi
# Assign arguments
DB_USER=$1
DB_NAME=${2:-$1} # If no second argument is provided, use the first as the database name.
# Prompt for password
read -sp "Enter MySQL password: " DB_PASS
echo
# Confirmation prompt
read -p "Are you sure you want to drop all tables in $DB_NAME?
#!/bin/zsh
# Script Version: 1.1
# Description: Create MySQL Database and User (same name) with generated password
# Set variables
DBNAME=$1
PASSWORD=""
LOG_FILE="/var/log/mysql_db_user_creation.log"
# Functions
ask_for_input() {
if [ -z "$DBNAME" ]; then
read "DBNAME?Enter the database and username: "
fi
}
generate_password() {
PASSWORD=$(openssl rand -base64 12)
}
create_db_and_user() {
echo "Creating MySQL Database and User..."
mysql -u root -p <<EOF
CREATE DATABASE IF NOT EXISTS \`$DBNAME\`;
CREATE USER IF NOT EXIS
# Add ./vendor/bin to PATH only if it exists
function update_vendor_bin_path() {
if [ -d "$PWD/vendor/bin" ]; then
export PATH="$PWD/vendor/bin:$PATH"
else
# Remove ./vendor/bin from PATH if no longer exists
PATH=$(echo "$PATH" | awk -v
#!/bin/bash
# Script Name: sendmail_test.sh
# Version: 03
# Description: This script sends a test email using sendmail. The recipient's email address is the first argument.
# It logs messages to the console only.
# Check if an argument (email address) is provided
if [ -z "$1" ]; then
TO="root"
else
TO="$1"
fi
# Email details
SUBJECT="Postfix Test"
FROM="$(whoami)@$(hostname)"
BODY="This is the email body!"
# Function to send email
send_email() {
if !
Warning: Database is older than source file /etc/aliases
newaliases postfix reload
DNS Standards
According to DNS standards (RFC 2181, Section 10.3), MX records should reference a domain name, not an IP address. The domain name should then resolve to an IP address via an A or AAAA record.
/^X-Spam-Level: \*{9,}/ REJECT Spam-Level over 10.
/^To: undisclosed-recipients:/ REJECT Please specify who your sending to.
/^To: Undisclosed recipients:/ REJECT Please specify who your sending to.
/^From:.*\@.*\.cn/ REJECT Sorry, Chinese mail not allowed here
/^From:.*\@.*\.kr/ REJECT Sorry, Korean mail not allowed here
/^From:.*\@.*\.tr/ REJECT Sorry, Turkish mail not allowed here
/^From:.*\@.*\.ru/ REJECT Sorry, Russian mail not allowed here
/^From:.*\@.*\.ro/
smtp inet n - y - - smtpd
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
# -o content_filter=spamassassin
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000?
#!/bin/bash
# =============================================================================
# Script Name: lxc_list_login.sh
# Version: 03
# Description: Lists LXC containers, checks their statuses, and allows login.
# =============================================================================
# Required commands
REQUIRED_CMDS=("lxc-ls" "lxc-info" "lxc-start" "lxc-attach")
# Check if required commands are available
for CMD in "${REQUIRED_CMDS[@]}"; do
if ! command -v "$CMD" &> /dev/null; then
echo "The command $CMD is not installed.
# These mailboxes are widely used and could perhaps be created automatically:
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Important {
auto = subscribe
special_use = \Important
}
mailbox Archive {
auto = subscribe
special_use = \Archive
}
#!/bin/zsh
# Script Version: 02
# Description: List available Borg backups in the specified repository
# Set variables
# ========
REPO1="ssh://"
BORG_PASSPHRASE_FILE="/root/.borg_passphrase"
# Functions
# ========
log_message() {
echo "$(date +"%Y-%m-%d %H:%M:%S") - $1"
}
# Main Process
# ========
log_message "Listing available backups in repository."
# Ensure Borg passphrase file is available
if [ -f "$BORG_PASSPHRASE_FILE" ]; then
export BORG_PASSPHRASE=$(<"$BORG_PASSPHRASE_FILE")
else
log_message "Borg passphrase file not found."
#!/usr/bin/zsh
# Script Version: 01
# Description: Script to obtain the public IP and post it to a server securely.
# Define the path to store the token
TOKEN_FILE="/root/scripts/token.txt"
LOG_FILE="/var/log/ipgetpost.log"
IP_URL="http://ip.dynproxy.net"
# Function to log messages
log_message() {
print "$(date): $1" >> "$LOG_FILE"
}
# Set umask to ensure files are created with the correct permissions
umask 077
# Check if the token file already exists, if not, generate a new token
if [ !
