2 # Copyright (C) 2019 Ian Kelling
3 # SPDX-License-Identifier: AGPL-3.0-or-later
4 # this gets sourced. shebang is just for file mode detection
9 if [[ $LESSHISTFILE == - ]]; then
12 elif [[ $HISTFILE ]]; then
16 source /a
/bin
/distro-setup
/path-add-function
18 # add this with absolute paths as needed for better security
19 #path-add --end /path/to/node_modules/.bin
21 #path-add --end /usr/lib/node_modules/corepack/shims/
23 # pip3 --user things go here:
24 path-add
--end ~
/.local
/bin
25 path-add
--ifexists --end /a
/work
/libremanage
26 path-add
--ifexists --end /a
/opt
/adt-bundle
*/tools
/a
/opt
/adt-bundle
*/platform-tools
27 path-add
--ifexists --end /a
/opt
/scancode-toolkit-3.10.
28 path-add
--ifexists --end /p
/bin
32 # https://askubuntu.com/questions/1254544/vlc-crashes-when-opening-any-file-ubuntu-20-04
33 if grep -qE '^VERSION_CODENAME="(nabia|focal)"' /etc
/os-release
&>/dev
/null
; then
34 export MESA_LOADER_DRIVER_OVERRIDE
=i965
45 SL_SSH_ARGS
="-F $HOME/.ssh/confighome"
52 # generated instead of dynamic for the benefit of shellcheck
53 #for x in /a/bin/distro-functions/src/* /a/bin/!(githtml)/*-function?(s); do echo source $x ; done
54 source /a
/bin
/distro-functions
/src
/identify-distros
55 source /a
/bin
/log-quiet
/logq-function
56 # for x in /a/bin/bash_unpublished/source-!(.#*); do echo source $x; done
57 source /a
/bin
/bash_unpublished
/source-semi-priv
58 source /a
/bin
/bash_unpublished
/source-state
60 source /a
/bin
/log-quiet
/logq-function
61 if [[ -s /a
/opt
/alacritty
/extra
/completions
/alacritty.bash
]]; then
62 source /a
/opt
/alacritty
/extra
/completions
/alacritty.bash
72 m pactl unload-module module-loopback
73 m pactl unload-module module-null-sink
74 m pactl unload-module module-remap-source
76 sources
=($
(pacmd list-sources |
sed -rn 's/.*name: <([^>]+).*/\1/p'))
80 for s
in ${sources[@]}; do
87 m pactl load-module module-null-sink sink_name
=ianinput sink_properties
=device.description
=ianinputs
89 m pactl load-module module-loopback
source=${sources[i]} sink_dont_move
=true sink
=ianinput
91 pactl load-module module-remap-source source_name
=iancombine master
=ianinput.monitor source_properties
=device.description
=iancombine
95 # For testing restrictive ssh.
99 sed '/^ *IdentityFile/d' ~
/.ssh
/config
>$d/config
100 s
command ssh -F $d/config
-i /q
/root
/h
"$@"
104 # For testing restrictive rsync
108 sed '/^ *IdentityFile/d' ~
/.ssh
/config
>$d/config
109 s rsync
-e "ssh -F $d/config -i /q/root/h" "$@"
112 # rsync as root and avoid the default restrictive h key & config.
114 s rsync
-e "ssh -F /root/.ssh/confighome" "$@"
118 s
ssh bow DISPLAY
=:0 scrot
/tmp
/oegu.jpg
119 s scp bow
:/tmp
/oegu.jpg
/t
120 s
ssh bow
rm /tmp
/oegu.jpg
128 if [[ $arg == [89]0Etiona
* ]]; then
130 rtime
=${arg#*Etiona} # remote time
131 if [[ ! $rtime ]]; then
134 dir
=/a
/opt
/emacs-trisquel
${v}-nox/.iank
135 ltime
=$
(stat
-c%Y
$dir/e
/e
/.emacs.d
/init.el
)
136 if (( ltime
> rtime
)); then
137 m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" $dir "$remote":/home
/iank
143 local f
=/home
/iank
/.emacs.d
/init.el
144 sl
--sl-test-cmd ". /etc/os-release ; printf %s \${VERSION//[^a-zA-Z0-9]/}; test -e $f && stat -c%Y $f" --sl-test-hook slemacs
"$@"
148 # Run this manually after .emacs.d changes. Otherwise, to check if
149 # files changed with find takes 90ms. sl normally only adds 25ms. We
150 # could cut it down to 10ms if we put things on a btrfs filesystem and
151 # looked for changes there, or used some inotify thing, but that seems
152 # like too much work.
153 egh
() { # emacs gnuhope
154 RSYNC_RSH
=ssh m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" /a
/opt
/emacs-trisquel9-nox
/.iank lists2d.fsf.org
:.ianktrisquel_9
155 RSYNC_RSH
=ssh m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" /a
/opt
/emacs-trisquel8-nox
/.iank lists2d.fsf.org
:/home
/iank
158 local shell
="bash -s"
159 if [[ $HOSTNAME != kw
]]; then
160 shell
="ssh kw.office.fsf.org"
164 sudo mkdir /root/.ianktrisquel_9
165 sudo rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel9-nox/.iank /root/.ianktrisquel_9
166 rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel8-nox/.iank /home/iank
170 rm-docker-iptables
() {
171 s iptables
-S | gr docker | gr
-- -A |
sed 's/-A/-D/'|
while read -r l
; do sudo iptables
$l; done
172 s iptables
-S -t nat | gr docker | gr
-- -A |
sed 's/-A/-D/'|
while read -r l
; do sudo iptables
-t nat
$l; done
173 s iptables
-S | gr docker | gr
-- -N |
sed 's/-N/-X/'|
while read -r l
; do sudo iptables
$l; done
174 s iptables
-S -t nat | gr docker | gr
-- -N |
sed 's/-N/-X/'|
while read -r l
; do sudo iptables
-t nat
$l; done
177 # usage mkschroot [-] distro codename packages
178 # - means no piping in of sources.list
181 while [[ $1 == -* ]]; do
183 -f) force
=true
; shift ;;
186 if [[ ! -s $sources ]]; then
187 echo mkschroot
: error
: sources
file $sources does not exist or is empty
198 repo
=http
://mirror.fsf.org
/trisquel
/
201 repo
=http
://archive.ubuntu.com
/ubuntu
/
204 repo
=http
://deb.debian.org
/debian
/
210 if ! $force && schroot
-l |
grep -xFq chroot
:$n; then
211 echo "$0: $n schroot already installed, skipping"
216 sd
/etc
/schroot
/chroot.d
/$n.conf
<<EOF
222 preserve-environment=true
226 if [[ ! -e $d/bin
]]; then
228 # resolvconf otherwise schroot fails with
229 # cp: not writing through dangling symlink '/var/run/schroot/mount/flidas-7a2362e0-81b3-4848-92c1-610203ef5976/etc/resolv.conf'
230 sudo debootstrap
--exclude=resolvconf
$n $d $repo
232 if [[ $sources ]]; then
233 sudo
install -m 644 $sources $d/etc
/apt
/sources.list
235 sudo chroot
$d apt-get update
236 sudo DEBIAN_FRONTEND
=noninteractive chroot
$d apt-get
-y dist-upgrade
--purge --auto-remove
237 sudo
cp -P {,$d}/etc
/localtime
238 if (( ${#apps[@]} )); then
239 sudo DEBIAN_FRONTEND
=noninteractive schroot
-c $n -- apt-get
install --allow-unauthenticated -y ${apps[@]}
244 # note: this is incomplete and untested.
245 # https://wiki.archlinux.org/index.php/Install_Arch_Linux_from_existing_Linux#Creating_a_chroot
248 mirror
=https
://mirrors.edge.kernel.org
/archlinux
/iso
/latest
/
249 tarball
=$
(curl
-s $mirror |
sed -nr 's/.*"(archlinux-bootstrap-.*-x86_64.tar.gz)".*/\1/p')
250 wget
-O /tmp
/arch.
tar.gz https
://mirrors.edge.kernel.org
/archlinux
/iso
/latest
/$tarball
251 s mkdir
-p /nocow
/schroot
/arch
252 cd _
/nocow
/schroot
/arch
253 s
sed -i '/## United States/,/^$/s,^#,,' etc
/pacman.d
/mirrorlist
254 # error: could not determine cachedir mount point /var/cache/pacman/pkg
255 s
sed -i /^CheckSpace
/d etc
/pacman.conf
256 chroot .
