# generated instead of dynamic for the benefit of shellcheck
#for x in /a/bin/distro-functions/src/* /a/bin/!(githtml)/*-function?(s); do echo source $x ; done
source /a/bin/distro-functions/src/identify-distros
-source /a/bin/distro-functions/src/package-manager-abstractions
source /a/bin/log-quiet/logq-function
# for x in /a/bin/bash_unpublished/source-!(.#*); do echo source $x; done
source /a/bin/bash_unpublished/source-semi-priv
fi
sudo chroot $d apt-get update
sudo DEBIAN_FRONTEND=noninteractive chroot $d apt-get -y dist-upgrade --purge --auto-remove
- sudo DEBIAN_FRONTEND=noninteractive schroot -c $n -- apt-get install --allow-unauthenticated -y ${apps[@]}
sudo cp -P {,$d}/etc/localtime
+ if (( ${#apps[@]} )); then
+ sudo DEBIAN_FRONTEND=noninteractive schroot -c $n -- apt-get install --allow-unauthenticated -y ${apps[@]}
+ fi
}
system-status _
}
+alerts() {
+ find /var/local/cron-errors /home/iank/cron-errors /sysd-mail-once-state -type f
+}
+ralerts() { # remote alerts
+ local ret shell
+ # this list is duplicated in check-remote-mailqs
+ for h in bk je li frodo kwwg x3wg x2wg kdwg sywg; do
+ echo $h:
+ shell="ssh $h"
+ if [[ $HOSTNAME == "${h%wg}" ]]; then
+ shell=
+ fi
+ ret=0
+ $shell find /var/local/cron-errors /home/iank/cron-errors /sysd-mail-once-state -type f || ret=$?
+ if (( ret )); then
+ echo ret:$ret
+ fi
+ done
+}
+
ap() {
# pushd in case current directory has an ansible.cfg file
pushd /a/xans >/dev/null
nnn() { /a/opt/nnn -H "$@"; }
+locat() { # log-once cat
+ local files
+ ngset
+ files=(/var/local/cron-errors/* /home/iank/cron-errors/* /sysd-mail-once-state/*)
+ case ${#files[@]} in
+ 0) : ;;
+ 1)
+ echo ${files[0]}
+ head ${files[0]}
+ ;;
+ *)
+ head ${files[@]}
+ ;;
+ esac
+ ngreset
+}
# duplicated somewhat below.
jrun() { # journal run. run args, log to journal, tail and grep the journal.
# note, i had --delete-excluded, but that deletes all files in --exclude-from on
# the remote site, which doesn't make sense, so not sure why i had it.
local p a
- p=(/a/opt/{emacs-debian10{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts})
+ p=(/a/opt/{emacs-debian11{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts})
a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
ret=0
for h in li je bk; do
m s rsync "$@" $a ${p[@]} /p/c/machine_specific/$h root@$h.b8.nz:/ || ret=$?
- # only li is debian10
+ # only li is debian11
p[0]=/a/opt/emacs-ubuntu20.04
p[1]=/a/opt/emacs-ubuntu20.04-nox
done
digdiff @ns{1,2}.iankelling.org "$@"
}
+tsr() { # ts run
+ "$@" |& ts || return $?
+}
dup() {
local ran_d
case $PS1 in
*[\ \]]D\ *)
pushd /
- /b/ds/distro-begin || return $?
- /b/ds/distro-end || return $?
+ /b/ds/distro-begin |& ts || return $?
+ /b/ds/distro-end |& ts || return $?
popd
ran_d=true
;;&
*[\ \]]DB\ *)
pushd /
- /b/ds/distro-begin || return $?
+ /b/ds/distro-begin |& ts || return $?
popd
ran_d=true
;;
*[\ \]]DE\ *)
pushd /
- /b/ds/distro-end || return $?
+ /b/ds/distro-end |& ts || return $?
popd
ran_d=true
;;&
local host ipsuf umask_orig
host=$1
ipsuf=$2
- mkdir -p /p/c/machine_specific/$host/filesystem/etc/{wireguard,network/interfaces.d}
+ mkdir -p /p/c/machine_specific/$host/filesystem/etc/wireguard
cd /p/c/machine_specific/$host/filesystem/etc/wireguard
umask_orig=$(umask)
umask 0077
- wg genkey | tee $host-priv.key | wg pubkey > $host-pub.key
+ wg genkey | tee hole-priv.key | wg pubkey > hole-pub.key
cat >wghole.conf <<EOF
[Interface]
# contents hole-priv.key
local l base
if [[ $1 == /* ]]; then
base=${1##*/}
- if mountpoint /mnt/$base; then
+ if mountpoint -q /mnt/$base; then
return 0
fi
- l=$(sudo losetup -f)
- sudo losetup $l $1
- if ! sudo cryptsetup luksOpen $l $base; then
- sudo losetup -d $l
- return 1
+ l=$(losetup -j $1 | sed -rn 's/^([^ ]+): .*/\1/p' | head -n1 ||:)
+ if [[ ! $l ]]; then
+ l=$(sudo losetup -f)
+ m sudo losetup $l $1
+ fi
+ if ! sudo cryptsetup status /dev/mapper/$base &>/dev/null; then
+ if ! sudo cryptsetup luksOpen $l $base; then
+ m sudo losetup -d $l
+ return 1
+ fi
fi
- sudo mkdir -p /mnt/$base
- sudo mount /dev/mapper/$base /mnt/$base
- sudo chown $USER:$USER /mnt/$base
+ m sudo mkdir -p /mnt/$base
+ m sudo mount /dev/mapper/$base /mnt/$base
+ m sudo chown $USER:$USER /mnt/$base
else
base=$1
- sudo umount /mnt/$base
- l=$(sudo cryptsetup status /dev/mapper/$base|sed -rn 's/^\s*device:\s*(.*)/\1/p')
- sudo cryptsetup luksClose /dev/mapper/$base || return 1
- sudo losetup -d $l
+ if mountpoint /mnt/$base &>/dev/null; then
+ m sudo umount /mnt/$base
+ fi
+ if sudo cryptsetup status /dev/mapper/$base &>/dev/null; then
+ if ! m sudo cryptsetup luksClose /dev/mapper/$base; then
+ echo lom: failed cryptsetup luksClose /dev/mapper/$base
+ return 1
+ fi
+ fi
+ l=$(losetup -l --noheadings | awk '$6 ~ /\/'$1'$/ {print $1}')
+ if [[ $l ]]; then
+ m sudo losetup -d $l
+ else
+ echo lom: warning: no loopback device found
+ fi
fi
}
otp() {
oathtool --totp -b "$*" | xclip -selection clipboard
}
+j() {
+ "$@" |& pee "xclip -r -selection clipboard"
+}
pakaraoke() {
# other tiling window managers in giving up on setting it at all
#
xprop -root -remove _NET_WORKAREA
- command pumpa &r
+ command pumpa & r
}
# reviewboard, used at my old job
# always run this first, edit the test files, then run the following
testsieve() {
sieve-filter ~/sieve/maintest.sieve ${1:-INBOX} delete 2> >(head; tail) >/tmp/testsieve.log && sed -rn '/^Performed actions:/,/^[^ ]/{/^ /p}' /tmp/testsieve.log | sort | uniq -c
- _dosieve
}
runsieve() {
c ~/sieve; cp personal{test,}.sieve; cp lists{test,}.sieve; cp personalend{test,}.sieve
sed -r '/^info: filtering:/{h;d};/^info: msgid=$/N;/^info: msgid=.*left message in mailbox [^ ]+$/d;/^info: msgid=/{H;g};/^info: message kept in source mailbox.$/d' /tmp/testsieve.log
}
+# usage:
+# alertme SUBJECT
+# printf "subject\nbody\n" | alertme
+alertme() {
+ if [[ -t 0 ]]; then
+ exim -t <<EOF
+From: alertme@b8.nz
+To: alerts@iankelling.org
+Subject: $*
+EOF
+ else
+ read sub
+ { cat <<EOF
+From: alertme@b8.nz
+To: alerts@iankelling.org
+Subject: $sub
+
+EOF
+ cat
+ } | exim -t
+ fi
+}
+daylertme() {
+ if [[ -t 0 ]]; then
+ exim -t <<EOF
+From: alertme@b8.nz
+To: daylerts@iankelling.org
+Subject: $*
+EOF
+ else
+ read sub
+ { cat <<EOF
+From: alertme@b8.nz
+To: daylerts@iankelling.org
+Subject: $sub
+
+EOF
+ cat
+ } | exim -t
+ fi
+}
+
+# alert when a page goes live. not urgent.
+alert200() {
+ url="$1"
+ tmpdir="$(mktemp -d)"
+ cd $tmpdir
+ while true; do
+ if torsocks wget -q "$url"; then
+ alertme $tmpdir
+ fi
+ sleep 600 + $(( RANDOM % 300 ))
