18 changed files with 3 additions and 201 deletions
--- a/dyndns/README.md
+++ b/dyndns/README.md
@ -1,16 +0,0 @@
 # Dynamic DNS
 Edit example files to match your needs.
 ```sh
 sudo mkdir /data/dns
 cp *example* dyndns* /data/dns
 chmod 600 /data/dns/tsig*
 ```
 ## Cronjob
 ```sh
 /data/dns/update-example.com.sh
 ```
--- a/dyndns/dyndns-nsupdate
+++ b/dyndns/dyndns-nsupdate
@ -1,10 +0,0 @@
 #!/bin/sh
 DYN_DIR=/data/dns
 if test "x$DYN_TSIGKEY" = x; then DYN_TSIGKEY="$DYN_DIR/tsig.$DYN_DOMAIN.conf"; fi
 if test "x$DYN_NSUPDATE" = x; then DYN_NSUPDATE="$DYN_DIR/$DYN_DOMAIN.nsupdate.txt"; fi
 if test "x$1" != x; then
 	cat "$DYN_NSUPDATE" | sed s/%IP%/$1/g | nsupdate -v -k "$DYN_TSIGKEY"
 fi
--- a/dyndns/dyndns-update
+++ b/dyndns/dyndns-update
@ -1,19 +0,0 @@
 #!/bin/sh
 if test "x$DYN_SERVER" = x; then echo export DYN_SERVER=ns.example.com; exit=1; fi
 if test "x$DYN_DOMAIN" = x; then echo export DYN_DOMAIN=example.com; exit=1; fi
 if test "x$DYN_SCRIPT" = x; then echo export DYN_SCRIPT=/path/to/script; exit=1; fi
 if test "x$exit" = x1; then exit 1; fi
 if test "x$DYN_IPAPI" = x; then DYN_IPAPI=ifconfig.co; fi
 IPACTUAL=$(wget -qO - "$DYN_IPAPI")
 IPSERVER=$(dig +short $DYN_DOMAIN @$DYN_SERVER)
 if test "x$IPSERVER" = x -o "x$IPACTUAL" = x; then
 	: # ERROR: IP unknown
 elif test "x$IPSERVER" = "x$IPACTUAL"; then
 	: # INFO: IP not changed
 else
 	"$DYN_SCRIPT" $IPACTUAL
 fi
--- a/dyndns/example.com.nsupdate.txt
+++ b/dyndns/example.com.nsupdate.txt
@ -1,12 +0,0 @@
 server ns01.example.com
 zone example.com
 update del   example.com. TXT
 update del   example.com. A
 update del *.example.com. A
 update add   example.com. 86400 TXT "v=spf1 ip4:%IP%/32 -all"
 update add   example.com. 86400 A %IP%
 update add *.example.com. 86400 A %IP%
 send
--- a/dyndns/tsig.example.com.conf
+++ b/dyndns/tsig.example.com.conf
@ -1,4 +0,0 @@
 key "tsig.example.com." {
 	algorithm hmac-sha256;
 	secret "YWRyaXVtLmFkcml1bS4uCg==";
 };
--- a/dyndns/update-example.com.sh
+++ b/dyndns/update-example.com.sh
@ -1,7 +0,0 @@
 #!/bin/sh
 export DYN_DOMAIN=example.com
 export DYN_SERVER=ns01.example.com
 export DYN_SCRIPT=/data/dns/dyndns-nsupdate
 /data/dns/dyndns-update
--- a/letsencrypt/README.md
+++ b/letsencrypt/README.md
@ -1,36 +0,0 @@
 # Let's Encrypt
 Download Let's Encrypt client (only `dehydrated` needed):
 https://github.com/dehydrated-io/dehydrated/releases/latest
 ```sh
 sudo mkdir -p /data/ssl/{configs,challenge}
 sudo chown -R admin: /data/ssl
 cp config dehydrated-* /data/ssl
 # List all domains for automatic renewal
 editor /data/ssl/domains.txt
 /data/ssl/dehydrated -r
 ```
 To enable certificate renewal,
 `include snippets/letsencrypt` or put `redirect-ssl-all` in sites-enabled.