/bin
/bash
-s <<'EOF'
258 pacman-key --populate archlinux
261 # example of building an aur package:
262 # pacman -Sy base-devel wget
264 # f=$target/etc/sudoers
265 # line='iank ALL=(ALL) NOPASSWD: ALL'
266 # if [[ ! -e $f ]] || ! grep -xF "$line" $f; then
270 # wget https://aur.archlinux.org/cgit/aur.git/snapshot/anbox-image-gapps.tar.gz
271 # tar xzf anbox-image-gapps.tar.gz
272 # cd anbox-image-gapps
277 # clock back in to timetrack from last entry
279 sqlite3
/p
/.timetrap.db
"update entries set end = NULL where id = (select max(id) from entries);"
283 # s sshfs bu@$host:/bu/home/md /bu/mnt -o reconnect,ServerAliveInterval=20,ServerAliveCountMax=30 -o allow_other
286 enn
-M $
(exiqgrep
-i -r.\
*)
289 enn
-M $
(exipick
-i -r.\
*|h1
)
294 /a
/f
/gnulib
/build-aux
/gnupload
"$@"
300 f
=(/p
/c
/firefox
*/compatibility.ini
)
301 if (( ${#f[@]} )); then
308 s checkrestart
-b /a
/bin
/ds
/checkrestart-blacklist
-pv
311 cp-blocked-domains-to-brains
() {
312 cp /a
/f
/ans
/roles
/exim
/files
/mx
/simple
/etc
/exim
4/bad-sender_domains
/a
/f
/brains
/sysadmin
/kb
/blocked_email_domains.mdwn
314 cp-blocked-domains-to-ansible
() {
315 cp /a
/f
/brains
/sysadmin
/kb
/blocked_email_domains.mdwn
/a
/f
/ans
/roles
/exim
/files
/mx
/simple
/etc
/exim
4/bad-sender_domains
320 # crashes on adding new cards in t9
321 schroot
-c buster
-- anki
326 hrcat
/m
/md
/alerts
/{cur
,new
}/*
329 ssh bk.b8.nz
"shopt -s nullglob; hrcat /m/md/INBOX/new/* /m/md/INBOX/cur/*"
333 rm -f /m
/md
/alerts
/{cur
,new
}/*
335 ssh bk.b8.nz
"shopt -s nullglob; rm -f /m/md/INBOX/new/* /m/md/INBOX/cur/*"
340 find /var
/local
/cron-errors
/home
/iank
/cron-errors
/sysd-mail-once-state
-type f
342 ralerts
() { # remote alerts
344 # this list is duplicated in check-remote-mailqs
345 for h
in bk je li frodo kwwg x3wg x2wg kdwg sywg
; do
348 if [[ $HOSTNAME == "${h%wg}" ]]; then
352 $shell find /var
/local
/cron-errors
/home
/iank
/cron-errors
/sysd-mail-once-state
-type f || ret
=$?
360 # pushd in case current directory has an ansible.cfg file
361 pushd /a
/xans
>/dev
/null
362 ansible-playbook
-v -l ${1:- $(hostname -f)} site.yml
366 pushd /a
/work
/ans
>/dev
/null
367 time ansible-playbook
-v -i inventory adhoc.yml
"$@"
371 pushd /a
/bin
/distro-setup
/a
>/dev
/null
372 ansible-playbook site.yml
"$@"
377 # googling android emulator libGL error: failed to load driver: r600
378 # lead to http://stackoverflow.com/a/36625175/14456
379 export ANDROID_EMULATOR_USE_SYSTEM_LIBS
=1
380 /a
/opt
/android-studio
/bin
/studio.sh
"$@" &r
;
383 # note, to check for glue records
384 # First, find some the .org nameservers:
385 # dig +trace iankelling.org
387 # dig ns1.iankelling.org @b0.org.afilias-nst.org.
389 # Now, compare for a domain that does have glue records setup (note the A
390 # and AAAA records in ADDITIONAL SECTION, those are glue records like the
391 # one I'm asking for):
393 # $ dig ns1.gnu.org @b0.org.afilias-nst.org.
395 # todo: make sm pull/push use systemd instead of the journal cat command
396 bbk
() { # btrbk wrapper
400 systemctl is-active btrbk.timer || active
=false
404 btrbk_is_active
=$
(systemctl is-active btrbk.service ||
:)
405 case $btrbk_is_active in
406 inactive|failed
) : ;;
408 echo "bbk: error: systemctl is-active btrbk.service output: $btrbk_is_active"
409 if $active; then ser start btrbk.timer
; fi
415 # todo: consider changing this to srun and having the args come
416 # from a file like /etc/default/btrbk, like is done in exim
417 s jrun btrbk-run
"$@"
420 echo bbk
: WARNING
: btrbk.timer not restarted due to failure
422 ser start btrbk.timer
429 fai-monitor | pee
cat "fai-monitor-gui -"
432 bfg
() { java
-jar /a
/opt
/bfg-1.12
.14.jar
"$@"; }
435 xclock
-digital -update 1 -face 'arial black-80:bold'
438 nnn
() { /a
/opt
/nnn
-H "$@"; }
440 locat
() { # log-once cat
443 files
=(/var
/local
/cron-errors
/* /home
/iank
/cron-errors
/* /sysd-mail-once-state
/*)
457 # duplicated somewhat below.
458 jrun
() { # journal run. run args, log to journal, tail and grep the journal.
459 # Note, an alternative without systemd would be something like ts.
460 # Note, I tried using systemd-cat, but this seems obviously better,
461 # and that seemed to have a problem exiting during a systemctl daemon-reload
462 local cmd_name jr_pid s
466 if [[ $cmd != /* ]]; then
469 journalctl
-qn2 -f -u "$cmd_name" &
470 # Guess of time needed to avoid missing initial lines.
471 # .5 was not reliable. 1 was not reliable. 2 was not reliable
473 # We kill this in prompt-command for the case that we ctrl-c the
474 # systemd-cat. i dont know any way to trap ctrl-c and still run the
475 # normal action for it. There might be a way, unsure.
477 # note, we could have a version that does system --user, but if for example
478 # it does sudo ssh, that will leave a process around that we can't kill
479 # and it will leave the unit hanging around in a failed state needing manual
480 # killing of the process.
481 m s systemd-run
--uid $
(id
-u) --gid $
(id
-g) \
482 -E SSH_AUTH_SOCK
=/run
/openssh_agent \
483 --unit "$cmd_name" --wait --collect "$cmd" "${@:2}" || ret
=$?
484 # This justs lets the journal output its last line
485 # before the prompt comes up.
487 kill $jr_pid &>/dev
/null ||
:
491 # service run, and watch the output
496 journalctl
-qn2 -f -u $unit &
497 systemctl start
$unit
499 kill $jr_pid &>/dev
/null ||
:
504 sm
() { # switch mail host
508 keyhash
=$
(s ssh-keygen
-lf /root
/.ssh
/home |
awk '{print $2}')
509 tmp
=$
(s ssh-add
-l |
awk '$2 == "'$keyhash'"')
510 if [[ ! $tmp ]]; then
511 s ssh-add
/root
/.ssh
/home
514 s jrun switch-mail-host
"$@"
517 sh2
() { # switch host2
521 keyhash
=$
(s ssh-keygen
-lf /root
/.ssh
/home |
awk '{print $2}')
522 tmp
=$
(s ssh-add
-l |
awk '$2 == "'$keyhash'"')
523 if [[ ! $tmp ]]; then
524 s ssh-add
/root
/.ssh
/home
527 s jrun switch-host2
"$@"
531 # shellcheck disable=SC2120
533 # note, i had --delete-excluded, but that deletes all files in --exclude-from on
534 # the remote site, which doesn't make sense, so not sure why i had it.
