From: Ian Kelling Date: Sun, 26 May 2024 01:10:02 +0000 (-0400) Subject: general fixes X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=refs%2Fheads%2Fmaster;hp=1f027ea146ea6c62002a8f67f831273a5c431b52;p=distro-setup general fixes --- diff --git a/.tmux.conf b/.tmux.conf new file mode 100644 index 0000000..9557d72 --- /dev/null +++ b/.tmux.conf @@ -0,0 +1,6 @@ +# a 256color term is needed for profanity to have colors, this is +# recommended by +# https://unix.stackexchange.com/questions/1045/getting-256-colors-to-work-in-tmux +set -g default-terminal "tmux-256color" +# default is green. I prefer it to stand out less. +set-option -g status-style bg=black diff --git a/brc b/brc index 7731b9c..32a2c66 100644 --- a/brc +++ b/brc @@ -774,6 +774,50 @@ EOF done } +screenrtp() { + + local ip port xoffset + read -r ip port xoffset <<<"$@" + + setxenv + + if [[ ! $port ]]; then + port=9999 + fi + + while true; do + # By default, plugged in screen goes to the right side, so we need an + # offset that is the same as the laptop's x resolution. If we are in + # mirror mode, then we don't need an offset. + if [[ ! $xoffset ]]; then + xoffset=0 + laptop_x=$(xrandr | awk '$1 == "LVDS-1" {print $4}' | sed 's/x.*//') || { sleep 1; continue; } + total_x=$(xdpyinfo| awk '$1 == "dimensions:" {print $2}' | sed 's/x.*//') || { sleep 1; continue; } + screen2_res=$(xrandr | awk '$2 == "connected" && $1 != "LVDS-1" { print $3 }' | sed 's/+.*//') + if (( laptop_x < total_x )); then + xoffset=$laptop_x + fi + fi + + m ffmpeg -probesize 50M -thread_queue_size 50 \ + -video_size $screen2_res -f x11grab -framerate 30 -i :0.0+$xoffset.0 \ + -vcodec libx264 -g 1 -tune zerolatency -preset ultrafast -pix_fmt yuv420p -x264-params repeat-headers=1 \ + -f rtp_mpegts rtp://$ip:$port ||: + + + sleep 1 + done +} + +setxenv() { + if [[ ! $DISPLAY ]]; then + export DISPLAY=:0.0 + fi + if [[ ! $XAUTHORITY ]]; then + export XAUTHORITY=$HOME/.Xauthority + fi +} + #### end fsf section @@ -815,25 +859,40 @@ fpst() { # file paste } _khfix-common() { - local host ip port file key tmp - read -r host ip port < <(timeout -s 9 2 ssh -oBatchMode=yes -oControlMaster=no -oControlPath=/ -v $1 |& sed -rn "s/debug1: Connecting to ([^ ]+) \[([^\]*)] port ([0-9]+).*/\1 \2 \3/p" ||: ) + local host ip port file key tmp ssh_host alias + ssh_host=$1 + { + read -r host ip port + read -r alias; + # note ":graph:" is needed or else we get a trailing \r out of ssh, + # dunno why. web search says terminals add \r, so I tried adding -T + # to turn off psuedo terminal, but it didnt help. + } < <(timeout -s 9 2 ssh -TN -oBatchMode=yes -oControlMaster=no -oControlPath=/ -v $ssh_host |& + sed -rn "s/debug1: Connecting to ([^ ]+) \[([^\]*)] port ([0-9]+).*/\1 \2 \3/p; +s/^debug1: using hostkeyalias: ([[:graph:]]*).*/\1/p" ||: ) file=$(readlink -f ~/.ssh/known_hosts) if [[ ! $ip ]]; then echo "khfix: ssh failed" return 1 fi + ip_entry=$ip + host_entry=$host + if [[ $alias ]]; then + host_entry="$alias" + fi if [[ $port != 22 ]]; then ip_entry="[$ip]:$port" - host_entry="[$host]:$port" - else - ip_entry=$ip - host_entry=$host + if [[ ! $alias ]]; then + host_entry="[$host]:$port" + fi fi - if [[ $host != "$ip" ]]; then + if [[ $host_entry != "$ip_entry" ]]; then tmp=$(mktemp) ssh-keygen -F "$host_entry" -f $file >$tmp || [[ $? == 1 ]] # 1 when it doesnt exist in the file if [[ -s $tmp ]]; then key=$(sed -r 's/^.*([^ ]+ +[^ ]+) *$/\1/' $tmp) + else + echo "khfix WARNING: did not find host entry:$host_entry in known_hosts" fi rm $tmp if [[ $key ]]; then @@ -845,12 +904,13 @@ _khfix-common() { ssh-keygen -F "$ip_entry" -f $file >$tmp || [[ $? == 1 ]] if [[ -s $tmp ]]; then key=$(sed -r 's/^.*([^ ]+ +[^ ]+) *$/\1/' $tmp) + else + echo "khfix WARNING: did not find ip entry:$ip_entry in known_hosts" fi rm $tmp if [[ $key ]]; then grep -Fv "$key" "$file" | sponge "$file" fi - ll ~/.ssh/known_hosts } khfix-r() { # known hosts fix without syncing to root user _khfix-common "$@" || return 1 @@ -1375,7 +1435,12 @@ egrinid() { sed -rn '/testignore|jtuttle|eximbackup/!s/^[^ ]+ ([^ ]+) [^ ]+ [^ ]+ <= ([^ ]+).* id=([^ ]+) T="(.*)" from (<[^ ]+> .*$)/\1 \5\n \3\n \4/p' <${1:-/var/log/exim4/mainlog} } etailin() { - tail -F /var/log/exim4/mainlog | sed -rn '/testignore|jtuttle|eximbackup/!s/^[^ ]+ ([^ ]+) [^ ]+ [^ ]+ <= ([^ ]+).*T="(.*)" from (<[^ ]+> .*$)/\1 \4\n \3/p' + local -a tail_arg + tail_arg=(-n500) + if [[ $1 ]]; then + tail_arg=($@) + fi + tail "${tail_arg[@]}" -F /var/log/exim4/mainlog | sed -rn '/testignore|jtuttle|eximbackup/!s/^[^ ]+ ([^ ]+) [^ ]+ [^ ]+ <= ([^ ]+).*T="(.*)" from (<[^ ]+> .*$)/\1 \4\n \3/p' } @@ -2046,9 +2111,9 @@ nags() { /usr/bin/nagstamon & } -# profanity screen +# profanity tmux profsrc() { - screen -RD -S profanity + screen -L profanity a } # i dont want to wait for konsole to exit... @@ -2731,8 +2796,15 @@ sl() { slr() { sl --rsync "$@" } -sss() { # ssh solo - sl -oControlMaster=no -oControlPath=/ "$@" + + +# ssh solo +# +# WARNING: If you are trying to use -i, remember that keys added to +# agent previously will still be tried. Use ssh-add -D to remove all +# keys from the agent. +sss() { + ssh -oControlMaster=no -oControlPath=/ "$@" } # kill off old shared socket then ssh ssk() { @@ -3375,6 +3447,39 @@ if [[ $- == *i* ]]; then fi + +lp22viewers() { + v=0 + roomv=(0 0) + rooms=(jupiter saturn) + for ip in 209.51.188.25 live.fsf.org; do + out=$(curl -sS --insecure https://$ip/) + for i in 0 1 2; do + room=${rooms[i]} + while read -r n; do + v=$((v+n)) + roomv[$i]=$(( ${roomv[$i]} + n )) + done < <(printf "%s\n" "$out" | grep -Po "$room.*?current[^0-9]*[0-9]*" | grep -o '[0-9]*$' ) + done + done + printf "total: %s " $v + for i in 0 1; do + room=${rooms[i]} + printf "$room: %s " "${roomv[$i]}" + done + echo +} + +arpflush() { + local default_route_dev + default_route_dev=$(ip r show default | sed 's/.*dev \([^ ]*\).*/\1/' | head -n1) + m s ip n flush dev "$default_route_dev" +} + +dsh() { + command dsh -c "$@" +} + # * stuff that makes sense to be at the end diff --git a/brc2 b/brc2 index 05de0a3..6ac5183 100644 --- a/brc2 +++ b/brc2 @@ -441,7 +441,7 @@ ralerts() { # remote alerts ap() { # pushd in case current directory has an ansible.cfg file pushd /a/xans >/dev/null - ansible-playbook -v -l ${1:- $(hostname -f)} site.yml + ansible-playbook -v -i ${1:- $(hostname -f)}, site.yml popd >/dev/null } aw() { @@ -1504,7 +1504,6 @@ btrbk-host-debug() { # $ dig ns1.gnu.org @b0.org.afilias-nst.org. -# todo: make sm pull/push use systemd instead of the journal cat command bbk() { # btrbk wrapper local ret=0 c / @@ -1855,7 +1854,13 @@ dsign() { # set day start for use in other programs. # expected to do be in a format like 830, or 800 or 1300. ds() { + local regex + regex='[0-9]?[0-9]?[0-9][0-9]' if [[ $1 ]]; then + if [[ ! $1 =~ $regex ]]; then + echo "ds: error. expected \$1 to match $regex, got \$1: $1" + return 1 + fi echo $1 >/b/data/daystart else cat /b/data/daystart @@ -1998,8 +2003,8 @@ apache-header() { # https://www.gnu.org/licenses/license-recommendations.en.html. They # recommend that small programs, < 300 lines, be licensed under the # Apache License 2.0. This file contains or is part of one or more small -# programs. If a small program grows beyond 300 lines, I plan to switch -# its license to GPL. +# programs. If a small program grows beyond 300 lines, I plan to change +# to a recommended GPL license. # Copyright 2024 Ian Kelling @@ -2638,19 +2643,29 @@ wgkey() { host-info-all() { host-info-update + bindpushb8 + # for wireguard configs ssh iank@li.b8.nz conflink wrt-setup } -# if you change a host's ip, then run -# bindpushb8 -# wrt-setup + + + +## for updating host info like ip, location, update /p/c/host-info and +## host_info below. the host_info array should probably be in its own +## file that gets sourced so that it can be more easily updated. + +# todo: this is so long that it becomes confusing, +# try to split it up. +# +# To make some changes take effect, run host-info-all. host-info-update() { - local -A vpn_ips host_ips host_macs nonvpn_ips all_ips - local -a root_hosts nonroot_hosts host_usbs + local -A vpn_ips host_ips host_macs portfw_ips nonvpn_ips all_ips + local -a root_hosts nonroot_hosts # the hosts with no mac root_hosts=( bk je li b8.nz ) @@ -2678,6 +2693,7 @@ host-info-update() { all_ips[$host]=$ip if $vpn; then + portfw_ips[$host]=$ip vpn_ips[$host]=$ip else nonvpn_ips[$host]=$ip @@ -2687,6 +2703,7 @@ host-info-update() { # hosts is that it is for the User part, the IdentityFile part is # redundant to *.b8.nz. Also note ${host}i, we only setup those for vpn hosts, but there is no harm in overspecifying here. root_hosts+=($host ${host}i $host.b8.nz ${host}i.b8.nz) + root_hosts_a[$host]=t # a for associative array else nonroot_hosts+=($host ${host}i) fi @@ -2710,10 +2727,8 @@ EOF for host in ${!vpn_ips[@]}; do ipsuf=${vpn_ips[$host]} cat <$tmpf + cedit -e work-identity /p/c/subdir_files/.ssh/config-static <$tmpf + rm -f $tmpf + + ### begin focus on hosts file update ### + # + # This started as its own function, but it actually + # needed to alter the ssh config, so combined it. + # + # background: This is finally doing dynamic ip resolution via the hosts + # file. I considered detecting where each host was dynamically or + # something, but ultimately decided to mostly avoid that, other than + # detecting the status of the current machine I'm on. I want to be able + # to move it around without having to manually type much of anything. + local -a host_domain_suffix hosts + local -A ip_to_hosts + local suf ip i host at_home suf_from_here + + source /p/c/domain-info + + at_home=false + if ip n | grep -q "10.2.0.1 .* b4:75:0e:fd:06:4a"; then + at_home=true + fi + + for i in ${host_domain_suffix[@]}; do + if [[ $i == *.* ]]; then + suf=$i + continue + fi + hosts+=($i) + if [[ $i == "$HOSTNAME" ]]; then + unset "portfw_ips[$i]" + continue + fi + + suf_from_here=$suf + if ! $at_home && [[ $suf == .b8.nz || $suf == [wc].b8.nz ]]; then + suf_from_here=i.b8.nz + else + unset "portfw_ips[$i]" + fi + + ip=$(getent ahostsv4 "$i$suf_from_here" | awk '{ print $1 }' | head -n1) ||: + if [[ ! $ip ]]; then + if [[ $suf == .office.fsf.org ]]; then + suf_from_here=wg.b8.nz + ip=$(getent ahostsv4 "$i$suf_from_here" | awk '{ print $1 }' | head -n1) ||: + fi + if [[ ! $ip ]]; then + echo error: failed to get ip of "$i$suf_from_here" + return 1 + fi + fi + ip_to_hosts[$ip]+=" $i" + done + + for ip in "${!ip_to_hosts[@]}"; do + echo "$ip${ip_to_hosts[$ip]}" + done | s cedit -e hosts-file-up /etc/hosts + for host in ${hosts[@]}; do + echo $host + done >/p/c/subdir_files/.dsh/group/btrbk + ### end focus on hosts file update ### + + + # note: note sure if this is a great way to check. + # todo: think about it + + if $at_home; then + # possible that in the future we want to create + # a dynamic file here, and then we can move the cat + # command above out of the conditional + rsync -a /p/c/subdir_files/.ssh/config-static ~/.ssh/config + else + for host in ${!portfw_ips[@]}; do + ipsuf=${portfw_ips[$host]} + cat < ~/.ssh/config-dynamic + cat /p/c/subdir_files/.ssh/config-static ~/.ssh/config-dynamic >~/.ssh/config + fi } # usage host ipsuf [extrahost] @@ -3278,8 +3384,8 @@ myprof() { pushd /home/iank/.local/share/profanity/chatlogs/iank_at_fsf.org/rooms/office_at_conference.fsf.org logs=(*) logcount=${#logs[@]} - if (( logcount > 15 )); then - i=$(( logcount - 15 )) + if (( logcount > 16 )); then + i=$(( logcount - 16 )) else i=0 fi @@ -4666,6 +4772,23 @@ tclear() { done } +opensslcertinfo() { + openssl x509 -txt -in "$@" +} + +# dsh on btrbk hosts +dsb() { +: + } + +# dsh a file and run it +dsa() { + local ret file + if ! parallel -j 10 scp x {}:/tmp <~/.dsh/group/btrbk; then + echo parallel scp failed. dsa returning $ret + fi + dsh -g btrbk + } export BASEFILE_DIR=/a/bin/fai-basefiles diff --git a/btrbk-run b/btrbk-run index 8fc4c4f..9bd6e9b 100644 --- a/btrbk-run +++ b/btrbk-run @@ -45,25 +45,53 @@ EOF } + pre=btrbk-run + + script_name="${BASH_SOURCE[0]}" script_name="${script_name##*/}" + + +log-setup() { + if [[ ! $log_path ]]; then + mkdir -p /var/log/btrbk + log_path=/var/log/btrbk/$(date +%F_%T%:::z).log + fi +} d() { if $dry_run || $conf_only; then printf "$pre dry-run: %s\n" "$*" else - printf "$pre running: %s\n" "$*" - "$@" + log-setup + printf "$pre running: %s\n" "$*" |& pee cat 'ts "%F %T" >>'$log_path + "$@" |& pee cat 'ts "%F %T" >>'$log_path fi } m() { if $verbose; then printf "$pre %s\n" "$*"; fi; "$@"; } e() { printf "$pre %s\n" "$*"; } + +logq() { + local exit_code + exit_code=0 + log-setup + printf "$pre running: %s\n" "$*" | pee cat 'ts "%F %T" >>'$log_path + e logging to $log_path + "$@" |& ts "%F %T" >>$log_path || exit_code=$? + printf "$pre exit code:%s of %s\n" "$exit_code" "$*" | pee cat 'ts "%F %T" >>'$log_path + if (( exit_code > 0 )); then + e "error: command exit code: $exit_code. exiting after tail -n50 $log_path" + tail -n50 $log_path + exit $exit_code + fi +} + die() { printf "$pre error: %s\n" "$*" >&2; echo "$pre exiting with status 1" >&2; exit 1; } mexit() { echo "$pre exiting with status $1"; exit $1; } uninstalled-file-die() { - die "uninstalled file $1. run install-my-scripts or rerun with -f" + die "file $1 is not latest. run install-my-scripts or rerun with -f" } set-location() { @@ -104,10 +132,10 @@ add-x3-target() { # main work machine if ping -q -c1 -w1 x3.office.fsf.org &>/dev/null; then targets+=(x3.office.fsf.org) - elif ping -q -c1 -w1 $h.b8.nz &>/dev/null; then + elif ping -q -c1 -w1 x3.b8.nz &>/dev/null; then # in case we took it home targets+=(x3.b8.nz) - elif ping -q -c1 -w1 ${h}w.b8.nz &>/dev/null; then + elif ping -q -c1 -w1 x3w.b8.nz &>/dev/null; then targets+=(x3w.b8.nz) else targets+=(x3wg.b8.nz) @@ -164,7 +192,7 @@ ret=0 conf_only=false dry_run=false # mostly for testing rate_limit=no -verbose=true; verbose_arg=-v +verbose=true; verbose_arg="-l trace" force=false if [[ $INVOCATION_ID ]]; then # INVOCATION_ID means running as a systemd service. we cant show progress in this case, @@ -203,13 +231,17 @@ fast=false kd_spread=false check_installed=false orig_args=("$@") -temp=$(getopt -l check-installed,fast,pull-reexec,help 23cefikl:m:npqrs:t:vh "$@") || usage 1 +temp=$(getopt -l check-installed,fast,pull-reexec,help 23acefikl:m:npqrs:t:vh "$@") || usage 1 eval set -- "$temp" while true; do case $1 in # for the rare case we want to run multiple instances at the same time -2) conf_suf=2 ;; -3) conf_suf=3 ;; + -a) + # all moiuntpoints + mountpoints=(/a /o /qr /qd /q) + ;; # only creates the config file, does not run btrbk -c) conf_only=true ;; --check-installed) @@ -254,7 +286,9 @@ while true; do # snapshot. we have default hosts we will populate. -t) IFS=, targets=($2); unset IFS; shift ;; # verbose. - -v) verbose=true; verbose_arg=-v ;; + -v) + verbose=true; verbose_arg="-l trace" + ;; -h|--help) usage ;; --) shift; break ;; *) die "Internal error!" ;; @@ -278,7 +312,7 @@ if ! $force && { $check_installed || [[ ! $source ]]; } ; then fi done if ! diff -q /a/bin/bash-bear-trap/bash-bear /usr/local/lib/bash-bear; then - uninstalled-file-die err + uninstalled-file-die bash-bear fi if $check_installed; then exit 0 @@ -474,21 +508,24 @@ if ! command -v btrbk &>/dev/null; then die "error: no btrbk binary found" fi +# pull_reexec stops us from getting into an infinite loop if there is some +# kind of weird problem +pulla=false +for m in "${mountpoints[@]}"; do + if [[ $m == /a ]]; then + pulla=true + break + fi +done + if ! $pull_reexec && [[ $source ]] && $pulla && ! $force ; then - ssh root@$source btrbk-run --check-installed || exit 1 + ssh root@$source btrbk-run --check-installed fi #### end pre-checks ##### -mkdir -p /var/log/btrbk -# The journal doesnt go back to my oldest backups, and I've found myself -# wanting older logs. Not going to bother expiring old logs, since it is -# fine if they go back years. -log_path=/var/log/btrbk/$(date +%F_%T%:::z).log -echo copying output to $log_path -exec &> >(pee cat 'ts "%F %T"|dd of='$log_path' status=none') # print some non-default opts if $verbose; then @@ -519,26 +556,6 @@ if $verbose; then fi fi -if [[ -v targets ]]; then - echo "targets: ${targets[*]}" -fi - -if [[ $source ]]; then - echo "source: $source" -fi - -echo "mountpoints: ${mountpoints[*]}" - - -# pull_reexec stops us from getting into an infinite loop if there is some -# kind of weird problem -pulla=false -for m in "${mountpoints[@]}"; do - if [[ $m == /a ]]; then - pulla=true - break - fi -done if ! $pull_reexec && [[ $source ]] && $pulla ; then tmpf=$(mktemp) @@ -553,6 +570,16 @@ if ! $pull_reexec && [[ $source ]] && $pulla ; then fi fi + +if [[ -v targets ]]; then + echo "targets: ${targets[*]}" +fi +if [[ $source ]]; then + echo "source: $source" +fi +echo "mountpoints: ${mountpoints[*]}" + + # todo: check if we have no snapshots yet, because I always want to run # archive instead of run. Likely, I should give an error unless a cli # override is passed. perhaps check-subvol-stale could give the error. @@ -674,14 +701,6 @@ cat >/etc/btrbk$conf_suf.conf </dev/null /dev/null /dev/null); then if [[ $lock_info != *non-blanked* ]]; then locked=true fi - else - locked=true fi } diff --git a/distro-begin b/distro-begin index 59e50d5..74bbdff 100755 --- a/distro-begin +++ b/distro-begin @@ -553,7 +553,7 @@ fi # disabled temporarily ###### setup /i # if home_network; then -# tu /etc/fstab <<'EOF' +# sudo /a/exe/teeu /etc/fstab <<'EOF' # /i/w /w none bind,noauto 0 0 # /i/k /k none bind,noauto 0 0 # EOF @@ -562,11 +562,11 @@ fi # sudo chown $USER:user2 /kr # fi # if [[ $HOSTNAME == frodo ]]; then -# tu /etc/fstab <<'EOF' +# sudo /a/exe/teeu /etc/fstab <<'EOF' # /k /kr none bind,noauto 0 0 # EOF # else -# tu /etc/fstab <<'EOF' +# sudo /a/exe/teeu /etc/fstab <<'EOF' # frodo:/k /kr nfs noauto 0 0 # EOF # fi @@ -636,7 +636,7 @@ if has_btrfs; then fi first_root_crypt=$(awk '$2 == "/" {print $1}' /etc/mtab) - tu /etc/fstab < 2)) && echo ,compress=zstd ) 0 0 EOF sudo mkdir -p $dir @@ -649,7 +649,7 @@ fi case $HOSTNAME in kd) - tu /etc/fstab <<'EOF' + sudo /a/exe/teeu /etc/fstab <<'EOF' /dev/mapper/crypt_dev_ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V-part7 /d btrfs nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,compress=zstd,subvol=d 0 0 /d/m /i none bind,compress=zstd 0 0 EOF @@ -665,7 +665,7 @@ EOF fi ;; frodo) - tu /etc/fstab <<'EOF' + sudo /a/exe/teeu /etc/fstab <<'EOF' /dev/mapper/crypt_dev_ata-ata-Hitachi_HDS722020ALA330_JK1121YAG7SXWS-part1 /i btrfs nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,subvol=i 0 0 EOF if ! mountpoint /i &>/dev/null; then diff --git a/distro-end b/distro-end index ba0b585..d99e6a1 100755 --- a/distro-end +++ b/distro-end @@ -18,8 +18,8 @@ # SPDX-License-Identifier: GPL-3.0-or-later -# shellcheck source=./brc -source ~/brc +export LC_USEBASHRC=t +source /a/bin/ds/.bashrc ### setup source /a/bin/bash-bear-trap/bash-bear @@ -1900,7 +1900,7 @@ case $HOSTNAME in wgip=$(command sudo sed -rn 's,^ *Address *= *([^/]+).*,\1,p' /etc/wireguard/wghole.conf) # old filename. remove once all hosts are updated. s rm -fv /etc/apache2/sites-enabled/${HOSTNAME}wg.b8.nz.conf - web-conf -i -a $wgip -p 9101 -f 9100 - apache2 ${HOSTNAME}wg.b8.nz <<'EOF' + s bash -x web-conf -i -a $wgip -p 9101 -f 9100 - apache2 ${HOSTNAME}wg.b8.nz <<'EOF' AuthType Basic AuthName "basic_auth" diff --git a/easiest-to-type-numbers b/easiest-to-type-numbers index 279151f..6d5e593 100755 --- a/easiest-to-type-numbers +++ b/easiest-to-type-numbers @@ -74,7 +74,7 @@ t4() { pn $d1$d2 used[$d1$d2]=t done - done + done | sort -n } for t in {1..4}; do diff --git a/ffs b/ffs new file mode 100755 index 0000000..253b83b --- /dev/null +++ b/ffs @@ -0,0 +1,96 @@ +#!/bin/bash +# I, Ian Kelling, follow the GNU license recommendations at +# https://www.gnu.org/licenses/license-recommendations.en.html. They +# recommend that small programs, < 300 lines, be licensed under the +# Apache License 2.0. This file contains or is part of one or more small +# programs. If a small program grows beyond 300 lines, I plan to change +# to a recommended GPL license. + +# Copyright 2024 Ian Kelling + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# ffs = ffmpeg stream + +# todo: figure out how to record mumble +# todo: get icecast on li.b8.nz +# todo: https://superuser.com/questions/1106674/how-to-add-blank-lines-above-the-bottom-in-terminal + +if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi +shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4 +set -eE -o pipefail +trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" exit status: $?, PIPESTATUS: ${PIPESTATUS[*]}" >&2' ERR + + +# 3 mountpoints: fsf-sysops (public), fsf (default, all staff), fsf-tech (tech team) +case $1 in + sysops|tech) + mount_suffix=-$1 + ;; +esac + +host=live.iankelling.org:8000 +if [[ $(dig +short @10.2.0.1 -x 10.2.0.2 2>&1 ||:) == kd.b8.nz. ]] \ + && ip n show 10.2.0.1 | grep . &>/dev/null; then + host=127.0.0.1:8000 +fi + +pass=$(sed -n 's/ *\([^<]*\).*/\1/p' /p/c/icecast.xml) + + +tmpf=$(mktemp) +xrandr >$tmpf + +# example xrandr output: 1280x800+0+0 +primary_res=$(awk '$2 == "connected" && $3 == "primary" { print $4 }' $tmpf | sed 's/+.*//') +secondary_res=$(awk '$2 == "connected" && $3 != "primary" { print $3 }' $tmpf | sed 's/+.*//') + +if [[ $secondary_res ]]; then + # assumes secondary is on the right + x_offset=${primary_res%%x*} + secondary_x=${secondary_res%%x*} + secondary_y=${secondary_res##*x} + stream_res=$(( secondary_x / 2 ))x$(( secondary_y / 2)) +else + x_offset=0 + stream_res=$primary_res +fi + + +opts=( + # nice to have: be a little less verbose + -hide_banner + -video_size $stream_res + -f x11grab + -framerate 4 + # input options come before -i + -i :0.0+$x_offset.0 + -vf drawbox=color=black + -vcodec libvpx + -g 8 + -quality realtime + -threads 2 + -error-resilient 1 + -content_type video/webm + -f webm + icecast://source:$pass@$host/fsf$mount_suffix.webm + +) + + +rm -f /tmp/iank-ffmpeg +mkfifo -m 0600 /tmp/iank-ffmpeg +echo executing: ffmpeg -stdin ${opts[@]} +# ffmpeg sits and waits until we do this. dunno why. whatever. +echo >/tmp/iank-ffmpeg & +ffmpeg ${opts[@]} > /tmp/a if (( $# == 0 )) && ! i3-msg -t get_tree | jq --stream -r 'select(.[1]|scalars!=null) | "\(.[0]|join(".")): \(.[1]|tojson)"' | grep 'marks.0: "abrowser"$' &>/dev/null; then @@ -60,7 +60,7 @@ if (( $# == 0 )) && ! i3-msg -t get_tree | jq --stream -r 'select(.[1]|scalars!= # into a single array instead of a list of arrays with [.[]], or else # it will add the arrays a bunch of times and give several results. # comm gives us just the new id. - id=$(i3-msg -t get_tree | jq -e '.nodes[].nodes[].nodes[].nodes | [.[]] + ( [.[].nodes[]]) | .[] | select(.window_properties.class=="abrowser") | .id' | comm -23 - $tmpf | head -n1) + id=$(i3-msg -t get_tree | jq -e '.nodes[].nodes[].nodes[].nodes | [.[]] + ( [.[].nodes[]]) + ( [.[].nodes[].nodes[]]) + ( [.[].nodes[].nodes[].nodes[]]) | .[] | select(.window_properties.class=="abrowser") | .id' | comm -23 - $tmpf | head -n1) rm -f $tmpf if [[ $id ]]; then i3-msg "[con_id=$id] mark abrowser" diff --git a/filesystem/usr/local/bin/ethusb-nm b/filesystem/usr/local/bin/ethusb-nm deleted file mode 100644 index 041124e..0000000 --- a/filesystem/usr/local/bin/ethusb-nm +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# I, Ian Kelling, follow the GNU license recommendations at -# https://www.gnu.org/licenses/license-recommendations.en.html. They -# recommend that small programs, < 300 lines, be licensed under the -# Apache License 2.0. This file contains or is part of one or more small -# programs. If a small program grows beyond 300 lines, I plan to switch -# its license to GPL. - -# Copyright 2024 Ian Kelling - -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at - -# http://www.apache.org/licenses/LICENSE-2.0 - -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi -shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4 -set -eE -o pipefail -trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR - -[[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@" - - -sed -i --follow-symlinks '/^[^#/]/s/^/#/' /etc/network/interfaces.d/ethusb diff --git a/filesystem/usr/local/bin/ethusb-static b/filesystem/usr/local/bin/ethusb-static deleted file mode 100644 index 97868d7..0000000 --- a/filesystem/usr/local/bin/ethusb-static +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# I, Ian Kelling, follow the GNU license recommendations at -# https://www.gnu.org/licenses/license-recommendations.en.html. They -# recommend that small programs, < 300 lines, be licensed under the -# Apache License 2.0. This file contains or is part of one or more small -# programs. If a small program grows beyond 300 lines, I plan to switch -# its license to GPL. - -# Copyright 2024 Ian Kelling - -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at - -# http://www.apache.org/licenses/LICENSE-2.0 - -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi -shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4 -set -eE -o pipefail -trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR - -[[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@" - - -shopt -s nullglob - -# we already configured the interface once, afterwards, comment and -# uncomment to enable/disable. This makes it so we don't depend on /p -# being mounted. - -if [[ -s /etc/network/interfaces.d/ethusb ]]; then - sed -i --follow-symlinks 's/^#//' /etc/network/interfaces.d/ethusb - exit 0 -fi - - -while read -r ip host mac; do - if [[ $mac != usb ]]; then - continue - fi - if [[ $host = ${HOSTNAME}c ]]; then - usbip=$ip - break - fi -done

/etc/network/interfaces.d/ethusb < /dev/null ||: if (( EPOCHSECONDS > start + 600 )); then fastcon=0 diff --git a/rootsshsync b/rootsshsync index 4767c7d..5395c44 100755 --- a/rootsshsync +++ b/rootsshsync @@ -95,3 +95,5 @@ if [[ ! -e $auth_file ]] || ! diff -q /root/.ssh/authorized_keys $auth_file; the cp -p /root/.ssh/authorized_keys $auth_file update-initramfs -u -k all fi + +rsync -tpur /p/c/subdir_files/.dsh /root diff --git a/script-files b/script-files index 712da26..e369ceb 100644 --- a/script-files +++ b/script-files @@ -45,6 +45,7 @@ my_bin_files=( prof-tail prof-notify /a/bin/newns/newns + /a/bin/fai/fai/config/distro-install-common/ethusb-static ) for f in /b/log-quiet/*; do diff --git a/subdir_files/.config/systemd/user/profanity.service b/subdir_files/.config/systemd/user/profanity.service index ed713cd..b7b9a05 100644 --- a/subdir_files/.config/systemd/user/profanity.service +++ b/subdir_files/.config/systemd/user/profanity.service @@ -11,8 +11,11 @@ Description=profanity After=gpg-agent.service [Service] -# bash is required to get colors working -ExecStart=/usr/bin/screen -S profanity -Dm /bin/bash -c profanity +# tmux requirement +Type=forking + +# new-session is a tmux command which allows launching profanity. +ExecStart=/usr/bin/tmux -L profanity new-session -d profanity [Install] WantedBy=default.target diff --git a/subdir_files/.gnupg/gpg.conf b/subdir_files/.gnupg/gpg.conf index 035415d..8c6a6f1 100644 --- a/subdir_files/.gnupg/gpg.conf +++ b/subdir_files/.gnupg/gpg.conf @@ -46,9 +46,9 @@ default-key B125F60B7B287FF6A2B7DF8F170AF0E2954295DF #keyserver hkp://keys.gnupg.net #keyserver hkp://keyserver.ubuntu.com #keyserver hkp://keyring.debian.org -#keyserver keyserver.ubuntu.com +keyserver keyserver.ubuntu.com # more secure hkps, but had problems with my gpg version -keyserver hkps://hkps.pool.sks-keyservers.net +#keyserver hkps://hkps.pool.sks-keyservers.net ### begin things added by enigmail cert-digest-algo SHA256 diff --git a/system-status b/system-status index d6269d9..ae37d3b 100755 --- a/system-status +++ b/system-status @@ -440,32 +440,30 @@ mute() { local locked export DISPLAY=:0 locked=false - if lock_info=$(xscreensaver-command -time); then + if lock_info=$(xscreensaver-command -time 2>/dev/null); then if [[ $lock_info != *non-blanked* ]]; then locked=true fi - else - locked=true - fi - midnight=$(date -d 00:00 +%s) - mdiff=$(( EPOCHSECONDS - midnight )) - if $locked && (( mdiff < 6 *60*60 || mdiff > 21 *60*60 )); then - case $(pactl get-sink-mute @DEFAULT_SINK@ | awk '{print $2}') in - no) - # for log purposes - echo muted - pactl set-sink-mute @DEFAULT_SINK@ true - ;; - esac - fi - if ! $locked && (( mdiff > 6 *60*60 || mdiff < 12 *60*60 )) && [[ ! -e /tmp/ianknap ]]; then - case $(pactl get-sink-mute @DEFAULT_SINK@ | awk '{print $2}') in - yes) - # for log purposes - echo unmuted - pactl set-sink-mute @DEFAULT_SINK@ false - ;; - esac + midnight=$(date -d 00:00 +%s) + mdiff=$(( EPOCHSECONDS - midnight )) + if $locked && (( mdiff < 6 *60*60 || mdiff > 21 *60*60 )); then + case $(pactl get-sink-mute @DEFAULT_SINK@ | awk '{print $2}') in + no) + # for log purposes + echo muted + pactl set-sink-mute @DEFAULT_SINK@ true + ;; + esac + fi + if ! $locked && (( mdiff > 6 *60*60 || mdiff < 12 *60*60 )) && [[ ! -e /tmp/ianknap ]]; then + case $(pactl get-sink-mute @DEFAULT_SINK@ | awk '{print $2}') in + yes) + # for log purposes + echo unmuted + pactl set-sink-mute @DEFAULT_SINK@ false + ;; + esac + fi fi }