#!/bin/bash # Copyright (C) 2019 Ian Kelling # SPDX-License-Identifier: AGPL-3.0-or-later # this gets sourced. shebang is just for file mode detection # * settings HISTFILE=$HOME/.bh source /a/bin/distro-setup/path-add-function path-add /a/exe # add this with absolute paths as needed for better security #path-add --end /path/to/node_modules/.bin # pip3 --user things go here: path-add --end ~/.local/bin path-add --ifexists --end /a/work/libremanage path-add --ifexists --end /a/opt/adt-bundle*/tools /a/opt/adt-bundle*/platform-tools path-add --ifexists --end /a/opt/scancode-toolkit-3.10. export WCDHOME=/a case $EUID in 0) SL_SSH_ARGS="-F $HOME/.ssh/confighome" ;; esac # * include files # generated instead of dynamic for the benefit of shellcheck #for x in /a/bin/distro-functions/src/* /a/bin/!(githtml)/*-function?(s); do echo source $x ; done source /a/bin/distro-functions/src/identify-distros source /a/bin/log-quiet/logq-function # for x in /a/bin/bash_unpublished/source-!(.#*); do echo source $x; done source /a/bin/bash_unpublished/source-semi-priv source /a/bin/bash_unpublished/source-state source /a/bin/log-quiet/logq-function if [[ -s /a/opt/alacritty/extra/completions/alacritty.bash ]]; then source /a/opt/alacritty/extra/completions/alacritty.bash fi # * functions hstest() { install-my-scripts d=$(mktemp -d) sed '/^ *IdentityFile/d' ~/.ssh/config >$d/config s command ssh -F $d/config -i /q/root/h "$@" } hrtest() { install-my-scripts d=$(mktemp -d) sed '/^ *IdentityFile/d' ~/.ssh/config >$d/config s rsync -e "ssh -F $d/config -i /q/root/h" "$@" } slemacs() { local arg rtime v arg="$1" remote="$2" if [[ $arg == [89]0Etiona* ]]; then v=${arg::1} rtime=${arg#*Etiona} # remote time if [[ ! $rtime ]]; then rtime=0 fi dir=/a/opt/emacs-trisquel${v}-nox/.iank ltime=$(stat -c%Y $dir/e/e/.emacs.d/init.el) if (( ltime > rtime )); then m rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" $dir "$remote":/home/iank fi fi } sle() { # sl emacs local f=/home/iank/.emacs.d/init.el sl --sl-test-cmd ". /etc/os-release ; printf %s \${VERSION//[^a-zA-Z0-9]/}; test -e $f && stat -c%Y $f" --sl-test-hook slemacs "$@" } ccomp ssh sle # Run this manually after .emacs.d changes. Otherwise, to check if # files changed with find takes 90ms. sl normally only adds 25ms. We # could cut it down to 10ms if we put things on a btrfs filesystem and # looked for changes there, or used some inotify thing, but that seems # like too much work. egh() { # emacs gnuhope RSYNC_RSH=ssh m rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel9-nox/.iank lists2d.fsf.org:.ianktrisquel_9 RSYNC_RSH=ssh m rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel8-nox/.iank lists2d.fsf.org:/home/iank } ekw() { local shell="bash -s" if [[ $HOSTNAME != kw ]]; then shell="ssh kw.office.fsf.org" bbk -m /a -t kw fi $shell <<'EOF' sudo mkdir /root/.ianktrisquel_9 sudo rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel9-nox/.iank /root/.ianktrisquel_9 rsync -rptL --delete --filter=". /b/ds/sl/rsync-filter" /a/opt/emacs-trisquel8-nox/.iank /home/iank EOF } # usage mkschroot [-] distro codename packages # - means no piping in of sources.list mkschroot() { local force=false while [[ $1 == -* ]]; do case $1 in -f) force=true; shift ;; -s) sources="$2" if [[ ! -s $sources ]]; then echo mkschroot: error: sources file $sources does not exist or is empty return 1 fi shift 2 ;; esac done distro=$1 shift case $distro in trisquel) repo=http://mirror.fsf.org/trisquel/ ;; ubuntu) repo=http://archive.ubuntu.com/ubuntu/ ;; debian) repo=http://deb.debian.org/debian/ ;; esac n=$1 shift if ! $force && schroot -l | grep -xFq chroot:$n; then echo "$0: $n schroot already installed, skipping" return 0 fi apps=($@) d=/nocow/schroot/$n sd /etc/schroot/chroot.d/$n.conf <> $f # fi # su iank # wget https://aur.archlinux.org/cgit/aur.git/snapshot/anbox-image-gapps.tar.gz # tar xzf anbox-image-gapps.tar.gz # cd anbox-image-gapps # makepkg -s } # clock back in to timetrack from last entry tback() { sqlite3 /p/.timetrap.db "update entries set end = NULL where id = (select max(id) from entries);" } # sshfs example: # s sshfs bu@$host:/bu/home/md /bu/mnt -o reconnect,ServerAliveInterval=20,ServerAliveCountMax=30 -o allow_other eqgo() { enn -M $(exiqgrep -i) } eqgo1() { enn -M $(exiqgrep -i|h1) } gnupload(){ /a/f/gnulib/build-aux/gnupload "$@" } abrowserrmcompat() { local f ngset f=(/p/c/firefox*/compatibility.ini) if (( ${#f[@]} )); then rm ${f[@]} fi ngreset } ngset() { if shopt nullglob >/dev/null; then ngreset=false else shopt -s nullglob ngreset=true fi } ngreset() { if $ngreset; then shopt -u nullglob fi } checkre() { s checkrestart -b /a/bin/ds/checkrestart-blacklist -pv } cp-blocked-domains-to-brains() { cp /a/f/ans/roles/exim/files/mx/simple/etc/exim4/bad-sender_domains /a/f/brains/sysadmin/kb/blocked_email_domains.mdwn } cp-blocked-domains-to-ansible() { cp /a/f/brains/sysadmin/kb/blocked_email_domains.mdwn /a/f/ans/roles/exim/files/mx/simple/etc/exim4/bad-sender_domains } anki() { # crashes on adding new cards in t9 schroot -c buster -- anki } acat() { ngset hrcat /m/md/alerts/{cur,new}/* ngreset hr; echo bk; hr ssh bk.b8.nz "shopt -s nullglob; hrcat /m/md/INBOX/new/* /m/md/INBOX/cur/*" } aclear() { ngset rm -f /m/md/alerts/{cur,new}/* ngreset ssh bk.b8.nz "shopt -s nullglob; rm -f /m/md/INBOX/new/* /m/md/INBOX/cur/*" system-status _ } ap() { # pushd in case current directory has an ansible.cfg file pushd /a/xans >/dev/null ansible-playbook -v -l ${1:- $(hostname -f)} site.yml popd >/dev/null } aw() { pushd /a/work/ans >/dev/null time ansible-playbook -v -i inventory adhoc.yml "$@" popd >/dev/null } ad() { pushd /a/bin/distro-setup/a >/dev/null ansible-playbook site.yml "$@" popd >/dev/null } astudio() { # googling android emulator libGL error: failed to load driver: r600 # lead to http://stackoverflow.com/a/36625175/14456 export ANDROID_EMULATOR_USE_SYSTEM_LIBS=1 /a/opt/android-studio/bin/studio.sh "$@" &r; } # note, to check for glue records # First, find some the .org nameservers: # dig +trace iankelling.org # then, query one: # dig ns1.iankelling.org @b0.org.afilias-nst.org. # Now, compare for a domain that does have glue records setup (note the A # and AAAA records in ADDITIONAL SECTION, those are glue records like the # one I'm asking for): # $ dig ns1.gnu.org @b0.org.afilias-nst.org. # todo: make sm pull/push use systemd instead of the journal cat command bbk() { # btrbk wrapper local ret=0 c / local active=true systemctl is-active btrbk.timer || active=false if $active; then ser stop btrbk.timer fi if [[ $(systemctl is-active btrbk.service ||:) != inactive ]]; then echo "cron btrbk is already running" if $active; then ser start btrbk.timer; fi return 1 fi # run latest install-my-scripts # todo: consider changing this to srun and having the args come # from a file like /etc/default/btrbk, like is done in exim s jrun btrbk-run "$@" if $active; then if (( ret )); then echo bbk: WARNING: btrbk.timer not restarted due to failure else ser start btrbk.timer fi fi return $ret } faimon() { fai-monitor | pee cat "fai-monitor-gui -" } bfg() { java -jar /a/opt/bfg-1.12.14.jar "$@"; } bigclock() { xclock -digital -update 1 -face 'arial black-80:bold' } nnn() { /a/opt/nnn -H "$@"; } # duplicated somewhat below. jrun() { # journal run. run args, log to journal, tail and grep the journal. # Note, an alternative without systemd would be something like ts. # Note, I tried using systemd-cat, but this seems obviously better, # and that seemed to have a problem exiting during a systemctl daemon-reload local cmd_name jr_pid s ret=0 cmd_name=${1##*/} cmd=$1 if [[ $cmd != /* ]]; then cmd=$(which $1) fi journalctl -qn2 -f -u "$cmd_name" & # Guess of time needed to avoid missing initial lines. # .5 was not reliable. 1 was not reliable. 2 was not reliable sleep 3 # We kill this in prompt-command for the case that we ctrl-c the # systemd-cat. i dont know any way to trap ctrl-c and still run the # normal action for it. There might be a way, unsure. jr_pid=$! # note, we could have a version that does system --user, but if for example # it does sudo ssh, that will leave a process around that we can't kill # and it will leave the unit hanging around in a failed state needing manual # killing of the process. m s systemd-run --uid $(id -u) --gid $(id -g) \ -E SSH_AUTH_SOCK=/run/openssh_agent \ --unit "$cmd_name" --wait --collect "$cmd" "${@:2}" || ret=$? # This justs lets the journal output its last line # before the prompt comes up. sleep .5 kill $jr_pid &>/dev/null ||: unset jr_pid fg &>/dev/null ||: } # service run, and watch the output srun() { local unit ret=0 unit=$1 journalctl -qn2 -f -u $unit & systemctl start $unit sleep 2 kill $jr_pid &>/dev/null ||: unset jr_pid fg &>/dev/null ||: } sm() { local tmp keyhash c / # run latest keyhash=$(s ssh-keygen -lf /root/.ssh/home | awk '{print $2}') tmp=$(s ssh-add -l | awk '$2 == "'$keyhash'"') if [[ ! $tmp ]]; then s ssh-add /root/.ssh/home fi install-my-scripts s jrun switch-mail-host "$@" return $ret } # shellcheck disable=SC2120 lipush() { # note, i had --delete-excluded, but that deletes all files in --exclude-from on # the remote site, which doesn't make sense, so not sure why i had it. local p a p=(/a/opt/{emacs-debian11{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes" ret=0 for h in li je bk; do m s rsync "$@" $a ${p[@]} /p/c/machine_specific/$h root@$h.b8.nz:/ || ret=$? # only li is debian11 p[0]=/a/opt/emacs-ubuntu20.04 p[1]=/a/opt/emacs-ubuntu20.04-nox done m s rsync "$@" -ahviSAXPH root@li.b8.nz:/a/h/proposed-comments/ /a/h/proposed-comments || ret=$? return $ret } bkpush() { # no emacs. for running