#!/bin/bash -l # this is from distro-end pi kodi # based on https://wiki.debian.org/SecuringNFS # but the quota stuff is either outdated or optional, # i guessed that it was not needed and it worked fine. s dd of=/etc/sysctl.d/nfs-static-ports.conf <<'EOF' fs.nfs.nfs_callback_tcpport = 32764 fs.nfs.nlm_tcpport = 32768 fs.nfs.nlm_udpport = 32768 EOF s sysctl --system s $sed -ri -f - /etc/default/nfs-common <<'EOF' /^\s*STATDOPTS=/d $a STATDOPTS="--port 32765 --outgoing-port 32766" EOF s $sed -ri -f - /etc/default/nfs-kernel-server <<'EOF' /^\s*RPCMOUNTDOPTS=/d $a RPCMOUNTDOPTS="--manage-gids --port 32767" EOF ser restart nfs-kernel-server if [[ $HOSTNAME == kd ]]; then # persistent one time steps for webdav: # create persistent password, put it in ~/.kodi/userdata/advancedsettings.xml, # per http://kodi.wiki/view/MySQL/Sync_other_parts_of_Kodi # htpasswd -c /p/c/filesystem/etc/davpass dav # chmod 640 /p/c/filesystem/etc/davpass # in conflink, set group to www-data. # In kodi, i set the music source, server address: my domain, # path: k/music. Then copied the file # /p/c/subdir_files/.kodi/userdata/sources.xml to save that setting. s a2enmod dav dav_fs web-conf -r /a/c/playlists - apache2 dav.$HOME_DOMAIN <<'EOF' DAV On AuthType Basic AuthName "Authentication Required" AuthUserFile "/etc/davpass" Require valid-user # outside the standard /var/www, so use this: Order allow,deny Allow from all EOF s mkdir -p /var/www/davlock s chown www-data:www-data /var/www/davlock s sed -i "1i DavLockDB /var/www/davlock/davlock" /etc/apache2/sites-enabled/dav.$HOME_DOMAIN.conf ser reload apache2 teeu /etc/exports "/k/music *(ro,nohide,async,no_subtree_check,insecure)" exportfs -ra # kodi uses sqlite by default, but supports mysql. pi mariadb-server # see ofswiki.org for explanation. dbpass="$(cat /p/mysql-root-pass)" if ! echo exit|mysql -uroot "-p$dbpass"; then echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation fi mysql -uroot "-p$dbpass" <