From e12eaf84d3e1bff17048232885543679654a6838 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Tue, 10 Mar 2020 09:46:03 -0400
Subject: [PATCH 1/6] systemd-resolved

---
 scripts/install.sh                     | 8 ++++----
 scripts/services/Mistborn-base.service | 2 --
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index 13dfdfa..bda8c28 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -167,10 +167,10 @@ sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/
 sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/ root:root / $USER:$USER /"
 sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/DIFACE/$iface/"
 
-if [ "$DISTRO" == "debian" ] || [ "$DISTRO" == "raspbian" ]; then
-    # remove systemd-resolved lines
-    sudo sed -i '/.*systemd-resolved/d' /etc/systemd/system/Mistborn-base.service
-fi
+#if [ "$DISTRO" == "debian" ] || [ "$DISTRO" == "raspbian" ]; then
+#    # remove systemd-resolved lines
+#    sudo sed -i '/.*systemd-resolved/d' /etc/systemd/system/Mistborn-base.service
+#fi
 
 # setup local volumes for pihole
 sudo mkdir -p ../mistborn_volumes/
diff --git a/scripts/services/Mistborn-base.service b/scripts/services/Mistborn-base.service
index f8ff21a..8f23fa1 100644
--- a/scripts/services/Mistborn-base.service
+++ b/scripts/services/Mistborn-base.service
@@ -12,7 +12,6 @@ PermissionsStartOnly=true
 ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml down
 
 ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml build
-ExecStartPre=/bin/systemctl stop systemd-resolved
 ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p udp --dport 53 -j MISTBORN_LOG_DROP
 ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p tcp --dport 53 -j MISTBORN_LOG_DROP
 ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p tcp --dport 80 -j MISTBORN_LOG_DROP
@@ -31,7 +30,6 @@ ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 80 -j MISTBO
 ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 5555 -j MISTBORN_LOG_DROP
 ExecStopPost=/sbin/iptables -D OUTPUT -o DIFACE -p udp --dport 53 -j MISTBORN_LOG_DROP
 ExecStopPost=/sbin/ip6tables -D OUTPUT -p udp --dport 53 -j MISTBORN_LOG_DROP
-ExecStopPost=/bin/systemctl start systemd-resolved
 
 [Install]
 WantedBy=multi-user.target

From f64f220d77aff88988c32ce83e821b01e5b60177 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Tue, 10 Mar 2020 10:59:12 -0400
Subject: [PATCH 2/6] tweaks

---
 scripts/install.sh | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/scripts/install.sh b/scripts/install.sh
index bda8c28..a487415 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -163,8 +163,8 @@ sudo systemctl restart unattended-upgrades
 # install and start base services
 # default interface
 sudo cp ./scripts/services/Mistborn* /etc/systemd/system/
-sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/User=.*/User=$USER/"
-sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/ root:root / $USER:$USER /"
+sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/User=root/User=$USER/"
+#sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/ root:root / $USER:$USER /"
 sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/DIFACE/$iface/"
 
 #if [ "$DISTRO" == "debian" ] || [ "$DISTRO" == "raspbian" ]; then
@@ -188,9 +188,11 @@ sudo sed -i "s/IPV4_PUBLIC/$IPV4_PUBLIC/" ./compose/production/traefik/traefik.t
 sudo docker-compose -f base.yml pull || true
 sudo docker-compose -f base.yml build
 
-# DNS
+## disable other DNS services
 sudo systemctl stop systemd-resolved 2>/dev/null || true
 sudo systemctl disable systemd-resolved 2>/dev/null || true
+sudo systemctl stop dnsmasq 2>/dev/null || true
+sudo systemctl disable dnsmasq 2>/dev/null || true
 
 # array of dns entries to add (not not already present)
 declare -a dnslist=("pihole.mistborn" \

From 08cd650da5c522b52180609cd54085787de72920 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Tue, 10 Mar 2020 14:33:05 -0400
Subject: [PATCH 3/6] homeassistant.mistborn

---
 compose/production/traefik/traefik.toml | 2 +-
 scripts/install.sh                      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/compose/production/traefik/traefik.toml b/compose/production/traefik/traefik.toml
index eee9b0e..1a1ce2b 100644
--- a/compose/production/traefik/traefik.toml
+++ b/compose/production/traefik/traefik.toml
@@ -100,7 +100,7 @@ defaultEntryPoints = ["http"]
     [frontends.homeassistant.headers]
       HostsProxyHeaders = ['X-CSRFToken']
     [frontends.homeassistant.routes.dr1]
-      rule = "Host:hass.mistborn"
+      rule = "Host:homeassistant.mistborn"
 
   [frontends.syncthing]
     backend = "syncthing"
diff --git a/scripts/install.sh b/scripts/install.sh
index a487415..d114f28 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -197,7 +197,7 @@ sudo systemctl disable dnsmasq 2>/dev/null || true
 # array of dns entries to add (not not already present)
 declare -a dnslist=("pihole.mistborn" \
                     "home.mistborn" \
-                    "hass.mistborn" \
+                    "homeassistant.mistborn" \
                     "syncthing.mistborn" \
                     "chat.mistborn" \
                     "tor.mistborn" \

