From 1496e455094ff87dd15ea675435e8fd420a60c03 Mon Sep 17 00:00:00 2001
From: bmixed <bmixed@noreply.localhost>
Date: Tue, 14 Apr 2026 21:50:30 +0000
Subject: [PATCH] Upload files to "/"

---
 bldo     |   6 ++
 bsec     |  21 +++++
 f2b      |   4 +
 f2bb     |   4 +
 lamp     | 234 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 lamppctl |  61 +++++++++++++++
 psl      |   3 +
 rac      |  17 ++++
 rks      |  12 +++
 scl      |   4 +
 servinst |  45 +++++++++++
 snrt     |   9 +++
 snrtlg   |   5 ++
 srvbkp   |  44 +++++++++++
 tools    |  64 +++++++++++++++
 ufwb     |   9 +++
 ufwb6    |  12 +++
 up       |  11 +++
 upcerts  |  46 +++++++++++
 19 files changed, 611 insertions(+)
 create mode 100644 bldo
 create mode 100644 bsec
 create mode 100644 f2b
 create mode 100644 f2bb
 create mode 100644 lamp
 create mode 100644 lamppctl
 create mode 100644 psl
 create mode 100644 rac
 create mode 100644 rks
 create mode 100644 scl
 create mode 100644 servinst
 create mode 100644 snrt
 create mode 100644 snrtlg
 create mode 100644 srvbkp
 create mode 100644 tools
 create mode 100644 ufwb
 create mode 100644 ufwb6
 create mode 100644 up
 create mode 100644 upcerts

diff --git a/bldo b/bldo
new file mode 100644
index 0000000..2f8a696
--- /dev/null
+++ b/bldo
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+echo "DOMAIN TO BLOCK:"
+read d
+echo "address=/$d/0.0.0.0" | sudo tee -a /etc/dnsmasq.conf
+sudo systemctl restart dnsmasq
diff --git a/bsec b/bsec
new file mode 100644
index 0000000..da30269
--- /dev/null
+++ b/bsec
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+sudo clear
+sudo rm -rf cav.log
+echo 'Updating...'
+sudo apt install ufw gufw clamav clamtk bleachbit fail2ban
+echo 'Checking Firewall...'
+sudo ufw status
+sudo ufw allow ssh
+sudo ufw reload
+sudo ufw enable
+sudo ufw status
+sudo systemctl stop clamav-freshclam.service
+sudo freshclam
+sudo systemctl start clamav-freshclam.service
+echo 'Cleaning...'
+bleachbit --clean system.tmp system.cache system.trash deepscan.tmp deepscan.thumbs_db deepscan.ds_store
+echo 'Scanning...'
+clamscan --bell -raoiz --bytecode --scan-mail --phishing-sigs --cross-fs --log=cav.log --heuristic-alerts --phishing-scan-urls #--detect-pua #--detect-structured #-v
+echo 'Done.'
+read -n1
diff --git a/f2b b/f2b
new file mode 100644
index 0000000..6ceaaa6
--- /dev/null
+++ b/f2b
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+clear
+sudo tail -f /var/log/fail2ban.log
diff --git a/f2bb b/f2bb
new file mode 100644
index 0000000..e1d94c5
--- /dev/null
+++ b/f2bb
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+clear
+sudo tail -f | sudo zgrep 'Ban' /var/log/fail2ban.log
diff --git a/lamp b/lamp
new file mode 100644
index 0000000..cc4abb0
--- /dev/null
+++ b/lamp
@@ -0,0 +1,234 @@
+#!/bin/bash
+
+sudo clear
+echo "LAMP STACK SCRIPT"
+echo -n '
+ 1 - START
+ 2 - STOP
+ 3 - RESTART
+ 4 - STATUS
+ 5 - ENABLE ON BOOT (systemd)
+ 6 - DISABLE ON BOOT (systemd)
+ 7 - INSTALL LAMP
+ 8 - REMOVE LAMP
+ 9 - FIX PHPMYADMIN
+10 - DOWNLOAD TINY FILE MANAGER + ADMINER
+11 - INSTALL WORDPRESS
+12 - INSTALL DOLIBARR
+13 - RUN CERTBOT (SSL)
+14 - UPDATE LAMP
+ 0 - EXIT
+'
+read x
+case $x in
+
+1)
+clear
+echo "STARTING LAMP..."
+sudo service apache2 start
+sudo service mariadb start
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+2)
+clear
+echo "STOPPING LAMP..."
+sudo service apache2 stop
+sudo service mariadb stop
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+3)
+clear
+echo "RESTARTING LAMP..."
+sudo service apache2 reload
+sudo service apache2 restart
+sudo service mariadb restart
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+4)
+clear
+echo "LAMP STATUS..."
+echo "PRESS Q TO CONTINUE..."
+sudo service apache2 status
+sudo service mariadb status
+php -v
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+5)
+clear
+echo "ENABLEING LAMP ON BOOT..."
+sudo systemctl enable apache2 mariadb
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+6)
+clear
+echo "DISABLEING LAMP ON BOOT..."
+sudo systemctl disable apache2 mariadb
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+7)
+clear
+echo "INSTALLING LAMP..."
+sudo apt update
+sudo apt install -y apache2 mariadb-server php libapache2-mod-php php-mysql php-sqlite3 phpmyadmin snap snapd  #adminer
+#sudo apt install -y certbot python3-certbot-apache
+sudo snap install certbot --classic
+sudo ln -s /snap/bin/certbot /usr/bin/certbot
+sudo systemctl disable lighttpd
+sudo service apache2 start
+sudo service mariadb start
+sudo mysql_secure_installation
+#sudo echo 'Include /etc/phpmyadmin/apache.conf' >> /etc/apache2/apache2.conf
+sudo mysql -u root -p<< CMD
+CREATE USER 'webroot'@'localhost' IDENTIFIED BY 'w3bp4ssw0rd';
+GRANT ALL PRIVILEGES ON *.* TO 'webroot'@'localhost' WITH GRANT OPTION;
+FLUSH PRIVILEGES;
+CMD
+echo ''
+echo 'LOGIN PAGE:'
+echo 'http://127.0.0.1/phpmyadmin'
+echo 'http://localhost/phpmyadmin'
+echo 'USER: webroot'
+echo 'PASSWORD: w3bp4ssw0rd'
+echo ''
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+8)
+clear
+echo "REMOVING LAMP..."
+sudo apt update
+sudo apt remove --purge apache2 mariadb-server php libapache2-mod-php php-mysql phpmyadmin certbot mysql-server mysql-client mysql-common #adminer
+sudo apt purge apache2 mariadb-server php libapache2-mod-php php-mysql phpmyadmin certbot mysql-server mysql-client mysql-common #admine
+sudo apt autoremove; sudo apt autoclean
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+9)
+clear
+echo "FIXING PHPMYADMIN..."
+sudo echo 'Include /etc/phpmyadmin/apache.conf' >> /etc/apache2/apache2.conf
+#sudo echo 'Include /etc/adminer/apache.conf' >> /etc/apache2/apache2.conf
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+10)
+clear
+echo "DOWNLOADING TINY FILE MANAGER + ADMINER..."
+sudo mkdir /var/www/html/tfm
+sudo mkdir /var/www/html/adm
+sudo wget https://raw.githubusercontent.com/prasathmani/tinyfilemanager/master/tinyfilemanager.php -O /var/www/html/tfm/index.php
+sudo wget https://www.adminer.org/latest.php -O /var/www/html/adm/index.php
+sudo chown www-data:www-data /var/www/html/tfm
+sudo chown www-data:www-data /var/www/html/adm
+sudo chown www-data:www-data /var/www/html
+shopt -s dotglob
+sudo chown -R www-data:www-data /var/www/html/*
+echo 'DONE.'
+echo 'TINY FILEMANAGER = /TFM'
+echo 'ADMINER = /ADM'
+read -n1
+clear
+./lamp
+;;
+
+11)
+clear
+echo "INSTALLING WORDPRESS..."
+sudo wget https://wordpress.org/latest.zip -O /var/www/html/wordpress.zip
+sudo unzip /var/www/html/wordpress.zip -d /var/www/html/
+sudo chown www-data:www-data /var/www/html/wordpress.zip
+sudo chown www-data:www-data /var/www/html/wordpress
+shopt -s dotglob
+sudo chown -R www-data:www-data /var/www/html/wordpress/*
+echo 'http://localhost/wordpress'
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+12)
+clear
+echo "INSTALLING DOLIBARR..."
+sudo wget https://github.com/Dolibarr/dolibarr/archive/refs/tags/19.0.3.zip -O /var/www/html/dolibarr.zip
+sudo unzip /var/www/html/dolibarr.zip -d /var/www/html/
+sudo mv /var/www/html/dolibarr-19.0.3 /var/www/html/dolibarr
+sudo chown www-data:www-data /var/www/html/dolibarr.zip
+sudo chown www-data:www-data /var/www/html/dolibarr
+shopt -s dotglob
+sudo chown -R www-data:www-data /var/www/html/dolibarr/*
+sudo 'DOLIBARR 19.0.3'
+echo 'http://localhost/dolibarr'
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+13)
+clear
+echo "RUNNING CERTBOT + APACHE PLUGIN..."
+sudo certbot --apache
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+14)
+clear
+echo "UPDATING LAMP..."
+sudo apt update
+sudo apt install -y apache2 mariadb-server php libapache2-mod-php php-mysql php-sqlite3 phpmyadmin snap snapd #adminer
+#sudo apt install -y certbot python3-certbot-apache
+sudo snap refresh certbot --classic
+echo 'DONE.'
+read -n1
+clear
+./lamp
+;;
+
+0)
+clear
+exit
+;;
+
+*)
+clear
+echo "Invalid input" 
+./lamp
+;;
+esac
diff --git a/lamppctl b/lamppctl
new file mode 100644
index 0000000..535462e
--- /dev/null
+++ b/lamppctl
@@ -0,0 +1,61 @@
+#!/bin/bash
+sudo clear
+sudo /opt/lampp/ctlscript.sh status
+echo 'LAMPP:'
+echo -n '
+1 - Start
+2 - Stop
+3 - restart
+4 - Status
+0 - Exit
+'
+read scr
+case $scr in
+
+1)
+clear
+sudo /opt/lampp/ctlscript.sh start
+echo 'Done.'
+read -n1
+clear
+./lamppctl
+;;
+
+2)
+clear
+sudo /opt/lampp/ctlscript.sh stop
+echo 'Done.'
+read -n1
+clear
+./lamppctl
+;;
+
+3)
+clear
+sudo /opt/lampp/ctlscript.sh restart
+echo 'Done.'
+read -n1
+clear
+./lamppctl
+;;
+
+4)
+clear
+sudo /opt/lampp/ctlscript.sh status
+echo 'Done.'
+read -n1
+clear
+./lamppctl
+;;
+
+0)
+clear
+exit
+;;
+
+*)
+clear
+echo "Invalid input" 
+./lamppctl
+;;
+esac
diff --git a/psl b/psl
new file mode 100644
index 0000000..b282089
--- /dev/null
+++ b/psl
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+clear; sudo tail -f /var/lib/portsentry/portsentry.history
diff --git a/rac b/rac
new file mode 100644
index 0000000..8a9203e
--- /dev/null
+++ b/rac
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+echo "INSTALLING REMOTE ACCESS TOOLS..."
+sudo apt install -y --ignore-missing ssh openssh-server openssl xrdp cockpit cockpit-networkmanager cockpit-storaged cockpit-files cockpit-packagekit ufw fail2ban portsentry libapache2-mod-security2 remmina avahi-daemon #cockpit-pcp cockpit-sosreport cockpit-podman cockpit-machines #guacamole
+sudo apt install -y --ignore-missing snort
+sudo apt install -y --ignore-missing suricata suricata-update
+sudo suricata-update
+wget https://servzero.net/arc/tools/f2b/jail.local; sudo mv jail.local /etc/fail2ban/
+wget https://servzero.net/arc/tools/f2b/ufw.f2b; sudo mv ufw.f2b ufw.f2b.conf; sudo mv ufw.f2b.conf /etc/fail2ban/filter.d/
+sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf; sudo sh -c 'echo "SecRuleEngine DetectionOnly" >> /etc/modsecurity/modsecurity.conf'
+sudo ufw allow ssh
+sudo ufw allow http
+sudo ufw allow https
+sudo ufw allow 9090
+sudo ufw enable
+echo "DONE."
+read -n1
diff --git a/rks b/rks
new file mode 100644
index 0000000..dec9ed6
--- /dev/null
+++ b/rks
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+sudo clear
+echo 'Rootkit Scan'
+echo 'Installing/Updating Scanners...'
+sudo apt install chkrootkit rkhunter
+echo 'Scanning...'
+sudo chkrootkit
+sudo rkhunter -c -x --sk
+echo 'Done.'
+read -n1
+clear
diff --git a/scl b/scl
new file mode 100644
index 0000000..3eb6932
--- /dev/null
+++ b/scl
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+#clear; tail -f /var/log/suricata/suricata.log
+clear; tail -f /var/log/suricata/fast.log
diff --git a/servinst b/servinst
new file mode 100644
index 0000000..7f47431
--- /dev/null
+++ b/servinst
@@ -0,0 +1,45 @@
+#!/bin/bash
+
+sudo clear
+echo "Installing firewall and remote access tools..."
+sudo apt install -y --ignore-missing ssh openssh-server openssl xrdp cockpit ufw fail2ban portsentry libapache2-mod-security2 snort remmina avahi-daemon #guacamole
+wget https://servzero.net/arc/tools/f2b/jail.local; sudo mv jail.local /etc/fail2ban/
+wget https://servzero.net/arc/tools/f2b/ufw.f2b.conf; sudo mv ufw.f2b.conf /etc/fail2ban/filter.d/
+sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf; sudo sh -c 'echo "SecRuleEngine On" >> /etc/modsecurity/modsecurity.conf'
+sudo ufw allow ssh
+sudo ufw allow http
+sudo ufw allow https
+sudo ufw allow 9090
+sudo ufw enable
+echo "DONE."
+read -n1
+
+echo 'Installing webstack (LAMP)...'
+sudo apt update
+sudo apt install -y --ignore-missing apache2 mariadb-server php libapache2-mod-php php-mysql php-sqlite3 phpmyadmin snap snapd  #adminer
+#sudo apt install -y certbot python3-certbot-apache
+sudo snap install certbot --classic
+sudo ln -s /snap/bin/certbot /usr/bin/certbot
+sudo service apache2 start
+sudo service mariadb start
+sudo mysql_secure_installation
+#sudo echo 'Include /etc/phpmyadmin/apache.conf' >> /etc/apache2/apache2.conf
+sudo mysql -u root -p<< CMD
+CREATE USER 'webroot'@'localhost' IDENTIFIED BY 'w3bp4ssw0rd';
+GRANT ALL PRIVILEGES ON *.* TO 'webroot'@'localhost' WITH GRANT OPTION;
+FLUSH PRIVILEGES;
+CMD
+echo ''
+echo 'LOGIN PAGE:'
+echo 'http://127.0.0.1/phpmyadmin'
+echo 'http://localhost/phpmyadmin'
+echo 'USER: webroot'
+echo 'PASSWORD: w3bp4ssw0rd'
+echo ''
+echo 'Done.'
+read -n1
+
+echo 'Installing Mumble and ejabberd...'
+sudo apt install -y --ignore-missing mumble mumble-server ejabberd
+echo 'Done.'
+read -n1
diff --git a/snrt b/snrt
new file mode 100644
index 0000000..b7a2a63
--- /dev/null
+++ b/snrt
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+clear
+sudo apt install snort;
+wget https://snort.org/downloads/community/community-rules.tar.gz -O ~/snortrules.tar.gz
+sudo tar -xvzf ~/snortrules.tar.gz -C /etc/snort/rules
+sudo rm -rf ~/snortrules.tar.gz
+mkdir ~/snortlogs
+sudo snort -d -b -A fast -c /etc/snort/snort.conf -l ~/snortlogs & sudo snort -d -b -A console -c /etc/snort/snort.conf
diff --git a/snrtlg b/snrtlg
new file mode 100644
index 0000000..d6165e4
--- /dev/null
+++ b/snrtlg
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+clear
+sudo tail -f /var/log/snort/snort.alert.fast
+
diff --git a/srvbkp b/srvbkp
new file mode 100644
index 0000000..f2153a7
--- /dev/null
+++ b/srvbkp
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+d=$(date +%Y%m%d)
+echo "SERVER BACKUP"
+echo "SERVER NAME:"
+read n
+#echo "DATE CODE:"
+#read d
+echo "BACKING UP SERVER..."
+echo "DUMPING SQL FILES..."
+mkdir dbs
+sudo mysql -N -e 'show databases' | while read dbname; do sudo mysqldump --complete-insert --routines --triggers --single-transaction "$dbname" | gzip > "./dbs/$dbname.sql.gz"; done
+echo "FINISHED DUMPING SQL FILES."
+echo "COMPRESSING FILES TO 7Z ACHIVES..."
+7z a $n-$d-sql.7z ./dbs/*
+sudo 7z a $n-$d-www.7z /var/www/html/*
+sudo 7z a $n-$d-etc.7z /etc/apache2/
+sudo 7z a $n-$d-etc.7z /etc/mysql/
+sudo 7z a $n-$d-etc.7z /etc/php/
+sudo 7z a $n-$d-etc.7z /etc/phpmyadmin/
+sudo 7z a $n-$d-etc.7z /etc/ufw/
+sudo 7z a $n-$d-etc.7z /etc/fail2ban/
+sudo 7z a $n-$d-etc.7z /etc/portsentry/
+sudo 7z a $n-$d-etc.7z /etc/snort/
+sudo 7z a $n-$d-etc.7z /etc/suricata/
+sudo 7z a $n-$d-etc.7z /etc/dnsmasq.d/
+sudo 7z a $n-$d-etc.7z /etc/hosts
+sudo 7z a $n-$d-etc.7z /etc/mumble-server.ini
+sudo 7z a $n-$d-etc-ejabberd.7z /etc/ejabberd/
+sudo 7z a $n-$d-opt-ejabberd.7z /opt/ejabberd/
+sudo 7z a $n-$d-var-lib-ejabberd.7z /var/lib/ejabberd/
+sudo 7z a $n-$d-ejabberd.7z $n-$d-etc-ejabberd.7z $n-$d-opt-ejabberd.7z $n-$d-var-lib-ejabberd.7z
+sudo 7z a $n-$d.7z $n-$d-www.7z $n-$d-sql.7z $n-$d-etc.7z $n-$d-ejabberd.7z
+echo "FINISHED COMPRESSING FILES TO 7Z ARCHIVES."
+echo "MOVING FILES..."
+sudo mkdir /var/www/html/-bkp/
+sudo mv $n-$d.7z /var/www/html/-bkp/
+echo "FINSISHED MOVING FILES."
+echo "CLEANING UP..."
+sudo chown www-data:www-data /var/www/html/-bkp/
+sudo chown www-data:www-data /var/www/html/-bkp/*
+rm -r dbs
+sudo rm $n-$d-www.7z $n-$d-sql.7z $n-$d-etc.7z $n-$d-ejabberd.7z $n-$d-etc-ejabberd.7z $n-$d-opt-ejabberd.7z $n-$d-var-lib-ejabberd.7z
+echo "SERVER BACKUP FINISHED."
diff --git a/tools b/tools
new file mode 100644
index 0000000..90c4412
--- /dev/null
+++ b/tools
@@ -0,0 +1,64 @@
+#!/bin/bash
+clear
+echo -ne "
+CLI TOOLS
+---------------------------------
+1) HTOP [TASK MANAGER]
+2) YTREE [FILE MANAGER]
+3) NANO [TEXT EDITOR]
+4) HEXEDIT [HEX EDITOR]
+5) IFTOP [NETWORK TRAFFIC VEIWER]
+6) LINKS [WEB BROWSER]
+7) IRSSI [IRC CLIENT]
+9) INSTALL TOOLS
+0) EXIT
+ENTER NUMBER: "
+read -r x
+case $x in
+1)
+	htop
+	./tools
+	;;
+2)
+	ytree
+	./tools
+	;;
+3)
+	nano
+	./tools
+	;;
+4)
+	hexedit
+	./tools
+	;;
+5)
+	sudo iftop
+	./tools
+	;;
+6)
+	links
+	./tools
+	;;
+7)
+	irssi
+	./tools
+	;;
+9)
+	clear
+	echo 'INSTALLING TOOLS...'
