Update 2025-04-13_16:21:50

bind_add_slave_zone.sh

@@ -0,0 +1,42 @@
+#!/bin/zsh
+# Version 01.0
+# Script to add a new slave zone to /etc/bind/named.conf.local on ns2.dynproxy.net
+# Script Name: bind_add_slave_zone.sh
+
+# Variables
+NAMED_CONF="/etc/bind/named.conf.local"
+CACHE_DIR="/var/cache/bind"
+
+# Check if a domain name argument is provided
+if [ -z "$1" ]; then
+	echo "Usage: $0 <domain.tld>"
+	exit 1
+fi
+
+DOMAIN=$1
+ZONE_FILE="$CACHE_DIR/db.$DOMAIN"
+
+# Check if the zone configuration already exists
+if grep -q "zone \"$DOMAIN\"" $NAMED_CONF; then
+	echo "Zone $DOMAIN already exists in $NAMED_CONF. Aborting!"
+	exit 2
+fi
+
+# Append zone configuration to named.conf.local
+echo "Adding slave zone configuration for $DOMAIN to $NAMED_CONF"
+cat <<EOF >> $NAMED_CONF
+zone "$DOMAIN" {
+	type slave;
+	file "$ZONE_FILE";
+	masters { 23.88.113.138; };
+	allow-transfer { key "ns3-key"; };
+};
+EOF
+
+# Reload BIND configuration
+echo "Reloading BIND configuration"
+rndc reload
+
+# Success message
+echo "Slave zone for $DOMAIN has been added successfully"
+

calculate_bitrate.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+
+# Check if the folder is provided as an argument
+if [ -z "$1" ]; then
+  echo "Usage: $0 <folder_with_videos>"
+  exit 1
+fi
+
+VIDEO_FOLDER="$1"
+OUTPUT_FILE="bitrates.txt"
+TOTAL_BITRATE=0
+VIDEO_COUNT=0
+
+# Clear or create the output file
+> "$OUTPUT_FILE"
+
+# Function to get bitrate of a video in Mbps
+get_bitrate() {
+  local video_file="$1"
+  bitrate_kbps=$(ffprobe -v error -select_streams v:0 -show_entries stream=bit_rate -of default=noprint_wrappers=1:nokey=1 "$video_file" | head -n 1)
+  if [[ "$bitrate_kbps" =~ ^[0-9]+$ ]]; then
+    bitrate_mbps=$(echo "scale=2; $bitrate_kbps / 1000 / 1000" | bc)
+    echo "$bitrate_mbps"
+  else
+    echo "0"
+  fi
+}
+
+# Iterate through each video file in the folder
+for video_file in "$VIDEO_FOLDER"/*; do
+  if [ -f "$video_file" ]; then
+    bitrate=$(get_bitrate "$video_file")
+    echo "File: $video_file - Bitrate: ${bitrate} Mbps" | tee -a "$OUTPUT_FILE"
+    TOTAL_BITRATE=$(echo "$TOTAL_BITRATE + $bitrate" | bc)
+    ((VIDEO_COUNT++))
+  fi
+done
+
+# Calculate the average bitrate
+if [ "$VIDEO_COUNT" -gt 0 ]; then
+  AVERAGE_BITRATE=$(echo "scale=2; $TOTAL_BITRATE / $VIDEO_COUNT" | bc)
+  echo "Average Bitrate: $AVERAGE_BITRATE Mbps" | tee -a "$OUTPUT_FILE"
+else
+  echo "No video files found in the specified folder." | tee -a "$OUTPUT_FILE"
+fi
+

dnsbl.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+cat /var/log/dnsbl-ipset/blacklist.log | cut  -d ' ' -f1 | sort | uniq -c  | sort -nr | mail -s "dnsbl blacklist.log 32 weekly Report `date`" srvlogz@bubuit.net
+cat /var/log/dnsbl-ipset/blacklist.log | cut  -d ' ' -f1 | awk -F\. '{print $1"."$2"."$3"."}' | sort | uniq -c  | sort -nr | mail -s "dnsbl blacklist.log 24 weekly Report `date`" srvlogz@bubuit.net
+cat /var/log/dnsbl-ipset/blacklist.log | cut  -d ' ' -f1 | awk -F\. '{print $1"."$2"."}' | sort | uniq -c  | sort -nr | mail -s "dnsbl blacklist.log 16 weekly Report `date`" srvlogz@bubuit.net
+rm /var/log/dnsbl-ipset/blacklist.log  

f2b-c_s-div.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+F2BRULES="recidive sshd"
+echo $F2BRULES
+
+for i in $F2BRULES; do
+  echo $i
+  fail2ban-client status $i 
+  echo ""
+done

