Skip to content

GinCz/Linux_Server_Public

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

644 Commits
109
109
Β 
Β 
222
222
Β 
Β 
AdGuard
AdGuard
Β 
Β 
VPN
VPN
Β 
Β 
XRAY
XRAY
Β 
Β 
ansible
ansible
Β 
Β 
cursor
cursor
Β 
Β 
scripts
scripts
Β 
Β 
temp
temp
Β 
Β 
.gitignore
.gitignore
Β 
Β 
CHANGELOG.md
CHANGELOG.md
Β 
Β 
LICENSE
LICENSE
Β 
Β 
OPERATIONS.md
OPERATIONS.md
Β 
Β 
README.md
README.md
Β 
Β 
WORKLOG.md
WORKLOG.md
Β 
Β 
domains.md
domains.md
Β 
Β 

Repository files navigation

πŸ–₯️ Linux Server Public β€” VladiMIR

Public configuration files, scripts, and documentation for production servers.
All secrets, passwords, API keys and FULL IP addresses are stored in a separate PRIVATE repository.

⚑ Quick Install One-Liners

Run these on any fresh server to get up and running fast.

πŸ†• New Server Setup (full bootstrap)

bash <(curl -sL https://raw.githubusercontent.com/GinCz/Linux_Server_Public/main/scripts/new_server_install.sh)

πŸ“Š Install SOS (server health monitor)

curl -fsSL https://raw.githubusercontent.com/GinCz/Linux_Server_Public/main/scripts/sos.sh \
  -o /usr/local/bin/sos && chmod +x /usr/local/bin/sos && sos

πŸ—‚οΈ Install Samba (any server)

bash <(curl -sL https://raw.githubusercontent.com/GinCz/Linux_Server_Public/main/scripts/samba_setup.sh)

πŸš€ VPN Node β€” Aliases + MOTD setup

bash <(curl -s https://raw.githubusercontent.com/GinCz/Linux_Server_Public/main/VPN/setup_aliases_and_motd.sh)

πŸ€– HOW TO WORK WITH AI (Mandatory Rules)

These rules apply to every session. The AI must follow them without exception.

1. πŸ” AI must ALWAYS read the repository first

Before answering ANY question β€” the AI must:

  1. Read the root README.md (this file)
  2. Read the relevant server folder README.md (e.g. 222/README.md)
  3. Read CHANGELOG.md to understand recent changes
  4. Only THEN answer, based on actual repo contents β€” not assumptions

If you are not sure what is already set up β€” check the repo first. Do NOT ask the server questions that can be answered by reading the repo.

2. πŸ“ EVERYTHING must be recorded in the repository

Every change, no matter how small, must be saved to the repo. This includes:

  • New scripts or config files
  • Any changes to existing scripts
  • New cron jobs or systemd units
  • Every problem encountered and how it was solved
  • Installation steps for any software
  • Backup configurations
  • Test results

If it was done on a server β€” it must exist in the repo. No exceptions.

3. πŸ’¬ Language rules

Where Language Notes
AI ↔ VladiMIR (chat) πŸ‡·πŸ‡Ί Russian only Always communicate in Russian in chat
This PUBLIC repo (Linux_Server_Public) πŸ‡¬πŸ‡§ English only All .md files, all comments inside scripts, all descriptions
Private repo (Secret_Privat) πŸ‡·πŸ‡Ί Russian Descriptions, notes and comments in Russian
Crypto bot repo (crypto-docker / private) πŸ‡·πŸ‡Ί Russian Descriptions, notes and comments in Russian

Summary:

  • Chat with AI β†’ always Russian
  • Public GitHub repo β†’ always English (code comments, README, all docs)
  • Private / secret repos β†’ Russian

4. πŸ’» Code blocks β€” execution rules

When the AI sends code, it must always clearly mark one of these:

πŸ“‹ INFO ONLY β€” do not run this

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

πŸš€ RUN ON SERVER: xxx.xxx.xxx.109 (109-RU-FastVDS)

πŸš€ RUN ON ALL SERVERS
  • Every executable code block must specify the exact server IP where it should run
  • If multiple code blocks are needed for the same task β†’ merge them into one script
  • Every script must start with clear to clear the terminal before output
  • Do NOT send 10 separate snippets when one combined script will do

