add some files

compose/cstrike/configs/server.cfg

@@ -23,4 +23,4 @@ exec listip.cfg
 exec banned.cfg
 
 // password
-sv_password "hello there"
+sv_password "$PASSWORD"

compose/cstrike/configs/users.ini

@@ -51,4 +51,4 @@
 ; "My Name" "my_password" "abcdefghijklmnopqrstuv" "a"
 
 "loopback" "" "abcdefghijklmnopqrstuv" "de"
-"STEAM_0:0:618873848" "" "abcdefghijklmnopqrstuv" "ce"
+"$STEAMID" "" "abcdefghijklmnopqrstuv" "ce"

configs/Caddyfile

@@ -0,0 +1,94 @@
+# The Caddyfile is an easy way to configure your Caddy web server.
+#
+# Unless the file starts with a global options block, the first
+# uncommented line is always the address of your site.
+#
+# To use your own domain name (with automatic HTTPS), first make
+# sure your domain's A/AAAA DNS records are properly pointed to
+# this machine's public IP, then replace ":80" below with your
+# domain name.
+
+{
+	email im@fruw.org
+	acme_dns google_domains $API_KEY
+}
+
+vault.fruw.org {
+	reverse_proxy localhost:50000
+}
+
+mail.fruw.org {
+	reverse_proxy localhost:50001
+}
+
+matrix.fruw.org, matrix.fruw.org:8448 {
+	rewrite / /_matrix/static/
+	reverse_proxy /_matrix/* localhost:50003
+}
+
+git.fruw.org {
+	rewrite / /fruworg
+	reverse_proxy localhost:50005
+}
+
+turn.fruw.org {
+	#route / {
+		#exec /usr/local/bin/caddy.sh 3478
+	#}
+
+	#@available {
+	#     status 0
+	#}
+
+	#respond "whoa! eturnal server is runnig" 200 {
+	#     @available
+	#}
+
+	#respond "oops! eturnal server is not running" 503
+	respond "whoa! eturnal server is runnig" 200 
+}
+
+rclone.fruw.org {
+	reverse_proxy 127.0.0.1:53682
+	respond "nothing to auth" 404
+}
+
+cs.fruw.org {
+	respond "whoa! cstrike server is runnig" 200
+}
+
+doom.fruw.org {
+	#route / {
+		#exec /usr/local/bin/caddy.sh 10666
+	#}
+
+	#exec /usr/local/bin/caddy.sh 10666
+
+	#@available {
+	#     status 0
+	#}
+
+	#respond "whoa! doom2 server is runnig" 200 {
+	#     @available
+	#}
+
+	respond "oops! doom2 server is not running" 503
+}
+
+fs.fruw.org, http://fs.fruw.org {
+	root * /var/caddy
+	file_server browse
+}
+
+ip.fruw.org, http://ip.fruw.org {
+	templates
+	respond "{{.RemoteIP}}"
+}
+
+fruw.org, *.fruw.org {
+	respond "hello there"
+}
+
+# Refer to the Caddy docs for more information:
+# https://caddyserver.com/docs/caddyfile
+

scripts/backup.sh

@@ -0,0 +1,101 @@
+#!/bin/bash
+
+#
+# dump all
+#
+
+BACKUP_FOLDER="/var/backups/infrastructure"
+MEGA_FOLDER="/mnt/mega/backups"
+GDRIVE_FOLDER="/mnt/gdrive/backups"
+
+clean_old_backups() {
+  local CLEANED_FOLDER="$1"
+
+  for BACKUP_FILE in {/var/backups/infrastructure,/mnt/mega/backups}/*.tar.zst.gpg; do
+
+    BACKUP_DATE="$(echo $BACKUP_FILE | egrep -o [0-9]{2}-[0-9]{2}-[0-9]{4} | sed -e 's/-//g')"
+
+    # if january the first
+    if [ "${BACKUP_DATE:2:2}${BACKUP_DATE:0:2}" -eq "0101" ]; then
+      continue
+    fi
+
+    # if older than year
+    if [ "${BACKUP_DATE:4}" -lt "$DELETE_BY_YEAR" ]; then
+      rm "$BACKUP_FILE"
+      continue
+    fi
+
+    # if first day of month
+    if [ "${BACKUP_DATE:0:2}" -eq "01" ]; then
+      continue
+    fi
+
+    BACKUP_DATE_FORMATTED="${BACKUP_DATE:4}${BACKUP_DATE:2:2}${BACKUP_DATE:0:2}"
+
+    # if older than week
+    if [ "$BACKUP_DATE_FORMATTED" -lt "$DELETE_BY_DAYS" ]; then
+      rm "$BACKUP_FILE"
+    fi
+
+  done
+}
+
+copy_new_backups() {
+  local REMOTE_FOLDER="$1"
+  cp -r "$BACKUP_FOLDER/$(date '+%d-%m-%Y.tar.zst.gpg')" "$REMOTE_FOLDER"
+}
+
+rm -rf "$BACKUP_FOLDER/tmp" && mkdir "$_"
+
+mkdir "$BACKUP_FOLDER/tmp/sh/" && \
+  cp -r /usr/local/bin/{backup.sh,caddy.sh,update.sh} \
+  /etc/systemd/system/{backup,update}.{service,timer} "$_"
+
+mkdir "$BACKUP_FOLDER/tmp/caddy/" && \
+  cp -r /etc/caddy/Caddyfile "$_"
+
+mkdir "$BACKUP_FOLDER/tmp/pg/" && \
+  cp -r /etc/postgresql/15/main/{pg_hba.conf,postgresql.conf} "$_"
+
+mkdir "$BACKUP_FOLDER/tmp/rclone/" && \
+  cp -r /etc/systemd/system/rclone-{mega,gdrive}.service \
+  /root/.config/rclone/rclone.conf "$_"
+
+mkdir "$BACKUP_FOLDER/tmp/bashrc/" && cp ~/.bashrc "$_"
+mkdir "$BACKUP_FOLDER/tmp/ufw/" && cp -r /etc/ufw/* "$_"
+
+echo "configs have been successfully backuped"
+
+mkdir "$BACKUP_FOLDER/tmp/opt/" && \
+  cp -r /opt/* "$_"
+
+echo "compose files have been successfully backuped"
+
+sudo -i -u postgres pg_dumpall > "$BACKUP_FOLDER/tmp/pg/pg_dumpall.sql"
+
+echo "postgres have been successfully backuped"
+
+tar --zstd -cf "$BACKUP_FOLDER/$(date '+%d-%m-%Y.tar.zst')" \
+	-C "$BACKUP_FOLDER/tmp" . 2> /dev/null
+
+rm -rf "$BACKUP_FOLDER/tmp"
+
+gpg --batch --yes -e -r im@fruw.org "$BACKUP_FOLDER/$(date '+%d-%m-%Y.tar.zst')"
+rm "$BACKUP_FOLDER/$(date '+%d-%m-%Y.tar.zst')"
+
+echo "backup have been successfully encrypted"
+
+DELETE_BY_YEAR=$(date '+%Y' --date="-365 days")
+DELETE_BY_DAYS=$(date '+%Y%m%d' --date="-6 days")
+
+clean_old_backups "$BACKUP_FOLDER"
+# clean_old_backups "$GDRIVE_FOLDER"
+clean_old_backups "$MEGA_FOLDER"
+
+echo "backups have been successfully cleaned"
+
+# copy_new_backups "$GDRIVE_FOLDER"
+copy_new_backups "$MEGA_FOLDER"
+
+echo "backup have been successfully copied"

scripts/update.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+source /root/.bashrc
+
+# Iterate through all folders in /opt
+for FOLDER in /opt/*; do
+    if [ -d "$FOLDER" ]; then
+        echo "Processing folder: $FOLDER"
+
+        # Navigate into the folder
+        cd "$FOLDER" || continue
+
+        # Pull Docker Compose images
+        docker compose pull
+
+        # Bring up Docker Compose services in detached mode
+        docker compose up -d
+
+        # Return to the previous directory
+        cd -
+    fi
+done
+
+docker system prune -a -f

systemd/backup.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=Backup Service
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/backup.sh
+
+[Install]
+WantedBy=multi-user.target

systemd/backup.timer

@@ -0,0 +1,9 @@
+[Unit]
+Description=Daily Backup Timer
+
+[Timer]
+OnCalendar=*-*-* 03:00:00
+Unit=backup.service
+
+[Install]
+WantedBy=timers.target

systemd/update.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=Update Service
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/update.sh
+
+[Install]
+WantedBy=multi-user.target

systemd/update.timer

@@ -0,0 +1,9 @@
+[Unit]
+Description=Daily Update Timer
+
+[Timer]
+OnCalendar=*-*-* 03:30:00
+Unit=update.service
+
+[Install]
+WantedBy=timers.target