2 # Copyright (C) 2019 Ian Kelling
3 # SPDX-License-Identifier: AGPL-3.0-or-later
4 # this gets sourced. shebang is just for file mode detection
9 if [[ $HISTFILE ]]; then
13 source /a
/bin
/distro-setup
/path-add-function
15 # add this with absolute paths as needed for better security
16 #path-add --end /path/to/node_modules/.bin
18 #path-add --end /usr/lib/node_modules/corepack/shims/
20 # pip3 --user things go here:
21 path-add
--end ~
/.local
/bin
22 path-add
--ifexists --end /a
/work
/libremanage
23 path-add
--ifexists --end /a
/opt
/adt-bundle
*/tools
/a
/opt
/adt-bundle
*/platform-tools
24 path-add
--ifexists --end /a
/opt
/scancode-toolkit-3.10.
28 # https://askubuntu.com/questions/1254544/vlc-crashes-when-opening-any-file-ubuntu-20-04
29 if grep -qE '^VERSION_CODENAME="(nabia|focal)"' /etc
/os-release
&>/dev
/null
; then
30 export MESA_LOADER_DRIVER_OVERRIDE
=i965
41 SL_SSH_ARGS
="-F $HOME/.ssh/confighome"
48 # generated instead of dynamic for the benefit of shellcheck
49 #for x in /a/bin/distro-functions/src/* /a/bin/!(githtml)/*-function?(s); do echo source $x ; done
50 source /a
/bin
/distro-functions
/src
/identify-distros
51 source /a
/bin
/log-quiet
/logq-function
52 # for x in /a/bin/bash_unpublished/source-!(.#*); do echo source $x; done
53 source /a
/bin
/bash_unpublished
/source-semi-priv
54 source /a
/bin
/bash_unpublished
/source-state
56 source /a
/bin
/log-quiet
/logq-function
57 if [[ -s /a
/opt
/alacritty
/extra
/completions
/alacritty.bash
]]; then
58 source /a
/opt
/alacritty
/extra
/completions
/alacritty.bash
68 m pactl unload-module module-loopback
69 m pactl unload-module module-null-sink
70 m pactl unload-module module-remap-source
72 sources
=($
(pacmd list-sources |
sed -rn 's/.*name: <([^>]+).*/\1/p'))
76 for s
in ${sources[@]}; do
83 m pactl load-module module-null-sink sink_name
=ianinput sink_properties
=device.description
=ianinputs
85 m pactl load-module module-loopback
source=${sources[i]} sink_dont_move
=true sink
=ianinput
87 pactl load-module module-remap-source source_name
=iancombine master
=ianinput.monitor source_properties
=device.description
=iancombine
91 # For testing restrictive ssh.
95 sed '/^ *IdentityFile/d' ~
/.ssh
/config
>$d/config
96 s
command ssh -F $d/config
-i /q
/root
/h
"$@"
100 # For testing restrictive rsync
104 sed '/^ *IdentityFile/d' ~
/.ssh
/config
>$d/config
105 s rsync
-e "ssh -F $d/config -i /q/root/h" "$@"
108 # rsync as root and avoid the default restrictive h key & config.
110 s rsync
-e "ssh -F /root/.ssh/confighome" "$@"
114 s
ssh bow DISPLAY
=:0 scrot
/tmp
/oegu.jpg
115 s scp bow
:/tmp
/oegu.jpg
/t
116 s
ssh bow
rm /tmp
/oegu.jpg
124 if [[ $arg == [89]0Etiona
* ]]; then
126 rtime
=${arg#*Etiona} # remote time
127 if [[ ! $rtime ]]; then
130 dir
=/a
/opt
/emacs-trisquel
${v}-nox/.iank
131 ltime
=$
(stat
-c%Y
$dir/e
/e
/.emacs.d
/init.el
)
132 if (( ltime
> rtime
)); then
133 m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" $dir "$remote":/home
/iank
139 local f
=/home
/iank
/.emacs.d
/init.el
140 sl
--sl-test-cmd ". /etc/os-release ; printf %s \${VERSION//[^a-zA-Z0-9]/}; test -e $f && stat -c%Y $f" --sl-test-hook slemacs
"$@"
144 # Run this manually after .emacs.d changes. Otherwise, to check if
145 # files changed with find takes 90ms. sl normally only adds 25ms. We
146 # could cut it down to 10ms if we put things on a btrfs filesystem and
147 # looked for changes there, or used some inotify thing, but that seems
148 # like too much work.
149 egh
() { # emacs gnuhope
150 RSYNC_RSH
=ssh m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" /a
/opt
/emacs-trisquel9-nox
/.iank lists2d.fsf.org
:.ianktrisquel_9
151 RSYNC_RSH
=ssh m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" /a
/opt
/emacs-trisquel8-nox
/.iank lists2d.fsf.org
:/home
/iank
154 local shell
="bash -s"
155 if [[ $HOSTNAME != kw
]]; then
156 shell
="ssh kw.office.fsf.org"
160 sudo mkdir /root/.ianktrisquel_9
161 sudo rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel9-nox/.iank /root/.ianktrisquel_9
162 rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel8-nox/.iank /home/iank
166 rm-docker-iptables
() {
167 s iptables
-S | gr docker | gr
-- -A |
sed 's/-A/-D/'|
while read -r l
; do sudo iptables
$l; done
168 s iptables
-S -t nat | gr docker | gr
-- -A |
sed 's/-A/-D/'|
while read -r l
; do sudo iptables
-t nat
$l; done
169 s iptables
-S | gr docker | gr
-- -N |
sed 's/-N/-X/'|
while read -r l
; do sudo iptables
$l; done
170 s iptables
-S -t nat | gr docker | gr
-- -N |
sed 's/-N/-X/'|
while read -r l
; do sudo iptables
-t nat
$l; done
173 # usage mkschroot [-] distro codename packages
174 # - means no piping in of sources.list
177 while [[ $1 == -* ]]; do
179 -f) force
=true
; shift ;;
182 if [[ ! -s $sources ]]; then
183 echo mkschroot
: error
: sources
file $sources does not exist or is empty
194 repo
=http
://mirror.fsf.org
/trisquel
/
197 repo
=http
://archive.ubuntu.com
/ubuntu
/
200 repo
=http
://deb.debian.org
/debian
/
206 if ! $force && schroot
-l |
grep -xFq chroot
:$n; then
207 echo "$0: $n schroot already installed, skipping"
212 sd
/etc
/schroot
/chroot.d
/$n.conf
<<EOF
218 preserve-environment=true
222 if [[ ! -e $d/bin
]]; then
224 # resolvconf otherwise schroot fails with
225 # cp: not writing through dangling symlink '/var/run/schroot/mount/flidas-7a2362e0-81b3-4848-92c1-610203ef5976/etc/resolv.conf'
226 sudo debootstrap
--exclude=resolvconf
$n $d $repo
228 if [[ $sources ]]; then
229 sudo
install -m 644 $sources $d/etc
/apt
/sources.list
231 sudo chroot
$d apt-get update
232 sudo DEBIAN_FRONTEND
=noninteractive chroot
$d apt-get
-y dist-upgrade
--purge --auto-remove
233 sudo
cp -P {,$d}/etc
/localtime
234 if (( ${#apps[@]} )); then
235 sudo DEBIAN_FRONTEND
=noninteractive schroot
-c $n -- apt-get
install --allow-unauthenticated -y ${apps[@]}
240 # note: this is incomplete and untested.
241 # https://wiki.archlinux.org/index.php/Install_Arch_Linux_from_existing_Linux#Creating_a_chroot
244 mirror
=https
://mirrors.edge.kernel.org
/archlinux
/iso
/latest
/
245 tarball
=$
(curl
-s $mirror |
sed -nr 's/.*"(archlinux-bootstrap-.*-x86_64.tar.gz)".*/\1/p')
246 wget
-O /tmp
/arch.
tar.gz https
://mirrors.edge.kernel.org
/archlinux
/iso
/latest
/$tarball
247 s mkdir
-p /nocow
/schroot
/arch
248 cd _
/nocow
/schroot
/arch
249 s
sed -i '/## United States/,/^$/s,^#,,' etc
/pacman.d
/mirrorlist
250 # error: could not determine cachedir mount point /var/cache/pacman/pkg
251 s
sed -i /^CheckSpace
/d etc
/pacman.conf
252 chroot .
/bin
/bash
-s <<'EOF'
254 pacman-key --populate archlinux
257 # example of building an aur package:
258 # pacman -Sy base-devel wget
260 # f=$target/etc/sudoers
261 # line='iank ALL=(ALL) NOPASSWD: ALL'
262 # if [[ ! -e $f ]] || ! grep -xF "$line" $f; then
266 # wget https://aur.archlinux.org/cgit/aur.git/snapshot/anbox-image-gapps.tar.gz
267 # tar xzf anbox-image-gapps.tar.gz
268 # cd anbox-image-gapps
273 # clock back in to timetrack from last entry
275 sqlite3
/p
/.timetrap.db
"update entries set end = NULL where id = (select max(id) from entries);"
279 # s sshfs bu@$host:/bu/home/md /bu/mnt -o reconnect,ServerAliveInterval=20,ServerAliveCountMax=30 -o allow_other
282 enn
-M $
(exiqgrep
-i -r.\
*)
285 enn
-M $
(exipick
-i -r.\
*|h1
)
290 /a
/f
/gnulib
/build-aux
/gnupload
"$@"
296 f
=(/p
/c
/firefox
*/compatibility.ini
)
297 if (( ${#f[@]} )); then
303 if shopt nullglob
>/dev
/null
; then
317 s checkrestart
-b /a
/bin
/ds
/checkrestart-blacklist
-pv
320 cp-blocked-domains-to-brains
() {
321 cp /a
/f
/ans
/roles
/exim
/files
/mx
/simple
/etc
/exim
4/bad-sender_domains
/a
/f
/brains
/sysadmin
/kb
/blocked_email_domains.mdwn
323 cp-blocked-domains-to-ansible
() {
324 cp /a
/f
/brains
/sysadmin
/kb
/blocked_email_domains.mdwn
/a
/f
/ans
/roles
/exim
/files
/mx
/simple
/etc
/exim
4/bad-sender_domains
329 # crashes on adding new cards in t9
330 schroot
-c buster
-- anki
335 hrcat
/m
/md
/alerts
/{cur
,new
}/*
338 ssh bk.b8.nz
"shopt -s nullglob; hrcat /m/md/INBOX/new/* /m/md/INBOX/cur/*"
342 rm -f /m
/md
/alerts
/{cur
,new
}/*
344 ssh bk.b8.nz
"shopt -s nullglob; rm -f /m/md/INBOX/new/* /m/md/INBOX/cur/*"
349 find /var
/local
/cron-errors
/home
/iank
/cron-errors
/sysd-mail-once-state
-type f
351 ralerts
() { # remote alerts
353 # this list is duplicated in check-remote-mailqs
354 for h
in bk je li frodo kwwg x3wg x2wg kdwg sywg
; do
357 if [[ $HOSTNAME == "${h%wg}" ]]; then
361 $shell find /var
/local
/cron-errors
/home
/iank
/cron-errors
/sysd-mail-once-state
-type f || ret
=$?
369 # pushd in case current directory has an ansible.cfg file
370 pushd /a
/xans
>/dev
/null
371 ansible-playbook
-v -l ${1:- $(hostname -f)} site.yml
375 pushd /a
/work
/ans
>/dev
/null
376 time ansible-playbook
-v -i inventory adhoc.yml
"$@"
380 pushd /a
/bin
/distro-setup
/a
>/dev
/null
381 ansible-playbook site.yml
"$@"
386 # googling android emulator libGL error: failed to load driver: r600
387 # lead to http://stackoverflow.com/a/36625175/14456
388 export ANDROID_EMULATOR_USE_SYSTEM_LIBS
=1
389 /a
/opt
/android-studio
/bin
/studio.sh
"$@" &r
;
392 # note, to check for glue records
393 # First, find some the .org nameservers:
394 # dig +trace iankelling.org
396 # dig ns1.iankelling.org @b0.org.afilias-nst.org.
398 # Now, compare for a domain that does have glue records setup (note the A
399 # and AAAA records in ADDITIONAL SECTION, those are glue records like the
400 # one I'm asking for):
402 # $ dig ns1.gnu.org @b0.org.afilias-nst.org.
404 # todo: make sm pull/push use systemd instead of the journal cat command
405 bbk
() { # btrbk wrapper
409 systemctl is-active btrbk.timer || active
=false
413 btrbk_is_active
=$
(systemctl is-active btrbk.service ||
:)
414 case $btrbk_is_active in
415 inactive|failed
) : ;;
417 echo "bbk: error: systemctl is-active btrbk.service output: $btrbk_is_active"
418 if $active; then ser start btrbk.timer
; fi
424 # todo: consider changing this to srun and having the args come
425 # from a file like /etc/default/btrbk, like is done in exim
426 s jrun btrbk-run
"$@"
429 echo bbk
: WARNING
: btrbk.timer not restarted due to failure
431 ser start btrbk.timer
438 fai-monitor | pee
cat "fai-monitor-gui -"
441 bfg
() { java
-jar /a
/opt
/bfg-1.12
.14.jar
"$@"; }
444 xclock
-digital -update 1 -face 'arial black-80:bold'
447 nnn
() { /a
/opt
/nnn
-H "$@"; }
449 locat
() { # log-once cat
452 files
=(/var
/local
/cron-errors
/* /home
/iank
/cron-errors
/* /sysd-mail-once-state
/*)
466 # duplicated somewhat below.
467 jrun
() { # journal run. run args, log to journal, tail and grep the journal.
468 # Note, an alternative without systemd would be something like ts.
469 # Note, I tried using systemd-cat, but this seems obviously better,
470 # and that seemed to have a problem exiting during a systemctl daemon-reload
471 local cmd_name jr_pid s
475 if [[ $cmd != /* ]]; then
478 journalctl
-qn2 -f -u "$cmd_name" &
479 # Guess of time needed to avoid missing initial lines.
480 # .5 was not reliable. 1 was not reliable. 2 was not reliable
482 # We kill this in prompt-command for the case that we ctrl-c the
483 # systemd-cat. i dont know any way to trap ctrl-c and still run the
484 # normal action for it. There might be a way, unsure.
486 # note, we could have a version that does system --user, but if for example
487 # it does sudo ssh, that will leave a process around that we can't kill
488 # and it will leave the unit hanging around in a failed state needing manual
489 # killing of the process.
490 m s systemd-run
--uid $
(id
-u) --gid $
(id
-g) \
491 -E SSH_AUTH_SOCK
=/run
/openssh_agent \
492 --unit "$cmd_name" --wait --collect "$cmd" "${@:2}" || ret
=$?
493 # This justs lets the journal output its last line
494 # before the prompt comes up.
496 kill $jr_pid &>/dev
/null ||
:
500 # service run, and watch the output
505 journalctl
-qn2 -f -u $unit &
506 systemctl start
$unit
508 kill $jr_pid &>/dev
/null ||
:
513 sm
() { # switch mail host
517 keyhash
=$
(s ssh-keygen
-lf /root
/.ssh
/home |
awk '{print $2}')
518 tmp
=$
(s ssh-add
-l |
awk '$2 == "'$keyhash'"')
519 if [[ ! $tmp ]]; then
520 s ssh-add
/root
/.ssh
/home
523 s jrun switch-mail-host
"$@"
526 sh2
() { # switch host2
530 keyhash
=$
(s ssh-keygen
-lf /root
/.ssh
/home |
awk '{print $2}')
531 tmp
=$
(s ssh-add
-l |
awk '$2 == "'$keyhash'"')
532 if [[ ! $tmp ]]; then
533 s ssh-add
/root
/.ssh
/home
536 s jrun switch-host2
"$@"
540 # shellcheck disable=SC2120
542 # note, i had --delete-excluded, but that deletes all files in --exclude-from on
543 # the remote site, which doesn't make sense, so not sure why i had it.
545 # excluding emacs for now
546 #p=(/a/opt/{emacs-debian11{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts})
547 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
548 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
550 for h
in li je bk
; do
551 m s rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/$h root@
$h.b8.nz
:/
552 ## only li is debian11
553 #p[0]=/a/opt/emacs-trisuqel10
554 #p[1]=/a/opt/emacs-trisquel10-nox
556 m s rsync
"$@" -ahviSAXPH root@li.b8.nz
:/a
/h
/proposed-comments
/ /a
/h
/proposed-comments || ret
=$?
559 bkpush
() { # no emacs. for running faster.
560 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
561 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
563 m rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/bk root@bk.b8.nz
:/ || ret
=$?
566 jepush
() { # no emacs. for running faster.
567 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
568 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
570 m rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/je root@je.b8.nz
:/ || ret
=$?
575 dsign iankelling.org expertpathologyreview.com zroe.org amnimal.ninja
599 local f
=/var
/lib
/bind
/db.b8.nz
602 m sudo
rm -fv $f.jnl
$f.signed.jnl
603 m sudo
install -m 644 -o bind -g bind /p
/c
/machine_specific
/vps
/bind-initial
/db.b8.nz
$f
607 # keys generated like this
608 # because of https://ftp.isc.org/isc/dnssec-guide/dnssec-guide.pdf
609 # https://blog.apnic.net/2019/05/23/how-to-deploying-dnssec-with-bind-and-ubuntu-server/
611 # key length is longer than that guide because
612 # we are using those at fsf and when old key lengths
613 # become insecure, I want some extra time to update.
617 dnssec-keygen
-a RSASHA256
-b 2048 $zone
618 dnssec-keygen
-f KSK
-a RSASHA256
-b 4096 $zone
619 for f
in K
$zone.
*.key
; do
620 # eg Kb8.nz.+008+47995.key tag=47995
621 # in dnsimple, you add the long string from this.
622 # in gandi, you add the long string from the .key file,
623 # then see that the digest matches the ds.
624 echo "tag is the number after DS"
625 dnssec-dsfromkey
-a SHA-256
$f
627 # For b8.nz, we let bind read the keys and sign, and
628 # right now they have root ownership, so let them
633 # create .signed file
634 # note: full paths probably not needed.
637 local zone
=${arg#db.}
638 local dir
=/p
/c
/machine_specific
/vps
/filesystem
/var
/lib
/bind
639 dnssec-signzone
-S -e +31536000 -o $zone -K $dir -d $dir $dir/db.
$zone
644 #### begin bitcoin related things
646 local f
=/etc
/bitcoin
/bitcoin.conf
647 # importprivkey will timeout if using the default of 15 mins.
648 # upped it to 1 hour.
649 bitcoin-cli
-rpcclienttimeout=60000 -$
(s
grep rpcuser
= $f) -$
(s
grep rpcpassword
= $f) "$@"
651 btcusd
() { # $1 btc in usd
653 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
654 printf "$%s\n" "$price"
656 printf "$%.2f\n" "$(echo "scale
=4; $price * $1"| bc -l)"
659 usdbtc
() { # $1 usd in btc
661 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
662 printf "$%s\n" "$price"
664 # 100 mil satoshi / btc. 8 digits after the 1.
665 printf "%.8f btc\n" "$(echo "scale
=10; $1 / $price "| bc -l)"
668 satoshi
() { # $1 satoshi in usd
670 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
671 price
=$
(echo "scale=10; $price * 0.00000001"|
bc -l)
672 printf "$%f\n" "$price"
674 printf "$%.2f\n" "$(echo "scale
=10; $price * $1"| bc -l)"
677 #### end bitcoin related things
681 cbfstool
() { /a
/opt
/coreboot
/build
/cbfstool
"$@"; }
687 cp /a
/bin
/data
/COPYING
"$@"
689 cp /a
/bin
/data
/COPYING .
696 cp /a
/bin
/data
/LICENSE
"$@"
698 cp /a
/bin
/data
/LICENSE .
703 if type -p chromium
&>/dev
/null
; then
707 cmd
="schroot -c bullseye chromium"
708 CHROMIUM_FLAGS
='--enable-remote-extensions' $cmd &r
714 # pipe to this, or just type like a shell
717 tee >(ssh frodo.b8.nz
) >(ssh x2
) >(ssh tp.b8.nz
) >(ssh kw
) >(ssh tp.b8.nz
)
721 for host in x2 kw tp.b8.nz x3.b8.nz frodo.b8.nz
; do
727 debian_pick_mirror
() {
728 # netselect-apt finds a fast mirror.
729 # but we need to replace the mirrors ourselves,
730 # because it doesnt do that. best it can do is
731 # output a basic sources file
732 # here we get the server it found, get the main server we use
733 # then substitute all instances of one for the other in the sources file
734 # and backup original to /etc/apt/sources.list-original.
735 # this is idempotent. the only way to identify debian sources is to
736 # note the original server, so we put it in a comment so we can
739 file=$
(mktemp
-d)/f
# safe way to get file name without creating one
740 sudo netselect-apt
-o "$file" ||
return 1
741 url
=$
(grep ^
\\w
$file |
head -n1 |
awk '{print $2}')
742 sudo
cp -f /etc
/apt
/sources.list
/etc
/apt
/sources.list-original
743 sudo
sed -ri "/http.us.debian.org/ s@( *[^ #]+ +)[^ ]+([^#]+).*@\1$url\2# http.us.debian.org@" /etc
/apt
/sources.list
747 digdiff @ns
{1,2}.iankelling.org
"$@"
751 "$@" |
& ts ||
return $?
761 /b
/ds
/distro-begin |
& ts ||
return $?
762 /b
/ds
/distro-end |
& ts ||
return $?
768 /b
/ds
/distro-begin |
& ts ||
return $?
774 /b
/ds
/distro-end |
& ts ||
return $?
787 envload
() { # load environment from a previous: export > file
788 local file=${1:-$HOME/.${USER}_env}
789 eval "$(export | sed 's/^declare -x/export -n/')"
790 while IFS
= read -r line
; do
791 # declare -x makes variables local to a function
792 eval ${line/#declare -x/export}
796 failfunc
() { asdf a b c
; }
797 failfunc2
() { failfunc d e f
; }
799 # one that comes with distros is too old for newer devices
801 /a
/opt
/android-platform-tools
/fastboot
"$@";
804 kdecd
() { /usr
/lib
/x86_64-linux-gnu
/libexec
/kdeconnectd
; }
807 cat /sys
/class
/power_supply
/BAT
0/capacity
810 # List of apps to install/update
811 # Create from existing manually installed apps by doing
813 # fdroidcl search -i, then manually removing
814 # automatically installed/preinstalled apps
817 # # my attempt at recovering from boot loop:
818 # # in that case, boot to recovery (volume up, home button, power, let go of power after samsun logo)
820 # mount /dev/block/mmcblk0p12 /data
822 # find -iname '*appname*'
824 # usually good enough to just rm -rf /data/app/APPNAME
827 # # causes replicant to crash
828 # org.quantumbadger.redreader
829 # org.kde.kdeconnect_tp
831 # not broke, but wont work without gps
832 #com.zoffcc.applications.zanavi
833 # not broke, but not using atm
834 #com.nutomic.syncthingandroid
835 # # doesn\'t work on replicant
836 #net.sourceforge.opencamera
839 net.mullvad.mullvadvpn
841 io.github.subhamtyagi.lastlauncher
843 com.biglybt.android.client
844 de.marmaro.krt.ffupdater
845 me.ccrama.redditslide
846 org.fedorahosted.freeotp
848 com.alaskalinuxuser.justnotes
849 com.artifex.mupdf.viewer.app
850 com.danielkim.soundrecorder
853 com.jmstudios.redmoon
855 org.kde.kdeconnect_tp
858 cz.martykan.forecastie
861 de.marmaro.krt.ffupdater
862 eu.siacs.conversations
864 im.vector.alpha
# riot
866 me.tripsit.tripmobile
868 net.minetest.minetest
873 org.smssecure.smssecure
875 sh.
ftp.rocketninelabs.meditationassistant.opensource
877 # https://forum.xda-developers.com/android/software-hacking/wip-selinux-capable-superuser-t3216394
882 local -A installed updated
884 # tried putting this in go buildscript cronjob,
885 # but it failed with undefined: os.UserCacheDir. I expect its due to
886 # an environment variable missing, but its easier just to stick it here.
887 m go get
-u mvdan.cc
/fdroidcl ||
return 1
889 if fdroidcl search
-u |
grep ^org.fdroid.fdroid
; then
890 fdroidcl
install org.fdroid.fdroid
894 for p
in $
(fdroidcl search
-i|
grep -o "^\S\+"); do
897 for p
in $
(fdroidcl search
-u|
grep -o "^\S\+"); do
900 for p
in ${fdroid_pkgs[@]}; do
901 if ! ${installed[$p]:-false}; then
902 m fdroidcl
install $p
903 # sleeps are just me being paranoid since replicant has a history of crashing when certain apps are installed
907 for p
in ${!installed[@]}; do
908 if ! ${updated[$p]:-true}; then
909 m fdroidcl
install $p
915 firefox-default-profile
() {
916 key
=Default value
=1 section
=$1
917 file=/p
/c
/subdir_files
/.mozilla
/firefox
/profiles.ini
918 sed -ri "/^ *$key/d" "$file"
919 sed -ri "/ *\[$section\]/,/^ *\[[^]]+\]/{/^\s*$key[[:space:]=]/d};/ *\[$section\]/a $key=$value" "$file"
921 fdhome
() { #firefox default home profile
922 firefox-default-profile Profile0
926 firefox-default-profile Profile4
930 if type -P firefox
&>/dev
/null
; then
938 firefox
-P alt
"$@" >/dev
/null
2>&1
944 local dname
="${PWD##*/}"
945 local m
="/a/tmp/$dname-missing"
946 local d
="/a/tmp/$dname-diff"
947 [[ -e $d ]] && rm "$d"
948 [[ -e $m ]] && rm "$m"
951 while read -r line
; do
953 if [[ -e "$fsfile" ]]; then
954 md5diff
"$line" "$fsfile" && tee -a "/a/tmp/$dname-diff" <<< "$fsfile $line"
960 done < <(find .
-type f
)
963 (( msize
<= 100 )) && cat $m
967 # expected output, with different tmp dirs
968 # /tmp/tmp.HDPbwMqdC9/c/d ./c/d
969 # /a/tmp/tmp.qLDkYxBYPM-missing
979 echo different
> $x/c
/d
984 # test whether missing files were renamed, generally for use with fsdiff
985 # $1 = fsdiff output file, $2 = directory to compare to. pwd = fsdiff dir
986 # echos non-renamed files
990 { sums
+=( "$(md5sum < "$x")" ) ; } 2>/dev
/null
992 while read -r line
; do
993 { missing_sum
=$
(md5sum < "$line") ; } 2>/dev
/null
995 for x
in "${sums[@]}"; do
996 if [[ $missing_sum == "$x" ]]; then
1001 $renamed ||
echo "$line"
1007 # F = fullscren, z = random, Z = auto zoom
1008 command feh
-FzZ "$@"
1014 firefox
-P default
"$@" >/dev
/null
2>&1
1018 git config user.email ian@iankelling.org
1021 # at least in flidas, things rely on gpg being gpg1
1023 if type -P gpg2
&>/dev
/null
; then
1031 local email
=ian@iankelling.org
1032 git send-email
--notes "--envelope-sender=<$email>" \
1033 --suppress-cc=self
"$@"
1036 gup
() { /a
/f
/gnulib
/build-aux
/gnupload
"$@"; }
1038 dejagnu
() { /a
/opt
/dejagnu
/dejagnu
"$@"; }
1041 # do git status on published repos.
1044 cd $
(readlink
-f $x)/..
1045 status
=$
(i status
-s) ||
pwd
1046 if [[ $status ]]; then
1049 printf "%s\n" "$status"
1058 for (( i
=0; i
<60; i
++ )); do
1059 day
=$
( date +%F
-d @$
((EPOCHSECONDS
- 86400*i
)) )
1060 date "+%a %b %d" -d @$
((EPOCHSECONDS
- 86400*i
)) |
tr '\n' ' '
1061 /a
/opt
/timetrap
/bin
/t d
-ftotal -s $day -e $day all
-m '^w|lunch$'
1064 to
() { t out
-a "$@"; }
1065 ti
() { t
in -a "$@"; }
1070 m t out
-a $
(date +%F.
%T
-d @$
(( $
(date -d "$(echo $*|sed 's/[_.]/ /g')" +%s
) + 60*45 )) )
1074 arbttlog
() { arbtt-dump
"$@" |
grep -v '( )\|Current Desktop' |
sed -rn '/^[^ ]/{N;s/^(.{21})([0-9]*)[0-9]{3}m.*\(\*/\1\2/;s/^(.{21})[0-9]*.*\(\*/\1/;s/\n//;p}' ; }
1077 /a
/opt
/idea-IC-163.7743
.44/bin
/idea.sh
"$@" &r
1081 ssh root@iankelling.org
"cd /var/lib/znc/moddata/log/iank/freenode/ && hr && for x in \#$1/*; do base=\${x##*/}; files=(); for f in $@; do tmp=\#\$f/\$base; if [[ -e \$tmp ]]; then files+=(\#\$f/\$base); fi; done; sed \"s/^./\${base%log}/\" \${files[@]}|sort -n; hr; done"
1086 # use * instead of -r since that does sorted order
1087 ssh root@iankelling.org
"for n in freenode libera; do cd /var/lib/znc/moddata/log/iank/\$n/$chan && hr && for x in *; do echo \$x; sed \"s/^./\${x%log}/\" \$x; hr; done; done" |
less +G
1091 if type gio
&> /dev
/null
; then
1093 elif type gvfs-open
&> /dev
/null
; then
1098 # another alternative is run-mailcap
1103 # grep -Evi -e "^(\S+\s+){4}(sudo|sshd|cron)\[\S*:" \
1104 # -e "^(\S+\s+){4}systemd\[\S*: (starting|started) (btrfsmaintstop|dynamicipupdate|spamd dns bug fix cronjob|rss2email)\.*$"
1107 # journalctl -n 10000 -f "$@" | jfilter
1109 # jr() { journalctl "$@" | jfilter | less ; }
1110 # jrf() { journalctl -n 200 -f "$@" | jfilter; }
1112 jr
() { journalctl
"$@" ; }
1113 jrf
() { journalctl
-n 200 -f "$@" ; }
1116 ccomp journalctl jtail jr jrf
1118 kff
() { # keyboardio firmware flash. you must hold down the tilde key
1119 pushd /a
/opt
/Model01-Firmware
1120 # if we didn't want this yes hack, then remove "shell read" from
1121 # /a/opt/Kaleidoscope/etc/makefiles/sketch.mk
1122 yes $
'\n' | VERBOSE
=1 make flash
1127 local umask_orig name
1128 if (( $# != 1 )); then
1129 e expected
1 arg
>&2
1135 wg genkey |
tee $name-priv.key | wg pubkey
> $name-pub.key
1139 if (( $# != 2 )); then
1140 e expected
2 arg of hostname
, ip suffix
>&2
1143 local host ipsuf umask_orig
1146 mkdir
-p /p
/c
/machine_specific
/$host/filesystem
/etc
/wireguard
1147 cd /p
/c
/machine_specific
/$host/filesystem
/etc
/wireguard
1150 wg genkey |
tee hole-priv.key | wg pubkey
> hole-pub.key
1151 cat >wghole.conf
<<EOF
1153 # contents hole-priv.key
1154 PrivateKey = $(cat hole-priv.key)
1156 Address = 10.8.0.$ipsuf/24
1157 # https://dev.to/tangramvision/what-they-don-t-tell-you-about-setting-up-a-wireguard-vpn-1h2g
1158 # ||: makes the systemd service not fail due to the failed command
1159 PostUp = ping -c1 10.8.0.1 ||:
1162 # li. called wgmail on that server
1163 PublicKey = CTFsje45qLAU44AbX71Vo+xFJ6rt7Cu6+vdMGyWjBjU=
1164 AllowedIPs = 10.8.0.0/24
1165 Endpoint = 72.14.176.105:1194
1166 PersistentKeepalive = 25
1169 # old approach. systemd seems to work fine and cleaner.
1170 rm -f ..
/network
/interfaces.d
/wghole
1171 cedit
-q $host /p
/c
/machine_specific
/li
/filesystem
/etc
/wireguard
/wgmail.conf
<<EOF || [[ $? == 1 ]]
1173 PublicKey = $(cat hole-pub.key)
1174 AllowedIPs = 10.8.0.$ipsuf/32
1180 mns
() { # mount namespace
1183 s mkdir
-p /root
/mount_namespaces
1184 if ! sudo mountpoint
/root
/mount_namespaces
>/dev
/null
; then
1185 m sudo mount
--bind /root
/mount_namespaces
/root
/mount_namespaces
1187 m sudo mount
--make-private /root
/mount_namespaces
1188 if [[ ! -e /root
/mount_namespaces
/$ns ]]; then
1189 m sudo
touch /root
/mount_namespaces
/$ns
1191 if ! sudo mountpoint
/root
/mount_namespaces
/$ns >/dev
/null
; then
1192 m sudo unshare
--propagation slave
--mount=/root
/mount_namespaces
/$ns /bin
/true
1194 m sudo
-E /usr
/bin
/nsenter
--mount=/root
/mount_namespaces
/$ns "$@"
1200 mns
$ns sudo
-u iank
-E env
"PATH=$PATH" "$@"
1205 if ! s ip netns list |
grep -Fx nonet
&>/dev
/null
; then
1206 s ip netns add nonet
1208 mns
$ns --net=/var
/run
/netns
/nonet sudo
-E -u iank
/bin
/bash
1214 # l = the loopback device
1216 if [[ $1 == /* ]]; then
1219 if mns
$base mountpoint
-q /mnt
/$base; then
1222 l
=$
(losetup
-j $fs_file |
sed -rn 's/^([^ ]+): .*/\1/p' |
head -n1 ||
:)
1224 l
=$
(sudo losetup
-f)
1225 m sudo losetup
$l $fs_file
1227 if ! sudo cryptsetup status
/dev
/mapper
/$base &>/dev
/null
; then
1228 if ! sudo cryptsetup luksOpen
$l $base; then
1229 m sudo losetup
-d $l
1233 m sudo mkdir
-p /mnt
/$base
1234 m mns
$base mount
/dev
/mapper
/$base /mnt
/$base
1235 m mns
$base chown
$USER:$USER /mnt
/$base
1239 if mns
$base mountpoint
/mnt
/$base &>/dev
/null
; then
1240 m mns
$base umount
/mnt
/$base
1242 if sudo cryptsetup status
/dev
/mapper
/$base &>/dev
/null
; then
1243 if ! m sudo cryptsetup luksClose
/dev
/mapper
/$base; then
1244 echo lom
: failed cryptsetup luksClose
/dev
/mapper
/$base
1248 l
=$
(losetup
-l --noheadings |
awk '$6 ~ /\/'$base'$/ {print $1}')
1250 m sudo losetup
-d $l
1252 echo lom
: warning
: no loopback device found
1257 # mu personality. for original, just run mp. for 2, run mp 2.
1258 # this is partly duplicated in mail-setup
1262 if ! killall mu
; then
1269 echo error
: mu not dead
1274 set -- /m
/mucache ~
/.cache
/mu
/m
/.mu ~
/.config
/mu
1279 if [[ -e $f && ! -L $f ]]; then
1282 m
ln -sf -T $target $f
1286 # these might need a mu index or something added.
1291 [[ -e $src ]] ||
{ echo "src:$src does not exist"; return 1; }
1293 m
ln -s -T $dst $src
1301 if [[ ! -e $src ||
-L $src ]]; then
1304 [[ -e $src ]] ||
{ echo "src:$src does not exist"; return 1; }
1306 m
ln -sf -T $dst $link
1314 [[ -e $src ]] ||
{ set +x
; return 1; }
1315 if [[ -L $dst ]]; then rm $dst; fi
1324 [[ -e $src ]] ||
{ set +x
; return 1; }
1325 if [[ -L $dst ]]; then rm $dst; fi
1332 markdown
"$1" >/tmp
/mdtest.html
1333 firefox
/tmp
/mdtest.html
1336 mo
() { xset dpms force off
; } # monitor off
1339 # seems to be the best gpu decoding on my nvidia 670.
1340 # vlc gets similar or better framerate, but is much darker output on my test movie at least.
1345 echo 0f | sudo
tee -a /sys
/kernel
/debug
/dri
/0/pstate
1348 # going back to the default slow clock, and slower fan:
1349 # echo 07 | sudo tee -a /sys/kernel/debug/dri/0/pstate
1350 if [[ $DISPLAY ]]; then
1351 mpv
--vo=vdpau
--hwdec=auto
"$@"
1353 # waylandvk seems to work the same
1354 mpv
--gpu-context=wayland
--hwdec=auto
1359 mpv
--profile=d
"$@";
1361 # mpv all media files in . or $1
1363 local -a extensions arg
1364 # get page source of https://en.wikipedia.org/w/index.php?title=Video_file_format&action=edit
1365 # into /a/x.log, then
1366 # grep '^| *\.' /a/x.log | sed 's/| *//;s/,//g'
1389 .mpg .mp2 .mpeg .mpe .mpv
1399 arg
=("(" -iname "*${extensions[0]}")
1400 for (( i
=1 ; i
< ${#extensions[@]}; i
++ )); do
1401 arg
+=(-o -iname "*${extensions[i]}")
1406 #find $dir "${arg[@]}" -size +1M
1407 find $dir "${arg[@]}" -size +1M
-exec mpv
--profile=d
'{}' +
1410 mpv
--profile=s
"$@";
1418 d
=( /var
/lib
/znc
/moddata
/log
/iank
/{freenode
,libera
} )
1419 # use * instead of -r since that does sorted order
1420 ssh root@iankelling.org
"for f in ${d[@]}; do cd \$f/#$1; grep '\<iank.*' *; done" | cut
--complement -c12-16
1423 c
/p
/c
/.purple
/logs
/jabber
/iank@fsf.org
/office@conference.fsf.org.chat
1424 for x
in *.html
; do html2text
-o ${x%.html}.txt
$x; done;
1425 grep -A1 ') iank:' *.txt |
sed -r 's/^(.{10})[^ ]*\.txt:\(?([^ ]*)[[:space:]](..). iank:/\1_\2_\3/;s/^[^ ]*\.txt-//;/^--$/d;s/^[^ ]*\.txt:\((.{2}).(.{2}).(.{4}) (.{8}) (.{2})\)?/\3-\1-\2_\4_\5/' |
sed -n 'x;1d;0~2{G;s/\n/ /;p};${x;p}'
1429 d
=/var
/lib
/znc
/moddata
/log
/iank
/freenode
1430 ssh root@iankelling.org
"cd $d; find . -mtime -60 -type f -exec grep '\<iank.*' {} +" |
sed -r 's,^..([^/]*)/(.{11})(.{5})(.{8}).,\2\4 \1,' |
sort
1434 local time time_sec time_pretty
1435 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs where contact_name = 'iank' and jid_id = 17;" |
while read -r time l
; do
1440 if ! time_pretty
=$
(date +%F.
%R
-d @
$time); then
1441 echo bad
time: $time
1444 echo $time_pretty "$l"
1445 time_sec
=${time%%.*}
1446 # only look at the last 18 days. generally just use this for timesheet.
1447 if (( time_sec
< EPOCHSECONDS
- 60 * 60 * 24 * 18 )); then break; fi
1452 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs where contact_name = 'iank'" |
less
1456 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs" |
less
1460 e
"lspci -nnk|gr -iA2 net"
1461 lspci
-nnk|gr
-iA2 net
1463 e
"s lshw -C network"
1465 sudo lshw
-C network
1469 ser stop NetworkManager
1470 ser disable NetworkManager
1471 ser stop NetworkManager-wait-online.service
1472 ser disable NetworkManager-wait-online.service
1474 sudo resolvconf
-d NetworkManager
1480 ser start NetworkManager
1486 oathtool
--totp -b "$*" | xclip
-selection clipboard
1489 "$@" |
& pee
"xclip -r -selection clipboard"
1494 # from http://askubuntu.com/questions/456021/remove-vocals-from-mp3-and-get-only-instrumentals
1495 pactl load-module module-ladspa-sink sink_name
=Karaoke master
=alsa_output.usb-Audioengine_Audioengine_D1-00.analog-stereo plugin
=karaoke_1409 label
=karaoke control
=-30
1498 pfind
() { #find *$1* in $PATH
1499 [[ $# != 1 ]] && { echo requires
1 argument
; return 1; }
1501 IFS
=: pathArray
=($PATH); unset IFS
1502 find "${pathArray[@]}" -iname "*$1*"
1506 # trash-restore lists everything that has been trashed at or below CWD
1507 # This picks out files just in CWD, not subdirectories,
1508 # which also match grep $1, usually use $1 for a time string
1509 # which you get from running restore-trash once first
1512 # last condition is to not ask again for ones we skipped
1513 while name
="$( echo | restore-trash | gr "$PWD/[^
/]\
+$
" | gr "$1" )" \
1514 && [[ $name ]] && (( $
(wc -l <<<"$name") >= nth
)); do
1515 name
="$(echo "$name" | head -n $nth | tail -n 1 )"
1516 read -r -p "$name [Y/n] " ask
1517 if [[ ! $ask ||
$ask == [Yy
] ]]; then
1518 x
=$
( echo "$name" | gr
-o "^\s*[0-9]*" )
1519 echo $x | restore-trash
> /dev
/null
1520 elif [[ $ask == [Nn
] ]]; then
1530 rld
/a
/h
/_site
/ li
:/var
/www
/iankelling.org
/html
1535 # fixes the menu bar in xmonad. this won\'t be needed when xmonad
1536 # packages catches up on some changes in future (this is written in
1539 # geekosaur: so youll want to upgrade to xmonad 0.13 or else use a
1540 # locally modified XMonad.Hooks.ManageDocks that doesnt set the
1541 # work area; turns out it\'s impossible to set correctly if you are
1542 # not a fully EWMH compliant desktop environment
1544 # geekosaur: chrome shows one failure mode, qt/kde another, other
1545 # gtk apps a third, ... I came up with a setting that works for me
1546 # locally but apparently doesnt work for others, so we joined the
1547 # other tiling window managers in giving up on setting it at all
1549 xprop
-root -remove _NET_WORKAREA
1553 # reviewboard, used at my old job
1554 #rbpipe() { rbt post -o --diff-filename=- "$@"; }
1555 #rbp() { rbt post -o "$@"; }
1563 # only run on MAIL_HOST. simpler to keep this on one system.
1564 r2eadd
() { # usage: name url
1565 # initial setup of rss2email:
1566 # r2e new r2e@iankelling.org
1567 # that initializes files, and sets default email.
1568 # symlink to the config doesnt work, so I copied it to /p/c
1569 # and then use cli option to specify explicit path.
1570 # Only option changed from default config is to set
1573 # or else for a few feeds, the from address is set by the feed, and
1574 # if I fail delivery, then I send a bounce message to that from
1575 # address, which makes me be a spammer.
1577 r2e add
$1 "$2" $1@r2e.iankelling.org
1578 # get up to date and dont send old entries now:
1579 r2e run
--no-send $1
1581 r2e
() { command r2e
-d /p
/c
/rss2email.json
-c /p
/c
/rss2email.cfg
"$@"; }
1583 rspicy
() { # usage: HOST DOMAIN
1584 # connect to spice vm remote host. use vspicy for local host
1586 # shellcheck disable=SC2087
1588 sudo virsh dumpxml $2|grep "<graphics.*type='spice'" | \
1589 sed -rn "s/.*port='([0-9]+).*/\1/p"
1592 if [[ $port ]]; then
1593 spicy
-h $1 -p $port
1595 echo "error: no port found. check that the domain is running."
1601 # s gem install scss-lint
1602 pushd /a
/opt
/thoughtbot-guides
1605 scss-lint
-c /a
/opt
/thoughtbot-guides
/style
/sass
/.scss-lint.yml
"$@"
1609 sk
-e 2120,245 /b
/ds
/brc
/b
/ds
/brc2
1614 out
=${2:-${1%.*}.sh}
1616 script -t -c "mpv --no-config --no-resume-playback --no-terminal --no-audio-display '$1'" $tmp/typescript
2>$tmp/timing
1617 # todo, the current sleep seems pretty good, but it
1618 # would be nice to have an empirical measurement, or
1619 # some better wait to sync up.
1621 # note: --loop-file=no prevents it from hanging if you have that
1622 # set to inf the mpv config.
1623 # --loop=no prevents it from exit code 3 due to stdin if you
1624 # had it set to inf in mpv config.
1626 # args go to mpv, for example --volume=80, 50%
1627 cat >$out <<EOFOUTER
1629 trap "trap - TERM && kill 0" INT TERM ERR; set -e
1630 ( sleep .2; scriptreplay <( cat <<'EOF'
1634 $(cat $tmp/typescript)
1637 base64 -d - <<'EOF'| mpv --loop=no --loop-file=no --no-terminal --no-audio-display "\$@" -
1646 smeld
() { # ssh meld usage host1 host2 file
1647 meld
<(ssh $1 cat $3) <(ssh $2 cat $3)
1651 PATH
=/usr
/local
/spdhackfix
:$PATH command spd
"$@"
1654 spamf
() { # spamtest on FILE
1655 local spamcpre spamdpid
1657 if (( $# != 1 )); then
1658 e spamtest error
: expected
1 arg
, filename
>&2
1662 spamdpid
=$
(systemctl status spamassassin|
sed -n '/^ *Main PID:/s/[^0-9]//gp')
1663 spamcpre
="nsenter -t $spamdpid -n -m"
1664 s
$spamcpre sudo
-u Debian-exim spamassassin
-t --cf='score PYZOR_CHECK 0' <"$1"
1670 declare -gi _seq
; _seq
+=1
1671 echo "test body" | m
mail -s "test mail from $HOSTNAME, $_seq" "${@:-root@localhost}"
1672 # for testing to send from an external address, you can do for example
1673 # -fian@iank.bid -aFrom:ian@iank.bid web-6fnbs@mail-tester.com
1674 # note in exim, you can retry a deferred message
1676 # MSG_ID is in /var/log/exim4/mainlog, looks like 1ccdnD-0001nh-EN
1679 # to test sieve, use below command. for fsf mail, see offlineimap-sync script
1680 # make modifications, then copy to live file, use -eW to actually modify mailbox
1682 # Another option is to use sieve-test SCRIPT MAIL_FILE. note,
1683 # sieve-test doesnt know about envelopes, Im not sure if sieve-filter does.
1685 # sieve with output filter. arg is mailbox, like INBOX.
1686 # This depends on dovecot conf, notably mail_location in /etc/dovecot/conf.d/10-mail.conf
1688 # always run this first, edit the test files, then run the following
1690 sieve-filter ~
/sieve
/maintest.sieve
${1:-INBOX} delete
2> >(head; tail) >/tmp
/testsieve.log
&& sed -rn '/^Performed actions:/,/^[^ ]/{/^ /p}' /tmp
/testsieve.log |
sort |
uniq -c
1693 c ~
/sieve
; cp personal
{test,}.sieve
; cp lists
{test,}.sieve
; cp personalend
{test,}.sieve
1694 sieve-filter
-eWv ~
/sieve
/maintest.sieve
${1:-INBOX} delete
&> /tmp
/testsieve.log
1695 sed -r '/^info: filtering:/{h;d};/^info: msgid=$/N;/^info: msgid=.*left message in mailbox [^ ]+$/d;/^info: msgid=/{H;g};/^info: message kept in source mailbox.$/d' /tmp
/testsieve.log
1700 # printf "subject\nbody\n" | alertme
1705 To: alerts@iankelling.org
1712 To: alerts@iankelling.org
1724 To: daylert@iankelling.org
1731 To: daylert@iankelling.org
1740 # alert when a page goes live.
1742 local quiet url tmpdir
1745 # dont send a diff of the html. some html is not very readable
1751 tmpdir
="$(mktemp -d)"
1754 if wget
-q "$url"; then
1761 sleep $
(( 120 + RANDOM
% 300 ))
1765 # alert on changes to a webpage (just the base page that curl gets)
1766 # usage: weblert URL [SUBJECT...]
1768 local u old new quiet
1771 # dont send a diff of the html. some html is not very readable
1778 subject
="${*:-weblert}"
1779 old
=$
(curl
-s "$u") ||
:
1781 new
=$
(curl
-s "$u") ||
:
1782 if [[ $old && $new ]]; then
1783 if [[ $new != "$old" ]]; then
1785 echo | daylertme
"$subject"
1787 diff <(printf "%s\n" "$old") <(printf "%s\n" "$new") | daylertme
"$subject" ||
:
1792 sleep $
(( 60 + RANDOM
% 120 ))
1798 source `type -p torsocks` on
1802 less /var
/log
/exim
4/mymain
1808 # testmail above calls sendmail, which is a link to exim/postfix.
1809 # its docs dont say a way of adding an argument
1810 # to sendmail to turn on debug output. We could make a wrapper, but
1811 # that is a pain. Exim debug args are documented here:
1812 # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
1814 # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-building_and_installing_exim.html
1815 # note, for exim daemon, you can turn on debug options by
1816 # adding -d, etc to COMMONOPTIONS in
1817 # /etc/default/exim4
1819 # to specify recipients other than those in to, cc, bcc, you can use the cli args, eg:
1820 # exim -t 'test@zroe.org, t2@zroe.org' <<'EOF'
1822 # -t = get recipient from header
1824 From: root@$(hostname-f)
1825 To: root@$(hostname-f)
1828 This is a test message.
1835 # https://askubuntu.com/questions/160945/is-there-a-way-to-disable-a-laptops-internal-keyboard
1836 id
=$
(xinput
--list --id-only 'AT Translated Set 2 keyboard')
1837 if xinput list |
grep -F '∼ AT Translated Set 2 keyboard' &>/dev
/null
; then
1838 echo enabling keyboard
1839 # find the first slave keyboard number, they are all the same in my output.
1840 # if they werent, worst case we would need to save the slave number somewhere
1841 # when it got disabled.
1842 slave
=$
(xinput list |
sed -n 's/.*slave \+keyboard (\([0-9]*\)).*/\1/p' |
head -n1)
1843 xinput reattach
$id $slave
1852 (sleep $
(calc
"$* * 60") && mpv
--no-config --volume 50 /a
/bin
/data
/alarm.mp3
) > /dev
/null
2>&1 &
1855 trg
() { transmission-remote-gtk
& r
; }
1857 # example, set global upload limit to 100 kilobytes:
1859 TR_AUTH
=":$(jq -r .profiles[0].password ~/.config/transmission-remote-gtk/config.json)" transmission-remote transmission.lan
-ne "$@"
1866 for (( i
=0; i
< retries
- 1; i
++ )); do
1878 if [[ -e $1 && ! -w $1 ||
! -w $
(dirname "$1") ]]; then
1881 # full path for using in some initial setup steps
1888 ecmd
="/usr/sbin/exim4 -C /etc/exim4/my.conf"
1889 if ip a show veth1-mail
&>/dev
/null
; then
1893 pid
=$
(pgrep
-f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1
)
1894 m s nsenter
-t $pid -n -m $ecmd "$@"
1897 # get pid of systemd service
1901 pid
=$
(systemctl show
--property MainPID
--value "$unit")
1906 dir
=/sys
/fs
/cgroup
/system.slice
1907 if [[ ! -d $dir ]]; then
1908 # t10 and older directory.
1909 dir
=/sys
/fs
/cgroup
/systemd
/system.slice
1912 # 0 or empty. This file includes the MainPid, so I expect we
1913 # could just get this in the first place, but i don't know if that
1914 # is always the case.
1915 pid
=$
(head -n1 $dir/${unit%.service}.service
/cgroup.procs
)
1919 printf "%s\n" "$pid"
1925 sdnbash
() { # systemd namespace bash
1927 if (( $# != 1 )); then
1928 echo $0: error wrong number of args
>&2
1932 pid
=$
(servicepid
$unit)
1933 m sudo nsenter
-t $pid -n -m sudo
-u $USER -i bash
1936 sdncmd
() { # systemd namespace cmd
1938 if (( $# <= 2 )); then
1939 echo $0: error wrong number of args
>&2
1944 pid
=$
(servicepid
$unit)
1945 m sudo nsenter
-t $pid -n -m sudo
-u $USER -i "$@"
1953 # we use wireguard now, use mailnnbash.
1955 # m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash
1960 pid
=$
(pgrep
-f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1
)
1961 if [[ ! $pid ]]; then
1962 echo "eximbash: failed to find exim pid. systemctl -n 30 status exim4:"
1963 systemctl status exim4
1965 m sudo nsenter
-t $pid -n -m
1969 spamdpid
=$
(systemctl show
--property MainPID
--value spamassassin
)
1970 m sudo nsenter
-t $spamdpid -n -m sudo
-u Debian-exim spamassassin
"$@"
1973 m sudo nsenter
-t $
(systemctl status unbound|
sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo
-u $USER -i bash
1977 s nmtui-connect
"$@"
1981 local unit pid ns mailnn
1982 # mailvpn would belong on the list if using openvpn
1983 for unit
in mailnn unbound dovecot spamassassin exim4 radicale
; do
1984 pid
=$
(servicepid
$unit)
1985 echo debug
: unit
=$unit pid
=$pid
1986 if [[ ! $pid ]]; then
1987 echo failed to
find pid
for unit
=$unit
1990 if ! ns
=$
(s readlink
/proc
/$pid/ns
/net
); then
1991 echo failed to
find ns
for unit
=$unit pid
=$pid
1994 if [[ $mailnn ]]; then
1995 if [[ $ns != "$mailnn" ]]; then
1996 echo "$unit ns $ns != $mailnn"
2007 m sudo
-E env
"PATH=$PATH" nsenter
-t $
(pgrep
-f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n "$@"
2011 vpncmd sudo
-u iank env
"PATH=$PATH" "$@"
2019 if [[ -e /lib
/systemd
/system
/openvpn-client@.service
]]; then
2020 local vpn_service
=openvpn-client
2022 local vpn_service
=openvpn
2025 [[ $1 ]] ||
{ echo need arg
; return 1; }
2026 journalctl
--unit=$vpn_service@
$1 -f -n0 &
2027 # sometimes the journal doesnt open until after the vpn output
2028 # has happened. hoping this fixes that.
2030 sudo systemctl start
$vpn_service@
$1
2031 # sometimes the ask-password agent does not work and needs a delay.
2033 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779240
2034 # noticed around 8-2017 after update from around stretch release
2035 # on debian testing, even though the bug is much older.
2036 sudo systemd-tty-ask-password-agent
2041 ls -lad /run
/user
/1000
2042 stats
=$
(stat
-c%a-
%g-
%u
/run
/user
/1000)
2043 if [[ $stats != 700-1000-1000 ]]; then
2044 m s
chmod 700 /run
/user
/1000; m s chown iank.iank
/run
/user
/1000
2048 # systemctl is-enabled / status / cat says nothing, instead theres
2049 # some obscure symlink. paths copied from man systemd.unit.
2050 # possibly also usefull, but incomplete, doesnt show units not loaded in memory:
2051 # seru list-dependencies --reverse --all UNIT
2054 local -a dirs search
2060 ~
/.config
/systemd
/user.control
/*
2061 $XDG_RUNTIME_DIR/systemd
/user.control
/*
2062 $XDG_RUNTIME_DIR/systemd
/transient
/*
2063 $XDG_RUNTIME_DIR/systemd
/generator.early
/*
2064 ~
/.config
/systemd
/user
/*
2066 $XDG_RUNTIME_DIR/systemd
/user
/*
2068 $XDG_RUNTIME_DIR/systemd
/generator
/*
2069 ~
/.local
/share
/systemd
/user
/*
2070 /usr
/lib
/systemd
/user
/*
2071 $XDG_RUNTIME_DIR/systemd
/generator.late
/*
2076 /etc
/systemd
/system.control
/*
2077 /run
/systemd
/system.control
/*
2078 /run
/systemd
/transient
/*
2079 /run
/systemd
/generator.early
/*
2080 /etc
/systemd
/system
/*
2081 /etc
/systemd
/systemd.attached
/*
2082 /run
/systemd
/system
/*
2083 /run
/systemd
/systemd.attached
/*
2084 /run
/systemd
/generator
/*
2085 /lib
/systemd
/system
/*
2086 /run
/systemd
/generator.late
/*
2090 for f
in "${search[@]}"; do
2091 [[ -d $f ]] ||
continue
2098 # dirs is just so we write out the directory names, ls does it when there is 2 or more dirs.
2114 read _ link _ istls
< <(resolvectl dnsovertls tunfsf
)
2117 *) echo fixvpndns error
: unexpected istls value
: $istls >&2; return 1 ;;
2119 s busctl call org.freedesktop.resolve1
/org
/freedesktop
/resolve1 org.freedesktop.resolve1.Manager SetLinkDNSOverTLS is
$link no
2123 [[ $1 ]] ||
{ echo need arg
; return 1; }
2124 if [[ -e /lib
/systemd
/system
/openvpn-client@.service
]]; then
2125 local vpn_service
=openvpn-client
2127 local vpn_service
=openvpn
2129 sudo systemctl stop
$vpn_service@
$1
2131 vpnoffc
() { # vpn off client
2132 ser stop openvpn-client-tr@client
2135 ser start openvpn-client-tr@client
2139 vspicy
() { # usage: VIRSH_DOMAIN
2140 # connect to vms made with virt-install
2141 spicy
-p $
(sudo virsh dumpxml
"$1"|
grep "<graphics.*type='spice'"|\
2142 sed -r "s/.*port='([0-9]+).*/\1/")
2146 cat-new-files
/m
/4e
/INBOX
/new
2149 wtr
() { curl wttr.in
/boston
; }
2151 xevkb
() { xev
-event keyboard
; }
2156 printf "running: %s\n" "$*"
2160 f
=/a
/f
/ansible-configs
/files
/common
/etc
/fsf-workstation-bashrc.sh
2161 if [[ -e $f ]]; then
2162 # shellcheck disable=SC1090
2167 # https://electrum.readthedocs.io/en/latest/tor.html
2168 # https://github.com/spesmilo/electrum-docs/issues/129
2169 s rsync
-ptog --chown bitcoin
:bitcoin ~
/.Xauthority
/var
/lib
/bitcoind
/.Xauthority
2170 sudo
-u bitcoin DISPLAY
=$DISPLAY XAUTHORITY
=/var
/lib
/bitcoind
/.Xauthority
/a
/opt
/electrum-4.2
.1-x86_64.AppImage
-p socks5
:localhost
:9050
2173 sudo
-u bitcoin DISPLAY
=$DISPLAY XAUTHORITY
=/var
/lib
/bitcoind
/.Xauthority
/a
/opt
/monero-gui-v0.17
.3.2/monero-wallet-gui
2178 # we also have a file in /a/c/...konsole...
2179 local f
=$HOME/.config
/konsolerc
2180 setini DefaultProfile profileian.profile
"Desktop Entry" $f
2181 setini Favorites profileian.profile
"Favorite Profiles" $f
2182 setini ShowMenuBarByDefault false KonsoleWindow
$f
2183 setini TabBarPosition Top TabBar
$f
2187 while read -r k v
; do
2188 # shellcheck disable=SC2154
2189 setini
$k $v sakura
/a
/c
/subdir_files
/.config
/sakura
/sakura.conf
2191 colorset1_back rgb(33,37,39)
2195 disable_numbered_tabswitch true
2196 scroll_lines 10000000
2201 # make a page of links found in the files $@. redirect output
2203 gr
-oh 'https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)' "$@" | \
2204 rev |
sort -u |
rev |
sed 's,.*,<a href="\0">\0</a><br\>,'
2207 reset-xscreensaver
() {
2208 # except for spash, i set these by setting gui options in
2209 # xscreensaver-command -demo
2210 # then finding the corresponding option in .xscreensaver
2211 # spash, i happened to notice in .xscreensaver
2213 # dpmsOff, monitor doesnt come back on using old free software supported nvidia card
2214 cat > /home
/iank
/.xscreensaver
<<'EOF'
2217 dpmsStandby: 0:07:00
2218 dpmsSuspend: 0:08:00
2222 lockTimeout: 0:06:00
2229 # * stuff that makes sense to be at the end
2230 if [[ "$SUDOD" ]]; then
2231 # allow failure, for example if we are sudoing into a user with diffferent/lesser permissions.
2234 elif [[ -d /a
]] && [[ $PWD == "$HOME" ]] && [[ $
- == *i
* ]]; then
2242 # for mitmproxy to get a newer python.
2243 # commented until i want to use it because it
2244 # noticably slows bash startup
2248 if [[ $EUID == 0 ||
! -e ~
/.pyenv
/bin
]]; then
2249 echo "error: dont be root. make sure pyenv is installed"
2252 export PATH
="$HOME/.pyenv/bin:$PATH"
2253 eval "$(pyenv init -)"
2254 eval "$(pyenv virtualenv-init -)"
2258 export GOPATH
=$HOME/go
2259 path-add
$GOPATH/bin
2260 path-add
/usr
/local
/go
/bin
2262 # I have the git repo and a release. either one should work.
2263 # I have both because I was trying to solve an issue that
2264 # turned out to be unrelated.
2265 # ARDUINO_PATH=/a/opt/Arduino/build/linux/work
2267 ## i should have documented this...
2268 # based on https://github.com/keyboardio/Kaleidoscope
2269 export KALEIDOSCOPE_DIR
=/a
/opt
/Kaleidoscope
2271 # They want to be added to the start, but i think
2272 # that should be avoided unless we really need it.
2273 path-add
--end ~
/.npm-global
2276 path-add
--end $HOME/.cargo
/bin
2278 if type -P rg
&>/dev
/null
; then
2279 # --no-messages because of annoying errors on broken symlinks
2280 # -z = search .gz etc files
2281 # -. = search dotfilesq
2282 rg
() { command rg
-.
-z --no-messages -L -i -M 900 --no-ignore-parent --no-ignore-vcs -g '!.git' -g '!auto-save-list' -g '!.savehist' "$@" ||
return $?
; }
2283 #fails if not exist. ignore
2284 complete
-r rg
2>/dev
/null ||
:
2291 # taken from default changes to bashrc and bash_profile
2292 path-add
--end --ifexists $HOME/.rvm
/bin
2293 # also had ruby bin dir, but moved that to environment.sh
2294 # so its included in overall env
2297 export BASEFILE_DIR
=/a
/bin
/fai-basefiles
2299 #export ANDROID_HOME=/a/opt/android-home
2300 # https://f-droid.org/en/docs/Installing_the_Server_and_Repo_Tools/
2301 #export USE_SDK_WRAPPER=yes
2302 #PATH=$PATH:$ANDROID_HOME/tools:$ANDROID_HOME/platform-tools
2304 # didnt get drush working, if I did, this seems like the
2305 # only good thing to include for it.
2306 # Include Drush completion.
2307 # if [ -f "/home/ian/.drush/drush.complete.sh" ] ; then
2308 # source /home/ian/.drush/drush.complete.sh
2315 # https://wiki.archlinux.org/index.php/Xinitrc#Autostart_X_at_login
2316 # i added an extra condition as gentoo xorg guide says depending on
2317 # $DISPLAY is fragile.
2318 if [[ ! $DISPLAY && $XDG_VTNR == 1 ]] && shopt -q login_shell
&& isarch
; then
2323 # ensure no bad programs appending to this file will have an affect