 ## Cronjob
 ```sh
 /data/ssl/dehydrated -c
 ```
 ## Wildcard Certificates
 ```sh
 echo "service.example.com *.service.example.com" >> /data/ssl/domains.txt
 echo "CHALLENGETYPE=dns-01" >> /data/ssl/configs/service.example.com
 echo "HOOK=/data/ssl/dehydrated-hook" >> /data/ssl/configs/service.example.com
 ```
 There are manual and nsupdate hooks.
 See [example-hook](example-hook) for an example nsupdate hook.
--- a/letsencrypt/config
+++ b/letsencrypt/config
@ -1,5 +0,0 @@
 DOMAINS_D=/data/ssl/configs
 WELLKNOWN=/data/ssl/challenge
 PRIVATE_KEY_RENEW=no
 KEYSIZE=2048
 # CONTACT_EMAIL=hostmaster@example.com
--- a/letsencrypt/dehydrated-manual
+++ b/letsencrypt/dehydrated-manual
@ -1,11 +0,0 @@
 #!/bin/sh
 if test "x$1" = xdeploy_challenge; then
 	echo "Add the following record and press enter to continue:"
 	echo "_acme-challenge.$2. TXT $4"
 	read dummy
 elif test "x$1" = xclean_challenge; then
 	echo "Remove the record and press enter to continue:"
 	echo "_acme-challenge.$2. TXT $4"
 	read dummy
 fi
--- a/letsencrypt/dehydrated-nsupdate
+++ b/letsencrypt/dehydrated-nsupdate
@ -1,24 +0,0 @@
 #!/bin/sh
 SCRIPT_TTL=30
 if test "x$LE_SERVER" = x; then echo export LE_SERVER=ns.example.com; exit=1; fi
 if test "x$LE_ZONE" = x; then echo export LE_ZONE=example.com; exit=1; fi
 if test "x$LE_TSIGKEY" = x; then echo export LE_TSIGKEY=/path/to/key; exit=1; fi
 if test "x$exit" = x1; then exit 1; fi
 if test "x$1" = xdeploy_challenge; then
 	nsupdate -v -k "$LE_TSIGKEY" <<- NSUPDATE
 		server $LE_SERVER
 		zone $LE_ZONE
 		update add _acme-challenge.$2. $SCRIPT_TTL TXT $4
 		send
 	NSUPDATE
 elif test "x$1" = xclean_challenge; then
 	nsupdate -v -k "$LE_TSIGKEY" <<- NSUPDATE
 		server $LE_SERVER
 		zone $LE_ZONE
 		update del _acme-challenge.$2. TXT
 		send
 	NSUPDATE
 fi
--- a/letsencrypt/example-hook
+++ b/letsencrypt/example-hook
@ -1,7 +0,0 @@
 #!/bin/sh
 export LE_TSIGKEY=/data/dns/tsig.example.com.conf
 export LE_SERVER=ns01.example.com
 export LE_ZONE=example.com
 /data/ssl/dehydrated-nsupdate "$@"
--- a/mail/README.md
+++ b/mail/README.md
@ -11,7 +11,6 @@ sudo mkdir -p /data/mail/config
 sudo chown vmail: /data/mail/*
 cat schema.sql | sudo -u vmail sqlite3 /data/mail/config/vmail.db
 sudo chown vmail:postfix /data/mail/config/vmail.db
 sudo chmod 640 /data/mail/config/vmail.db
 ```
@ -27,13 +26,12 @@ sudo apt install sqlite3 postfix postfix-sqlite dovecot-imapd dovecot-sqlite ope
 DOMAIN=example.com
 sudo cp -r postfix dovecot /etc
 sudo chmod 600 /etc/postfix/sni.cf
 sudo sed -i '$ r opendkim/local.conf' /etc/opendkim.conf
-sudo sed -i s/example.com/$DOMAIN/ /etc/postfix/{main,sni}.cf /etc/dovecot/local.conf
+sudo sed -i s/example.com/$DOMAIN/ /etc/postfix/main.cf /etc/dovecot/local.conf
