+++ /dev/null
-#!/bin/bash
-# I, Ian Kelling, follow the GNU license recommendations at
-# https://www.gnu.org/licenses/license-recommendations.en.html. They
-# recommend that small programs, < 300 lines, be licensed under the
-# Apache License 2.0. This file contains or is part of one or more small
-# programs. If a small program grows beyond 300 lines, I plan to switch
-# its license to GPL.
-
-# Copyright 2024 Ian Kelling
-
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-
-# http://www.apache.org/licenses/LICENSE-2.0
-
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-# this is from distro-end
-if [[ -s ~/.bashrc ]];then . ~/.bashrc;fi
-
-pi kodi
-
-# based on https://wiki.debian.org/SecuringNFS
-# but the quota stuff is either outdated or optional,
-# i guessed that it was not needed and it worked fine.
-s dd of=/etc/sysctl.d/nfs-static-ports.conf <<'EOF'
-fs.nfs.nfs_callback_tcpport = 32764
-fs.nfs.nlm_tcpport = 32768
-fs.nfs.nlm_udpport = 32768
-EOF
-s sysctl --system
-s $sed -ri -f - /etc/default/nfs-common <<'EOF'
-/^\s*STATDOPTS=/d
-$a STATDOPTS="--port 32765 --outgoing-port 32766"
-EOF
-
-s $sed -ri -f - /etc/default/nfs-kernel-server <<'EOF'
-/^\s*RPCMOUNTDOPTS=/d
-$a RPCMOUNTDOPTS="--manage-gids --port 32767"
-EOF
-ser restart nfs-kernel-server
-
-if [[ $HOSTNAME == kd ]]; then
- # persistent one time steps for webdav:
- # create persistent password, put it in ~/.kodi/userdata/advancedsettings.xml,
- # per http://kodi.wiki/view/MySQL/Sync_other_parts_of_Kodi
- # htpasswd -c /p/c/filesystem/etc/davpass dav
- # chmod 640 /p/c/filesystem/etc/davpass
- # in conflink, set group to www-data.
- # In kodi, i set the music source, server address: my domain,
- # path: k/music. Then copied the file
- # /p/c/subdir_files/.kodi/userdata/sources.xml to save that setting.
- s a2enmod dav dav_fs
- web-conf -r /a/c/playlists - apache2 dav.$HOME_DOMAIN <<'EOF'
-<Directory /a/c/playlists>
- DAV On
- AuthType Basic
- AuthName "Authentication Required"
- AuthUserFile "/etc/davpass"
- Require valid-user
-
-# outside the standard /var/www, so use this:
- Order allow,deny
- Allow from all
-</Directory>
-EOF
- s mkdir -p /var/www/davlock
- s chown www-data:www-data /var/www/davlock
- s sed -i "1i DavLockDB /var/www/davlock/davlock" /etc/apache2/sites-enabled/dav.$HOME_DOMAIN.conf
- ser reload apache2
-
- teeu /etc/exports "/k/music *(ro,nohide,async,no_subtree_check,insecure)"
- exportfs -ra
-
- # kodi uses sqlite by default, but supports mysql.
- pi mariadb-server
-
- # see ofswiki.org for explanation.
- dbpass="$(cat /p/mysql-root-pass)"
- if ! echo exit|mysql -uroot "-p$dbpass"; then
- echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
- fi
- mysql -uroot "-p$dbpass" <<EOF
-GRANT ALL PRIVILEGES ON *.* TO 'kodi' IDENTIFIED BY '$(</p/mysql-kodi-pass)';
-EOF
- s sed -ri 's/^(\s*bind-address\s*=).*/\1 0.0.0.0/' /etc/mysql/mariadb.conf.d/50-server.cnf
- ser restart mariadb
-
-fi
iankelling.org / git / distro-setup / blobdiff