From c1e9174c9b0bf199e8fba87a7ad76133adcb6387 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Tue, 10 Mar 2020 16:12:34 -0400
Subject: [PATCH 4/6] add update script

---
 scripts/update.sh | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100755 scripts/update.sh

diff --git a/scripts/update.sh b/scripts/update.sh
new file mode 100755
index 0000000..a268028
--- /dev/null
+++ b/scripts/update.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -e
+
+docker-compose -f /opt/mistborn/base.yml pull
+docker-compose -f /opt/mistborn/base.yml build
+
+systemctl restart Mistborn-base

From 39c650a8bef5b6ad2f7b824b3a59167249b9c048 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Tue, 10 Mar 2020 22:27:04 -0400
Subject: [PATCH 5/6] remove raspap from active services

---
 scripts/services/{ => raspap}/Mistborn-raspap.service | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename scripts/services/{ => raspap}/Mistborn-raspap.service (100%)

diff --git a/scripts/services/Mistborn-raspap.service b/scripts/services/raspap/Mistborn-raspap.service
similarity index 100%
rename from scripts/services/Mistborn-raspap.service
rename to scripts/services/raspap/Mistborn-raspap.service

From 455acb388383c2a65650061be2386b97c012ae5d Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Tue, 10 Mar 2020 23:51:24 -0400
Subject: [PATCH 6/6] cleanup

---
 extra/bitwarden.yml     | 3 ---
 extra/homeassistant.yml | 1 -
 extra/jellyfin.yml      | 1 -
 extra/nextcloud.yml     | 7 -------
 extra/onlyoffice.yml    | 1 -
 extra/raspap.yml        | 2 --
 6 files changed, 15 deletions(-)

diff --git a/extra/bitwarden.yml b/extra/bitwarden.yml
index 0abbc08..dc6ff56 100644
--- a/extra/bitwarden.yml
+++ b/extra/bitwarden.yml
@@ -1,8 +1,5 @@
 version: '3'
 
-#volumes:
-#  production_bitwarden_data: {}
-
 services:  
   bitwarden:
     image: bitwardenrs/server:latest
diff --git a/extra/homeassistant.yml b/extra/homeassistant.yml
index 3c0d49d..2588772 100644
--- a/extra/homeassistant.yml
+++ b/extra/homeassistant.yml
@@ -12,7 +12,6 @@ services:
       - "traefik.enable=true"
       - "traefik.port=8123"
     restart: unless-stopped 
-    #network_mode: host
 
 networks:
   default:
diff --git a/extra/jellyfin.yml b/extra/jellyfin.yml
index 1ceb59f..e829e1a 100644
--- a/extra/jellyfin.yml
+++ b/extra/jellyfin.yml
@@ -3,7 +3,6 @@ version: '3'
 volumes:
   production_jellyfin_config: {}
   production_jellyfin_cache: {}
-  #production_nextcloud: {}
 
 services:  
   jellyfin:
diff --git a/extra/nextcloud.yml b/extra/nextcloud.yml
index 724cffa..dc72353 100644
--- a/extra/nextcloud.yml
+++ b/extra/nextcloud.yml
@@ -1,8 +1,5 @@
 version: '3'
 
-#volumes:
-#  production_nextcloud: {}
-
 services:  
   nextcloud:
     image: nextcloud
@@ -15,10 +12,6 @@ services:
       - "traefik.port=80"
     volumes:
       - ../../mistborn_volumes/extra/nextcloud:/var/www/html
-        #- ./volumes/extra/nextcloud/config:/var/www/html/config
-        #- ./volumes/extra/nextcloud/custom_apps:/var/www/html/custom_apps
-        #- ./volumes/extra/nextcloud/data:/var/www/html/data
-        #- ./volumes/extra/nextcloud/themes:/var/www/html/themes
     environment:
       - VIRTUAL_HOST=nextcloud.mistborn
     restart: unless-stopped
diff --git a/extra/onlyoffice.yml b/extra/onlyoffice.yml
index b5d75d8..63a54a7 100644
--- a/extra/onlyoffice.yml
+++ b/extra/onlyoffice.yml
@@ -13,7 +13,6 @@ services:
       - "traefik.enable=true"
       - "traefik.port=80"
     restart: unless-stopped 
-    #network_mode: host
 
 networks:
   default:
diff --git a/extra/raspap.yml b/extra/raspap.yml
index e1dfb19..66575e9 100644
--- a/extra/raspap.yml
+++ b/extra/raspap.yml
@@ -15,9 +15,7 @@ services:
       - ../.envs/.production/.pihole
     command: /start
     volumes:
-      #- ~/.ssh:/ssh:ro
       - ../../mistborn_volumes/extra/raspap/etc-raspap:/etc/raspap
-      #- ../volumes/extra/raspap/etc-lighttpd:/etc/lighttpd
 
 networks:
   default: