Battle-tested scripts, configurations, and runbooks I use daily.
From bare-metal Proxmox setups to Docker stacks and VPN gateways — all in one place.
scripts/
├── debian/ # Debian / Ubuntu server scripts
│ ├── iptables-reset.sh # Safe iptables flush & reset
│ ├── iptables-vpn-gateway.sh # Turn a server into a VPN gateway (NAT)
│ ├── postgresql.sh # Interactive PostgreSQL installer (14/16/18)
│ ├── swanctl-l2tp-psk.sh # L2TP/IPsec split-tunnel VPN client
│ ├── unrar.sh # Enable non-free unrar on Debian
│ ├── mqtt-broker.md # Mosquitto MQTT broker setup guide
│ ├── dockers/ # Docker Compose stacks
│ │ ├── compreface/ # AI facial recognition service
│ │ ├── frigate/ # NVR with real-time object detection
│ │ └── viseron/ # AI-powered NVR alternative
│ └── proxmox/ # Proxmox VE guides
│ ├── docker-lxc.md # Run Docker inside LXC containers
│ ├── homeassistant.md # Home Assistant VM setup
│ ├── nvidia-disable-nouveau.md # Disable Nouveau for GPU passthrough
│ └── nvidia-trixie.md # NVIDIA drivers on Debian Trixie
└── macos/ # macOS utilities
└── dns_flush.sh # Flush DNS cache
| Script | Description | Use Case |
|---|---|---|
iptables-reset.sh |
Safely flush & reset all iptables rules without SSH lockout | 🔥 Emergency firewall recovery |
iptables-vpn-gateway.sh |
Configure a Linux server as a VPN gateway with NAT & IP forwarding | 🌐 Route traffic through VPN from other machines |
postgresql.sh |
Interactive installer for PostgreSQL 14, 16, or 18 with HBA & locale configuration | 🗄️ Fresh DB server setup |
swanctl-l2tp-psk.sh |
Automated L2TP/IPsec split-tunnel client using modern swanctl (no legacy daemons) |
🔒 Site-to-site VPN connection |
unrar.sh |
Enable Debian non-free repos and install proprietary unrar |
📂 Extract RAR archives |
mqtt-broker.md |
Step-by-step Mosquitto MQTT broker with password auth | 🏠 IoT / Home Automation messaging |
Pre-configured docker-compose stacks for AI-powered surveillance and recognition:
| Stack | Description | Key Tech |
|---|---|---|
compreface/ |
AI facial recognition & verification service | CompreFace, PostgreSQL |
frigate/ |
Real-time NVR with object detection (persons, cars, animals) | Frigate, Coral TPU, FFmpeg |
viseron/ |
AI-powered NVR alternative with flexible configuration | Viseron, NVIDIA GPU |
Guides for configuring Proxmox Virtual Environment and GPU passthrough:
| Guide | Description |
|---|---|
docker-lxc.md |
Run Docker inside unprivileged LXC containers |
homeassistant.md |
Home Assistant OS VM installation step-by-step |
nvidia-disable-nouveau.md |
Blacklist Nouveau driver for NVIDIA GPU passthrough |
nvidia-trixie.md |
Install NVIDIA proprietary drivers on Debian Trixie |
| Script | Description |
|---|---|
dns_flush.sh |
Flush DNS cache (dscacheutil + mDNSResponder) |
# Clone the repository
git clone https://github.com/brunoguirado/scripts.git
cd scripts
# Run any script (example: PostgreSQL installer)
sudo bash debian/postgresql.sh
# Or just copy a one-liner (example: macOS DNS flush)
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponderFor quick setups on fresh servers, you can run any script directly from GitHub without cloning the entire repository:
# General format (replace <PATH_TO_SCRIPT>)
bash <(curl -sSL https://raw.githubusercontent.com/brunoguirado/scripts/main/<PATH_TO_SCRIPT>)
# Example: Interactive User Creation (Safe for inputs)
bash <(curl -sSL https://raw.githubusercontent.com/brunoguirado/scripts/main/debian/create-user.sh)Tip
Interactivity Fix: If a script uses read and you are piping it (curl | bash), it might fail. Use the bash <(curl ...) syntax above or ensure the script uses read ... < /dev/tty.
Important
Most Debian scripts require root privileges. Always review scripts before running with sudo.
- 📖 Document everything — If I had to Google it twice, it deserves a script.
- 🔁 Idempotent when possible — Scripts use guard clauses (e.g.,
iptables -Cchecks) to avoid duplicate rules. - 🛡️ Safety first — Critical scripts set default policies to
ACCEPTbefore flushing to prevent lockouts. - 🧩 Modular — Each script is self-contained. No hidden dependencies between them.
Found a bug or have a useful script to share? Feel free to open an issue or submit a PR.
This project is licensed under the MIT License.
Made with ☕ by @brunoguirado