Seite 2 von 4

Bash legacy

Aktuelle ipv6 grep en und in conferierst einsetzten

#!/bin/bash

identifier="01:208:9bff:fec0:c4f4"

config="/etc/apache2/sites-enabled/005-antosch.conf"
ip6="/root/antoschip6.txt"

antoschip6=$(<"$ip6")

# antoschnow=`ping6 antosch6.dyndns.tv -c 1 | awk 'NR==2 {print substr($4, 0, length($4)-22)}'`
# antoschnow="$antoschnow""$identifier"

antoschnow=`grep -v "^f" /home/antosch/ipv6.txt | sed 's/.\{3\}$//'`

if [ "$antoschip6" != "$antoschnow" ]; then
sed -i s/"$antoschip6"/"$antoschnow"/g "$config"
echo "$antoschnow" > "$ip6"
/etc/init.d/apache2 restart 1> /dev/null
fi

mein ffmpeg VHS => mp4

ffmpeg -i $INPUT -vf "crop=688:552:12:10, yadif=1:-1:0, scale=734:552, hqdn3d, setdar=4/3" -c:v libx264 -crf 16 -r 50 -c:a aac -b:a 192k OUTPUT

ffmpeg -ss 00:00:10 -i $INPUT -frames 1 -vf "select=not(mod(n\,2400)),scale=480:360,tile=4x3" $OUTPUT.png
IFS=$'\n'; for mp3 in $(ls *.png); do ffmpeg -i $mp3 -vf scale=800:-1 -f jpg ${mp3}.jpg; done

Ubuntu redo apt

To clone your system to another system. Or make a backup. In terminal type:

dpkg --get-selections | grep -v deinstall > ubuntu-files

This command makes a file list of all installed packages in your system (and stores it in present working directory). Backup this file in hdd, email, etc…(this file is very small).

In the freshly installed ubuntu system run:

sudo dpkg --set-selections <./ubuntu-files (will set it up and)

apt-get -y update
apt-get dselect-upgrade

This will install only those packages you had installed (with apt-get) in the old system.

                                    (OR)

You could back up all the .deb packages from /var/cache/apt/archives/ and install them manually using:

dpkg -i *.deb

And after that running an update cycle later.

ssl lets encrypt mit plex

von https://forums.plex.tv/t/add-custom-ssl-certs-now-available-for-everyone-how-to/128684/2

I’m not familiar with pkcs#12.

PKCS#12 is an archive file format, in this case used to bundle your private key and certificates.

I however have been using Letsencrypt to get my free signed ssl certs for all my standalone and apache web servers. How can I use does certs in Plex?
Edit: Available cert files from Letsencrypt: cert.pem chain.pem fullchain.pem privkey.pem

You’ll have to create a .pfx file (the PKCS#12 archive) containing both the private key and certificates of your chain. This is done using OpenSSL commands in your terminal:

openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out archive.pfx -name "Name for Archive"

You’ll be prompted for a password, this password has to be filled in the Plex’ ‘Custom certificate encryption key’ field. I’m not sure if you had to password protect your private key upon Let’s Encrypt setup, you might be prompted for that as well.

After you’be obtained the .pfx file, store it on your media server computer (e.g. C:\SSL\archive.pfx). Then, occupy the ‘Custom certificate path’ field with the path to the file (C:\SSL\archive.pfx).

Last but not least, fill in the domain the certificate has been created for (e.g. plex.example.com 13).

A quick tip: in the ‘Remote Access’ setting, manually specify port 443 and update your router to point 443 external to 32400 internal. Then, for ‘Custom server access URLs’, fill in: https://plex.example.com:443 8.

You can now visit your custom SSL secured Plex domain using https://plex.example.com. Plex will do the rest. Try testing the domain outside your network the Plex server is hosted in, it might not work accessing the domain internally.

henkieraniDec ’15

I forgot to mention here:

Last but not least, fill in the domain the certificate has been created for (e.g. plex.example.com 7).
That was ment for the ‘Custom certificate domain’ field.

mein DNS mit Bind9 auf Ubuntu

Configs

server.amhang9.de -MASTER-
/etc/bind/named.conf.options

acl goodclients {
        localhost;
        localnets;
};

options {
	directory "/var/cache/bind";

	// If there is a firewall between you and nameservers you want
	// to talk to, you may need to fix the firewall to allow multiple
	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

	// If your ISP provided one or more IP addresses for stable 
	// nameservers, you probably want to use them as forwarders.  
	// Uncomment the following block, and insert the addresses replacing 
	// the all-0's placeholder.

	// forwarders {
	// 0.0.0.0;
	// };

	//========================================================================
	// If BIND logs error messages about the root key being expired,
	// you will need to update your keys.  See https://www.isc.org/bind-keys
	//========================================================================
//	dnssec-validation auto;

	auth-nxdomain no;    # conform to RFC1035
//	listen-on-v6 { any; };
	listen-on { 37.120.163.133; 
		127.0.0.1;				
};
	request-ixfr no;	
//	allow-query { goodclients; };
};


zone "tzsz.de" {
	type master;
        file "/var/lib/bind/db.tzsz.de";
	allow-transfer { 5.45.98.66; };
	also-notify { 5.45.98.66; };
};

zone "muc.mes" IN {
	type forward;
	forwarders {
	192.168.15.1;
    };
};

zone "ah9.mes" IN {
        type forward;
        forwarders {
        192.168.234.1;
    };
};

serv.amhang9.de -SLAVE-
/etc/bind/named.conf.options

acl goodclients {
        localhost;
        localnets;
};

options {
	directory "/var/cache/bind";

	// If there is a firewall between you and nameservers you want
	// to talk to, you may need to fix the firewall to allow multiple
	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

	// If your ISP provided one or more IP addresses for stable 
	// nameservers, you probably want to use them as forwarders.  
	// Uncomment the following block, and insert the addresses replacing 
	// the all-0's placeholder.

	// forwarders {
	// 0.0.0.0;
	// };

	//========================================================================
	// If BIND logs error messages about the root key being expired,
	// you will need to update your keys.  See https://www.isc.org/bind-keys
	//========================================================================
//        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
        listen-on { 5.45.98.66; 
		127.0.0.1;
};
	request-ixfr no;
//	allow-query { goodclients; };
};

zone "tzsz.de" {
        type slave;
        file "/var/cache/bind/db.tzsz.de";
	masters { 37.120.163.133; };
};


zone "muc.mes" IN {
        type forward;
        forwarders {
        192.168.15.1;
    };
};

zone "elip.mes" IN {
        type forward;
        forwarders {
        192.168.112.1;
    };
};

server.amhang9.de /var/lib/bind/db.tzsz.de

;
; BIND data file for local loopback interface
;
$TTL	3600
@	2560	IN	SOA	tzsz.de. root.tzsz.de. (
				     53		; Serial
				3600		; Refresh
				  3600		; Retry
				3600		; Expire
				 3600 )	; Negative Cache TTL
	3600	IN	A	37.120.163.133
@	3600	IN	MX	100 mxlb.ispgateway.de.
;
@	86400	IN	NS	server.amhang9.de.
@	86400	IN	NS	serv.amhang9.de.
@	3600	IN	A	37.120.163.133
@	3600	IN	AAAA	2a03:4000:6:3114::1
*	3600	IN	A	37.120.163.133
*	3600    IN      AAAA    2a03:4000:6:3114::1
foehn	3600	IN	AAAA	2001:4c50:14d:cb00:208:9bff:fed2:4777
ow	3600	IN	AAAA	2001:4c50:100:4:9c0a:bbbb:fbec:4416

Befehle

dig ANY amhang9.de @ns.namespace4you.de
dig ANY tzsz.de @server.amhang9.de

Dokus

http://www.zytrax.com/books/dns/
https://help.ubuntu.com/community/BIND9ServerHowto

SSL für QNAP NAS

(!) das ist es nicht mehr (!)

 

c&p von https://forum.qnapclub.de/thread/39039-howto-eigenes-zertifikat-mit-qnap-letsencrypt/

ACHTUNG:   souce PATH /etc/profile.d/python2.bash

[NAS Typ:] ARM / Intel
[Firmware:] 4.2.x
[Getestet:] ja – auf diversen Geräten
[Sonstige Modifikationen:] keine

In 5 Minuten zum eigenen Zertifikat mit „qnap-letsencrypt“ !!!
Eine TOP Alternative – getestet und funzt prima!!!

github.com/Yannik/qnap-letsencrypt
Weiterlesen