f2b-c_s-drupal.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+F2BRULES="apache-badbots drupal-auth"
+echo $F2BRULES
+
+for i in $F2BRULES; do
+  echo $i
+  fail2ban-client status $i 
+  echo ""
+done

f2b-c_s-mail.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+F2BRULES="dovecot dovecot-pop3impap postfix-flood-attack postfix-rbl postfix postfix-sasl"
+echo $F2BRULES
+
+for i in $F2BRULES; do
+  echo $i
+  fail2ban-client status $i 
+  echo ""
+done

f2b-c_s-proxy.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+F2BRULES="nginx-401 nginx-http-auth nginx-nohome nginx-noproxy nginx-noscript"
+echo $F2BRULES
+
+for i in $F2BRULES; do
+  echo $i
+  fail2ban-client status $i 
+  echo ""
+done

f2b-ip.sh

@@ -0,0 +1,53 @@
+#!/bin/zsh
+
+# Function to extract the list of jails
+extract_jail_list() {
+    # Run fail2ban-client status and extract the jail list
+    JAIL_LIST=$(fail2ban-client status | awk -F'\t' '/Jail list/ {print $2}' | tr ',' '\n' | tr -d ' ')
+
+    # Check if jail list is empty
+    if [[ -z "$JAIL_LIST" ]]; then
+        echo "No jails found."
+        return 1
+    fi
+
+    echo "$JAIL_LIST"
+    return 0
+}
+
+# Function to extract and print all banned IPs
+extract_and_print_all_banned_ips() {
+    JAIL_LIST=$(extract_jail_list)
+    if [[ $? -ne 0 ]]; then
+        return 1
+    fi
+
+    ALL_BANNED_IPS=""
+
+    for JAIL in ${(f)JAIL_LIST}; do
+        STATUS_OUTPUT=$(fail2ban-client status $JAIL)
+        
+        # Extract the banned IPs
+        BANNED_IP_LIST=$(echo "$STATUS_OUTPUT" | grep -oP '(?<=Banned IP list:\t).*')
+        if [[ -n "$BANNED_IP_LIST" ]]; then
+            ALL_BANNED_IPS+="$BANNED_IP_LIST "
+        fi
+    done
+
+    # Print all found IPs
+    echo "$ALL_BANNED_IPS" | tr ' ' '\n'
+}
+
+# Function to filter the IPs based on the provided argument
+filter_ips() {
+    SEARCH_IP=$1
+    extract_and_print_all_banned_ips | grep "$SEARCH_IP"
+}
+
+# Main execution
+if [[ $# -gt 0 ]]; then
+    filter_ips $1
+else
+    extract_and_print_all_banned_ips
+fi
+

f2b-jails.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+for i in dovecot dovecot-pop3impap nginx-401 nginx-http-auth nginx-nohome nginx-noproxy nginx-noscript postfix postfix-flood-attack postfix-rbl postfix-sasl recidive sshd 
+do
+	echo " " 
+	fail2ban-client status $i
+	echo " " 
+done

f2b-status.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+list=$(fail2ban-client status | grep list | cut -d ":" -f2 | tr -d ',')
+
+for i in $list; do
+	fail2ban-client status $i
+done

firehol-reload-netset-blacklist.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+# Define your ipset name
+IPSET_NAME="blacklist"
+
+# Path to your list of IP network ranges, one per line
+IP_LIST_PATH="/etc/firehol/blacklist.netset"
+
+# Function to check if a string is a CIDR network range specifically for /24
+is_cidr_24() {
+    local CIDR=$1
+    if [[ $CIDR =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/24$ ]]; then
+        return 0 # True
+    else
+        return 1 # False
+    fi
+}
+
+# Clear the existing ipset
+ipset flush "$IPSET_NAME"
+
+# Repopulate the ipset
+while IFS= read -r LINE; do
+    # Skip empty lines and lines starting with #
+    [[ -z "$LINE" ]] || [[ "$LINE" =~ ^# ]] && continue
+    
+    if is_cidr_24 "$LINE"; then
+        # It's a CIDR /24 network range, add to blacklist
+        ipset add "$IPSET_NAME" "$LINE" 2>/dev/null
+    else
+        echo "Skipping unrecognized format: $LINE"
+    fi
+done < "$IP_LIST_PATH"
+
+echo "Ipset $IPSET_NAME reloaded with networks from $IP_LIST_PATH"
+