 sudo sed -i '/include auth-system/ s/.*/#&/' /etc/dovecot/conf.d/10-auth.conf
 sudo ln -s /data/mail/config/vmail.db /.opendkim-bug-241.db
 sudo chown vmail:postfix /data/mail/config/vmail.db
 opendkim-genkey -d $DOMAIN -s s
 chmod +r s.private
@ -42,12 +40,6 @@ cat s.txt
 rm s.private s.txt
 ```
 ## Certificate Reload
 ```sh
 postmap -F /etc/postfix/sni.cf
 ```
 ## Notes
 * The `vmail.db` parent directory needs to be writeable by the user modifying the database
--- a/mail/postfix/main.cf
+++ b/mail/postfix/main.cf
@ -14,7 +14,6 @@ smtp_tls_security_level = may
 smtpd_tls_security_level = may
 smtpd_tls_key_file =  /data/ssl/certs/mail.example.com/privkey.pem
 smtpd_tls_cert_file = /data/ssl/certs/mail.example.com/fullchain.pem
 tls_server_sni_maps = hash:/etc/postfix/sni.cf
 # Custom
--- a/mail/postfix/sni.cf
+++ b/mail/postfix/sni.cf
@ -1 +0,0 @@
 mail.example.com /data/ssl/certs/mail.example.com/privkey.pem /data/ssl/certs/mail.example.com/fullchain.pem
--- a/network-manager/99-no-wifi-on-ethernet
+++ b/network-manager/99-no-wifi-on-ethernet
@ -1,11 +0,0 @@
 #!/bin/sh
 logger -t no-wifi-on-ethernet "Device $1 is $2"
 if [ "dev:$1:$2" = "dev:eth0:up" ]; then
 	nmcli r wifi off
 fi
 if [ "dev:$1:$2" = "dev:eth0:down" ]; then
 	nmcli r wifi on
 fi
--- a/network-manager/README.md
+++ b/network-manager/README.md
@ -1,13 +0,0 @@
 # NetworkManager
 ## Manage ethernet devices with NetworkManager
 ```sh
 touch /etc/NetworkManager/conf.d/10-globally-managed-devices.conf
 ```
 ## Automatically switch off wifi when ethernet is connected
 ```sh
 sudo cp 99-no-wifi-on-ethernet /etc/NetworkManager/dispatcher.d
 ```
--- a/nextcloud/nginx.conf
+++ b/nextcloud/nginx.conf
@ -9,6 +9,7 @@ server {
 	client_max_body_size 0;
 	location / {
 		index index.php;
 		try_files $uri /index.php$request_uri;
 	}
@ -25,10 +26,6 @@ server {
 		include fastcgi.conf;
 	}
 	location /updater { index index.php; }
 	location /ocm-provider { index index.php; }
 	location /ocs-provider { index index.php; }
 	location = /.well-known/carddav {
 		return 301 $scheme://$host:$server_port/remote.php/dav;
 	}
--- a/nginx/README.md
+++ b/nginx/README.md
@ -1,19 +1,9 @@
 # Nginx
 ```sh
 DOMAIN=example.com
 sudo cp -r sites-available snippets conf.d /etc/nginx
 sudo rm /etc/nginx/sites-*/default
 sudo ln -s ../sites-available/0nohost /etc/nginx/sites-enabled
 sudo ln -s ../sites-available/redirect-ssl-all /etc/nginx/sites-enabled
 sudo sed -i s/example.com/$DOMAIN/ /etc/nginx/conf.d/ssl.conf
 ```
 ## Certificate Reload
 ```sh
 nginx -s reload
 ```
		`@ -1 +0,0 @@`
			`mail.example.com /data/ssl/certs/mail.example.com/privkey.pem /data/ssl/certs/mail.example.com/fullchain.pem`