https://blog.briancmoses.com/2019/03/diy-nas-2019-edition.html
Category: Homelab
[WordPress] Remove Google Fonts in Theme Fluida
I usually try to avoid Google products, especially when it comes to web tracking, although I’m a big fan of what they do in other technologies.
Today I was testing another WordPress Theme called Fluida, a free theme from Cryout Creations. It’s clean and simple, the only thing that bothers me, is the usage of the Google Fonts API. Even if you don’t enter a Google Font in the settings, it’s connecting to the API.
Google Fonts has advantages as well as disadvantages. Read more about it here.
There are a few WordPress plugins to remove Google Fonts (e.g. Autoptimize), but I tried to avoid another plugin and wanted to do it manually. After a short search through the theme I found “includes/styles.php”. There you just had to comment out the following lines and it’s done.
// Google fonts
$gfonts = array();
$roots = array();
foreach ( $cryout_theme_structure['google-font-enabled-fields'] as $item ) {
$itemg = $item . 'google';
$itemw = $item . 'weight';
// custom font names
if ( ! empty( $options[$itemg] ) && ! preg_match( '/custom\sfont/i', $options[$item] ) ) {
if ( $item == _CRYOUT_THEME_PREFIX . '_fgeneral' ) {
$gfonts[] = cryout_gfontclean( $options[$itemg], ":100,200,300,400,500,600,700,800,900" ); // include all weights for general font
} else {
$gfonts[] = cryout_gfontclean( $options[$itemg], ":".$options[$itemw] );
};
$roots[] = cryout_gfontclean( $options[$itemg] );
}
// preset google fonts
if ( preg_match('/^(.*)\/gfont$/i', $options[$item], $bits ) ) {
if ( $item == _CRYOUT_THEME_PREFIX . '_fgeneral' ) {
$gfonts[] = cryout_gfontclean( $bits[1], ":100,200,300,400,500,600,700,800,900" ); // include all weights for general font
} else {
$gfonts[] = cryout_gfontclean( $bits[1], ":".$options[$itemw] );
};
$roots[] = cryout_gfontclean( $bits[1] );
}
};
[Wireguard] Preparing Proxmox Host for Wireguard in LXC
I followed this guide for using Wireguard inside LXC on Proxmox. (Also helpfull)
echo "deb https://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list
printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable
apt update
apt install wireguard
But as i ran “modprobe wireguard” I just got:
modprobe: FATAL: Module wireguard not found in directory /lib/modules/5.0.15-1-pve
So I ran “dkms autoinstall”… but no success.
Error! Your kernel headers for kernel 5.0.15-1-pve cannot be found.
Please install the linux-headers-5.0.15-1-pve package,
or use the --kernelsourcedir option to tell DKMS where it's located
As I run “apt install pve-headers” it installed new pve-headers but for a different kernel:
pve-headers pve-headers-5.0 pve-headers-5.0.21-1-pve
As expected, “modprobe wireguard” still returned
modprobe: FATAL: Module wireguard not found in directory /lib/modules/5.0.15-1-pve
So i checked my current kernel with “uname –kernel-release” and since my last reboot was about two weeks ago, it was running on 5.0.15-1-pve. So I did a reboot, checked the kernel again and now it was on 5.0.21-1-pve. So I did “dkms autoinstall” again, now with success:
Kernel preparation unnecessary for this kernel. Skipping...
Building module:
cleaning build area...
make -j4 KERNELRELEASE=5.0.21-1-pve -C /lib/modules/5.0.21-1-pve/build M=/var/lib/dkms/wireguard/0.0.20190702/build..........
cleaning build area...
DKMS: build completed.
wireguard.ko:
Running module version sanity check.
- Original module
- No original module exists within this kernel
- Installation
- Installing to /lib/modules/5.0.21-1-pve/updates/dkms/
depmod....
DKMS: install completed.
“modprobe wireguard” now returned no error. I continued the guide with:
echo "wireguard" >> /etc/modules-load.d/modules.conf
Entered my already created Debian 10 container and followed the guide:
echo "deb https://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable-wireguard.list
printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable
apt update
apt-get install --no-install-recommends wireguard-tools
ip link add wg0 type wireguard
Edit: To get Wireguard working, I also had to add the TUN device to the containers config, like I did for OpenVPN as well.
You’ll find the config here: /etc/pve/lxc/container_name.conf
lxc.cgroup.devices.allow: c 10:200 rwm
lxc.hook.autodev: sh -c "modprobe tun; cd ${LXC_ROOTFS_MOUNT}/dev; mkdir net; mknod net/tun c 10 200; chmod 0666 net/tun"
[OpenVPN] Change DNS resolver to your local Pi-hole
Enter your OpenVPN config:
nano /etc/openvpn/server.conf
and add the following line with the local IP of your Pi-hole:
push "dhcp-option DNS 192.168.X.X"
[OpenVPN] Installing OpenVPN in LXC
Append the following two lines to the lxc config file on your Proxmox host.