gitea_push.sh

@@ -0,0 +1,219 @@
+#!/bin/zsh
+# Script Version: 1.5
+# Description: Pushes the current folder (e.g. /etc) to a nested Gitea repo using provided nesting arguments. Auto-creates the remote repo via Gitea API if missing.
+
+# Set variables
+# ========
+
+# Try to extract GITEA_API_TOKEN from ~/.gitea_token if not set
+if [ -z "$GITEA_API_TOKEN" ] && [ -f "$HOME/.gitea_token" ]; then
+  GITEA_API_TOKEN=$(<"$HOME/.gitea_token")
+  export GITEA_API_TOKEN
+fi
+
+GITEA_USER=$(awk '{for(i=1;i<=NF;i++) if($i=="login") print $(i+1)}' ~/.netrc | head -n1)
+if [ -z "$GITEA_USER" ]; then
+  echo "[ERROR] No login found in ~/.netrc"
+  exit 1
+fi
+
+GITEA_URL="https://$(awk '{for(i=1;i<=NF;i++) if($i=="machine") print $(i+1)}' ~/.netrc | head -n1)"
+if [ -z "$GITEA_URL" ]; then
+  echo "[ERROR] No URL found in ~/.netrc"
+  exit 1
+fi
+GITEA_API_URL="$GITEA_URL/api/v1"
+
+PRIVATE=false
+DEBUG=false
+COMMIT_MESSAGE="Update $(date +"%F_%T")"
+
+# Logging function
+# ========
+log() {
+  local level="$1"; shift
+  if [[ "$level" == "DEBUG" && "$DEBUG" != true ]]; then return; fi
+  local color_reset="$(tput sgr0)"
+  local color=""
+  case "$level" in
+    INFO) color="$(tput setaf 2)" ;;    # green
+    WARNING) color="$(tput setaf 3)" ;; # yellow
+    ERROR) color="$(tput setaf 1)" ;;   # red
+    DEBUG) color="$(tput setaf 4)" ;;   # blue
+  esac
+  echo "${color}[$level] $*${color_reset}"
+}
+
+# Functions
+# ========
+create_repo() {
+  log INFO "Repository does not exist. Creating via API: $REMOTE_PATH"
+  log DEBUG "POST $GITEA_API_URL/user/repos with name=$REMOTE_PATH and private=$PRIVATE"
+  RESPONSE=$(curl -s -X POST \
+    -H "Authorization: token $GITEA_API_TOKEN" \
+    -H "Content-Type: application/json" \
+    -d "{\"name\": \"$FOLDER_NAME\", \"private\": $PRIVATE}" \
+    "$GITEA_API_URL/user/repos")
+
+  if echo "$RESPONSE" | grep -q '"clone_url"'; then
+    log INFO "Remote repository created successfully."
+    HTTP_STATUS=200
+  else
+    log ERROR "Failed to create remote repository: $RESPONSE"
+    exit 1
+  fi
+}
+
+prepare_commit() {
+  git add .
+  if git diff --quiet HEAD && ! git rev-parse --verify HEAD >/dev/null 2>&1; then
+    log INFO "Creating initial commit"
+    git commit -m "$COMMIT_MESSAGE"
+  elif ! git diff --quiet HEAD; then
+    log INFO "Committing changes"
+    git commit -m "$COMMIT_MESSAGE"
+  else
+    log INFO "Nothing to commit"
+  fi
+}
+
+setup_remote() {
+  if git remote | grep -q '^origin$'; then
+    log INFO "Updating remote origin URL"
+    git remote set-url origin "$GIT_REMOTE"
+  else
+    log INFO "Adding remote origin"
+    git remote add origin "$GIT_REMOTE"
+  fi
+}
+
+push_changes() {
+  log INFO "Pushing to $GIT_REMOTE"
+  git push -u origin main
+}
+
+# Show help if no arguments are given
+# ========
+if [ $# -eq 0 ]; then
+  echo "GITEA_API_TOKEN=<your token>"
+  echo "Usage: $0 [--private] [--debug] [--message \"your commit message\"] <host_group>"
+  echo "Example: $0 server"
+  echo "         $0 --private workstation"
+  echo "         $0 --debug server"