„Ich weiß, manche haben das geheime Superhelden-Talent 🦸♂️, zu nicken 👍, als hätten sie alles verstanden – selbst wenn das Gehirn 🧠 eigentlich im Schlafmodus 😴 ist. Falls das auf jemanden zutrifft, keine Sorge: Fragen ❓ sind hier die eigentliche Superkraft!“
#!/bin/bash
# Version: 1.0
# Description: This script lists all the archives in a Borg repository
set -euo pipefail
# Check if whiptail is installed
if ! command -v whiptail &> /dev/null; then
echo "whiptail is required but not installed.
WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. Being disabled, it can also cause failures without low memory condition, see https://github.com/jemalloc/jemalloc/issues/1328. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
#!/bin/bash
# v01
# List and check LXC containers
echo "Listing all LXC containers..."
CONTAINERS=($(lxc-ls -1))
# Check if there are any containers
if [[ ${#CONTAINERS[@]} -eq 0 ]]; then
echo "There are no LXC containers."
exit 1
fi
echo "Found ${#CONTAINERS[@]} container(s): ${CONTAINERS[@]}"
echo "----------------------------------"
# Loop over each container
for LXCHOSTNAME in "${CONTAINERS[@]}"; do
echo "Processing container: $LXCHOSTNAME"
# Stop the container
echo "Stopping container $LXCHOSTNAME..."
if !
namespace inbox {
# These mailboxes are widely used and could perhaps be created automatically:
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Important {
auto = subscribe
special_use = \Important
}
mailbox Archive {
auto = subscribe
special_use = \Archive
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
# For \Sent mailboxes there are two widely used nam
#!/bin/bash
# Script Version: 1.0
# Description: This script searches through BorgBackup archives for files matching a specific pattern.
set -euo pipefail
# Variables
HOSTNAME=$(hostname)
BORG_PASSPHRASE_FILE="$HOME/.borg_passphrase"
SSH_KEY="/root/.ssh/id_ed25519_$HOSTNAME"
REPO1=".at:/./borg"
LOG="/var/log/borg_find.log"
PATTERN="${1:-}" # File pattern to search for (provided as the first argument)
# Load Borg passphrase
if [ -f "$BORG_PASSPHRASE_FILE" ]; then
export BORG_PASSPHRASE=$(cat "$BORG_PASSPHRASE_FILE")
else
echo "Passphrase file not fou
#!/bin/bash
# =============================================================================
# Script Name: lxc_create_container.sh
# Version: 1.1
# Description: This script creates a new LXC container from a template, assigns
# a unique MAC address, updates the hostname and /etc/hosts file,
# and verifies internet access.
# =============================================================================
# Prompt for the new container hostname
read -e -p "LXCHOSTNAME: " LXCHOSTNAME
export LXCHOSTNAME
# Check if the template containe
#!/bin/bash
# Script Version: 1.2
# Description: Send a file via email to a specified recipient
# Set variables
EMAIL_SUBJECT="File Attachment"
EMAIL_BODY="Please find the attached file."
# Check if both email and file path are provided as arguments
if [ $# -ne 2 ]; then
echo "Usage: $0 recipient@example.com /path/to/your/file.gz"
exit 1
fi
RECIPIENT_EMAIL="$1"
ATTACHMENT_PATH="$2"
# Check if the file exists
if [ !
#!/bin/bash
# =============================================================================
# Script Name: f2b_status.sh
# Version: 1.6
# Description: This script retrieves and displays the status of all Fail2Ban
# jails, including error handling and logging.
# =============================================================================
# Log file path
LOG_FILE="/var/log/fail2ban-status.log"
# Function to log messages with timestamp
log_message() {
echo "$(date +"%Y-%m-%d %H:%M:%S") - $1" | tee -a "$LOG_FILE"
}
# Function to retrieve t
#!/bin/sh
# Version: 1.3
# Description: Update DNS blocklist and ensure script runs in the background
LOCKFILE="/var/run/dnsbl-ipset.lock"
LOGFILE="/var/log/dnsbl-ipset.log"
# Ensure the script runs in the background
if [ -z "$BACKGROUND" ]; then
BACKGROUND=true nohup "$0" "$@" >> $LOGFILE 2>&1 &
exit 0
fi
{
echo "[$(date)] Starting dnsbl-update script"
if [ !
