Software recap

golek — 2026-06-25T18:46:33Z

/golek_logs/mailcheck.log #(from /root/scripts/cronscripts/imap_bounce_checker.py

tail -n 24 /golek_logs/mailcheck.log

/golek_logs/startup.log #(from /root/scripts/startup.sh)

tail -n 10 /golek_logs/startup.log

/home/golek

1. Nothing there, I did all root.

/usr/local/bin/icjsk

1. current version of my hashing code, works on Debian and macOS

/usr/local/bin/mysendmail

#!/usr/bin/env bash if [ "$#" -lt 3 ]; then echo "Error: Missing parameters." echo "Usage: mysendmail   " exit 1 fi local_target_to="$1" local_raw_subject="$2" local_raw_body="$3" auth_file="$HOME/.ovh-mail.auth" if [ ! -f "$auth_file" ]; then echo "Failure: Configuration file '$auth_file' not found." exit 1 fi # Note: 'local' keyword is removed because we are no longer inside a function smtp_user=$(sed -n '1p' "$auth_file") smtp_pass=$(sed -n '2p' "$auth_file") # Format the multi-line string text cleanly formatted_body=$(echo -e "$local_raw_body") # Execute swaks, hide text output, but capture its structural exit status swaks --server ssl0.ovh.net --port 465 --tlsc \ --auth LOGIN --auth-user "$smtp_user" --auth-password "$smtp_pass" \ --to "$local_target_to" --from "$smtp_user" \ --header "Subject: $local_raw_subject" \ --body "$formatted_body" > /dev/null 2>&1 # Check the actual native exit status code of the swaks utility if [ $? -eq 0 ]; then echo "Success" exit 0 else echo "Failure: Remote SMTP authentication or transaction rejected by mail daemon." exit 1 fi

/root/scripts/startup.sh

#!/bin/bash # Add your custom startup commands below echo "Startup script executed at $(date)" >> /golek_logs/startup.log #improve ethernet connection ethtool -K enp4s0 rx-udp-gro-forwarding on rx-gro-list off