+  echo "         $0 --message \"minor update\" server"
+  echo
+  echo "Note: You must cd into the target folder before running this script."
+  echo "For example:"
+  echo "  cd /etc && $0 server"
+  echo
+  echo "Authentication:"
+  echo "  Git operations (clone, push, pull) use ~/.netrc with your Git password:" 
+  echo "    machine \$(echo \"$GITEA_URL\" | sed 's|https\?://||') login $GITEA_USER password \"<your Git password>\""
+  echo "    chmod 600 ~/.netrc"
+  echo
+  echo "  API operations (e.g. creating repos) use a Personal Access Token stored in ~/.gitea_token"
+  echo "    echo \"<your_token>\" > ~/.gitea_token && chmod 600 ~/.gitea_token"
+  exit 0
+fi
+
+# Parse arguments
+# ========
+POSITIONAL_ARGS=()
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --private)
+      PRIVATE=true
+      shift
+      ;;
+    --debug)
+      DEBUG=true
+      shift
+      ;;
+    --message)
+      COMMIT_MESSAGE="$2"
+      shift 2
+      ;;
+    *)
+      POSITIONAL_ARGS+=("$1")
+      shift
+      ;;
+  esac
+done
+
+set -- "${POSITIONAL_ARGS[@]}"
+
+if [[ $# -ne 1 ]]; then
+  echo "Usage: $0 [--private] [--debug] [--message \"your commit message\"] <host_group>"
+  exit 1
+fi
+
+HOST_GROUP=$(echo "$1" | tr '[:upper:]' '[:lower:]' | tr -cd 'a-z0-9-')
+HOST_NAME=$(hostname -s | tr '[:upper:]' '[:lower:]' | tr -cd 'a-z0-9-')
+FOLDER_NAME="${HOST_NAME}-${HOST_GROUP}-$(basename "$PWD")"
+REPO_PATH="$PWD"
+REMOTE_PATH="$FOLDER_NAME"
+GIT_REMOTE="$GITEA_URL/$GITEA_USER/$FOLDER_NAME.git"
+
+# Git authentication hint
+log DEBUG "Ensure ~/.netrc has: machine <host> login $GITEA_USER password <your Git password>"
+
+# Check or create remote repo
+check_or_create_repo() {
+  if [ -z "$GITEA_API_TOKEN" ]; then
+    log WARNING "GITEA_API_TOKEN is not set. Skipping API repo creation."
+    return
+  fi
+
+  HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
+    -H "Authorization: token $GITEA_API_TOKEN" \
+    "$GITEA_API_URL/repos/$GITEA_USER/$FOLDER_NAME")
+
+  if [ "$HTTP_STATUS" -ne 200 ]; then
+    create_repo
+  else
+    log INFO "Remote repository already exists."
+  fi
+}
+
+
+check_or_create_repo
+
+# Main Process
+# ========
+
+# Safety check against pushing from / or $HOME
+if [[ "$PWD" == "$HOME" || "$PWD" == "/" ]]; then
+  log ERROR "Refusing to run inside \$PWD=$PWD"
+  exit 1
+fi
+log INFO "Pushing $REPO_PATH to $GIT_REMOTE"
+cd "$REPO_PATH" || { log ERROR "Directory $REPO_PATH not found"; exit 1; }
+
+# Initialize git if needed
+# Branch is fixed to 'main' for simplicity and consistency
+if [ ! -d .git ]; then
+  log INFO "Initializing Git repo"
+  git init
+  git config init.defaultBranch main
+  git checkout -b main
+else
+  log DEBUG ".git directory already present"
+fi
+
+# Ensure at least one commit exists
+prepare_commit
+
+# Set or update remote
+if [ "$HTTP_STATUS" -eq 200 ]; then
+  setup_remote
+else
+  log WARNING "Skipping remote setup – repository does not exist."
+fi
+
+# Push to remote
+if [ "$HTTP_STATUS" -eq 200 ]; then
+  push_changes
+else
+  log WARNING "Skipping push – repository does not exist."
+fi
+

ipinipset.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+IPSETS=$(ipset list -n| sort)
+
+for i in $IPSETS; do
+  echo $i
+  ipset list $i | grep "^$1"
+#  echo ""
+done

listen_change.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+# Script Version: 01
+# Description: Replaces 'listen 443 ssl' with 'listen 80' in Nginx configuration files under /etc/nginx/sites-enabled/
+
+# Directory containing Nginx site configurations
+CONFIG_DIR="/etc/nginx/sites-enabled"
+
+# Iterate over each file in the configuration directory
+for FILE in "$CONFIG_DIR"/*; do
+  # Check if the file is a regular file
+  if [ -f "$FILE" ]; then
+    # Replace 'listen 443 ssl' with 'listen 80'
+    sed -i 's/listen 443 ssl;/listen 80;/g' "$FILE"
+  fi
+done
+
+# Test Nginx configuration
+nginx -t
+
+# Check if the configuration test was successful
+if [ $? -eq 0 ]; then
+  # Reload Nginx to apply changes
+  systemctl reload nginx
+  echo "Nginx reloaded successfully."
+else
+  echo "Nginx configuration test failed. Please check the configuration files."
+fi
+

lxc-ai-package.sh

@@ -0,0 +1,59 @@
+#!/bin/bash
+
+# Check if a package name is provided
+if [ -z "$1" ]; then
+  echo "Usage: $0 <package_name>"
+  exit 1
+fi
+
+PACKAGE_NAME="$1"
+
+# Function to log messages with timestamp
+log_message() {
+  echo "$(date +"%Y-%m-%d %H:%M:%S") - $1"
+}
+
+# Function to check if a container is running
+is_container_running() {
+  local container=$1
+  lxc-info -n "$container" | grep -q 'RUNNING'
+}
+
+# List all running Linux containers
+containers=$(lxc-ls -f G RUNNING | awk 'NR>1 {print $1}')
+
+# Install the package inside each container
+install_package_in_container() {
+  local container=$1
+  local package=$2
+  
+  if is_container_running "$container"; then
+    log_message "Installing $package in container: $container"
+
+    lxc-attach -n "$container" -- apt update > /tmp/${container}_apt_update.log 2>&1
+    if [[ $? -ne 0 ]]; then
+      log_message "Failed to update APT in container: $container. Check /tmp/${container}_apt_update.log for details."
+      return 1
+    fi
+
+    lxc-attach -n "$container" -- apt install -y "$package" > /tmp/${container}_apt_install_${package}.log 2>&1
+    if [[ $? -ne 0 ]]; then
+      log_message "Failed to install $package in container: $container. Check /tmp/${container}_apt_install_${package}.log for details."
+      return 1
+    fi
+
+    log_message "Successfully installed $package in container: $container"
+  else
+    log_message "Container $container is not running. Skipping."
+  fi
+}
+
+export -f log_message
+export -f is_container_running
+export -f install_package_in_container
+
+# Process each container in parallel
+echo "$containers" | xargs -I{} -n1 -P4 bash -c 'install_package_in_container "{}" "$PACKAGE_NAME"' _ "$PACKAGE_NAME"
+
+log_message "All containers have been processed."
+

lxc-create.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+
+LXCHOSTNAME=drupal24
+
+lxc-stop -n drupal10
+lxc-copy -n drupal10 -N $LXCHOSTNAME
+
+# Funktion zur Generierung einer einzigartigen MAC-Adresse
+generate_unique_hwaddr() {
+    local hwaddr
+    local existing_hwaddrs
+    while : ; do
+        hwaddr=$(printf '00:16:3e:%02x:%02x:%02x\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
+        existing_hwaddrs=$(grep "lxc.net.0.hwaddr" /var/lib/lxc/*/config | grep "$hwaddr")
+        if [ -z "$existing_hwaddrs" ]; then
+            # MAC-Adresse ist einzigartig
+            echo "$hwaddr"
+            return
+        fi
+    done
+}
+
+# Generiere eine einzigartige MAC-Adresse
+NEW_HWADDR=$(generate_unique_hwaddr)
+
+# Pfad zur LXC-Konfigurationsdatei
+CONFIG_FILE="/var/lib/lxc/$LXCHOSTNAME/config"
+
+# Ersetze die existierende hwaddr Zeile
+sed -i "/^lxc.net.0.hwaddr/c\lxc.net.0.hwaddr = $NEW_HWADDR" "$CONFIG_FILE"
+
+#echo "MAC-Adresse in $CONFIG_FILE auf $NEW_HWADDR aktualisiert."
+
+lxc-start -n drupal10 

lxc-hwaddr.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+# Funktion zur Generierung einer einzigartigen MAC-Adresse
+generate_unique_hwaddr() {
+    local hwaddr
+    local existing_hwaddrs
+    while : ; do
+        hwaddr=$(printf '00:16:3e:%02x:%02x:%02x\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
+        existing_hwaddrs=$(grep "lxc.net.0.hwaddr" /var/lib/lxc/*/config | grep "$hwaddr")
+        if [ -z "$existing_hwaddrs" ]; then
+            # MAC-Adresse ist einzigartig
+            echo "$hwaddr"
+            return
+        fi
+    done
+}
+
+# Generiere eine einzigartige MAC-Adresse
+NEW_HWADDR=$(generate_unique_hwaddr)
+
+grep "lxc.net.0.hwaddr" /var/lib/lxc/*/config | awk '{print $3}'
+echo "$NEW_HWADDR new hwaddr"
+

lxc_create.sh

@@ -0,0 +1,65 @@
+#!/bin/bash
+
+read -e -p "LXCHOSTNAME: " LXCHOSTNAME
+export LXCHOSTNAME
+
+# Stop the template container
+lxc-stop -n template
+
+# Copy the template to create a new container with the given hostname
+lxc-copy -n template -N "$LXCHOSTNAME"
+
+# Function to generate a unique MAC address
+generate_unique_hwaddr() {
+    local hwaddr
+    local existing_hwaddrs
+    while : ; do
+        hwaddr=$(printf '00:16:3e:%02x:%02x:%02x\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
+        existing_hwaddrs=$(grep "lxc.net.0.hwaddr" /var/lib/lxc/*/config | grep "$hwaddr")
+        if [ -z "$existing_hwaddrs" ]; then
+            # MAC address is unique
+            echo "$hwaddr"
+            return
+        fi
+    done
+}
+
+# Generate a unique MAC address
+NEW_HWADDR=$(generate_unique_hwaddr)
+
+# Path to the LXC configuration file
+CONFIG_FILE="/var/lib/lxc/$LXCHOSTNAME/config"
+
+# Replace the existing hwaddr line
+sed -i "/^lxc.net.0.hwaddr/c\lxc.net.0.hwaddr = $NEW_HWADDR" "$CONFIG_FILE"
+
+echo "MAC address in $CONFIG_FILE updated to $NEW_HWADDR."
+
+# Start the new container
+lxc-start -n "$LXCHOSTNAME"
+
+# Wait for the container to start
+sleep 5
+
+# Change the hostname inside the container
+lxc-attach -n "$LXCHOSTNAME" -- bash -c "echo '$LXCHOSTNAME' > /etc/hostname"
+lxc-attach -n "$LXCHOSTNAME" -- hostname "$LXCHOSTNAME"
+
+# Update /etc/hosts
+lxc-attach -n "$LXCHOSTNAME" -- bash -c "echo '127.0.0.1 $LXCHOSTNAME' >> /etc/hosts"
+
+# Ensure the container has internet access (optional, check and adjust if needed)
+lxc-attach -n "$LXCHOSTNAME" -- ping -c 4 google.com
+echo
+
+# Stop and restart the container
+lxc-stop -n "$LXCHOSTNAME"
+lxc-start -n "$LXCHOSTNAME"
+
+# Display the MAC addresses to verify the changes
+grep lxc.net.0.hwaddr /var/lib/lxc/*/config
+
+# Wait and list containers to ensure they are running
+sleep 9
+lxc-ls -f
+

lxc_list_login.sh

@@ -0,0 +1,83 @@
+#!/bin/bash
+# =============================================================================
+# Script Name: lxc_list_login.sh
+# Version: 1.2
+# Description: Lists LXC containers, checks their statuses, and allows login.
+# =============================================================================
+
+# Required commands
+REQUIRED_CMDS=("lxc-ls" "lxc-info" "lxc-start" "lxc-attach")
+
+# Check if required commands are available
+for CMD in "${REQUIRED_CMDS[@]}"; do
+    if ! command -v "$CMD" &> /dev/null; then
+        echo "The command $CMD is not installed. Please install it and try again."
+        exit 1
+    fi
+done
+
+# List and check LXC containers
+echo "List of all LXC containers:"
+CONTAINERS=($(lxc-ls -f | awk 'NR>1 && $1 != "" {print $1}'))
+
+# Check if there are any containers
+if [[ ${#CONTAINERS[@]} -eq 0 ]]; then
+    echo "There are no LXC containers."
+    exit 1
+fi
+
+# Display containers and their status
+printf "\n%-5s %-20s %-10s\n" "Index" "Container Name" "Status"
+echo "------------------------------------------"
+for (( I=0; I<${#CONTAINERS[@]}; I++ )); do
+    LXCHOSTNAME="${CONTAINERS[$I]}"
+    if [[ -n "$LXCHOSTNAME" ]]; then
+        STATUS=$(lxc-info --name="$LXCHOSTNAME" | grep "State" | awk '{print $2}')
+        printf "%-5d %-20s %-10s\n" "$I" "$LXCHOSTNAME" "$STATUS"
+    fi
+done
+
+# Prompt user to select a container
+read -p "Select a container to log in (0-$(( ${#CONTAINERS[@]} - 1 ))): " SELECTION
+
+# Validate selection
+if [[ $SELECTION =~ ^[0-9]+$ ]] && [[ $SELECTION -ge 0 && $SELECTION -lt ${#CONTAINERS[@]} ]]; then
+    LXCHOSTNAME="${CONTAINERS[$SELECTION]}"
+    STATUS=$(lxc-info --name="$LXCHOSTNAME" | grep "State" | awk '{print $2}')
+    
+    if [[ $STATUS == "STOPPED" ]]; then
+        read -p "Container $LXCHOSTNAME is stopped. Do you want to start it? (y/n) " START_SELECTION
+        if [[ $START_SELECTION == "y" ]]; then
+            echo "Starting the container $LXCHOSTNAME..."
+            if lxc-start --name="$LXCHOSTNAME"; then
+                echo "Container $LXCHOSTNAME has been started."
+                for i in {1..10}; do
+                    STATUS=$(lxc-info --name="$LXCHOSTNAME" | grep "State" | awk '{print $2}')
+                    if [[ $STATUS == "RUNNING" ]]; then
+                        break
+                    fi
+                    sleep 1
+                done
+                if [[ $STATUS != "RUNNING" ]]; then
+                    echo "Container $LXCHOSTNAME failed to start within the timeout period."
+                    exit 1
+                fi
+            else
+                echo "Error starting the container $LXCHOSTNAME."
+                exit 1
+            fi
+        else
+            echo "Container $LXCHOSTNAME was not started."
+            exit 1
+        fi
+    fi
+    echo "Logging into the container $LXCHOSTNAME..."
+    if ! lxc-attach --name="$LXCHOSTNAME"; then
+        echo "Error logging into the container $LXCHOSTNAME."
+        exit 1
+    fi
+else
+    echo "Invalid selection. Please run the script again and choose a valid number."
+    exit 1
+fi
+

lxc_list_sed.sh

@@ -0,0 +1,69 @@
+#!/bin/bash
+# =============================================================================
+# Script Name: lxc_list_sed.sh
+# Version: 1.10
+# Description: This script lists all LXC containers, checks their statuses, and
+#              updates the SENDMAILTO field in /etc/logcheck/logcheck.conf for 
+#              running containers. It includes error handling and logging.
+# =============================================================================
+
+# 01 Required commands
+REQUIRED_CMDS=("lxc-ls" "lxc-info" "lxc-attach" "lxc-start")
+
+# 02 Check if required commands are available
+for CMD in "${REQUIRED_CMDS[@]}"; do
+    if ! command -v $CMD &> /dev/null; then
+        echo "Command $CMD is not installed. Please install it and try again."
+        exit 1
+    fi
+done
+
+# 03 Function to check if a container is running
+is_container_running() {
+    local CONTAINER=$1
+    if lxc-info -n "$CONTAINER" | grep -q 'RUNNING'; then
+        echo "$CONTAINER is running."
+        return 0  # Container is running
+    else
+        echo "$CONTAINER is not running or does not exist."
+        return 1  # Container is not running
+    fi
+}
+
+# 04 List all running Linux containers
+list_running_containers() {
+    local CONTAINERS=($(lxc-ls -f | awk '$2 == "RUNNING" {print $1}'))
+    echo ${CONTAINERS[@]}
+}
+
+# 05 Update SENDMAILTO in /etc/logcheck/logcheck.conf for running LXC containers
+update_sendmailto() {
+    local NEW_EMAIL="logcheck+srvlogz@bubuit.net"
+    local RUNNING_CONTAINERS=($@)  # Get the list of running containers as arguments
+
+    for CONTAINER in "${RUNNING_CONTAINERS[@]}"; do
+        echo "Attempting to update SENDMAILTO in $CONTAINER"
+        if lxc-attach -n "$CONTAINER" -- bash -c "[ -f /etc/logcheck/logcheck.conf ]"; then
+            if lxc-attach -n "$CONTAINER" -- bash -c "sed -i 's/^SENDMAILTO.*/SENDMAILTO=\"$NEW_EMAIL\"/' /etc/logcheck/logcheck.conf"; then
+                echo "Successfully updated SENDMAILTO in $CONTAINER"
+            else
+                echo "Failed to update SENDMAILTO in $CONTAINER"
+            fi
+        else
+            echo "/etc/logcheck/logcheck.conf does not exist in $CONTAINER"
+        fi
+        sleep 1  # Introduce a sleep to avoid running too fast
+    done
+}
+
+# 06 Main script execution
+RUNNING_CONTAINERS=$(list_running_containers)
+echo -e "\nRunning Containers: ${RUNNING_CONTAINERS[@]}"
+echo -ne "\n"
+
+if [ -n "$RUNNING_CONTAINERS" ]; then
+    update_sendmailto ${RUNNING_CONTAINERS[@]}
+else
+    echo "No running containers found."
+fi
+

lxc_snapshot_create.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+# v01
+
+# List and check LXC containers
+echo "Listing all LXC containers..."
+CONTAINERS=($(lxc-ls -1))
+
+# Check if there are any containers
+if [[ ${#CONTAINERS[@]} -eq 0 ]]; then
+    echo "There are no LXC containers."
+    exit 1
+fi
+
+echo "Found ${#CONTAINERS[@]} container(s): ${CONTAINERS[@]}"
+echo "----------------------------------"
+
+# Loop over each container
+for LXCHOSTNAME in "${CONTAINERS[@]}"; do
+    echo "Processing container: $LXCHOSTNAME"
+
+    # Stop the container
+    echo "Stopping container $LXCHOSTNAME..."
+    if ! lxc-stop -n "$LXCHOSTNAME"; then
+        echo "Failed to stop container $LXCHOSTNAME"
+        continue
+    fi
+
+    # Create a snapshot (using default directory)
+    echo "Creating snapshot for $LXCHOSTNAME..."
+    if ! lxc-snapshot -n "$LXCHOSTNAME"; then
+        echo "Failed to create snapshot for $LXCHOSTNAME"
+        # Optionally, start the container back up if snapshot fails
+        lxc-start -n "$LXCHOSTNAME"
+        continue
+    fi
+
+    # Start the container
+    echo "Starting container $LXCHOSTNAME..."
+    if ! lxc-start -n "$LXCHOSTNAME"; then
+        echo "Failed to start container $LXCHOSTNAME"
+        continue
+    fi
+
+    # List snapshots for the container
+    echo "Listing snapshots for $LXCHOSTNAME..."
+    lxc-snapshot -n "$LXCHOSTNAME" -L
+    echo "----------------------------------"
+
+    echo "Finished processing $LXCHOSTNAME"
+    echo "=================================="
+done
+
+lxc-ls -f

