X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=brc2;h=fdb2c060e6de9a0742e667d585f768be98b9001b;hb=602a1874cc11a7d371890cdae4c0dc982267ea89;hp=af437b337aadb2cbbd1da504d237f4427fea8f87;hpb=7d9ec600a5ed9f88b85e02a27ee017b85721a6ac;p=distro-setup diff --git a/brc2 b/brc2 index af437b3..fdb2c06 100644 --- a/brc2 +++ b/brc2 @@ -6,12 +6,16 @@ # * settings -HISTFILE=$HOME/.bh +if [[ $HISTFILE ]]; then + HISTFILE=$HOME/.bh +fi source /a/bin/distro-setup/path-add-function path-add /a/exe # add this with absolute paths as needed for better security #path-add --end /path/to/node_modules/.bin +## for yarn, etc +#path-add --end /usr/lib/node_modules/corepack/shims/ # pip3 --user things go here: path-add --end ~/.local/bin @@ -19,6 +23,15 @@ path-add --ifexists --end /a/work/libremanage path-add --ifexists --end /a/opt/adt-bundle*/tools /a/opt/adt-bundle*/platform-tools path-add --ifexists --end /a/opt/scancode-toolkit-3.10. +case $HOSTNAME in + sy|bo) + # https://askubuntu.com/questions/1254544/vlc-crashes-when-opening-any-file-ubuntu-20-04 + if grep -qE '^VERSION_CODENAME="(nabia|focal)"' /etc/os-release &>/dev/null; then + export MESA_LOADER_DRIVER_OVERRIDE=i965 + fi + ;; +esac + export WCDHOME=/a @@ -35,7 +48,6 @@ esac # generated instead of dynamic for the benefit of shellcheck #for x in /a/bin/distro-functions/src/* /a/bin/!(githtml)/*-function?(s); do echo source $x ; done source /a/bin/distro-functions/src/identify-distros -source /a/bin/distro-functions/src/package-manager-abstractions source /a/bin/log-quiet/logq-function # for x in /a/bin/bash_unpublished/source-!(.#*); do echo source $x; done source /a/bin/bash_unpublished/source-semi-priv @@ -49,6 +61,34 @@ fi # * functions +multimic() { + local i + local -a sources + + m pactl unload-module module-loopback + m pactl unload-module module-null-sink + m pactl unload-module module-remap-source + + sources=($(pacmd list-sources | sed -rn 's/.*name: <([^>]+).*/\1/p')) + + if (( ! $# )); then + i=0 + for s in ${sources[@]}; do + e $i $s + i=$(( i+1 )) + done + read -r l + set -- $l + fi + m pactl load-module module-null-sink sink_name=ianinput sink_properties=device.description=ianinputs + for i; do + m pactl load-module module-loopback source=${sources[i]} sink_dont_move=true sink=ianinput + done + pactl load-module module-remap-source source_name=iancombine master=ianinput.monitor source_properties=device.description=iancombine +} + +# h ssh test +# For testing restrictive ssh. hstest() { install-my-scripts d=$(mktemp -d) @@ -56,13 +96,20 @@ hstest() { s command ssh -F $d/config -i /q/root/h "$@" } -hrtest() { +# h rsync test +# For testing restrictive rsync +hrtest() { # install-my-scripts d=$(mktemp -d) sed '/^ *IdentityFile/d' ~/.ssh/config >$d/config s rsync -e "ssh -F $d/config -i /q/root/h" "$@" } +# rsync as root and avoid the default restrictive h key & config. +rootrsync() { + s rsync -e "ssh -F /root/.ssh/confighome" "$@" +} + slemacs() { local arg rtime v @@ -110,6 +157,13 @@ rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel8-n EOF } +rm-docker-iptables() { + s iptables -S | gr docker | gr -- -A | sed 's/-A/-D/'| while read -r l; do sudo iptables $l; done + s iptables -S -t nat | gr docker | gr -- -A | sed 's/-A/-D/'| while read -r l; do sudo iptables -t nat $l; done + s iptables -S | gr docker | gr -- -N | sed 's/-N/-X/'| while read -r l; do sudo iptables $l; done + s iptables -S -t nat | gr docker | gr -- -N | sed 's/-N/-X/'| while read -r l; do sudo iptables -t nat $l; done +} + # usage mkschroot [-] distro codename packages # - means no piping in of sources.list mkschroot() { @@ -170,8 +224,10 @@ EOF fi sudo chroot $d apt-get update sudo DEBIAN_FRONTEND=noninteractive chroot $d apt-get -y dist-upgrade --purge --auto-remove - sudo DEBIAN_FRONTEND=noninteractive schroot -c $n -- apt-get install --allow-unauthenticated -y ${apps[@]} sudo cp -P {,$d}/etc/localtime + if (( ${#apps[@]} )); then + sudo DEBIAN_FRONTEND=noninteractive schroot -c $n -- apt-get install --allow-unauthenticated -y ${apps[@]} + fi } @@ -217,10 +273,10 @@ tback() { # s sshfs bu@$host:/bu/home/md /bu/mnt -o reconnect,ServerAliveInterval=20,ServerAliveCountMax=30 -o allow_other eqgo() { - enn -M $(exiqgrep -i) + enn -M $(exiqgrep -i -r.\*) } eqgo1() { - enn -M $(exiqgrep -i|h1) + enn -M $(exipick -i -r.\*|h1) } @@ -283,6 +339,26 @@ aclear() { system-status _ } +alerts() { + find /var/local/cron-errors /home/iank/cron-errors /sysd-mail-once-state -type f +} +ralerts() { # remote alerts + local ret shell + # this list is duplicated in check-remote-mailqs + for h in bk je li frodo kwwg x3wg x2wg kdwg sywg; do + echo $h: + shell="ssh $h" + if [[ $HOSTNAME == "${h%wg}" ]]; then + shell= + fi + ret=0 + $shell find /var/local/cron-errors /home/iank/cron-errors /sysd-mail-once-state -type f || ret=$? + if (( ret )); then + echo ret:$ret + fi + done +} + ap() { # pushd in case current directory has an ansible.cfg file pushd /a/xans >/dev/null @@ -328,11 +404,15 @@ bbk() { # btrbk wrapper if $active; then ser stop btrbk.timer fi - if [[ $(systemctl is-active btrbk.service ||:) != inactive ]]; then - echo "cron btrbk is already running" - if $active; then ser start btrbk.timer; fi - return 1 - fi + btrbk_is_active=$(systemctl is-active btrbk.service ||:) + case $btrbk_is_active in + inactive|failed) : ;; + *) + echo "bbk: error: systemctl is-active btrbk.service output: $btrbk_is_active" + if $active; then ser start btrbk.timer; fi + return 1 + ;; + esac # run latest install-my-scripts # todo: consider changing this to srun and having the args come @@ -360,6 +440,22 @@ bigclock() { nnn() { /a/opt/nnn -H "$@"; } +locat() { # log-once cat + local files + ngset + files=(/var/local/cron-errors/* /home/iank/cron-errors/* /sysd-mail-once-state/*) + case ${#files[@]} in + 0) : ;; + 1) + echo ${files[0]} + head ${files[0]} + ;; + *) + head ${files[@]} + ;; + esac + ngreset +} # duplicated somewhat below. jrun() { # journal run. run args, log to journal, tail and grep the journal. @@ -427,14 +523,16 @@ lipush() { # note, i had --delete-excluded, but that deletes all files in --exclude-from on # the remote site, which doesn't make sense, so not sure why i had it. local p a - p=(/a/opt/{emacs-debian10{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) + # excluding emacs for now + #p=(/a/opt/{emacs-debian11{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) + p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes" ret=0 for h in li je bk; do - m s rsync "$@" $a ${p[@]} /p/c/machine_specific/$h root@$h.b8.nz:/ || ret=$? - # only li is debian10 - p[0]=/a/opt/emacs-ubuntu20.04 - p[1]=/a/opt/emacs-ubuntu20.04-nox + m s rsync "$@" $a ${p[@]} /p/c/machine_specific/$h root@$h.b8.nz:/ + ## only li is debian11 + #p[0]=/a/opt/emacs-trisuqel10 + #p[1]=/a/opt/emacs-trisquel10-nox done m s rsync "$@" -ahviSAXPH root@li.b8.nz:/a/h/proposed-comments/ /a/h/proposed-comments || ret=$? return $ret @@ -465,27 +563,26 @@ EOF done } bindpushb8() { - dsign iankelling.org expertpathologyreview.com zroe.org amnimal.ninja lipush for h in li bk; do m sl $h <<'EOF' source ~/.bashrc -m dnsup m dnsb8 EOF done } dnsup() { - conflink - m ser reload bind9 + conflink -f + m ser reload named } dnsb8() { local f=/var/lib/bind/db.b8.nz - ser stop bind9 - sudo rm -fv $f.jnl - sudo install -m 644 -o bind -g bind /p/c/machine_specific/vps/bind-initial/db.b8.nz $f - ser restart bind9 + m ser stop named + m sleep 1 + m sudo rm -fv $f.jnl $f.signed.jnl + m sudo install -m 644 -o bind -g bind /p/c/machine_specific/vps/bind-initial/db.b8.nz $f + m ser restart named } dnsecgen() { # keys generated like this @@ -631,6 +728,9 @@ digme() { digdiff @ns{1,2}.iankelling.org "$@" } +tsr() { # ts run + "$@" |& ts || return $? +} dup() { local ran_d @@ -639,20 +739,20 @@ dup() { case $PS1 in *[\ \]]D\ *) pushd / - /b/ds/distro-begin || return $? - /b/ds/distro-end || return $? + /b/ds/distro-begin |& ts || return $? + /b/ds/distro-end |& ts || return $? popd ran_d=true ;;& *[\ \]]DB\ *) pushd / - /b/ds/distro-begin || return $? + /b/ds/distro-begin |& ts || return $? popd ran_d=true ;; *[\ \]]DE\ *) pushd / - /b/ds/distro-end || return $? + /b/ds/distro-end |& ts || return $? popd ran_d=true ;;& @@ -684,6 +784,10 @@ fastboot() { kdecd() { /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd; } +bat() { + cat /sys/class/power_supply/BAT0/capacity +} + # List of apps to install/update # Create from existing manually installed apps by doing # fdroidcl update @@ -932,10 +1036,9 @@ hstatus() { # work log wlog() { local day now i - now=$(date +%s) for (( i=0; i<60; i++ )); do - day=$( date +%F -d @$((now - 86400*i )) ) - date "+%a %b %d" -d @$((now - 86400*i )) | tr '\n' ' ' + day=$( date +%F -d @$((EPOCHSECONDS - 86400*i )) ) + date "+%a %b %d" -d @$((EPOCHSECONDS - 86400*i )) | tr '\n' ' ' /a/opt/timetrap/bin/t d -ftotal -s $day -e $day all -m '^w|lunch$' done } @@ -993,9 +1096,11 @@ jrf() { journalctl -n 200 -f "$@" ; } ccomp journalctl jtail jr jrf -kff() { # keyboardio firmware flash - pushd /a/bin/distro-setup/Arduino/Model01-Firmware - yes $'\n' | make flash +kff() { # keyboardio firmware flash. you must hold down the tilde key + pushd /a/opt/Model01-Firmware + # if we didn't want this yes hack, then remove "shell read" from + # /a/opt/Kaleidoscope/etc/makefiles/sketch.mk + yes $'\n' | VERBOSE=1 make flash popd } @@ -1019,11 +1124,11 @@ wghole() { local host ipsuf umask_orig host=$1 ipsuf=$2 - mkdir -p /p/c/machine_specific/$host/filesystem/etc/{wireguard,network/interfaces.d} + mkdir -p /p/c/machine_specific/$host/filesystem/etc/wireguard cd /p/c/machine_specific/$host/filesystem/etc/wireguard umask_orig=$(umask) umask 0077 - wg genkey | tee $host-priv.key | wg pubkey > $host-pub.key + wg genkey | tee hole-priv.key | wg pubkey > hole-pub.key cat >wghole.conf </dev/null; then + m sudo mount --bind /root/mount_namespaces /root/mount_namespaces + fi + m sudo mount --make-private /root/mount_namespaces + if [[ ! -e /root/mount_namespaces/$ns ]]; then + m sudo touch /root/mount_namespaces/$ns + fi + if ! sudo mountpoint /root/mount_namespaces/$ns >/dev/null; then + m sudo unshare --propagation slave --mount=/root/mount_namespaces/$ns /bin/true + fi + m sudo -E /usr/bin/nsenter --mount=/root/mount_namespaces/$ns "$@" +} + +mnsr() { # mns run + local ns=$1 + shift + mns $ns sudo -u iank -E env "PATH=$PATH" "$@" +} + +mnsnonet() { + ns=$1 + if ! s ip netns list | grep -Fx nonet &>/dev/null; then + s ip netns add nonet + fi + mns $ns --net=/var/run/netns/nonet sudo -E -u iank /bin/bash + lomh +} + + lom() { + # l = the loopback device local l base if [[ $1 == /* ]]; then base=${1##*/} - if mountpoint /mnt/$base; then + fs_file=$1 + if mns $base mountpoint -q /mnt/$base; then return 0 fi - l=$(sudo losetup -f) - sudo losetup $l $1 - if ! sudo cryptsetup luksOpen $l $base; then - sudo losetup -d $l - return 1 + l=$(losetup -j $fs_file | sed -rn 's/^([^ ]+): .*/\1/p' | head -n1 ||:) + if [[ ! $l ]]; then + l=$(sudo losetup -f) + m sudo losetup $l $fs_file fi - sudo mkdir -p /mnt/$base - sudo mount /dev/mapper/$base /mnt/$base - sudo chown $USER:$USER /mnt/$base + if ! sudo cryptsetup status /dev/mapper/$base &>/dev/null; then + if ! sudo cryptsetup luksOpen $l $base; then + m sudo losetup -d $l + return 1 + fi + fi + m sudo mkdir -p /mnt/$base + m mns $base mount /dev/mapper/$base /mnt/$base + m mns $base chown $USER:$USER /mnt/$base + lomh else base=$1 - sudo umount /mnt/$base - l=$(sudo cryptsetup status /dev/mapper/$base|sed -rn 's/^\s*device:\s*(.*)/\1/p') - sudo cryptsetup luksClose /dev/mapper/$base || return 1 - sudo losetup -d $l + if mns $base mountpoint /mnt/$base &>/dev/null; then + m mns $base umount /mnt/$base + fi + if sudo cryptsetup status /dev/mapper/$base &>/dev/null; then + if ! m sudo cryptsetup luksClose /dev/mapper/$base; then + echo lom: failed cryptsetup luksClose /dev/mapper/$base + return 1 + fi + fi + l=$(losetup -l --noheadings | awk '$6 ~ /\/'$base'$/ {print $1}') + if [[ $l ]]; then + m sudo losetup -d $l + else + echo lom: warning: no loopback device found + fi fi } @@ -1140,6 +1297,16 @@ mbdisable() { mv -T $src $dst set +x } +mb2disable() { + local mb=$1 + dst=/m/md/$mb + src=/m/4e2/$mb + set -x + [[ -e $src ]] || { set +x; return 1; } + if [[ -L $dst ]]; then rm $dst; fi + mv -T $src $dst + set +x +} mdt() { @@ -1152,6 +1319,54 @@ mo() { xset dpms force off; } # monitor off mpvd() { mpv --profile=d "$@"; } +# mpv all media files in . or $1 +mpvm() { + local -a extensions arg + # get page source of https://en.wikipedia.org/w/index.php?title=Video_file_format&action=edit + # into /a/x.log, then + # grep '^| *\.' /a/x.log | sed 's/| *//;s/,//g' + extensions=( + .webm + .mkv + .flv + .flv + .vob + .ogv .ogg + .drc + .gif + .gifv + .mng + .avi + .MTS .M2TS .TS + .mov .qt + .wmv + .yuv + .rm + .rmvb + .viv + .asf + .amv + .mp4 .m4p .m4v + .mpg .mp2 .mpeg .mpe .mpv + .mpg .mpeg .m2v + .m4v + .svi + .3gp + .3g2 + .mxf + .roq + .nsv + ) + arg=("(" -iname "*${extensions[0]}") + for (( i=1 ; i < ${#extensions[@]}; i++ )); do + arg+=(-o -iname "*${extensions[i]}") + done + arg+=(")") + dir=${1:-.} + # debug: + #find $dir "${arg[@]}" -size +1M + find $dir "${arg[@]}" -size +1M -exec mpv --profile=d '{}' + +} mpvs() { mpv --profile=s "$@"; } @@ -1177,8 +1392,7 @@ allmyirc() { } mygajim() { - local now time time_sec time_pretty - now=$(date +%s) + local time time_sec time_pretty sqlite3 -separator ' ' /p/c/subdir_files/.local/share/gajim/logs.db "select time, message from logs where contact_name = 'iank' and jid_id = 17;" | while read -r time l; do case $time in 16*) : ;; @@ -1191,10 +1405,14 @@ mygajim() { echo $time_pretty "$l" time_sec=${time%%.*} # only look at the last 18 days. generally just use this for timesheet. - if (( time_sec < now - 60 * 60 * 24 * 18 )); then break; fi + if (( time_sec < EPOCHSECONDS - 60 * 60 * 24 * 18 )); then break; fi done } +allmygajim() { + sqlite3 -separator ' ' /p/c/subdir_files/.local/share/gajim/logs.db "select time, message from logs where contact_name = 'iank'" | less +} + gajlogs() { sqlite3 -separator ' ' /p/c/subdir_files/.local/share/gajim/logs.db "select time, message from logs" | less } @@ -1228,6 +1446,9 @@ ngo() { otp() { oathtool --totp -b "$*" | xclip -selection clipboard } +j() { + "$@" |& pee "xclip -r -selection clipboard" +} pakaraoke() { @@ -1287,7 +1508,7 @@ pumpa() { # other tiling window managers in giving up on setting it at all # xprop -root -remove _NET_WORKAREA - command pumpa &r + command pumpa & r } # reviewboard, used at my old job @@ -1391,10 +1612,6 @@ spd() { PATH=/usr/local/spdhackfix:$PATH command spd "$@" } -spend() { - sudo systemctl suspend -} - spamf() { # spamtest on FILE local spamcpre spamdpid @@ -1432,7 +1649,6 @@ testmail() { # always run this first, edit the test files, then run the following testsieve() { sieve-filter ~/sieve/maintest.sieve ${1:-INBOX} delete 2> >(head; tail) >/tmp/testsieve.log && sed -rn '/^Performed actions:/,/^[^ ]/{/^ /p}' /tmp/testsieve.log | sort | uniq -c - _dosieve } runsieve() { c ~/sieve; cp personal{test,}.sieve; cp lists{test,}.sieve; cp personalend{test,}.sieve @@ -1440,6 +1656,102 @@ runsieve() { sed -r '/^info: filtering:/{h;d};/^info: msgid=$/N;/^info: msgid=.*left message in mailbox [^ ]+$/d;/^info: msgid=/{H;g};/^info: message kept in source mailbox.$/d' /tmp/testsieve.log } +# usage: +# alertme SUBJECT +# printf "subject\nbody\n" | alertme +alertme() { + if [[ -t 0 ]]; then + exim -t < /dev/null 2>&1 & } -trg() { transmission-remote-gtk&r; } +trg() { transmission-remote-gtk & r; } trc() { # example, set global upload limit to 100 kilobytes: # trc -u 100 TR_AUTH=":$(jq -r .profiles[0].password ~/.config/transmission-remote-gtk/config.json)" transmission-remote transmission.lan -ne "$@" } +trysleep() { + retries="$1" + sleepsecs="$2" + shift 2 + for (( i=0; i < retries - 1; i++ )); do + if "$@"; then + return 0 + fi + sleep $sleepsecs + done + "$@" +} + tu() { local s @@ -1519,45 +1843,98 @@ enn() { m s nsenter -t $pid -n -m $ecmd "$@" } +# get pid of systemd service +servicepid() { + local pid unit dir + unit="$1" + pid=$(systemctl show --property MainPID --value "$unit") + case $pid in + [1-9]*) : ;; + *) + + dir=/sys/fs/cgroup/system.slice + if [[ ! -d $dir ]]; then + # t10 and older directory. + dir=/sys/fs/cgroup/systemd/system.slice + fi + + # 0 or empty. This file includes the MainPid, so I expect we + # could just get this in the first place, but i don't know if that + # is always the case. + pid=$(head -n1 $dir/${unit%.service}.service/cgroup.procs) + ;; + esac + if [[ $pid ]]; then + printf "%s\n" "$pid" + else + return 1 + fi +} + sdnbash() { # systemd namespace bash - local unit=$1 - m sudo nsenter -t $(systemctl status $unit | sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash + local unit pid + unit=$1 + pid=$(servicepid $unit) + m sudo nsenter -t $pid -n -m sudo -u $USER -i bash } -mailnnbash() { - m sudo nsenter -t $(systemctl status mailnn| sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash +sdncmd() { # systemd namespace cmd + local unit pid + unit=$1 + shift + pid=$(servicepid $unit) + m sudo nsenter -t $pid -n -m sudo -u $USER -i "$@" } -mailvpnbash() { - m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash + +mailnnbash() { + sdnbash mailnn } + +# we use wireguard now, use mailnnbash. +# mailvpnbash() { +# m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash +# } + eximbash() { - m sudo nsenter -t $(pgrep -f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1) -n -m sudo -u $USER -i bash + local pid + pid=$(pgrep -f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1) + if [[ ! $pid ]]; then + echo "eximbash: failed to find exim pid. systemctl -n 30 status exim4:" + systemctl status exim4 + fi + m sudo nsenter -t $pid -n -m } spamnn() { local spamdpid - spamdpid=$(systemctl status spamassassin| sed -n '/^ *Main PID:/s/[^0-9]//gp') + spamdpid=$(systemctl show --property MainPID --value spamassassin) m sudo nsenter -t $spamdpid -n -m sudo -u Debian-exim spamassassin "$@" } unboundbash() { m sudo nsenter -t $(systemctl status unbound| sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash - } +} + +nmtc() { + s nmtui-connect "$@" +} mailnncheck() { - local pid ns mailnn - for p in mailnn mailvpn unbound dovecot spamassassin exim4 radicale; do - pid=$(s systemctl status $p| sed -n '/^ *Main PID:/s/[^0-9]//gp') + local unit pid ns mailnn + # mailvpn would belong on the list if using openvpn + for unit in mailnn unbound dovecot spamassassin exim4 radicale; do + pid=$(servicepid $unit) + echo debug: unit=$unit pid=$pid if [[ ! $pid ]]; then - echo failed to find pid for $p + echo failed to find pid for unit=$unit continue fi if ! ns=$(s readlink /proc/$pid/ns/net); then - echo failed to find ns for $p pid=$pid + echo failed to find ns for unit=$unit pid=$pid continue fi if [[ $mailnn ]]; then if [[ $ns != "$mailnn" ]]; then - echo "$p ns $ns != $mailnn" + echo "$unit ns $ns != $mailnn" fi else mailnn=$ns @@ -1568,13 +1945,7 @@ mailnncheck() { vpncmd() { - m sudo -E env "PATH=$PATH" nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n -m "$@" -} -vpnf() { - vpncmd sudo -E -u iank env "PATH=$PATH" abrowser -no-remote -P vpn &r -} -vpn2f() { - vpncmd sudo -u iank env "PATH=$PATH" abrowser -no-remote -P vpn2 &r + m sudo -E env "PATH=$PATH" nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n "$@" } vpni() { @@ -1606,6 +1977,85 @@ vpn() { sudo systemd-tty-ask-password-agent } +fixu() { + ls -lad /run/user/1000 + s chmod 700 /run/user/1000; s chown iank.iank /run/user/1000 +} + +# systemctl is-enabled / status / cat says nothing, instead theres +# some obscure symlink. paths copied from man systemd.unit. +# possibly also usefull, but incomplete, doesnt show units not loaded in memory: +# seru list-dependencies --reverse --all UNIT +sysd-deps() { + local f + local -a dirs search + ngset + + case $1 in + u) + search=( + ~/.config/systemd/user.control/* + $XDG_RUNTIME_DIR/systemd/user.control/* + $XDG_RUNTIME_DIR/systemd/transient/* + $XDG_RUNTIME_DIR/systemd/generator.early/* + ~/.config/systemd/user/* + /etc/systemd/user/* + $XDG_RUNTIME_DIR/systemd/user/* + /run/systemd/user/* + $XDG_RUNTIME_DIR/systemd/generator/* + ~/.local/share/systemd/user/* + /usr/lib/systemd/user/* + $XDG_RUNTIME_DIR/systemd/generator.late/* + ) + ;; + *) + search=( + /etc/systemd/system.control/* + /run/systemd/system.control/* + /run/systemd/transient/* + /run/systemd/generator.early/* + /etc/systemd/system/* + /etc/systemd/systemd.attached/* + /run/systemd/system/* + /run/systemd/systemd.attached/* + /run/systemd/generator/* + /lib/systemd/system/* + /run/systemd/generator.late/* + ) + ;; + esac + for f in "${search[@]}"; do + [[ -d $f ]] || continue + case $f in + *.requires|*.wants) + dirs+=("$f") + ;; + esac + done + # dirs is just so we write out the directory names, ls does it when there is 2 or more dirs. + case ${#dirs[@]} in + 1) + echo "${dirs[0]}:" + ll "${dirs[@]}" + ;; + 0) : ;; + *) + ll "${dirs[@]}" + ;; + esac + ngreset +} + +fixvpndns() { + local link istls + read _ link _ istls < <(resolvectl dnsovertls tunfsf) + case $istls in + yes|no) : ;; + *) echo fixvpndns error: unexpected istls value: $istls >&2; return 1 ;; + esac + s busctl call org.freedesktop.resolve1 /org/freedesktop/resolve1 org.freedesktop.resolve1.Manager SetLinkDNSOverTLS is $link no +} + vpnoff() { [[ $1 ]] || { echo need arg; return 1; } if [[ -e /lib/systemd/system/openvpn-client@.service ]]; then @@ -1616,10 +2066,10 @@ vpnoff() { sudo systemctl stop $vpn_service@$1 } vpnoffc() { # vpn off client - ser stop openvpn-nn@client + ser stop openvpn-client-tr@client } vpnc() { - ser start openvpn-nn@client + ser start openvpn-client-tr@client } @@ -1650,7 +2100,15 @@ if [[ -e $f ]]; then source $f fi - +electrum() { + # https://electrum.readthedocs.io/en/latest/tor.html + # https://github.com/spesmilo/electrum-docs/issues/129 + s rsync -ptog --chown bitcoin:bitcoin ~/.Xauthority /var/lib/bitcoind/.Xauthority + sudo -u bitcoin DISPLAY=$DISPLAY XAUTHORITY=/var/lib/bitcoind/.Xauthority /a/opt/electrum-4.2.1-x86_64.AppImage -p socks5:localhost:9050 +} +monero() { + sudo -u bitcoin DISPLAY=$DISPLAY XAUTHORITY=/var/lib/bitcoind/.Xauthority /a/opt/monero-gui-v0.17.3.2/monero-wallet-gui +} reset-konsole() { @@ -1677,6 +2135,12 @@ scrollbar true EOF } +# make a page of links found in the files $@. redirect output +linkhtml() { + gr -oh 'https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)' "$@" | \ + rev | sort -u | rev | sed 's,.*,\0,' +} + reset-xscreensaver() { # except for spash, i set these by setting gui options in # xscreensaver-command -demo @@ -1706,6 +2170,7 @@ if [[ "$SUDOD" ]]; then unset SUDOD elif [[ -d /a ]] && [[ $PWD == "$HOME" ]] && [[ $- == *i* ]]; then cd /a + OLDPWD= fi @@ -1735,7 +2200,9 @@ path-add /usr/local/go/bin # I have both because I was trying to solve an issue that # turned out to be unrelated. # ARDUINO_PATH=/a/opt/Arduino/build/linux/work -export ARDUINO_PATH=/a/opt/arduino-1.8.15 + +## i should have documented this... +# based on https://github.com/keyboardio/Kaleidoscope export KALEIDOSCOPE_DIR=/a/opt/Kaleidoscope # They want to be added to the start, but i think @@ -1747,7 +2214,9 @@ path-add --end $HOME/.cargo/bin if type -P rg &>/dev/null; then # --no-messages because of annoying errors on broken symlinks - rg() { command rg --no-messages -L -i -M 300 --no-ignore "$@" || return $?; } + # -z = search .gz etc files + # -. = search dotfilesq + rg() { command rg -. -z --no-messages -L -i -M 900 --no-ignore-parent --no-ignore-vcs -g '!.git' -g '!auto-save-list' -g '!.savehist' "$@" || return $?; } #fails if not exist. ignore complete -r rg 2>/dev/null ||: else