faster. p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes" ret=0 m rsync "$@" $a ${p[@]} /p/c/machine_specific/bk root@bk.b8.nz:/ || ret=$? return $ret } jepush() { # no emacs. for running faster. p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes" ret=0 m rsync "$@" $a ${p[@]} /p/c/machine_specific/je root@je.b8.nz:/ || ret=$? return $ret } bindpush() { dsign iankelling.org expertpathologyreview.com zroe.org amnimal.ninja lipush for h in li bk; do m sl $h <<'EOF' source ~/.bashrc m dnsup EOF done } bindpushb8() { dsign iankelling.org expertpathologyreview.com zroe.org amnimal.ninja lipush for h in li bk; do m sl $h <<'EOF' source ~/.bashrc m dnsup m dnsb8 EOF done } dnsup() { conflink m ser reload bind9 } dnsb8() { local f=/var/lib/bind/db.b8.nz ser stop bind9 sudo rm -fv $f.jnl sudo install -m 644 -o bind -g bind /p/c/machine_specific/vps/bind-initial/db.b8.nz $f ser restart bind9 } dnsecgen() { # keys generated like this # because of https://ftp.isc.org/isc/dnssec-guide/dnssec-guide.pdf # https://blog.apnic.net/2019/05/23/how-to-deploying-dnssec-with-bind-and-ubuntu-server/ # key length is longer than that guide because # we are using those at fsf and when old key lengths # become insecure, I want some extra time to update. # dnsecgen (in brc2) local zone=$1 dnssec-keygen -a RSASHA256 -b 2048 $zone dnssec-keygen -f KSK -a RSASHA256 -b 4096 $zone for f in K$zone.*.key; do # eg Kb8.nz.+008+47995.key tag=47995 # in dnsimple, you add the long string from this. # in gandi, you add the long string from the .key file, # then see that the digest matches the ds. echo "tag is the number after DS" dnssec-dsfromkey -a SHA-256 $f done # For b8.nz, we let bind read the keys and sign, and # right now they have root ownership, so let them # get group read. chmod g+r *.private } dsign() { # create .signed file # note: full paths probably not needed. local arg for arg; do local zone=${arg#db.} local dir=/p/c/machine_specific/vps/filesystem/var/lib/bind dnssec-signzone -S -e +31536000 -o $zone -K $dir -d $dir $dir/db.$zone done } #### begin bitcoin related things btc() { local f=/etc/bitcoin/bitcoin.conf # importprivkey will timeout if using the default of 15 mins. # upped it to 1 hour. bitcoin-cli -rpcclienttimeout=60000 -$(s grep rpcuser= $f) -$(s grep rpcpassword= $f) "$@" } btcusd() { # $1 btc in usd local price price="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)" printf "$%s\n" "$price" if [[ $1 ]]; then printf "$%.2f\n" "$(echo "scale=4; $price * $1"| bc -l)" fi } usdbtc() { # $1 usd in btc local price price="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)" printf "$%s\n" "$price" if [[ $1 ]]; then # 100 mil satoshi / btc. 8 digits after the 1. printf "%.8f btc\n" "$(echo "scale=10; $1 / $price "| bc -l)" fi } satoshi() { # $1 satoshi in usd local price price="$(curl -s https://api.coinbase.com/v2/prices/BTC-USD/spot | jq -r .data.amount)" price=$(echo "scale=10; $price * 0.00000001"| bc -l) printf "$%f\n" "$price" if [[ $1 ]]; then printf "$%.2f\n" "$(echo "scale=10; $price * $1"| bc -l)" fi } #### end bitcoin related things cbfstool () { /a/opt/coreboot/build/cbfstool "$@"; } cgpl() { if (($#)); then cp /a/bin/data/COPYING "$@" else cp /a/bin/data/COPYING . fi } capache() { if (($#)); then cp /a/bin/data/LICENSE "$@" else cp /a/bin/data/LICENSE . fi } chrome() { if type -p chromium &>/dev/null; then cmd=chromium else cd / cmd="schroot -c bullseye chromium" CHROMIUM_FLAGS='--enable-remote-extensions' $cmd &r fi } # do all tee. # pipe to this, or just type like a shell # todo: test this dat() { tee >(ssh frodo.b8.nz) >(ssh x2) >(ssh tp.b8.nz) >(ssh kw) >(ssh tp.b8.nz) } da() { # do all local host for host in x2 kw tp.b8.nz x3.b8.nz frodo.b8.nz; do ssh $host "$@" done } debian_pick_mirror () { # netselect-apt finds a fast mirror. # but we need to replace the mirrors ourselves, # because it doesnt do that. best it can do is # output a basic sources file # here we get the server it found, get the main server we use # then substitute all instances of one for the other in the sources file # and backup original to /etc/apt/sources.list-original. # this is idempotent. the only way to identify debian sources is to # note the original server, so we put it in a comment so we can # identify it later. local file file=$(mktemp -d)/f # safe way to get file name without creating one sudo netselect-apt -o "$file" || return 1 url=$(grep ^\\w $file | head -n1 | awk '{print $2}') sudo cp -f /etc/apt/sources.list /etc/apt/sources.list-original sudo sed -ri "/http.us.debian.org/ s@( *[^ #]+ +)[^ ]+([^#]+).*@\1$url\2# http.us.debian.org@" /etc/apt/sources.list sudo apt-get update } digme() { digdiff @ns{1,2}.iankelling.org "$@" } tsr() { # ts run "$@" |& ts || return $? } dup() { local ran_d ran_d=false system-status _ case $PS1 in *[\ \]]D\ *) pushd / /b/ds/distro-begin |& ts || return $? /b/ds/distro-end |& ts || return $? popd ran_d=true ;;& *[\ \]]DB\ *) pushd / /b/ds/distro-begin |& ts || return $? popd ran_d=true ;; *[\ \]]DE\ *) pushd / /b/ds/distro-end |& ts || return $? popd ran_d=true ;;& *CONFLINK*) if ! $ran_d; then conflink fi ;; esac system-status _ } envload() { # load environment from a previous: export > file local file=${1:-$HOME/.${USER}_env} eval "$(export | sed 's/^declare -x/export -n/')" while IFS= read -r line; do # declare -x makes variables local to a function eval ${line/#declare -x/export} done < "$file" } failfunc() { asdf a b c; } failfunc2() { failfunc d e f; } # one that comes with distros is too old for newer devices fastboot() { /a/opt/android-platform-tools/fastboot "$@"; } kdecd() { /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd; } # List of apps to install/update # Create from existing manually installed apps by doing # fdroidcl update # fdroidcl search -i, then manually removing # automatically installed/preinstalled apps # # # my attempt at recovering from boot loop: # # in that case, boot to recovery (volume up, home button, power, let go of power after samsun logo) # # then # mount /dev/block/mmcblk0p12 /data # cd /data # find -iname '*appname*' # rm -rf FOUND_DIRS # usually good enough to just rm -rf /data/app/APPNAME # # currently broken: # # causes replicant to crash # org.quantumbadger.redreader # org.kde.kdeconnect_tp # not broke, but wont work without gps #com.zoffcc.applications.zanavi # not broke, but not using atm #com.nutomic.syncthingandroid # # doesn\'t work on replicant #net.sourceforge.opencamera # fdroid_pkgs=( net.mullvad.mullvadvpn org.schabi.newpipe io.github.subhamtyagi.lastlauncher io.anuke.mindustry com.biglybt.android.client de.marmaro.krt.ffupdater me.ccrama.redditslide org.fedorahosted.freeotp at.bitfire.davdroid com.alaskalinuxuser.justnotes com.artifex.mupdf.viewer.app com.danielkim.soundrecorder com.fsck.k9 com.ichi2.anki com.jmstudios.redmoon com.jmstudios.chibe org.kde.kdeconnect_tp com.notecryptpro com.termux cz.martykan.forecastie de.danoeh.antennapod de.blinkt.openvpn de.marmaro.krt.ffupdater eu.siacs.conversations free.rm.skytube.oss im.vector.alpha # riot info.papdt.blackblub me.tripsit.tripmobile net.gaast.giggity net.minetest.minetest net.osmand.plus org.isoron.uhabits org.linphone org.gnu.icecat org.smssecure.smssecure org.yaaic sh.ftp.rocketninelabs.meditationassistant.opensource ) # https://forum.xda-developers.com/android/software-hacking/wip-selinux-capable-superuser-t3216394 # for maru, #me.phh.superuser fdup() { local -A installed updated local p # tried putting this in go buildscript cronjob, # but it failed with undefined: os.UserCacheDir. I expect its due to # an environment variable missing, but its easier just to stick it here. m go get -u mvdan.cc/fdroidcl || return 1 m fdroidcl update if fdroidcl search -u | grep ^org.fdroid.fdroid; then fdroidcl install org.fdroid.fdroid sleep 5 m fdroidcl update fi for p in $(fdroidcl search -i| grep -o "^\S\+"); do installed[$p]=true done for p in $(fdroidcl search -u| grep -o "^\S\+"); do updated[$p]=false done for p in ${fdroid_pkgs[@]}; do if ! ${installed[$p]:-false}; then m fdroidcl install $p # sleeps are just me being paranoid since replicant has a history of crashing when certain apps are installed sleep 5 fi done for p in ${!installed[@]}; do if ! ${updated[$p]:-true}; then m fdroidcl install $p sleep 5 fi done } firefox-default-profile() { key=Default value=1 section=$1 file=/p/c/subdir_files/.mozilla/firefox/profiles.ini sed -ri "/^ *$key/d" "$file" sed -ri "/ *\[$section\]/,/^ *\[[^]]+\]/{/^\s*$key[[:space:]=]/d};/ *\[$section\]/a $key=$value" "$file" } fdhome() { #firefox default home profile firefox-default-profile Profile0 } fdwork() { firefox-default-profile Profile4 } ff() { if type -P firefox &>/dev/null; then firefox "$@" else iceweasel "$@" fi } fn() { firefox -P alt "$@" >/dev/null 2>&1 } fsdiff () { local missing=false local dname="${PWD##*/}" local m="/a/tmp/$dname-missing" local d="/a/tmp/$dname-diff" [[ -e $d ]] && rm "$d" [[ -e $m ]] && rm "$m" local msize=0 local fsfile while read -r line; do fsfile="$1${line#.