Faced recently storage shortage on a server again, so made my homework, its a Debian GNU/Linux 7.11 (wheezy)
An sqlite3 dump into a gzipped textfile shows an amazing size difference, that means without a reqular maintenance of the fail2ban database, the system may go low on free diskspace.
# du -hs fail2ban.sqlite3
2.5G fail2ban.sqlite3
| #!/usr/bin/bash | |
| # Here is a script to deploy cert to Hetzner Cloud API using hcloud command | |
| # | |
| # it requires the hcloud binary from | |
| # https://github.com/hetznercloud/cli | |
| # | |
| # it requires following environment variables: | |
| # | |
| # HCLOUD_API_TOKEN - this contains the token to the hcloud API |
| # Spamassassin sample rules to use Octopus RBL Monster https://octopusrbl.monster/ | |
| # gist by Gergely Nagy (https://gist.github.com/gnanet) 2024-11-13 | |
| # | |
| # | |
| # IMPORTANT NOTE | |
| # | |
| # Citing Octopus RBL (https://octopusrbl.monster/blocklist-use.html): | |
| # Small dns servers can use our blacklist for free. | |
| # High Volume servers (more than 100 requests per second) need monthly subscription. | |
| # |
| #!/bin/bash | |
| NVM_LATEST=$(curl https://api.github.com/repos/nvm-sh/nvm/releases/latest -s | grep "tag_name"| awk '{print substr($2, 2, length($2)-3) }') | |
| curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/${NVM_LATEST}/install.sh | bash | |
| export NVM_DIR="$HOME/.nvm" | |
| [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm | |
| [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" # This loads nvm bash_completion | |
| nvm install --lts node |
| #!/usr/bin/bash | |
| # Dotroll domain api | |
| # - api access values stored per domain, including migration from account stored values | |
| # - zone data is POST-ed to avoid "414 Request-URI Too Large" errors | |
| # | |
| # Initially export values Dotroll_User and Dotroll_Password | |
| # export Dotroll_User='<your.dotroll@user>'; export Dotroll_Password='<dotroll_api_password>'; acme.sh --issue --dns dns_dotroll -d <domain.tld> -d '*.<domain.tld>' | |
| # Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
| #!/bin/bash | |
| # | |
| # PushBullet API basic client for BASH | |
| # | |
| # needs some packages to run (available Debian Jessie and up) | |
| # apt -y install jq jshon curl | |
| # | |
| pbapi="" # PushBullet API token |
| #!/bin/bash | |
| # | |
| # Check if updated and self-signed ISRG Root X1 cert is present | |
| # then remove DST_Root_CA_X3 from trusted CA-s | |
| # lastly update combined ca-certificates.pem | |
| # | |
| if [ -f /usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt ]; then | |
| check_self_x1=$(openssl x509 -noout -text -in /usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt | grep Issuer | grep -E "CN\s*=\s*ISRG Root X1") |
| # one-liner to check if the server-provided certificates include the self-signed ISRG Root X1, or not. Just declare the hostname you want to check | |
| export hostname2check=""; export port2check="443"; check_self_x1=$(openssl s_client -CApath /etc/ssl/certs -servername "${hostname2check}" -connect "${hostname2check}:${port2check}" 2>&1 </dev/null | grep -E -A1 "s:.*CN\s*=\s*ISRG Root X1$" | grep -E "i:.*CN\s*=\s*ISRG Root X1$"); if [[ "x${check_self_x1}" == "x" ]]; then echo "You need to fix your intermediate chain, to present the self-signed X1"; else echo "GOOD, you already have the self-signed X1 in the intermediate chain"; fi; unset hostname2check; unset port2check |
| #!/bin/bash | |
| # | |
| # check_viber_deb.sh - Gergely Nagy (https://github.com/gnanet) 2019 | |
| # | |
| # This script is intended to check if an update to viber.deb may be available, | |
| # and automatically download latest viber.deb from viber.com | |
| # | |
| # You should run this script from cron | |
| # |
| # USEFUL PLESK COMMANDS | |
| # restart plesk | |
| /etc/init.d/psa restart | |
| # reload plesk configs (useful for vhost.conf) | |
| /usr/local/psa/admin/sbin/websrvmng -a -v | |
| # restart qmail | |
| service qmail restart |