Initial commit

Quick Commands.md

@@ -0,0 +1,23 @@
+---
+author: The Bunker Admin
+date: 2025 05 04
+tags: [sript]
+---
+## quick commands
+
+The following are quick commands that are useful to remember for operating your system. 
+
+---
+
+Start openwebui
+```
+docker run -d \
+  --network=host \
+  --gpus all \
+  --add-host=host.docker.internal:host-gateway \
+  -v open-webui:/app/backend/data \
+  -e OLLAMA_BASE_URL=http://127.0.0.1:11434 \
+  --name open-webui \
+  --restart always \
+  ghcr.io/open-webui/open-webui:cuda
+```

README.md

@@ -0,0 +1,23 @@
+---
+author: The Bunker Admin
+date: 2025 05 05
+tags: [sript]
+---
+## README
+
+This is the README for this documentation as we are going to push it to gitea. 
+
+---
+## Welcome to bnkops scripts! 
+These scripts are all instructions for upping any of the bnkops server stacks. There are also some repository information from other projects we have been working on. 
+## Open in Obsidian 
+This whole repo has been written in Obsidian. It is recommend that you clone the repo and open it locally using Obsidian. For internal linking, we have the following settings: 
+
+![[scripts/sreenshots/Pasted image 20250505115243.png]]
+
+## build. 
+Build scripts are instructions for setting up the base environments that bnkops works in. They all use Ubuntu as the OS of choice. 
+## config. 
+Config scripts are further instructions for further setting up built software. They are preferences of the Bunker Admin. 
+## service. 
+Service scripts are further instructions on how to set up built and configured software as system services or ongoing functions. 

build.gittea.md

@@ -0,0 +1,91 @@
+---
+author: The Bunker Admin
+date: 2025 05 03
+tags: [sript]
+---
+## build.gittea
+
+Getting used to using gittea with my next changemaker deployment. 
+
+See[[ config.gittea]] for configuration details. 
+See [[config.cloudflare.homelab]] for more on getting system online. 
+
+---
+## Docker Compose 
+The following docker compose is to get gittea up and running with Cloudflare:  
+
+> [!check] Remember to update with your own strong passwords and to update URL's for your own domain
+
+```
+version: "3"
+
+networks:
+  gitea:
+    external: false
+
+volumes:
+  gitea_data:
+    driver: local
+  mysql_data:
+    driver: local
+
+services:
+  server:
+    image: docker.gitea.com/gitea:1.23.7
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - GITEA__database__DB_TYPE=mysql
+      - GITEA__database__HOST=db:3306
+      - GITEA__database__NAME=gitea
+      - GITEA__database__USER=gitea
+      - GITEA__database__PASSWD=[insert password 1]
+      # Cloudflare Tunnel configuration
+      - GITEA__server__ROOT_URL=https://gitea.bnkhome.org
+      # Set the HTTP port explicitly
+      - GITEA__server__HTTP_PORT=3000
+      # Add proxy settings for Cloudflare
+      - GITEA__server__PROTOCOL=http
+      - GITEA__server__DOMAIN=gitea.bnkhome.org
+      - GITEA__server__ENABLE_GZIP=true
+      - GITEA__server__PROXY_PROTOCOL=true
+      - GITEA__server__PROXY_PROXY_PROTOCOL_TLS=true
+      - GITEA__server__PROXY_ALLOW_SUBNET=0.0.0.0/0
+    restart: always
+    networks:
+      - gitea
+    volumes:
+      - gitea_data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      # Expose on all interfaces, not just localhost, so Cloudflare can reach it
+      - "3001:3000"
+      # Also expose SSH on all interfaces if needed
+      - "2222:22"
+    depends_on:
+      - db
+
+  db:
+    image: docker.io/library/mysql:8
+    container_name: gitea_mysql
+    restart: always
+    environment:
+      - MYSQL_ROOT_PASSWORD=[instert password]
+      - MYSQL_USER=gitea
+      - MYSQL_PASSWORD=[insert password 1]
+      - MYSQL_DATABASE=gitea
+    networks:
+      - gitea
+    volumes:
+      - mysql_data:/var/lib/mysql
+    # MySQL is only accessible within the Docker network, not exposed to host
+    healthcheck:
+      test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "gitea", "-pgitea"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+```
+
+

build.homelab.md

@@ -0,0 +1,277 @@
+---
+tags:
+  - homelab
+  - script
+author: The Bunker Admin
+date: 2025-04-28
+---
+## build.homelab
+
+The following is build instructions for The Bunker Operations home lab.  See the following for further instructions following installation: 
+
+- [[config.homelab]] for more configuration settings and other bits of info.  
+- [[startup.homelab]] for information on startup routines and getting into workflows. 
+- [[service.homelab]] for instructions on service settings.
+
+--- 
+## [Ubuntu](https://ubuntu.com/) OS
+_Ubuntu_ is a Linux distribution derived from Debian and composed mostly of free and open-source software.
+### [Install Ubuntu](https://ubuntu.com/tutorials/install-ubuntu-desktop#1-overview)
+### Post Install 
+Post installation, run update: 
+```
+sudo apt update
+```
+
+```
+sudo apt upgrade
+```
+## [[config.drives.homelab]]
+Configure drives for auto mounting on boot. 
+## [VSCode Insiders](https://code.visualstudio.com/insiders/) 
+Visual Studio Code is a new choice of tool that combines the simplicity of a code editor with what developers need for the core edit-build-debug cycle.
+### Install Using App Centre
+![[scripts/sreenshots/Pasted image 20250429113606.png]]
+## [Obsidian](https://obsidian.md/)
+The free and flexible app for your private thoughts.
+### Install Using App Center
+![[scripts/sreenshots/Pasted image 20250429113550.png]]
+## [Curl](https://curl.se/) 
+command line tool and library for transferring data with URLs (since 1998)
+### Install
+```
+sudo apt install curl 
+```
+
+## [Python & Pip & pipx](https://www.python.org/) 
+Python is a programming language that lets you work quickly and integrate systems more effectively.
+```
+sudo apt install python3-pip
+```
+
+```
+sudo apt install pipx
+```
+
+```
+pipx ensurepath
+```
+## [Glances](https://github.com/nicolargo/glances) 
+ Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems.
+### Install
+```
+pipx install glances[all]
+```
+
+> [!note] Start Glances
+> To start glances run the following: 
+> ```
+> /home/bunker-admin/.local/bin/glances
+> ```
+
+## ffmpeg
+A complete, cross-platform solution to record, convert and stream audio and video. 
+
+```
+sudo apt update && sudo apt install ffmpeg
+```
+## Flatpack 
+Whether you're a user looking for apps or a developer looking to reach more users, Flathub is the best choice for apps on Linux.
+
+```
+sudo apt install flatpak
+```
+
+```
+sudo apt install gnome-software-plugin-flatpak
+```
+
+```
+flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
+```
+## [Syncthing](https://syncthing.net/)
+Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose where it is stored, whether it is shared with some third party, and how it’s transmitted over the internet.
+### Install
+```
+sudo mkdir -p /etc/apt/keyrings
+curl -s https://syncthing.net/release-key.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/syncthing-archive-keyring.gpg
+```
+
+```
+echo "deb [signed-by=/etc/apt/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
+```
+
+```
+sudo apt-get update && sudo apt-get install syncthing
+```
+### Post Install
+Run syncthing as a system service.
+```
+sudo systemctl start syncthing@bunker-admin
+```
+
+```
+sudo systemctl enable syncthing@bunker-admin
+```
+## [Docker](https://www.docker.com/) 
+Docker helps developers build, share, run, and verify applications anywhere — without tedious environment configuration or management.
+
+> [!warning] Docker Desktop 
+> On Ubuntu or other linux based operating systems, it is recommend by The Bunker Admin to avoid using Docker Desktop. At this time, Docker Desktop is not reliable for use on Ubuntu. 
+> 
+> For a GUI experience in managing Docker, it is recommend to install the docker extension in VSCode. 
+
+```
+# Add Docker's official GPG key:
+sudo apt-get update
+sudo apt-get install ca-certificates curl
+sudo install -m 0755 -d /etc/apt/keyrings
+sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
+sudo chmod a+r /etc/apt/keyrings/docker.asc
+
+# Add the repository to Apt sources:
+echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
+  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
+  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+```
+
+```
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+```
+
+### Update Users
+```
+sudo groupadd docker
+```
+
+```
+sudo usermod -aG docker $USER
+```
+
+```
+newgrp docker
+```
+
+### Enable on Boot 
+```
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service
+```
+## [Cloudflared](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) 
+Connect, protect, and build everywhere. We make websites, apps, and networks faster and more secure. Our developer platform is the best place to build modern apps and deliver AI initiatives.
+
+```
+curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo gpg --dearmor -o /usr/share/keyrings/cloudflare-main.gpg
+```
+
+```
+echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg arch=amd64] https://pkg.cloudflare.com/cloudflared any main" | sudo tee /etc/apt/sources.list.d/cloudflared.list
+```
+
+```
+sudo apt-get update && sudo apt-get install cloudflared
+```
+### Post Install
+Login to Cloudflare
+```
+cloudflared login
+```
+### Configuration 
+- Setting up the [[service.cloudflared]] enables your cloudflared tunnel to automatically run on reboot 
+## [Pandoc](https://pandoc.org/)
+If you need to convert files from one markup format into another, pandoc is your swiss-army knife. 
+
+```
+sudo apt install pandoc
+```
+## [Openwebui](https://docs.openwebui.com/)
+**Open WebUI is an [extensible](https://docs.openwebui.com/features/plugin/), feature-rich, and user-friendly self-hosted AI platform designed to operate entirely offline.** It supports various LLM runners like **Ollama** and **OpenAI-compatible APIs**, with **built-in inference engine** for RAG, making it a **powerful AI deployment solution**.
+
+> [!info] Openwebui & Ollama
+> Recommended to install ollama and openwebui seperately.  Following next step in this guide for the Ollama set up, including the [[service.ollama]], should get you up and running. 
+
+> [!check]
+> The next command uses a cuda configuration. You may need to install the [nvidia toolkit](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/install-guide.html) to make this work on a ubuntu machine. 
+
+```
+docker run -d -p 3000:8080 --gpus all --add-host=host.docker.internal:host-gateway -v open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:cuda
+```
+## Ollama
+Get up and running with large language models. 
+
+```
+curl -fsSL https://ollama.com/install.sh | sh
+```
+
+See [[service.ollama]] for more information on set-up, including getting system online & a suite of models for local dev. 
+## Steam 
+Steam is a gaming platform 
+### Install from app center 
+![[scripts/sreenshots/Pasted image 20250429113523.png]]
+## [Immich](https://immich.app/)
+Self-hosted photo and video management solution. 
+
+> [!info] Dedicated Drive
+> Installing Immich on a dedicated drive with ample room for your photo is the recommend approach. Instead of trying to rebuild Immich on fresh installs, a persistent drive can be migrated across machines. 
+
+[Docker compose installation instructions](https://immich.app/docs/install/docker-compose)
+
+
+## [Plex](https://www.plex.tv/) 
+Meet your TV concierge.
+
+Visit plex download page and download appropriate image. On most Ubuntu machines this will be the 64bit version. 
+
+![[scripts/sreenshots/Pasted image 20250430132109.png]]
+
+Right click the downloaded .deb and run with software installer. 
+## Media Stack
+The media stack install is getting it's own manual at [[build.mediastack]].
+## [scrpy](https://github.com/Genymobile/scrcpy)
+Display and control your Android device. 
+
+```
+# for Debian/Ubuntu
+sudo apt install ffmpeg libsdl2-2.0-0 adb wget \ gcc git pkg-config meson ninja-build libsdl2-dev \ libavcodec-dev libavdevice-dev libavformat-dev libavutil-dev \ libswresample-dev libusb-1.0-0 libusb-1.0-0-dev
+```
+
+```
+git clone https://github.com/Genymobile/scrcpy
+cd scrcpy
+./install_release.sh
+```
+## [Portainer](https://www.portainer.io/)
+Portainer is a universal container management platform
+
+```
+docker volume create portainer_data
+```
+
+```
+docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:lts
+```
+## Signal 
+Speak Freely. Say "hello" to a different messaging experience. An unexpected focus on privacy, combined with all of the features you expect.
+~~Installation through the app center *requires flatpack to be installed*~~
+
+```
+wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg
+cat signal-desktop-keyring.gpg | sudo tee /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null
+```
+
+```
+echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' |\
+  sudo tee /etc/apt/sources.list.d/signal-xenial.list
+```
+
+```
+sudo apt update && sudo apt install signal-desktop
+```
+## [VLC ](https://www.videolan.org/)
+VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files as well as DVDs, Audio CDs, VCDs, and various streaming protocols.
+
+```
+sudo apt-get install vlc
+```