+ done
+}
+
+
# mail related
testexim() {
# testmail above calls sendmail, which is a link to exim/postfix.
(sleep $(calc "$* * 60") && mpv --no-config --volume 50 /a/bin/data/alarm.mp3) > /dev/null 2>&1 &
}
-trg() { transmission-remote-gtk&r; }
+trg() { transmission-remote-gtk & r; }
trc() {
# example, set global upload limit to 100 kilobytes:
# trc -u 100
TR_AUTH=":$(jq -r .profiles[0].password ~/.config/transmission-remote-gtk/config.json)" transmission-remote transmission.lan -ne "$@"
}
+trysleep() {
+ retries="$1"
+ sleepsecs="$2"
+ shift 2
+ for (( i=0; i < retries - 1; i++ )); do
+ if "$@"; then
+ return 0
+ fi
+ sleep $sleepsecs
+ done
+ "$@"
+}
+
tu() {
local s
sdnbash() { # systemd namespace bash
local unit=$1
- m sudo nsenter -t $(systemctl status $unit | sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash
+ m sudo nsenter -t $(systemctl show --property MainPID --value $unit') -n -m sudo -u $USER -i bash
}
mailnnbash() {
- m sudo nsenter -t $(systemctl status mailnn| sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash
+ m sudo nsenter -t $(systemctl show --property MainPID --value mailnn') -n -m sudo -u $USER -i bash
}
+
mailvpnbash() {
m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash
}
}
spamnn() {
local spamdpid
- spamdpid=$(systemctl status spamassassin| sed -n '/^ *Main PID:/s/[^0-9]//gp')
+ spamdpid=$(systemctl show --property MainPID --value spamassassin)
m sudo nsenter -t $spamdpid -n -m sudo -u Debian-exim spamassassin "$@"
}
+unboundbash() {
+ m sudo nsenter -t $(systemctl status unbound| sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash
+}
mailnncheck() {
- local pid ns mailnn
- for p in mailnn mailvpn unbound dovecot spamassassin exim4 radicale; do
- pid=$(s systemctl status $p| sed -n '/^ *Main PID:/s/[^0-9]//gp')
+ local p pid ns mailnn
+ # mailvpn would belong on the list if using openvpn
+ for p in mailnn unbound dovecot spamassassin exim4 radicale; do
+ case $p in
+ exim4|radicale)
+ pid=$(ps -eo pid,cgroup | grep /system.slice/$p.service | awk '{print $1}')
+ ;;
+ *)
+ pid=$(s systemctl show --property MainPID --value $p)
+ ;;
+ esac
+ echo p=$p pid=$pid
if [[ ! $pid ]]; then
echo failed to find pid for $p
continue
m sudo -E env "PATH=$PATH" nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n -m "$@"
}
vpnf() {
- vpncmd sudo -E -u iank env "PATH=$PATH" abrowser -no-remote -P vpn &r
+ vpncmd sudo -E -u iank env "PATH=$PATH" abrowser -no-remote -P vpn & r
}
vpn2f() {
- vpncmd sudo -u iank env "PATH=$PATH" abrowser -no-remote -P vpn2 &r
+ vpncmd sudo -u iank env "PATH=$PATH" abrowser -no-remote -P vpn2 & r
}
vpni() {
sudo systemd-tty-ask-password-agent
}
+# systemctl is-enabled / status / cat says nothing, instead theres
+# some obscure symlink. paths copied from man systemd.unit.
+# possibly also usefull, but incomplete, doesnt show units not loaded in memory:
+# seru list-dependencies --reverse --all UNIT
+sysd-deps() {
+ local f
+ local -a dirs search
+ ngset
+
+ case $1 in
+ u)
+ search=(
+ ~/.config/systemd/user.control/*
+ $XDG_RUNTIME_DIR/systemd/user.control/*
+ $XDG_RUNTIME_DIR/systemd/transient/*
+ $XDG_RUNTIME_DIR/systemd/generator.early/*
+ ~/.config/systemd/user/*
+ /etc/systemd/user/*
+ $XDG_RUNTIME_DIR/systemd/user/*
+ /run/systemd/user/*
+ $XDG_RUNTIME_DIR/systemd/generator/*
+ ~/.local/share/systemd/user/*
+ /usr/lib/systemd/user/*
+ $XDG_RUNTIME_DIR/systemd/generator.late/*
+ )
+ ;;
+ *)
+ search=(
+ /etc/systemd/system.control/*
+ /run/systemd/system.control/*
+ /run/systemd/transient/*
+ /run/systemd/generator.early/*
+ /etc/systemd/system/*
+ /etc/systemd/systemd.attached/*
+ /run/systemd/system/*
+ /run/systemd/systemd.attached/*
+ /run/systemd/generator/*
+ /lib/systemd/system/*
+ /run/systemd/generator.late/*
+ )
+ ;;
+ esac
+ for f in "${search[@]}"; do
+ [[ -d $f ]] || continue
+ case $f in
+ *.requires|*.wants)
+ dirs+=("$f")
+ ;;
+ esac
+ done
+ # dirs is just so we write out the directory names, ls does it when there is 2 or more dirs.
+ case ${#dirs[@]} in
+ 1)
+ echo "${dirs[0]}:"
+ ll "${dirs[@]}"
+ ;;
+ 0) : ;;
+ *)
+ ll "${dirs[@]}"
+ ;;
+ esac
+ ngreset
+}
+
+fixvpndns() {
+ local link istls
+ read _ link _ istls < <(resolvectl dnsovertls tunfsf)
+ case $istls in
+ yes|no) : ;;
+ *) echo fixvpndns error: unexpected istls value: $istls >&2; return 1 ;;
+ esac
+ s busctl call org.freedesktop.resolve1 /org/freedesktop/resolve1 org.freedesktop.resolve1.Manager SetLinkDNSOverTLS is $link no
+}
+
vpnoff() {
[[ $1 ]] || { echo need arg; return 1; }
if [[ -e /lib/systemd/system/openvpn-client@.service ]]; then
sudo systemctl stop $vpn_service@$1
}
vpnoffc() { # vpn off client
- ser stop openvpn-nn@client
+ ser stop openvpn-client-tr@client
}
vpnc() {
- ser start openvpn-nn@client
+ ser start openvpn-client-tr@client
}