X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;ds=inline;f=brc2;h=7b98ad9a991dfcaa84f398f1265045a7b963f097;hb=ce4cacd36c5b5babeea85d0f93771017e6169180;hp=7d94df1fc12e1011bc08fe6adaf3078fbad89a78;hpb=774fe9ab8c8d5c71614feda5a283b4a91fb3f145;p=distro-setup diff --git a/brc2 b/brc2 index 7d94df1..7b98ad9 100644 --- a/brc2 +++ b/brc2 @@ -148,6 +148,13 @@ rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel8-n EOF } +rm-docker-iptables() { + s iptables -S | gr docker | gr -- -A | sed 's/-A/-D/'| while read -r l; do sudo iptables $l; done + s iptables -S -t nat | gr docker | gr -- -A | sed 's/-A/-D/'| while read -r l; do sudo iptables -t nat $l; done + s iptables -S | gr docker | gr -- -N | sed 's/-N/-X/'| while read -r l; do sudo iptables $l; done + s iptables -S -t nat | gr docker | gr -- -N | sed 's/-N/-X/'| while read -r l; do sudo iptables -t nat $l; done +} + # usage mkschroot [-] distro codename packages # - means no piping in of sources.list mkschroot() { @@ -388,11 +395,15 @@ bbk() { # btrbk wrapper if $active; then ser stop btrbk.timer fi - if [[ $(systemctl is-active btrbk.service ||:) != inactive ]]; then - echo "cron btrbk is already running" - if $active; then ser start btrbk.timer; fi - return 1 - fi + btrbk_is_active=$(systemctl is-active btrbk.service ||:) + case $btrbk_is_active in + inactive|failed) : ;; + *) + echo "bbk: error: systemctl is-active btrbk.service output: $btrbk_is_active" + if $active; then ser start btrbk.timer; fi + return 1 + ;; + esac # run latest install-my-scripts # todo: consider changing this to srun and having the args come @@ -1155,26 +1166,35 @@ mns() { # mount namespace m sudo -E /usr/bin/nsenter --mount=/root/mount_namespaces/$ns "$@" } +mnsr() { # mns run + local ns=$1 + shift + mns $ns sudo -u iank -E env "PATH=$PATH" "$@" +} + mnsnonet() { ns=$1 if ! s ip netns list | grep -Fx nonet &>/dev/null; then s ip netns add nonet fi mns $ns --net=/var/run/netns/nonet sudo -E -u iank /bin/bash + lomh } lom() { + # l = the loopback device local l base if [[ $1 == /* ]]; then base=${1##*/} + fs_file=$1 if mns $base mountpoint -q /mnt/$base; then return 0 fi - l=$(losetup -j $1 | sed -rn 's/^([^ ]+): .*/\1/p' | head -n1 ||:) + l=$(losetup -j $fs_file | sed -rn 's/^([^ ]+): .*/\1/p' | head -n1 ||:) if [[ ! $l ]]; then l=$(sudo losetup -f) - m sudo losetup $l $1 + m sudo losetup $l $fs_file fi if ! sudo cryptsetup status /dev/mapper/$base &>/dev/null; then if ! sudo cryptsetup luksOpen $l $base; then @@ -1185,6 +1205,7 @@ lom() { m sudo mkdir -p /mnt/$base m mns $base mount /dev/mapper/$base /mnt/$base m mns $base chown $USER:$USER /mnt/$base + lomh else base=$1 if mns $base mountpoint /mnt/$base &>/dev/null; then @@ -1196,7 +1217,7 @@ lom() { return 1 fi fi - l=$(losetup -l --noheadings | awk '$6 ~ /\/'$1'$/ {print $1}') + l=$(losetup -l --noheadings | awk '$6 ~ /\/'$base'$/ {print $1}') if [[ $l ]]; then m sudo losetup -d $l else @@ -1267,6 +1288,16 @@ mbdisable() { mv -T $src $dst set +x } +mb2disable() { + local mb=$1 + dst=/m/md/$mb + src=/m/4e2/$mb + set -x + [[ -e $src ]] || { set +x; return 1; } + if [[ -L $dst ]]; then rm $dst; fi + mv -T $src $dst + set +x +} mdt() { @@ -1572,10 +1603,6 @@ spd() { PATH=/usr/local/spdhackfix:$PATH command spd "$@" } -spend() { - sudo systemctl suspend -} - spamf() { # spamtest on FILE local spamcpre spamdpid @@ -1675,6 +1702,46 @@ alert200() { done } +# alert on changes to a webpage (just the base page that curl gets) +# usage: weblert URL [SUBJECT...] +weblert() { + local u old new quiet + quiet=false + case $1 in + # dont send a diff of the html. some html is not very readable + -q) quiet=true + shift + ;; + esac + u="$1" + shift + subject="${*:-weblert}" + old=$(curl -s "$u") ||: + while true; do + new=$(curl -s "$u") ||: + if [[ $old && $new ]]; then + if [[ $new != "$old" ]]; then + if $quiet; then + echo | daylertme "$subject" + else + diff <(printf "%s\n" "$old") <(printf "%s\n" "$new") | daylertme "$subject" ||: + fi + fi + old="$new" + fi + sleep $(( 60 + RANDOM % 120 )) + done +} + +torshell() { + # per man torsocks + source `type -p torsocks` on +} + +eless2() { + less /var/log/exim4/mymain +} + # mail related testexim() { @@ -1768,18 +1835,52 @@ enn() { m s nsenter -t $pid -n -m $ecmd "$@" } +# get pid of systemd service +servicepid() { + local pid unit + unit="$1" + pid=$(systemctl show --property MainPID --value "$unit") + case $pid in + [1-9]*) : ;; + *) + # 0 or empty. This file includes the MainPid, so I expect we + # could just get this in the first place, but i don't know if that + # is always the case. + pid=$(head -n1 /sys/fs/cgroup/systemd/system.slice/${unit%.service}.service/cgroup.procs) + ;; + esac + if [[ $pid ]]; then + printf "%s\n" "$pid" + else + return 1 + fi +} + sdnbash() { # systemd namespace bash - local unit=$1 - m sudo nsenter -t $(systemctl show --property MainPID --value $unit) -n -m sudo -u $USER -i bash + local unit pid + unit=$1 + pid=$(servicepid $unit) + m sudo nsenter -t $pid -n -m sudo -u $USER -i bash } -mailnnbash() { - m sudo nsenter -t $(systemctl show --property MainPID --value mailnn) -n -m sudo -u $USER -i bash +sdncmd() { # systemd namespace cmd + local unit pid + unit=$1 + shift + pid=$(servicepid $unit) + m sudo nsenter -t $pid -n -m sudo -u $USER -i "$@" } -mailvpnbash() { - m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash + +mailnnbash() { + sdnbash mailnn } + +# we use wireguard now, use mailnnbash. +# mailvpnbash() { +# m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash +# } + eximbash() { local pid pid=$(pgrep -f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1) @@ -1798,16 +1899,24 @@ unboundbash() { m sudo nsenter -t $(systemctl status unbound| sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash } +nmtc() { + s nmtui-connect "$@" +} + mailnncheck() { local p pid ns mailnn # mailvpn would belong on the list if using openvpn for p in mailnn unbound dovecot spamassassin exim4 radicale; do - case $p in - exim4|radicale) - pid=$(ps -eo pid,cgroup | grep /system.slice/$p.service | awk '{print $1}') - ;; + + + pid=$(systemctl show --property MainPID --value $unit) + case $pid in + [1-9]*) : ;; *) - pid=$(s systemctl show --property MainPID --value $p) + # 0 or empty. This file includes the MainPid, so I expect we + # could just get this in the first place, but i don't know if + # that is always the case. + pid=$(head -n1 /sys/fs/cgroup/systemd/system.slice/${unit%.service}.service/cgroup.procs) ;; esac echo p=$p pid=$pid @@ -1835,11 +1944,6 @@ vpncmd() { m sudo -E env "PATH=$PATH" nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n "$@" } -vpn2f() { - sudo -v - vpncmd sudo -u iank env "PATH=$PATH" abrowser -no-remote -P vpn2 & r -} - vpni() { vpncmd sudo -u iank env "PATH=$PATH" "$@" } @@ -2062,6 +2166,7 @@ if [[ "$SUDOD" ]]; then unset SUDOD elif [[ -d /a ]] && [[ $PWD == "$HOME" ]] && [[ $- == *i* ]]; then cd /a + OLDPWD= fi @@ -2105,7 +2210,9 @@ path-add --end $HOME/.cargo/bin if type -P rg &>/dev/null; then # --no-messages because of annoying errors on broken symlinks - rg() { command rg --no-messages -L -i -M 300 --no-ignore "$@" || return $?; } + # -z = search .gz etc files + # -. = search dotfilesq + rg() { command rg -. -z --no-messages -L -i -M 900 --no-ignore "$@" || return $?; } #fails if not exist. ignore complete -r rg 2>/dev/null ||: else