local h=${1##*@}
local x
ssh-keygen -R $h -f $(readlink -f ~/.ssh/known_hosts)
- x=$(timeout 1 ssh -oBatchMode=yes -v $1 |& sed -rn "s/debug1: Connecting to $h \[([^\]*)].*/\1/p")
+ x=$(timeout 1 ssh -oBatchMode=yes -oControlMaster=no -oControlPath=/ -v $1 |& sed -rn "s/debug1: Connecting to $h \[([^\]*)].*/\1/p")
if [[ ! $x ]]; then
echo "khfix: ssh failed"
return 1
}
ccat () { # config cat. see a config without extra lines.
- grep '^\s*[^[:space:]#]' "$@"
+ grep '^\s*[^;[:space:]#]' "$@"
}
cdiff() {
done < "$file"
}
+# mail related
+etail() {
+ sudo tail -f /var/log/exim4/mainlog
+}
+
f() {
# cd forward
c +
# Create from existing manually installed apps by doing
# fdroidcl search -i, then manually removing
# automatically installed/preinstalled apps
+
+# firefox updater. commented out, firefox depends on nonfree opengl.
+# de.marmaro.krt.ffupdater
+# # causes replicant to die on install and go into a boot loop
+# me.ccrama.redditslide
+#
+# # my attempt at recovering from boot loop:
+# # in that case, boot to recovery (volume up, home button, power, let go of power after samsun logo)
+# # then
+# mount /dev/block/mmcblk0p12 /data
+# cd /data
+# find -iname '*appname*'
+# rm -rf FOUND_DIRS
+# usually good enough to just rm -rf /data/app/APPNAME
+#
+# currently broken:
+#at.bitfire.davdroid
fdroid_pkgs=(
- at.bitfire.davdroid
com.alaskalinuxuser.justnotes
com.artifex.mupdfdemo
com.fsck.k9
com.zoffcc.applications.zanavi
cz.martykan.forecastie
de.danoeh.antennapod
- de.marmaro.krt.ffupdater
im.vector.alpha # riot
info.papdt.blackblub
- me.ccrama.redditslide
me.tripsit.tripmobile
net.gaast.giggity
net.osmand.plus
command feh -FzZ "$@"
}
+# mail related
+frozen() {
+ rm -rf /tmp/frozen
+ s mailq |gr frozen|awk '{print $3}' | while read -r id; do
+ s exim -Mvl $id
+ echo
+ s exim -Mvh $id
+ echo
+ s exim -Mvb $id
+ echo -e '\n\n##############################\n'
+ done | tee -a /tmp/frozen
+}
+frozenrm() {
+ local ids=()
+ while read -r line; do
+ printf '%s\n' "$line"
+ ids+=($(printf '%s\n' "$line" |gr frozen|awk '{print $3}'))
+ done < <(s mailq)
+ echo "sleeping for 2 in case you change your mind"
+ sleep 2
+ s exim -Mrm "${ids[@]}"
+}
+
funce() {
# like -e for functions. returns on error.
# at the end of the function, disable with:
set -x
mv -T $src $dst || { set +x; return 1; }
ln -s -T $dst $src
+ /a/exe/lnf /p/.mu ~
+ mu index --maildir=/m/4e
set +x
}
mbdisable() {
s rsync -rlpchviog --relative "${opts[@]}" "$path" "root@$host:/";
}
+# only run on desktop. simpler to keep this on one system.
r2eadd() { # usage: name url
# initial setup of rss2email:
# r2e new r2e@iankelling.org
ssh $1 /tmp/${2##*/} "${@:2}"
}
+sss() { # ssh solo
+ ssh -oControlMaster=no -oControlPath=/ "$@"
+}
+
swap() {
local tmp
tmp=$(mktemp)
return $ret
}
+# mail related
testmail() {
declare -gi _seq; _seq+=1
echo "test body" | m mail -s "test mail from $HOSTNAME, $_seq" "${@:-root@localhost}"
# MSG_ID is in /var/log/exim4/mainlog, looks like 1ccdnD-0001nh-EN
}
-# to test sieve, use below command. make modifications, then copy to live file, use -eW to actually modify mailbox
+# to test sieve, use below command. for fsf mail, see fsf-get-mail script.
+# make modifications, then copy to live file, use -eW to actually modify mailbox
# cp /p/c/subdir_files/sieve/personal{test,}.sieve; testsievelist -eW INBOX
#
# Another option is to use sieve-test SCRIPT MAIL_FILE. note,
# sieve with output filter. arg is mailbox, like INBOX.
# This depends on dovecot conf, notably mail_location in /etc/dovecot/conf.d/10-mail.conf
-#
+
testsievelist() {
sieve-filter ~/sieve/maintest.sieve "$@" >/tmp/testsieve.log 2> >(tail) && sed -rn '/^Performed actions:/{n;n;p}' /tmp/testsieve.log | sort -u
}
+# mail related
# plain sieve
testsieve() {
sieve-filter ~/sieve/main.sieve "$@"
}
+# mail related
testexim() {
# testmail above calls sendmail, which is a link to exim/postfix.
# it's docs don't say a way of adding an argument
(sleep $(calc "$@ * 60") && mpv --no-config --volume 50 /a/bin/data/alarm.mp3) > /dev/null 2>&1 &
}
+trg() { transmission-remote-gtk&r; }
+trc() {
+ # example, set global upload limit to 100 kilobytes:
+ # trc -u 100
+ TR_AUTH=":$(jq -r .profiles[0].password ~/.config/transmission-remote-gtk/config.json)" transmission-remote transmission.lan -ne "$@"
+}
+
tu() {
local s;
}
-trg() { transmission-remote-gtk&r; }
-
-# transmission() {
-# local pid=$(cat /var/lib/transmission-daemon/transmission-daemon.pid)
-# if [[ $pid && -e /proc/$pid ]]; then
-# echo "noop. already running."
-# return
-# fi
-
-# local NAME=transmission-daemon
-# local DAEMON=/usr/bin/$NAME
-# local duser=debian-transmission
-
-# [ -e /etc/default/$NAME ] && . /etc/default/$NAME
-# s ip netns exec vpn sudo -u $duser ionice -c 3 nice -n 19 $DAEMON $OPTIONS
-# }
virshrm() {
for x in "$@"; do virsh destroy "$x"; virsh undefine "$x"; done
[[ $1 ]] || { echo need arg; return 1; }
journalctl --unit=openvpn-client@$1 -f -n0 &
s systemctl start openvpn-client@$1
+ # sometimes the ask-password agent does not work and needs a delay.
+ sleep .5
+ # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779240
+ # noticed around 8-2017 after update from around stretch release
+ # on debian testing, even though the bug is much older.
+ s systemd-tty-ask-password-agent
}
vpnoff() {
wtr() { curl wttr.in/boston; }
xl() {
- # this succeeds even if gnome-screensaver isn't running.
+ # this succeeds even if gnome-screensaver isn\'t running.
gnome-screensaver-command --exit &>/dev/null
if ! pidof xscreensaver; then
+ pushd /
xscreensaver &
+ popd
# 1 was not long enough
sleep 3
fi
exit 0
else
if [[ -w $f ]]; then
- rm $f
+ rm -f $f
fi
fi
fi
--- /dev/null
+servers-file=/etc/dnsmasq-servers.conf
# every user in a same group, so if you copy files there with exact
# perms, that is probably not what you want. I don't use a system like
# that. I don't care much either way, but the ubuntu one seems a bit
-# more user friendly, and copying files between them is a pita with
-# different umasks.
-if test "$(id -u)" -ge 1000; then
- umask 002
-fi
+# more user friendly, and copying files between them is a annoying with
+# different umasks. However, it also makes it so if you create a file as
+# a regular user then move it to become a system file, it's got slightly
+# wrong permissions, and sometimes thing break. So, this outweighs the
+# other things, stick with 022 umask always.
+umask 022
+# this is how we could test for non-system user
+
+#if test "$(id -u)" -ge 1000; then : fi
RuntimeDirectoryMode=0710
WorkingDirectory=/etc/openvpn/client
ExecStart=/usr/bin/nsenter --mount=/root/mount_namespaces/%i /usr/sbin/openvpn --suppress-timestamps --nobind --config /etc/openvpn/client/%i.conf
+# Ian: commented out these lines from upstream
# until we get the next systemd version (233), which can do bind mounts
# inside a mnt namespace via systemd, we have to setup our own, which requires
# full priveledges.
+# when we enable CababilityBoundingSet, s/=/=+/ on these ExecStart/Stop lines.
+# systemd ver in flidas does not suppot =+
#CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
LimitNPROC=10
# DeviceAllow=/dev/null rw
# DeviceAllow=/dev/net/tun rw
-# ian: added just these lines from upstream
-ExecStartPre=+/a/bin/newns/newns -n 10.173.0 start %i
-ExecStartPre=+/sbin/iptables-restore /a/bin/distro-setup/transmission-firewall/netns.rules
-ExecStopPost=+/a/bin/newns/newns stop %i
+ExecStartPre=/a/bin/newns/newns -n 10.173.0 start %i
+ExecStartPre=/sbin/iptables-restore /a/bin/distro-setup/transmission-firewall/netns.rules
+ExecStopPost=/a/bin/newns/newns stop %i
PrivateNetwork=true
--- /dev/null
+[Unit]
+
+
+Description=OpenVPN connection to %i
+PartOf=openvpn.service
+ReloadPropagatedFrom=openvpn.service
+
+# ian, this is starting too early, added this from stretch's openvpn-client@.service
+After=syslog.target network-online.target
+Wants=network-online.target
+# ian, commented out, we are starting too early, no need to be before anything.
+Before=systemd-user-sessions.service
+
+Documentation=man:openvpn(8)
+Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
+Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
+
+[Service]
+# these cause ExecStart to fail with "nsenter: reassociate to namespace
+# 'ns/mnt' failed: Invalid argument" on trisquel 8. Probably because we
+# get put into some mount namespace and the one that I setup does not
+# exist within it or something stupid that systemd does not
+# document. Whatev.
+#PrivateTmp=true
+#ProtectSystem=yes
+
+KillMode=mixed
+Type=forking
+ExecStart=/usr/bin/nsenter --mount=/root/mount_namespaces/%i /usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/client/%i.conf --writepid /run/openvpn/%i.pid
+PIDFile=/run/openvpn/%i.pid
+ExecReload=/bin/kill -HUP $MAINPID
+WorkingDirectory=/etc/openvpn
+# Ian: commented out these lines from upstream
+#CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_AUDIT_WRITE
+LimitNPROC=10
+#DeviceAllow=/dev/null rw
+#DeviceAllow=/dev/net/tun rw
+
+# ian: added just these lines from upstream
+ExecStartPre=/a/bin/newns/newns -n 10.173.0 start %i
+ExecStartPre=/sbin/iptables-restore /a/bin/distro-setup/transmission-firewall/netns.rules
+# note, this doesnt get run on trisquel 8 when ExecStart command fails,
+# documentation says it should
+ExecStopPost=/a/bin/newns/newns stop %i
+PrivateNetwork=true
+
+[Install]
+WantedBy=multi-user.target
+++ /dev/null
-[Unit]
-Description=Transmission BitTorrent Daemon netns
-After=network.target
-Requires=openvpn-client-nn@client.service
-After=openvpn-client-nn@client.service
-JoinsNamespaceOf=openvpn-client-nn@client.service
-
-[Service]
-#User=debian-transmission
-# notify type doesn't work with sudo
-#Type=notify
-ExecStart=/usr/bin/nsenter --mount=/root/mount_namespaces/client sudo -u debian-transmission /usr/bin/transmission-daemon -f --log-error
-ExecReload=/bin/kill -s HUP $MAINPID
-PrivateNetwork=true
-Nice=19
-
-[Install]
-WantedBy=multi-user.target
--- /dev/null
+treetowl
+frodo
\ No newline at end of file
--- /dev/null
+[Unit]
+Description=Btrbk backup
+After=multi-user.target
+
+[Service]
+Type=oneshot
+ExecStart=/a/bin/log-quiet/sysd-mail-once btrbk /a/exe/btrbk-run
--- /dev/null
+[Unit]
+Description=Run btrbk-run once every 20 mins
+
+[Timer]
+OnCalendar=*:0/20
+
+[Install]
+WantedBy=timers.target
--- /dev/null
+$ORIGIN .
+$TTL 60 ; 1 minute
+b8.nz IN SOA b8.nz. admin.b8.nz. (
+ 25 ; serial
+ 604800 ; refresh (1 week)
+ 86400 ; retry (1 day)
+ 2419200 ; expire (4 weeks)
+ 60 ; minimum (1 minute)
+ )
+ NS n1.iankelling.org.
+ NS n2.iankelling.org.
+ A 73.249.108.7
};
};
include "/etc/bind/key.iank.life";
+
+
+zone "b8.nz" {
+type master;
+file "/etc/bind/bind-writable/db.b8.nz";
+ update-policy {
+ // allow host to update themselves with a key having their own name
+ grant b8.nz. name b8.nz. A TXT;
+ grant b8.nz. name *.b8.nz. A TXT;
+ };
+};
+include "/etc/bind/key.b8.nz";
--- /dev/null
+require [ "regex", "variables", "fileinto", "envelope", "mailbox", "imap4flags", "include" ];
+
+if anyof (
+ address :is "from" "sysadmin@gnu.org",
+ address :is "to" "sysadmin-nonrt@gnu.org",
+ address :is "from" "sysadmin-comment@gnu.org"
+ ) {
+ fileinto :create "sysadmin";
+ stop;
+ }
+elsif anyof (
+ header :contains "list-id" "<office-commits.gnu.org>",
+ header :is "Return-path" "<rtbounces@gnu.org>"
+ ) {
+fileinto :create "rtcc";
+ stop;
+}
+
+if anyof (
+ header :regex "subject" "mailing list memberships reminder",
+ address :is "to" "rtbounces@gnu.org",
+ address :is "to" "faxmaster@fsf.org",
+ address :is "from" "FaxMaster@fsf.org"
+ ) {
+ fileinto :create "log";
+ stop;
+ }
+
+include :personal "lists";
stop;
}
-if anyof (
- header :contains "list-id" "<debian-security-announce.lists.debian.org>",
- header :contains "list-id" "<ubuntu-security-announce.lists.ubuntu.com>"
- ) {
- fileinto :create "sec";
- stop;
- }
-
if anyof (
header :regex "subject" "mailing list memberships reminder",
address :is "to" "rtbounces@gnu.org",
fileinto :create "log";
stop;
}
-# Return-path: <rtbounces@gnu.org>
-if allof (
- address :is "from" "mailman-owner@zope.org",
- header :is "subject" "zope.org mailing list memberships reminder"
- ) {
- discard;
- stop;
- }
-
-if anyof (
- header :contains "list-id" "<activists_masspirates.org.lists.mayfirst.org>"
- ) {
- fileinto :create "pirate-party";
- stop;
- }
+include :personal "lists";
--- /dev/null
+require [ "regex", "variables", "fileinto", "envelope", "mailbox", "imap4flags", "include" ];
+
+if anyof (
+ header :contains "list-id" "<debian-security-announce.lists.debian.org>",
+ header :contains "list-id" "<ubuntu-security-announce.lists.ubuntu.com>"
+ ) {
+ fileinto :create "sec";
+ stop;
+ }
+
+if anyof (
+ header :contains "list-id" "<bbdb-info.lists.sourceforge.net>",
+ header :contains "list-id" "<bug-bash.gnu.org>",
+ header :contains "list-id" "<bug-gnu-emacs.gnu.org>",
+ header :contains "list-id" "<debian-backports.lists.debian.org>",
+ header :contains "list-id" "<debian-security-announce.lists.debian.org>",
+ header :contains "list-id" "<debian-user.lists.debian.org>",
+ header :contains "list-id" "<ding.gnus.org>",
+ header :contains "list-id" "<emacs-devel.gnu.org>",
+ header :contains "list-id" "<emacs-orgmode.gnu.org>",
+ header :contains "list-id" "<git.vger.kernel.org>",
+ header :contains "list-id" "<help-bash.gnu.org>",
+ header :contains "list-id" "<help-gnu-emacs.gnu.org>",
+ header :contains "list-id" "<hyperkitty-devel.lists.fedorahosted.org>",
+ header :contains "list-id" "<ipxe-devel.lists.ipxe.org>",
+ header :contains "list-id" "<kplug-list.kernel-panic.org>",
+ header :contains "list-id" "<kplug-newbie.kernel-panic.org>",
+ header :contains "list-id" "<libreplanet-discuss.libreplanet.org>",
+ header :contains "list-id" "<linux-btrfs.vger.kernel.org>",
+ header :contains "list-id" "<linux-fai.uni-koeln.de>",
+ header :contains "list-id" "<linux-fai-devel.uni-koeln.de>",
+ header :contains "list-id" "<linux-libre.fsfla.org>",
+ header :contains "list-id" "<maru-os-dev.googlegroups.com>",
+ header :contains "list-id" "<mediawiki-l.lists.wikimedia.org>",
+ header :contains "list-id" "<pywikibot.lists.wikimedia.org>",
+ header :contains "list-id" "<pywikipedia-l.lists.wikimedia.org>",
+ header :contains "list-id" "<unison-hackers.lists.seas.upenn.edu>",
+ header :contains "list-id" "<unison-users.yahoogroups.com>",
+ header :contains "list-id" "<whispersystems.lists.riseup.net>",
+ header :contains "list-id" "<wikitech-l.lists.wikimedia.org>",
+ header :contains "list-id" "<xapian-devel.lists.xapian.org>",
+ header :contains "list-id" "<kdeconnect.kde.org>",
+ header :contains "list-id" "<mu-discuss.googlegroups.com>",
+ header :contains "list-id" "<maru-os.googlegroups.com>",
+ header :contains "list-id" "<listhelper-moderate.nongnu.org>",
+ header :contains "list-id" "<coreboot.coreboot.org>",
+ header :contains "list-id" "<mailman-users.python.org>",
+ header :contains "list-id" "<duplicity-talk.nongnu.org>",
+ header :contains "list-id" "<exim-dev.exim.org>",
+ header :contains "list-id" "<exim-users.exim.org>",
+ header :contains "list-id" "<xmonad.haskell.org>") {
+ if header :regex "list-id" "<([a-z_0-9-]+)[.@]" {
+ set :lower "listname" "${1}";
+ fileinto :create "l/${listname}";
+ }
+}
+if anyof (
+ header :contains "list-id" "<websites.lists.fedoraproject.org>",
+ header :contains "list-id" "<docs.lists.fedoraproject.org>",
+ header :contains "list-id" "<users.lists.fedoraproject.org>") {
+ if header :regex "list-id" "<([a-z_0-9-]+)[.@]" {
+ set :lower "listname" "${1}";
+ fileinto :create "l/fedora.${listname}";
+ }
+}
+
+if anyof (
+ header :contains "list-id" "<activists_masspirates.org.lists.mayfirst.org>",
+ header :contains "list-id" "<gnu-prog-discuss.gnu.org>",
+ header :contains "list-id" "<gnu-prog.gnu.org>",
+ header :contains "list-id" "<discuss.blu.org>"
+ ) {
+ fileinto :create "community";
+ stop;
+ }
+
+if allof (
+ address :is "from" "mailman-owner@zope.org",
+ header :is "subject" "zope.org mailing list memberships reminder"
+ ) {
+ discard;
+ stop;
+ }
}
include :personal "personal";
+include :personal "lists";
# note, i originally used something like this to filter mailing lists
iankelling.org / git / distro-setup / commitdiff