build.mediastack.md

@@ -0,0 +1,586 @@
+---
+author: The Bunker Admin
+date: 2025 04 29
+tags: [sript]
+---
+## build.mediastack
+
+This script is for getting the mediastack operating on the [[build.homelab]]. Also see: 
+
+- [[config.mediastack]] for configuration instructions
+
+> [!note] Repository
+> 
+> This entire stack is available as a repository for download. Contact admin@thebunkerops.ca for more information. 
+
+---
+
+I am going to use Docker Compose to do this full deployment. With some tweaking, should be able to get this whole system up and running in a single .yml that can be shared later. 
+## Plex 
+Plex is installed as a .deb. It can be downloaded from the [Plex website.](https://www.plex.tv/media-server-downloads/?cat=computer&plat=linux#plex-media-server)
+#### Plex also requires setup of drive permissions to access data on drives. See the [[config.drives.homelab#Plex Media Permissions]] for more info. 
+## Full Docker Compose 
+_*Individual services defined below_
+
+> [!info] Drive Setup
+> 
+> The `volumes` section of the entire docker compose do need to be updated to point to the necessary directories on the users system. 
+> 
+
+```
+---
+services:
+  qbittorrent:
+    image: lscr.io/linuxserver/qbittorrent:latest
+    container_name: qbittorrent
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+      - WEBUI_PORT=8082
+      - TORRENTING_PORT=6881
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/qbittorrent:/config
+      - /mnt/storage4tb/mediastack/media/downloads:/downloads
+    ports:
+      - 8082:8082
+      - 6881:6881
+      - 6881:6881/udp
+    restart: unless-stopped
+    networks:
+      - media
+
+  flaresolverr:
+    image: ghcr.io/flaresolverr/flaresolverr:latest
+    container_name: flaresolverr
+    environment:
+      - LOG_LEVEL=${LOG_LEVEL:-info}
+      - LOG_HTML=${LOG_HTML:-false}
+      - CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none}
+      - TZ=Europe/London
+    ports:
+      - "${PORT:-8191}:8191"
+    restart: unless-stopped
+    networks:
+      - media
+
+  prowlarr:
+    image: lscr.io/linuxserver/prowlarr:latest
+    container_name: prowlarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/prowlarr:/config
+    ports:
+      - 9696:9696
+    restart: unless-stopped
+    networks:
+      - media
+
+  radarr:
+    image: lscr.io/linuxserver/radarr:latest
+    container_name: radarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/radarr:/config
+      - /mnt/storage4tb/mediastack/media/movies:/movies
+      - /mnt/storage4tb/mediastack/media/downloads:/downloads
+    ports:
+      - 7878:7878
+    restart: unless-stopped
+    networks:
+      - media
+
+  overseerr:
+    image: lscr.io/linuxserver/overseerr:latest
+    container_name: overseerr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/overseerr:/config
+    ports:
+      - 5055:5055
+    restart: unless-stopped
+    networks:
+      - media
+
+  sonarr:
+    image: lscr.io/linuxserver/sonarr:latest
+    container_name: sonarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/sonarr:/config
+      - /mnt/storage4tb/mediastack/media/tv:/tv
+      - /mnt/storage4tb/mediastack/media/downloads:/downloads
+    ports:
+      - 8989:8989
+    restart: unless-stopped
+    networks:
+      - media
+
+
+  homepage:
+    image: ghcr.io/gethomepage/homepage:latest
+    container_name: homepage
+    ports:
+      - 3000:3000
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/homepage:/app/config
+      - /mnt/storage4tb/mediastack/configs/homepage/images:/app/public/images
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+      - HOMEPAGE_ALLOWED_HOSTS=*
+    restart: unless-stopped
+    networks:
+      - media
+
+
+  tautulli:
+    image: ghcr.io/tautulli/tautulli:latest
+    container_name: tautulli
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/tautulli:/config
+    ports:
+      - 8181:8181
+    restart: unless-stopped
+    networks:
+      - media
+
+  whisparr:
+    image: ghcr.io/hotio/whisparr:latest
+    container_name: whisparr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - UMASK=002
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/whisparr:/config
+      - /mnt/storage4tb/mediastack/media/other:/other
+      - /mnt/storage4tb/mediastack/media/downloads:/downloads
+    ports:
+      - 6969:6969
+    restart: unless-stopped
+    networks:
+      - media
+
+  bazarr:
+    image: lscr.io/linuxserver/bazarr:latest
+    container_name: bazarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/bazarr:/config
+      - /mnt/storage4tb/mediastack/media/movies:/movies
+      - /mnt/storage4tb/mediastack/media/tv:/tv
+    ports:
+      - 6767:6767
+    restart: unless-stopped
+    networks:
+      - media
+
+  decluttarr:
+    image: ghcr.io/manimatter/decluttarr:latest
+    container_name: decluttarr
+    restart: always
+    depends_on:
+      - radarr
+      - sonarr
+      - whisparr
+    networks:
+      - media
+    environment:
+      TZ: mnt/Canada/Edmonton
+      PUID: 1000
+      PGID: 1000
+
+      ## General
+      # TEST_RUN: True
+      # SSL_VERIFICATION: False
+      LOG_LEVEL: INFO
+
+      ## Features
+      REMOVE_TIMER: 10
+      REMOVE_FAILED: True
+      REMOVE_FAILED_IMPORTS: True
+      REMOVE_METADATA_MISSING: True
+      REMOVE_MISSING_FILES: True
+      REMOVE_ORPHANS: True
+      REMOVE_SLOW: True
+      REMOVE_STALLED: True
+      REMOVE_UNMONITORED: True
+      RUN_PERIODIC_RESCANS: '
+        {
+        "SONARR": {"MISSING": true, "CUTOFF_UNMET": true, "MAX_CONCURRENT_SCANS": 3, "MIN_DAYS_BEFORE_RESCAN": 7},
+        "RADARR": {"MISSING": true, "CUTOFF_UNMET": true, "MAX_CONCURRENT_SCANS": 3, "MIN_DAYS_BEFORE_RESCAN": 7}
+        }'
+
+      # Feature Settings
+      PERMITTED_ATTEMPTS: 3
+      NO_STALLED_REMOVAL_QBIT_TAG: Don't Kill
+      MIN_DOWNLOAD_SPEED: 100
+      FAILED_IMPORT_MESSAGE_PATTERNS: '
+        [
+        "Not a Custom Format upgrade for existing",
+        "Not an upgrade for existing"
+        ]'
+      IGNORED_DOWNLOAD_CLIENTS: '
+        [
+        ]'
+
+      ## Radarr
+      RADARR_URL: ${RADARR_URL:-http://radarr:7878}
+      RADARR_KEY: ${RADARR_API_KEY}
+
+      ## Sonarr
+      SONARR_URL: ${SONARR_URL:-http://sonarr:8989}
+      SONARR_KEY: ${SONARR_API_KEY}
+
+      ## Whisparr
+      WHISPARR_URL: ${WHISPARR_URL:-http://whisparr:6969}
+      WHISPARR_KEY: ${WHISPARR_API_KEY}
+
+      ## qBitorrent
+      QBITTORRENT_URL: ${QBITTORRENT_URL:-http://qbittorrent:8080}
+      QBITTORRENT_USERNAME: ${QBITTORRENT_USERNAME:-admin}
+      QBITTORRENT_PASSWORD: ${QBITTORRENT_PASSWORD:-adminadmin}
+
+
+networks:
+  media:
+    driver: bridge
+```
+
+## [Qbitorrent](https://hub.docker.com/r/linuxserver/qbittorrent)
+Getting started with Qbitorrent 
+
+```
+---
+services:
+  qbittorrent:
+    image: lscr.io/linuxserver/qbittorrent:latest
+    container_name: qbittorrent
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+      - WEBUI_PORT=8082
+      - TORRENTING_PORT=6881
+    volumes:
+      - /media/bunker-admin/archive/media/configs/qbittorrent:/config
+      - /media/bunker-admin/archive/media/downloads:/downloads
+    ports:
+      - 8082:8082
+      - 6881:6881
+      - 6881:6881/udp
+    restart: unless-stopped
+```
+
+## [Flaresoverr](https://github.com/FlareSolverr/FlareSolverr)
+Flaresoverr helps Prowlarr with cloudflare challenges. 
+
+```
+---
+services: 
+  flaresolverr:
+    # DockerHub mirror flaresolverr/flaresolverr:latest
+    image: ghcr.io/flaresolverr/flaresolverr:latest
+    container_name: flaresolverr
+    environment:
+      - LOG_LEVEL=${LOG_LEVEL:-info}
+      - LOG_HTML=${LOG_HTML:-false}
+      - CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none}
+      - TZ=Europe/London
+    ports:
+      - "${PORT:-8191}:8191"
+    restart: unless-stopped
+```
+## [Prowlarr](https://hub.docker.com/r/linuxserver/prowlarr)
+Handles the indexers (torrent backend). 
+
+```
+---
+services: 
+  prowlarr:
+    image: lscr.io/linuxserver/prowlarr:latest
+    container_name: prowlarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /media/bunker-admin/archive/media/configs/prowlarr:/config
+    ports:
+      - 9696:9696
+    restart: unless-stopped
+```
+## [Radarr](https://hub.docker.com/r/linuxserver/radarr)
+Requests and handles media files for movies. 
+
+```
+---
+services: 
+  radarr:
+    image: lscr.io/linuxserver/radarr:latest
+    container_name: radarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /media/bunker-admin/archive/media/configs/radarr:/config
+      - /media/bunker-admin/archive/media/movies:/movies
+      - /media/bunker-admin/archive/media/downloads:/downloads
+    ports:
+      - 7878:7878
+    restart: unless-stopped
+```
+## [Overseerr](https://hub.docker.com/r/linuxserver/overseerr)
+Web-based user interface for requesting and managing media.
+
+```yaml
+---
+services:
+  overseerr:
+    image: lscr.io/linuxserver/overseerr:latest
+    container_name: overseerr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/overseerr:/config
+    ports:
+      - 5055:5055
+    restart: unless-stopped
+    networks:
+      - media
+```
+## [Sonarr](https://hub.docker.com/r/linuxserver/sonarr)
+Requests and handles media files for TV shows.
+
+```yaml
+---
+services:
+  sonarr:
+    image: lscr.io/linuxserver/sonarr:latest
+    container_name: sonarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/sonarr:/config
+      - /mnt/storage4tb/mediastack/media/tv:/tv
+      - /mnt/storage4tb/mediastack/media/downloads:/downloads
+    ports:
+      - 8989:8989
+    restart: unless-stopped
+    networks:
+      - media
+```
+
+## [Homepage](https://github.com/gethomepage/homepage)
+A modern dashboard for all your services and monitoring.
+
+```yaml
+---
+services:
+  homepage:
+    image: ghcr.io/gethomepage/homepage:latest
+    container_name: homepage
+    ports:
+      - 3000:3000
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/homepage:/app/config
+      - /mnt/storage4tb/mediastack/configs/homepage/images:/app/public/images
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+      - HOMEPAGE_ALLOWED_HOSTS=*
+    restart: unless-stopped
+    networks:
+      - media
+```
+
+## [Tautulli](https://github.com/Tautulli/Tautulli)
+Monitors and tracks Plex Media Server usage statistics.
+
+```yaml
+---
+services:
+  tautulli:
+    image: ghcr.io/tautulli/tautulli:latest
+    container_name: tautulli
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/tautulli:/config
+    ports:
+      - 8181:8181
+    restart: unless-stopped
+    networks:
+      - media
+```
+
+## [Whisparr](https://github.com/whisparr/whisparr)
+Manages adult content media files.
+
+```yaml
+---
+services:
+  whisparr:
+    image: ghcr.io/hotio/whisparr:latest
+    container_name: whisparr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - UMASK=002
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/whisparr:/config
+      - /mnt/storage4tb/mediastack/media/other:/other
+      - /mnt/storage4tb/mediastack/media/downloads:/downloads
+    ports:
+      - 6969:6969
+    restart: unless-stopped
+    networks:
+      - media
+```
+
+## [Bazarr](https://hub.docker.com/r/linuxserver/bazarr)
+Manages and downloads subtitles for media files.
+
+```yaml
+---
+services:
+  bazarr:
+    image: lscr.io/linuxserver/bazarr:latest
+    container_name: bazarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - /mnt/storage4tb/mediastack/configs/bazarr:/config
+      - /mnt/storage4tb/mediastack/media/movies:/movies
+      - /mnt/storage4tb/mediastack/media/tv:/tv
+    ports:
+      - 6767:6767
+    restart: unless-stopped
+    networks:
+      - media
+```
+
+## [Decluttarr](https://github.com/manimatter/decluttarr)
+Manages and cleans up download clients and *arr applications.
+
+```yaml
+---
+services:
+  decluttarr:
+    image: ghcr.io/manimatter/decluttarr:latest
+    container_name: decluttarr
+    restart: always
+    depends_on:
+      - radarr
+      - sonarr
+      - whisparr
+    networks:
+      - media
+    environment:
+      TZ: mnt/Canada/Edmonton
+      PUID: 1000
+      PGID: 1000
+
+      ## General
+      # TEST_RUN: True
+      # SSL_VERIFICATION: False
+      LOG_LEVEL: INFO
+
+      ## Features
+      REMOVE_TIMER: 10
+      REMOVE_FAILED: True
+      REMOVE_FAILED_IMPORTS: True
+      REMOVE_METADATA_MISSING: True
+      REMOVE_MISSING_FILES: True
+      REMOVE_ORPHANS: True
+      REMOVE_SLOW: True
+      REMOVE_STALLED: True
+      REMOVE_UNMONITORED: True
+      RUN_PERIODIC_RESCANS: '
+        {
+        "SONARR": {"MISSING": true, "CUTOFF_UNMET": true, "MAX_CONCURRENT_SCANS": 3, "MIN_DAYS_BEFORE_RESCAN": 7},
+        "RADARR": {"MISSING": true, "CUTOFF_UNMET": true, "MAX_CONCURRENT_SCANS": 3, "MIN_DAYS_BEFORE_RESCAN": 7}
+        }'
+
+      # Feature Settings
+      PERMITTED_ATTEMPTS: 3
+      NO_STALLED_REMOVAL_QBIT_TAG: Don't Kill
+      MIN_DOWNLOAD_SPEED: 100
+      FAILED_IMPORT_MESSAGE_PATTERNS: '
+        [
+        "Not a Custom Format upgrade for existing",
+        "Not an upgrade for existing"
+        ]'
+      IGNORED_DOWNLOAD_CLIENTS: '
+        [
+        ]'
+
+      ## Radarr
+      RADARR_URL: ${RADARR_URL:-http://radarr:7878}
+      RADARR_KEY: ${RADARR_API_KEY}
+
+      ## Sonarr
+      SONARR_URL: ${SONARR_URL:-http://sonarr:8989}
+      SONARR_KEY: ${SONARR_API_KEY}
+
+      ## Whisparr
+      WHISPARR_URL: ${WHISPARR_URL:-http://whisparr:6969}
+      WHISPARR_KEY: ${WHISPARR_API_KEY}
+
+      ## qBitorrent
+      QBITTORRENT_URL: ${QBITTORRENT_URL:-http://qbittorrent:8080}
+      QBITTORRENT_USERNAME: ${QBITTORRENT_USERNAME:-admin}
+      QBITTORRENT_PASSWORD: ${QBITTORRENT_PASSWORD:-adminadmin}
+```
+
+## Network Configuration
+The Docker Compose file creates a dedicated bridge network for all media services to communicate with each other.
+
+```yaml
+networks:
+  media:
+    driver: bridge
+```
+
+## Setup Notes
+
+1. Before running the Docker Compose file, ensure all necessary directories exist.
+2. You'll need to set environment variables or update the Docker Compose file with API keys for services.
+3. For Plex, which is installed as a .deb rather than as a container, ensure proper drive permissions as mentioned in the configuration notes.
+4. Adjust all volume paths to match your system's directory structure.
+5. Consider security implications when exposing ports to the internet.

build.mobilelab.md

@@ -0,0 +1,71 @@
+---
+tags:
+  - script
+date: 2025-04-28
+author: The Bunker Admin
+---
+## Ubuntu
+Install Ubuntu
+
+Update All Apps 
+- Visit app stores and run upgrades 
+
+Sign into Firefox 
+Change Firefox Search
+## Update
+```
+sudo apt-get update && upgrade
+```
+
+```
+sudo snap refresh 
+```
+## Obsidian
+```
+snap install obsidian --classic
+```
+## Curl
+```
+sudo apt install curl
+```
+## Syncthing
+```
+# Add the release PGP keys:
+sudo mkdir -p /etc/apt/keyrings
+sudo curl -L -o /etc/apt/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg
+```
+
+```
+# Add the "stable" channel to your APT sources:
+echo "deb [signed-by=/etc/apt/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
+```
+
+```
+# Update and install syncthing:
+sudo apt-get update
+sudo apt-get install syncthing
+```
+## Signal
+```
+# NOTE: These instructions only work for 64-bit Debian-based
+# Linux distributions such as Ubuntu, Mint etc.
+
+# 1. Install our official public software signing key:
+wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg
+cat signal-desktop-keyring.gpg | sudo tee /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null
+
+# 2. Add our repository to your list of repositories:
+echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' |\
+  sudo tee /etc/apt/sources.list.d/signal-xenial.list
+
+# 3. Update your package database and install Signal:
+sudo apt update && sudo apt install signal-desktop
+```
+## VS Code Insiders
+```
+sudo snap install code-insiders --classic
+```
+## VLC 
+```
+sudo snap install vlc 
+```

build.server.md

@@ -0,0 +1,152 @@
+---
+date: 2025-04-28
+tags:
+  - script
+author: The Bunker Admin
+---
+## build.server
+
+Purpose:  a Ubuntu server build-out for general application 
+
+---
+
+
+This documentation is a overview of the full Public Interest Alberta Server Build Out. It is a manual to re-install this server on any machine. 
+
+All of the following systems are free and the majority are open source. 
+## [Ubuntu](https://ubuntu.com/) OS
+_Ubuntu_ is a Linux distribution derived from Debian and composed mostly of free and open-source software.
+### [Install Ubuntu](https://ubuntu.com/tutorials/install-ubuntu-desktop#1-overview)
+### Post Install 
+Post installation, run update: 
+```
+sudo apt update
+```
+
+```
+sudo apt upgrade
+```
+### Configuration
+Further configurations: 
+- User profile was updated to Automatically Login 
+- Remote Desktop, Sharing, and Login have all been enabled. 
+- Default system settings have been set to dark mode. 
+
+## [VSCode Insiders](https://code.visualstudio.com/insiders/) 
+Visual Studio Code is a new choice of tool that combines the simplicity of a code editor with what developers need for the core edit-build-debug cycle.
+### Install Using App Centre
+
+## [Obsidian](https://obsidian.md/)
+The free and flexible app for your private thoughts.
+### Install Using App Center
+
+## [Curl](https://curl.se/) 
+command line tool and library for transferring data with URLs (since 1998)
+### Install
+```
+sudo apt install curl 
+```
+## [Glances](https://github.com/nicolargo/glances) 
+ Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems.
+### Install
+```
+sudo snap install glances 
+```
+## [Syncthing](https://syncthing.net/)
+Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose where it is stored, whether it is shared with some third party, and how it’s transmitted over the internet.
+### Install
+```
+# Add the release PGP keys:
+sudo mkdir -p /etc/apt/keyrings
+sudo curl -L -o /etc/apt/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg
+```
+
+```
+# Add the "stable" channel to your APT sources:
+echo "deb [signed-by=/etc/apt/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
+```
+
+```
+# Update and install syncthing:
+sudo apt-get update
+sudo apt-get install syncthing
+```
+### Post Install
+Run syncthing as a system service.
+```
+sudo systemctl start syncthing@yourusername
+```
+
+```
+sudo systemctl enable syncthing@yourusername
+```
+## [Docker](https://www.docker.com/) 
+Docker helps developers build, share, run, and verify applications anywhere — without tedious environment configuration or management.
+```
+# Add Docker's official GPG key:
+sudo apt-get update
+sudo apt-get install ca-certificates curl
+sudo install -m 0755 -d /etc/apt/keyrings
+sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
+sudo chmod a+r /etc/apt/keyrings/docker.asc
+
+# Add the repository to Apt sources:
+echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
+  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
+  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+```
+
+```
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+```
+
+### Update Users
+```
+sudo groupadd docker
+```
+
+```
+sudo usermod -aG docker $USER
+```
+
+```
+newgrp docker
+```
+
+### Enable on Boot 
+```
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service
+```
+## [Cloudflared](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) 
+Connect, protect, and build everywhere. We make websites, apps, and networks faster and more secure. Our developer platform is the best place to build modern apps and deliver AI initiatives.
+
+```
+sudo mkdir -p --mode=0755 /usr/share/keyrings
+curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null
+```
+
+```
+echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared any main" | sudo tee /etc/apt/sources.list.d/cloudflared.list
+```
+
+```
+sudo apt-get update && sudo apt-get install cloudflared
+```
+### Post Install
+Login to Cloudflare
+```
+cloudflared login
+```
+### Configuration 
+- Setting up the [[service.cloudflared]] enables your cloudflared tunnel to automatically run on reboot 
+## [Pandoc](https://pandoc.org/)
+If you need to convert files from one markup format into another, pandoc is your swiss-army knife. 
+
+```
+sudo apt install pandoc
+```
+## [Changemaker (V3.9.9.1)](https://changemaker.bnkops.com)
+

config.cloudflare.homelab.md

@@ -0,0 +1,77 @@
+---
+author: The Bunker Admin
+date: 2025 05 02
+tags: [sript]
+---
+## config.cloudflare.homelab
+
+This config will show you how to set up a single dedicated Cloudflare for your Ubuntu machine. 
+
+See [[scripts/build.homelab|build.homelab]] for installation instructions
+See [[service.cloudflared]] for starting as system service 
+
+---
+### Create Tunnel 
+Create your named tunnel: 
+
+**Remember to replace tunnel name**
+
+```
+cloudflared tunnel create [tunnel-name]
+```
+
+This will output something like the following: 
+
+`Tunnel credentials written to /home/bunker-admin/.cloudflared/bb8951df-9d45-4a3b-a283-15a5ef7e7620.json. cloudflared chose this file based on where your origin certificate was found. Keep this file secret. To revoke these credentials, delete the tunnel.`
+
+`Created tunnel config-bnkhome with id bb8951df-9d45-4a3b-a283-15a5ef7e7620`
+
+You want to keep this information and note the id. 
+### Create Config File 
+
+```
+nano ~/.cloudflared/config-[tunnel-name].yml
+```
+### Add Your Config 
+**Remember to replace the two tunnel id numbers with your tunnel id number**
+
+```
+tunnel: [insert tunnel id number]
+credentials-file: /home/bunker-admin/.cloudflared/[insert tunnel id number].json
+ingress:
+  - hostname: qbittorrent.bnkhome.org
+    service: http://localhost:8082
+  - hostname: flaresolverr.bnkhome.org
+    service: http://localhost:8191
+  - hostname: prowlarr.bnkhome.org
+    service: http://localhost:9696
+  - hostname: radarr.bnkhome.org
+    service: http://localhost:7878
+  - hostname: overseerr.bnkhome.org
+    service: http://localhost:5055
+  - hostname: sonarr.bnkhome.org
+    service: http://localhost:8989
+  - hostname: homepage.bnkhome.org
+    service: http://localhost:3000
+  - hostname: tautulli.bnkhome.org
+    service: http://localhost:8181
+  - hostname: whisparr.bnkhome.org
+    service: http://localhost:6969
+  - hostname: glances.bnkhome.org
+    service: http://localhost:61208
+  - hostname: daisy.bnkhome.org
+    service: http://localhost:8080
+  - hostname: gitea.bnkhome.org
+    service: http://localhost:3001
+  - hostname: bazarr.bnkhome.org
+    service: http://localhost:6767
+  - service: http_status:404
+```
+
+### Test Tunnel 
+**Remember to update the tunnel-name**
+
+```
+cloudflared tunnel --config ~/.cloudflared/confi-[tunnel-name].yml run
+```
+

config.drives.homelab.md

@@ -0,0 +1,282 @@
+
+This guide will walk you through the process of setting up your drives to automatically mount when your Ubuntu system boots up.
+
+>[!note] Use a LLM
+>Drive set up is something that can be easily walked through and automated with the help of a LLM. We used Claude 3.7 Sonnet to set our drives and write this manual. 
+
+In the following are system specific instructions for the bnk homelab and generic instructions for any other system. 
+## Generic Instructions 
+
+- An Ubuntu system (this guide uses Ubuntu 24.04)
+- Administrator (sudo) privileges
+- Basic terminal knowledge
+- The drives you want to mount
+### Step 1: Identify Your Drives
+First, you need to identify the drives you want to mount. There are two ways to do this:
+#### Option A: Use the GUI Disk Utility (Easiest for Beginners)
+
+1. Open the "Disks" application from your applications menu
+2. Click on each disk on the left sidebar to view its details
+3. Note down the following information for each drive:
+    - Device path (e.g., `/dev/sda`, `/dev/nvme0n1`)
+    - UUID (a long string like `96ebca52-2696-4e79-bbf9-69a596f3be2d`)
+    - File system type (usually ext4, ntfs, or fat32)
+#### Option B: Use Terminal Commands
+If you prefer using the terminal:
+
+```bash
+# List all block devices
+sudo lsblk -f
+
+# Get more detailed information
+sudo blkid
+```
+
+Write down the UUID, device name, and filesystem type for each drive you want to mount.
+### Step 2: Create Mount Points
+Mount points are directories where your drives will be accessible. You need to create these directories:
+
+```bash
+# Create mount points (adjust names as desired)
+sudo mkdir -p /mnt/drive1 /mnt/drive2 /mnt/drive3
+```
+
+Choose meaningful names for your mount points that help you remember what's on each drive.
+### Step 3: Backup Your Current fstab File
+The `/etc/fstab` file controls how drives are mounted at boot. Always backup this file before editing:
+
+```bash
+sudo cp /etc/fstab /etc/fstab.backup
+```
+### Step 4: Edit the fstab File
+Now you'll add entries for your drives:
+
+```bash
+sudo nano /etc/fstab
+```
+
+Add a line for each drive using this format:
+```
+UUID=your-drive-uuid /mnt/your-mount-point filesystem-type mount-options 0 2
+```
+
+Example:
+```
+# 2TB Storage Drive
+UUID=1c51b55f-c89a-417e-bcc3-eb5f29caa92c /mnt/storage2tb ext4 defaults 0 2
+```
+
+Here's what each field means:
+
+- **UUID**: The unique identifier for your drive
+- **Mount point**: The directory where you want to access the drive
+- **Filesystem type**: Usually ext4 for Linux drives, ntfs for Windows drives
+- **Mount options**: "defaults" works for most situations
+- **Dump**: Set to 0 (backup utility flag, rarely used)
+- **Pass**: Set to 2 for non-system drives (controls fsck order)
+
+For external drives that may not always be connected, add `nofail` to the options:
+```
+UUID=abcd1234-5678-90ef /mnt/external ext4 defaults,nofail 0 2
+```
+
+Save the file by pressing Ctrl+O, then Enter, then exit with Ctrl+X.
+### Step 5: Test Your Configuration
+Test that your configuration works without rebooting:
+
+```bash
+# Reload systemd to recognize the new fstab entries
+sudo systemctl daemon-reload
+
+# Try mounting all entries in fstab
+sudo mount -a
+```
+
+If there are no error messages, your configuration is correct.
+### Step 6: Verify the Drives are Mounted
+Check that your drives are properly mounted:
+
+```bash
+df -h
+```
+
+You should see all your drives listed with their mount points.
+### Step 7: Set Appropriate Permissions (Optional)
+
+If you want to make the drives writable for your user:
+```bash
+# Replace username with your username and /mnt/drivename with your mount point
+sudo chown -R username:username /mnt/drivename
+```
+### Troubleshooting
+#### Drive Not Mounting
+If a drive doesn't mount with `mount -a`:
+
+1. Check for syntax errors in fstab:
+    
+    ```bash
+    sudo cat /etc/fstab
+    ```
+    
+2. Verify the UUID is correct:
+    
+    ```bash
+    sudo blkid
+    ```
+    
+3. Verify the filesystem type:
+    
+    ```bash
+    sudo lsblk -f
+    ```
+    
+#### Restore Backup If Needed
+If you've made a mistake and can't boot properly:
+
+1. Boot into recovery mode (hold Shift during boot)
+2. Mount the filesystem as read-write:
+    
+    ```bash
+    mount -o remount,rw /
+    ```
+    
+3. Restore your backup:
+    
+    ```bash
+    cp /etc/fstab.backup /etc/fstab
+    ```
+    
+### Common Mount Options
+
+- **defaults**: Standard options (rw, suid, dev, exec, auto, nouser, async)
+- **noauto**: Don't mount at boot (must be mounted manually)
+- **nofail**: Don't report errors if the device doesn't exist
+- **ro**: Mount read-only
+- **rw**: Mount read-write
+- **user**: Allow non-root users to mount
+- **exec/noexec**: Allow/prevent execution of binaries on the filesystem
+
+### Example fstab File
+
+```
+# /etc/fstab
+# <file system>                             <mount point>        <type>  <options>        <dump>  <pass>
+UUID=96ebca52-2696-4e79-bbf9-69a596f3be2d   /mnt/samsung500      ext4    defaults         0       2
+UUID=1c51b55f-c89a-417e-bcc3-eb5f29caa92c   /mnt/storage2tb      ext4    defaults         0       2
+UUID=510f0afc-1dae-4da5-969e-2b9f31c72498   /mnt/storage4tb      ext4    defaults         0       2
+UUID=ABCD-EF12                              /mnt/usb-drive       vfat    defaults,nofail  0       2
+```
+### Congratulations!
+Your drives are now set up to mount automatically every time you boot your Ubuntu system. You can access your files through the mount points you created.
+## System Specific Configuration
+
+This is a step-by-step summary of the exact process we followed to configure automatic mounting for the four drives on this specific Ubuntu 24.04 system:
+
+### Drive Details
+
+- 500GB Samsung SSD 970 EVO Plus (`/dev/nvme0n1p1`, UUID: `96ebca52-2696-4e79-bbf9-69a596f3be2d`)
+- 2.0TB Seagate Hard Disk (`/dev/sda1`, UUID: `1c51b55f-c89a-417e-bcc3-eb5f29caa92c`)
+- 4.0TB Seagate Hard Disk (`/dev/sdb1`, UUID: `510f0afc-1dae-4da5-969e-2b9f31c72498`)
+
+
+### Step-by-Step Instructions
+
+1. **Backup the fstab file**
+
+```       
+sudo cp /etc/fstab /etc/fstab.backup
+```
+
+2. **Edit the fstab file**
+
+```
+sudo nano /etc/fstab
+```
+
+3. **Add the following lines to the end of the file**
+
+```
+# 500GB Samsung SSD
+UUID=96ebca52-2696-4e79-bbf9-69a596f3be2d /mnt/samsung500 ext4 defaults 0 2
+ 
+# 2.0TB Hard Drive
+UUID=1c51b55f-c89a-417e-bcc3-eb5f29caa92c /mnt/storage2tb ext4 defaults 0 2
+
+# 4.0TB Hard Drive
+UUID=510f0afc-1dae-4da5-969e-2b9f31c72498 /mnt/storage4tb ext4 defaults 0 2
+```
+
+4. **Create the mount point directories**
+
+```
+sudo mkdir -p /mnt/samsung500 /mnt/storage2tb /mnt/storage4tb
+```
+
+5. **Reload systemd configuration to recognize the changes**    
+
+```    
+systemctl daemon-reload
+```    
+
+6. **Mount all drives according to fstab**
+
+```
+sudo mount -a
+```
+
+7. **Verify that all drives are properly mounted**
+
+```
+df -h
+```
+
+
+### Confirmation
+
+The successful output from `df -h` showed:
+
+```
+/dev/nvme0n1p1                                    458G   28K  435G   1% /mnt/samsung500
+/dev/sda1                                         1.8T  533G  1.2T  31% /mnt/storage2tb
+/dev/sdb1                                         3.6T  2.6M  3.4T   1% /mnt/storage4tb
+```
+
+This confirms that all three drives are mounted correctly with the expected space available.
+
+### What This Accomplishes
+
+- All three drives will now automatically mount at the same locations when the system boots
+- The drives are mounted with standard read/write permissions
+- The system will check these filesystems for errors during boot (but after the root filesystem)
+
+### If You Need to Make Changes Later
+
+To modify mount points or options:
+
+1. Edit the fstab file again: `sudo nano /etc/fstab`
+2. Make your changes
+3. Run `sudo systemctl daemon-reload`
+4. Test with `sudo mount -a`
+
+### Recovery Option
+
+If anything goes wrong and the system won't boot properly after these changes:
+
+1. Boot into recovery mode (hold Shift during boot)
+2. Restore the backup: `cp /etc/fstab.backup /etc/fstab`
+3. Reboot normally
+
+### Plex Media Permissions 
+For fresh installs, we need to set permissions for drives for plex: 
+
+```
+# Make the storage4tb directory accessible to the bunker-admin group
+sudo chmod 770 /mnt/storage4tb
+
+# Restart Plex service
+sudo systemctl restart plexmediaserver
+
+# Test access again
+sudo -u plex ls -la /mnt/storage4tb/mediastack/media
+```
+

config.gittea.md

@@ -0,0 +1,13 @@
+---
+author: The Bunker Admin
+date: 2025 05 04
+tags: [sript]
+---
+## config.gittea
+
+This file is for the configuration of gitea. 
+See [[build.gittea]] for more information on installation
+
+---
+## SMTP 
+bnkops uses Proton Mail and their [smtp](https://proton.me/support/smtp-submission) services. 

config.glances.md

@@ -0,0 +1,178 @@
+## Overview
+
+This guide explains how to configure [Glances](https://nicolargo.github.io/glances/) to run automatically on system startup in web server mode on Ubuntu systems. Glances is a cross-platform system monitoring tool that provides a wealth of information about your system resources.
+
+## Prerequisites
+
+- Ubuntu 24.04 or similar
+- Glances installed via pipx
+- Administrative (sudo) access
+
+## Installation (If Not Already Done)
+
+If you haven't already installed Glances:
+
+```bash
+# Install pipx if needed
+sudo apt update
+sudo apt install pipx
+pipx ensurepath
+
+# Install Glances
+pipx install glances
+```
+
+## Creating a Systemd Service
+
+To make Glances start automatically on boot, you need to create a systemd service file.
+
+### Step 1: Create the Service File
+
+```
+sudo nano /etc/systemd/system/glances.service
+```
+
+### Step 2: Add the Configuration
+
+Add the following content to the file:
+
+> [!IMPORTANT] Replace `YOUR_USERNAME` with your actual username. The path must point to where Glances is installed by pipx.
+
+```
+[Unit]
+Description=Glances in web server mode
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/home/YOUR_USERNAME/.local/bin/glances -w
+Restart=on-failure
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target
+```
+### Step 3: Enable and Start the Service
+
+After creating and saving the service file, enable and start it:
+
+```
+sudo systemctl daemon-reload
+sudo systemctl enable glances.service
+sudo systemctl start glances.service
+```
+
+### Step 4: Verify the Service Status
+
+Check that the service is running correctly:
+
+```
+sudo systemctl status glances.service
+```
+
+You should see `Active: active (running)` if everything is working properly.
+
+## Troubleshooting
+
+### Common Issues
+
+#### Error 217/USER
+
+If you see an error like:
+
+```
+Active: activating (auto-restart) (Result: exit-code)
+Process: XXXX ExecStart=/home/username/.local/bin/glances -w (code=exited, status=217/USER)
+```
+
+This indicates an issue with the User directive. The solution is to remove the User line from the service configuration.
+
+#### Service Won't Start
+
+Check the detailed logs to identify the issue:
+
+```bash
+journalctl -u glances.service
+```
+
+#### Wrong Path to Glances
+
+If you installed Glances in a different location, update the path in the ExecStart line accordingly.
+
+## Accessing Glances Web Interface
+
+Once the service is running, you can access the Glances web interface by opening a browser and navigating to:
+
+```
+http://localhost:61208
+```
+
+Or replace `localhost` with your server's IP address to access it from other devices on your network:
+
+```
+http://YOUR_SERVER_IP:61208
+```
+
+## Advanced Configuration
+
+### Custom Port
+
+To run Glances on a different port, modify the ExecStart line in the service file:
+
+```
+ExecStart=/home/YOUR_USERNAME/.local/bin/glances -w --port 8080
+```
+
+### Additional Arguments
+
+You can add any valid Glances command-line arguments to the ExecStart line:
+
+```
+ExecStart=/home/YOUR_USERNAME/.local/bin/glances -w --disable-plugin docker --time 2
+```
+
+Common arguments:
+
+- `--time 2`: Update frequency in seconds
+- `--disable-plugin NAME`: Disable a specific plugin
+- `--disable-webui`: Disable the web UI but keep the web server
+
+## Maintenance
+
+### Stopping the Service
+
+```bash
+sudo systemctl stop glances.service
+```
+
+### Disabling the Service
+
+To prevent Glances from starting on boot:
+
+```bash
+sudo systemctl disable glances.service
+```
+
+### Viewing Logs
+
+```bash
+journalctl -u glances.service
+```
+
+### Restarting After Configuration Changes
+
+After modifying the service file:
+
+```bash
+sudo systemctl daemon-reload
+sudo systemctl restart glances.service
+```
+
+## References
+
+- [Glances Official Documentation](https://glances.readthedocs.io/en/latest/)
+- [Systemd Service Documentation](https://www.freedesktop.org/software/systemd/man/systemd.service.html)
+
+---
+
+_Last updated: May 1, 2025_

config.homelab.md

@@ -0,0 +1,25 @@
+---
+author: The Bunker Admin
+date: 2025 04 29
+tags: [sript]
+---
+## config.homelab
+
+This section is for several odds and ends in the [[build.homelab]] that are other configs that I set up on installation. 
+
+
+---
+## [[config.drives.homelab]]
+Upon startup, should configure drives 
+## Firefox 
+Several config updates to get Firefox up and running. 
+
+- Change the default search to duckduckgo 
+- Sign into Firefox account
+- Sign into NordPass
+## Glances 
+Setting up a glances system service is needed to get the [[build.mediastack]] working super well. 
+
+[[config.glances]]
+
+

config.mediastack.md

@@ -0,0 +1,82 @@
+---
+author: The Bunker Admin
+date: 2025 04 29
+tags: [sript]
+---
+## config.mediastack
+
+Documenting all the things I need to config for the [[scripts/build.mediastack|build.mediastack]]
+
+---
+
+## Named Services 
+With this docker compose setup, all the docker containers are in one network, and they are referenced as named containers. So when we are setting up application connections, we need to use the named application and the port. 
+
+| Service     | Named Port              | Local Port            |
+| ----------- | ----------------------- | --------------------- |
+| radarr      | http://radarr:7878      | http://localhost:7878 |
+| sonarr      | http://sonarr:8989      | http://localhost:8989 |
+| qbittorrent | http://qbittorrent:8082 | http://localhost:8082 |
+| prowlarr    | http://prowlarr:9696    | http://localhost:9696 |
+| whisparr    | http://whispar:6969     | http://localhost:6969 |
+
+## Qbitorrent
+
+### VPN Setup
+bnkops uses norvpn and we followed their guide for getting the vpn setup for qbittorrent: [[../archive/NordVPN proxy setup for qBittorrent|NordVPN proxy setup for qBittorrent]]
+
+![[scripts/sreenshots/Pasted image 20250429152514.png]]
+##  Flaresoverr
+We need to configure Falresoverr for some indexers to work in Prowlarr 
+
+Navigate to `Settings - Indexers` and add Flaresolverr: 
+
+![[scripts/sreenshots/Pasted image 20250430172528.png]]
+
+![[scripts/sreenshots/Pasted image 20250430172618.png]]
+
+## Prowlarr 
+### Apps
+We need to add the sonarr and radarr apps. 
+
+1. Click through to `Settings - Apps`
+
+You should land on a page that looks like this, however, with no apps yet configured: 
+
+![[scripts/sreenshots/Pasted image 20250429170049.png]]
+
+From here we want to update the server settings with the addresses from above: 
+
+![[scripts/sreenshots/Pasted image 20250429170202.png]]
+
+You can find your API key for sonarr and radarr in the `Settings - General` section. 
+
+![[scripts/sreenshots/Pasted image 20250429170413.png]]
+
+### Adding Indexers
+Navigate to add indexers and for free english media torrents use the public listings. 
+
+![[scripts/sreenshots/Pasted image 20250430171845.png]]
+
+Any indexer that says it requires a cloudflare pass, add the tag `flare` to deploy Flaresolverr 
+
+![[scripts/sreenshots/Pasted image 20250430175512.png]]
+## Radarr & Sonarr 
+
+### First Sign IN 
+
+### Root Folder 
+We need to add the root folder in the UI of both services
+
+1. Click through to `Settings - Media Management` and scroll to bottom of page
+
+Click "Add Root Folder" and add the media directory you want Radarr to store your movies. 
+
+If using the [[build.mediastack]] we are also going to have to map remote paths, as the docker containers think they are on different systems. You do this by going to `Settings - Download Clients` and setting the remote path on the download container: 
+
+![[scripts/sreenshots/Pasted image 20250430091558.png]]
+### Download Clients 
+
+
+
+