5. πŸ” Security rules for this repo

βœ… Allowed in PUBLIC repo ❌ NEVER in PUBLIC repo
Template placeholders <VALUE> Real passwords
IP format: xxx.xxx.xxx.222 Full IP addresses
Script logic and structure API keys / tokens
Config templates SSH private keys
Documentation WireGuard private keys
Masked IPs (last octet only visible) Telegram Bot tokens
SSH public keys (even public keys reveal infrastructure)

IP masking format: only the last octet is shown. Examples:

  • 152.53.182.222 β†’ xxx.xxx.xxx.222
  • 212.109.223.109 β†’ xxx.xxx.xxx.109
  • 109.234.38.47 β†’ xxx.xxx.xxx.47

Full IPs, passwords and keys β†’ stored ONLY in the private Secret_Privat repository.

6. βš™οΈ Server Configuration Philosophy (CRITICAL)

All configuration must be done at the SERVER level β€” never per-account or per-domain.

The rule:

  • PHP settings (memory_limit, max_execution_time, opcache, etc.) β†’ set globally in php.ini or www.conf
  • Nginx settings (timeouts, buffers, limits) β†’ set globally in nginx.conf or conf.d/
  • MariaDB settings β†’ set globally in my.cnf
  • CrowdSec rules β†’ applied globally to all sites automatically
  • PHP-FPM pool parameters β†’ use a global template applied to all pools equally

Why:

  • Individual per-site tuning creates inconsistency and technical debt
  • If one site needs more resources, the server needs upgrading β€” not that one site's config
  • All hosted sites are equal β€” no site gets special treatment at config level
  • Easier maintenance: one change fixes all sites at once

What to do when a specific site misbehaves:

If a site shows errors, high CPU, memory issues, or behaves differently from others β€” do NOT edit its config files directly. Instead:

  1. Check if WordPress is up to date β€” log into the site's WP Admin and update all plugins, themes, and WordPress core
  2. Check if a CAPTCHA plugin is installed and working β€” every WP site must have an active, up-to-date CAPTCHA (e.g. Cloudflare Turnstile, hCaptcha, or similar)
  3. Check for outdated or abandoned plugins β€” deactivate anything not updated in 12+ months
  4. If the problem persists β€” investigate at the server level (PHP-FPM pool stats, error logs, CrowdSec decisions)

The AI must notify VladiMIR when a specific domain behaves differently from others:
"Domain example.cz is generating errors β€” please log into WP Admin, update all plugins/themes/core, and verify that a CAPTCHA plugin is installed and active."

πŸ—‚οΈ Repository Structure

LinuxServerPublic/
β”œβ”€β”€ 222/          β†’ Server 222-DE-NetCup   (xxx.xxx.xxx.222)  β€” NetCup.com, Germany
β”‚                  Ubuntu 24 / FASTPANEL / Cloudflare / CZ+EU sites
β”‚                  4 vCore AMD EPYC-Genoa / 8 GB DDR5 ECC / 256 GB NVMe
β”‚                  Tariff: VPS 1000 G12 (2026) β€” 8.60 €/mo
β”‚                  Key files: setup_aliases_and_motd.sh, SSH-Cursor-Setup.md
β”‚                  πŸ“– Full docs: 222/README.md
β”‚
β”œβ”€β”€ 109/          β†’ Server 109-RU-FastVDS  (xxx.xxx.xxx.109) β€” FastVDS.ru, Russia
β”‚                  Ubuntu 24 / FASTPANEL / No Cloudflare / RU sites
β”‚                  4 vCore AMD EPYC 7763 / 8 GB RAM / 80 GB NVMe
β”‚                  Tariff: VDS-KVM-NVMe-Otriv-10.0 β€” 13 €/mo
β”‚                  Key files: setup_aliases_and_motd.sh
β”‚                  πŸ“– Full docs: 109/README.md
β”‚
β”œβ”€β”€ VPN/          β†’ VPN infrastructure (X-ray / x-ui VLESS+Reality + AmneziaWG)
β”‚                  8 VPN nodes β€” see node table below
β”‚                  Automated backup system: Docker (Amnezia) + x-ui archives
β”‚                  Key files: setup_aliases_and_motd.sh
β”‚                  πŸ“– Full docs: VPN/README.md
β”‚
β”œβ”€β”€ XRAY/         β†’ x-ui / Xray installer scripts
β”‚                  Safe / Clean / Full-clean installers
β”‚
β”œβ”€β”€ scripts/      β†’ Shared scripts used by ALL servers
β”‚                  sos.sh               β€” universal server health monitor (ALL servers)
β”‚                  shared_aliases.sh    β€” common aliases (save, load, aw, mc...)
β”‚                  new_server_install.sh β€” full bootstrap for fresh servers
β”‚                  samba_setup.sh       β€” Samba installer for any server
β”‚                  infooo.sh            β€” legacy server info script
β”‚
β”œβ”€β”€ CHANGELOG.md  β†’ Full history of all changes
β”œβ”€β”€ OPERATIONS.md β†’ Operational procedures and runbooks
β”œβ”€β”€ domains.md    β†’ Domain list and DNS configuration
└── README.md     β†’ This file β€” AI rules, standards, quick reference

πŸ–₯️ Server Overview

Name IP (masked) Provider Location Panel Cloudflare Monthly
222-DE-NetCup xxx.xxx.xxx.222 NetCup.com Germany FASTPANEL βœ… Yes 8.60 €
109-RU-FastVDS xxx.xxx.xxx.109 FastVDS.ru Russia FASTPANEL ❌ No 13 €

Hardware (both servers): 4 vCore AMD EPYC / 8 GB RAM / 80–256 GB NVMe / Ubuntu 24 LTS

🌐 VPN Node Infrastructure

Nodes are in migration from AmneziaWG (Docker) to x-ui / Xray (VLESS + Reality).
Some nodes still run AmneziaWG in parallel. Both backup systems are active.

Node Name IP (masked) VPN Stack Extra Services
ALEX_47 xxx.xxx.xxx.47 βœ… x-ui / Xray Samba
4TON_237 xxx.xxx.xxx.237 βœ… x-ui / Xray Samba, Prometheus
TATRA_9 xxx.xxx.xxx.9 βœ… x-ui / Xray Samba, Uptime Kuma
SHAHIN_227 xxx.xxx.xxx.227 πŸ”„ AmneziaWG (Docker) Samba
STOLB_24 xxx.xxx.xxx.24 βœ… x-ui / Xray Samba, AdGuard Home
PILIK_178 xxx.xxx.xxx.178 πŸ”„ AmneziaWG (Docker) Samba
ILYA_176 xxx.xxx.xxx.176 πŸ”„ AmneziaWG (Docker) Samba
SO_38 xxx.xxx.xxx.38 βœ… x-ui / Xray Samba

βœ… x-ui / Xray = migrated to VLESS + Reality protocol
πŸ”„ AmneziaWG = still running Docker-based WireGuard obfuscation
Full IPs, keys and configs β†’ private Secret_Privat repository only.

πŸ—οΈ MOTD + .bashrc Architecture (IMPORTANT β€” read before editing)

Understanding this prevents the double MOTD display bug.

How shell startup works on these servers

When you SSH into a server, Linux runs two separate chains:

SSH login
β”œβ”€β”€ 1. LOGIN SHELL chain:  /etc/profile β†’ /etc/profile.d/*.sh
β”‚       └── /etc/profile.d/motd_server.sh  ← MOTD shown here (1st)
β”‚
└── 2. INTERACTIVE BASH:  /root/.bashrc
        └── source /root/Linux_Server_Public/222/.bashrc
                └── source scripts/shared_aliases.sh

If motd_server.sh has no guard, it fires on both chains β†’ MOTD shown twice.

The fix (v2026-04-28)

All motd_server.sh files now have a 2-line guard at the top:

shopt -q login_shell || return 0 2>/dev/null || exit 0
[ -n "$SSH_CONNECTION" ] || return 0 2>/dev/null || exit 0
  • shopt -q login_shell β€” true only for a login shell (SSH), false for source .bashrc
  • $SSH_CONNECTION β€” set only for real remote SSH sessions, empty for local/cron

Result: MOTD fires exactly once β€” on SSH login only.

.bashrc source chain (222)

/root/.bashrc
  └── source /root/Linux_Server_Public/222/.bashrc   ← server-specific aliases
          └── source /root/Linux_Server_Public/scripts/shared_aliases.sh  ← shared aliases
File Purpose On server In repo
/root/.bashrc Entry point, loads repo .bashrc /root/.bashrc 222/.bashrc
222/.bashrc Server-specific aliases + PS1 sourced by above 222/.bashrc
scripts/shared_aliases.sh Aliases shared by ALL servers sourced by 222/.bashrc scripts/shared_aliases.sh
/etc/profile.d/motd_server.sh MOTD banner (login only) auto-run at SSH login 222/motd_server.sh

Key rule: alias load is defined in 222/.bashrc, NOT in shared_aliases.sh

Because load must source /root/Linux_Server_Public/222/.bashrc β€” the path is server-specific.
If load were in shared_aliases.sh, it would be wrong on every other server.

MOTD setup script β€” three server variants

The script setup_aliases_and_motd.sh exists in three versions, one per environment:

File Server Deploys
222/setup_aliases_and_motd.sh 222-DE-NetCup MOTD + aliases + MC F2 menu for 222
109/setup_aliases_and_motd.sh 109-RU-FastVDS MOTD + aliases + MC F2 menu for 109
VPN/setup_aliases_and_motd.sh VPN nodes MOTD + aliases + MC F2 menu for VPN

Note: Version is stored inside the script only (# Version: vYYYY-MM-DD).
The filename never contains a version β€” only setup_aliases_and_motd.sh.

πŸ—‚οΈ Midnight Commander (mc) β€” F2 User Menu

⚠️ This section was written after 2 full days of debugging. Read carefully β€” do NOT repeat this.

How mc searches for the F2 User Menu (priority order)

mc checks these locations in order and uses the FIRST one it finds:

Priority Path Notes
1st ⚠️ ~/.mc.menu Hidden file in /root/ β€” THIS IS THE TRAP
2nd ~/.config/mc/menu Correct user menu location
3rd ~/.config/mc/mc.menu Also checked β€” causes confusion if both exist
4th /etc/mc/mc.menu System-wide fallback

⚠️ THE ROOT CAUSE (2 days of debugging β€” April 2026)

Problem: F2 showed a broken menu with contents like:

panel.1.directory=/root/Linux_Server_Public/222
panel.1.left
panel.2.directory=/root/Linux_Server_Public/scripts
user_menu=1

Root cause: File /root/.mc.menu existed (233 bytes, created Mar 24).
This is an old ini-style config fragment that mc was reading as the User Menu.
mc always checks ~/.mc.menu FIRST β€” before ~/.config/mc/menu.

Fix:

# Check if the trap file exists
ls -la /root/.mc.menu

# Delete it
rm /root/.mc.menu

# Verify correct menu is in place
head -3 ~/.config/mc/menu

Correct setup for mc F2 menu

The correct menu file must be at ~/.config/mc/menu:

# Deploy correct menu from repo (222 server)
cp /root/Linux_Server_Public/222/mc.menu ~/.config/mc/menu
chmod 644 ~/.config/mc/menu

# Verify
head -5 ~/.config/mc/menu
# Should start with: # mc.menu for 222-DE-NetCup

mc ini settings (important)

File: ~/.config/mc/ini

auto_save_setup=false   ← MUST be false β€” if true, mc overwrites menu on exit
auto_menu=false         ← MUST be false β€” if true, mc opens menu automatically on start

Check and fix:

grep "auto_save_setup\|auto_menu" ~/.config/mc/ini
sed -i 's/auto_save_setup=true/auto_save_setup=false/' ~/.config/mc/ini

Files involved per server

Server Repo source Deploy target
222-DE-NetCup 222/mc.menu ~/.config/mc/menu
109-RU-FastVDS 109/mc.menu ~/.config/mc/menu

Quick diagnostic (run when F2 is broken)

πŸš€ RUN ON SERVER where F2 is broken

clear
echo "=== TRAP FILE ===" && ls -la /root/.mc.menu 2>/dev/null || echo "OK β€” not present"
echo "=== CORRECT MENU ===" && head -3 ~/.config/mc/menu 2>/dev/null || echo "MISSING"
echo "=== ALL mc menu files ===" && find / -name "menu" -path "*/mc/*" 2>/dev/null
echo "=== INI auto_save ===" && grep "auto_save_setup\|auto_menu" ~/.config/mc/ini
echo "=== ALIAS mc ===" && alias | grep "alias mc"
echo "=== DONE ==="

Expected output:

=== TRAP FILE ===
OK β€” not present
=== CORRECT MENU ===
# mc.menu for 222-DE-NetCup β€” auto-generated by server_222.sh --install

Full fix in one command

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

clear
rm -f /root/.mc.menu
cp /root/Linux_Server_Public/222/mc.menu ~/.config/mc/menu
chmod 644 ~/.config/mc/menu
sed -i 's/auto_save_setup=true/auto_save_setup=false/' ~/.config/mc/ini
echo "=== MC F2 menu fixed ===" && head -3 ~/.config/mc/menu

πŸš€ RUN ON SERVER: xxx.xxx.xxx.109 (109-RU-FastVDS)

clear
rm -f /root/.mc.menu
cp /root/Linux_Server_Public/109/mc.menu ~/.config/mc/menu
chmod 644 ~/.config/mc/menu
sed -i 's/auto_save_setup=true/auto_save_setup=false/' ~/.config/mc/ini
echo "=== MC F2 menu fixed ===" && head -3 ~/.config/mc/menu

✏️ How to Edit MOTD Banner (login screen)

MOTD = the banner you see every time you SSH into the server.

Where is the file?

Server File on server File in repo
222-DE-NetCup /etc/profile.d/motd_server.sh 222/motd_server.sh
109-RU-FastVDS /etc/profile.d/motd_server.sh 109/motd_server.sh
VPN nodes /etc/profile.d/motd_server.sh VPN/motd_server.sh

How to add/remove an alias from the MOTD menu:

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

clear
nano /etc/profile.d/motd_server.sh
# Find the block: # Row 1 (SCAN/SERVER/WORDPRESS) or # Row 2 (BOT/GIT/TOOLS)
# Each line format:
# echo -e "  ${G}aliasname${X}(description)   ${G}alias2${X}(desc)"
# Column width: ~26 chars per column (use spaces to align)
# Test immediately:
bash /etc/profile.d/motd_server.sh
# Save to repo:
cd /root/Linux_Server_Public
cp /etc/profile.d/motd_server.sh 222/motd_server.sh
save

✏️ How to Edit Aliases (.bashrc)

Where is the file?

Server File on server File in repo
222-DE-NetCup /root/.bashrc 222/.bashrc
109-RU-FastVDS /root/.bashrc 109/.bashrc
VPN nodes /root/.bashrc VPN/.bashrc
ALL servers (shared) sourced from .bashrc scripts/shared_aliases.sh

How to add an alias:

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

clear
nano /root/.bashrc
# Add line: alias myalias='command'
source /root/.bashrc          # apply without re-login
# Also add it to MOTD menu (motd_server.sh) so it shows in the banner!
# Save to repo:
cd /root/Linux_Server_Public
cp /root/.bashrc 222/.bashrc
save

πŸ”„ Standard Update Workflow

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

clear
# Pull latest from repo and install on server:
cd /root/Linux_Server_Public && git pull
cp 222/motd_server.sh /etc/profile.d/motd_server.sh
cp 222/.bashrc /root/.bashrc
source /root/.bashrc
bash /etc/profile.d/motd_server.sh

# After editing files on server β€” push back to repo:
cd /root/Linux_Server_Public
cp /etc/profile.d/motd_server.sh 222/motd_server.sh
cp /root/.bashrc 222/.bashrc
save

πŸ” SSH Key Management

Generate a new SSH key pair (on your LOCAL machine β€” do NOT run on server):

πŸ“‹ INFO ONLY β€” run on your LOCAL machine

ssh-keygen -t ed25519 -C "yourname@server" -f ~/.ssh/id_ed25519_servername

Add public key to server:

πŸ“‹ INFO ONLY β€” adjust IP before running

ssh-copy-id -i ~/.ssh/id_ed25519_servername.pub root@SERVER_IP
# OR manually:
cat ~/.ssh/id_ed25519_servername.pub >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys

Cursor IDE / SSH config (~/.ssh/config on Windows):

See full setup guide: 222/SSH-Cursor-Setup.md

Host netcup
    HostName <FULL_IP_FROM_SECRET_REPO>
    User root
    Port 2222
    IdentityFile C:\\Users\\USER\\.ssh\\id_ed25519_win

Host fastvds alex47 4ton237 tatra9 shahin227 stolb24 pilik178 ilya176 so38
    User root
    Port 22
    IdentityFile C:\\Users\\USER\\.ssh\\id_ed25519_win
    ProxyJump netcup

πŸ”’ CrowdSec β€” Fix Engine INACTIVE

πŸš€ RUN ON SERVER where CrowdSec is broken

clear
mkdir -p /etc/crowdsec/hub
cscli hub update
cscli hub upgrade
systemctl restart crowdsec
systemctl status crowdsec --no-pager | head -5

🚨 PHP-FPM Watchdog β€” Telegram Alert

If you receive a Telegram alert:

⚠️ 222-DE-NetCup
PHP-FPM pool kk-med.eu
CPU=103% for 29min β†’ php-fpm restarted automatically

This means the watchdog (php_fpm_watchdog.sh) detected a runaway PHP-FPM pool and restarted it.
This is normal auto-recovery β€” no manual action needed unless it repeats.

To investigate:

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

clear
watchdog          # check current PHP-FPM state
sos               # check recent nginx/php errors
wphealth          # check WordPress sites health

πŸ’Ύ Backup System

ALL Servers β€” Universal Backup (configs + Docker)

  • Script: scripts/backup_all_servers_v2026-04-28.sh
  • Alias: f5backup
  • What: Backs up ALL 10 servers in one run:
    • Configs: nginx, php, mysql, crowdsec, fail2ban, ufw, cron, systemd, bashrc, ssh keys
    • Docker image archives for: crypto-bot, semaphore (222), amnezia-awg2 (109), amnezia-awg (VPN nodes)
    • x-ui / Xray dirs for: ALEX, 4TON, TATRA, STOLB, SO nodes
  • Schedule: Wednesday 03:00 + Saturday 03:00 via cron on 222
  • Keeps: last 10 date-folders per server (~5 weeks)
  • Storage: /BACKUP/<SERVER_LABEL>/<YYYY-MM-DD>/
  • Telegram: sends summary after completion

VPN β€” AmneziaWG Docker Backup

  • Script: VPN/vpn_docker_backup.sh
  • Alias: f5vpn
  • What: Docker commit + tar.gz of amnezia-awg container on each node
  • Nodes backed up: SHAHIN_227, PILIK_178, ILYA_176 (still on AmneziaWG)
  • Nodes skipped: ALEX_47, 4TON_237, TATRA_9, STOLB_24, SO_38 (migrated to x-ui)
  • Schedule: Sunday 03:00 via cron
  • Keeps: last 5 archives per node
  • Storage: /BACKUP/vpn/<NODE>/

VPN β€” x-ui / Xray Backup (all nodes)

  • Script: VPN/xray_backup_all_nodes.sh
  • Alias: f5xray
  • What: Archives /usr/local/x-ui, /etc/x-ui, /usr/local/share/xray, /root/cert, /etc/xray from each node
  • Nodes backed up: ALEX_47, 4TON_237, TATRA_9, STOLB_24, SO_38
  • Nodes skipped: SHAHIN_227, PILIK_178, ILYA_176 (x-ui not installed)
  • Schedule: Sunday 03:30 via cron (30 min after f5vpn)
  • Keeps: last 8 archives per node (~2 months history)
  • Storage: /BACKUP/vpn/<NODE>/xray/
  • Archive size: ~47 MB per node

Server Backup (222 / 109)

  • Script: 222/backup_clean.sh and 109/backup_clean.sh
  • Backs up all WordPress sites, databases, and configs
  • Full docs: 222/README.md

πŸ“œ Coding Standards (Mandatory for ALL scripts)

Every script committed to this repository must follow these rules:

1. 🌈 Colour Output

RED='\033[0;31m'     # Errors, critical warnings
YEL='\033[1;33m'     # Warnings, detected values
GRN='\033[0;32m'     # Success, OK messages
CYN='\033[0;36m'     # Section headers, info blocks
NC='\033[0m'         # Reset colour

2. πŸ“ Version (date-based, INSIDE script only)

# Version: v2026-04-28

⚠️ The version must NEVER appear in the filename.
Correct: backup_clean.sh
Wrong: backup_clean_v2026-04-28.sh

Version history is tracked by Git β€” every commit has a date, author and SHA.
To recover an older version: git log -- 222/backup_clean.sh then git show <sha>:222/backup_clean.sh

3. πŸ“ Header Block (mandatory for every script)

#!/bin/bash
# =============================================================
# Script: script_name.sh
# Version: vYYYY-MM-DD
# Server: [server label and masked IP, e.g. 222-DE-NetCup xxx.xxx.xxx.222]
# Description: What this script does (2-4 sentences).
# Usage: bash script_name.sh
# Dependencies: list tools required (e.g. docker, pigz, curl)
# WARNING: [side effects if any β€” e.g. restarts nginx]
# = Rooted by VladiMIR | AI =
# =============================================================
clear

4. πŸ”’ No Secrets β€” Ever

  • βœ… Templates with <PLACEHOLDER> β€” allowed
  • βœ… Masked IPs xxx.xxx.xxx.222 β€” allowed
  • ❌ Passwords, API keys, tokens, private keys β€” NEVER in this repo
  • ❌ Full IP addresses β€” NEVER in this repo
  • ❌ SSH public keys β€” NEVER in this repo (reveals infrastructure)
  • Real credentials and IPs β†’ private Secret_Privat repo only

5. πŸ“‚ File Placement Rules

Location Purpose
222/ Scripts/configs for NetCup Germany server
109/ Scripts/configs for FastVDS Russia server
VPN/ Scripts/configs for X-ray / x-ui VPN nodes (AmneziaWG + Xray)
XRAY/ x-ui / Xray installer scripts
scripts/ Shared across ALL servers (including sos.sh, infooo.sh)

6. πŸ“‹ Script Naming Convention

Rule: filename = clean name only. Version inside the script, not in the filename.

description.sh

Examples:

  • βœ… backup_clean.sh β€” correct
  • βœ… setup_aliases_and_motd.sh β€” correct
  • βœ… sos.sh β€” correct
  • ❌ backup_clean_v2026-04-28.sh β€” wrong, version in filename
  • ❌ setup_aliases_and_motd_vpn_v2026-04-25.sh β€” wrong

Numbered utility scripts (legacy exception):

NN_servername_description.sh

Example: 01_222_clean_vpn_reports.sh

πŸš€ Key Scripts Reference

PHP-FPM Limits (per-site CPU/RAM cap)

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

clear
bash /root/Linux_Server_Public/222/set_php_fpm_limits.sh

πŸš€ RUN ON SERVER: xxx.xxx.xxx.109 (109-RU-FastVDS)

clear
bash /root/Linux_Server_Public/109/set_php_fpm_limits.sh
Parameter Value Effect
pm.max_children ≀8 (calc from RAM) Limits concurrent PHP processes
pm.max_requests 500 Prevents memory leaks
CPUQuota 320% (4 cores Γ— 80%) Hard CPU cap via systemd
MemoryMax ~6.8 GB (85% of 8 GB) Hard RAM cap via systemd
OOMScoreAdjust 300 OOM killer priority

VPN Backups

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

clear
# AmneziaWG Docker backup (SHAHIN, PILIK, ILYA)
f5vpn

# x-ui / Xray backup (ALEX, 4TON, TATRA, STOLB, SO)
f5xray

AmneziaWG VPN Node Statistics

πŸš€ RUN ON SERVER: xxx.xxx.xxx.222 (222-DE-NetCup)

clear
bash /root/Linux_Server_Public/VPN/amnezia_stat.sh

πŸ”— Quick Links

πŸš€ XRAY + x-ui Installers

1. Safe Installer (adds to existing services)

bash <(curl -s https://raw.githubusercontent.com/GinCz/Linux_Server_Public/main/XRAY/xray_safe_installer.sh)

2. Clean Installer (removes old Xray only)

bash <(curl -s https://raw.githubusercontent.com/GinCz/Linux_Server_Public/main/XRAY/xray_clean_installer.sh)

3. Full Clean Installer (for fresh servers)

bash <(curl -s https://raw.githubusercontent.com/GinCz/Linux_Server_Public/main/XRAY/xray_installer.sh)

= Rooted by VladiMIR | AI =

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages