2 # Copyright (C) 2019 Ian Kelling
3 # SPDX-License-Identifier: AGPL-3.0-or-later
4 # this gets sourced. shebang is just for file mode detection
9 if [[ $HISTFILE ]]; then
13 source /a
/bin
/distro-setup
/path-add-function
15 # add this with absolute paths as needed for better security
16 #path-add --end /path/to/node_modules/.bin
18 #path-add --end /usr/lib/node_modules/corepack/shims/
20 # pip3 --user things go here:
21 path-add
--end ~
/.local
/bin
22 path-add
--ifexists --end /a
/work
/libremanage
23 path-add
--ifexists --end /a
/opt
/adt-bundle
*/tools
/a
/opt
/adt-bundle
*/platform-tools
24 path-add
--ifexists --end /a
/opt
/scancode-toolkit-3.10.
28 # https://askubuntu.com/questions/1254544/vlc-crashes-when-opening-any-file-ubuntu-20-04
29 if grep -qE '^VERSION_CODENAME="(nabia|focal)"' /etc
/os-release
&>/dev
/null
; then
30 export MESA_LOADER_DRIVER_OVERRIDE
=i965
41 SL_SSH_ARGS
="-F $HOME/.ssh/confighome"
48 # generated instead of dynamic for the benefit of shellcheck
49 #for x in /a/bin/distro-functions/src/* /a/bin/!(githtml)/*-function?(s); do echo source $x ; done
50 source /a
/bin
/distro-functions
/src
/identify-distros
51 source /a
/bin
/log-quiet
/logq-function
52 # for x in /a/bin/bash_unpublished/source-!(.#*); do echo source $x; done
53 source /a
/bin
/bash_unpublished
/source-semi-priv
54 source /a
/bin
/bash_unpublished
/source-state
56 source /a
/bin
/log-quiet
/logq-function
57 if [[ -s /a
/opt
/alacritty
/extra
/completions
/alacritty.bash
]]; then
58 source /a
/opt
/alacritty
/extra
/completions
/alacritty.bash
68 m pactl unload-module module-loopback
69 m pactl unload-module module-null-sink
70 m pactl unload-module module-remap-source
72 sources
=($
(pacmd list-sources |
sed -rn 's/.*name: <([^>]+).*/\1/p'))
76 for s
in ${sources[@]}; do
83 m pactl load-module module-null-sink sink_name
=ianinput sink_properties
=device.description
=ianinputs
85 m pactl load-module module-loopback
source=${sources[i]} sink_dont_move
=true sink
=ianinput
87 pactl load-module module-remap-source source_name
=iancombine master
=ianinput.monitor source_properties
=device.description
=iancombine
93 sed '/^ *IdentityFile/d' ~
/.ssh
/config
>$d/config
94 s
command ssh -F $d/config
-i /q
/root
/h
"$@"
100 sed '/^ *IdentityFile/d' ~
/.ssh
/config
>$d/config
101 s rsync
-e "ssh -F $d/config -i /q/root/h" "$@"
109 if [[ $arg == [89]0Etiona
* ]]; then
111 rtime
=${arg#*Etiona} # remote time
112 if [[ ! $rtime ]]; then
115 dir
=/a
/opt
/emacs-trisquel
${v}-nox/.iank
116 ltime
=$
(stat
-c%Y
$dir/e
/e
/.emacs.d
/init.el
)
117 if (( ltime
> rtime
)); then
118 m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" $dir "$remote":/home
/iank
124 local f
=/home
/iank
/.emacs.d
/init.el
125 sl
--sl-test-cmd ". /etc/os-release ; printf %s \${VERSION//[^a-zA-Z0-9]/}; test -e $f && stat -c%Y $f" --sl-test-hook slemacs
"$@"
129 # Run this manually after .emacs.d changes. Otherwise, to check if
130 # files changed with find takes 90ms. sl normally only adds 25ms. We
131 # could cut it down to 10ms if we put things on a btrfs filesystem and
132 # looked for changes there, or used some inotify thing, but that seems
133 # like too much work.
134 egh
() { # emacs gnuhope
135 RSYNC_RSH
=ssh m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" /a
/opt
/emacs-trisquel9-nox
/.iank lists2d.fsf.org
:.ianktrisquel_9
136 RSYNC_RSH
=ssh m rsync
-rptL --delete --filter=". /b/ds/sl/rsync-filter" /a
/opt
/emacs-trisquel8-nox
/.iank lists2d.fsf.org
:/home
/iank
139 local shell
="bash -s"
140 if [[ $HOSTNAME != kw
]]; then
141 shell
="ssh kw.office.fsf.org"
145 sudo mkdir /root/.ianktrisquel_9
146 sudo rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel9-nox/.iank /root/.ianktrisquel_9
147 rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel8-nox/.iank /home/iank
151 rm-docker-iptables
() {
152 s iptables
-S | gr docker | gr
-- -A |
sed 's/-A/-D/'|
while read -r l
; do sudo iptables
$l; done
153 s iptables
-S -t nat | gr docker | gr
-- -A |
sed 's/-A/-D/'|
while read -r l
; do sudo iptables
-t nat
$l; done
154 s iptables
-S | gr docker | gr
-- -N |
sed 's/-N/-X/'|
while read -r l
; do sudo iptables
$l; done
155 s iptables
-S -t nat | gr docker | gr
-- -N |
sed 's/-N/-X/'|
while read -r l
; do sudo iptables
-t nat
$l; done
158 # usage mkschroot [-] distro codename packages
159 # - means no piping in of sources.list
162 while [[ $1 == -* ]]; do
164 -f) force
=true
; shift ;;
167 if [[ ! -s $sources ]]; then
168 echo mkschroot
: error
: sources
file $sources does not exist or is empty
179 repo
=http
://mirror.fsf.org
/trisquel
/
182 repo
=http
://archive.ubuntu.com
/ubuntu
/
185 repo
=http
://deb.debian.org
/debian
/
191 if ! $force && schroot
-l |
grep -xFq chroot
:$n; then
192 echo "$0: $n schroot already installed, skipping"
197 sd
/etc
/schroot
/chroot.d
/$n.conf
<<EOF
203 preserve-environment=true
207 if [[ ! -e $d/bin
]]; then
209 # resolvconf otherwise schroot fails with
210 # cp: not writing through dangling symlink '/var/run/schroot/mount/flidas-7a2362e0-81b3-4848-92c1-610203ef5976/etc/resolv.conf'
211 sudo debootstrap
--exclude=resolvconf
$n $d $repo
213 if [[ $sources ]]; then
214 sudo
install -m 644 $sources $d/etc
/apt
/sources.list
216 sudo chroot
$d apt-get update
217 sudo DEBIAN_FRONTEND
=noninteractive chroot
$d apt-get
-y dist-upgrade
--purge --auto-remove
218 sudo
cp -P {,$d}/etc
/localtime
219 if (( ${#apps[@]} )); then
220 sudo DEBIAN_FRONTEND
=noninteractive schroot
-c $n -- apt-get
install --allow-unauthenticated -y ${apps[@]}
225 # note: this is incomplete and untested.
226 # https://wiki.archlinux.org/index.php/Install_Arch_Linux_from_existing_Linux#Creating_a_chroot
229 mirror
=https
://mirrors.edge.kernel.org
/archlinux
/iso
/latest
/
230 tarball
=$
(curl
-s $mirror |
sed -nr 's/.*"(archlinux-bootstrap-.*-x86_64.tar.gz)".*/\1/p')
231 wget
-O /tmp
/arch.
tar.gz https
://mirrors.edge.kernel.org
/archlinux
/iso
/latest
/$tarball
232 s mkdir
-p /nocow
/schroot
/arch
233 cd _
/nocow
/schroot
/arch
234 s
sed -i '/## United States/,/^$/s,^#,,' etc
/pacman.d
/mirrorlist
235 # error: could not determine cachedir mount point /var/cache/pacman/pkg
236 s
sed -i /^CheckSpace
/d etc
/pacman.conf
237 chroot .
/bin
/bash
-s <<'EOF'
239 pacman-key --populate archlinux
242 # example of building an aur package:
243 # pacman -Sy base-devel wget
245 # f=$target/etc/sudoers
246 # line='iank ALL=(ALL) NOPASSWD: ALL'
247 # if [[ ! -e $f ]] || ! grep -xF "$line" $f; then
251 # wget https://aur.archlinux.org/cgit/aur.git/snapshot/anbox-image-gapps.tar.gz
252 # tar xzf anbox-image-gapps.tar.gz
253 # cd anbox-image-gapps
258 # clock back in to timetrack from last entry
260 sqlite3
/p
/.timetrap.db
"update entries set end = NULL where id = (select max(id) from entries);"
264 # s sshfs bu@$host:/bu/home/md /bu/mnt -o reconnect,ServerAliveInterval=20,ServerAliveCountMax=30 -o allow_other
267 enn
-M $
(exiqgrep
-i)
270 enn
-M $
(exiqgrep
-i|h1
)
275 /a
/f
/gnulib
/build-aux
/gnupload
"$@"
281 f
=(/p
/c
/firefox
*/compatibility.ini
)
282 if (( ${#f[@]} )); then
288 if shopt nullglob
>/dev
/null
; then
302 s checkrestart
-b /a
/bin
/ds
/checkrestart-blacklist
-pv
305 cp-blocked-domains-to-brains
() {
306 cp /a
/f
/ans
/roles
/exim
/files
/mx
/simple
/etc
/exim
4/bad-sender_domains
/a
/f
/brains
/sysadmin
/kb
/blocked_email_domains.mdwn
308 cp-blocked-domains-to-ansible
() {
309 cp /a
/f
/brains
/sysadmin
/kb
/blocked_email_domains.mdwn
/a
/f
/ans
/roles
/exim
/files
/mx
/simple
/etc
/exim
4/bad-sender_domains
314 # crashes on adding new cards in t9
315 schroot
-c buster
-- anki
320 hrcat
/m
/md
/alerts
/{cur
,new
}/*
323 ssh bk.b8.nz
"shopt -s nullglob; hrcat /m/md/INBOX/new/* /m/md/INBOX/cur/*"
327 rm -f /m
/md
/alerts
/{cur
,new
}/*
329 ssh bk.b8.nz
"shopt -s nullglob; rm -f /m/md/INBOX/new/* /m/md/INBOX/cur/*"
334 find /var
/local
/cron-errors
/home
/iank
/cron-errors
/sysd-mail-once-state
-type f
336 ralerts
() { # remote alerts
338 # this list is duplicated in check-remote-mailqs
339 for h
in bk je li frodo kwwg x3wg x2wg kdwg sywg
; do
342 if [[ $HOSTNAME == "${h%wg}" ]]; then
346 $shell find /var
/local
/cron-errors
/home
/iank
/cron-errors
/sysd-mail-once-state
-type f || ret
=$?
354 # pushd in case current directory has an ansible.cfg file
355 pushd /a
/xans
>/dev
/null
356 ansible-playbook
-v -l ${1:- $(hostname -f)} site.yml
360 pushd /a
/work
/ans
>/dev
/null
361 time ansible-playbook
-v -i inventory adhoc.yml
"$@"
365 pushd /a
/bin
/distro-setup
/a
>/dev
/null
366 ansible-playbook site.yml
"$@"
371 # googling android emulator libGL error: failed to load driver: r600
372 # lead to http://stackoverflow.com/a/36625175/14456
373 export ANDROID_EMULATOR_USE_SYSTEM_LIBS
=1
374 /a
/opt
/android-studio
/bin
/studio.sh
"$@" &r
;
377 # note, to check for glue records
378 # First, find some the .org nameservers:
379 # dig +trace iankelling.org
381 # dig ns1.iankelling.org @b0.org.afilias-nst.org.
383 # Now, compare for a domain that does have glue records setup (note the A
384 # and AAAA records in ADDITIONAL SECTION, those are glue records like the
385 # one I'm asking for):
387 # $ dig ns1.gnu.org @b0.org.afilias-nst.org.
389 # todo: make sm pull/push use systemd instead of the journal cat command
390 bbk
() { # btrbk wrapper
394 systemctl is-active btrbk.timer || active
=false
398 btrbk_is_active
=$
(systemctl is-active btrbk.service ||
:)
399 case $btrbk_is_active in
400 inactive|failed
) : ;;
402 echo "bbk: error: systemctl is-active btrbk.service output: $btrbk_is_active"
403 if $active; then ser start btrbk.timer
; fi
409 # todo: consider changing this to srun and having the args come
410 # from a file like /etc/default/btrbk, like is done in exim
411 s jrun btrbk-run
"$@"
414 echo bbk
: WARNING
: btrbk.timer not restarted due to failure
416 ser start btrbk.timer
423 fai-monitor | pee
cat "fai-monitor-gui -"
426 bfg
() { java
-jar /a
/opt
/bfg-1.12
.14.jar
"$@"; }
429 xclock
-digital -update 1 -face 'arial black-80:bold'
432 nnn
() { /a
/opt
/nnn
-H "$@"; }
434 locat
() { # log-once cat
437 files
=(/var
/local
/cron-errors
/* /home
/iank
/cron-errors
/* /sysd-mail-once-state
/*)
451 # duplicated somewhat below.
452 jrun
() { # journal run. run args, log to journal, tail and grep the journal.
453 # Note, an alternative without systemd would be something like ts.
454 # Note, I tried using systemd-cat, but this seems obviously better,
455 # and that seemed to have a problem exiting during a systemctl daemon-reload
456 local cmd_name jr_pid s
460 if [[ $cmd != /* ]]; then
463 journalctl
-qn2 -f -u "$cmd_name" &
464 # Guess of time needed to avoid missing initial lines.
465 # .5 was not reliable. 1 was not reliable. 2 was not reliable
467 # We kill this in prompt-command for the case that we ctrl-c the
468 # systemd-cat. i dont know any way to trap ctrl-c and still run the
469 # normal action for it. There might be a way, unsure.
471 # note, we could have a version that does system --user, but if for example
472 # it does sudo ssh, that will leave a process around that we can't kill
473 # and it will leave the unit hanging around in a failed state needing manual
474 # killing of the process.
475 m s systemd-run
--uid $
(id
-u) --gid $
(id
-g) \
476 -E SSH_AUTH_SOCK
=/run
/openssh_agent \
477 --unit "$cmd_name" --wait --collect "$cmd" "${@:2}" || ret
=$?
478 # This justs lets the journal output its last line
479 # before the prompt comes up.
481 kill $jr_pid &>/dev
/null ||
:
485 # service run, and watch the output
490 journalctl
-qn2 -f -u $unit &
491 systemctl start
$unit
493 kill $jr_pid &>/dev
/null ||
:
502 keyhash
=$
(s ssh-keygen
-lf /root
/.ssh
/home |
awk '{print $2}')
503 tmp
=$
(s ssh-add
-l |
awk '$2 == "'$keyhash'"')
504 if [[ ! $tmp ]]; then
505 s ssh-add
/root
/.ssh
/home
508 s jrun switch-mail-host
"$@"
512 # shellcheck disable=SC2120
514 # note, i had --delete-excluded, but that deletes all files in --exclude-from on
515 # the remote site, which doesn't make sense, so not sure why i had it.
517 # excluding emacs for now
518 #p=(/a/opt/{emacs-debian11{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts})
519 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
520 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
522 for h
in li je bk
; do
523 m s rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/$h root@
$h.b8.nz
:/
524 ## only li is debian11
525 #p[0]=/a/opt/emacs-trisuqel10
526 #p[1]=/a/opt/emacs-trisquel10-nox
528 m s rsync
"$@" -ahviSAXPH root@li.b8.nz
:/a
/h
/proposed-comments
/ /a
/h
/proposed-comments || ret
=$?
531 bkpush
() { # no emacs. for running faster.
532 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
533 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
535 m rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/bk root@bk.b8.nz
:/ || ret
=$?
538 jepush
() { # no emacs. for running faster.
539 p
=(/a
/bin
/a
/exe
/a
/h
/a
/c
/p
/c
/machine_specific
/vps
{,.hosts
})
540 a
="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes"
542 m rsync
"$@" $a ${p[@]} /p
/c
/machine_specific
/je root@je.b8.nz
:/ || ret
=$?
547 dsign iankelling.org expertpathologyreview.com zroe.org amnimal.ninja
571 local f
=/var
/lib
/bind
/db.b8.nz
575 m sudo
install -m 644 -o bind -g bind /p
/c
/machine_specific
/vps
/bind-initial
/db.b8.nz
$f
579 # keys generated like this
580 # because of https://ftp.isc.org/isc/dnssec-guide/dnssec-guide.pdf
581 # https://blog.apnic.net/2019/05/23/how-to-deploying-dnssec-with-bind-and-ubuntu-server/
583 # key length is longer than that guide because
584 # we are using those at fsf and when old key lengths
585 # become insecure, I want some extra time to update.
589 dnssec-keygen
-a RSASHA256
-b 2048 $zone
590 dnssec-keygen
-f KSK
-a RSASHA256
-b 4096 $zone
591 for f
in K
$zone.
*.key
; do
592 # eg Kb8.nz.+008+47995.key tag=47995
593 # in dnsimple, you add the long string from this.
594 # in gandi, you add the long string from the .key file,
595 # then see that the digest matches the ds.
596 echo "tag is the number after DS"
597 dnssec-dsfromkey
-a SHA-256
$f
599 # For b8.nz, we let bind read the keys and sign, and
600 # right now they have root ownership, so let them
605 # create .signed file
606 # note: full paths probably not needed.
609 local zone
=${arg#db.}
610 local dir
=/p
/c
/machine_specific
/vps
/filesystem
/var
/lib
/bind
611 dnssec-signzone
-S -e +31536000 -o $zone -K $dir -d $dir $dir/db.
$zone
616 #### begin bitcoin related things
618 local f
=/etc
/bitcoin
/bitcoin.conf
619 # importprivkey will timeout if using the default of 15 mins.
620 # upped it to 1 hour.
621 bitcoin-cli
-rpcclienttimeout=60000 -$
(s
grep rpcuser
= $f) -$
(s
grep rpcpassword
= $f) "$@"
623 btcusd
() { # $1 btc in usd
625 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
626 printf "$%s\n" "$price"
628 printf "$%.2f\n" "$(echo "scale
=4; $price * $1"| bc -l)"
631 usdbtc
() { # $1 usd in btc
633 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
634 printf "$%s\n" "$price"
636 # 100 mil satoshi / btc. 8 digits after the 1.
637 printf "%.8f btc\n" "$(echo "scale
=10; $1 / $price "| bc -l)"
640 satoshi
() { # $1 satoshi in usd
642 price
="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)"
643 price
=$
(echo "scale=10; $price * 0.00000001"|
bc -l)
644 printf "$%f\n" "$price"
646 printf "$%.2f\n" "$(echo "scale
=10; $price * $1"| bc -l)"
649 #### end bitcoin related things
653 cbfstool
() { /a
/opt
/coreboot
/build
/cbfstool
"$@"; }
659 cp /a
/bin
/data
/COPYING
"$@"
661 cp /a
/bin
/data
/COPYING .
668 cp /a
/bin
/data
/LICENSE
"$@"
670 cp /a
/bin
/data
/LICENSE .
675 if type -p chromium
&>/dev
/null
; then
679 cmd
="schroot -c bullseye chromium"
680 CHROMIUM_FLAGS
='--enable-remote-extensions' $cmd &r
686 # pipe to this, or just type like a shell
689 tee >(ssh frodo.b8.nz
) >(ssh x2
) >(ssh tp.b8.nz
) >(ssh kw
) >(ssh tp.b8.nz
)
693 for host in x2 kw tp.b8.nz x3.b8.nz frodo.b8.nz
; do
699 debian_pick_mirror
() {
700 # netselect-apt finds a fast mirror.
701 # but we need to replace the mirrors ourselves,
702 # because it doesnt do that. best it can do is
703 # output a basic sources file
704 # here we get the server it found, get the main server we use
705 # then substitute all instances of one for the other in the sources file
706 # and backup original to /etc/apt/sources.list-original.
707 # this is idempotent. the only way to identify debian sources is to
708 # note the original server, so we put it in a comment so we can
711 file=$
(mktemp
-d)/f
# safe way to get file name without creating one
712 sudo netselect-apt
-o "$file" ||
return 1
713 url
=$
(grep ^
\\w
$file |
head -n1 |
awk '{print $2}')
714 sudo
cp -f /etc
/apt
/sources.list
/etc
/apt
/sources.list-original
715 sudo
sed -ri "/http.us.debian.org/ s@( *[^ #]+ +)[^ ]+([^#]+).*@\1$url\2# http.us.debian.org@" /etc
/apt
/sources.list
719 digdiff @ns
{1,2}.iankelling.org
"$@"
723 "$@" |
& ts ||
return $?
733 /b
/ds
/distro-begin |
& ts ||
return $?
734 /b
/ds
/distro-end |
& ts ||
return $?
740 /b
/ds
/distro-begin |
& ts ||
return $?
746 /b
/ds
/distro-end |
& ts ||
return $?
759 envload
() { # load environment from a previous: export > file
760 local file=${1:-$HOME/.${USER}_env}
761 eval "$(export | sed 's/^declare -x/export -n/')"
762 while IFS
= read -r line
; do
763 # declare -x makes variables local to a function
764 eval ${line/#declare -x/export}
768 failfunc
() { asdf a b c
; }
769 failfunc2
() { failfunc d e f
; }
771 # one that comes with distros is too old for newer devices
773 /a
/opt
/android-platform-tools
/fastboot
"$@";
776 kdecd
() { /usr
/lib
/x86_64-linux-gnu
/libexec
/kdeconnectd
; }
779 cat /sys
/class
/power_supply
/BAT
0/capacity
782 # List of apps to install/update
783 # Create from existing manually installed apps by doing
785 # fdroidcl search -i, then manually removing
786 # automatically installed/preinstalled apps
789 # # my attempt at recovering from boot loop:
790 # # in that case, boot to recovery (volume up, home button, power, let go of power after samsun logo)
792 # mount /dev/block/mmcblk0p12 /data
794 # find -iname '*appname*'
796 # usually good enough to just rm -rf /data/app/APPNAME
799 # # causes replicant to crash
800 # org.quantumbadger.redreader
801 # org.kde.kdeconnect_tp
803 # not broke, but wont work without gps
804 #com.zoffcc.applications.zanavi
805 # not broke, but not using atm
806 #com.nutomic.syncthingandroid
807 # # doesn\'t work on replicant
808 #net.sourceforge.opencamera
811 net.mullvad.mullvadvpn
813 io.github.subhamtyagi.lastlauncher
815 com.biglybt.android.client
816 de.marmaro.krt.ffupdater
817 me.ccrama.redditslide
818 org.fedorahosted.freeotp
820 com.alaskalinuxuser.justnotes
821 com.artifex.mupdf.viewer.app
822 com.danielkim.soundrecorder
825 com.jmstudios.redmoon
827 org.kde.kdeconnect_tp
830 cz.martykan.forecastie
833 de.marmaro.krt.ffupdater
834 eu.siacs.conversations
836 im.vector.alpha
# riot
838 me.tripsit.tripmobile
840 net.minetest.minetest
845 org.smssecure.smssecure
847 sh.
ftp.rocketninelabs.meditationassistant.opensource
849 # https://forum.xda-developers.com/android/software-hacking/wip-selinux-capable-superuser-t3216394
854 local -A installed updated
856 # tried putting this in go buildscript cronjob,
857 # but it failed with undefined: os.UserCacheDir. I expect its due to
858 # an environment variable missing, but its easier just to stick it here.
859 m go get
-u mvdan.cc
/fdroidcl ||
return 1
861 if fdroidcl search
-u |
grep ^org.fdroid.fdroid
; then
862 fdroidcl
install org.fdroid.fdroid
866 for p
in $
(fdroidcl search
-i|
grep -o "^\S\+"); do
869 for p
in $
(fdroidcl search
-u|
grep -o "^\S\+"); do
872 for p
in ${fdroid_pkgs[@]}; do
873 if ! ${installed[$p]:-false}; then
874 m fdroidcl
install $p
875 # sleeps are just me being paranoid since replicant has a history of crashing when certain apps are installed
879 for p
in ${!installed[@]}; do
880 if ! ${updated[$p]:-true}; then
881 m fdroidcl
install $p
887 firefox-default-profile
() {
888 key
=Default value
=1 section
=$1
889 file=/p
/c
/subdir_files
/.mozilla
/firefox
/profiles.ini
890 sed -ri "/^ *$key/d" "$file"
891 sed -ri "/ *\[$section\]/,/^ *\[[^]]+\]/{/^\s*$key[[:space:]=]/d};/ *\[$section\]/a $key=$value" "$file"
893 fdhome
() { #firefox default home profile
894 firefox-default-profile Profile0
898 firefox-default-profile Profile4
902 if type -P firefox
&>/dev
/null
; then
910 firefox
-P alt
"$@" >/dev
/null
2>&1
916 local dname
="${PWD##*/}"
917 local m
="/a/tmp/$dname-missing"
918 local d
="/a/tmp/$dname-diff"
919 [[ -e $d ]] && rm "$d"
920 [[ -e $m ]] && rm "$m"
923 while read -r line
; do
925 if [[ -e "$fsfile" ]]; then
926 md5diff
"$line" "$fsfile" && tee -a "/a/tmp/$dname-diff" <<< "$fsfile $line"
932 done < <(find .
-type f
)
935 (( msize
<= 100 )) && cat $m
939 # expected output, with different tmp dirs
940 # /tmp/tmp.HDPbwMqdC9/c/d ./c/d
941 # /a/tmp/tmp.qLDkYxBYPM-missing
951 echo different
> $x/c
/d
956 # test whether missing files were renamed, generally for use with fsdiff
957 # $1 = fsdiff output file, $2 = directory to compare to. pwd = fsdiff dir
958 # echos non-renamed files
962 { sums
+=( "$(md5sum < "$x")" ) ; } 2>/dev
/null
964 while read -r line
; do
965 { missing_sum
=$
(md5sum < "$line") ; } 2>/dev
/null
967 for x
in "${sums[@]}"; do
968 if [[ $missing_sum == "$x" ]]; then
973 $renamed ||
echo "$line"
979 # F = fullscren, z = random, Z = auto zoom
980 command feh
-FzZ "$@"
986 firefox
-P default
"$@" >/dev
/null
2>&1
990 git config user.email ian@iankelling.org
993 # at least in flidas, things rely on gpg being gpg1
995 if type -P gpg2
&>/dev
/null
; then
1003 local email
=ian@iankelling.org
1004 git send-email
--notes "--envelope-sender=<$email>" \
1005 --suppress-cc=self
"$@"
1008 gup
() { /a
/f
/gnulib
/build-aux
/gnupload
"$@"; }
1010 dejagnu
() { /a
/opt
/dejagnu
/dejagnu
"$@"; }
1013 # do git status on published repos.
1016 cd $
(readlink
-f $x)/..
1017 status
=$
(i status
-s) ||
pwd
1018 if [[ $status ]]; then
1021 printf "%s\n" "$status"
1030 for (( i
=0; i
<60; i
++ )); do
1031 day
=$
( date +%F
-d @$
((EPOCHSECONDS
- 86400*i
)) )
1032 date "+%a %b %d" -d @$
((EPOCHSECONDS
- 86400*i
)) |
tr '\n' ' '
1033 /a
/opt
/timetrap
/bin
/t d
-ftotal -s $day -e $day all
-m '^w|lunch$'
1036 to
() { t out
-a "$@"; }
1037 ti
() { t
in -a "$@"; }
1042 m t out
-a $
(date +%F.
%T
-d @$
(( $
(date -d "$(echo $*|sed 's/[_.]/ /g')" +%s
) + 60*45 )) )
1046 arbttlog
() { arbtt-dump
"$@" |
grep -v '( )\|Current Desktop' |
sed -rn '/^[^ ]/{N;s/^(.{21})([0-9]*)[0-9]{3}m.*\(\*/\1\2/;s/^(.{21})[0-9]*.*\(\*/\1/;s/\n//;p}' ; }
1049 /a
/opt
/idea-IC-163.7743
.44/bin
/idea.sh
"$@" &r
1053 ssh root@iankelling.org
"cd /var/lib/znc/moddata/log/iank/freenode/ && hr && for x in \#$1/*; do base=\${x##*/}; files=(); for f in $@; do tmp=\#\$f/\$base; if [[ -e \$tmp ]]; then files+=(\#\$f/\$base); fi; done; sed \"s/^./\${base%log}/\" \${files[@]}|sort -n; hr; done"
1058 # use * instead of -r since that does sorted order
1059 ssh root@iankelling.org
"for n in freenode libera; do cd /var/lib/znc/moddata/log/iank/\$n/$chan && hr && for x in *; do echo \$x; sed \"s/^./\${x%log}/\" \$x; hr; done; done" |
less +G
1063 if type gio
&> /dev
/null
; then
1065 elif type gvfs-open
&> /dev
/null
; then
1070 # another alternative is run-mailcap
1075 # grep -Evi -e "^(\S+\s+){4}(sudo|sshd|cron)\[\S*:" \
1076 # -e "^(\S+\s+){4}systemd\[\S*: (starting|started) (btrfsmaintstop|dynamicipupdate|spamd dns bug fix cronjob|rss2email)\.*$"
1079 # journalctl -n 10000 -f "$@" | jfilter
1081 # jr() { journalctl "$@" | jfilter | less ; }
1082 # jrf() { journalctl -n 200 -f "$@" | jfilter; }
1084 jr
() { journalctl
"$@" ; }
1085 jrf
() { journalctl
-n 200 -f "$@" ; }
1088 ccomp journalctl jtail jr jrf
1090 kff
() { # keyboardio firmware flash. you must hold down the tilde key
1091 pushd /a
/opt
/Model01-Firmware
1092 # if we didn't want this yes hack, then remove "shell read" from
1093 # /a/opt/Kaleidoscope/etc/makefiles/sketch.mk
1094 yes $
'\n' | VERBOSE
=1 make flash
1099 local umask_orig name
1100 if (( $# != 1 )); then
1101 e expected
1 arg
>&2
1107 wg genkey |
tee $name-priv.key | wg pubkey
> $name-pub.key
1111 if (( $# != 2 )); then
1112 e expected
2 arg of hostname
, ip suffix
>&2
1115 local host ipsuf umask_orig
1118 mkdir
-p /p
/c
/machine_specific
/$host/filesystem
/etc
/wireguard
1119 cd /p
/c
/machine_specific
/$host/filesystem
/etc
/wireguard
1122 wg genkey |
tee hole-priv.key | wg pubkey
> hole-pub.key
1123 cat >wghole.conf
<<EOF
1125 # contents hole-priv.key
1126 PrivateKey = $(cat hole-priv.key)
1128 Address = 10.8.0.$ipsuf/24
1129 # https://dev.to/tangramvision/what-they-don-t-tell-you-about-setting-up-a-wireguard-vpn-1h2g
1130 # ||: makes the systemd service not fail due to the failed command
1131 PostUp = ping -c1 10.8.0.1 ||:
1134 # li. called wgmail on that server
1135 PublicKey = CTFsje45qLAU44AbX71Vo+xFJ6rt7Cu6+vdMGyWjBjU=
1136 AllowedIPs = 10.8.0.0/24
1137 Endpoint = 72.14.176.105:1194
1138 PersistentKeepalive = 25
1141 # old approach. systemd seems to work fine and cleaner.
1142 rm -f ..
/network
/interfaces.d
/wghole
1143 cedit
-q $host /p
/c
/machine_specific
/li
/filesystem
/etc
/wireguard
/wgmail.conf
<<EOF || [[ $? == 1 ]]
1145 PublicKey = $(cat hole-pub.key)
1146 AllowedIPs = 10.8.0.$ipsuf/32
1152 mns
() { # mount namespace
1155 s mkdir
-p /root
/mount_namespaces
1156 if ! sudo mountpoint
/root
/mount_namespaces
>/dev
/null
; then
1157 m sudo mount
--bind /root
/mount_namespaces
/root
/mount_namespaces
1159 m sudo mount
--make-private /root
/mount_namespaces
1160 if [[ ! -e /root
/mount_namespaces
/$ns ]]; then
1161 m sudo
touch /root
/mount_namespaces
/$ns
1163 if ! sudo mountpoint
/root
/mount_namespaces
/$ns >/dev
/null
; then
1164 m sudo unshare
--propagation slave
--mount=/root
/mount_namespaces
/$ns /bin
/true
1166 m sudo
-E /usr
/bin
/nsenter
--mount=/root
/mount_namespaces
/$ns "$@"
1172 mns
$ns sudo
-u iank
-E env
"PATH=$PATH" "$@"
1177 if ! s ip netns list |
grep -Fx nonet
&>/dev
/null
; then
1178 s ip netns add nonet
1180 mns
$ns --net=/var
/run
/netns
/nonet sudo
-E -u iank
/bin
/bash
1186 # l = the loopback device
1188 if [[ $1 == /* ]]; then
1191 if mns
$base mountpoint
-q /mnt
/$base; then
1194 l
=$
(losetup
-j $fs_file |
sed -rn 's/^([^ ]+): .*/\1/p' |
head -n1 ||
:)
1196 l
=$
(sudo losetup
-f)
1197 m sudo losetup
$l $fs_file
1199 if ! sudo cryptsetup status
/dev
/mapper
/$base &>/dev
/null
; then
1200 if ! sudo cryptsetup luksOpen
$l $base; then
1201 m sudo losetup
-d $l
1205 m sudo mkdir
-p /mnt
/$base
1206 m mns
$base mount
/dev
/mapper
/$base /mnt
/$base
1207 m mns
$base chown
$USER:$USER /mnt
/$base
1211 if mns
$base mountpoint
/mnt
/$base &>/dev
/null
; then
1212 m mns
$base umount
/mnt
/$base
1214 if sudo cryptsetup status
/dev
/mapper
/$base &>/dev
/null
; then
1215 if ! m sudo cryptsetup luksClose
/dev
/mapper
/$base; then
1216 echo lom
: failed cryptsetup luksClose
/dev
/mapper
/$base
1220 l
=$
(losetup
-l --noheadings |
awk '$6 ~ /\/'$base'$/ {print $1}')
1222 m sudo losetup
-d $l
1224 echo lom
: warning
: no loopback device found
1229 # mu personality. for original, just run mp. for 2, run mp 2.
1230 # this is partly duplicated in mail-setup
1234 if ! killall mu
; then
1241 echo error
: mu not dead
1246 set -- /m
/mucache ~
/.cache
/mu
/m
/.mu ~
/.config
/mu
1251 if [[ -e $f && ! -L $f ]]; then
1254 m
ln -sf -T $target $f
1258 # these might need a mu index or something added.
1263 [[ -e $src ]] ||
{ echo "src:$src does not exist"; return 1; }
1265 m
ln -s -T $dst $src
1273 if [[ ! -e $src ||
-L $src ]]; then
1276 [[ -e $src ]] ||
{ echo "src:$src does not exist"; return 1; }
1278 m
ln -sf -T $dst $link
1286 [[ -e $src ]] ||
{ set +x
; return 1; }
1287 if [[ -L $dst ]]; then rm $dst; fi
1296 [[ -e $src ]] ||
{ set +x
; return 1; }
1297 if [[ -L $dst ]]; then rm $dst; fi
1304 markdown
"$1" >/tmp
/mdtest.html
1305 firefox
/tmp
/mdtest.html
1308 mo
() { xset dpms force off
; } # monitor off
1311 mpv
--profile=d
"$@";
1313 # mpv all media files in . or $1
1315 local -a extensions arg
1316 # get page source of https://en.wikipedia.org/w/index.php?title=Video_file_format&action=edit
1317 # into /a/x.log, then
1318 # grep '^| *\.' /a/x.log | sed 's/| *//;s/,//g'
1341 .mpg .mp2 .mpeg .mpe .mpv
1351 arg
=("(" -iname "*${extensions[0]}")
1352 for (( i
=1 ; i
< ${#extensions[@]}; i
++ )); do
1353 arg
+=(-o -iname "*${extensions[i]}")
1358 #find $dir "${arg[@]}" -size +1M
1359 find $dir "${arg[@]}" -size +1M
-exec mpv
--profile=d
'{}' +
1362 mpv
--profile=s
"$@";
1370 d
=( /var
/lib
/znc
/moddata
/log
/iank
/{freenode
,libera
} )
1371 # use * instead of -r since that does sorted order
1372 ssh root@iankelling.org
"for f in ${d[@]}; do cd \$f/#$1; grep '\<iank.*' *; done" | cut
--complement -c12-16
1375 c
/p
/c
/.purple
/logs
/jabber
/iank@fsf.org
/office@conference.fsf.org.chat
1376 for x
in *.html
; do html2text
-o ${x%.html}.txt
$x; done;
1377 grep -A1 ') iank:' *.txt |
sed -r 's/^(.{10})[^ ]*\.txt:\(?([^ ]*)[[:space:]](..). iank:/\1_\2_\3/;s/^[^ ]*\.txt-//;/^--$/d;s/^[^ ]*\.txt:\((.{2}).(.{2}).(.{4}) (.{8}) (.{2})\)?/\3-\1-\2_\4_\5/' |
sed -n 'x;1d;0~2{G;s/\n/ /;p};${x;p}'
1381 d
=/var
/lib
/znc
/moddata
/log
/iank
/freenode
1382 ssh root@iankelling.org
"cd $d; find . -mtime -60 -type f -exec grep '\<iank.*' {} +" |
sed -r 's,^..([^/]*)/(.{11})(.{5})(.{8}).,\2\4 \1,' |
sort
1386 local time time_sec time_pretty
1387 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs where contact_name = 'iank' and jid_id = 17;" |
while read -r time l
; do
1392 if ! time_pretty
=$
(date +%F.
%R
-d @
$time); then
1393 echo bad
time: $time
1396 echo $time_pretty "$l"
1397 time_sec
=${time%%.*}
1398 # only look at the last 18 days. generally just use this for timesheet.
1399 if (( time_sec
< EPOCHSECONDS
- 60 * 60 * 24 * 18 )); then break; fi
1404 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs where contact_name = 'iank'" |
less
1408 sqlite3
-separator ' ' /p
/c
/subdir_files
/.local
/share
/gajim
/logs.db
"select time, message from logs" |
less
1412 e
"lspci -nnk|gr -iA2 net"
1413 lspci
-nnk|gr
-iA2 net
1415 e
"s lshw -C network"
1417 sudo lshw
-C network
1421 ser stop NetworkManager
1422 ser disable NetworkManager
1423 ser stop NetworkManager-wait-online.service
1424 ser disable NetworkManager-wait-online.service
1426 sudo resolvconf
-d NetworkManager
1432 ser start NetworkManager
1438 oathtool
--totp -b "$*" | xclip
-selection clipboard
1441 "$@" |
& pee
"xclip -r -selection clipboard"
1446 # from http://askubuntu.com/questions/456021/remove-vocals-from-mp3-and-get-only-instrumentals
1447 pactl load-module module-ladspa-sink sink_name
=Karaoke master
=alsa_output.usb-Audioengine_Audioengine_D1-00.analog-stereo plugin
=karaoke_1409 label
=karaoke control
=-30
1450 pfind
() { #find *$1* in $PATH
1451 [[ $# != 1 ]] && { echo requires
1 argument
; return 1; }
1453 IFS
=: pathArray
=($PATH); unset IFS
1454 find "${pathArray[@]}" -iname "*$1*"
1458 # trash-restore lists everything that has been trashed at or below CWD
1459 # This picks out files just in CWD, not subdirectories,
1460 # which also match grep $1, usually use $1 for a time string
1461 # which you get from running restore-trash once first
1464 # last condition is to not ask again for ones we skipped
1465 while name
="$( echo | restore-trash | gr "$PWD/[^
/]\
+$
" | gr "$1" )" \
1466 && [[ $name ]] && (( $
(wc -l <<<"$name") >= nth
)); do
1467 name
="$(echo "$name" | head -n $nth | tail -n 1 )"
1468 read -r -p "$name [Y/n] " ask
1469 if [[ ! $ask ||
$ask == [Yy
] ]]; then
1470 x
=$
( echo "$name" | gr
-o "^\s*[0-9]*" )
1471 echo $x | restore-trash
> /dev
/null
1472 elif [[ $ask == [Nn
] ]]; then
1482 rld
/a
/h
/_site
/ li
:/var
/www
/iankelling.org
/html
1487 # fixes the menu bar in xmonad. this won\'t be needed when xmonad
1488 # packages catches up on some changes in future (this is written in
1491 # geekosaur: so youll want to upgrade to xmonad 0.13 or else use a
1492 # locally modified XMonad.Hooks.ManageDocks that doesnt set the
1493 # work area; turns out it\'s impossible to set correctly if you are
1494 # not a fully EWMH compliant desktop environment
1496 # geekosaur: chrome shows one failure mode, qt/kde another, other
1497 # gtk apps a third, ... I came up with a setting that works for me
1498 # locally but apparently doesnt work for others, so we joined the
1499 # other tiling window managers in giving up on setting it at all
1501 xprop
-root -remove _NET_WORKAREA
1505 # reviewboard, used at my old job
1506 #rbpipe() { rbt post -o --diff-filename=- "$@"; }
1507 #rbp() { rbt post -o "$@"; }
1515 # only run on MAIL_HOST. simpler to keep this on one system.
1516 r2eadd
() { # usage: name url
1517 # initial setup of rss2email:
1518 # r2e new r2e@iankelling.org
1519 # that initializes files, and sets default email.
1520 # symlink to the config doesnt work, so I copied it to /p/c
1521 # and then use cli option to specify explicit path.
1522 # Only option changed from default config is to set
1525 # or else for a few feeds, the from address is set by the feed, and
1526 # if I fail delivery, then I send a bounce message to that from
1527 # address, which makes me be a spammer.
1529 r2e add
$1 "$2" $1@r2e.iankelling.org
1530 # get up to date and dont send old entries now:
1531 r2e run
--no-send $1
1533 r2e
() { command r2e
-d /p
/c
/rss2email.json
-c /p
/c
/rss2email.cfg
"$@"; }
1535 rspicy
() { # usage: HOST DOMAIN
1536 # connect to spice vm remote host. use vspicy for local host
1538 # shellcheck disable=SC2087
1540 sudo virsh dumpxml $2|grep "<graphics.*type='spice'" | \
1541 sed -rn "s/.*port='([0-9]+).*/\1/p"
1544 if [[ $port ]]; then
1545 spicy
-h $1 -p $port
1547 echo "error: no port found. check that the domain is running."
1553 # s gem install scss-lint
1554 pushd /a
/opt
/thoughtbot-guides
1557 scss-lint
-c /a
/opt
/thoughtbot-guides
/style
/sass
/.scss-lint.yml
"$@"
1561 sk
-e 2120,245 /b
/ds
/brc
/b
/ds
/brc2
1566 out
=${2:-${1%.*}.sh}
1568 script -t -c "mpv --no-config --no-resume-playback --no-terminal --no-audio-display '$1'" $tmp/typescript
2>$tmp/timing
1569 # todo, the current sleep seems pretty good, but it
1570 # would be nice to have an empirical measurement, or
1571 # some better wait to sync up.
1573 # note: --loop-file=no prevents it from hanging if you have that
1574 # set to inf the mpv config.
1575 # --loop=no prevents it from exit code 3 due to stdin if you
1576 # had it set to inf in mpv config.
1578 # args go to mpv, for example --volume=80, 50%
1579 cat >$out <<EOFOUTER
1581 trap "trap - TERM && kill 0" INT TERM ERR; set -e
1582 ( sleep .2; scriptreplay <( cat <<'EOF'
1586 $(cat $tmp/typescript)
1589 base64 -d - <<'EOF'| mpv --loop=no --loop-file=no --no-terminal --no-audio-display "\$@" -
1598 smeld
() { # ssh meld usage host1 host2 file
1599 meld
<(ssh $1 cat $3) <(ssh $2 cat $3)
1603 PATH
=/usr
/local
/spdhackfix
:$PATH command spd
"$@"
1606 spamf
() { # spamtest on FILE
1607 local spamcpre spamdpid
1609 if (( $# != 1 )); then
1610 e spamtest error
: expected
1 arg
, filename
>&2
1614 spamdpid
=$
(systemctl status spamassassin|
sed -n '/^ *Main PID:/s/[^0-9]//gp')
1615 spamcpre
="nsenter -t $spamdpid -n -m"
1616 s
$spamcpre sudo
-u Debian-exim spamassassin
-t --cf='score PYZOR_CHECK 0' <"$1"
1622 declare -gi _seq
; _seq
+=1
1623 echo "test body" | m
mail -s "test mail from $HOSTNAME, $_seq" "${@:-root@localhost}"
1624 # for testing to send from an external address, you can do for example
1625 # -fian@iank.bid -aFrom:ian@iank.bid web-6fnbs@mail-tester.com
1626 # note in exim, you can retry a deferred message
1628 # MSG_ID is in /var/log/exim4/mainlog, looks like 1ccdnD-0001nh-EN
1631 # to test sieve, use below command. for fsf mail, see offlineimap-sync script
1632 # make modifications, then copy to live file, use -eW to actually modify mailbox
1634 # Another option is to use sieve-test SCRIPT MAIL_FILE. note,
1635 # sieve-test doesnt know about envelopes, Im not sure if sieve-filter does.
1637 # sieve with output filter. arg is mailbox, like INBOX.
1638 # This depends on dovecot conf, notably mail_location in /etc/dovecot/conf.d/10-mail.conf
1640 # always run this first, edit the test files, then run the following
1642 sieve-filter ~
/sieve
/maintest.sieve
${1:-INBOX} delete
2> >(head; tail) >/tmp
/testsieve.log
&& sed -rn '/^Performed actions:/,/^[^ ]/{/^ /p}' /tmp
/testsieve.log |
sort |
uniq -c
1645 c ~
/sieve
; cp personal
{test,}.sieve
; cp lists
{test,}.sieve
; cp personalend
{test,}.sieve
1646 sieve-filter
-eWv ~
/sieve
/maintest.sieve
${1:-INBOX} delete
&> /tmp
/testsieve.log
1647 sed -r '/^info: filtering:/{h;d};/^info: msgid=$/N;/^info: msgid=.*left message in mailbox [^ ]+$/d;/^info: msgid=/{H;g};/^info: message kept in source mailbox.$/d' /tmp
/testsieve.log
1652 # printf "subject\nbody\n" | alertme
1657 To: alerts@iankelling.org
1664 To: alerts@iankelling.org
1676 To: daylert@iankelling.org
1683 To: daylert@iankelling.org
1692 # alert when a page goes live. not urgent.
1695 tmpdir
="$(mktemp -d)"
1698 if torsocks wget
-q "$url"; then
1701 sleep $
(( 600 + RANDOM
% 300 ))
1705 # alert on changes to a webpage (just the base page that curl gets)
1706 # usage: weblert URL [SUBJECT...]
1708 local u old new quiet
1711 # dont send a diff of the html. some html is not very readable
1718 subject
="${*:-weblert}"
1719 old
=$
(curl
-s "$u") ||
:
1721 new
=$
(curl
-s "$u") ||
:
1722 if [[ $old && $new ]]; then
1723 if [[ $new != "$old" ]]; then
1725 echo | daylertme
"$subject"
1727 diff <(printf "%s\n" "$old") <(printf "%s\n" "$new") | daylertme
"$subject" ||
:
1732 sleep $
(( 60 + RANDOM
% 120 ))
1738 source `type -p torsocks` on
1742 less /var
/log
/exim
4/mymain
1748 # testmail above calls sendmail, which is a link to exim/postfix.
1749 # its docs dont say a way of adding an argument
1750 # to sendmail to turn on debug output. We could make a wrapper, but
1751 # that is a pain. Exim debug args are documented here:
1752 # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
1754 # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-building_and_installing_exim.html
1755 # note, for exim daemon, you can turn on debug options by
1756 # adding -d, etc to COMMONOPTIONS in
1757 # /etc/default/exim4
1759 # to specify recipients other than those in to, cc, bcc, you can use the cli args, eg:
1760 # exim -t 'test@zroe.org, t2@zroe.org' <<'EOF'
1762 # -t = get recipient from header
1764 From: i@dmarctest.b8.nz
1765 To: mailman@dev.fsf.org
1767 Reply-to: rtest@iankelling.org
1769 This is a test message.
1776 # https://askubuntu.com/questions/160945/is-there-a-way-to-disable-a-laptops-internal-keyboard
1777 id
=$
(xinput
--list --id-only 'AT Translated Set 2 keyboard')
1778 if xinput list |
grep -F '∼ AT Translated Set 2 keyboard' &>/dev
/null
; then
1779 echo enabling keyboard
1780 # find the first slave keyboard number, they are all the same in my output.
1781 # if they werent, worst case we would need to save the slave number somewhere
1782 # when it got disabled.
1783 slave
=$
(xinput list |
sed -n 's/.*slave \+keyboard (\([0-9]*\)).*/\1/p' |
head -n1)
1784 xinput reattach
$id $slave
1793 (sleep $
(calc
"$* * 60") && mpv
--no-config --volume 50 /a
/bin
/data
/alarm.mp3
) > /dev
/null
2>&1 &
1796 trg
() { transmission-remote-gtk
& r
; }
1798 # example, set global upload limit to 100 kilobytes:
1800 TR_AUTH
=":$(jq -r .profiles[0].password ~/.config/transmission-remote-gtk/config.json)" transmission-remote transmission.lan
-ne "$@"
1807 for (( i
=0; i
< retries
- 1; i
++ )); do
1819 if [[ -e $1 && ! -w $1 ||
! -w $
(dirname "$1") ]]; then
1822 # full path for using in some initial setup steps
1829 ecmd
="/usr/sbin/exim4 -C /etc/exim4/my.conf"
1830 if ip a show veth1-mail
&>/dev
/null
; then
1834 pid
=$
(pgrep
-f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1
)
1835 m s nsenter
-t $pid -n -m $ecmd "$@"
1838 # get pid of systemd service
1842 pid
=$
(systemctl show
--property MainPID
--value "$unit")
1846 # 0 or empty. This file includes the MainPid, so I expect we
1847 # could just get this in the first place, but i don't know if that
1848 # is always the case.
1849 pid
=$
(head -n1 /sys
/fs
/cgroup
/systemd
/system.slice
/${unit%.service}.service
/cgroup.procs
)
1853 printf "%s\n" "$pid"
1859 sdnbash
() { # systemd namespace bash
1862 pid
=$
(servicepid
$unit)
1863 m sudo nsenter
-t $pid -n -m sudo
-u $USER -i bash
1866 sdncmd
() { # systemd namespace cmd
1870 pid
=$
(servicepid
$unit)
1871 m sudo nsenter
-t $pid -n -m sudo
-u $USER -i "$@"
1879 # we use wireguard now, use mailnnbash.
1881 # m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash
1886 pid
=$
(pgrep
-f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1
)
1887 if [[ ! $pid ]]; then
1888 echo "eximbash: failed to find exim pid. systemctl -n 30 status exim4:"
1889 systemctl status exim4
1891 m sudo nsenter
-t $pid -n -m
1895 spamdpid
=$
(systemctl show
--property MainPID
--value spamassassin
)
1896 m sudo nsenter
-t $spamdpid -n -m sudo
-u Debian-exim spamassassin
"$@"
1899 m sudo nsenter
-t $
(systemctl status unbound|
sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo
-u $USER -i bash
1903 s nmtui-connect
"$@"
1907 local p pid ns mailnn
1908 # mailvpn would belong on the list if using openvpn
1909 for p
in mailnn unbound dovecot spamassassin exim4 radicale
; do
1912 pid
=$
(systemctl show
--property MainPID
--value $unit)
1916 # 0 or empty. This file includes the MainPid, so I expect we
1917 # could just get this in the first place, but i don't know if
1918 # that is always the case.
1919 pid
=$
(head -n1 /sys
/fs
/cgroup
/systemd
/system.slice
/${unit%.service}.service
/cgroup.procs
)
1923 if [[ ! $pid ]]; then
1924 echo failed to
find pid
for $p
1927 if ! ns
=$
(s readlink
/proc
/$pid/ns
/net
); then
1928 echo failed to
find ns
for $p pid
=$pid
1931 if [[ $mailnn ]]; then
1932 if [[ $ns != "$mailnn" ]]; then
1933 echo "$p ns $ns != $mailnn"
1944 m sudo
-E env
"PATH=$PATH" nsenter
-t $
(pgrep
-f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n "$@"
1948 vpncmd sudo
-u iank env
"PATH=$PATH" "$@"
1956 if [[ -e /lib
/systemd
/system
/openvpn-client@.service
]]; then
1957 local vpn_service
=openvpn-client
1959 local vpn_service
=openvpn
1962 [[ $1 ]] ||
{ echo need arg
; return 1; }
1963 journalctl
--unit=$vpn_service@
$1 -f -n0 &
1964 # sometimes the journal doesnt open until after the vpn output
1965 # has happened. hoping this fixes that.
1967 sudo systemctl start
$vpn_service@
$1
1968 # sometimes the ask-password agent does not work and needs a delay.
1970 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779240
1971 # noticed around 8-2017 after update from around stretch release
1972 # on debian testing, even though the bug is much older.
1973 sudo systemd-tty-ask-password-agent
1977 ls -lad /run
/user
/1000
1978 s
chmod 700 /run
/user
/1000; s chown iank.iank
/run
/user
/1000
1981 # systemctl is-enabled / status / cat says nothing, instead theres
1982 # some obscure symlink. paths copied from man systemd.unit.
1983 # possibly also usefull, but incomplete, doesnt show units not loaded in memory:
1984 # seru list-dependencies --reverse --all UNIT
1987 local -a dirs search
1993 ~
/.config
/systemd
/user.control
/*
1994 $XDG_RUNTIME_DIR/systemd
/user.control
/*
1995 $XDG_RUNTIME_DIR/systemd
/transient
/*
1996 $XDG_RUNTIME_DIR/systemd
/generator.early
/*
1997 ~
/.config
/systemd
/user
/*
1999 $XDG_RUNTIME_DIR/systemd
/user
/*
2001 $XDG_RUNTIME_DIR/systemd
/generator
/*
2002 ~
/.local
/share
/systemd
/user
/*
2003 /usr
/lib
/systemd
/user
/*
2004 $XDG_RUNTIME_DIR/systemd
/generator.late
/*
2009 /etc
/systemd
/system.control
/*
2010 /run
/systemd
/system.control
/*
2011 /run
/systemd
/transient
/*
2012 /run
/systemd
/generator.early
/*
2013 /etc
/systemd
/system
/*
2014 /etc
/systemd
/systemd.attached
/*
2015 /run
/systemd
/system
/*
2016 /run
/systemd
/systemd.attached
/*
2017 /run
/systemd
/generator
/*
2018 /lib
/systemd
/system
/*
2019 /run
/systemd
/generator.late
/*
2023 for f
in "${search[@]}"; do
2024 [[ -d $f ]] ||
continue
2031 # dirs is just so we write out the directory names, ls does it when there is 2 or more dirs.
2047 read _ link _ istls
< <(resolvectl dnsovertls tunfsf
)
2050 *) echo fixvpndns error
: unexpected istls value
: $istls >&2; return 1 ;;
2052 s busctl call org.freedesktop.resolve1
/org
/freedesktop
/resolve1 org.freedesktop.resolve1.Manager SetLinkDNSOverTLS is
$link no
2056 [[ $1 ]] ||
{ echo need arg
; return 1; }
2057 if [[ -e /lib
/systemd
/system
/openvpn-client@.service
]]; then
2058 local vpn_service
=openvpn-client
2060 local vpn_service
=openvpn
2062 sudo systemctl stop
$vpn_service@
$1
2064 vpnoffc
() { # vpn off client
2065 ser stop openvpn-client-tr@client
2068 ser start openvpn-client-tr@client
2072 vspicy
() { # usage: VIRSH_DOMAIN
2073 # connect to vms made with virt-install
2074 spicy
-p $
(sudo virsh dumpxml
"$1"|
grep "<graphics.*type='spice'"|\
2075 sed -r "s/.*port='([0-9]+).*/\1/")
2079 cat-new-files
/m
/4e
/INBOX
/new
2082 wtr
() { curl wttr.in
/boston
; }
2084 xevkb
() { xev
-event keyboard
; }
2089 printf "running: %s\n" "$*"
2093 f
=/a
/f
/ansible-configs
/files
/common
/etc
/fsf-workstation-bashrc.sh
2094 if [[ -e $f ]]; then
2095 # shellcheck disable=SC1090
2100 # https://electrum.readthedocs.io/en/latest/tor.html
2101 # https://github.com/spesmilo/electrum-docs/issues/129
2102 s rsync
-ptog --chown bitcoin
:bitcoin ~
/.Xauthority
/var
/lib
/bitcoind
/.Xauthority
2103 sudo
-u bitcoin DISPLAY
=$DISPLAY XAUTHORITY
=/var
/lib
/bitcoind
/.Xauthority
/a
/opt
/electrum-4.2
.1-x86_64.AppImage
-p socks5
:localhost
:9050
2106 sudo
-u bitcoin DISPLAY
=$DISPLAY XAUTHORITY
=/var
/lib
/bitcoind
/.Xauthority
/a
/opt
/monero-gui-v0.17
.3.2/monero-wallet-gui
2111 # we also have a file in /a/c/...konsole...
2112 local f
=$HOME/.config
/konsolerc
2113 setini DefaultProfile profileian.profile
"Desktop Entry" $f
2114 setini Favorites profileian.profile
"Favorite Profiles" $f
2115 setini ShowMenuBarByDefault false KonsoleWindow
$f
2116 setini TabBarPosition Top TabBar
$f
2120 while read -r k v
; do
2121 # shellcheck disable=SC2154
2122 setini
$k $v sakura
/a
/c
/subdir_files
/.config
/sakura
/sakura.conf
2124 colorset1_back rgb(33,37,39)
2128 disable_numbered_tabswitch true
2129 scroll_lines 10000000
2134 # make a page of links found in the files $@. redirect output
2136 gr
-oh 'https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)' "$@" | \
2137 rev |
sort -u |
rev |
sed 's,.*,<a href="\0">\0</a><br\>,'
2140 reset-xscreensaver
() {
2141 # except for spash, i set these by setting gui options in
2142 # xscreensaver-command -demo
2143 # then finding the corresponding option in .xscreensaver
2144 # spash, i happened to notice in .xscreensaver
2146 # dpmsOff, monitor doesnt come back on using old free software supported nvidia card
2147 cat > /home
/iank
/.xscreensaver
<<'EOF'
2150 dpmsStandby: 0:07:00
2151 dpmsSuspend: 0:08:00
2155 lockTimeout: 0:06:00
2162 # * stuff that makes sense to be at the end
2163 if [[ "$SUDOD" ]]; then
2164 # allow failure, for example if we are sudoing into a user with diffferent/lesser permissions.
2167 elif [[ -d /a
]] && [[ $PWD == "$HOME" ]] && [[ $
- == *i
* ]]; then
2175 # for mitmproxy to get a newer python.
2176 # commented until i want to use it because it
2177 # noticably slows bash startup
2181 if [[ $EUID == 0 ||
! -e ~
/.pyenv
/bin
]]; then
2182 echo "error: dont be root. make sure pyenv is installed"
2185 export PATH
="$HOME/.pyenv/bin:$PATH"
2186 eval "$(pyenv init -)"
2187 eval "$(pyenv virtualenv-init -)"
2191 export GOPATH
=$HOME/go
2192 path-add
$GOPATH/bin
2193 path-add
/usr
/local
/go
/bin
2195 # I have the git repo and a release. either one should work.
2196 # I have both because I was trying to solve an issue that
2197 # turned out to be unrelated.
2198 # ARDUINO_PATH=/a/opt/Arduino/build/linux/work
2200 ## i should have documented this...
2201 # based on https://github.com/keyboardio/Kaleidoscope
2202 export KALEIDOSCOPE_DIR
=/a
/opt
/Kaleidoscope
2204 # They want to be added to the start, but i think
2205 # that should be avoided unless we really need it.
2206 path-add
--end ~
/.npm-global
2209 path-add
--end $HOME/.cargo
/bin
2211 if type -P rg
&>/dev
/null
; then
2212 # --no-messages because of annoying errors on broken symlinks
2213 # -z = search .gz etc files
2214 # -. = search dotfilesq
2215 rg
() { command rg
-.
-z --no-messages -L -i -M 900 --no-ignore "$@" ||
return $?
; }
2216 #fails if not exist. ignore
2217 complete
-r rg
2>/dev
/null ||
:
2224 # taken from default changes to bashrc and bash_profile
2225 path-add
--end --ifexists $HOME/.rvm
/bin
2226 # also had ruby bin dir, but moved that to environment.sh
2227 # so its included in overall env
2230 export BASEFILE_DIR
=/a
/bin
/fai-basefiles
2232 #export ANDROID_HOME=/a/opt/android-home
2233 # https://f-droid.org/en/docs/Installing_the_Server_and_Repo_Tools/
2234 #export USE_SDK_WRAPPER=yes
2235 #PATH=$PATH:$ANDROID_HOME/tools:$ANDROID_HOME/platform-tools
2237 # didnt get drush working, if I did, this seems like the
2238 # only good thing to include for it.
2239 # Include Drush completion.
2240 # if [ -f "/home/ian/.drush/drush.complete.sh" ] ; then
2241 # source /home/ian/.drush/drush.complete.sh
2248 # https://wiki.archlinux.org/index.php/Xinitrc#Autostart_X_at_login
2249 # i added an extra condition as gentoo xorg guide says depending on
2250 # $DISPLAY is fragile.
2251 if [[ ! $DISPLAY && $XDG_VTNR == 1 ]] && shopt -q login_shell
&& isarch
; then
2256 # ensure no bad programs appending to this file will have an affect