How to Install Nextcloud+Syncthing+Filebrowser in Open Media Vault 6

Install Open Media Vault 6 using this command:

wget -O - https://github.com/OpenMediaVault-Plugin-Developers/installScript/raw/master/install | sudo bash

Once installed, create a Samba share called ‘appdata’ containing a ‘configs’ folder and a separate Samba share for each of your users. The following nginx.conf file is to be saved in your appdata/configs folder: Continue reading

How To Install Nextcloud On A Synology NAS

This post should tell you everything you need to know to install Nextcloud instance on your Synology NAS without using Docker.

I previously published a post on how to setup Pi-Hole on a Synology and since then a number of people have asked for a guide on how to install Nextcloud on a Synology. After lots of tinkering, this post is the result.

I’ve talked about Nextcloud vs Synology before, and why I think Synology is the better choice for a home server. However, by using this guide you don’t need to choose – you can install Nextcloud on your Synology NAS!

This is likely to be another long post, so let’s get cracking shall we?

Setup DNS

Once Nextcloud is all setup and working on your Synology NAS, you will probably want to access it via a nice URL, usually a subdomain like nextcloud.example.com. If that’s the case, make sure you log into the DNS provider for your domain (this is usually the registrar you registered the domain with) and configure an A record that points to the public IP address of your Synology NAS. Continue reading

How to Flash Lineage OS on an LG V20 Phone

This method will, when completed, will provide you with root and an unlocked bootloader, with fastboot available. It is a somewhat involved process, but the majority of the process has been simplified as much as possible.

WARNING!!!!This replaces your current bootloader with a debug bootloader. If you attempt to lock this bootloader you may brick your device.
Currently AT&T(H910) and Sprint(LS997) cannot return to stock because no KDZ files are available.

Disclaimer:
Once your phone is unlocked, it will no longer be covered by LG warranty @me2151.
As we cannot guarantee the proper operation of our hardware with custom software, we are not able to maintain the full scope of warranty for your device after you have unlocked the bootloader.
Because of that we have a responsibility to let you know that defects which may result from, or were caused by custom device-software may not be covered by LG warranty @me2151. Continue reading

How can I remove the GUI from Raspbian/Debian?

$ sudo apt-get --purge remove "x11-*"

This will remove all the packages that are under x11 which is the library with all the graphical packages. the option –purge allow you to delete all the config file related.

$ sudo apt-get --purge autoremove
autoremove removes all the unused packages. There are a lot of unused packages after the first command.

Reference

https://raspberrypi.stackexchange.com/questions/5258/how-can-i-remove-the-gui-from-raspbian-debian

How to fix raspi-config “The splash screen is not installed so cannot be activated”

Problem:

You want to enable the boot splash screen on your Raspberry Pi using raspi-config, but you see this error message:

The splash screen is not installed so cannot be activated

followed by There was an error running option B3 Splash Screen

Solution:

As you can find out from reading the raspi-config source code, it checks for the existence of /usr/share/plymouth/themes/pix/pix.script. In order to install this file, install the rpd-plym-splash package.

Reference

https://techoverflow.net/2020/06/13/how-to-fix-raspi-config-the-splash-screen-is-not-installed-so-cannot-be-activated

How do I enable restricted codecs to play DVD’s?

DVD support cannot be provided by default in Ubuntu due to legal and technical restrictions. Most commercial DVDs are encrypted and so require the use of decryption software in order to play them.

Use Fluendo to legally play DVDs

You can buy a commercial DVD decoder that can handle copy protection from Fluendo. It works with Linux and should be legal to use in all countries.

Use alternative decryption software

In some countries, the use of the below unlicensed decryption software is not permitted by law. Verify that you are within your rights to use it.

  1. Install libdvdnav4, libdvdread4, gstreamer1.0-plugins-bad, gstreamer1.0-plugins-ugly, and libdvd-pkg.

  2. Open a terminal window by pressing Ctrl+Alt+T.

  3. Run the command

    $ sudo dpkg-reconfigure libdvd-pkg

    and confirm in order to install libdvdcss2.