536 # excluding emacs for now
537 #p=(/a/opt/{emacs-debian11{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts})
538 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
539 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
541 for h
in li je bk
; do
542 m s rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/$h root@
$h.b8.nz
:/
543 ## only li is debian11
544 #p[0]=/a/opt/emacs-trisuqel10
545 #p[1]=/a/opt/emacs-trisquel10-nox
547 m s rsync
"$@" -ahviSAXPH root@li.b8.nz
:/a
/h
/proposed-comments
/ /a
/h
/proposed-comments || ret
=$?
550 bkpush
() { # no emacs. for running faster.
551 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
552 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
554 m rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/bk root@bk.b8.nz
:/ || ret
=$?
557 jepush
() { # no emacs. for running faster.
558 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
559 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
561 m rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/je root@je.b8.nz
:/ || ret
=$?
566 dsign iankelling.org expertpathologyreview.com zroe.org amnimal.ninja
590 local f
=/var
/lib
/bind
/db.b8.nz
593 m sudo
rm -fv $f.jnl
$f.signed.jnl
594 m sudo
install -m 644 -o bind -g bind /p
/c
/machine_specific
/vps
/bind-initial
/db.b8.nz
$f
598 # keys generated like this
599 # because of https://ftp.isc.org/isc/dnssec-guide/dnssec-guide.pdf
600 # https://blog.apnic.net/2019/05/23/how-to-deploying-dnssec-with-bind-and-ubuntu-server/
602 # key length is longer than that guide because
603 # we are using those at fsf and when old key lengths
604 # become insecure, I want some extra time to update.
608 dnssec-keygen
-a RSASHA256
-b 2048 $zone
609 dnssec-keygen
-f KSK
-a RSASHA256
-b 4096 $zone
610 for f
in K
$zone.
*.key
; do
611 # eg Kb8.nz.+008+47995.key tag=47995
612 # in dnsimple, you add the long string from this.
613 # in gandi, you add the long string from the .key file,
614 # then see that the digest matches the ds.
615 echo "tag is the number after DS"
616 dnssec-dsfromkey
-a SHA-256
$f
618 # For b8.nz, we let bind read the keys and sign, and
619 # right now they have root ownership, so let them
624 # create .signed file
625 # note: full paths probably not needed.
628 local zone
=${arg#db.}
629 local dir
=/p
/c
/machine_specific
/vps
/filesystem
/var
/lib
/bind
630 dnssec-signzone
-S -e +31536000 -o $zone -K $dir -d $dir $dir/db.
$zone
635 #### begin bitcoin related things
637 local f
=/etc
/bitcoin
/bitcoin.conf
638 # importprivkey will timeout if using the default of 15 mins.
639 # upped it to 1 hour.
640 bitcoin-cli
-rpcclienttimeout=60000 -$
(s
grep rpcuser
= $f) -$
(s
grep rpcpassword
= $f) "$@"
642 btcusd
() { # $1 btc in usd
644 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
645 printf "$%s\n" "$price"
647 printf "$%.2f\n" "$(echo "scale
=4; $price * $1"| bc -l)"
650 usdbtc
() { # $1 usd in btc
652 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
653 printf "$%s\n" "$price"
655 # 100 mil satoshi / btc. 8 digits after the 1.
656 printf "%.8f btc\n" "$(echo "scale
=10; $1 / $price "| bc -l)"
659 satoshi
() { # $1 satoshi in usd
661 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
662 price
=$
(echo "scale=10; $price * 0.00000001"|
bc -l)
663 printf "$%f\n" "$price"
665 printf "$%.2f\n" "$(echo "scale
=10; $price * $1"| bc -l)"
668 #### end bitcoin related things
672 cbfstool
() { /a
/opt
/coreboot
/build
/cbfstool
"$@"; }
678 cp /a
/bin
/data
/COPYING
"$@"
680 cp /a
/bin
/data
/COPYING .
687 cp /a
/bin
/data
/LICENSE
"$@"
689 cp /a
/bin
/data
/LICENSE .
694 if type -p chromium
&>/dev
/null
; then
698 cmd
="schroot -c bullseye chromium"
699 CHROMIUM_FLAGS
='--enable-remote-extensions' $cmd &r
705 # pipe to this, or just type like a shell
708 tee >(ssh frodo.b8.nz
) >(ssh x2
) >(ssh tp.b8.nz
) >(ssh kw
) >(ssh tp.b8.nz
)
712 for host in x2 kw tp.b8.nz x3.b8.nz frodo.b8.nz
; do
718 debian_pick_mirror
() {
719 # netselect-apt finds a fast mirror.
720 # but we need to replace the mirrors ourselves,
721 # because it doesnt do that. best it can do is
722 # output a basic sources file
723 # here we get the server it found, get the main server we use
724 # then substitute all instances of one for the other in the sources file
725 # and backup original to /etc/apt/sources.list-original.
726 # this is idempotent. the only way to identify debian sources is to
727 # note the original server, so we put it in a comment so we can
730 file=$
(mktemp
-d)/f
# safe way to get file name without creating one
731 sudo netselect-apt
-o "$file" ||
return 1
732 url
=$
(grep ^
\\w
$file |
head -n1 |
awk '{print $2}')
733 sudo
cp -f /etc
/apt
/sources.list
/etc
/apt
/sources.list-original
734 sudo
sed -ri "/http.us.debian.org/ s@( *[^ #]+ +)[^ ]+([^#]+).*@\1$url\2# http.us.debian.org@" /etc
/apt
/sources.list
738 digdiff @ns
{1,2}.iankelling.org
"$@"
742 "$@" |
& ts ||
return $?
752 /b
/ds
/distro-begin |
& ts ||
return $?
753 /b
/ds
/distro-end |
& ts ||
return $?
759 /b
/ds
/distro-begin |
& ts ||
return $?
765 /b
/ds
/distro-end |
& ts ||
return $?
778 envload
() { # load environment from a previous: export > file
779 local file=${1:-$HOME/.${USER}_env}
780 eval "$(export | sed 's/^declare -x/export -n/')"
781 while IFS
= read -r line
; do
782 # declare -x makes variables local to a function
783 eval ${line/#declare -x/export}
787 failfunc
() { asdf a b c
; }
788 failfunc2
() { failfunc d e f
; }
790 # one that comes with distros is too old for newer devices
792 /a
/opt
/android-platform-tools
/fastboot
"$@";
795 kdecd
() { /usr
/lib
/x86_64-linux-gnu
/libexec
/kdeconnectd
; }
798 cat /sys
/class
/power_supply
/BAT
0/capacity
801 # List of apps to install/update
802 # Create from existing manually installed apps by doing
804 # fdroidcl search -i, then manually removing
805 # automatically installed/preinstalled apps
808 # # my attempt at recovering from boot loop:
809 # # in that case, boot to recovery (volume up, home button, power, let go of power after samsun logo)
811 # mount /dev/block/mmcblk0p12 /data
813 # find -iname '*appname*'
815 # usually good enough to just rm -rf /data/app/APPNAME
818 # # causes replicant to crash
819 # org.quantumbadger.redreader
820 # org.kde.kdeconnect_tp
822 # not broke, but wont work without gps
823 #com.zoffcc.applications.zanavi
824 # not broke, but not using atm
825 #com.nutomic.syncthingandroid
826 # # doesn\'t work on replicant
827 #net.sourceforge.opencamera
830 net.mullvad.mullvadvpn
832 io.github.subhamtyagi.lastlauncher
834 com.biglybt.android.client
835 de.marmaro.krt.ffupdater
836 me.ccrama.redditslide
837 org.fedorahosted.freeotp
839 com.alaskalinuxuser.justnotes
840 com.artifex.mupdf.viewer.app
841 com.danielkim.soundrecorder
844 com.jmstudios.redmoon
846 org.kde.kdeconnect_tp
849 cz.martykan.forecastie
852 de.marmaro.krt.ffupdater
853 eu.siacs.conversations
855 im.vector.alpha
# riot
857 me.tripsit.tripmobile
859 net.minetest.minetest
864 org.smssecure.smssecure
866 sh.
ftp.rocketninelabs.meditationassistant.opensource
868 # https://forum.xda-developers.com/android/software-hacking/wip-selinux-capable-superuser-t3216394
873 local -A installed updated
875 # tried putting this in go buildscript cronjob,
876 # but it failed with undefined: os.UserCacheDir. I expect its due to
877 # an environment variable missing, but its easier just to stick it here.
878 m go get
-u mvdan.cc
/fdroidcl ||
return 1
880 if fdroidcl search
-u |
grep ^org.fdroid.fdroid
; then
881 fdroidcl
install org.fdroid.fdroid
885 for p
in $
(fdroidcl search
-i|
grep -o "^\S\+"); do
888 for p
in $
(fdroidcl search
-u|
grep -o "^\S\+"); do
891 for p
in ${fdroid_pkgs[@]}; do
892 if ! ${installed[$p]:-false}; then
893 m fdroidcl
install $p
894 # sleeps are just me being paranoid since replicant has a history of crashing when certain apps are installed
898 for p
in ${!installed[@]}; do
899 if ! ${updated[$p]:-true}; then
900 m fdroidcl
install $p
906 firefox-default-profile
() {
907 key
=Default value
=1 section
=$1
908 file=/p
/c
/subdir_files
/.mozilla
/firefox
/profiles.ini
909 sed -ri "/^ *$key/d" "$file"
910 sed -ri "/ *\[$section\]/,/^ *\[[^]]+\]/{/^\s*$key[[:space:]=]/d};/ *\[$section\]/a $key=$value" "$file"
912 fdhome
() { #firefox default home profile
913 firefox-default-profile Profile0
917 firefox-default-profile Profile4
921 if type -P firefox
&>/dev
/null
; then
929 firefox
-P alt
"$@" >/dev
/null
2>&1
935 local dname
="${PWD##*/}"
936 local m
="/a/tmp/$dname-missing"
937 local d
="/a/tmp/$dname-diff"
938 [[ -e $d ]] && rm "$d"
939 [[ -e $m ]] && rm "$m"
942 while read -r line
; do
944 if [[ -e "$fsfile" ]]; then
945 md5diff
"$line" "$fsfile" && tee -a "/a/tmp/$dname-diff" <<< "$fsfile $line"
951 done < <(find .
-type f
)
954 (( msize
<= 100 )) && cat $m
958 # expected output, with different tmp dirs
959 # /tmp/tmp.HDPbwMqdC9/c/d ./c/d
960 # /a/tmp/tmp.qLDkYxBYPM-missing
970 echo different
> $x/c
/d
975 # test whether missing files were renamed, generally for use with fsdiff
976 # $1 = fsdiff output file, $2 = directory to compare to. pwd = fsdiff dir
977 # echos non-renamed files
981 { sums
+=( "$(md5sum < "$x")" ) ; } 2>/dev
/null
983 while read -r line
; do
984 { missing_sum
=$
(md5sum < "$line") ; } 2>/dev
/null
986 for x
in "${sums[@]}"; do
987 if [[ $missing_sum == "$x" ]]; then
992 $renamed ||
echo "$line"
998 # F = fullscren, z = random, Z = auto zoom
999 command feh
-FzZ "$@"
1005 firefox
-P default
"$@" >/dev
/null
2>&1
1009 git config user.email ian@iankelling.org
1012 # at least in flidas, things rely on gpg being gpg1
1014 if type -P gpg2
&>/dev
/null
; then
1022 local email
=ian@iankelling.org
1023 git send-email
--notes "--envelope-sender=<$email>" \
1024 --suppress-cc=self
"$@"
1027 gup
() { /a
/f
/gnulib
/build-aux
/gnupload
"$@"; }
1029 dejagnu
() { /a
/opt
/dejagnu
/dejagnu
"$@"; }
1032 # do git status on published repos.
1035 cd $
(readlink
-f $x)/..
1036 status
=$
(i status
-s) ||
pwd
1037 if [[ $status ]]; then
1040 printf "%s\n" "$status"
1049 for (( i
=0; i
<60; i
++ )); do
1050 day
=$
( date +%F
-d @$
((EPOCHSECONDS
- 86400*i
)) )
1051 date "+%a %b %d" -d @$
((EPOCHSECONDS
- 86400*i
)) |
tr '\n' ' '
1052 /a
/opt
/timetrap
/bin
/t d
-ftotal -s $day -e $day all
-m '^w|lunch$'
1055 to
() { t out
-a "$@"; }
1056 ti
() { t
in -a "$@"; }
1061 m t out
-a $
(date +%F.
%T
-d @$
(( $
(date -d "$(echo $*|sed 's/[_.]/ /g')" +%s
) + 60*45 )) )
1065 arbttlog
() { arbtt-dump
"$@" |
grep -v '( )\|Current Desktop' |
sed -rn '/^[^ ]/{N;s/^(.{21})([0-9]*)[0-9]{3}m.*\(\*/\1\2/;s/^(.{21})[0-9]*.*\(\*/\1/;s/\n//;p}' ; }
1068 /a
/opt
/idea-IC-163.7743
.44/bin
/idea.sh
"$@" &r
1072 ssh root@iankelling.org
"cd /var/lib/znc/moddata/log/iank/freenode/ && hr && for x in \#$1/*; do base=\${x##*/}; files=(); for f in $@; do tmp=\#\$f/\$base; if [[ -e \$tmp ]]; then files+=(\#\$f/\$base); fi; done; sed \"s/^./\${base%log}/\" \${files[@]}|sort -n; hr; done"
1077 # use * instead of -r since that does sorted order
1078 ssh root@iankelling.org
"for n in freenode libera; do cd /var/lib/znc/moddata/log/iank/\$n/$chan && hr && for x in *; do echo \$x; sed \"s/^./\${x%log}/\" \$x; hr; done; done" |
less +G
1082 if type gio
&> /dev
/null
; then
1084 elif type gvfs-open
&> /dev
/null
; then
1089 # another alternative is run-mailcap
1094 # grep -Evi -e "^(\S+\s+){4}(sudo|sshd|cron)\[\S*:" \
1095 # -e "^(\S+\s+){4}systemd\[\S*: (starting|started) (btrfsmaintstop|dynamicipupdate|spamd dns bug fix cronjob|rss2email)\.*$"
1098 # journalctl -n 10000 -f "$@" | jfilter
1100 # jr() { journalctl "$@" | jfilter | less ; }
1101 # jrf() { journalctl -n 200 -f "$@" | jfilter; }
1103 jr
() { journalctl
"$@" ; }
1104 jrf
() { journalctl
-n 200 -f "$@" ; }
1107 ccomp journalctl jtail jr jrf
1109 kff
() { # keyboardio firmware flash. you must hold down the tilde key
1110 pushd /a
/opt
/Model01-Firmware
1111 # if we didn't want this yes hack, then remove "shell read" from
1112 # /a/opt/Kaleidoscope/etc/makefiles/sketch.mk
1113 yes $
'\n' | VERBOSE
=1 make flash
1118 local umask_orig name
1119 if (( $# != 1 )); then
1120 e expected
1 arg
>&2
1126 wg genkey |
tee $name-priv.key | wg pubkey
> $name-pub.key
1130 if (( $# != 2 )); then
1131 e expected
2 arg of hostname
, ip suffix
>&2
1134 local host ipsuf umask_orig
1137 mkdir
-p /p
/c
/machine_specific
/$host/filesystem
/etc
/wireguard
1138 cd /p
/c
/machine_specific
/$host/filesystem
/etc
/wireguard
1141 wg genkey |
tee hole-priv.key | wg pubkey
> hole-pub.key
1142 cat >wghole.conf
<<EOF
1144 # contents hole-priv.key
1145 PrivateKey = $(cat hole-priv.key)
1147 Address = 10.8.0.$ipsuf/24
1148 # https://dev.to/tangramvision/what-they-don-t-tell-you-about-setting-up-a-wireguard-vpn-1h2g
1149 # ||: makes the systemd service not fail due to the failed command
1150 PostUp = ping -c1 10.8.0.1 ||:
1153 # li. called wgmail on that server
1154 PublicKey = CTFsje45qLAU44AbX71Vo+xFJ6rt7Cu6+vdMGyWjBjU=
1155 AllowedIPs = 10.8.0.0/24
1156 Endpoint = 72.14.176.105:1194
1157 PersistentKeepalive = 25
1160 # old approach. systemd seems to work fine and cleaner.
1161 rm -f ..
/network
/interfaces.d
/wghole
1162 cedit
-q $host /p
/c
/machine_specific
/li
/filesystem
/etc
/wireguard
/wgmail.conf
<<EOF || [[ $? == 1 ]]
1164 PublicKey = $(cat hole-pub.key)
1165 AllowedIPs = 10.8.0.$ipsuf/32
1171 mns
() { # mount namespace
1174 s mkdir
-p /root
/mount_namespaces
1175 if ! sudo mountpoint
/root
/mount_namespaces
>/dev
/null
; then
1176 m sudo mount
--bind /root
/mount_namespaces
/root
/mount_namespaces
1178 m sudo mount
--make-private /root
/mount_namespaces
1179 if [[ ! -e /root
/mount_namespaces
/$ns ]]; then
1180 m sudo
touch /root
/mount_namespaces
/$ns
1182 if ! sudo mountpoint
/root
/mount_namespaces
/$ns >/dev
/null
; then
1183 m sudo unshare
--propagation slave
--mount=/root
/mount_namespaces
/$ns /bin
/true
1185 m sudo
-E /usr
/bin
/nsenter
--mount=/root
/mount_namespaces
/$ns "$@"
1191 mns
$ns sudo
-u iank
-E env
"PATH=$PATH" "$@"
1197 if ! s ip netns list |
grep -Fx nonet
&>/dev
/null
; then
1198 s ip netns add nonet
1200 mns
$ns --net=/var
/run
/netns
/nonet sudo
-E -u iank
/bin
/bash
1206 # l = the loopback device
1208 if [[ $1 == /* ]]; then
1211 if mns
$base mountpoint
-q /mnt
/$base; then
1214 l
=$
(losetup
-j $fs_file |
sed -rn 's/^([^ ]+): .*/\1/p' |
head -n1 ||
:)
1216 l
=$
(sudo losetup
-f)
1217 m sudo losetup
$l $fs_file
1219 if ! sudo cryptsetup status
/dev
/mapper
/$base &>/dev
/null
; then
1220 if ! sudo cryptsetup luksOpen
$l $base; then
1221 m sudo losetup
-d $l
1225 m sudo mkdir
-p /mnt
/$base
1226 m mns
$base mount
/dev
/mapper
/$base /mnt
/$base
1227 m mns
$base chown
$USER:$USER /mnt
/$base
1231 if mns
$base mountpoint
/mnt
/$base &>/dev
/null
; then
1232 m mns
$base umount
/mnt
/$base
1234 if sudo cryptsetup status
/dev
/mapper
/$base &>/dev
/null
; then
1235 if ! m sudo cryptsetup luksClose
/dev
/mapper
/$base; then
1236 echo lom
: failed cryptsetup luksClose
/dev
/mapper
/$base
1240 l
=$
(losetup
-l --noheadings |
awk '$6 ~ /\/'$base'$/ {print $1}')
1242 m sudo losetup
-d $l
1244 echo lom
: warning
: no loopback device found
1249 # mu personality. for original, just run mp. for 2, run mp 2.
1250 # this is partly duplicated in mail-setup
1254 if ! killall mu
; then
1261 echo error
: mu not dead
1266 set -- /m
/mucache ~
/.cache
/mu
/m
/.mu ~
/.config
/mu
1271 if [[ -e $f && ! -L $f ]]; then
1274 m
ln -sf -T $target $f
1280 local md dst ln_path src two
1284 -2) two
=true
shift ;;
1296 for d
in /m
/md
/$md /m
/4e
2/$md; do
1297 if [[ -d $d && ! -L $d ]]; then
1302 if [[ ! $src ]]; then
1303 echo "error: could not find $md" >&2
1307 m
ln -sf -T $dst $ln_path
1317 ### begin copied from mdenable, but different d ###
1318 for d
in /m
/4e
/$md /m
/4e
2/$md; do
1319 if [[ -d $d && ! -L $d ]]; then
1324 if [[ ! $src ]]; then
1325 echo "error: could not find $md" >&2
1328 ### end copy from mdenable ###
1330 if [[ -L $dst ]]; then m
rm $dst; fi
1336 markdown
"$1" >/tmp
/mdtest.html
1337 firefox
/tmp
/mdtest.html
1340 mo
() { xset dpms force off
; } # monitor off
1343 # seems to be the best gpu decoding on my nvidia 670.
1344 # vlc gets similar or better framerate, but is much darker output on my test movie at least.
1349 echo 0f | sudo
tee -a /sys
/kernel
/debug
/dri
/0/pstate
1352 # going back to the default slow clock, and slower fan:
1353 # echo 07 | sudo tee -a /sys/kernel/debug/dri/0/pstate
1354 if [[ $DISPLAY ]]; then
1355 mpv
--vo=vdpau
--hwdec=auto
"$@"
1357 # waylandvk seems to work the same
1358 mpv
--gpu-context=wayland
--hwdec=auto
1363 mpv
--profile=d
"$@";
1365 # mpv all media files in . or $1
1367 local -a extensions arg
1368 # get page source of https://en.wikipedia.org/w/index.php?title=Video_file_format&action=edit
1369 # into /a/x.log, then
1370 # grep '^| *\.' /a/x.log | sed 's/| *//;s/,//g'
1393 .mpg .mp2 .mpeg .mpe .mpv
1403 arg
=("(" -iname "*${extensions[0]}")
1404 for (( i
=1 ; i
< ${#extensions[@]}; i
++ )); do
1405 arg
+=(-o -iname "*${extensions[i]}")
1410 #find $dir "${arg[@]}" -size +200k
1411 find $dir "${arg[@]}" -size +200k
-exec mpv
--profile=d
'{}' +
1414 mpv
--profile=s
"$@";
1422 d
=( /var
/lib
/znc
/moddata
/log
/iank
/{freenode
,libera
} )
1423 # use * instead of -r since that does sorted order
1424 ssh root@iankelling.org
"for f in ${d[@]}; do cd \$f/#$1; grep '\<iank.*' *; done" | cut
--complement -c12-16
1427 c
/p
/c
/.purple
/logs
/jabber
/iank@fsf.org
/office@conference.fsf.org.chat
1428 for x
in *.html
; do html2text
-o ${x%.html}.txt
$x; done;
1429 grep -A1 ') iank:' *.txt |
sed -r 's/^(.{10})[^ ]*\.txt:\(?([^ ]*)[[:space:]](..). iank:/\1_\2_\3/;s/^[^ ]*\.txt-//;/^--$/d;s/^[^ ]*\.txt:\((.{2}).(.{2}).(.{4}) (.{8}) (.{2})\)?/\3-\1-\2_\4_\5/' |
sed -n 'x;1d;0~2{G;s/\n/ /;p};${x;p}'
1433 d
=/var
/lib
/znc
/moddata
/log
/iank
/freenode
1434 ssh root@iankelling.org
"cd $d; find . -mtime -60 -type f -exec grep '\<iank.*' {} +" |
sed -r 's,^..([^/]*)/(.{11})(.{5})(.{8}).,\2\4 \1,' |
sort
1438 local time time_sec time_pretty
1439 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs where contact_name = 'iank' and jid_id = 17;" |
while read -r time l
; do
1444 if ! time_pretty
=$
(date +%F.
%R
-d @
$time); then
1445 echo bad
time: $time
1448 echo $time_pretty "$l"
1449 time_sec
=${time%%.*}
1450 # only look at the last 18 days. generally just use this for timesheet.
1451 if (( time_sec
< EPOCHSECONDS
- 60 * 60 * 24 * 18 )); then break; fi
1456 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs where contact_name = 'iank'" |
less
1460 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs" |
less
1464 e
"lspci -nnk|gr -iA2 net"
1465 lspci
-nnk|gr
-iA2 net
1467 e
"s lshw -C network"
1469 sudo lshw
-C network
1473 ser stop NetworkManager
1474 ser disable NetworkManager
1475 ser stop NetworkManager-wait-online.service
1476 ser disable NetworkManager-wait-online.service
1478 sudo resolvconf
-d NetworkManager
1484 ser start NetworkManager
1490 oathtool
--totp -b "$*" | xclip
-selection clipboard
1493 "$@" |
& pee
"xclip -r -selection clipboard"
1498 # from http://askubuntu.com/questions/456021/remove-vocals-from-mp3-and-get-only-instrumentals
1499 pactl load-module module-ladspa-sink sink_name
=Karaoke master
=alsa_output.usb-Audioengine_Audioengine_D1-00.analog-stereo plugin
=karaoke_1409 label
=karaoke control
=-30
1502 pfind
() { #find *$1* in $PATH
1503 [[ $# != 1 ]] && { echo requires
1 argument
; return 1; }
1505 IFS
=: pathArray
=($PATH); unset IFS
1506 find "${pathArray[@]}" -iname "*$1*"
1510 # trash-restore lists everything that has been trashed at or below CWD
1511 # This picks out files just in CWD, not subdirectories,
1512 # which also match grep $1, usually use $1 for a time string
1513 # which you get from running restore-trash once first
1516 # last condition is to not ask again for ones we skipped
1517 while name
="$( echo | restore-trash | gr "$PWD/[^
/]\
+$
" | gr "$1" )" \
1518 && [[ $name ]] && (( $
(wc -l <<<"$name") >= nth
)); do
1519 name
="$(echo "$name" | head -n $nth | tail -n 1 )"
1520 read -r -p "$name [Y/n] " ask
1521 if [[ ! $ask ||
$ask == [Yy
] ]]; then
1522 x
=$
( echo "$name" | gr
-o "^\s*[0-9]*" )
1523 echo $x | restore-trash
> /dev
/null
1524 elif [[ $ask == [Nn
] ]]; then
1534 rld
/a
/h
/_site
/ li
:/var
/www
/iankelling.org
/html
1539 # fixes the menu bar in xmonad. this won\'t be needed when xmonad
1540 # packages catches up on some changes in future (this is written in
1543 # geekosaur: so youll want to upgrade to xmonad 0.13 or else use a
1544 # locally modified XMonad.Hooks.ManageDocks that doesnt set the
1545 # work area; turns out it\'s impossible to set correctly if you are
1546 # not a fully EWMH compliant desktop environment
1548 # geekosaur: chrome shows one failure mode, qt/kde another, other
1549 # gtk apps a third, ... I came up with a setting that works for me
1550 # locally but apparently doesnt work for others, so we joined the
1551 # other tiling window managers in giving up on setting it at all
1553 xprop
-root -remove _NET_WORKAREA
1557 # reviewboard, used at my old job
1558 #rbpipe() { rbt post -o --diff-filename=- "$@"; }
1559 #rbp() { rbt post -o "$@"; }
1567 r2e
() { command r2e
-d /p
/c
/rss2email.json
-c /p
/c
/rss2email.cfg
"$@"; }
1568 # only run on MAIL_HOST. simpler to keep this on one system.
1569 r2eadd
() { # usage: name url
1570 # initial setup of rss2email:
1571 # r2e new r2e@iankelling.org
1572 # that initializes files, and sets default email.
1573 # symlink to the config doesnt work, so I copied it to /p/c
1574 # and then use cli option to specify explicit path.
1575 # Only option changed from default config is to set
1578 # or else for a few feeds, the from address is set by the feed, and
1579 # if I fail delivery, then I send a bounce message to that from
1580 # address, which makes me be a spammer.
1582 r2e add
$1 "$2" $1@r2e.iankelling.org
1583 # get up to date and dont send old entries now:
1584 r2e run
--no-send $1
1587 rspicy
() { # usage: HOST DOMAIN
1588 # connect to spice vm remote host. use vspicy for local host
1590 # shellcheck disable=SC2087
1592 sudo virsh dumpxml $2|grep "<graphics.*type='spice'" | \
1593 sed -rn "s/.*port='([0-9]+).*/\1/p"
1596 if [[ $port ]]; then
1597 spicy
-h $1 -p $port
1599 echo "error: no port found. check that the domain is running."
1605 # s gem install scss-lint
1606 pushd /a
/opt
/thoughtbot-guides
1609 scss-lint
-c /a
/opt
/thoughtbot-guides
/style
/sass
/.scss-lint.yml
"$@"
1613 sk
-e 2120,245 /b
/ds
/brc
/b
/ds
/brc2
1618 out
=${2:-${1%.*}.sh}
1620 script -t -c "mpv --no-config --no-resume-playback --no-terminal --no-audio-display '$1'" $tmp/typescript
2>$tmp/timing
1621 # todo, the current sleep seems pretty good, but it
1622 # would be nice to have an empirical measurement, or
1623 # some better wait to sync up.
1625 # note: --loop-file=no prevents it from hanging if you have that
1626 # set to inf the mpv config.
1627 # --loop=no prevents it from exit code 3 due to stdin if you
1628 # had it set to inf in mpv config.
1630 # args go to mpv, for example --volume=80, 50%
1631 cat >$out <<EOFOUTER
1633 trap "trap - TERM && kill 0" INT TERM ERR; set -e
1634 ( sleep .2; scriptreplay <( cat <<'EOF'
1638 $(cat $tmp/typescript)
1641 base64 -d - <<'EOF'| mpv --loop=no --loop-file=no --no-terminal --no-audio-display "\$@" -
1650 smeld
() { # ssh meld usage host1 host2 file
1651 meld
<(ssh $1 cat $3) <(ssh $2 cat $3)
1655 PATH
=/usr
/local
/spdhackfix
:$PATH command spd
"$@"
1658 spamf
() { # spamtest on FILE
1659 local spamcpre spamdpid
1661 if (( $# != 1 )); then
1662 e spamtest error
: expected
1 arg
, filename
>&2
1666 spamdpid
=$
(systemctl status spamassassin|
sed -n '/^ *Main PID:/s/[^0-9]//gp')
1667 spamcpre
="nsenter -t $spamdpid -n -m"
1668 s
$spamcpre sudo
-u Debian-exim spamassassin
-t --cf='score PYZOR_CHECK 0' <"$1"
1674 declare -gi _seq
; _seq
+=1
1675 echo "test body" | m
mail -s "test mail from $HOSTNAME, $_seq" "${@:-root@localhost}"
1676 # for testing to send from an external address, you can do for example
1677 # -fian@iank.bid -aFrom:ian@iank.bid web-6fnbs@mail-tester.com
1678 # note in exim, you can retry a deferred message
1680 # MSG_ID is in /var/log/exim4/mainlog, looks like 1ccdnD-0001nh-EN
1683 # to test sieve, use below command. for fsf mail, see offlineimap-sync script
1684 # make modifications, then copy to live file, use -eW to actually modify mailbox
1686 # Another option is to use sieve-test SCRIPT MAIL_FILE. note,
1687 # sieve-test doesnt know about envelopes, Im not sure if sieve-filter does.
1689 # sieve with output filter. arg is mailbox, like INBOX.
1690 # This depends on dovecot conf, notably mail_location in /etc/dovecot/conf.d/10-mail.conf
1692 # always run this first, edit the test files, then run the following
1694 sieve-filter ~
/sieve
/maintest.sieve
${1:-INBOX} delete
2> >(head; tail) >/tmp
/testsieve.log
&& sed -rn '/^Performed actions:/,/^[^ ]/{/^ /p}' /tmp
/testsieve.log |
sort |
uniq -c
1697 c ~
/sieve
; cp personal
{test,}.sieve
; cp lists
{test,}.sieve
; cp personalend
{test,}.sieve
1698 sieve-filter
-eWv ~
/sieve
/maintest.sieve
${1:-INBOX} delete
&> /tmp
/testsieve.log
1699 sed -r '/^info: filtering:/{h;d};/^info: msgid=$/N;/^info: msgid=.*left message in mailbox [^ ]+$/d;/^info: msgid=/{H;g};/^info: message kept in source mailbox.$/d' /tmp
/testsieve.log
1704 # printf "subject\nbody\n" | alertme
1709 To: alerts@iankelling.org
1716 To: alerts@iankelling.org
1728 To: daylert@iankelling.org
1735 To: daylert@iankelling.org
1744 # alert when a page goes live.