}" if [[ -e "$fsfile" ]]; then md5diff "$line" "$fsfile" && tee -a "/a/tmp/$dname-diff" <<< "$fsfile $line" else missing=true echo "$line" >> "$m" msize=$((msize + 1)) fi done < <(find . -type f ) if $missing; then echo "$m" (( msize <= 100 )) && cat $m fi } fsdiff-test() { # expected output, with different tmp dirs # /tmp/tmp.HDPbwMqdC9/c/d ./c/d # /a/tmp/tmp.qLDkYxBYPM-missing # ./b cd $(mktemp -d) echo ok > a echo nok > b mkdir c echo ok > c/d local x x=$(mktemp -d) mkdir $x/c echo different > $x/c/d echo ok > $x/a fsdiff $x } rename-test() { # test whether missing files were renamed, generally for use with fsdiff # $1 = fsdiff output file, $2 = directory to compare to. pwd = fsdiff dir # echos non-renamed files local x y found unset sums for x in "$2"/*; do { sums+=( "$(md5sum < "$x")" ) ; } 2>/dev/null done while read -r line; do { missing_sum=$(md5sum < "$line") ; } 2>/dev/null renamed=false for x in "${sums[@]}"; do if [[ $missing_sum == "$x" ]]; then renamed=true break fi done $renamed || echo "$line" done < "$1" return 0 } feh() { # F = fullscren, z = random, Z = auto zoom command feh -FzZ "$@" } fw() { firefox -P default "$@" >/dev/null 2>&1 } gitian() { git config user.email ian@iankelling.org } # at least in flidas, things rely on gpg being gpg1 gpg() { if type -P gpg2 &>/dev/null; then command gpg2 "$@" else command gpg "$@" fi } gse() { local email=ian@iankelling.org git send-email --notes "--envelope-sender=<$email>" \ --suppress-cc=self "$@" } gup() { /a/f/gnulib/build-aux/gnupload "$@"; } dejagnu() { /a/opt/dejagnu/dejagnu "$@"; } hstatus() { # do git status on published repos. c /a/bin/githtml for x in *; do cd $(readlink -f $x)/.. status=$(i status -s) || pwd if [[ $status ]]; then hr echo $x printf "%s\n" "$status" fi cd /a/bin/githtml done } # work log wlog() { local day now i now=$(date +%s) for (( i=0; i<60; i++ )); do day=$( date +%F -d @$((now - 86400*i )) ) date "+%a %b %d" -d @$((now - 86400*i )) | tr '\n' ' ' /a/opt/timetrap/bin/t d -ftotal -s $day -e $day all -m '^w|lunch$' done } to() { t out -a "$@"; } ti() { t in -a "$@"; } tl() { to "$*" t s lunch t in -a "$*" m t out -a $(date +%F.%T -d @$(( $(date -d "$(echo $*|sed 's/[_.]/ /g')" +%s) + 60*45 )) ) t s w } arbttlog() { arbtt-dump "$@" | grep -v '( )\|Current Desktop' | sed -rn '/^[^ ]/{N;s/^(.{21})([0-9]*)[0-9]{3}m.*\(\*/\1\2/;s/^(.{21})[0-9]*.*\(\*/\1/;s/\n//;p}' ; } idea() { /a/opt/idea-IC-163.7743.44/bin/idea.sh "$@" &r } ilogs() { ssh root@iankelling.org "cd /var/lib/znc/moddata/log/iank/freenode/ && hr && for x in \#$1/*; do base=\${x##*/}; files=(); for f in $@; do tmp=\#\$f/\$base; if [[ -e \$tmp ]]; then files+=(\#\$f/\$base); fi; done; sed \"s/^./\${base%log}/\" \${files[@]}|sort -n; hr; done" } ilog() { chan=${1:-#fsfsys} # use * instead of -r since that does sorted order ssh root@iankelling.org "for n in freenode libera; do cd /var/lib/znc/moddata/log/iank/\$n/$chan && hr && for x in *; do echo \$x; sed \"s/^./\${x%log}/\" \$x; hr; done; done" | less +G } o() { if type gio &> /dev/null ; then gio open "$@" elif type gvfs-open &> /dev/null ; then gvfs-open "$@" else xdg-open "$@" fi # another alternative is run-mailcap } ccomp xdg-open o # jfilter() { # grep -Evi -e "^(\S+\s+){4}(sudo|sshd|cron)\[\S*:" \ # -e "^(\S+\s+){4}systemd\[\S*: (starting|started) (btrfsmaintstop|dynamicipupdate|spamd dns bug fix cronjob|rss2email)\.*$" # } # jtail() { # journalctl -n 10000 -f "$@" | jfilter # } # jr() { journalctl "$@" | jfilter | less ; } # jrf() { journalctl -n 200 -f "$@" | jfilter; } jr() { journalctl "$@" ; } jrf() { journalctl -n 200 -f "$@" ; } ccomp journalctl jtail jr jrf kff() { # keyboardio firmware flash pushd /a/bin/distro-setup/Arduino/Model01-Firmware yes $'\n' | make flash popd } wgkey() { local umask_orig name if (( $# != 1 )); then e expected 1 arg >&2 return 1 fi name=$1 umask_orig=$(umask) umask 0077 wg genkey | tee $name-priv.key | wg pubkey > $name-pub.key umask $umask_orig } wghole() { if (( $# != 2 )); then e expected 2 arg of hostname, ip suffix >&2 return 1 fi local host ipsuf umask_orig host=$1 ipsuf=$2 mkdir -p /p/c/machine_specific/$host/filesystem/etc/wireguard cd /p/c/machine_specific/$host/filesystem/etc/wireguard umask_orig=$(umask) umask 0077 wg genkey | tee hole-priv.key | wg pubkey > hole-pub.key cat >wghole.conf </dev/null } lom() { local l base if [[ $1 == /* ]]; then base=${1##*/} if mountpoint /mnt/$base; then return 0 fi l=$(sudo losetup -f) sudo losetup $l $1 if ! sudo cryptsetup luksOpen $l $base; then sudo losetup -d $l return 1 fi sudo mkdir -p /mnt/$base sudo mount /dev/mapper/$base /mnt/$base sudo chown $USER:$USER /mnt/$base else base=$1 if mountpoint /mnt/$base &>/dev/null; then sudo umount /mnt/$base fi l=$(sudo cryptsetup status /dev/mapper/$base|sed -rn 's/^\s*device:\s*(.