From 7f6fd0df4592d8b9e8f8e88c93be185b60d027da Mon Sep 17 00:00:00 2001 From: Ian Kelling Date: Sun, 11 Jul 2021 06:38:08 -0400 Subject: [PATCH] minor improvements --- brc2 | 10 ++--- distro-end | 9 +++++ epanic-clean | 69 ++++++++++++++++++---------------- i3-sway/i3.conf | 12 ++++-- install-my-scripts | 6 ++- pkgs | 4 ++ subdir_files/.config/i3/config | 8 +++- subdir_files/.gnupg/gpg.conf | 5 +-- 8 files changed, 76 insertions(+), 47 deletions(-) diff --git a/brc2 b/brc2 index f82c3d7..b57789f 100644 --- a/brc2 +++ b/brc2 @@ -930,7 +930,7 @@ ilogs() { ilog() { chan=${1:-#fsfsys} # use * instead of -r since that does sorted order - ssh root@iankelling.org "cd /var/lib/znc/moddata/log/iank/freenode/$chan && hr && for x in *; do echo \$x; sed \"s/^./\${x%log}/\" \$x; hr; done" | less +G + ssh root@iankelling.org "cd /var/lib/znc/moddata/log/iank/libera/$chan && hr && for x in *; do echo \$x; sed \"s/^./\${x%log}/\" \$x; hr; done" | less +G } o() { @@ -1441,17 +1441,17 @@ mailnncheck() { vpncmd() { - m sudo --preserve-env=PATH -E nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n -m "$@" + m sudo env "PATH=$PATH" nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n -m "$@" } vpnf() { - vpncmd sudo --preserve-env=PATH -E -u iank abrowser -no-remote -P vpn &r + vpncmd sudo -u iank env "PATH=$PATH" abrowser -no-remote -P vpn &r } vpn2f() { - vpncmd sudo --preserve-env=PATH -E -u iank abrowser -no-remote -P vpn2 &r + vpncmd sudo -u iank env "PATH=$PATH" abrowser -no-remote -P vpn2 &r } vpni() { - vpncmd sudo --preserve-env=PATH -E -u iank "$@" + vpncmd sudo -u iank env "PATH=$PATH" "$@" } vpnbash() { vpncmd bash diff --git a/distro-end b/distro-end index e49a24e..2ca2005 100755 --- a/distro-end +++ b/distro-end @@ -588,6 +588,12 @@ case $HOSTNAME in # general vpn for as needed use vpn-server-setup -d -r -4 10.5.5 -p 443 -n hole + # todo: consider if this should exist for the + # other vpn server + teeu /etc/openvpn/server/hole.conf <<'EOF' +client-to-client +EOF + # sullivan d8 sd /etc/openvpn/client-config-hole/sd8 <<'EOF' ifconfig-push 10.5.5.41 255.255.255.0 @@ -597,6 +603,9 @@ EOF ifconfig-push 10.5.5.42 255.255.255.0 EOF + sd /etc/openvpn/client-config-hole/onep9 <<'EOF' +ifconfig-push 10.5.5.14 255.255.255.0 +EOF sd /etc/openvpn/client-config-hole/sy <<'EOF' ifconfig-push 10.5.5.12 255.255.255.0 EOF diff --git a/epanic-clean b/epanic-clean index f08d755..d75574c 100755 --- a/epanic-clean +++ b/epanic-clean @@ -20,36 +20,41 @@ if [[ ! -s /var/log/exim4/paniclog ]]; then exit 0 fi -regex="malware acl condition" -found=false -wipe=true -while read -r d1 d2; do - found=true - tmptime=$(date -d "$d1 $d2" +%s) - # dont consider every matching line, just those in > 60 second intervals - if [[ ! $logtime ]]; then - logtime=$tmptime - elif (( tmptime > logtime + 60 )); then - logtime=$tmptime - else - continue +while read -r service regex; do + found=false + wipe=true + while read -r d1 d2; do + found=true + tmptime=$(date -d "$d1 $d2" +%s) + # dont consider every matching line, just those in > 60 second intervals + if [[ ! $logtime ]]; then + logtime=$tmptime + elif (( tmptime > logtime + 60 )); then + logtime=$tmptime + else + continue + fi + sec_min=$((logtime - 60)) + sec_max=$((logtime + 60)) + jmin="$(date -d @$sec_min "+%F %H:%M:%S")" + jmax="$(date -d @$sec_max "+%F %H:%M:%S")" + description=$(systemctl cat $service | sed -rn 's/^ *Description=(.*)/\1/p') + if ! journalctl -u $service -S "$jmin" -U "$jmax" \ + | grep "Starting $description" &>/dev/null; then + wipe=false + break + fi + done < <(awk "/$regex/ "'{print $1,$2}' /var/log/exim4/paniclog) + if $found && $wipe; then + if [[ ! -w /var/log/exim4/paniclog-archive ]]; then + $s touch /var/log/exim4/paniclog-archive + $s chgrp adm /var/log/exim4/paniclog-archive + $s chmod 664 /var/log/exim4/paniclog-archive + fi + grep -E "$regex" /var/log/exim4/paniclog >> /var/log/exim4/paniclog-archive + $s sed -ri "/$regex/d" /var/log/exim4/paniclog fi - sec_min=$((logtime - 60)) - sec_max=$((logtime + 60)) - jmin="$(date -d @$sec_min "+%F %H:%M:%S")" - jmax="$(date -d @$sec_max "+%F %H:%M:%S")" - if ! journalctl -u clamav-daemon -S "$jmin" -U "$jmax" \ - | grep 'Starting Clam AntiVirus userspace daemon' &>/dev/null; then - wipe=false - break - fi -done < <(awk "/$regex/ "'{print $1,$2}' /var/log/exim4/paniclog) -if $found && $wipe; then - if [[ ! -w /var/log/exim4/paniclog-archive ]]; then - $s touch /var/log/exim4/paniclog-archive - $s chgrp adm /var/log/exim4/paniclog-archive - $s chmod 664 /var/log/exim4/paniclog-archive - fi - grep -E "$regex" /var/log/exim4/paniclog >> /var/log/exim4/paniclog-archive - $s sed -ri "/$regex/d" /var/log/exim4/paniclog -fi +done <<'EOF' +clamav-daemon malware acl condition +spamassassin spam acl condition +EOF diff --git a/i3-sway/i3.conf b/i3-sway/i3.conf index 473d8f5..222897d 100644 --- a/i3-sway/i3.conf +++ b/i3-sway/i3.conf @@ -3,10 +3,14 @@ bindsym $mod+Shift+q exec "i3-nagbar -t warning -m 'You pressed the exit shortcu bindsym $mod+Shift+p restart -# bar { -# #status_command i3status +# need this for kde connect +bar { +status_command i3status # #status_command /usr/local/bin/myi3status -# mode hide +mode hide # hidden_state hide # font pango:monospace 14 -# } +} + +exec copyq +exec /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd diff --git a/install-my-scripts b/install-my-scripts index 2848142..404cd83 100755 --- a/install-my-scripts +++ b/install-my-scripts @@ -36,5 +36,9 @@ x="$(readlink -f -- "${BASH_SOURCE[0]}")"; cd ${x%/*} # directory of this file # changed, so that should fix it. /a/bin/log-quiet/setup rsync -t --chmod=755 --chown=root:root switch-mail-host btrbk-run mount-latest-subvol \ - check-subvol-stale system-status myi3status mailtest-check /usr/local/bin + check-subvol-stale system-status myi3status mailtest-check \ + /a/bin/log-quiet/sysd-mail-once \ + btrfsmaint \ + dynamic-ip-update \ + /usr/local/bin rsync -t --chmod=755 --chown=root:root /a/bin/errhandle/err /usr/local/lib diff --git a/pkgs b/pkgs index 2aad943..bcfb321 100644 --- a/pkgs +++ b/pkgs @@ -79,6 +79,9 @@ p3=( bwm-ng ccache cloc + # pretty complex config. i just setup to ignore my password managerf + # according to the docs, and C-M-v to open the main window + copyq cpulimit cron debian-archive-keyring @@ -132,6 +135,7 @@ p3=( hplip hunspell i3lock + i3status iotop info inotify-tools diff --git a/subdir_files/.config/i3/config b/subdir_files/.config/i3/config index d029ccb..957b432 100644 --- a/subdir_files/.config/i3/config +++ b/subdir_files/.config/i3/config @@ -101,10 +101,14 @@ bindsym $mod+Shift+q exec "i3-nagbar -t warning -m 'You pressed the exit shortcu bindsym $mod+Shift+p restart +# need this for kde connect bar { status_command i3status -#status_command /usr/local/bin/myi3status +# #status_command /usr/local/bin/myi3status mode hide -hidden_state hide +# hidden_state hide # font pango:monospace 14 } + +exec copyq +exec /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd diff --git a/subdir_files/.gnupg/gpg.conf b/subdir_files/.gnupg/gpg.conf index c764ca7..9868101 100644 --- a/subdir_files/.gnupg/gpg.conf +++ b/subdir_files/.gnupg/gpg.conf @@ -42,12 +42,11 @@ default-key B125F60B7B287FF6A2B7DF8F170AF0E2954295DF #keyserver hkp://keys.openpgp.org #keyserver hkp://pgp.mit.edu #keyserver hkp://keyserver.pgp.com -keyserver hkp://ipv4.pool.sks-keyservers.net +#keyserver hkp://ipv4.pool.sks-keyservers.net #keyserver hkp://keys.gnupg.net -#keyserver hkp://keyserver.ubuntu.com +keyserver hkp://keyserver.ubuntu.com #keyserver hkp://keyring.debian.org #keyserver keyserver.ubuntu.com - # more secure hkps, but had problems with my gpg version #keyserver hkps://hkps.pool.sks-keyservers.net -- 2.30.2