OSMC nfs-server plugin


Recently found some inspiration to look at this again. Now installable as addon, no need to edit keymaps. Just run the addon and follow the instructions, available for both kodi 18 & 19:

kodi 18
kodi 19

Kodi 18 takes longer to start as it has additional dependences.

Git Repository can found here, again please comment below.

Thanks Tom.

Raspian/Debian Thermometer Update – SystemD Timer

Hi this an update to a post from a couple of years ago:


Specifically the scheduling of a job to run the temperature check & send email email alert if required, with a SystemD timer rather than a Cron job. Also removing the requirement for a separate python script. The temperature check and alert is now all done with one bash script.  The script does now require installing msmtp, this does require some configuration to work with an external mail server (as did the python script in the original post); a quick google search should give you all you need; if not please comment and I’ll assist further.

Updated bash script (/home/pi/temp-check.sh):

TEMP=$(/usr/local/bin/tempered | grep -oP '(?<=/dev/hidraw1 0: temperature) [\d.]+')
if [ $TEMP \> $MAXTEMP ];
echo -e "Subject: $TEMP°c Temperature is to high! \r\n\r\n$TEMP°c Temperature is to high!" |msmtp --from=from@example.com -t to@example.com
echo "Temperature" $TEMP"°c, normal";

Just set the MAXTEMP variable, to the maximum desired temperature.

Now the SystemD timer, first thing is to create the service unit (/lib/systemd/system/check-temp.service):

Description=Temperature Check



Next the timer unit is created (/lib/systemd/system/check-temp.timer):

Description=Check Temperature Timer



Here the timer is scheduled to run every 15 minutes, this can be increased and decreased, more details can be found here.

To schedule the job, please run:
$ sudo systemctl start check-temp.timer

So it persists after a reboot please issue:
$ sudo systemctl enable check-temp.timer

And that’s it, temparature check and aleart should now be scheduled via a SystemD timer.

Centos 8 Desktop (Workstation) Kickstart File

Being a long time user of Fedora and a frequent browser on their discourse. I quite often see posts, where users do not want to move on from a version of Fedora which they consider stable, but the version is EOL. These sort of posts are quite often followed with suggestions to use Centos rather than Fedora. Problem with this is that Centos is more of a server distro, and although its possible to install a desktop environment, it isn’t as straight forward as it is with other distros. This is why I have created a kickstart file:


Which I hope takes the hardwork out setting Gnome-workstation with Centos 8. It also includes TLP to improve battery life, is only enabled on Laptops. I looked at the way Fedora does this, but this would require changes to kernel; which is beyond the scope of this project.

Thanks Again, all comments are welcome,


Kodi-NFS-Server, for OSMC


Here is a script for setting up an NFS server that works within kodi for OSMC, for both kodi 18 & 19; I’ve also created created an uninstall script. This wouldn’t have been possible without the help of bmillham who is a member of the OSMC team.

Install: https://github.com/tomdoyle87/osmc-nfs-server-python3/blob/master/Kodi-nfs-server-setup.py 2

Uninstall: https://github.com/tomdoyle87/osmc-nfs-server-python3/blob/master/Kodi-uninstall-nfs-server.py

The easiest way is to map some shortcuts to some keys for example f11 & f12, for example (will need to use the command line):

cd /home/osmc/.kodi/userdata
wget https://raw.githubusercontent.com/tomdoyle87/osmc-nfs-server-python3/master/Kodi-nfs-server-setup.py
wget https://raw.githubusercontent.com/tomdoyle87/osmc-nfs-server-python3/master/Kodi-uninstall-nfs-server.py

Then add the following to keyboard.xml or remote.xml (in the global section):


If you need any further assistance with setting up, please comment below. Also I will gladly receive any thoughts or feedback.

Currently only works with OSMC, but shouldn’t require many changes to work on other linux based kodi platforms; glad to help anybody looking to do this, again please comment below.

Thanks Tom.

APF Fork, APF-SystemD

Good Evening,

Readers of my previous posts, will be aware I noticed issues with apf under systemd; further details can found here.

Further updates and improvements were reported here. On a side note I’ve never received a response to the issue I raised on rfxn’s github.

I acknowledge that life can take people away from open-source projects , so I’ve created my own fork with some extras. Not only have I made improvements over the systemd solution provided on this blog previously. The fork also includes auto update with email alert and an un-install bash script.

The fork can be found on github.

Thanks Tom.

P.S Please feel free to comment.

CPANEL updates, automated error checking.

This is a follow up to this post. The below script is written with automated CPANEL updates in mind, but could be quite easily modified to be used with any automated updates with logs.

cd /var/cpanel/updatelogs # Change to cpanel updates logs directory.
VAR1=$(ls -tr up*|tail -1) # Find the latest log and set it as a variable.
egrep 'Error:|error:|Another app is currently holding the yum lock|Segmentation fault' $VAR1 > /tmp/update-check # Check for errors and output to temp file
if egrep 'Error:|error:|Another app is currently holding the yum lock|Segmentation fault' /tmp/update-check; then # If then to check for errors and send email alert if  required.
     /bin/mail -s "$(echo -e "Check to see if updates work, failed\nX-Priority: 1")" < /tmp/update-check root
unset VAR1 # Unset variable.

Cronjob should be scheduled about an hour after updates:

0 0 * * * /bin/bash  /usr/local/sbin/upcp-check.sh &>/dev/null 

Thanks Tom.

P.S Please feel free to comment.

Advanced Policy Firewall Systemd – Proper solution.

This post is an update to the blog posted here. I believe I have a working solution for the apf service to fail, if apf doesn’t start correctly:


Description=apf firewall with iptables
After=syslog.target network.target

ExecStop=/usr/local/sbin/apf --stop



/usr/local/sbin/apf --start &> /tmp/check-apf
if egrep 'unable to load iptables module|timed out while attempting to gain lock|could not process allow_hosts|could not process deny_hosts|apf does not appear to have rules loaded|could not verify that interface|trust rules unchanged since last refresh' /tmp/check-apf; then
     /usr/local/sbin/apf --stop
     echo "APF Aborted"
     exit 1
     echo "All ok"
exit 0

From looking at /etc/apf/internals/functions.apf, the egrep should cover all possible errors. If anyone thinks I’ve missed any, please feel free to let me know.

I have confirmed results in systemd failure by changing un-trusted interface to a interface which doesn’t exist on my system.

I’ve updated the issue for this on rfxn’s github.

Thanks Tom.

P.S Please feel free to comment.

Centos Yum update, failure alert – Updated Scripts

This is an update to the blog posted here. The original scripts have an issue when updates are available, in the fact that there is an alert sent if the updates are not installed. Being as the whole point is to check whether updates work, rather than updating; this is unwanted behaviour. So the scripts have been rewritten:

Centos 6:

/usr/bin/timeout 120 /usr/bin/yum update --assumeno &> /tmp/check-update # check for rpm database & dependency errors
rm -rf /tmp/yum_save_tx* # clear yum saved transactions
if egrep 'Error:|error:|Another app is currently holding the yum lock|Segmentation fault' /tmp/check-update; then # if condition checks yum output for errors and sends email if there is any
    /bin/mail -s "$(echo -e "Check to see if updates work, failed\nX-Priority: 1")" < /tmp/check-update root

Centos 7:

/bin/timeout 120 /bin/yum update --assumeno &> /tmp/check-update # check for rpm database & dependency errors
rm -rf /tmp/yum_save_tx* # clear yum saved transactions
if egrep 'Error:| error:|Another app is currently holding the yum lock|Segmentation fault' /tmp/check-update; then # if condition checks yum output for errors and sends email if there is any
    /bin/mail -s "$(echo -e "Check to see if updates work, failed\nX-Priority: 1")" < /tmp/check-update root

Thanks Tom.

P.S Please feel free to comment.

Centos Yum update, failure alert

As linux systems admin you may have multiple servers, in this case it would make sense to automate updates. But even with the best monitoring failed updates can occasionally go unnoticed, with crontab and the below script; this can be avoided.

Create the script with you choice of editor:

Centos 7:

/bin/timeout 120 /bin/yum update --assumeno &> /tmp/check-update || /bin/mail -s "$(echo -e "Check to see if updates work, failed\nX-Priority: 1")" < /tmp/check-update root

Centos 6:

/usr/bin/timeout 120 /usr/bin/yum update --assumeno &> /tmp/check-update || /bin/mail -s "$(echo -e "Check to see if updates work, failed\nX-Priority: 1")" < /tmp/check-update root

Lets breakdown the script before we go any further:

timeout 120 – This causes yum to automatically closes after 2 minutes, this prevents the script from causing the automatic update from failing.

yum update –assumeno – The script is only for testing updating works, not to install updates; this is what the assume no flag does.

&> /tmp/check-update – Writes (also overwrites) error and standard output to /tmp/check-update

|| /bin/mail -s “$(echo -e “Check to see if updates work, failed\nX-Priority: 1″)” < /tmp/check-update root – Email is only sent if for any reason updates would fail, subject is set to: Check to see if updates work, failed. Importance Priority 1 is set in the header of the email. Uses /tmp/check-update as the body of the email. Then sends the email to root, normally an alias would be used for root so the email is sent to the system administrator; but alias’s are not covered here.

Make the script only executable by root:
$ chmod u+x /usr/local/sbin/ifupdateswork.sh

Now schedule using crontab, I suggest running this script about an hour before the automated updates so for example mine looks like this:

0 0 * * * /bin/bash  /usr/local/sbin/ifupdateswork.sh

On this particular server automated updates run at 12:51 am every day.

Thats it, all done. If there are now any issues with updates an email alert will be sent and only then.

Thanks Tom.

P.S Please feel free to comment.

Arch Linux, openvpn Transmission Server on A KVM Virtual Machine.

This Weekend I decided to challenge myself, to setting a Tranmisson Server with Arch Linux on a KVM. For those of you not aware Arch Linux is a minimalist, with a lot of self config; a rolling release with latest packages.

These are the steps I followed:

Boot The KVM with install ISO, which can be downloaded from here: https://www.archlinux.org/download/

Follow this guide https://wiki.archlinux.org/index.php/installation_guide until Initramfs, Then:

edit /etc/mkinitcpio.conf: MODULES=(virtio virtio_blk virtio_pci virtio_net)

mkinitcpio -p linux

set root password with passwd
create new user:
useradd -m -g users -s /bin/bash *username*
passwd *username*

pacman -S grub grub-bios
grub-install –target=i386-pc –recheck /dev/vda
pacman -S os-prober
mkdir -p /boot/grub/locale
cp /usr/share/locale/en@quot/LC_MESSAGES/grub.mo /boot/grub/locale/en.mo
grub-mkconfig > /boot/grub/grub.cfg

umount -R /mnt
reboot 0

You should now having a working Arch Linux install, but no network; check this guide to resolve:

Being as this a server, it should use a static IP address. Method 2 for static IP works.

add a nameserver to to /etc/resolv.conf e.g:

# Resolver configuration file.
# See resolv.conf(5) for details.

edit /etc/sudoers to add user to sudo or drop sudo from the below commands and run as root instead.


sudo pacman -S mlocate openvpn wget unzip python transmission-cli autofs nfs-utils intel-ucode polkit haveged iptables

update grub configuration for intel-ucode:

sudo grub-mkconfig -o /boot/grub/grub.cfg

The following is needed so ssh works on startup, without having to login in to the console first:

sudo systemctl enable haveged


sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
sudo iptables -A FORWARD -i tun0 -o ens3 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i ens3 -o tun0 -j ACCEPT
sudo iptables -A OUTPUT -o tun0 -m comment --comment "vpn" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p icmp -m comment --comment "icmp" -j ACCEPT
sudo iptables -A OUTPUT -d -o ens3 -m comment --comment "lan" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p udp -m udp --dport 1198 -m comment --comment "openvpn" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p tcp -m tcp --sport 22 -m comment --comment "ssh" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p udp -m udp --dport 123 -m comment --comment "ntp" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p udp -m udp --dport 53 -m comment --comment "dns" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p tcp -m tcp --dport 53 -m comment --comment "dns" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -j DROP

replace with your IP Range.

sudo su

iptables-save > /etc/iptables/iptables.rules

Openvpn configuration will vary depending on the provider, essentailly though provider will provide .opvn files for each server. This needs copying to a *.vpn, for example vpn.conf. Now create /etc/pass.txt add your vpn credentials, username first line; password 2nd. Update the following in vpn.conf:

auth-user-pass /etc/openvpn/pass.txt

sudo systemctl start openvpn@vpn
sudo systemctl enable openvpn@vpn

You can confirm you are no longer using your ISPs IP with:

curl ipinfo.io/ip

Network share

I’m assuming like me you downloading torrents to a network share, if not skip to Tranmssion Config

Using Autofs and /mnt/Transmission as the mount point:

sudo mkdir /mnt/Transmission

edit: /etc/autofs/auto.master

/- /etc/autofs/auto.server_name –timeout 15 browse

edit: /- /etc/autofs/auto.server_name

/mnt/Transmission IP of *server1*:*/path/to/share1*

sudo systemctl restart autofs

Tranmssion Config

sudo systemctl start transmisson
sudo systemctl stop transmisson

edit: /var/lib/transmission/.config/transmission-daemon/settings.json

You will want to update:

“download-dir”: “/mnt/Transmission/complete”,
“incomplete-dir”: “/mnt/Transmission/incomplete”,
“incomplete-dir-enabled”: true,
“rpc-password”: “password*,
“rpc-username”: “*username”,

optional limit to your network:

“rpc-whitelist”: “,192.168.1.*”,

update 192.168.1 to your subnet.

sudo systemctl start transmisson
sudo systemctl enable transmisson

That’s it, like me you should now have a openvpn torrent server arch linux KVM.

Thanks Tom.

PS Feel Free to comment.