dragonlock2/matthewtran.com
1
0
Fork 0
mirror of https://github.com/dragonlock2/matthewtran.com.git synced 2025-10-11 20:17:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

auto advertisement of time machine shares

Browse Source
This commit is contained in:
Matthew Tran 2025-02-22 22:32:20 -08:00
parent ba62e62a59
commit 3fc2698db9
2 changed files with 67 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -44,7 +44,11 @@ Services deployed on [matthewtran.com](https://matthewtran.com).
## backup
Run `scripts/backup.py` and save the resultant `data.zip` somewhere. I should probably automate this.
Run `scripts/backup.py` and save the resultant `data.zip` somewhere. Also run the following commands for BTRFS maintenance. I should probably automate this.
```
btrfs device stats <mount>
btrfs scrub start -B <mount>
```
## security

83
scripts/setup_repo.py
View File

@ -1,10 +1,15 @@
#!/usr/bin/env python3
#!/usr/bin/sudo /usr/bin/python3
import json
import os
import shutil
import subprocess
import yaml
from pathlib import Path
if __name__ == "__main__":
override = {}
# create folders so containers have access
PATHS = {
"web": [
@ -25,34 +30,64 @@ if __name__ == "__main__":
for group in PATHS:
for p in PATHS[group]:
Path(p).mkdir(parents=True, exist_ok=True)
shutil.chown(p, group=group)
shutil.chown(p, user=os.getlogin(), group=group)
# add users to nas
users = json.load(open("nas/users.json", "r"))
with open("nas/users.sh", "w") as f:
file = Path("nas/users.json")
script = Path("nas/users.sh")
with script.open("w") as f:
if file.exists():
users = json.load(file.open())
for id, user in enumerate(users):
id = 3000 + id
f.write(f"groupadd -g {id} {user}\n")
f.write(f"useradd -M -s /bin/false -u {id} -g {id} {user}\n")
f.write(f"su - me -c 'echo \"{users[user]}\\n{users[user]}\\n\" | pdbedit -s smb.conf -a {user}'\n")
f.writelines(s + "\n" for s in [
f"groupadd -g {id} {user}",
f"useradd -M -s /bin/false -u {id} -g {id} {user}",
f"su - me -c 'echo \"{users[user]}\\n{users[user]}\\n\" | pdbedit -s smb.conf -a {user}'",
])
shutil.chown(script, user=os.getlogin(), group=os.getlogin())
# add volumes to nas
mounts = json.load(open("nas/mounts.json", "r"))
with open("compose.override.yml", "w") as f:
if mounts:
f.writelines(s + "\n" for s in [
"services:",
" nas:",
" volumes:",
] + [
f" - {mounts[m]}:/home/me/share/{m}" for m in mounts
])
# generate nas config
shutil.copyfile("nas/base.conf", "nas/smb.conf")
file = Path("nas/mounts.json")
serv = Path("/etc/avahi/services")
conf = Path("nas/smb.conf")
shutil.copyfile("nas/base.conf", conf)
shutil.chown(conf, user=os.getlogin(), group=os.getlogin())
for f in serv.glob("nas-*.service"):
f.unlink()
if file.exists():
mounts = json.load(file.open())
with open("nas/smb.conf", "a") as f:
if mounts:
for dest in mounts:
f.write(f"[{dest}]\n")
f.write(f"path = /home/me/share/{dest}\n")
for m in mounts:
f.write(f"[{m}]\n")
f.write(f"path = /home/me/share/{m}\n")
f.write("\n")
override.setdefault("services", {})["nas"] = {"volumes": [f"{mounts[m]}:/home/me/share/{m}" for m in mounts]}
for m in mounts:
with (serv / f"nas-{m}.service").open("w") as f:
f.writelines(s + "\n" for s in [
"<?xml version=\"1.0\" standalone='no'?>",
"<!DOCTYPE service-group SYSTEM \"avahi-service.dtd\">",
"<service-group>",
f" <name replace-wildcards=\"yes\">%h - {m}</name>",
" <service>",
" <type>_smb._tcp</type>",
" <port>445</port>",
" </service>",
" <service>",
" <type>_adisk._tcp</type>",
f" <txt-record>dk0=adVN={m},adVF=0x82</txt-record>",
" <txt-record>sys=waMa=0,adVF=0x100</txt-record>",
" </service>",
"</service-group>",
])
subprocess.run(["systemctl", "restart", "avahi-daemon"], check=True)
# generate compose override
file = Path("compose.override.yml")
if override:
with file.open("w") as f:
yaml.dump(override, f)
shutil.chown(file, user=os.getlogin(), group=os.getlogin())
else:
file.unlink(True)