Reference

https://help.ubuntu.com/stable/ubuntu-help/video-dvd-restricted.html.en

Use Instaloader to Regularly Download Photo’s from Specific Instagram Users

First, create a folder in your Pictures folder called ‘Instaloader’.

$ mkdir ~/Pictures/Instaloader

Next create a file inside that folder.

$ nano ~/Pictures/Instaloader/instaloader.sh

Add the following to the file (replacing user’s with Instagram profile names) and save:

#!/bin/bash
cd ~/Pictures/Instaloader
~/.local/bin/instaloader --fast-update user1 user2 user3

Give the file execute permissions and run it.

$ sudo chmod a+x ~/Pictures/Instaloader/instaloader.sh

$ sudo ~/Pictures/Instaloader/instaloader.sh

If it successfully executes, then add it to cron.

$ crontab -e

# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (/tmp/crontab.z5YMVK/crontab installed on Fri Mar 5 07:57:15 2021)
# (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp $)
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
0 0,12 * * * ~/Pictures/Instaloader/instaloader.sh

How to get a Ledger Nano S Hardware Wallet to work with Electrum for Linux

Create a file in your home directory called add-udev-rules.sh and add the following:

#!/bin/bash
cat < /etc/udev/rules.d/20-hw1.rules
# HW.1 / Nano
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1b7c|2b7c|3b7c|4b7c", TAG+="uaccess", TAG+="udev-acl"
# Blue
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0000|0000|0001|0002|0003|0004|0005|0006|0007|0008|0009|000a|000b|000c|000d|000e|000f|0010|0011|0012|0013|0014|0015|0016|0017|0018|0019|001a|001b|001c|001d|001e|001f", TAG+="uaccess", TAG+="udev-acl"
# Nano S
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0001|1000|1001|1002|1003|1004|1005|1006|1007|1008|1009|100a|100b|100c|100d|100e|100f|1010|1011|1012|1013|1014|1015|1016|1017|1018|1019|101a|101b|101c|101d|101e|101f", TAG+="uaccess", TAG+="udev-acl"
# Aramis
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0002|2000|2001|2002|2003|2004|2005|2006|2007|2008|2009|200a|200b|200c|200d|200e|200f|2010|2011|2012|2013|2014|2015|2016|2017|2018|2019|201a|201b|201c|201d|201e|201f", TAG+="uaccess", TAG+="udev-acl"
# HW2
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0003|3000|3001|3002|3003|3004|3005|3006|3007|3008|3009|300a|300b|300c|300d|300e|300f|3010|3011|3012|3013|3014|3015|3016|3017|3018|3019|301a|301b|301c|301d|301e|301f", TAG+="uaccess", TAG+="udev-acl"
# Nano X
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0004|4000|4001|4002|4003|4004|4005|4006|4007|4008|4009|400a|400b|400c|400d|400e|400f|4010|4011|4012|4013|4014|4015|4016|4017|4018|4019|401a|401b|401c|401d|401e|401f", TAG+="uaccess", TAG+="udev-acl"
EOF

udevadm trigger
udevadm control --reload-rules

Give the file execute permissions and run it.

$ sudo chmod a+x add-udev-rules.sh
$ sudo ./add-udev-rules.sh

Install the following packages:

$ sudo apt-get install python3-dev libusb-1.0-0-dev libudev-dev python3-pip
$ python3 -m pip install btchip-python -U
$ python3 -m pip install bitbox02 -U
$ python3 -m pip install ckcc-protocol -U
$ python3 -m pip install keepkey -U
$ python3 -m pip install trezor -U
$ python3 -m pip install safet -U

How to Setup a minimal Virtualmin LEMP Stack in CentOS 7

# yum install nano get

# nano /etc/selinux/config (and change it to disabled)

# reboot

# wget http://software.virtualmin.com/gpl/scripts/install.sh

# sh install.sh -m -b LEMP

# yum remove php* rh-php72*

# yum install rh-php73 rh-php73-php-fpm rh-php73-php-cgi rh-php73-php-mysqlnd rh-php73-php-imap rh-php73-php-curl rh-php73-php-gd rh-php73-php-xmlrpc rh-php73-php-xsl rh-php73-php-mbstring rh-php73-php-zip rh-php73-php-cli rh-php73-php-dom rh-php73-php-pdo rh-php73-php-soap rh-php73-php-json rh-php73-php-xml rh-php73-php-pear rh-php73-php-bcmath rh-php73-php-pecl-apcu rh-php73-php-pecl-apcu-devel rh-php73-php-intl -y