*)/\1/p') sudo cryptsetup luksClose /dev/mapper/$base || return 1 sudo losetup -d $l fi } # mu personality. for original, just run mp. for 2, run mp 2. # this is partly duplicated in mail-setup mp() { local dead=false for s in {1..5}; do if ! killall mu; then dead=true break fi sleep 1 done if ! $dead; then echo error: mu not dead m psg mu return 1 fi suf=$1 set -- /m/mucache ~/.cache/mu /m/.mu ~/.config/mu while (($#)); do target=$1$suf f=$2 shift 2 if [[ -e $f && ! -L $f ]]; then m rm -rf $f fi m ln -sf -T $target $f done } # these might need a mu index or something added. mbenable() { local mb=$1 dst=/m/4e/$mb src=/m/md/$mb [[ -e $src ]] || { echo "src:$src does not exist"; return 1; } m mv -T $src $dst m ln -s -T $dst $src } mb2enable() { local mb for mb; do dst=/m/4e2/$mb link=/m/md/$mb src=/m/md/$mb if [[ ! -e $src || -L $src ]]; then src=/m/4e/$mb fi [[ -e $src ]] || { echo "src:$src does not exist"; return 1; } m mv -T $src $dst m ln -sf -T $dst $link done } mbdisable() { local mb=$1 dst=/m/md/$mb src=/m/4e/$mb set -x [[ -e $src ]] || { set +x; return 1; } if [[ -L $dst ]]; then rm $dst; fi mv -T $src $dst set +x } mdt() { markdown "$1" >/tmp/mdtest.html firefox /tmp/mdtest.html } mo() { xset dpms force off; } # monitor off mpvd() { mpv --profile=d "$@"; } mpvs() { mpv --profile=s "$@"; } myirc() { if [[ ! $1 ]]; then set -- fsf-office fi local d1 d2 d=( /var/lib/znc/moddata/log/iank/{freenode,libera} ) # use * instead of -r since that does sorted order ssh root@iankelling.org "for f in ${d[@]}; do cd \$f/#$1; grep '\= nth )); do name="$(echo "$name" | head -n $nth | tail -n 1 )" read -r -p "$name [Y/n] " ask if [[ ! $ask || $ask == [Yy] ]]; then x=$( echo "$name" | gr -o "^\s*[0-9]*" ) echo $x | restore-trash > /dev/null elif [[ $ask == [Nn] ]]; then nth=$((nth+1)) else return fi done } pub() { rld /a/h/_site/ li:/var/www/iankelling.org/html } pumpa() { # fixes the menu bar in xmonad. this won\'t be needed when xmonad # packages catches up on some changes in future (this is written in # 4/2017) # # geekosaur: so youll want to upgrade to xmonad 0.13 or else use a # locally modified XMonad.Hooks.ManageDocks that doesnt set the # work area; turns out it\'s impossible to set correctly if you are # not a fully EWMH compliant desktop environment # # geekosaur: chrome shows one failure mode, qt/kde another, other # gtk apps a third, ... I came up with a setting that works for me # locally but apparently doesnt work for others, so we joined the # other tiling window managers in giving up on setting it at all # xprop -root -remove _NET_WORKAREA command pumpa & r } # reviewboard, used at my old job #rbpipe() { rbt post -o --diff-filename=- "$@"; } #rbp() { rbt post -o "$@"; } rebr() { sudo ifdown br0 sudo ifup br0 } # only run on MAIL_HOST. simpler to keep this on one system. r2eadd() { # usage: name url # initial setup of rss2email: # r2e new r2e@iankelling.org # that initializes files, and sets default email. # symlink to the config doesnt work, so I copied it to /p/c # and then use cli option to specify explicit path. # Only option changed from default config is to set # force-from = True # # or else for a few feeds, the from address is set by the feed, and # if I fail delivery, then I send a bounce message to that from # address, which makes me be a spammer. r2e add $1 "$2" $1@r2e.iankelling.org # get up to date and dont send old entries now: r2e run --no-send $1 } r2e() { command r2e -d /p/c/rss2email.json -c /p/c/rss2email.cfg "$@"; } rspicy() { # usage: HOST DOMAIN # connect to spice vm remote host. use vspicy for local host local port # shellcheck disable=SC2087 port=$(ssh $1<$tmp/timing # todo, the current sleep seems pretty good, but it # would be nice to have an empirical measurement, or # some better wait to sync up. # # note: --loop-file=no prevents it from hanging if you have that # set to inf the mpv config. # --loop=no prevents it from exit code 3 due to stdin if you # had it set to inf in mpv config. # # args go to mpv, for example --volume=80, 50% cat >$out <&2 return 1 fi spamdpid=$(systemctl status spamassassin| sed -n '/^ *Main PID:/s/[^0-9]//gp') spamcpre="nsenter -t $spamdpid -n -m" s $spamcpre sudo -u Debian-exim spamassassin -t --cf='score PYZOR_CHECK 0' <"$1" } # mail related testmail() { declare -gi _seq; _seq+=1 echo "test body" | m mail -s "test mail from $HOSTNAME, $_seq" "${@:-root@localhost}" # for testing to send from an external address, you can do for example # -fian@iank.bid -aFrom:ian@iank.bid web-6fnbs@mail-tester.com # note in exim, you can retry a deferred message # s exim -M MSG_ID # MSG_ID is in /var/log/exim4/mainlog, looks like 1ccdnD-0001nh-EN } # to test sieve, use below command. for fsf mail, see offlineimap-sync script # make modifications, then copy to live file, use -eW to actually modify mailbox # # Another option is to use sieve-test SCRIPT MAIL_FILE. note, # sieve-test doesnt know about envelopes, Im not sure if sieve-filter does. # sieve with output filter. arg is mailbox, like INBOX. # This depends on dovecot conf, notably mail_location in /etc/dovecot/conf.d/10-mail.conf # always run this first, edit the test files, then run the following testsieve() { sieve-filter ~/sieve/maintest.sieve ${1:-INBOX} delete 2> >(head; tail) >/tmp/testsieve.log && sed -rn '/^Performed actions:/,/^[^ ]/{/^ /p}' /tmp/testsieve.log | sort | uniq -c _dosieve } runsieve() { c ~/sieve; cp personal{test,}.sieve; cp lists{test,}.sieve; cp personalend{test,}.sieve sieve-filter -eWv ~/sieve/maintest.sieve ${1:-INBOX} delete &> /tmp/testsieve.log sed -r '/^info: filtering:/{h;d};/^info: msgid=$/N;/^info: msgid=.