You’ll find the config here: /etc/pve/lxc/container_name.conf
Got this info from here and it works fine.
lxc.cgroup.devices.allow: c 10:200 rwm
lxc.hook.autodev: sh -c "modprobe tun; cd ${LXC_ROOTFS_MOUNT}/dev; mkdir net; mknod net/tun c 10 200; chmod 0666 net/tun"
There is just one line necessary for the openVPN installation.
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
If you want to add another profile, just run the installer again:
bash openvpn-install.sh
[Proxmox] Mount dataset into LXC
Open LXC config file in your favorite editor. In this case the container name is 101:
nano /etc/pve/lxc/101.conf
Append a single line for each mountpoint you want to add. The first mountpoint is “mp0”, the second “mp1” and so on.
mp0: /data/music,mp=/mnt/nfs/music
First the source (my zpool “data”, folowing the dataset name “music”), after that the destination inside the container beginning “mp=”.
[ZFS] Basic Commands
Documentation: https://github.com/zfsonlinux/zfs/wiki/Admin-Documentation
Manual Pages: https://zfs.datto.com/man/
Milestones: https://github.com/zfsonlinux/zfs/milestones
modinfo zfs //check current ZFS version
zfs list //list pool with datasets
zfs list -r pool //show all datasets in a pool with size and mountpoint
zfs list -r -o name,mountpoint,mounted //check if datasets are mounted
zpool status (pool)
zpool list
zpool list -v
zpool iostat (pool 1)
zpool iostat -v
Activate NFS on dataset:
zfs set sharenfs=on pool/dataset
zfs get sharenfs pool/dataset
Usefull comands when replacing a failed disk:
ls -l /dev/disk/by-id/ // Disk ID's
zdb // Display zpool debugging and consistency information
smartctl -a /dev/ada0 // S.M.A.R.T info
wipefs -a new_hdd // remove ext4 filesystem
zpool replace data old_hdd new_hdd // Replace HDD
Scrub cronjob:
cat /etc/cron.d/zfsutils-linux
Add and remove Log & L2ARC:
zpool add data log sda1
zpool add data cache sda2
zpool remove data log sda1
zpool remove data cache sda2
[Pi-hole] Blocklists
How to update your Pi-hole installation: pihole -up
Blocklists:
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
- https://sysctl.org/cameleon/hosts
- https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
- https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
- https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
- https://hosts-file.net/ad_servers.txt
- https://easylist.to/easylist/easylist.txt
- https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/hosts
- https://raw.githubusercontent.com/HenningVanRaumle/pihole-ytadblock/master/ytadblock.txt
- https://v.firebog.net/hosts/lists.php?type=tick
- https://github.com/mmotti/pihole-regex/blob/master/regex.list
- https://raw.githubusercontent.com/lightswitch05/hosts/master/ads-and-tracking-extended.txt
- https://hosts-file.net/grm.txt
- https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts
- https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts
- https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts
- https://v.firebog.net/hosts/static/w3kbl.txt
- https://v.firebog.net/hosts/BillStearns.txt
- https://www.dshield.org/feeds/suspiciousdomains_Low.txt
- https://www.dshield.org/feeds/suspiciousdomains_Medium.txt
- https://www.dshield.org/feeds/suspiciousdomains_High.txt
- https://www.joewein.net/dl/bl/dom-bl-base.txt
- https://raw.githubusercontent.com/matomo-org/referrer-spam-blacklist/master/spammers.txt
- https://someonewhocares.org/hosts/zero/hosts
- https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt
- https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
- mirror1.malwaredomains.com/files/justdomains
- sysctl.org/cameleon/hosts
- zeustracker.abuse.ch/blocklist.php?download=domainblocklist
- s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
- s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
- hosts-file.net/ad_servers.txt
- raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt
- raw.githubusercontent.com/quidsup/notrack/master/trackers.txt
- https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_trackers_justdomains.txt
- https://urlhaus.abuse.ch/downloads/hostfile/
- https://raw.githubusercontent.com/kboghdady/youTube_ads_4_pi-hole/master/crowed_list.txt
You will find further blocklists here, here and here.
For whitelists look here.
For Regex Filter check here.
Test your Ad Blocking: https://d3ward.github.io/toolz/adblock
If you would like to have a Dark Theme for Pi-Hole look here or use the Firefox/Chrome extension Dark Reader.
Other interesting projects:
- PiPass (Related Reddit Post)
- Pihole Adlist Tool