X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;ds=sidebyside;f=brc2;h=f9acadade2fb7414038b7efb6fbc797a539992b9;hb=ca61084446e48fb0703ce2a203c1bd18ceaf4dfb;hp=9e2b5483c5a5ae229ca6fcf992b46085ae38c5bc;hpb=c91604aff2ce49bd4ce9b429b9e738286a319923;p=distro-setup diff --git a/brc2 b/brc2 index 9e2b548..f9acada 100644 --- a/brc2 +++ b/brc2 @@ -29,9 +29,29 @@ if [[ $LESSHISTFILE == - ]]; then HISTFILE= c() { cd "$@"; } elif [[ $HISTFILE ]]; then - HISTFILE=$HOME/.bh + # use an alternate history file when we are streaming. + if [[ -e $HOME/.iank-stream-on ]]; then + HISTFILE=/a/bin/data/stream_hist + else + HISTFILE=$HOME/.bh + fi fi +# history personal +hip() { + history -c + HISTFILE=$HOME/.bh + history -r +} + +# history for streaming +his() { + history -c + HISTFILE=/a/bin/data/stream_hist + history -r +} + + source /a/bin/distro-setup/path-add-function path-add /a/exe # add this with absolute paths as needed for better security @@ -83,15 +103,6 @@ else export NOT_MAIL_HOST_P=t fi - -source /a/bin/log-quiet/logq-function - -# not used -# if [[ -s /a/opt/alacritty/extra/completions/alacritty.bash ]]; then -# source /a/opt/alacritty/extra/completions/alacritty.bash -# fi - - source /a/bin/ds/beet-data @@ -181,7 +192,7 @@ slemacs() { sle() { # sl emacs local f=/home/iank/.emacs.d/init.el - sl --sl-test-cmd ". /etc/os-release ; printf %s \${VERSION//[^a-zA-Z0-9]/}; test -e $f && stat -c%Y $f" --sl-test-hook slemacs "$@" + sl --sl-test-cmd "sed -rn '/^VERSION=/{s/^.*=//;s/[^[:alnum:]]//gp}' /etc/os-release; test -e $f && stat -c%Y $f" --sl-test-hook slemacs "$@" } ccomp ssh sle @@ -338,38 +349,45 @@ tback() { # s sshfs bu@$host:/bu/home/md /bu/mnt -o reconnect,ServerAliveInterval=20,ServerAliveCountMax=30 -o allow_other edelayoff() { - echo all >/etc/exim4/no-delay-eximids + echo all >/var/spool/exim4/gw/.no-delay-eximids + if [[ $EUID == 0 ]]; then + chown iank:iank /var/spool/exim4/gw/.no-delay-eximids + fi } edelayon() { - echo >/etc/exim4/no-delay-eximids + echo >/var/spool/exim4/gw/.no-delay-eximids + if [[ $EUID == 0 ]]; then + chown iank:iank /var/spool/exim4/gw/.no-delay-eximids + fi } eqgo() { local -a array tmpstr delayon delayon=true - if grep -qFx all /etc/exim4/no-delay-eximids; then + if grep -qFx all /var/spool/exim4/gw/.no-delay-eximids; then delayon=false fi if $delayon; then - echo all >/etc/exim4/no-delay-eximids + echo all >/var/spool/exim4/gw/.no-delay-eximids fi tmpstr=$(exiqgrep -i -r.\*) mapfile -t array <<<"$tmpstr" enn -M "${array[@]}" if $delayon; then - echo >/etc/exim4/no-delay-eximids + echo >/var/spool/exim4/gw/.no-delay-eximids fi } eqgo1() { local eid eid="$(exipick -i -r.\*|h1)" - sed -n "/^all$/p;\$a $eid" /etc/exim4/no-delay-eximids + sed -n "/^all$/p;\$a $eid" /var/spool/exim4/gw/.no-delay-eximids enn -M "$eid" } +# exim -M (in namespace and without delay) ennm() { local eid for eid; do - printf "%s\n" "$eid" >>/etc/exim4/no-delay-eximids + printf "%s\n" "$eid" >>/var/spool/exim4/gw/.no-delay-eximids done enn -M "$@" } @@ -450,7 +468,7 @@ ralerts() { # remote alerts ap() { # pushd in case current directory has an ansible.cfg file pushd /a/xans >/dev/null - ansible-playbook -v -l ${1:- $(hostname -f)} site.yml + ansible-playbook -v -i ${1:- $(hostname -f)}, site.yml popd >/dev/null } aw() { @@ -843,7 +861,7 @@ mpvrpc-loadfile() { # todo: enter should also unpause beetag() { local last_genre_i fstring tag id char new_item char_i genre tag remove doplay i j random path - local do_rare_genres read_wait help line lsout tmp ls_line skip_lookback + local do_rare_genres read_wait line lsout tmp ls_line skip_lookback local escape_char escaped_input expected_input skip_input_regex right_pad erasable_line seek_sec local pl_state_path pl_state_dir pl_state_file tmpstr local new_random pl_seed_path seed_num seed_file fmt first_play repeat1 @@ -908,7 +926,7 @@ beetag() { else pl_state_file=sorted fi - pl_state_dir=/i/info/pl-state + pl_state_dir=/b/data/pl-state if [[ $playlist ]]; then pl_state_dir=$pl_state_dir/$playlist else @@ -1513,7 +1531,6 @@ btrbk-host-debug() { # $ dig ns1.gnu.org @b0.org.afilias-nst.org. -# todo: make sm pull/push use systemd instead of the journal cat command bbk() { # btrbk wrapper local ret=0 c / @@ -1692,11 +1709,9 @@ jdo() { if [[ $cmd != /* ]]; then cmd=$(type -P "$cmd") fi + #note date format for since is date '+%F %T' # -q = quiet - journalctl -qn2 -f -u "$cmd_name" & - # Trial and error of time needed to avoid missing initial lines. - # .5 was not reliable. 1 was not reliable. 2 was not reliable - sleep 4 + journalctl --since=now -qn2 -f -u "$cmd_name" & jr_pid=$! # note, we could have a version that does system --user, but if for example # it does sudo ssh, that will leave a process around that we can't kill @@ -1761,7 +1776,13 @@ lipush() { local p a # excluding emacs for now #p=(/a/opt/{emacs-debian11{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) - p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts} /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter /a/opt/fpaste) + p=( + /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts} + /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter + /a/opt/fpaste + /p/c/user-specific/www-data/icecast-fsf{,-tech}-htpasswd + /p/c/icecast.xml + ) a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes" ret=0 for h in li je bk; do @@ -1792,21 +1813,13 @@ bindpush() { dsign iankelling.org expertpathologyreview.com zroe.org amnimal.ninja lipush for h in li bk; do - e sshing $h - ssh $h.b8.nz <<'EOF' -source ~/.bashrc -m dnsup -EOF + m ssh iank@$h.b8.nz dnsup done } bindpushb8() { lipush for h in li bk; do - e sshing $h - ssh $h.b8.nz <<'EOF' -source ~/.bashrc -m dnsb8 -EOF + m ssh $h.b8.nz dnsb8 done } @@ -1817,8 +1830,18 @@ dnsup() { dnsb8() { local f=/var/lib/bind/db.b8.nz m ser stop named - m sleep 1 - m sudo rm -fv $f.jnl $f.signed.jnl + # jbk is like a temp file. dunno if removing it helps + + i=0 + while pgrep '^named$' &>/dev/null; do + sleep .5 + i=$(( i + 1 )) + if (( i > 100 )); then + echo "dnsb8: error: timeout waiting for named to exit" + return 1 + fi + done + m sudo rm -fv $f.jnl $f.signed.jnl $f.jbk m sudo install -m 644 -o bind -g bind /p/c/machine_specific/vps/bind-initial/db.b8.nz $f m ser restart named } @@ -1862,7 +1885,13 @@ dsign() { # set day start for use in other programs. # expected to do be in a format like 830, or 800 or 1300. ds() { + local regex + regex='[0-9]?[0-9]?[0-9][0-9]' if [[ $1 ]]; then + if [[ ! $1 =~ $regex ]]; then + echo "ds: error. expected \$1 to match $regex, got \$1: $1" + return 1 + fi echo $1 >/b/data/daystart else cat /b/data/daystart @@ -1908,68 +1937,12 @@ satoshi() { # $1 satoshi in usd # 2023). However, in 2024-02, I ran a backup where a receiving machine # had the wallet enabled and there was no error, so I don't know if this # is still an issue or likely it is an inconsistent behavior. +# Note: a pruned node won't allow for a wallet to be added, super lame +# so i'm just not running a bitcoin node for now. +# Error: Prune: last wallet synchronisation goes beyond pruned data. You +# need to -reindex (download the whole blockchain again in case of +# pruned node) # -# As a workaround, this function is for enabling the wallet when I want -# to use it and leave it disabled otherwise. -walleton() { - local active - active=false - no_on=true - if [[ ! $(readlink -f /var/lib/bitcoind/wallets) == /q/wallets ]]; then - if systemctl --quiet is-active bitcoind; then - if [[ -e /tmp/no-bitcoinon ]]; then - no_on=true - else - if [[ $EUID == 0 ]]; then - m install -T -o iank -g iank /dev/null /tmp/no-bitcoinon - else - m touch /tmp/no-bitcoinon - fi - fi - active=true - m ser stop bitcoind - fi - m s ln -s /q/wallets /var/lib/bitcoind - sudo chown -h bitcoin:bitcoin /var/lib/bitcoind/wallets - if $active; then - m ser start bitcoind - if ! $no_on; then - m rm /tmp/no-bitcoinon - fi - fi - fi -} -walletoff() { - local active - active=false - no_on=true - if [[ $(readlink -f /var/lib/bitcoind/wallets) == /q/wallets ]]; then - if systemctl --quiet is-active bitcoind; then - if [[ -e /tmp/no-bitcoinon ]]; then - no_on=true - else - if [[ $EUID == 0 ]]; then - m install -T -o iank -g iank /dev/null /tmp/no-bitcoinon - else - m touch /tmp/no-bitcoinon - fi - fi - active=true - m ser stop bitcoind - else - echo note: bitcoind not active - fi - m rm /var/lib/bitcoind/wallets - if $active; then - # note, starting bitcoin always fails, but it actually - # succeeds. But this is strangely not consistent. - m ser start bitcoind - if ! $no_on; then - m rm /tmp/no-bitcoinon - fi - fi - fi -} #### end bitcoin related things @@ -2005,8 +1978,8 @@ apache-header() { # https://www.gnu.org/licenses/license-recommendations.en.html. They # recommend that small programs, < 300 lines, be licensed under the # Apache License 2.0. This file contains or is part of one or more small -# programs. If a small program grows beyond 300 lines, I plan to switch -# its license to GPL. +# programs. If a small program grows beyond 300 lines, I plan to change +# to a recommended GPL license. # Copyright 2024 Ian Kelling @@ -2040,7 +2013,11 @@ apache-apply-repo() { apache-apply() { for file; do - if head -n1 "$file"| grep -E '^#!/bin/bash\b' &>/dev/null; then + if [[ ! -e $file ]]; then + echo '#!/bin/bash' >$file + chmod +x $file + fi + if head -n1 "$file"| grep -E '^#!/' &>/dev/null; then { head -n1 "$file" apache-header @@ -2160,7 +2137,7 @@ fastboot() { kdecd() { /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd; } -bat() { +batp() { cat /sys/class/power_supply/BAT0/capacity } @@ -2347,8 +2324,8 @@ rename-test() { # test whether missing files were renamed, generally for use with fsdiff # $1 = fsdiff output file, $2 = directory to compare to. pwd = fsdiff dir # echos non-renamed files - local x y found - unset sums + local x line found renamed + local -a sums for x in "$2"/*; do { sums+=( "$(md5sum < "$x")" ) ; } 2>/dev/null done @@ -2400,8 +2377,8 @@ gup() { /a/f/gnulib/build-aux/gnupload "$@"; } dejagnu() { /a/opt/dejagnu/dejagnu "$@"; } +# do git status on published repos. hstatus() { - # do git status on published repos. c /a/bin/githtml for x in *; do cd "$(readlink -f $x)"/.. @@ -2415,6 +2392,16 @@ hstatus() { done } +hsk() { + local x + c /a/bin/githtml + for x in *; do + cd "$(readlink -f $x)"/.. + skgit + cd /a/bin/githtml + done +} + ## work log # # note: database location is specified in ~/.timetrap.yml, currently /p/.timetrap.db @@ -2572,10 +2559,13 @@ ilog-local() { done } ilog() { - local chan + local chan tmpf + tmpf=$(mktemp) chan="${1:-#fsfsys}" # use * instead of -r since that does sorted order - sl root@iankelling.org ilog-local "$chan" | less +G + sl root@li.b8.nz ilog-local "$chan" > $tmpf + less +G $tmpf + rm -f $tmpf } o() { @@ -2630,9 +2620,30 @@ wgkey() { umask $umask_orig } +host-info-all() { + host-info-update + + bindpushb8 + # for wireguard configs + ssh iank@li.b8.nz conflink + wrt-setup +} + + + + + +## for updating host info like ip, location, update /p/c/host-info and +## host_info below. the host_info array should probably be in its own +## file that gets sourced so that it can be more easily updated. + +# todo: this is so long that it becomes confusing, +# try to split it up. +# +# To make some changes take effect, run host-info-all. host-info-update() { - local -A vpn_ips host_ips host_macs nonvpn_ips + local -A vpn_ips host_ips host_macs portfw_ips nonvpn_ips all_ips local -a root_hosts nonroot_hosts # the hosts with no mac @@ -2644,41 +2655,113 @@ host-info-update() { while read -r ip host mac opts; do if [[ $ip == *#* || ! $host ]]; then continue; fi - if [[ $opts == vpn ]]; then + + # opt parsing + vpn=false + root=false + for opt in $opts; do + case $opt in + user=root) + root=true + ;; + vpn) + vpn=true + ;; + esac + done + + all_ips[$host]=$ip + if $vpn; then + portfw_ips[$host]=$ip vpn_ips[$host]=$ip else nonvpn_ips[$host]=$ip fi - - - if [[ $opts == user=root ]]; then - root_hosts+=($host i$host) + if $root; then + # note: the reason we have b8.nz suffix here but not for non_root + # hosts is that it is for the User part, the IdentityFile part is + # redundant to *.b8.nz. Also note ${host}i, we only setup those for vpn hosts, but there is no harm in overspecifying here. + root_hosts+=($host ${host}i $host.b8.nz ${host}i.b8.nz) + # shellcheck disable=SC2004 # false positive + root_hosts_a[$host]=t # a for associative array else - nonroot_hosts+=($host i$host) + nonroot_hosts+=($host ${host}i) fi - host_ips[$host]=$ip - host_macs[$host]=$mac + if [[ $mac ]]; then + host_macs[$host]=$mac + fi + done
/p/c/cmc-firewall-data - grep -E '^[a-z0-9]+[[:space:]]' /p/c/machine_specific/vps/bind-initial/db.b8.nz | awk '{print $1,$3}' local host ipsuf f files + # shellcheck disable=SC2016 # shellcheck doesnt know this is sed sedi '/edits below here are made automatically/,$d' /p/c/machine_specific/li/filesystem/etc/wireguard/wgmail.conf for host in ${!vpn_ips[@]}; do + if [[ ${root_hosts_a[$host]} ]]; then + # root machines dont actually need vpn, but + # the classification still helps with other + # configurations. + continue + fi ipsuf=${vpn_ips[$host]} wghole $host $ipsuf + u /b/ds/machine_specific/li/filesystem/etc/openvpn/client-config-hole/$host <