1746 local quiet url tmpdir
1749 # dont send a diff of the html. some html is not very readable
1755 tmpdir
="$(mktemp -d)"
1758 if wget
-q "$url"; then
1765 sleep $
(( 120 + RANDOM
% 300 ))
1769 # alert on changes to a webpage (just the base page that curl gets)
1770 # usage: weblert URL [SUBJECT...]
1772 local u old new quiet
1775 # dont send a diff of the html. some html is not very readable
1782 subject
="${*:-weblert}"
1783 old
=$
(curl
-s "$u") ||
:
1785 new
=$
(curl
-s "$u") ||
:
1786 if [[ $old && $new ]]; then
1787 if [[ $new != "$old" ]]; then
1789 echo | daylertme
"$subject"
1791 diff <(printf "%s\n" "$old") <(printf "%s\n" "$new") | daylertme
"$subject" ||
:
1796 sleep $
(( 60 + RANDOM
% 120 ))
1802 source `type -p torsocks` on
1806 less /var
/log
/exim
4/mymain
1812 # testmail above calls sendmail, which is a link to exim/postfix.
1813 # its docs dont say a way of adding an argument
1814 # to sendmail to turn on debug output. We could make a wrapper, but
1815 # that is a pain. Exim debug args are documented here:
1816 # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
1818 # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-building_and_installing_exim.html
1819 # note, for exim daemon, you can turn on debug options by
1820 # adding -d, etc to COMMONOPTIONS in
1821 # /etc/default/exim4
1823 # to specify recipients other than those in to, cc, bcc, you can use the cli args, eg:
1824 # exim -t 'test@zroe.org, t2@zroe.org' <<'EOF'
1826 # -t = get recipient from header
1828 From: root@$(hostname -f)
1829 To: root@$(hostname -f)
1832 This is a test message.
1839 # https://askubuntu.com/questions/160945/is-there-a-way-to-disable-a-laptops-internal-keyboard
1840 id
=$
(xinput
--list --id-only 'AT Translated Set 2 keyboard')
1841 if xinput list |
grep -F '∼ AT Translated Set 2 keyboard' &>/dev
/null
; then
1842 echo enabling keyboard
1843 # find the first slave keyboard number, they are all the same in my output.
1844 # if they werent, worst case we would need to save the slave number somewhere
1845 # when it got disabled.
1846 slave
=$
(xinput list |
sed -n 's/.*slave \+keyboard (\([0-9]*\)).*/\1/p' |
head -n1)
1847 xinput reattach
$id $slave
1856 (sleep $
(calc
"$* * 60") && mpv
--no-config --volume 50 /a
/bin
/data
/alarm.mp3
) > /dev
/null
2>&1 &
1859 trg
() { transmission-remote-gtk
& r
; }
1861 # example, set global upload limit to 100 kilobytes:
1863 TR_AUTH
=":$(jq -r .profiles[0].password ~/.config/transmission-remote-gtk/config.json)" transmission-remote transmission.lan
-ne "$@"
1870 for (( i
=0; i
< retries
- 1; i
++ )); do
1882 if [[ -e $1 && ! -w $1 ||
! -w $
(dirname "$1") ]]; then
1885 # full path for using in some initial setup steps
1892 ecmd
="/usr/sbin/exim4 -C /etc/exim4/my.conf"
1893 if ip a show veth1-mail
&>/dev
/null
; then
1897 pid
=$
(pgrep
-f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1
)
1898 m s nsenter
-t $pid -n -m $ecmd "$@"
1901 # get pid of systemd service
1905 pid
=$
(systemctl show
--property MainPID
--value "$unit")
1910 dir
=/sys
/fs
/cgroup
/system.slice
1911 if [[ ! -d $dir ]]; then
1912 # t10 and older directory.
1913 dir
=/sys
/fs
/cgroup
/systemd
/system.slice
1916 # 0 or empty. This file includes the MainPid, so I expect we
1917 # could just get this in the first place, but i don't know if that
1918 # is always the case.
1919 pid
=$
(head -n1 $dir/${unit%.service}.service
/cgroup.procs
)
1923 printf "%s\n" "$pid"
1929 sdnbash
() { # systemd namespace bash
1931 if (( $# != 1 )); then
1932 echo $0: error wrong number of args
>&2
1936 pid
=$
(servicepid
$unit)
1937 m sudo nsenter
-t $pid -n -m sudo
-u $USER -i bash
1940 sdnbashroot
() { # systemd namespace bash
1942 if (( $# != 1 )); then
1943 echo $0: error wrong number of args
>&2
1947 pid
=$
(servicepid
$unit)
1948 m sudo nsenter
-t $pid -n -m bash
1952 sdncmd
() { # systemd namespace cmd
1954 if (( $# <= 2 )); then
1955 echo $0: error wrong number of args
>&2
1960 pid
=$
(servicepid
$unit)
1961 m sudo nsenter
-t $pid -n -m sudo
-u $USER -i "$@"
1969 # we use wireguard now, use mailnnbash.
1971 # m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash
1976 pid
=$
(pgrep
-f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1
)
1977 if [[ ! $pid ]]; then
1978 echo "eximbash: failed to find exim pid. systemctl -n 30 status exim4:"
1979 systemctl status exim4
1981 m sudo nsenter
-t $pid -n -m
1985 spamdpid
=$
(systemctl show
--property MainPID
--value spamassassin
)
1986 m sudo nsenter
-t $spamdpid -n -m sudo
-u Debian-exim spamassassin
"$@"
1989 m sudo nsenter
-t $
(systemctl status unbound|
sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo
-u $USER -i bash
1993 s nmtui-connect
"$@"
1997 local unit pid ns mailnn
1998 # mailvpn would belong on the list if using openvpn
1999 for unit
in mailnn unbound dovecot spamassassin exim4 radicale
; do
2000 pid
=$
(servicepid
$unit)
2001 echo debug
: unit
=$unit pid
=$pid
2002 if [[ ! $pid ]]; then
2003 echo failed to
find pid
for unit
=$unit
2006 if ! ns
=$
(s readlink
/proc
/$pid/ns
/net
); then
2007 echo failed to
find ns
for unit
=$unit pid
=$pid
2010 if [[ $mailnn ]]; then
2011 if [[ $ns != "$mailnn" ]]; then
2012 echo "$unit ns $ns != $mailnn"
2023 m sudo
-E env
"PATH=$PATH" nsenter
-t $
(pgrep
-f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n "$@"
2027 vpncmd sudo
-u iank env
"PATH=$PATH" "$@"
2035 if [[ -e /lib
/systemd
/system
/openvpn-client@.service
]]; then
2036 local vpn_service
=openvpn-client
2038 local vpn_service
=openvpn
2041 [[ $1 ]] ||
{ echo need arg
; return 1; }
2042 journalctl
--unit=$vpn_service@
$1 -f -n0 &
2043 # sometimes the journal doesnt open until after the vpn output
2044 # has happened. hoping this fixes that.
2046 sudo systemctl start
$vpn_service@
$1
2047 # sometimes the ask-password agent does not work and needs a delay.
2049 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779240
2050 # noticed around 8-2017 after update from around stretch release
2051 # on debian testing, even though the bug is much older.
2052 sudo systemd-tty-ask-password-agent
2057 ls -lad /run
/user
/1000
2058 stats
=$
(stat
-c%a-
%g-
%u
/run
/user
/1000)
2059 if [[ $stats != 700-1000-1000 ]]; then
2060 m s
chmod 700 /run
/user
/1000; m s chown iank.iank
/run
/user
/1000
2064 # systemctl is-enabled / status / cat says nothing, instead theres
2065 # some obscure symlink. paths copied from man systemd.unit.