#!/bin/bash
# =============================================================================
# Script Name: lxc_list_sed.sh
# Version: 1.10
# Description: This script lists all LXC containers, checks their statuses, and
# updates the SENDMAILTO field in /etc/logcheck/logcheck.conf for
# running containers.
#!/bin/bash
# =============================================================================
# Script Name: ipset_blacklist_reload.sh
# Version: 1.1
# Author: Andreas Fleckl
# Description: This script reloads an ipset with CIDR /24 network ranges from a
# specified file, including error handling and logging.
# =============================================================================
# Define your ipset name
IPSET_NAME="blacklist"
# Path to your list of IP network ranges, one per line
IP_LIST_PATH="/etc/firehol/blacklist.netset"
# Log fi
#!/bin/sh
# =============================================================================
# Script Name: dnsbl_stats.sh
# Version: 1.1
# Author: Andreas Fleckl
# Description: This script processes the DNSBL blacklist log, generates reports
# on IP addresses at different levels of granularity, and emails
# these reports.
#!/bin/zsh
# =============================================================================
# Script Name: f2b_check_ips.sh
# Version: 1.1
# Author: Andreas Fleckl
# Description: This script extracts and prints all banned IPs from Fail2Ban
# jails, with an option to filter IPs based on a search argument.
# Includes error handling and logging.
# =============================================================================
# Function to extract the list of jails
extract_jail_list() {
# Run fail2ban-client status and extract the
#!/bin/sh
# =============================================================================
# Script Name: hostname_update.sh
# Version: 1.1
# Author: Andreas Fleckl
# Description: This script retrieves the public IP address, performs a reverse
# DNS lookup, updates the system's hostname, and restarts the
# Postfix service.
#!/bin/bash
# =============================================================================
# Script Name: listmonk_create.sh
# Version: 1.1
# Author: Andreas Fleckl
# Description: This script sets up a new Listmonk instance with a unique
# configuration, database, and nginx setup.
#!/bin/sh
# =============================================================================
# Script Name: borg_backup_hetzner.sh
# Version: 1.2
# Author: Andreas Fleckl
# Description: This script performs backups using Borg to a Hetzner Storage Box.
# It reads directories to backup and exclude from specified files,
# handles logging, performs pruning of old backups, and sends
# notifications about the backup status.
# =============================================================================
# Backup repository loc
# We use ^~ here, so that we don't check other regexes (for speed-up). We actually MUST cancel
# other regex checks, because in our other config files have regex rule that denies access to files with dotted names.
location ^~ /.well-known/acme-challenge/ {
allow all;
# Set correct content type.
Mit diesen detaillierten Informationen kann die Herausforderung effektiv und zügig bewätligt werden.
Beschreibung des Problems
Präzisieren Sie das aufgetretene Problem. Geben Sie an, welche spezifischen Schwierigkeiten oder Fehler Sie während des Linux Debian Workshops erlebt haben.
Auszug von Log-Dateien
Falls das Problem mit bestimmten Anwendungsprotokollen oder Systemlogs in Verbindung steht, fügen Sie relevante Auszüge dieser Log-Dateien hinzu.
command is used to stop and remove containers, networks, and volumes defined in your `docker-compose.yml` file. If you run this command in the directory where your `docker-compose.yml` file is located, it will stop and remove the services.
Here's the basic usage:
docker-compose down
This will stop and remove the containers, networks, and volumes associated with your services.
If you want to also remove volumes, you can use the `-v` option:
command is used to list all "dangling" or unused images in your Docker environment. Dangling images are those that are not associated with any containers.
When you run this command, Docker will show you a list of images that are not associated with any containers. You can then decide whether to remove these dangling images using the `docker image prune` command.
If you want to remove dangling images, you can use the following command:
# "doveconf -n" command gives a clean output of the changed settings. Use it # instead of copy&pasting files when posting to the Dovecot mailing list.
# '#' character and everything after it is treated as comments. Extra spaces # and tabs are ignored. If you want to use either of these explicitly, put the # value inside quotes, eg.: key = "# char and trailing whitespace "
# Default VSZ (virtual memory size) limit for service processes. This is mainly # intended to catch and kill processes that leak memory before they eat up # everything. #default_vsz_limit = 256M
# Login user is internally used by login processes. This is the most untrusted # user in Dovecot system. It shouldn't have access to anything at all. #default_login_user = dovenull
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> ssl = yes
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf ssl_cert = </etc/letsencrypt/live/mail.bubuit.net/fullchain.pem ssl_key = </etc/letsencrypt/live/mail.bubuit.net/privkey.pem
# Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. # See also ssl=required setting. disable_plaintext_auth = no
A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and give instruction if neither of those authentication methods passes. Please be sure you have a DKIM and SPF set before using DMARC.
You do not have a DMARC record, please add a TXT record to your domain _dmarc.DOM.TLD with the following value:
