New installation 25-02-25 rdp # apt install mailutils The following packages were automatically installed and are no longer required: linux-headers-6.8.0-50 linux-headers-6.8.0-50-generic linux-image-6.8.0-50-generic linux-modules-6.8.0-50-generic linux-modules-extra-6.8.0-50-generic linux-tools-6.8.0-50 linux-tools-6.8.0-50-generic Use 'apt autoremove' to remove them. The following additional packages will be installed: gsasl-common guile-3.0-libs libfribidi0 libgc1 libgsasl18 libgssglue1 libidn12 libltdl7 libmailutils9t64 libmysqlclient21 libncurses6 libnsl2 libntlm0 libpq5 mailutils-common mysql-common postfix ssl-cert Suggested packages: mailutils-mh mailutils-doc postfix-cdb postfix-doc postfix-ldap postfix-lmdb postfix-mta-sts-resolver postfix-mysql postfix-pcre postfix-pgsql postfix-sqlite procmail sasl2-bin | dovecot-common The following NEW packages will be installed: gsasl-common guile-3.0-libs libfribidi0 libgc1 libgsasl18 libgssglue1 libidn12 libltdl7 libmailutils9t64 libmysqlclient21 libncurses6 libnsl2 libntlm0 libpq5 mailutils mailutils-common mysql-common postfix ssl-cert 0 upgraded, 19 newly installed, 0 to remove and 0 not upgraded. Preconfiguring packages ... Package configuration ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── ┌─────────────────────────────Postfix Configuration───────────────────────────────┐ │ Please select the mail server configuration type that best meets your needs. │ │ │ │ No configuration: │ │ Should be chosen to leave the current configuration unchanged. │ │ Internet site: │ │ Mail is sent and received directly using SMTP. │ │ Internet with smarthost: │ │ Mail is received directly using SMTP or by running a utility such │ │ as fetchmail. Outgoing mail is sent using a smarthost. │ │ Satellite system: │ │ All mail is sent to another machine, called a 'smarthost', for │ │ delivery. │ │ Local only: │ │ The only delivered mail is the mail for local users. There is no │ │ network. │ │ │ │ General mail configuration type: │ │ ┌─────────────────────────────────────────────────────────────────────────────┐ │ │ │ No configuration │ │ │ │ Internet Site │ │ │ │ Internet with smarthost │ │ │ │ Satellite system │ │ │ │ Local only │ │ │ └─────────────────────────────────────────────────────────────────────────────┘ │ ├─────────────────────────────────────────────────────────────────────────────────┤ │ < OK > │ └─────────────────────────────────────────────────────────────────────────────────┘ Package configuration ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── ┌────────────────────────────────────────────────────Postfix Configuration──────────────────────────────────────────────────────┐ │ The 'mail name' is the domain name used to 'qualify' _ALL_ mail addresses without a domain name. This includes mail to and │ │ from : please do not make your machine send out mail from root@example.org unless root@example.org has told you to. │ │ │ │ This name will also be used by other programs. It should be the single, fully qualified domain name (FQDN). │ │ │ │ Thus, if a mail address on the local host is foo@example.org, the correct value for this option would be example.org. │ │ │ │ System mail name: │ │ ┌───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐ │ │ │rustdesk.phas.ubc.ca │ │ ├─└───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘─┤ │ < OK > │ └───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘ Selecting previously unselected package ssl-cert. ... Setting up mysql-common (5.8+1.1.0build1) ... update-alternatives: using /etc/mysql/my.cnf.fallback to provide /etc/mysql/my.cnf (my.cnf) in auto mode Setting up libmysqlclient21:amd64 (8.0.41-0ubuntu0.24.04.1) ... Setting up libpq5:amd64 (16.6-0ubuntu0.24.04.1) ... Setting up libntlm0:amd64 (1.7-1build1) ... Setting up ssl-cert (1.1.2ubuntu1) ... Created symlink /etc/systemd/system/multi-user.target.wants/ssl-cert.service → /usr/lib/systemd/system/ssl-cert.service. Setting up libncurses6:amd64 (6.4+20240113-1ubuntu2) ... Setting up libfribidi0:amd64 (1.0.13-3build1) ... Setting up libidn12:amd64 (1.42-1build1) ... Setting up mailutils-common (1:3.17-1.1build3) ... Setting up libgssglue1:amd64 (0.9-1build1) ... Setting up libgc1:amd64 (1:8.2.6-1build1) ... Setting up libltdl7:amd64 (2.4.7-7build1) ... Setting up libgsasl18:amd64 (2.2.1-1willsync1build2) ... Setting up libnsl2:amd64 (1.3.0-3build3) ... Setting up gsasl-common (2.2.1-1willsync1build2) ... Setting up guile-3.0-libs:amd64 (3.0.9-1build2) ... Setting up postfix (3.8.6-1build2) ... info: Selecting GID from range 100 to 999 ... info: Adding group `postfix' (GID 105) ... info: Selecting UID from range 100 to 999 ... info: Adding system user `postfix' (UID 105) ... info: Adding new user `postfix' (UID 105) with group `postfix' ... info: Not creating home directory `/var/spool/postfix'. Creating /etc/postfix/dynamicmaps.cf info: Selecting GID from range 100 to 999 ... info: Adding group `postdrop' (GID 106) ... setting myhostname: rustdesk setting alias maps setting alias database changing /etc/mailname to rustdesk.phas.ubc.ca setting myorigin setting destinations: $myhostname, rustdesk.phas.ubc.ca, rustdesk, localhost.localdomain, localhost setting relayhost: setting mynetworks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 setting mailbox_size_limit: 0 setting recipient_delimiter: + setting inet_interfaces: all setting inet_protocols: all /etc/aliases does not exist, creating it. WARNING: /etc/aliases exists, but does not have a root alias. Postfix (main.cf) is now set up with a default configuration. If you need to make changes, edit /etc/postfix/main.cf (and others) as needed. To view Postfix configuration values, see postconf(1). After modifying main.cf, be sure to run 'systemctl reload postfix'. Running newaliases Created symlink /etc/systemd/system/multi-user.target.wants/postfix.service → /usr/lib/systemd/system/postfix.service. Setting up libmailutils9t64:amd64 (1:3.17-1.1build3) ... Setting up mailutils (1:3.17-1.1build3) ... update-alternatives: using /usr/bin/frm.mailutils to provide /usr/bin/frm (frm) in auto mode update-alternatives: using /usr/bin/from.mailutils to provide /usr/bin/from (from) in auto mode update-alternatives: using /usr/bin/messages.mailutils to provide /usr/bin/messages (messages) in auto mode update-alternatives: using /usr/bin/movemail.mailutils to provide /usr/bin/movemail (movemail) in auto mode update-alternatives: using /usr/bin/readmsg.mailutils to provide /usr/bin/readmsg (readmsg) in auto mode update-alternatives: using /usr/bin/dotlock.mailutils to provide /usr/bin/dotlock (dotlock) in auto mode update-alternatives: using /usr/bin/mail.mailutils to provide /usr/bin/mailx (mailx) in auto mode Processing triggers for ufw (0.36.2-6) ... Processing triggers for libc-bin (2.39-0ubuntu8.4) ... Scanning processes... Scanning candidates... Scanning linux images... Pending kernel upgrade! Running kernel version: 6.8.0-52-generic Diagnostics: The currently running kernel version is not the expected kernel version 6.8.0-54-generic. Restarting the system to load the new kernel will not be handled automatically, so you should consider rebooting. Restarting services... Service restarts being deferred: /etc/needrestart/restart.d/dbus.service systemctl restart getty@tty1.service systemctl restart systemd-logind.service systemctl restart unattended-upgrades.service No containers need to be restarted. User sessions running outdated binaries: root @ session #4: sshd[1647] root @ session #5: sshd[1695] root @ user manager service: systemd[1502] No VM guests are running outdated hypervisor (qemu) binaries on this host. # apt install cron The following additional packages will be installed: cron-daemon-common Suggested packages: anacron logrotate checksecurity supercat The following NEW packages will be installed: cron cron-daemon-common 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Creating group 'crontab' with GID 989. Created symlink /etc/systemd/system/multi-user.target.wants/cron.service → /usr/lib/systemd/system/cron.service. # apt install rsync Suggested packages: python3-braceexpand The following NEW packages will be installed: rsync 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Setting up rsync (3.2.7-1ubuntu1.2) ... rsync.service is a disabled or a static unit, not starting it. # apt install logwatch The following additional packages will be installed: libdate-manip-perl Suggested packages: libsys-cpu-perl libsys-meminfo-perl The following NEW packages will be installed: libdate-manip-perl logwatch 