From d6ed9143d40fee6baa984a39dba1c40531c7d98b Mon Sep 17 00:00:00 2001
From: DoTheEvo <dotheevo@gmail.com>
Date: Sat, 21 Jan 2023 21:48:29 +0100
Subject: [PATCH] update

---
 esxi/readme.md               |  29 +++++++++
 gotify-ntfy-signal/readme.md | 111 +++++++++++++++++++++++++++++++++++
 kopia_backup/readme.md       |  97 ++++++++++++++++++++++++++++++
 meshcrentral/readme.md       |  69 +++++++++++++++++++++-
 4 files changed, 304 insertions(+), 2 deletions(-)
 create mode 100644 esxi/readme.md
 create mode 100644 gotify-ntfy-signal/readme.md
 create mode 100644 kopia_backup/readme.md

diff --git a/esxi/readme.md b/esxi/readme.md
new file mode 100644
index 0000000..427b04a
--- /dev/null
+++ b/esxi/readme.md
@@ -0,0 +1,29 @@
+# Esxi
+###### guide-by-example
+
+# Purpose
+
+Type 1 hypervisor hosting virtual machines, running straight on metal.
+
+# Files and directory structure
+
+https://www.dbappweb.com/2020/08/20/how-to-change-the-default-gateway-for-vmware-vsphere-esxi/
+
+* esxcfg-route
+* esxcfg-route 10.65.26.25
+
+https://blog.techygeekshome.info/2021/04/vmware-esxi-esxcli-commands-to-update-host-dns-servers/
+
+* esxcli network ip dns server add --server=8.8.8.8
+* esxcli network ip dns server remove --server=1.1.1.1
+* esxcli network ip dns server list
+
+# docker-compose
+
+# Config
+
+
+# Logging
+
+
+#### email 
diff --git a/gotify-ntfy-signal/readme.md b/gotify-ntfy-signal/readme.md
new file mode 100644
index 0000000..c750174
--- /dev/null
+++ b/gotify-ntfy-signal/readme.md
@@ -0,0 +1,111 @@
+# gotify ntfy signal 
+
+###### guide-by-example
+
+![logo](https://i.imgur.com/41WzW04.png)
+
+# Purpose & Overview
+
+Instant notifications if email feels old timey and crowded
+
+* [gotify](https://github.com/gotify/server)
+* [ntfy](https://github.com/binwiederhier/ntfy)
+* [bbernhard/signal-cli-rest-api ](https://github.com/bbernhard/signal-cli-rest-api)
+
+---
+
+# Overview
+
+* **gotify** - great for single person use, but the moment theres more people
+  they need to share single account and so lack the ability to choose
+  what to get and what not to get
+* **ntfy** - simple original approach to just subscribing to "topics" without
+  authentification, very simple one line push notification.
+  Drawback is rather high [battery consumption](https://i.imgur.com/TDhj7El.jpg)
+  of the android app, but I did not let it run for long enough it could also
+  just be my phone thing. Just something to keep an eye on.
+* **signal-cli-rest-api** - no gui, need a sim card phone number registred,
+  worse concept for sending notification to multiple users,
+  where you need to manually set everyone who should receive,
+  as oppose to having a "room/topic" to which one can "susbscribe",
+  but if signal is widespread enough and you are not asking people to install
+  another app then its a winner
+
+# docker-compose
+
+`gotify-docker-compose.yml`
+```yml
+services:
+
+  gotify:
+    image: gotify/server
+    container_name: gotify
+    hostname: gotify
+    restart: unless-stopped
+    env_file: .env
+    volumes:
+      - "./gotify_data:/app/data"
+
+networks:
+  default:
+    name: caddy_net
+    external: true
+```
+
+`ntfy-docker-compose.yml`
+```yml
+services:
+
+  ntfy:
+    image: binwiederhier/ntfy
+    container_name: ntfy
+    hostname: ntfy
+    env_file: .env
+    restart: unless-stopped
+    command:
+      - serve
+    volumes:
+      - ./ntfy-cache:/var/cache/ntfy
+      - ./ntfy-etc:/etc/ntfy
+
+networks:
+  default:
+    name: $DOCKER_MY_NETWORK
+    external: true
+```
+
+`signal-docker-compose.yml`
+```yml
+  signal:
+    image: bbernhard/signal-cli-rest-api
+    container_name: signal
+    hostname: signal
+    env_file: .env
+    restart: unless-stopped
+    volumes:
+      - "./signal-cli-config:/home/.local/share/signal-cli" #map "signal-cli-config" folder on host system into docker container. the folder contains the password and cryptographic keys when a new number is registered
+
+networks:
+  default:
+    name: $DOCKER_MY_NETWORK
+    external: true
+```
+
+# Port forwarding
+
+# The usage on clients
+
+# Encrypted use
+
+
+# Trouble shooting
+
+# Update
+
+# Backup and restore
+
+#### Backup
+  
+#### Restore
+
+
diff --git a/kopia_backup/readme.md b/kopia_backup/readme.md
new file mode 100644
index 0000000..7a71196
--- /dev/null
+++ b/kopia_backup/readme.md
@@ -0,0 +1,97 @@
+# Kopia
+
+###### guide-by-example
+
+![logo](https://i.imgur.com/A2mosM6.png)
+
+WORK IN PROGRESS<br>
+WORK IN PROGRESS<br>
+WORK IN PROGRESS<br>
+
+# Purpose & Overview
+
+Backups.
+
+* [Official site](https://kopia.io/)
+* [Github](https://github.com/kopia/kopia)
+
+Kopia is an open source backup utility with basicly all modern features.</br>
+Cross-platform, deduplication, encryption, compression, multithreaded speed,
+cloud storage support, CLI and GUI versions, snapshots mounting,...
+
+Written in golang,
+
+In this setup kopia cli is installed directly on the host system.</br>
+A script is created that backs up the entire docker directory and /etc locally.</br>
+Cronjob is set to execute this script daily.
+
+The repository is also pruned on each run of the script -
+old archives are deleted while keeping the ones fitting the retention rules
+in the script.</br>
+One backup per day for last 7 days, last 4 weeks, last 6 months are kept.
+
+# Files and directory structure
+
+```
+/home/
+├── ~/
+│   └── docker/
+│       ├── container-setup #2
+│       ├── container-setup #1
+│       ├── ...
+│
+/mnt/
+  └── mirror/
+        └── docker_host_kopia/
+
+```
+
+* `docker_backup/` - borg repository directory containg the backups
+* `borg_backup.sh` - the backup script that adds new archive in to the repository
+* `borg_backup.log` - log file with the dates of backups
+
+Only `borg_backup.sh` has to be provided.</br>
+Repo directory is created by `borg init` command
+and the log file is created on the first run.
+
+
+# The setup
+
+#### Install kopia
+
+for arch linux, kopia is on AUR `yay kopia-bin`
+
+#### Backing up using kopia
+
+use of sudo so that kopia has access everywhere<br>
+config files are therefore in `/root/config/kopia`
+
+- `mkdir /mnt/mirror/docker_host_kopia`</br>
+- `sudo kopia repository create filesystem --path /mnt/mirror/docker_host_kopia`<br>
+- `sudo kopia repository connect filesystem --path /mnt/mirror/docker_host_kopia`<br>
+- `sudo kopia snapshot create /home/spravca/docker`<br>
+- `sudo kopia snapshot list`<br>
+- `sudo kopia mount k7e2b0a503edd7604ff61c68655cd5ad7 /mnt/tmp &`<br>
+- `sudo umount /mnt/tmp`<br>
+
+
+#### The backup script
+
+
+
+
+### Manual run
+
+
+### Automatic execution
+
+
+# Accessing the backup files
+
+
+# Extra info
+
+
+# Remote backup
+
+
diff --git a/meshcrentral/readme.md b/meshcrentral/readme.md
index 3b946e6..2adff37 100644
--- a/meshcrentral/readme.md
+++ b/meshcrentral/readme.md
@@ -27,7 +27,7 @@ The architecture is relatively simple.
   which allows full control of the device from the servers web
 
 Theres also an entire aspect of possibility of using
-Intel AMT - Active Management Technology.
+Intel AMT - Active Management Technology through port 4433.
 
 ---
 
@@ -173,11 +173,76 @@ mesh.{$MY_DOMAIN} {
 
 # The usage on clients
 
-
+# Improved safety
 
 
 # Trouble shooting
 
+# Running without separate database
+
+`docker-compose.yml`
+```yml
+services:
+
+  meshcentral:
+    image: ghcr.io/ylianst/meshcentral:latest
+    container_name: meshcentral
+    hostname: meshcentral
+    restart: unless-stopped
+    env_file: .env
+    volumes:
+      # config.json and other important files live here. A must for data persistence
+      - ./meshcentral/data:/opt/meshcentral/meshcentral-data
+      # where file uploads for users live
+      - ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
+      # location for the meshcentral-backups - this should be mounted to an external storage
+      - ./meshcentral/backup:/opt/meshcentral/meshcentral-backup
+      # location for site customization files
+      - ./meshcentral/web:/opt/meshcentral/meshcentral-web
+
+networks:
+  default:
+    name: $DOCKER_MY_NETWORK
+    external: true      
+```
+
+`.env`
+```bash
+# GENERAL
+MY_DOMAIN=example.com
+DOCKER_MY_NETWORK=caddy_net
+TZ=Europe/Bratislava
+
+# MESHCENTRAL
+NODE_ENV=production
+
+# initial mongodb-variables
+MONGO_INITDB_ROOT_USERNAME=mongodbadmin
+MONGO_INITDB_ROOT_PASSWORD=mongodbpasswd
+
+# initial meshcentral-variables
+# the following options are only used if no config.json exists in the data-folder
+
+# your hostname
+HOSTNAME=mesh.example.com
+USE_MONGODB=false
+# set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy 
+REVERSE_PROXY=example.com
+REVERSE_PROXY_TLS_PORT=443
+# set to true if you wish to enable iframe support
+IFRAME=false
+# set to false if you want disable self-service creation of new accounts besides the first (admin)
+ALLOW_NEW_ACCOUNTS=true
+# set to true to enable WebRTC - per documentation it is not officially released with meshcentral and currently experimental. Use with caution
+WEBRTC=false
+# set to true to allow plugins
+ALLOWPLUGINS=false
+# set to true to allow session recording
+LOCALSESSIONRECORDING=false
+# set to enable or disable minification of json, reduces traffic
+MINIFY=true
+```
+
 
 
 # Update