remove_nonexistent_rules.sh

@@ -0,0 +1,65 @@
+#!/bin/zsh
+# Script Version: 01
+# Description: Removes non-existent rules from SpamAssassin local.cf configuration file.
+
+# Variables
+# ========
+CONFIG_FILE="/etc/mail/spamassassin/local.cf"
+BACKUP_FILE="/etc/mail/spamassassin/local.cf.bak"
+TEMP_FILE=$(mktemp /tmp/local.cf.temp.XXXXXX)
+
+# Backup original config
+# ========
+if ! cp "$CONFIG_FILE" "$BACKUP_FILE"; then
+    echo "Error: Backup of $CONFIG_FILE to $BACKUP_FILE failed. Aborting." >&2
+    exit 1
+fi
+echo "Backup of local.cf saved to $BACKUP_FILE"
+
+# Extract non-existent rules from SpamAssassin lint output
+# ========
+RULES=$(spamassassin --lint -D 2>&1 | grep 'warning: score set for non-existent rule' | awk '{print $NF}' | sort | uniq)
+
+if [ -z "$RULES" ]; then
+    echo "No non-existent rules found in the lint output."
+    rm -f "$TEMP_FILE"  # Clean up the temporary file
+    exit 0
+fi
+
+echo "Non-existent rules to be removed:"
+echo "$RULES"
+
+# Remove non-existent rules from the config file
+# ========
+cp "$CONFIG_FILE" "$TEMP_FILE"
+
+while read -r RULE; do
+    sed -i "/^score\s\+$RULE\b/d" "$TEMP_FILE"
+done <<< "$RULES"
+
+# Overwrite the original config
+# ========
+if mv "$TEMP_FILE" "$CONFIG_FILE"; then
+    echo "Non-existent rules removed from $CONFIG_FILE"
+else
+    echo "Error: Failed to update $CONFIG_FILE. Aborting." >&2
+    rm -f "$TEMP_FILE"  # Clean up in case of failure
+    exit 1
+fi
+
+# Restart SpamAssassin to apply changes
+# ========
+echo "Restarting SpamAssassin..."
+if systemctl restart spamassassin; then
+    echo "SpamAssassin restarted successfully."
+    if ! systemctl is-active --quiet spamassassin; then
+        echo "Error: SpamAssassin is not active after restart." >&2
+        exit 1
+    fi
+else
+    echo "Error: Failed to restart SpamAssassin." >&2
+    exit 1
+fi
+
+exit 0
+

ssl_certificate_delete.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+# Script Version: 01
+# Description: Removes ssl_certificate and ssl_certificate_key directives from Nginx configuration files in /etc/nginx/sites-enabled/
+
+# Directory containing Nginx site configurations
+CONFIG_DIR="/etc/nginx/sites-enabled"
+
+# Iterate over each file in the configuration directory
+for FILE in "$CONFIG_DIR"/*; do
+  # Check if the file is a regular file
+  if [ -f "$FILE" ]; then
+    # Remove lines containing ssl_certificate or ssl_certificate_key
+    sed -i '/^\s*ssl_certificate\s\+/d' "$FILE"
+    sed -i '/^\s*ssl_certificate_key\s\+/d' "$FILE"
+  fi
+done
+
+# Test Nginx configuration
+nginx -t
+
+# Check if the configuration test was successful
+if [ $? -eq 0 ]; then
+  # Reload Nginx to apply changes
+  systemctl reload nginx
+  echo "Nginx reloaded successfully."
+else
+  echo "Nginx configuration test failed. Please check the configuration files."
+fi
+

updateContainer.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# List all running Linux containers
+containers=$(lxc-ls -f G RUNNING | awk '{print $1}')
+
+# Upgrade the package manager (APT) inside each container
+for container in $containers; do
+  echo $container
+  lxc-attach -n $container -- apt update
+  lxc-attach -n $container -- apt upgrade -y
+done