# * settings
-HISTFILE=$HOME/.bh
+if [[ $HISTFILE ]]; then
+ HISTFILE=$HOME/.bh
+fi
source /a/bin/distro-setup/path-add-function
path-add /a/exe
pactl load-module module-remap-source source_name=iancombine master=ianinput.monitor source_properties=device.description=iancombine
}
+# h ssh test
+# For testing restrictive ssh.
hstest() {
install-my-scripts
d=$(mktemp -d)
s command ssh -F $d/config -i /q/root/h "$@"
}
-hrtest() {
+# h rsync test
+# For testing restrictive rsync
+hrtest() { #
install-my-scripts
d=$(mktemp -d)
sed '/^ *IdentityFile/d' ~/.ssh/config >$d/config
s rsync -e "ssh -F $d/config -i /q/root/h" "$@"
}
+# rsync as root and avoid the default restrictive h key & config.
+rootrsync() {
+ s rsync -e "ssh -F /root/.ssh/confighome" "$@"
+}
+
slemacs() {
local arg rtime v
EOF
}
+rm-docker-iptables() {
+ s iptables -S | gr docker | gr -- -A | sed 's/-A/-D/'| while read -r l; do sudo iptables $l; done
+ s iptables -S -t nat | gr docker | gr -- -A | sed 's/-A/-D/'| while read -r l; do sudo iptables -t nat $l; done
+ s iptables -S | gr docker | gr -- -N | sed 's/-N/-X/'| while read -r l; do sudo iptables $l; done
+ s iptables -S -t nat | gr docker | gr -- -N | sed 's/-N/-X/'| while read -r l; do sudo iptables -t nat $l; done
+}
+
# usage mkschroot [-] distro codename packages
# - means no piping in of sources.list
mkschroot() {
# s sshfs bu@$host:/bu/home/md /bu/mnt -o reconnect,ServerAliveInterval=20,ServerAliveCountMax=30 -o allow_other
eqgo() {
- enn -M $(exiqgrep -i)
+ enn -M $(exiqgrep -i -r.\*)
}
eqgo1() {
- enn -M $(exiqgrep -i|h1)
+ enn -M $(exipick -i -r.\*|h1)
}
if $active; then
ser stop btrbk.timer
fi
- if [[ $(systemctl is-active btrbk.service ||:) != inactive ]]; then
- echo "cron btrbk is already running"
- if $active; then ser start btrbk.timer; fi
- return 1
- fi
+ btrbk_is_active=$(systemctl is-active btrbk.service ||:)
+ case $btrbk_is_active in
+ inactive|failed) : ;;
+ *)
+ echo "bbk: error: systemctl is-active btrbk.service output: $btrbk_is_active"
+ if $active; then ser start btrbk.timer; fi
+ return 1
+ ;;
+ esac
# run latest
install-my-scripts
# todo: consider changing this to srun and having the args come
journalctl -qn2 -f -u "$cmd_name" &
# Guess of time needed to avoid missing initial lines.
# .5 was not reliable. 1 was not reliable. 2 was not reliable
- sleep 3
+ sleep 4
# We kill this in prompt-command for the case that we ctrl-c the
# systemd-cat. i dont know any way to trap ctrl-c and still run the
# normal action for it. There might be a way, unsure.
local f=/var/lib/bind/db.b8.nz
m ser stop named
m sleep 1
- m sudo rm -fv $f.jnl
+ m sudo rm -fv $f.jnl $f.signed.jnl
m sudo install -m 644 -o bind -g bind /p/c/machine_specific/vps/bind-initial/db.b8.nz $f
m ser restart named
}
ccomp journalctl jtail jr jrf
-kff() { # keyboardio firmware flash
- pushd /a/bin/distro-setup/Arduino/Model01-Firmware
- yes $'\n' | make flash
+kff() { # keyboardio firmware flash. you must hold down the tilde key
+ pushd /a/opt/Model01-Firmware
+ # if we didn't want this yes hack, then remove "shell read" from
+ # /a/opt/Kaleidoscope/etc/makefiles/sketch.mk
+ yes $'\n' | VERBOSE=1 make flash
popd
}
m sudo -E /usr/bin/nsenter --mount=/root/mount_namespaces/$ns "$@"
}
+mnsr() { # mns run
+ local ns=$1
+ shift
+ mns $ns sudo -u iank -E env "PATH=$PATH" "$@"
+}
+
mnsnonet() {
ns=$1
if ! s ip netns list | grep -Fx nonet &>/dev/null; then
s ip netns add nonet
fi
mns $ns --net=/var/run/netns/nonet sudo -E -u iank /bin/bash
+ lomh
}
lom() {
+ # l = the loopback device
local l base
if [[ $1 == /* ]]; then
base=${1##*/}
+ fs_file=$1
if mns $base mountpoint -q /mnt/$base; then
return 0
fi
- l=$(losetup -j $1 | sed -rn 's/^([^ ]+): .*/\1/p' | head -n1 ||:)
+ l=$(losetup -j $fs_file | sed -rn 's/^([^ ]+): .*/\1/p' | head -n1 ||:)
if [[ ! $l ]]; then
l=$(sudo losetup -f)
- m sudo losetup $l $1
+ m sudo losetup $l $fs_file
fi
if ! sudo cryptsetup status /dev/mapper/$base &>/dev/null; then
if ! sudo cryptsetup luksOpen $l $base; then
m sudo mkdir -p /mnt/$base
m mns $base mount /dev/mapper/$base /mnt/$base
m mns $base chown $USER:$USER /mnt/$base
+ lomh
else
base=$1
if mns $base mountpoint /mnt/$base &>/dev/null; then
return 1
fi
fi
- l=$(losetup -l --noheadings | awk '$6 ~ /\/'$1'$/ {print $1}')
+ l=$(losetup -l --noheadings | awk '$6 ~ /\/'$base'$/ {print $1}')
if [[ $l ]]; then
m sudo losetup -d $l
else
mv -T $src $dst
set +x
}
+mb2disable() {
+ local mb=$1
+ dst=/m/md/$mb
+ src=/m/4e2/$mb
+ set -x
+ [[ -e $src ]] || { set +x; return 1; }
+ if [[ -L $dst ]]; then rm $dst; fi
+ mv -T $src $dst
+ set +x
+}
mdt() {
mo() { xset dpms force off; } # monitor off
+mpvgpu() {
+ # seems to be the best gpu decoding on my nvidia 670.
+ # vlc gets similar or better framerate, but is much darker output on my test movie at least.
+
+
+ case $HOSTNAME in
+ kd)
+ echo 0f | sudo tee -a /sys/kernel/debug/dri/0/pstate
+ ;;
+ esac
+ # going back to the default slow clock, and slower fan:
+ # echo 07 | sudo tee -a /sys/kernel/debug/dri/0/pstate
+ if [[ $DISPLAY ]]; then
+ mpv --vo=vdpau --hwdec=auto "$@"
+ else
+ # waylandvk seems to work the same
+ mpv --gpu-context=wayland --hwdec=auto
+ fi
+}
+
mpvd() {
mpv --profile=d "$@";
}
+# mpv all media files in . or $1
+mpvm() {
+ local -a extensions arg
+ # get page source of https://en.wikipedia.org/w/index.php?title=Video_file_format&action=edit
+ # into /a/x.log, then
+ # grep '^| *\.' /a/x.log | sed 's/| *//;s/,//g'
+ extensions=(
+ .webm
+ .mkv
+ .flv
+ .flv
+ .vob
+ .ogv .ogg
+ .drc
+ .gif
+ .gifv
+ .mng
+ .avi
+ .MTS .M2TS .TS
+ .mov .qt
+ .wmv
+ .yuv
+ .rm
+ .rmvb
+ .viv
+ .asf
+ .amv
+ .mp4 .m4p .m4v
+ .mpg .mp2 .mpeg .mpe .mpv
+ .mpg .mpeg .m2v
+ .m4v
+ .svi
+ .3gp
+ .3g2
+ .mxf
+ .roq
+ .nsv
+ )
+ arg=("(" -iname "*${extensions[0]}")
+ for (( i=1 ; i < ${#extensions[@]}; i++ )); do
+ arg+=(-o -iname "*${extensions[i]}")
+ done
+ arg+=(")")
+ dir=${1:-.}
+ # debug:
+ #find $dir "${arg[@]}" -size +1M
+ find $dir "${arg[@]}" -size +1M -exec mpv --profile=d '{}' +
+}
mpvs() {
mpv --profile=s "$@";
}
PATH=/usr/local/spdhackfix:$PATH command spd "$@"
}
-spend() {
- sudo systemctl suspend
-}
-
spamf() { # spamtest on FILE
local spamcpre spamdpid
done
}
+# alert on changes to a webpage (just the base page that curl gets)
+# usage: weblert URL [SUBJECT...]
+weblert() {
+ local u old new quiet
+ quiet=false
+ case $1 in
+ # dont send a diff of the html. some html is not very readable
+ -q) quiet=true
+ shift
+ ;;
+ esac
+ u="$1"
+ shift
+ subject="${*:-weblert}"
+ old=$(curl -s "$u") ||:
+ while true; do
+ new=$(curl -s "$u") ||:
+ if [[ $old && $new ]]; then
+ if [[ $new != "$old" ]]; then
+ if $quiet; then
+ echo | daylertme "$subject"
+ else
+ diff <(printf "%s\n" "$old") <(printf "%s\n" "$new") | daylertme "$subject" ||:
+ fi
+ fi
+ old="$new"
+ fi
+ sleep $(( 60 + RANDOM % 120 ))
+ done
+}
+
+torshell() {
+ # per man torsocks
+ source `type -p torsocks` on
+}
+
+eless2() {
+ less /var/log/exim4/mymain
+}
+
# mail related
testexim() {
#
# -t = get recipient from header
exim -d -t <<'EOF'
-From: i@dmarctest.b8.nz
-To: mailman@dev.fsf.org
+From: root@$(hostname-f)
+To: root@$(hostname-f)
Subject: test2
-Reply-to: rtest@iankelling.org
This is a test message.
EOF
m s nsenter -t $pid -n -m $ecmd "$@"
}
+# get pid of systemd service
+servicepid() {
+ local pid unit dir
+ unit="$1"
+ pid=$(systemctl show --property MainPID --value "$unit")
+ case $pid in
+ [1-9]*) : ;;
+ *)
+
+ dir=/sys/fs/cgroup/system.slice
+ if [[ ! -d $dir ]]; then
+ # t10 and older directory.
+ dir=/sys/fs/cgroup/systemd/system.slice
+ fi
+
+ # 0 or empty. This file includes the MainPid, so I expect we
+ # could just get this in the first place, but i don't know if that
+ # is always the case.
+ pid=$(head -n1 $dir/${unit%.service}.service/cgroup.procs)
+ ;;
+ esac
+ if [[ $pid ]]; then
+ printf "%s\n" "$pid"
+ else
+ return 1
+ fi
+}
+
sdnbash() { # systemd namespace bash
- local unit=$1
- m sudo nsenter -t $(systemctl show --property MainPID --value $unit) -n -m sudo -u $USER -i bash
+ local unit pid
+ if (( $# != 1 )); then
+ echo $0: error wrong number of args >&2
+ return 1
+ fi
+ unit=$1
+ pid=$(servicepid $unit)
+ m sudo nsenter -t $pid -n -m sudo -u $USER -i bash
}
-mailnnbash() {
- m sudo nsenter -t $(systemctl show --property MainPID --value mailnn) -n -m sudo -u $USER -i bash
+sdncmd() { # systemd namespace cmd
+ local unit pid
+ if (( $# <= 2 )); then
+ echo $0: error wrong number of args >&2
+ return 1
+ fi
+ unit=$1
+ shift
+ pid=$(servicepid $unit)
+ m sudo nsenter -t $pid -n -m sudo -u $USER -i "$@"
}
-mailvpnbash() {
- m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash
+
+mailnnbash() {
+ sdnbash mailnn
}
+
+# we use wireguard now, use mailnnbash.
+# mailvpnbash() {
+# m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash
+# }
+
eximbash() {
local pid
pid=$(pgrep -f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1)
m sudo nsenter -t $(systemctl status unbound| sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash
}
+nmtc() {
+ s nmtui-connect "$@"
+}
+
mailnncheck() {
- local p pid ns mailnn
+ local unit pid ns mailnn
# mailvpn would belong on the list if using openvpn
- for p in mailnn unbound dovecot spamassassin exim4 radicale; do
- case $p in
- exim4|radicale)
- pid=$(ps -eo pid,cgroup | grep /system.slice/$p.service | awk '{print $1}')
- ;;
- *)
- pid=$(s systemctl show --property MainPID --value $p)
- ;;
- esac
- echo p=$p pid=$pid
+ for unit in mailnn unbound dovecot spamassassin exim4 radicale; do
+ pid=$(servicepid $unit)
+ echo debug: unit=$unit pid=$pid
if [[ ! $pid ]]; then
- echo failed to find pid for $p
+ echo failed to find pid for unit=$unit
continue
fi
if ! ns=$(s readlink /proc/$pid/ns/net); then
- echo failed to find ns for $p pid=$pid
+ echo failed to find ns for unit=$unit pid=$pid
continue
fi
if [[ $mailnn ]]; then
if [[ $ns != "$mailnn" ]]; then
- echo "$p ns $ns != $mailnn"
+ echo "$unit ns $ns != $mailnn"
fi
else
mailnn=$ns
vpncmd() {
m sudo -E env "PATH=$PATH" nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n "$@"
}
-vpnf() {
- sudo -v
- vpncmd sudo -E -u iank env "PATH=$PATH" abrowser -no-remote -P vpn &
- sleep 5
- r
-}
-vpn2f() {
- sudo -v
- vpncmd sudo -u iank env "PATH=$PATH" abrowser -no-remote -P vpn2 & r
-}
vpni() {
vpncmd sudo -u iank env "PATH=$PATH" "$@"
}
fixu() {
+ local stats
ls -lad /run/user/1000
- s chmod 700 /run/user/1000; s chown iank.iank /run/user/1000
+ stats=$(stat -c%a-%g-%u /run/user/1000)
+ if [[ $stats != 700-1000-1000 ]]; then
+ m s chmod 700 /run/user/1000; m s chown iank.iank /run/user/1000
+ fi
}
# systemctl is-enabled / status / cat says nothing, instead theres
unset SUDOD
elif [[ -d /a ]] && [[ $PWD == "$HOME" ]] && [[ $- == *i* ]]; then
cd /a
+ OLDPWD=
fi
# I have both because I was trying to solve an issue that
# turned out to be unrelated.
# ARDUINO_PATH=/a/opt/Arduino/build/linux/work
-export ARDUINO_PATH=/a/opt/arduino-1.8.15
+
+## i should have documented this...
+# based on https://github.com/keyboardio/Kaleidoscope
export KALEIDOSCOPE_DIR=/a/opt/Kaleidoscope
# They want to be added to the start, but i think
if type -P rg &>/dev/null; then
# --no-messages because of annoying errors on broken symlinks
- rg() { command rg --no-messages -L -i -M 300 --no-ignore "$@" || return $?; }
+ # -z = search .gz etc files
+ # -. = search dotfilesq
+ rg() { command rg -. -z --no-messages -L -i -M 900 --no-ignore-parent --no-ignore-vcs -g '!.git' -g '!auto-save-list' -g '!.savehist' "$@" || return $?; }
#fails if not exist. ignore
complete -r rg 2>/dev/null ||:
else