iankelling.org Git - distro-setup/blob - disabled/kodi-setup

   1 #!/bin/bash
   2 # I, Ian Kelling, follow the GNU license recommendations at
   3 # https://www.gnu.org/licenses/license-recommendations.en.html. They
   4 # recommend that small programs, < 300 lines, be licensed under the
   5 # Apache License 2.0. This file contains or is part of one or more small
   6 # programs. If a small program grows beyond 300 lines, I plan to switch
   7 # its license to GPL.
   8
   9 # Copyright 2024 Ian Kelling
  10
  11 # Licensed under the Apache License, Version 2.0 (the "License");
  12 # you may not use this file except in compliance with the License.
  13 # You may obtain a copy of the License at
  14
  15 #     http://www.apache.org/licenses/LICENSE-2.0
  16
  17 # Unless required by applicable law or agreed to in writing, software
  18 # distributed under the License is distributed on an "AS IS" BASIS,
  19 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20 # See the License for the specific language governing permissions and
  21 # limitations under the License.
  22
  23
  24 # this is from distro-end
  25 if [[ -s ~/.bashrc ]];then . ~/.bashrc;fi
  26
  27 pi kodi
  28
  29 # based on https://wiki.debian.org/SecuringNFS
  30 # but the quota stuff is either outdated or optional,
  31 # i guessed that it was not needed and it worked fine.
  32 s dd of=/etc/sysctl.d/nfs-static-ports.conf <<'EOF'
  33 fs.nfs.nfs_callback_tcpport = 32764
  34 fs.nfs.nlm_tcpport = 32768
  35 fs.nfs.nlm_udpport = 32768
  36 EOF
  37 s sysctl --system
  38 s $sed -ri -f - /etc/default/nfs-common <<'EOF'
  39 /^\s*STATDOPTS=/d
  40 $a STATDOPTS="--port 32765 --outgoing-port 32766"
  41 EOF
  42
  43 s $sed -ri -f - /etc/default/nfs-kernel-server <<'EOF'
  44 /^\s*RPCMOUNTDOPTS=/d
  45 $a RPCMOUNTDOPTS="--manage-gids --port 32767"
  46 EOF
  47 ser restart nfs-kernel-server
  48
  49 if [[ $HOSTNAME == kd ]]; then
  50     # persistent one time steps for webdav:
  51     # create persistent password, put it in ~/.kodi/userdata/advancedsettings.xml,
  52     # per http://kodi.wiki/view/MySQL/Sync_other_parts_of_Kodi
  53     # htpasswd -c /p/c/filesystem/etc/davpass dav
  54     # chmod 640 /p/c/filesystem/etc/davpass
  55     # in conflink, set group to www-data.
  56     # In kodi, i set the music source, server address: my domain,
  57     # path: k/music. Then copied the file
  58     # /p/c/subdir_files/.kodi/userdata/sources.xml to save that setting.
  59     s a2enmod dav dav_fs
  60     web-conf -r /a/c/playlists - apache2 dav.$HOME_DOMAIN <<'EOF'
  61 <Directory /a/c/playlists>
  62     DAV On
  63   AuthType Basic
  64   AuthName "Authentication Required"
  65   AuthUserFile "/etc/davpass"
  66   Require valid-user
  67
  68 # outside the standard /var/www, so use this:
  69   Order allow,deny
  70   Allow from all
  71 </Directory>
  72 EOF
  73     s mkdir -p /var/www/davlock
  74     s chown www-data:www-data /var/www/davlock
  75     s sed -i "1i DavLockDB /var/www/davlock/davlock" /etc/apache2/sites-enabled/dav.$HOME_DOMAIN.conf
  76     ser reload apache2
  77
  78     teeu /etc/exports "/k/music *(ro,nohide,async,no_subtree_check,insecure)"
  79     exportfs -ra
  80
  81     # kodi uses sqlite by default, but supports mysql.
  82     pi mariadb-server
  83
  84     # see ofswiki.org for explanation.
  85     dbpass="$(cat /p/mysql-root-pass)"
  86     if ! echo exit|mysql -uroot "-p$dbpass"; then
  87         echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
  88     fi
  89     mysql -uroot "-p$dbpass" <<EOF
  90 GRANT ALL PRIVILEGES ON *.* TO 'kodi' IDENTIFIED BY '$(</p/mysql-kodi-pass)';
  91 EOF
  92     s sed -ri 's/^(\s*bind-address\s*=).*/\1 0.0.0.0/' /etc/mysql/mariadb.conf.d/50-server.cnf
  93     ser restart mariadb
  94
  95 fi