*left message in mailbox [^ ]+$/d;/^info: msgid=/{H;g};/^info: message kept in source mailbox.$/d' /tmp/testsieve.log } # mail related testexim() { # testmail above calls sendmail, which is a link to exim/postfix. # its docs dont say a way of adding an argument # to sendmail to turn on debug output. We could make a wrapper, but # that is a pain. Exim debug args are documented here: # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html # # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-building_and_installing_exim.html # note, for exim daemon, you can turn on debug options by # adding -d, etc to COMMONOPTIONS in # /etc/default/exim4 # # to specify recipients other than those in to, cc, bcc, you can use the cli args, eg: # exim -t 'test@zroe.org, t2@zroe.org' <<'EOF' # # -t = get recipient from header exim -d -t <<'EOF' From: i@dmarctest.b8.nz To: mailman@dev.fsf.org Subject: test2 Reply-to: rtest@iankelling.org This is a test message. EOF } # toggle keyboard tk() { # based on # https://askubuntu.com/questions/160945/is-there-a-way-to-disable-a-laptops-internal-keyboard id=$(xinput --list --id-only 'AT Translated Set 2 keyboard') if xinput list | grep -F '∼ AT Translated Set 2 keyboard' &>/dev/null; then echo enabling keyboard # find the first slave keyboard number, they are all the same in my output. # if they werent, worst case we would need to save the slave number somewhere # when it got disabled. slave=$(xinput list | sed -n 's/.*slave \+keyboard (\([0-9]*\)).*/\1/p' | head -n1) xinput reattach $id $slave else xinput float $id fi } tm() { # timer in minutes # --no-config (sleep $(calc "$* * 60") && mpv --no-config --volume 50 /a/bin/data/alarm.mp3) > /dev/null 2>&1 & } trg() { transmission-remote-gtk & r; } trc() { # example, set global upload limit to 100 kilobytes: # trc -u 100 TR_AUTH=":$(jq -r .profiles[0].password ~/.config/transmission-remote-gtk/config.json)" transmission-remote transmission.lan -ne "$@" } trysleep() { retries="$1" sleepsecs="$2" shift 2 for (( i=0; i < retries - 1; i++ )); do if "$@"; then return 0 fi sleep $sleepsecs done "$@" } tu() { local s if [[ -e $1 && ! -w $1 || ! -w $(dirname "$1") ]]; then s=s; fi # full path for using in some initial setup steps $s /a/exe/teeu "$@" } enn() { local ecmd pid ecmd="/usr/sbin/exim4 -C /etc/exim4/my.conf" if ip a show veth1-mail &>/dev/null; then s $ecmd "$@" return fi pid=$(pgrep -f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1) m s nsenter -t $pid -n -m $ecmd "$@" } sdnbash() { # systemd namespace bash local unit=$1 m sudo nsenter -t $(systemctl status $unit | sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash } mailnnbash() { m sudo nsenter -t $(systemctl status mailnn| sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash } mailvpnbash() { m sudo nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*mail.conf") -n -m sudo -u $USER -i bash } eximbash() { m sudo nsenter -t $(pgrep -f "/usr/sbin/exim4 -bd -q30m -C /etc/exim4/my.conf"|h1) -n -m sudo -u $USER -i bash } spamnn() { local spamdpid spamdpid=$(systemctl status spamassassin| sed -n '/^ *Main PID:/s/[^0-9]//gp') m sudo nsenter -t $spamdpid -n -m sudo -u Debian-exim spamassassin "$@" } unboundbash() { m sudo nsenter -t $(systemctl status unbound| sed -n '/^ *Main PID:/s/[^0-9]//gp') -n -m sudo -u $USER -i bash } mailnncheck() { local pid ns mailnn for p in mailnn mailvpn unbound dovecot spamassassin exim4 radicale; do pid=$(s systemctl status $p| sed -n '/^ *Main PID:/s/[^0-9]//gp') if [[ ! $pid ]]; then echo failed to find pid for $p continue fi if ! ns=$(s readlink /proc/$pid/ns/net); then echo failed to find ns for $p pid=$pid continue fi if [[ $mailnn ]]; then if [[ $ns != "$mailnn" ]]; then echo "$p ns $ns != $mailnn" fi else mailnn=$ns fi done } vpncmd() { m sudo -E env "PATH=$PATH" nsenter -t $(pgrep -f "/usr/sbin/openvpn .* --config /etc/openvpn/.*client.conf") -n -m "$@" } vpnf() { vpncmd sudo -E -u iank env "PATH=$PATH" abrowser -no-remote -P vpn & r } vpn2f() { vpncmd sudo -u iank env "PATH=$PATH" abrowser -no-remote -P vpn2 & r } vpni() { vpncmd sudo -u iank env "PATH=$PATH" "$@" } vpnbash() { vpncmd bash } vpn() { if [[ -e /lib/systemd/system/openvpn-client@.service ]]; then local vpn_service=openvpn-client else local vpn_service=openvpn fi [[ $1 ]] || { echo need arg; return 1; } journalctl --unit=$vpn_service@$1 -f -n0 & # sometimes the journal doesnt open until after the vpn output # has happened. hoping this fixes that. sleep 1 sudo systemctl start $vpn_service@$1 # sometimes the ask-password agent does not work and needs a delay. sleep .5 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779240 # noticed around 