# nano /etc/opt/rh/rh-php73/php.ini (increase upload_max_filesize and post_max_size)

# systemctl enable rh-php73-php-fpm

# systemctl start rh-php73-php-fpm

# systemctl enable nginx

# systemctl start nginx

Now log into Virtualmin and complete the install wizard. Then setup the Fail2Ban Intrusion Detector module. Copy the following to /etc/fail2ban/jail.local if it’s empty:

[sshd]
enabled = true
port = ssh
[ssh-ddos]
enabled = true
port = ssh,sftp
filter = sshd-ddos
[webmin-auth]
enabled = true
port = 10000
[proftpd]
enabled = true
port = ftp,ftp-data,ftps,ftps-data
[postfix]
enabled = true
port = smtp,465,submission
[dovecot]
enabled = true
port = pop3,pop3s,imap,imaps,submission,465,sieve
[postfix-sasl]
enabled = true
port = smtp,465,submission,imap3,imaps,pop3,pop3s

Also go to Webmin -> Webmin Configuration -> Authentication and tick the box to Block users with more than 4 failed logins for 1200 seconds. Then save.

Go to Webmin -> Hardware -> System Time and change the timezone to your local timezone. Then click on the ‘Time server sync’ tab and add pool.ntp.org as the timeserver hostname. Then click on the ‘Sync and Apply’ button.

Go to Virtualmin -> System Settings -> Features and Plugins and make sure all Apache plugins are unchecked (Apache website, SSL website, Protected web directories) and that the Nginx plugins are checked (Nginx website and Nginx SSL website). Go ahead and uncheck ‘BIND DNS domain’ if you are using your registrar’s nameservers or some other third party.

Go to Virtualmin -> System Settings -> Virtualmin Configuration and go to SSL settings. Make sure that ‘Request Let’s Encrypt certificate at domain creation time?’ and ‘Redirect HTTP to HTTPS by default?’ are set to ‘Yes’.

Go to Virtualmin -> System Settings -> Server Templates and click on ‘Default Settings’. Select ‘PHP Options’ from the template section dropdown and change the default PHP execution mode to FPM and save.

Getting Nextcloud to work in Virtualmin with Nginx

First, copy this file into your web root directory and access it from your browser. Then, just replace your server block with the following right before you create an admin user and set up the database (replace [X.X.X.X], [mydomain], and [port] with your own info):

    server_name nextcloud.[mydomain].com www.nextcloud.[mydomain].com;
    listen X.X.X.X;

    listen X.X.X.X:443 ssl http2;
    ssl_certificate /home/[mydomain]/domains/nextcloud.[mydomain].com/ssl.combined;
    ssl_certificate_key /home/[mydomain]/domains/nextcloud.[mydomain].com/ssl.key;
    root /home/[mydomain]/domains/nextcloud.[mydomain].com/public_html;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    add_header Referrer-Policy no-referrer;
    fastcgi_hide_header X-Powered-By;
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
    location = /.well-known/carddav {
        return 301 $scheme://$host:$server_port/remote.php/dav;
    }
    location = /.well-known/caldav {
        return 301 $scheme://$host:$server_port/remote.php/dav;
    }
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;
    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
    location / {
        rewrite ^ /index.php;
    }
    location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
        deny all;
    }
    location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
        deny all;
    }
    location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
        fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
        set $path_info $fastcgi_path_info;
        try_files $fastcgi_script_name =404;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param HTTPS on;
        fastcgi_param modHeadersAvailable true;
        fastcgi_param front_controller_active true;
        fastcgi_pass localhost:[port];
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
    }
    location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
        try_files $uri/ =404;
        index index.php;
    }
    location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
        try_files $uri /index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463";
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        add_header Referrer-Policy no-referrer;
        access_log off;
    }
    location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {
        try_files $uri /index.php$request_uri;
        access_log off;
    }