+	sudo apt update; sudo apt install htop ytree nano hexedit iftop links irssi 
+	echo 'DONE.'
+	read -n1
+	./tools
+	;;
+0)
+	clear
+	exit
+	;;
+*)
+	clear
+	echo "NO OPTION"
+	./tools
+	;;
+esac
+
diff --git a/ufwb b/ufwb
new file mode 100644
index 0000000..17c9d6a
--- /dev/null
+++ b/ufwb
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+clear
+echo BLOCK IP:
+read x
+sudo ufw insert 1 deny from $x 
+sudo ufw reload
+sudo ufw status numbered
+
diff --git a/ufwb6 b/ufwb6
new file mode 100644
index 0000000..5625b6f
--- /dev/null
+++ b/ufwb6
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+clear
+sudo ufw status numbered
+echo IPV6 START NUMBER:
+read n
+echo BLOCK IP:
+read x
+sudo ufw insert $n deny from $x 
+sudo ufw reload
+sudo ufw status numbered
+
diff --git a/up b/up
new file mode 100644
index 0000000..7862cec
--- /dev/null
+++ b/up
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+echo 'Updating & Upgrading...'
+sudo apt update
+sudo apt upgrade
+sudo apt autoremove
+sudo apt update
+sudo snap refresh
+sudo flatpak update
+echo 'Done.'
+read -n1; echo
diff --git a/upcerts b/upcerts
new file mode 100644
index 0000000..d0e754f
--- /dev/null
+++ b/upcerts
@@ -0,0 +1,46 @@
+#!/bin/bash
+
+echo "UPDATING CERTS..."
+echo "CERT DOMAIN NAME:"
+read d
+
+# STOP SERVICES
+sudo systemctl stop cockpit.socket
+sudo systemctl stop mumble-server
+sudo systemctl stop ejabberd 
+
+## COCKPIT 
+sudo mkdir -p /etc/cockpit/ws-certs.d/
+sudo rm -rf /etc/cockpit/ws-certs.d/99-letsencrypt.cert
+sudo rm -rf /etc/cockpit/ws-certs.d/99-letsencrypt.key
+sudo cp /etc/letsencrypt/live/$d/fullchain.pem /etc/cockpit/ws-certs.d/99-letsencrypt.cert
+sudo cp /etc/letsencrypt/live/$d/privkey.pem   /etc/cockpit/ws-certs.d/99-letsencrypt.key
+
+# MUMBLE-SERVER
+sudo rm /opt/mumble-server/cert.pem
+sudo rm /opt/mumble-server/privkey.pem
+sudo rm /opt/mumble-server/chain.pem
+sudo rm /opt/mumble-server/fullchain.pem
+sudo cat /etc/letsencrypt/live/$d/cert.pem >> /opt/mumble-server/cert.pem
+sudo cat /etc/letsencrypt/live/$d/privkey.pem >> /opt/mumble-server/privkey.pem
+sudo cat /etc/letsencrypt/live/$d/chain.pem >> /opt/mumble-server/chain.pem
+sudo cat /etc/letsencrypt/live/$d/fullchain.pem >> /opt/mumble-server/fullchain.pem
+
+# EJABBERD 
+sudo rm /opt/ejabberd/conf/ejabberd.pem
+sudo cat /etc/letsencrypt/live/$d/privkey.pem /etc/letsencrypt/live/$d/fullchain.pem >> /opt/ejabberd/conf/ejabberd.pem
+
+# START SERVICES
+sudo systemctl start cockpit.socket
+sudo systemctl start mumble-server
+sudo systemctl start ejabberd
+
+# RESTART SERVICES AND SHOW STATUS
+sudo systemctl restart cockpit.socket
+sudo systemctl restart mumble-server
+sudo systemctl restart ejabberd
+sudo systemctl status cockpit.socket
+sudo systemctl status mumble-server
+sudo systemctl status ejabberd 
+
+#sudo /usr/lib/cockpit/cockpit-certificate-ensure --check