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Setting up libdate-manip-perl (6.95-1) ... Setting up logwatch (7.7-1ubuntu1) ... # apt install logrotate The following NEW packages will be installed: logrotate 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Setting up logrotate (3.21.0-2build1) ... Created symlink /etc/systemd/system/timers.target.wants/logrotate.timer → /usr/lib/systemd/system/logrotate.timer. logrotate.service is a disabled or a static unit, not starting it. # ufw status Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere Anywhere DENY 127.0.0.0/8 22/tcp (v6) ALLOW Anywhere (v6) Anywhere (v6) DENY ::1 # ufw allow 21114:21119/tcp # ufw allow 8000/tcp # ufw allow 21116/udp # ufw allow http # ufw allow https # ufw reload Firewall reloaded # ufw status numbered Status: active To Action From -- ------ ---- [ 1] 22/tcp ALLOW IN Anywhere [ 2] Anywhere DENY IN 127.0.0.0/8 [ 3] 21114:21119/tcp ALLOW IN Anywhere [ 4] 8000/tcp ALLOW IN Anywhere [ 5] 21116/udp ALLOW IN Anywhere [ 6] 80/tcp ALLOW IN Anywhere [ 7] 443 ALLOW IN Anywhere [ 8] 22/tcp (v6) ALLOW IN Anywhere (v6) [ 9] Anywhere (v6) DENY IN ::1 [10] 21114:21119/tcp (v6) ALLOW IN Anywhere (v6) [11] 8000/tcp (v6) ALLOW IN Anywhere (v6) [12] 21116/udp (v6) ALLOW IN Anywhere (v6) [13] 80/tcp (v6) ALLOW IN Anywhere (v6) [14] 443 (v6) ALLOW IN Anywhere (v6) rustdesk install.... # cd /usr/local/src # wget https://raw.githubusercontent.com/techahold/rustdeskinstall/master/install.sh --2025-02-25 13:32:10-- https://raw.githubusercontent.com/techahold/rustdeskinstall/master/install.sh Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.111.133, 185.199.110.133, 185.199.108.133, ... Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.111.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 13436 (13K) [text/plain] Saving to: ‘install.sh’ install.sh 100%[=============================================================>] 13.12K --.-KB/s in 0s 2025-02-25 13:32:10 (65.9 MB/s) - ‘install.sh’ saved [13436/13436] # chmod +x install.sh # ./install.sh Installing prerequisites Hit:1 http://mirror.it.ubc.ca/ubuntu noble InRelease Hit:2 http://mirror.it.ubc.ca/ubuntu noble-updates InRelease Hit:3 http://mirror.it.ubc.ca/ubuntu noble-backports InRelease Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease Reading package lists... Done Reading package lists... Done Building dependency tree... Done Reading state information... Done curl is already the newest version (8.5.0-2ubuntu10.6). curl set to manually installed. wget is already the newest version (1.21.4-1ubuntu4.1). wget set to manually installed. tar is already the newest version (1.35+dfsg-3build1). tar set to manually installed. dnsutils is already the newest version (1:9.18.30-0ubuntu0.24.04.2). Suggested packages: zip The following NEW packages will be installed: unzip 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 174 kB of archives. After this operation, 384 kB of additional disk space will be used. Get:1 http://mirror.it.ubc.ca/ubuntu noble-updates/main amd64 unzip amd64 6.0-28ubuntu4.1 [174 kB] Fetched 174 kB in 0s (8722 kB/s) Selecting previously unselected package unzip. (Reading database ... 116717 files and directories currently installed.) Preparing to unpack .../unzip_6.0-28ubuntu4.1_amd64.deb ... Unpacking unzip (6.0-28ubuntu4.1) ... Setting up unzip (6.0-28ubuntu4.1) ... Scanning processes... Scanning linux images... Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. 1) IP 2) DNS/Domain Choose your preferred connection method: auto-resolve current WAN IP or enter your DNS/Domain:2 Enter your preferred domain/dns address : rustdesk.phas.ubc.ca Creating /opt/rustdesk Installing Rustdesk Server --2025-02-25 13:33:15-- https://github.com/rustdesk/rustdesk-server/releases/download/1.1.14/rustdesk-server-linux-amd64.zip Resolving github.com (github.com)... 140.82.112.3 Connecting to github.com (github.com)|140.82.112.3|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/299354666/7b9d8dd0-f398-4a8a-b1f2-14ce11315f21?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250225%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250225T213315Z&X-Amz-Expires=300&X-Amz-Signature=5ea5ac42a1da81c3e37a27d9d866b72b77f6994aaa7f5036a53017d0da33df41&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drustdesk-server-linux-amd64.zip&response-content-type=application%2Foctet-stream [following] --2025-02-25 13:33:15-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/299354666/7b9d8dd0-f398-4a8a-b1f2-14ce11315f21?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250225%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250225T213315Z&X-Amz-Expires=300&X-Amz-Signature=5ea5ac42a1da81c3e37a27d9d866b72b77f6994aaa7f5036a53017d0da33df41&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drustdesk-server-linux-amd64.zip&response-content-type=application%2Foctet-stream Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.110.133, 185.199.109.133, 185.199.108.133, ... Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 5915483 (5.6M) [application/octet-stream] Saving to: ‘rustdesk-server-linux-amd64.zip’ rustdesk-server-linux-amd64.zip 100%[=============================================================>] 5.64M 13.3MB/s in 0.4s 2025-02-25 13:33:16 (13.3 MB/s) - ‘rustdesk-server-linux-amd64.zip’ saved [5915483/5915483] Archive: rustdesk-server-linux-amd64.zip inflating: amd64/hbbr inflating: amd64/hbbs inflating: amd64/rustdesk-utils Creating /var/log/rustdesk Created symlink /etc/systemd/system/multi-user.target.wants/rustdesksignal.service → /etc/systemd/system/rustdesksignal.service. Created symlink /etc/systemd/system/multi-user.target.wants/rustdeskrelay.service → /etc/systemd/system/rustdeskrelay.service. Rustdesk Relay not ready yet... Tidying up install Grabbing installers 0nIhNmLjJWduMXYoBnLrNXZkR3c1J3LvozcwRHdoJiOikGchJCLi0zYNVHUFhneiZlRmVFSCh1bFBHcPdzK6ZWNSB3RTVzSrEFbidDejxWQhNTYiojI5V2aiwiIhNmLjJWduMXYoBnLrNXZkR3c1JnI6ISehxWZyJCLiE2YuMmY15ychhGcus2clRGdzVnciojI0N3boJye 1) Yes 2) No Please choose if you want to download configs and install HTTP server:1 --2025-02-25 13:33:31-- https://raw.githubusercontent.com/dinger1986/rustdeskinstall/master/WindowsAgentAIOInstall.ps1 Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.109.133, 185.199.110.133, 185.199.111.133, ... Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.109.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 3773 (3.7K) [text/plain] Saving to: ‘WindowsAgentAIOInstall.ps1’ WindowsAgentAIOInstall.ps1 100%[=============================================================>] 3.68K --.-KB/s in 0s 2025-02-25 13:33:31 (36.7 MB/s) - ‘WindowsAgentAIOInstall.ps1’ saved [3773/3773] --2025-02-25 13:33:31-- https://raw.githubusercontent.com/dinger1986/rustdeskinstall/master/linuxclientinstall.sh Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.109.133, 185.199.110.133, 185.199.108.133, ... Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.109.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 3584 (3.5K) [text/plain] Saving to: ‘linuxclientinstall.sh’ linuxclientinstall.sh 100%[=============================================================>] 3.50K --.-KB/s in 0s 2025-02-25 13:33:31 (36.2 MB/s) - ‘linuxclientinstall.sh’ saved [3584/3584] Creating /opt/gohttp Installing Go HTTP Server --2025-02-25 13:33:32-- https://github.com/codeskyblue/gohttpserver/releases/download/1.3.0/gohttpserver_1.3.0_linux_amd64.tar.gz Resolving github.com (github.com)... 140.82.112.3 Connecting to github.com (github.com)|140.82.112.3|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/63852314/70d5eae1-926e-4d8b-82ff-2151311fdcbe?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250225%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250225T213332Z&X-Amz-Expires=300&X-Amz-Signature=c92e31676ba205eb4ff3363a2abd5ddc66ce004d6786541f19e3ee6118825b46&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dgohttpserver_1.3.0_linux_amd64.tar.gz&response-content-type=application%2Foctet-stream [following] --2025-02-25 13:33:32-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/63852314/70d5eae1-926e-4d8b-82ff-2151311fdcbe?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250225%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250225T213332Z&X-Amz-Expires=300&X-Amz-Signature=c92e31676ba205eb4ff3363a2abd5ddc66ce004d6786541f19e3ee6118825b46&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dgohttpserver_1.3.0_linux_amd64.tar.gz&response-content-type=application%2Foctet-stream Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.110.133, 185.199.108.133, 185.199.111.133, ... Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 4867188 (4.6M) [application/octet-stream] Saving to: ‘gohttpserver_1.3.0_linux_amd64.tar.gz’ gohttpserver_1.3.0_linux_amd64.tar 100%[=============================================================>] 4.64M 13.4MB/s in 0.3s 2025-02-25 13:33:33 (13.4 MB/s) - ‘gohttpserver_1.3.0_linux_amd64.tar.gz’ saved [4867188/4867188] Creating /var/log/gohttp Tidying up Go HTTP Server Install Created symlink /etc/systemd/system/multi-user.target.wants/gohttpserver.service → /etc/systemd/system/gohttpserver.service. Your IP/DNS Address is rustdesk.phas.ubc.ca Your public key is a3aAlcx7blQ+K5SGpR5fz+7OppEoXBHUfFVbzxEPuMc= Install Rustdesk on your machines and change your public key and IP/DNS name to the above You can access your install scripts for clients by going to http://rustdesk.phas.ubc.ca:8000 Username is admin and password is FfZMNt85NZiZkiyh Press any key to finish install waiting for the keypress ============================================================================ 25-02-26 # ufw status numbered Status: active To Action From -- ------ ---- [ 1] 22/tcp ALLOW IN Anywhere [ 2] Anywhere DENY IN 127.0.0.0/8 [ 3] 21114:21119/tcp ALLOW IN Anywhere [ 4] 8000/tcp ALLOW IN Anywhere [ 5] 21116/udp ALLOW IN Anywhere [ 6] 22/tcp (v6) ALLOW IN Anywhere (v6) [ 7] Anywhere (v6) DENY IN ::1 [ 8] 21114:21119/tcp (v6) ALLOW IN Anywhere (v6) [ 9] 8000/tcp (v6) ALLOW IN Anywhere (v6) [10] 21116/udp (v6) ALLOW IN Anywhere (v6) Output from journalctl #: ci-info: ++++++++++++++++++++++++++++++++++++++Net device info+++++++++++++++++++++++++++++++++++++++ #: ci-info: +--------+------+-----------------------------+---------------+--------+-------------------+ #: ci-info: | Device | Up | Address | Mask | Scope | Hw-Address | #: ci-info: +--------+------+-----------------------------+---------------+--------+-------------------+ #: ci-info: | ens160 | True | 142.103.51.24 | 255.255.255.0 | global | 00:50:56:01:ae:3b | #: ci-info: | ens160 | True | fe80::250:56ff:fe01:ae3b/64 | . | link | 00:50:56:01:ae:3b | #: ci-info: | lo | True | 127.0.0.1 | 255.0.0.0 | host | . | #: ci-info: | lo | True | ::1/128 | . | host | . | #: ci-info: +--------+------+-----------------------------+---------------+--------+-------------------+ #: ci-info: +++++++++++++++++++++++++++++++Route IPv4 info+++++++++++++++++++++++++++++++ #: ci-info: +-------+--------------+----------------+---------------+-----------+-------+ #: ci-info: | Route | Destination | Gateway | Genmask | Interface | Flags | #: ci-info: +-------+--------------+----------------+---------------+-----------+-------+ #: ci-info: | 0 | 0.0.0.0 | 142.103.51.254 | 0.0.0.0 | ens160 | UG | #: ci-info: | 1 | 142.103.51.0 | 0.0.0.0 | 255.255.255.0 | ens160 | U | #: ci-info: +-------+--------------+----------------+---------------+-----------+-------+ #: ci-info: +++++++++++++++++++Route IPv6 info+++++++++++++++++++ #: ci-info: +-------+-------------+---------+-----------+-------+ #: ci-info: | Route | Destination | Gateway | Interface | Flags | #: ci-info: +-------+-------------+---------+-----------+-------+ #: ci-info: | 0 | fe80::/64 | :: | ens160 | U | #: ci-info: | 2 | local | :: | ens160 | U | #: ci-info: | 3 | multicast | :: | ens160 | U | #: ci-info: +-------+-------------+---------+-----------+-------+ //-----------------------------------------------------------------------------------------------// Install caddy proxy server: # apt-cache search caddy caddy - Fast, lightweight web server with automatic HTTPS golang-github-caddyserver-certmagic-dev - Go library for automatic HTTPS using Let's Encrypt # apt install caddy The following additional packages will be installed: libnspr4 libnss3 libnss3-tools The following NEW packages will be installed: caddy libnspr4 libnss3 libnss3-tools 0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded. Unpacking caddy (2.6.2-6ubuntu0.24.04.2) ... Setting up libnspr4:amd64 (2:4.35-1.1build1) ... Setting up libnss3:amd64 (2:3.98-1build1) ... Setting up libnss3-tools (2:3.98-1build1) ... Setting up caddy (2.6.2-6ubuntu0.24.04.2) ... Created symlink /etc/systemd/system/multi-user.target.wants/caddy.service → /usr/lib/systemd/system/caddy.service. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. https://caddyserver.com/docs/automatic-https # apt purge caddy - since doesn't handle udp //-----------------------------------------------------------------------------------------------// Switch to using apache2 reverse proxy https://wiki.haacksnetworking.org/doku.php?id=computing:rustdesk # apt install certbot letsencrypt python3-certbot-apache Note, selecting 'certbot' instead of 'letsencrypt' The following additional packages will be installed: apache2 apache2-bin apache2-data apache2-utils augeas-lenses libapr1t64 libaprutil1-dbd-sqlite3 libaprutil1-ldap libaprutil1t64 libaugeas0 liblua5.4-0 python3-acme python3-augeas python3-certbot python3-configargparse python3-icu python3-josepy python3-openssl python3-parsedatetime python3-rfc3339 Suggested packages: apache2-doc apache2-suexec-pristine | apache2-suexec-custom www-browser augeas-doc python-certbot-doc python3-certbot-nginx augeas-tools python-acme-doc python-certbot-apache-doc python-openssl-doc python3-openssl-dbg The following NEW packages will be installed: apache2 apache2-bin apache2-data apache2-utils augeas-lenses certbot libapr1t64 libaprutil1-dbd-sqlite3 libaprutil1-ldap libaprutil1t64 libaugeas0 liblua5.4-0 python3-acme python3-augeas python3-certbot python3-certbot-apache python3-configargparse python3-icu python3-josepy python3-openssl python3-parsedatetime python3-rfc3339 0 upgraded, 22 newly installed, 0 to remove and 0 not upgraded. ... Setting up python3-configargparse (1.7-1) ... Setting up python3-parsedatetime (2.6-3) ... Setting up python3-icu (2.12-1build2) ... Setting up augeas-lenses (1.14.1-1build2) ... Setting up python3-openssl (23.2.0-1) ... Setting up libaugeas0:amd64 (1.14.1-1build2) ... Setting up python3-josepy (1.14.0-1) ... Setting up python3-augeas (0.5.0-1.1) ... Setting up libapr1t64:amd64 (1.7.2-3.1ubuntu0.1) ... Setting up liblua5.4-0:amd64 (5.4.6-3build2) ... Setting up apache2-data (2.4.58-1ubuntu8.5) ... Setting up python3-rfc3339 (1.1-4) ... Setting up libaprutil1t64:amd64 (1.6.3-1.1ubuntu7) ... Setting up libaprutil1-ldap:amd64 (1.6.3-1.1ubuntu7) ... Setting up libaprutil1-dbd-sqlite3:amd64 (1.6.3-1.1ubuntu7) ... Setting up python3-acme (2.9.0-1) ... Setting up python3-certbot (2.9.0-1) ... Setting up certbot (2.9.0-1) ... Created symlink /etc/systemd/system/timers.target.wants/certbot.timer → /usr/lib/systemd/system/certbot.timer. Setting up apache2-utils (2.4.58-1ubuntu8.5) ... Setting up apache2-bin (2.4.58-1ubuntu8.5) ... Setting up apache2 (2.4.58-1ubuntu8.5) ... Enabling module mpm_event. Enabling module authz_core. Enabling module authz_host. Enabling module authn_core. Enabling module auth_basic. Enabling module access_compat. Enabling module authn_file. Enabling module authz_user. Enabling module alias. Enabling module dir. Enabling module autoindex. Enabling module env. Enabling module mime. Enabling module negotiation. Enabling module setenvif. Enabling module filter. Enabling module deflate. Enabling module status. Enabling module reqtimeout. Enabling conf charset. Enabling conf localized-error-pages. Enabling conf other-vhosts-access-log. Enabling conf security. Enabling conf serve-cgi-bin. Enabling site 000-default. Created symlink /etc/systemd/system/multi-user.target.wants/apache2.service → /usr/lib/systemd/system/apache2.service. Created symlink /etc/systemd/system/multi-user.target.wants/apache-htcacheclean.service → /usr/lib/systemd/system/apache-htcacheclean.service. Setting up python3-certbot-apache (2.9.0-1) ... Processing triggers for ufw (0.36.2-6) ... Processing triggers for libc-bin (2.39-0ubuntu8.4) ... Scanning processes... Running kernel seems to be up-to-date. No services need to be restarted. No user sessions are running outdated binaries. # apt install plocate The following additional packages will be installed: liburing2 The following NEW packages will be installed: liburing2 plocate 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Setting up liburing2:amd64 (2.5-1build1) ... Setting up plocate (1.1.19-2ubuntu2) ... update-alternatives: using /usr/bin/plocate to provide /usr/bin/locate (locate) in auto mode update-alternatives: warning: skip creation of /usr/share/man/man1/locate.1.gz because associated file /usr/share/man/man1/plocate.1.gz (of link group locate) doesn't exist update-alternatives: warning: skip creation of /usr/share/man/man8/updatedb.8.gz because associated file /usr/share/man/man8/updatedb.plocate.8.gz (of link group locat e) doesn't exist info: Selecting GID from range 100 to 999 ... info: Adding group `plocate' (GID 107) ... Initializing plocate database; this may take some time... done Created symlink /etc/systemd/system/timers.target.wants/plocate-updatedb.timer → /usr/lib/systemd/system/plocate-updatedb.timer. Processing triggers for libc-bin (2.39-0ubuntu8.4) ... Scanning processes... Scanning linux images... Running kernel seems to be up-to-date. No services need to be restarted. # certbot --authenticator standalone --installer apache -d rustdesk.phas.ubc.ca Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for rustdesk.phas.ubc.ca Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/rustdesk.phas.ubc.ca/fullchain.pem Key is saved at: /etc/letsencrypt/live/rustdesk.phas.ubc.ca/privkey.pem This certificate expires on 2025-05-27. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. Deploying certificate Successfully deployed certificate for rustdesk.phas.ubc.ca to /etc/apache2/sites-available/000-default-le-ssl.conf Congratulations! You have successfully enabled HTTPS on https://rustdesk.phas.ubc.ca # vim /etc/letsencrypt/renewal-hooks/deploy/restartApache2 # cat /etc/letsencrypt/renewal-hooks/deploy/restartApache2 #!/bin/bash /usr/bin/systemctl restart apache2 # cd /etc/apache2/sites-enabled/ # ll total 0 lrwxrwxrwx 1 root root 52 Feb 26 15:50 000-default-le-ssl.conf -> /etc/apache2/sites-available/000-default-le-ssl.conf lrwxrwxrwx 1 root root 35 Feb 26 15:16 000-default.conf -> ../sites-available/000-default.conf # a2dissite 000-default.conf Site 000-default disabled. To activate the new configuration, you need to run: systemctl reload apache2 # a2dissite 000-default-le-ssl.conf Site 000-default-le-ssl disabled. To activate the new configuration, you need to run: systemctl reload apache2 # a2ensite rustdesk-ssl.conf Enabling site rustdesk-ssl. To activate the new configuration, you need to run: systemctl reload apache2 # a2enmod proxy_http Considering dependency proxy for proxy_http: Enabling module proxy. Enabling module proxy_http. To activate the new configuration, you need to run: systemctl restart apache2 # a2enmod proxy Module proxy already enabled # a2enmod rewrite Module rewrite already enabled # a2enmod headers Enabling module headers. To activate the new configuration, you need to run: systemctl restart apache2 ========================================================================================== 25-02-27 # cat /etc/systemd/system/gohttpserver.service [Unit] Description=Go HTTP Server [Service] Type=simple LimitNOFILE=1000000 ExecStart=/opt/gohttp/gohttpserver -r ./public --port 8000 --auth-type http --auth-http admin:FfZMNt85NZiZkiyh WorkingDirectory=/opt/gohttp/ User=root Group=root Restart=always StandardOutput=append:/var/log/gohttp/gohttpserver.log StandardError=append:/var/log/gohttp/gohttpserver.error # Restart service after 10 seconds if node service crashes RestartSec=10 [Install] WantedBy=multi-user.target # systemctl list-unit-files | grep -i rust rustdeskrelay.service enabled enabled rustdesksignal.service enabled enabled # systemctl status rustdeskrelay.service ● rustdeskrelay.service - Rustdesk Relay Server Loaded: loaded (/etc/systemd/system/rustdeskrelay.service; enabled; preset: enabled) Active: active (running) since Tue 2025-02-25 13:33:18 PST; 2 days ago Main PID: 2907 (hbbr) Tasks: 4 (limit: 1006) Memory: 540.0K (peak: 1.3M swap: 276.0K swap peak: 276.0K) CPU: 10.182s CGroup: /system.slice/rustdeskrelay.service └─2907 /opt/rustdesk/hbbr Feb 25 13:33:18 rustdesk systemd[1]: Started rustdeskrelay.service - Rustdesk Relay Server. [root@rustdesk-EduCld-UB24 ~] 15:50:32 # systemctl status rustdesksignal.service ● rustdesksignal.service - Rustdesk Signal Server Loaded: loaded (/etc/systemd/system/rustdesksignal.service; enabled; preset: enabled) Active: active (running) since Tue 2025-02-25 13:33:17 PST; 2 days ago Main PID: 2795 (hbbs) Tasks: 7 (limit: 1006) Memory: 5.7M (peak: 7.6M swap: 748.0K swap peak: 748.0K) CPU: 46.714s CGroup: /system.slice/rustdesksignal.service └─2795 /opt/rustdesk/hbbs Feb 25 13:33:17 rustdesk systemd[1]: Started rustdesksignal.service - Rustdesk Signal Server. ====================================================================================== 25-03-04 # apt install update-notifier-common The following additional packages will be installed: distro-info patch python3-debian ubuntu-pro-client ubuntu-pro-client-l10n update-manager-core Suggested packages: shunit2 ed diffutils-doc policykit-1 The following NEW packages will be installed: distro-info patch python3-debian ubuntu-pro-client ubuntu-pro-client-l10n update-manager-core update-notifier-common 0 upgraded, 7 newly installed, 0 to remove and 0 not upgraded. Setting up distro-info (1.7build1) ... Setting up python3-debian (0.1.49ubuntu2) ... Setting up patch (2.7.6-7build3) ... Setting up ubuntu-pro-client (34~24.04) ... Created symlink /etc/systemd/system/multi-user.target.wants/ua-reboot-cmds.service → /usr/lib/systemd/system/ua-reboot-cmds.service. Created symlink /etc/systemd/system/timers.target.wants/ua-timer.timer → /usr/lib/systemd/system/ua-timer.timer. Created symlink /etc/systemd/system/multi-user.target.wants/ubuntu-advantage.service → /usr/lib/systemd/system/ubuntu-advantage.serv ice. Setting up ubuntu-pro-client-l10n (34~24.04) ... Setting up update-manager-core (1:24.04.9) ... Setting up update-notifier-common (3.192.68build3) ... Created symlink /etc/systemd/system/timers.target.wants/update-notifier-download.timer → /usr/lib/systemd/system/update-notifier-dow nload.timer. Created symlink /etc/systemd/system/timers.target.wants/update-notifier-motd.timer → /usr/lib/systemd/system/update-notifier-motd.ti mer. update-notifier-download.service is a disabled or a static unit, not starting it. update-notifier-motd.service is a disabled or a static unit, not starting it. # dpkg-query -L update-notifier-common /etc/apt/apt.conf.d/10periodic /etc/apt/apt.conf.d/15update-stamp /etc/apt/apt.conf.d/20archive /etc/apt/apt.conf.d/99update-notifier /etc/update-motd.d/90-updates-available /etc/update-motd.d/95-hwe-eol /etc/update-motd.d/98-fsck-at-reboot /etc/update-motd.d/98-reboot-required /etc/update-notifier /lib/systemd/system/update-notifier-download.service /lib/systemd/system/update-notifier-download.timer /lib/systemd/system/update-notifier-motd.service /lib/systemd/system/update-notifier-motd.timer /usr/lib/update-notifier /usr/lib/update-notifier/apt-cdrom-check /usr/lib/update-notifier/apt_check.py /usr/lib/update-notifier/backend_helper.py /usr/lib/update-notifier/cddistupgrader /usr/lib/update-notifier/list-oem-metapackages /usr/lib/update-notifier/package-data-downloader /usr/lib/update-notifier/package-system-locked /usr/lib/update-notifier/update-motd-fsck-at-reboot /usr/lib/update-notifier/update-motd-hwe-eol /usr/lib/update-notifier/update-motd-reboot-required /usr/lib/update-notifier/update-motd-updates-available /usr/share /usr/share/doc /usr/share/package-data-downloads /usr/share/polkit-1/actions/com.ubuntu.update-notifier.policy /usr/share/update-notifier/notify-reboot-required /usr/share/update-notifier/notify-updates-outdated /usr/share/update-notifier/package-data-downloads-failed /usr/share/update-notifier/package-data-downloads-failed-permanently /usr/share/update-notifier/plugins /usr/share/update-notifier/plugins/cache-changed /usr/share/update-notifier/upgrader-patches /usr/share/update-notifier/upgrader-patches/update-manager-downloader-fix2.diff /var/lib/update-notifier /var/lib/update-notifier/package-data-downloads /var/lib/update-notifier/package-data-downloads/partial /var/lib/update-notifier/user.d /etc/kernel/postinst.d/update-notifier /usr/lib/update-notifier/apt-check ===================================================================================================== # shutdown -r 23:29 "Maintenance reboot at 23:29pm 2025-03-31" USEC=1743488940000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance\x20reboot\x20at\x2023:29pm\x202025-03-31 date -d @USEC ===================================================================================================== # shutdown -r 23:29 "Maintenance reboot at 23:29pm 2025-05-20" USEC=1747808940000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance\x20reboot\x20at\x2023:29pm\x202025-05-20 date -d @USEC