/root/scripts/cronscripts/imap_bounce_checker.py

#!/usr/bin/env python3 import imaplib import email from email.header import decode_header import smtplib from email.mime.text import MIMEText import os from datetime import datetime # Configuration Settings IMAP_SERVER = "ssl0.ovh.net" IMAP_PORT = 993 SMTP_SERVER = "ssl0.ovh.net" SMTP_PORT = 465 FORWARD_TARGET = "emailk@iclownd.com" LOG_FILE = "/golek_logs/mailcheck.log" AUTH_FILE = os.path.expanduser("~/.ovh-mail.auth") def log_message(text): timestamp = datetime.now().strftime("%Y-%m-%d %H:%M:%S") with open(LOG_FILE, "a") as f: f.write(f"[{timestamp}] {text}\n") # Verify credentials exist if not os.path.exists(AUTH_FILE): log_message("CRITICAL ERROR: Credentials file ~/.ovh-mail.auth missing.") exit(1) with open(AUTH_FILE, "r") as f: smtp_user = f.readline().strip() smtp_pass = f.readline().strip() try: # 1. Connect to OVH IMAP over SSL mail = imaplib.IMAP4_SSL(IMAP_SERVER, IMAP_PORT) mail.login(smtp_user, smtp_pass) mail.select("INBOX") # FIXED IMAP SEARCH: Only target UNREAD (UNSEEN) mail matching either bounce subject layout search_criterion = 'UNSEEN (OR SUBJECT "Delivery Status Notification" SUBJECT "Undelivered Mail Returned to Sender")' status, data = mail.search(None, search_criterion) if status != "OK" or not data or data[0] == b'': # Exit cleanly if no new unread bounces are waiting log_message("Check complete: Nothing to do.") mail.logout() exit(0) # Convert byte list to space-separated array strings safely msg_ids = data[0].split() # 2. Connect to SMTP to handle forwarding alerts smtp = smtplib.SMTP_SSL(SMTP_SERVER, SMTP_PORT) smtp.login(smtp_user, smtp_pass) log_message(f"Found {len(msg_ids)} new unread bounce notification(s). Processing...") for msg_id in msg_ids: res, msg_data = mail.fetch(msg_id, "(RFC822)") for response_part in msg_data: if isinstance(response_part, tuple): raw_email = response_part[1] msg = email.message_from_bytes(raw_email) # Parse Subject Header safely decoded_parts = decode_header(msg["Subject"] or "") subject_fragments = [] for subject_bytes, encoding in decoded_parts: if isinstance(subject_bytes, bytes): subject_fragments.append(subject_bytes.decode(encoding or "utf-8", errors="ignore")) else: # It's already a string (e.g. if the header wasn't encoded) subject_fragments.append(str(subject_bytes)) subject = "".join(subject_fragments) log_message(f"PROCESSING BOUNCE: {subject}") # Extract clean readable body text snippet, skipping raw attachment binaries clean_body = "Could not extract plain text snippet." if msg.is_multipart(): for part in msg.walk(): if part.get_content_type() == "text/plain": payload = part.get_payload(decode=True) if payload: clean_body = payload.decode('utf-8', errors='ignore') break else: payload = msg.get_payload(decode=True) if payload: clean_body = payload.decode('utf-8', errors='ignore') # Truncate content if excessively long to prevent massive relay sizes if len(clean_body) > 10000: clean_body = clean_body[:10000] + "\n\n...[Truncated Content / Large Attachments Stripped]..." # Construct a clean summary email layout summary_text = ( f"--- GOLEKDEB MAIL DELIVERY FAILURE DETECTED ---\n\n" f"Date Received: {msg['Date']}\n" f"Original Subject: {subject}\n" f"Diagnostic Details:\n\n" f"{clean_body}" ) forward_msg = MIMEText(summary_text) forward_msg["Subject"] = f"FWD: Mail Delivery Failure Alert - {subject}" forward_msg["From"] = smtp_user forward_msg["To"] = FORWARD_TARGET smtp.sendmail(smtp_user, FORWARD_TARGET, forward_msg.as_string()) log_message(f"SUCCESS: Summary forwarded to {FORWARD_TARGET}") # SAFE: Just mark the message as read on the OVH server. Do NOT delete or expunge it. mail.store(msg_id, "+FLAGS", "\\Seen") smtp.quit() mail.logout() log_message("Hourly check complete. Messages marked as read.") except Exception as e: log_message(f"RUNTIME EXCEPTION: {str(e)}") exit(1)

/root/.ovh-mail.auth

server@mydotcom.com mypass

/opt/websites/wp-cli.phar

1. CLI to update URLs wordpress wide
2. Download CLI: docker compose exec -w /var/www/html wordpress curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
3. Make executable: docker compose exec -w /var/www/html wordpress chmod +x wp-cli.phar
4. Dry-Run: docker compose exec -u www-data -w /var/www/html wordpress php wp-cli.phar search-replace 'myoldurl.com' 'mynewurl.com' --dry-run

/opt/websites/gregoiredupond

1. updated with wp-cli.phar all urls to local 192.168.1.60:9000
2. html alongside compose file
3. updated from WP 6 to WP 7 and updated plugins succesfully.
4. added to wp-config.php, to avoid JetPack using this local dev version:

define('WP_DEBUG', false); define( 'JETPACK_DEV_DEBUG', true ); define( 'WP_ENVIRONMENT_TYPE', 'staging' );

5. /opt/websites/gregoiredupond/compose.yaml

services: db: image: mariadb:10.11 restart: always environment: MYSQL_DATABASE: gysd_db MYSQL_USER: gysd_user MYSQL_PASSWORD: mypass MYSQL_ROOT_PASSWORD: mypass volumes: - db_data:/var/lib/mysql # This maps your local SQL file so the container imports it automatically - ./mysql-init:/docker-entrypoint-initdb.d wordpress: image: wordpress:latest restart: always ports: - "9000:80" environment: WORDPRESS_DB_HOST: db WORDPRESS_DB_NAME: gysd_db WORDPRESS_DB_USER: gysd_user WORDPRESS_DB_PASSWORD: mypass volumes: # Mounts your extracted OVH site directly into the container - ./html:/var/www/html depends_on: - db volumes: db_data:

/opt/websites/bctimeslip

1. Need to update all URLs with wp-cli.phar
2. html alongside compose file
3. Do not update Wordpress or plugins
4. Add the debug and staging lines to wp-config.php
5. /opt/websites/gregoiredupond/compose.yaml

services: db: image: mariadb:10.11 restart: always environment: MYSQL_DATABASE: skull_db MYSQL_USER: skull_user MYSQL_PASSWORD: mypass MYSQL_ROOT_PASSWORD: mypass volumes: - db_data:/var/lib/mysql # This maps your local SQL file so the container imports it automatically - ./mysql-init:/docker-entrypoint-initdb.d wordpress: image: wordpress:latest restart: always ports: - "9001:80" environment: WORDPRESS_DB_HOST: db WORDPRESS_DB_NAME: skull_db WORDPRESS_DB_USER: skull_user WORDPRESS_DB_PASSWORD: mypass volumes: # Mounts your extracted OVH site directly into the container - ./html:/var/www/html depends_on: - db volumes: db_data:

/opt/websites/golek_spip

1. Installed Fresh, not a migration
2. html_data alongside compose file
3. /opt/websites/gregoiredupond/compose.yaml

services: db: image: mariadb:10.11 container_name: spip_db restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: azsxdcfv MYSQL_DATABASE: spip MYSQL_USER: spip_user MYSQL_PASSWORD: mypass volumes: - spip_db_data:/var/lib/mysql spip: image: ipeos/spip:latest container_name: spip_app restart: unless-stopped ports: - "8081:80" # Exposed strictly for your Tailscale/LAN testing environment: - SPIP_DB_SERVER=mysql - SPIP_DB_HOST=db - SPIP_DB_LOGIN=spip_user - SPIP_DB_PASS= mypass - SPIP_DB_NAME=spip volumes: - ./html_data:/var/www/html depends_on: - db # --- CLOUDFLARE TUNNEL (Uncomment when you have your domain) --- # cloudflared: # image: cloudflare/cloudflared:latest # container_name: spip_tunnel # restart: unless-stopped # command: tunnel run # environment: # - TUNNEL_TOKEN=your_cloudflare_tunnel_token_here volumes: spip_db_data:

/opt/docker-containers/netdata/compose.yaml

services: netdata: image: netdata/netdata:stable container_name: netdata restart: unless-stopped pid: host network_mode: host healthcheck: disable: true environment: - DISABLE_TELEMETRY=1 cap_add: - SYS_PTRACE - SYS_ADMIN security_opt: - apparmor:unconfined volumes: - netdataconfig:/etc/netdata - netdatalib:/var/lib/netdata - netdatacache:/var/cache/netdata - /etc/passwd:/host/etc/passwd:ro - /etc/group:/host/etc/group:ro - /etc/localtime:/etc/localtime:ro - /proc:/host/proc:ro - /sys:/host/sys:ro - /etc/os-release:/host/etc/os-release:ro - /var/log:/host/var/log:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./stream.conf:/etc/netdata/stream.conf:ro volumes: netdataconfig: netdatalib: netdatacache:

/opt/docker-containers/nextcloud/compose.yaml

services: nextcloud-aio-mastercontainer: image: nextcloud/all-in-one:latest init: true restart: unless-stopped container_name: nextcloud-aio-mastercontainer volumes: - nextcloud_aio_mastercontainer:/mnt/docker-aio-config - /var/run/docker.sock:/var/run/docker.sock:ro ports: - "8080:8080" environment: - APACHE_PORT=11000 - SKIP_DOMAIN_VALIDATION=true - AIO_COMMUNITY_CONTAINER=true - NEXTCLOUD_DATADIR=/mnt/data/nextcloud_data - AIO_DISABLE_REVERSE_PROXY_DETECTION=true volumes: nextcloud_aio_mastercontainer: name: nextcloud_aio_mastercontainer

/opt/docker-containers/dozzle/compose.yaml

services: dozzle: container_name: dozzle image: amir20/dozzle:latest restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock ports: - 8888:8080 environment: DOZZLE_USERNAME: dzgolek DOZZLE_PASSWORD: mypass

golek's cloud

Software recap