8-2017 after update from around stretch release # on debian testing, even though the bug is much older. sudo systemd-tty-ask-password-agent } # systemctl is-enabled / status / cat says nothing, instead theres # some obscure symlink. paths copied from man systemd.unit. # possibly also usefull, but incomplete, doesnt show units not loaded in memory: # seru list-dependencies --reverse --all UNIT sysd-deps() { local f local -a dirs search ngset case $1 in u) search=( ~/.config/systemd/user.control/* $XDG_RUNTIME_DIR/systemd/user.control/* $XDG_RUNTIME_DIR/systemd/transient/* $XDG_RUNTIME_DIR/systemd/generator.early/* ~/.config/systemd/user/* /etc/systemd/user/* $XDG_RUNTIME_DIR/systemd/user/* /run/systemd/user/* $XDG_RUNTIME_DIR/systemd/generator/* ~/.local/share/systemd/user/* /usr/lib/systemd/user/* $XDG_RUNTIME_DIR/systemd/generator.late/* ) ;; *) search=( /etc/systemd/system.control/* /run/systemd/system.control/* /run/systemd/transient/* /run/systemd/generator.early/* /etc/systemd/system/* /etc/systemd/systemd.attached/* /run/systemd/system/* /run/systemd/systemd.attached/* /run/systemd/generator/* /lib/systemd/system/* /run/systemd/generator.late/* ) ;; esac for f in "${search[@]}"; do [[ -d $f ]] || continue case $f in *.requires|*.wants) dirs+=("$f") ;; esac done # dirs is just so we write out the directory names, ls does it when there is 2 or more dirs. case ${#dirs[@]} in 1) echo "${dirs[0]}:" ll "${dirs[@]}" ;; 0) : ;; *) ll "${dirs[@]}" ;; esac ngreset } fixvpndns() { local link istls read _ link _ istls < <(resolvectl dnsovertls tunfsf) case $istls in yes|no) : ;; *) echo fixvpndns error: unexpected istls value: $istls >&2; return 1 ;; esac s busctl call org.freedesktop.resolve1 /org/freedesktop/resolve1 org.freedesktop.resolve1.Manager SetLinkDNSOverTLS is $link no } vpnoff() { [[ $1 ]] || { echo need arg; return 1; } if [[ -e /lib/systemd/system/openvpn-client@.service ]]; then local vpn_service=openvpn-client else local vpn_service=openvpn fi sudo systemctl stop $vpn_service@$1 } vpnoffc() { # vpn off client ser stop openvpn-client-tr@client } vpnc() { ser start openvpn-client-tr@client } vspicy() { # usage: VIRSH_DOMAIN # connect to vms made with virt-install spicy -p $(sudo virsh dumpxml "$1"|grep " /home/iank/.xscreensaver <<'EOF' mode: blank dpmsEnabled: True dpmsStandby: 0:07:00 dpmsSuspend: 0:08:00 dpmsOff: 0:00:00 timeout: 0:05:00 lock: True lockTimeout: 0:06:00 splash: False EOF } # * stuff that makes sense to be at the end if [[ "$SUDOD" ]]; then # allow failure, for example if we are sudoing into a user with diffferent/lesser permissions. cd "$SUDOD" ||: unset SUDOD elif [[ -d /a ]] && [[ $PWD == "$HOME" ]] && [[ $- == *i* ]]; then cd /a fi # for mitmproxy to get a newer python. # commented until i want to use it because it # noticably slows bash startup # mypyenvinit () { if [[ $EUID == 0 || ! -e ~/.pyenv/bin ]]; then echo "error: dont be root. make sure pyenv is installed" return 1 fi export PATH="$HOME/.pyenv/bin:$PATH" eval "$(pyenv init -)" eval "$(pyenv virtualenv-init -)" } export GOPATH=$HOME/go path-add $GOPATH/bin path-add /usr/local/go/bin # I have the git repo and a release. either one should work. # I have both because I was trying to solve an issue that # turned out to be unrelated. # ARDUINO_PATH=/a/opt/Arduino/build/linux/work export ARDUINO_PATH=/a/opt/arduino-1.8.15 export KALEIDOSCOPE_DIR=/a/opt/Kaleidoscope # They want to be added to the start, but i think # that should be avoided unless we really need it. path-add --end ~/.npm-global path-add --end $HOME/.cargo/bin if type -P rg &>/dev/null; then # --no-messages because of annoying errors on broken symlinks rg() { command rg --no-messages -L -i -M 300 --no-ignore "$@" || return $?; } #fails if not exist. ignore complete -r rg 2>/dev/null ||: else alias rg=grr fi # taken from default changes to bashrc and bash_profile path-add --end --ifexists $HOME/.rvm/bin # also had ruby bin dir, but moved that to environment.sh # so its included in overall env export BASEFILE_DIR=/a/bin/fai-basefiles #export ANDROID_HOME=/a/opt/android-home # https://f-droid.org/en/docs/Installing_the_Server_and_Repo_Tools/ #export USE_SDK_WRAPPER=yes #PATH=$PATH:$ANDROID_HOME/tools:$ANDROID_HOME/platform-tools # didnt get drush working, if I did, this seems like the # only good thing to include for it. # Include Drush completion. # if [ -f "/home/ian/.drush/drush.complete.sh" ] ; then # source /home/ian/.drush/drush.complete.sh # fi # best practice unset IFS # https://wiki.archlinux.org/index.php/Xinitrc#Autostart_X_at_login # i added an extra condition as gentoo xorg guide says depending on # $DISPLAY is fragile. if [[ ! $DISPLAY && $XDG_VTNR == 1 ]] && shopt -q login_shell && isarch; then exec startx fi # ensure no bad programs appending to this file will have an affect return 0