2066 # possibly also usefull, but incomplete, doesnt show units not loaded in memory:
2067 # seru list-dependencies --reverse --all UNIT
2070 local -a dirs search
2076 ~
/.config
/systemd
/user.control
/*
2077 $XDG_RUNTIME_DIR/systemd
/user.control
/*
2078 $XDG_RUNTIME_DIR/systemd
/transient
/*
2079 $XDG_RUNTIME_DIR/systemd
/generator.early
/*
2080 ~
/.config
/systemd
/user
/*
2082 $XDG_RUNTIME_DIR/systemd
/user
/*
2084 $XDG_RUNTIME_DIR/systemd
/generator
/*
2085 ~
/.local
/share
/systemd
/user
/*
2086 /usr
/lib
/systemd
/user
/*
2087 $XDG_RUNTIME_DIR/systemd
/generator.late
/*
2092 /etc
/systemd
/system.control
/*
2093 /run
/systemd
/system.control
/*
2094 /run
/systemd
/transient
/*
2095 /run
/systemd
/generator.early
/*
2096 /etc
/systemd
/system
/*
2097 /etc
/systemd
/systemd.attached
/*
2098 /run
/systemd
/system
/*
2099 /run
/systemd
/systemd.attached
/*
2100 /run
/systemd
/generator
/*
2101 /lib
/systemd
/system
/*
2102 /run
/systemd
/generator.late
/*
2106 for f
in "${search[@]}"; do
2107 [[ -d $f ]] ||
continue
2114 # dirs is just so we write out the directory names, ls does it when there is 2 or more dirs.
2130 read _ link _ istls
< <(resolvectl dnsovertls tunfsf
)
2133 *) echo fixvpndns error
: unexpected istls value
: $istls >&2; return 1 ;;
2135 s busctl call org.freedesktop.resolve1
/org
/freedesktop
/resolve1 org.freedesktop.resolve1.Manager SetLinkDNSOverTLS is
$link no
2139 [[ $1 ]] ||
{ echo need arg
; return 1; }
2140 if [[ -e /lib
/systemd
/system
/openvpn-client@.service
]]; then
2141 local vpn_service
=openvpn-client
2143 local vpn_service
=openvpn
2145 sudo systemctl stop
$vpn_service@
$1
2147 vpnoffc
() { # vpn off client
2148 ser stop openvpn-client-tr@client
2151 ser start openvpn-client-tr@client
2155 vspicy
() { # usage: VIRSH_DOMAIN
2156 # connect to vms made with virt-install
2157 spicy
-p $
(sudo virsh dumpxml
"$1"|
grep "<graphics.*type='spice'"|\
2158 sed -r "s/.*port='([0-9]+).*/\1/")
2162 cat-new-files
/m
/4e
/INBOX
/new
2165 wtr
() { curl wttr.in
/boston
; }
2167 xevkb
() { xev
-event keyboard
; }
2172 printf "running: %s\n" "$*"
2176 f
=/a
/f
/ansible-configs
/files
/common
/etc
/fsf-workstation-bashrc.sh
2177 if [[ -e $f ]]; then
2178 # shellcheck disable=SC1090
2183 # https://electrum.readthedocs.io/en/latest/tor.html
2184 # https://github.com/spesmilo/electrum-docs/issues/129
2185 s rsync
-ptog --chown bitcoin
:bitcoin ~
/.Xauthority
/var
/lib
/bitcoind
/.Xauthority
2186 sudo
-u bitcoin DISPLAY
=$DISPLAY XAUTHORITY
=/var
/lib
/bitcoind
/.Xauthority
/a
/opt
/electrum-4.2
.1-x86_64.AppImage
-p socks5
:localhost
:9050
2189 sudo
-u bitcoin DISPLAY
=$DISPLAY XAUTHORITY
=/var
/lib
/bitcoind
/.Xauthority
/a
/opt
/monero-gui-v0.17
.3.2/monero-wallet-gui
2194 # we also have a file in /a/c/...konsole...
2195 local f
=$HOME/.config
/konsolerc
2196 setini DefaultProfile profileian.profile
"Desktop Entry" $f
2197 setini Favorites profileian.profile
"Favorite Profiles" $f
2198 setini ShowMenuBarByDefault false KonsoleWindow
$f
2199 setini TabBarPosition Top TabBar
$f
2203 while read -r k v
; do
2204 # shellcheck disable=SC2154
2205 setini
$k $v sakura
/a
/c
/subdir_files
/.config
/sakura
/sakura.conf
2207 colorset1_back rgb(33,37,39)
2211 disable_numbered_tabswitch true
2212 scroll_lines 10000000
2217 # make a page of links found in the files $@. redirect output
2219 gr
-oh 'https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)' "$@" | \
2220 rev |
sort -u |
rev |
sed 's,.*,<a href="\0">\0</a><br\>,'
2223 reset-xscreensaver
() {
2224 # except for spash, i set these by setting gui options in
2225 # xscreensaver-command -demo
2226 # then finding the corresponding option in .xscreensaver
2227 # spash, i happened to notice in .xscreensaver
2229 # dpmsOff, monitor doesnt come back on using old free software supported nvidia card
2230 cat > /home
/iank
/.xscreensaver
<<'EOF'
2233 dpmsStandby: 0:07:00
2234 dpmsSuspend: 0:08:00
2238 lockTimeout: 0:06:00
2245 # * stuff that makes sense to be at the end
2246 if [[ "$SUDOD" ]]; then
2247 # allow failure, for example if we are sudoing into a user with diffferent/lesser permissions.
2250 elif [[ -d /a
]] && [[ $PWD == "$HOME" ]] && [[ $
- == *i
* ]]; then
2258 # for mitmproxy to get a newer python.
2259 # commented until i want to use it because it
2260 # noticably slows bash startup
2264 if [[ $EUID == 0 ||
! -e ~
/.pyenv
/bin
]]; then
2265 echo "error: dont be root. make sure pyenv is installed"
2268 export PATH
="$HOME/.pyenv/bin:$PATH"
2269 eval "$(pyenv init -)"
2270 eval "$(pyenv virtualenv-init -)"
2274 export GOPATH
=$HOME/go
2275 path-add
$GOPATH/bin
2276 path-add
/usr
/local
/go
/bin
2278 # I have the git repo and a release. either one should work.
2279 # I have both because I was trying to solve an issue that
2280 # turned out to be unrelated.
2281 # ARDUINO_PATH=/a/opt/Arduino/build/linux/work
2283 ## i should have documented this...
2284 # based on https://github.com/keyboardio/Kaleidoscope
2285 export KALEIDOSCOPE_DIR
=/a
/opt
/Kaleidoscope
2287 # They want to be added to the start, but i think
2288 # that should be avoided unless we really need it.
2289 path-add
--end ~
/.npm-global
2292 path-add
--end $HOME/.cargo
/bin
2294 if type -P rg
&>/dev
/null
; then
2295 # --no-messages because of annoying errors on broken symlinks
2296 # -z = search .gz etc files
2297 # -. = search dotfilesq
2298 rg
() { command rg
-.
-z --no-messages -L -i -M 900 --no-ignore-parent --no-ignore-vcs -g '!.git' -g '!auto-save-list' -g '!.savehist' "$@" ||
return $?
; }
2299 #fails if not exist. ignore
2300 complete
-r rg
2>/dev
/null ||
:
2307 # taken from default changes to bashrc and bash_profile
2308 path-add
--end --ifexists $HOME/.rvm
/bin
2309 # also had ruby bin dir, but moved that to environment.sh
2310 # so its included in overall env
2313 export BASEFILE_DIR
=/a
/bin
/fai-basefiles
2315 #export ANDROID_HOME=/a/opt/android-home
2316 # https://f-droid.org/en/docs/Installing_the_Server_and_Repo_Tools/
2317 #export USE_SDK_WRAPPER=yes
2318 #PATH=$PATH:$ANDROID_HOME/tools:$ANDROID_HOME/platform-tools
2320 # didnt get drush working, if I did, this seems like the
2321 # only good thing to include for it.
2322 # Include Drush completion.
2323 # if [ -f "/home/ian/.drush/drush.complete.sh" ] ; then
2324 # source /home/ian/.drush/drush.complete.sh
2331 # https://wiki.archlinux.org/index.php/Xinitrc#Autostart_X_at_login
2332 # i added an extra condition as gentoo xorg guide says depending on
2333 # $DISPLAY is fragile.
2334 if [[ ! $DISPLAY && $XDG_VTNR == 1 ]] && shopt -q login_shell
&& isarch
; then
2339 # ensure no bad programs appending to this file will have an affect