li)
pi bind9
-
+ f=/var/lib/bind/db.b8.nz
+ if [[ ! -e $f ]]; then
+ ser stop bind9
+ rm -f $f.jnl
+ install -m 644 -o bind -g bind /p/c/machine_specific/li/bind-initial/db.b8.nz $f
+ ser restart bind9
+ fi
case $HOSTNAME in
li) domain=iankelling.org ;;
EOF
- vpn-server-setup -rd
+ # requested from linode via a support ticket.
+ # https://www.linode.com/docs/networking/an-overview-of-ipv6-on-linode/
+ # ipv6 stuff pieced together
+ # via slightly wrong information from
+ # https://github.com/angristan/openvpn-install/blob/master/openvpn-install.sh
+ # https://community.openvpn.net/openvpn/wiki/IPv6
+ # and man openvpn
+
+ vpn-server-setup -rd 2600:3c00:e000:280::1/64 2600:3c00::f03c:91ff:feb4:0bf3
s tee /etc/openvpn/client-config/mail <<'EOF'
ifconfig-push 10.8.0.4 255.255.255.0
+ifconfig-ipv6-push 2600:3c00:e000:280::2/64
EOF
if [[ -e /lib/systemd/system/openvpn-server@.service ]]; then
s dd of=/etc/apt/apt.conf.d/50unattended-upgrades <<EOF
# fyi: default file has comments about available options,
-# you may want to read that.
+# you may want to read that, do pkx unattended-upgrades
Unattended-Upgrade::Mail "root";
Unattended-Upgrade::MailOnlyOnError "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Origins-Pattern {
- # default is just security updates.
- "origin=*";
+ # default is just security updates. this list found from reading
+ # match_whitelist_string() in `which unattended-upgrades`
+ "o=*,l=*,a=*,c=*,site=*,n=*";
};
EOF