config.openwebui.md

@@ -0,0 +1,22 @@
+---
+author: The Bunker Admin
+date: 2025 04 29
+tags: [sript]
+---
+## config.openwebui
+This config information is for setting up openwebui after installation.  
+
+---
+
+## Connecting to Ollama
+If you followed install instructions in the [[build.homelab]] and [[service.ollama]] then in Openwebui you will need to make a few changes to access models. 
+
+### Update Ollama API Connection Point
+You will need to update your Ollama connection point in the `Admin Settings - Connections`. 
+
+![[scripts/sreenshots/Pasted image 20250429125236.png]]
+
+Update `Manage Ollama API Connections - URL` to the following: 
+```
+http://127.0.0.1:11434
+```

config.plex.md

@@ -0,0 +1,30 @@
+---
+author: The Bunker Admin
+date: 2025 04 30
+tags: [sript]
+---
+## config.plex
+
+This file is the settings that need to be configured in plex after start up. 
+
+---
+
+### DNLA 
+Update the DNLA settings to enabled under `Settings - DLNA`
+
+![[scripts/sreenshots/Pasted image 20250430132723.png]]
+### Scanning 
+Update the scanning prefrences to run automatically and periodically under `Settings - Library`
+
+![[scripts/sreenshots/Pasted image 20250430132925.png]]
+
+### Transcoder 
+Update the transcoder hardware to installed GPU under `Settings - Transcoder`
+
+![[scripts/sreenshots/Pasted image 20250430133046.png]]
+
+### Network 
+Update the number of remote streams per user in the `Settings - Network` 
+
+![[scripts/sreenshots/Pasted image 20250430133207.png]]
+

index.md

@@ -0,0 +1,21 @@
+---
+tags:
+  - script
+  - index
+author: The Bunker Admin
+date: 2025-04-28
+---
+## Scripts Index
+This folder is for scripts, code snippets, or automation tools.
+
+- Document what each script does.
+- Link scripts from your home page for quick access.
+## .homelab
+.homelab scripts are for The Bunker Admin's personal homelab. 
+
+> [!nav]- Navigation
+> 
+> [[build.homelab]]
+> [[startup.homelab]]
+## .mobilelab
+

service.cloudflared.md

@@ -0,0 +1,121 @@
+---
+tags:
+  - script
+author: The Bunker Admin
+date: 2025-04-29
+---
+
+
+## Overview
+This guide provides instructions for configuring a Cloudflare Tunnel as a systemd service on Ubuntu Linux. This ensures the tunnel automatically starts whenever the server boots up, providing continuous access to your services.
+## Prerequisites
+- Ubuntu Linux server (tested on Ubuntu 24.04)
+- Cloudflared installed
+- Existing Cloudflare Tunnel configuration file
+- Administrator (sudo) privileges
+
+## Ensure you have a Cloudflare Tunnel already created by following instructions at [[config.cloudflare.homelab]].
+
+## Step-by-Step Instructions
+### 1. Locate your cloudflared binary
+First, determine the exact path to your cloudflared executable:
+
+```
+which cloudflared
+```
+
+> [!note] Standard Output
+> 
+> ```
+> /usr/local/bin/cloudflared
+> ```
+
+Note the output (typically cloudflared).
+### 2. Create a systemd service file
+Create a new systemd service file to manage the Cloudflare Tunnel:
+
+```
+sudo nano /etc/systemd/system/cloudflared-tunnel.service
+```
+
+Add the following configuration to the file, replacing the placeholders with your specific values.
+
+Replace the following:
+- `YOUR_USERNAME`: The system user that should run the cloudflared service
+- `/path/to/cloudflared`: The full path to your cloudflared binary (from step 1)
+- `/path/to/your/config.yml`: The full path to your tunnel configuration file
+
+```
+[Unit]
+Description=Cloudflare Tunnel Service
+After=network.target
+
+[Service]
+User=YOUR_USERNAME
+ExecStart=[/path/to/cloudflared] tunnel --config [/path/to/your/config.yml] run
+Restart=always
+RestartSec=5
+StartLimitInterval=0
+
+[Install]
+WantedBy=multi-user.target
+```
+
+Save and close the file (Ctrl+O, Enter, Ctrl+X).
+### 3. Reload systemd configuration
+Reload the systemd manager configuration to recognize the new service:
+
+```
+sudo systemctl daemon-reload
+```
+### 4. Enable the service to start at boot
+Configure the service to start automatically at system boot:
+
+```
+sudo systemctl enable cloudflared-tunnel.service
+```
+### 5. Start the service
+Start the service immediately:
+
+```
+sudo systemctl start cloudflared-tunnel.service
+```
+### 6. Verify service status
+Check that the service is running correctly:
+
+```
+sudo systemctl status cloudflared-tunnel.service
+```
+## Verification
+After a system reboot, the Cloudflare Tunnel should start automatically. To confirm:
+
+1. Reboot the server:
+```
+sudo reboot
+```
+
+2. Once the server is back online, check the service status:
+```
+sudo systemctl status cloudflared-tunnel.service
+```
+
+3. Review the service logs if needed:
+   ```bash
+   sudo journalctl -u cloudflared-tunnel.service
+   ```
+## Troubleshooting
+- If the service fails to start, check the configuration file path is correct
+- Verify the user specified in the service file has permissions to run cloudflared
+- Ensure the cloudflared binary is correctly installed at the specified path
+- Check the log files for specific error messages:
+  ```bash
+  sudo journalctl -u cloudflared-tunnel.service -f
+  ```
+## Customizing the Service Name
+If you're running multiple tunnels, you may want to use more descriptive service names:
+
+```bash
+sudo nano /etc/systemd/system/cloudflared-TUNNEL_NAME.service
+```
+
+Replace `TUNNEL_NAME` with an identifier for your specific tunnel.

service.ollama.md

@@ -0,0 +1,83 @@
+---
+tags:
+  - script
+date: 2025-04-29
+author: The Bunker Admin
+---
+
+
+Setting up the Ollama service, including a few starter models, as follows: 
+
+---
+## Configure Ollama
+
+> [!warning] Ollama on Network
+> The following configuration will allow Ollama to be accessed on your local network. Exposing this endpoint can increase system exposure. 
+
+Create/edit the configuration file:
+```
+sudo mkdir -p /etc/ollama
+sudo nano /etc/ollama/config
+```
+
+Add the following content:
+```
+{
+  "host": "0.0.0.0"
+}
+```
+## Ollama System Service 
+```
+sudo nano /etc/systemd/system/ollama.service
+```
+
+> [!note]
+> 
+> For the following text, you can also just add the `Environment="OLLAMA_HOST=0.0.0.0"` itself and then your system should work fine. 
+
+```
+[Unit]
+Description=Ollama Service
+After=network-online.target
+
+[Service]
+ExecStart=/usr/local/bin/ollama serve
+User=ollama
+Group=ollama
+Restart=always
+RestartSec=3
+Environment="PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/snap/bin"
+Environment="OLLAMA_HOST=0.0.0.0"
+
+[Install]
+WantedBy=default.target
+```
+
+```
+sudo systemctl daemon-reload
+sudo systemctl enable ollama
+sudo systemctl start ollama
+```
+
+## Models 
+A series of models that all will run on the [[build.homelab]].
+
+```
+ollama pull gemma3:12b
+```
+
+```
+ollama pull qwen3
+```
+
+```
+ollama pull deepseek-r1
+```
+
+```
+ollama pull mistral-small3.1
+```
+
+```
+ollama pull llama3.2
+```

startup.homelab.md

@@ -0,0 +1,10 @@
+---
+tags:
+  - homelab
+  - script
+author: The Bunker Admin
+date: 2025-04-28
+---
+## startup.homelab
+
+The following commands are needed for having a smooth startup experience on this machine.