From 2d3ce30754a3f24d922635647bab4990b60f5c27 Mon Sep 17 00:00:00 2001 From: Ian Kelling Date: Tue, 12 Mar 2019 16:49:16 -0400 Subject: [PATCH] tons of misc updates --- .screenrc | 3 + brc | 266 +++++++++++++----- btrbk-run | 258 ++++++++--------- check-subvol-stale | 60 +++- conflink | 144 +++++----- disabled/kodi-setup | 2 +- disabled/samba-setup | 2 +- distro-begin | 6 +- distro-end | 111 ++++++-- distro-pkgs | 2 +- filesystem/etc/fonts/conf.d/51-ian.conf | 10 + filesystem/etc/synergy.conf | 6 +- .../system/networking.service.d/timeout.conf | 2 + fsf-get-mail | 15 - gitslink | 4 +- machine_specific/btrbk.hosts | 2 +- .../treetowl => kd/filesystem/etc/cron.d/kd} | 0 .../check-lets-encrypt-ssl-settings | 0 .../etc/cron.daily/mediawiki_backup | 0 .../etc/systemd/system/btrbk.service | 0 .../filesystem/etc/systemd/system/btrbk.timer | 0 .../li/filesystem/etc/bind/named.conf.local | 2 +- .../bind-writable => var/lib/bind}/db.b8.nz | 0 mail-route | 183 ++++++------ mail-setup | 24 +- mount-latest-subvol | 6 +- offlineimap-sync | 23 +- pkgs | 24 +- radicale-setup | 4 +- subdir_files/.config/mpv/mpv.conf | 1 + subdir_files/.gnupg/gpg.conf | 8 +- subdir_files/.xmonad/xmonad.hs | 4 +- subdir_files/sieve/fsf.sieve | 1 + subdir_files/sieve/lists.sieve | 17 +- switch-mail-host | 3 +- switch-primary-host | 4 +- 36 files changed, 734 insertions(+), 463 deletions(-) create mode 100644 filesystem/etc/fonts/conf.d/51-ian.conf create mode 100644 filesystem/etc/systemd/system/networking.service.d/timeout.conf delete mode 100755 fsf-get-mail rename machine_specific/{treetowl/filesystem/etc/cron.d/treetowl => kd/filesystem/etc/cron.d/kd} (100%) rename machine_specific/{treetowl => kd}/filesystem/etc/cron.daily/check-lets-encrypt-ssl-settings (100%) rename machine_specific/{treetowl => kd}/filesystem/etc/cron.daily/mediawiki_backup (100%) rename machine_specific/{treetowl => kd}/filesystem/etc/systemd/system/btrbk.service (100%) rename machine_specific/{treetowl => kd}/filesystem/etc/systemd/system/btrbk.timer (100%) rename machine_specific/li/filesystem/{etc/bind/bind-writable => var/lib/bind}/db.b8.nz (100%) diff --git a/.screenrc b/.screenrc index 7f584eb..2451e9d 100644 --- a/.screenrc +++ b/.screenrc @@ -41,3 +41,6 @@ termcapinfo xterm|xterm-256color ti@:te=\E[2J # can update the hardstatus (xterm title) with a command like this: # hardstatus string "SCREEN @ %H: %-n - %t" + +# the default scrollback is way too small +defscrollback 1000000 \ No newline at end of file diff --git a/brc b/brc index 8084ba0..16b7eb7 100644 --- a/brc +++ b/brc @@ -18,7 +18,7 @@ set -o pipefail unalias -a # remove gnome keyring warning messages -# there is probably a more proper way, but I didn't find any easily on google +# there is probably a more proper way, but I didnt find any easily on google # now using xfce+xmonad instead of vanilla xmonad, so disabling this #unset GNOME_KEYRING_CONTROL @@ -26,11 +26,11 @@ unalias -a shopt -s extglob # include .files when globbing, but ignore files name . and .. # setting this also sets dotglob. -# Note, this doesn't work in bash 4.4 anymore, for paths with +# Note, this doesnt work in bash 4.4 anymore, for paths with # more than 1 directory, like a/b/.foo, since * is fixed to not match / export GLOBIGNORE=*/.:*/.. -# broken with bash_completion package. Saw a bug for this once. Don't anymore. +# broken with bash_completion package. Saw a bug for this once. dont anymore. # still broken in wheezy # still buggered in latest stable from the web, version 2.1 # perhaps its fixed in newer git version, which fails to make for me @@ -43,7 +43,7 @@ shopt -s no_empty_cmd_completion # advanced completion # http://bash-completion.alioth.debian.org/ -# might be sourced by the system already, but I've noticed it not being sourced before +# might be sourced by the system already, but ive noticed it not being sourced before if ! type _init_completion &> /dev/null && [[ -r "/usr/share/bash-completion/bash_completion" ]]; then . /usr/share/bash-completion/bash_completion fi @@ -63,18 +63,18 @@ shopt -s globstar # inside emcas fixes if [[ $RLC_INSIDE_EMACS ]]; then - # EMACS is used by bash on startup, but we don't need it anymore. + # EMACS is used by bash on startup, but we dont need it anymore. # plus I hit a bug in a makefile which inherited it unset EMACS export RLC_INSIDE_EMACS export PAGER=cat export MANPAGER=cat - # scp completion does not work, but this doesn't fix it. todo, figure this out + # scp completion does not work, but this doesnt fix it. todo, figure this out complete -r scp &> /dev/null # todo, remote file completion fails, figure out how to turn it off export NODE_DISABLE_COLORS=1 - # This get's rid of ugly terminal escape chars in node repl - # sometime, I'd like to have completion working in emacs shell for node + # This gets rid of ugly terminal escape chars in node repl + # sometime, Id like to have completion working in emacs shell for node # the offending chars can be found in lib/readline.js, # things that do like: # stream.write('\x1b[' + (x + 1) + 'G'); @@ -90,7 +90,7 @@ if [[ $RLC_INSIDE_EMACS ]]; then # no prompt, or else readline complete seems to be confused, based # on our column being different? node probably needs to send # different kind of escape sequence that is not ugly. Anyways, - # completion doesn't work yet even with the ugly prompt, so whatever + # completion doesnt work yet even with the ugly prompt, so whatever # export NODE_NO_READLINE=1 @@ -123,7 +123,7 @@ if [[ $- == *i* ]]; then bind '"\eOc": shell-forward-word' bind '"\eOd": shell-backward-word' fi - # i can't remember why i did this, probably to free up some keys to bind + # i cant remember why i did this, probably to free up some keys to bind # to other things in bash. # other than C-c and C-z, the rest defined by stty -a are, at least in # gnome-terminal, overridden by bash, or disabled by the system @@ -148,7 +148,7 @@ HISTFILE=$HOME/.bh # also, setting this makes the history file record time # of each command as seconds from the epoch HISTTIMEFORMAT="%I:%M %p %m/%d " -# consecutive duplicate lines don't go in history +# consecutive duplicate lines dont go in history HISTCONTROL=ignoredups # works in addition to HISTCONTROL to do more flexible things # it could also do the same things as HISTCONTROL and thus replace it, @@ -158,11 +158,15 @@ HISTIGNORE='pass *:k *:[ ]*:lom ' export BC_LINE_LENGTH=0 -# note, if I use a machine I don't want files readable by all users, set +# note, if I use a machine I dont want files readable by all users, set # umask 077 # If fewer than 4 digits are entered, leading zeros are assumed C_DEFAULT_DIR=/a +# i for insensitive. the rest from +# https://superuser.com/questions/366930/how-do-i-get-the-git-pager-to-clean-up-screen-output-after-exit +# and reading the man +export LESS=RXi # * include files for _x in /a/bin/distro-functions/src/* /a/bin/!(githtml)/*-function?(s); do @@ -173,8 +177,16 @@ unset _x for x in /a/bin/bash_unpublished/source-!(.#*); do source $x; done source $(dirname $(readlink -f $BASH_SOURCE))/path_add-function source /a/bin/log-quiet/logq-function +if [[ -e /a/bin/errhandle/err ]]; then + source /a/bin/errhandle/err + err-allow +fi path_add /a/exe +# pip3 --user things go here: +path_add --end ~/.local/bin +path_add --ifexists --end /a/work/libremanage path_add --ifexists --end /a/opt/adt-bundle*/tools /a/opt/adt-bundle*/platform-tools +path_add --ifexists --end /a/opt/scancode-toolkit-2.9.2 export WCDHOME=/a # based on readme.debian. dunno if this will break on other distros. _x=/usr/share/wcd/wcd-include.sh @@ -218,7 +230,7 @@ unalias ls ll grep &>/dev/null ||: # file cut copy and paste, like the text buffers :) -# I havn't tested these. +# I havnt tested these. _fbufferinit() { # internal use by ! [[ $my_f_tempdir ]] && my_f_tempdir=$(mktemp -d) rm -rf "$my_f_tempdir"/* @@ -264,16 +276,23 @@ _cdiff-prep() { } _khfix_common() { - local h=${1##*@} - local x - ssh-keygen -R $h -f $(readlink -f ~/.ssh/known_hosts) - x=$(timeout 1 ssh -oBatchMode=yes -oControlMaster=no -oControlPath=/ -v $1 |& sed -rn "s/debug1: Connecting to $h \[([^\]*)].*/\1/p") - if [[ ! $x ]]; then + local host=${1##*@} + local ip port + read -r ip port < <(timeout 1 ssh -oBatchMode=yes -oControlMaster=no -oControlPath=/ -v $1 |& sed -rn "s/debug1: Connecting to $host \[([^\]*)] port ([0-9]+).*/\1 \2/p") + if [[ ! $ip ]]; then echo "khfix: ssh failed" return 1 fi - echo "khfix: removing key for $x" - ssh-keygen -R $x -f $(readlink -f ~/.ssh/known_hosts) + if [[ $port != 22 ]]; then + ip_entry="[$ip]:$port" + host_entry="[$host]:$port" + else + ip_entry=$ip + host_entry=$host + fi + ssh-keygen -R "$host_entry" -f $(readlink -f ~/.ssh/known_hosts) + echo "khfix: removing key for $ip_entry" + ssh-keygen -R "$ip_entry" -f $(readlink -f ~/.ssh/known_hosts) } khfix() { # known hosts fix _khfix_common "$@" || return 1 @@ -285,7 +304,10 @@ khcopy() { } a() { - beet "${@}" + local x=$(readlink -nf "$@") + # yes, its kinda dumb that xclip/xsel cant do this in one invocation + echo -n "$x" | xclip -selection clipboard + echo -n "$x" | xclip } ack() { ack-grep "$@"; } @@ -405,7 +427,7 @@ cdiff() { _cdiff-prep "$2" "$f2" cat "$f1" "$f2" | grep -Po '^[^=]+=' | sort | uniq > "$unified" while IFS= read -r line; do - # the default bright red / blue doesn't work in emacs shell + # the default bright red / blue doesnt work in emacs shell dwdiff -cblue,red -A best -d " ," <(grep "^$line" "$f1" || echo ) <(grep "^$line" "$f2" || echo ) | colordiff done < "$unified" } @@ -465,7 +487,7 @@ dat() { # do all tee, for more complex scripts da() { # do all local host "$@" - for host in x2 tp treetowl; do + for host in x2 tp kd; do ssh $host "$@" done } @@ -477,7 +499,7 @@ dc() { debian_pick_mirror () { # netselect-apt finds a fast mirror. # but we need to replace the mirrors ourselves, - # because it doesn't do that. best it can do is + # because it doesnt do that. best it can do is # output a basic sources file # here we get the server it found, get the main server we use # then substitute all instances of one for the other in the sources file @@ -567,10 +589,6 @@ kdecd() { /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd; } # fdroidcl search -i, then manually removing # automatically installed/preinstalled apps -# firefox updater. commented out, firefox depends on nonfree opengl. -# de.marmaro.krt.ffupdater -# # causes replicant to die on install and go into a boot loop -# me.ccrama.redditslide # # # my attempt at recovering from boot loop: # # in that case, boot to recovery (volume up, home button, power, let go of power after samsun logo) @@ -586,35 +604,47 @@ kdecd() { /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd; } # org.quantumbadger.redreader # org.kde.kdeconnect_tp -# not broke, but won't work without gps +# not broke, but wont work without gps #com.zoffcc.applications.zanavi # not broke, but not using atm #com.nutomic.syncthingandroid -#org.fedorahosted.freeotp # # doesn\'t work on replicant #net.sourceforge.opencamera # fdroid_pkgs=( + de.marmaro.krt.ffupdater + me.ccrama.redditslide + org.fedorahosted.freeotp at.bitfire.davdroid com.alaskalinuxuser.justnotes com.artifex.mupdf.viewer.app + com.danielkim.soundrecorder com.fsck.k9 com.ghostsq.commander com.ichi2.anki com.jmstudios.redmoon com.jmstudios.chibe + org.kde.kdeconnect_tp com.notecryptpro com.termux cz.martykan.forecastie de.danoeh.antennapod + de.blinkt.openvpn + de.marmaro.krt.ffupdater + eu.siacs.conversations + free.rm.skytube.oss im.vector.alpha # riot info.papdt.blackblub me.tripsit.tripmobile net.gaast.giggity + net.minetest.minetest net.osmand.plus org.isoron.uhabits + org.linphone + org.gnu.icecat org.smssecure.smssecure org.yaaic + sh.ftp.rocketninelabs.meditationassistant.opensource ) # https://forum.xda-developers.com/android/software-hacking/wip-selinux-capable-superuser-t3216394 # for maru, @@ -839,7 +869,7 @@ gitian() { } gh() { - # i got an error, gh not found when doing a pull request, it seems like it wants itself in it's path. + # i got an error, gh not found when doing a pull request, it seems like it wants itself in it\'s path. local _oldpath="$PATH" PATH="$PATH:~/node_modules/.bin" command gh "$@" @@ -870,11 +900,11 @@ gr() { grep -iIP --color=auto "$@" } -grr() { +grr() { # grep recursive if [[ ${#@} == 1 ]]; then - grep --exclude-dir='*.emacs.d' --exclude-dir='*.git' -riIP --color=auto "$@" . + grep --exclude-dir='*.emacs.d' --exclude-dir='*.git' -RiIP --color=auto "$@" . else - grep --exclude-dir='*.emacs.d' --exclude-dir='*.git' -riIP --color=auto "$@" + grep --exclude-dir='*.emacs.d' --exclude-dir='*.git' -RiIP --color=auto "$@" fi } @@ -908,7 +938,7 @@ hl() { # history limit. Write extra history to archive file. history -a # save history max_lines=$HISTFILELINES [[ $max_lines =~ ^[0-9]+$ ]] || { echo "error in hl: failed to get max line count"; return 1; } - linecount=$(wc -l < $HISTFILE) # pipe so it doesn't output a filename + linecount=$(wc -l < $HISTFILE) # pipe so it doesnt output a filename [[ $linecount =~ ^[0-9]+$ ]] || { echo "error in hl: wc failed"; return 1; } if (($linecount > $max_lines)); then prune_lines=$(($linecount - $max_lines)) @@ -924,7 +954,36 @@ hr() { # horizontal row. used to break up output hrcat() { local f; for f; do [[ -f $f ]] || continue; hr; echo "$f"; cat "$f"; done } -hub() { /nocow/t/hub-linux-amd64-2.3.0-pre10/bin/hub "$@"; } +# get latest hub and run it +# main command to use: +# hub pull-request +# on first use, you input username/pass and it gets an oath token so you dont have to repeat +# it\'s at ~/.config/hub +hub() { + local up uptar updir p + p=/github/hub/releases/ + up=https://github.com/$(curl -s https://github.com$p| grep -o $p'download/[^/]*/hub-linux-amd64[^"]*' | head -n1) + uptar=${up##*/} + updir=${uptar%.tgz} + if [[ ! -e /a/opt/$updir ]]; then + rm -rf /a/opt/hub-linux-amd64* + wget -P /a/opt $up + tar -C /a/opt -zxf /a/opt/$uptar + rm -f /a/opt/$uptar + s /a/opt/$updir/install + fi + + # save token across computers + if [[ ! -L ~/.config/hub ]]; then + if [[ -e ~/.config/hub ]]; then + mv ~/.config/hub /p/c/subdir_files/.config/ + fi + if [[ -e /p/c/subdir_files/.config/hub ]]; then + conflink + fi + fi + command hub "$@" +} i() { git "$@"; } # modified from ~/local/bin/git-completion.bash @@ -1033,7 +1092,7 @@ lom() { if ! sudo cryptsetup luksOpen $l $base; then sudo losetup -d $l return 1 - fi + fi sudo mkdir -p /mnt/$base sudo mount /dev/mapper/$base /mnt/$base sudo chown $USER:$USER /mnt/$base @@ -1118,6 +1177,10 @@ mkc() { c "$1" } +mkct() { + mkc `mktemp -d` +} + mkt() { # mkdir and touch file local path="$1" mkdir -p "$(dirname "$path")" @@ -1197,6 +1260,7 @@ pub() { } pubip() { curl -4s https://icanhazip.com; } +pubip6() { curl -6s https://icanhazip.com; } whatismyip() { pubip; } pumpa() { @@ -1204,14 +1268,14 @@ pumpa() { # packages catches up on some changes in future (this is written in # 4/2017) # - # geekosaur: so you'll want to upgrade to xmonad 0.13 or else use a - # locally modified XMonad.Hooks.ManageDocks that doesn't set the - # work area; turns out it's impossible to set correctly if you are + # geekosaur: so youll want to upgrade to xmonad 0.13 or else use a + # locally modified XMonad.Hooks.ManageDocks that doesnt set the + # work area; turns out it\'s impossible to set correctly if you are # not a fully EWMH compliant desktop environment # # geekosaur: chrome shows one failure mode, qt/kde another, other # gtk apps a third, ... I came up with a setting that works for me - # locally but apparently doesn't work for others, so we joined the + # locally but apparently doesnt work for others, so we joined the # other tiling window managers in giving up on setting it at all # xprop -root -remove _NET_WORKAREA @@ -1224,6 +1288,10 @@ pwgen() { # -x = max length # -t = print pronunciation apg -m 14 -x 17 -t + for (( i=0; i<10; i++ )); do + shuf -n3 /usr/share/hunspell/en_US.dic | sed 's,/.*,,' | paste -sd . - + + done } pwlong() { @@ -1253,7 +1321,7 @@ rl() { rsync -ahvic --delete "$@" } rld() { - # like rlu, but don't delete files on the target end which + # like rlu, but dont delete files on the target end which # do not exist on the original end. rsync -ahvic "$@" } @@ -1275,7 +1343,7 @@ rlu() { # [OPTS] HOST PATH if [[ $path == .* ]]; then path=$(readlink -f $path) fi - # rync here uses checksum instead of time so we don't mess with + # rync here uses checksum instead of time so we dont mess with # unison relying on time as much. g is for group, same reason # to keep up with unison. s rsync -rlpchviog --relative "${opts[@]}" "$path" "root@$host:/"; @@ -1286,7 +1354,7 @@ r2eadd() { # usage: name url # initial setup of rss2email: # r2e new r2e@iankelling.org # that initializes files, and sets default email. - # symlink to the config doesn't work, so I copied it to /p/c + # symlink to the config doesnt work, so I copied it to /p/c # and then use cli option to specify explicit path. # Only option changed from default config is to set # force-from = True @@ -1296,7 +1364,7 @@ r2eadd() { # usage: name url # address, which makes me be a spammer. r2e add $1 "$2" $1@r2e.iankelling.org - # get up to date and don't send old entries now: + # get up to date and dont send old entries now: r2e run --no-send $1 } r2e() { command r2e -d /p/c/rss2email.json -c /p/c/rss2email.cfg "$@"; } @@ -1316,13 +1384,13 @@ EOF } rmstrips() { - ssh fencepost head -n 300 /gd/gnuorg/EventAndTravelInfo/rms-current-trips.txt + ssh fencepost head -n 300 /gd/gnuorg/EventAndTravelInfo/rms-current-trips.txt | less } s() { # background - # I use a function because otherwise we can't use in a script, - # can't assign to variable. + # I use a function because otherwise we cant use in a script, + # cant assign to variable. # # note: gksudo is recommended for X apps because it does not set the # home directory to the same, and thus apps writing to ~ fuck things up @@ -1335,8 +1403,8 @@ s() { fi } -safe_rename() { # warn and don't rename if file exists. - # mv -n exists, but it's silent +safe_rename() { # warn and dont rename if file exists. + # mv -n exists, but it\'s silent if [[ $# != 2 ]]; then echo safe_rename error: $# args, need 2 >2 return 1 @@ -1375,6 +1443,12 @@ ser() { $s service $2 $1 fi } +serstopnm() { + ser stop NetworkManager + ser stop dnsmasq + s resolvconf -d NetworkManager + ser start dnsmasq +} setini() { # set a value in a .ini style file key="$1" value="$2" section="$3" file="$4" @@ -1528,7 +1602,7 @@ t() { local x local -a args if type -t trash-put >/dev/null; then - # skip args that don't exist, or else trash-put will have an error + # skip args that dont exist, or else trash-put will have an error for x in "$@"; do if [[ -e $x || -L $x ]]; then args+=("$x") @@ -1601,7 +1675,7 @@ testmail() { # cp /p/c/subdir_files/sieve/personal{test,}.sieve; testsievelist -eW INBOX # # Another option is to use sieve-test SCRIPT MAIL_FILE. note, -# sieve-test doesn't know about envelopes, I'm not sure if sieve-filter does. +# sieve-test doesnt know about envelopes, Im not sure if sieve-filter does. # sieve with output filter. arg is mailbox, like INBOX. # This depends on dovecot conf, notably mail_location in /etc/dovecot/conf.d/10-mail.conf @@ -1620,7 +1694,7 @@ testsieve() { # mail related testexim() { # testmail above calls sendmail, which is a link to exim/postfix. - # it's docs don't say a way of adding an argument + # its docs dont say a way of adding an argument # to sendmail to turn on debug output. We could make a wrapper, but # that is a pain. Exim debug args are documented here: # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html @@ -1629,16 +1703,32 @@ testexim() { # note, for exim daemon, you can turn on debug options by # adding -d, etc to COMMONOPTIONS in # /etc/default/exim4 - # for testing external mail, you need the to address as final cmdline arg - exim -d+tls -t <<'EOF' -From: root@frodo.lan -To: ian@mail.iankelling.org + exim -d -t <<'EOF' +From: root@gnu.org +To: ian@iankelling.org Subject: Testing Exim This is a test message. EOF } +# toggle keyboard +tk() { + # based on + # https://askubuntu.com/questions/160945/is-there-a-way-to-disable-a-laptops-internal-keyboard + id=$(xinput --list --id-only 'AT Translated Set 2 keyboard') + if xinput list | grep -F '∼ AT Translated Set 2 keyboard' &>/dev/null; then + echo enabling keyboard + # find the first slave keyboard number, they are all the same in my output. + # if they werent, worst case we would need to save the slave number somewhere + # when it got disabled. + slave=$(xinput list | sed -n 's/.*slave \+keyboard (\([0-9]*\)).*/\1/p' | head -n1) + xinput reattach $id $slave + else + xinput float $id + fi +} + tm() { # timer in minutes # --no-config @@ -1670,11 +1760,22 @@ tu() { $s teeu "$@" } -tx() { # toggle set -x, and the prompt so it doesn't spam +tx() { # toggle set -x, and the prompt so it doesnt spam if [[ $- == *x* ]]; then set +x PROMPT_COMMAND=prompt-command + # disabled due to issue on stretch, running ll we get error. something + # about the DEBUG trap is broken + # if [[ $TERM == *(screen*|xterm*|rxvt*) ]]; then + # trap 'settitle "$BASH_COMMAND"' DEBUG + # fi else + # normally, i would just execute these commands in the function. + # however, DEBUG is not inherited, so we need to run it outside a function. + # And we want to run set -x afterwards to avoid spam, so we cram everything + # in here, and then it will run after this function is done. + #PROMPT_COMMAND='trap DEBUG; unset PROMPT_COMMAND; PS1="\w \$ "; set -x' + unset PROMPT_COMMAND PS1="\w \$ " set -x @@ -1785,7 +1886,7 @@ wtr() { curl wttr.in/boston; } xl() { if pgrep gnome-screensav &>/dev/null; then - # this command actually starts gnome-screensaver if it isn't running. + # this command actually starts gnome-screensaver if it isn\'t running. # lololol, what crap gnome-screensaver-command --exit &>/dev/null fi @@ -1904,7 +2005,7 @@ if [[ $- == *i* ]]; then # fedora/debian source [[ -r /usr/share/git-core/contrib/completion/git-prompt.sh ]] && source /usr/share/git-core/contrib/completion/git-prompt.sh - # in case we didn't source git-prompt.sh + # in case we didnt source git-prompt.sh if ! declare -f __git_ps1 > /dev/null; then __git_ps1() { : @@ -1957,12 +2058,12 @@ if [[ $- == *i* ]]; then fi fi # I would set nullglob, but bash has had bugs where that - # doesn't work if not in top level. - if [[ -e /nocow/btrfs-stale ]] && ((`ls -AUq /nocow/btrfs-stale|wc -l`)); then + # doesnt work if not in top level. + if [[ -e /nocow/btrfs-stale ]] && ((`command ls -AUq /nocow/btrfs-stale|wc -l`)); then ps_char="! $ps_char" fi PS1="${PS1%"${PS1#*[wW]}"} \[$ps_color\]$ps_char\[$(get_term_color nocolor)\] " - # emacs completion doesn't like the git prompt atm, so disabling it. + # emacs completion doesnt like the git prompt atm, so disabling it. #PS1="${PS1%"${PS1#*[wW]}"}$(__git_ps1 ' (%s)') \[$ps_color\]$ps_char\[$(get_term_color nocolor)\] " } PROMPT_COMMAND=prompt-command @@ -1974,17 +2075,21 @@ if [[ $- == *i* ]]; then local title_escape="\033]0;" fi if [[ $* != prompt-command ]]; then - echo -ne "$title_escape$USER@$HOSTNAME ${PWD/#$HOME/~}"; printf "%s" "$*"; echo -ne "\007" + echo -ne "$title_escape$USER@$HOSTNAME ${PWD/#$HOME/~} " + printf "%s" "$*" + echo -ne "\007" fi } - # for titlebar - # condition from the screen man page i think - if [[ $TERM == *(screen*|xterm*|rxvt*) ]]; then - trap 'settitle "$BASH_COMMAND"' DEBUG - else - trap DEBUG - fi + # for titlebar. + # condition from the screen man page i think. + # note: duplicated in tx() + # disabled. see note in tx + # if [[ $TERM == *(screen*|xterm*|rxvt*) ]]; then + # trap 'settitle "$BASH_COMMAND"' DEBUG + # else + # trap DEBUG + # fi fi @@ -2049,12 +2154,22 @@ if [[ $SOE ]]; then errcatch fi -# I'd prefer to have system-wide, plus user ruby, due to bug in it +# for mitmproxy to get a newer python. +# commented until i want to use it because it +# noticably slows bash startup +# +#if [[ $EUID != 0 && -e ~/.pyenv/bin ]]; then +# export PATH="~/.pyenv/bin:$PATH" +# eval "$(pyenv init -)" +# eval "$(pyenv virtualenv-init -)" +#fi + +# id prefer to have system-wide, plus user ruby, due to bug in it # https://github.com/rubygems/rubygems/pull/1002 # further problems: installing multi-user ruby and user ruby, -# you don't get multi-user ruby when you sudo to root, unless its sudo -i. +# you dont get multi-user ruby when you sudo to root, unless its sudo -i. # There a third hybrid form, which passenger error suggested I use, -# but it didn't actually work. +# but it didnt actually work. # in cased I never need this # rvm for non-interactive shell: modified from https://rvm.io/rvm/basics @@ -2078,8 +2193,9 @@ export ARDUINO_PATH=/a/opt/Arduino/build/linux/work path_add --end ~/.npm-global +export BASEFILE_DIR=/a/bin/fai-basefiles -# didn't get drush working, if I did, this seems like the +# didnt get drush working, if I did, this seems like the # only good thing to include for it. # Include Drush completion. # if [ -f "/home/ian/.drush/drush.complete.sh" ] ; then diff --git a/btrbk-run b/btrbk-run index a1c6963..0d68028 100755 --- a/btrbk-run +++ b/btrbk-run @@ -15,6 +15,7 @@ # todo: remove old leaf subvols, like keep up to 1 month or something. +# todo: if we cancel in the middle of a btrfs send, then run again immediately, the received subvolume doesn't get a Received UUID: field, and we won't mount it. Need to figure out a solution that will fix this. set -eE -o pipefail trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR @@ -22,9 +23,9 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR [[ $EUID == 0 ]] || exec sudo -E "$BASH_SOURCE" "$@" usage() { - echo "top of script file:" - sed -n '1,/^[# ]*end command line/{p;b};q' "$0" - exit $1 + echo "top of script file:" + sed -n '1,/^[# ]*end command line/{p;b};q' "$0" + exit $1 } script_dir=$(dirname $(readlink -f "$BASH_SOURCE")) @@ -45,127 +46,119 @@ verbose=false default_args_file=/etc/btrbk-run.conf if [[ -s $default_args_file ]]; then - set -- $(< $default_args_file) "$@" + set -- $(< $default_args_file) "$@" fi temp=$(getopt -l help cl:m:nprt:vh "$@") || usage 1 eval set -- "$temp" while true; do - case $1 in - # only creates the config file, does not run btrbk - -c) conf_only=true; shift ;; - -l) rate_limit=$2; shift 2 ;; - -m) IFS=, mountpoints=($2); unset IFS; shift 2 ;; - -n) dry_run=true; dry_run_arg=-n; shift ;; - -p) progress_arg="--progress"; shift ;; - # btrbk arg: Resume only. Skips snapshot creation. - -r) resume_arg=-r; shift ;; - # empty is valid for just doing local snapshot. we have default hosts - # we will populate - -t) IFS=, targets=($2); unset IFS; shift 2 ;; - -v) verbose=true; verbose_arg=-v; shift ;; - -h|--help) usage ;; - --) shift; break ;; - *) echo "$0: Internal error!" ; exit 1 ;; - esac + case $1 in + # only creates the config file, does not run btrbk + -c) conf_only=true; shift ;; + -l) rate_limit=$2; shift 2 ;; + -m) IFS=, mountpoints=($2); unset IFS; shift 2 ;; + -n) dry_run=true; dry_run_arg=-n; shift ;; + -p) progress_arg="--progress"; shift ;; + # btrbk arg: Resume only. Skips snapshot creation. + -r) resume_arg=-r; shift ;; + # empty is valid for just doing local snapshot. we have default hosts + # we will populate + -t) IFS=, targets=($2); unset IFS; shift 2 ;; + -v) verbose=true; verbose_arg=-v; shift ;; + -h|--help) usage ;; + --) shift; break ;; + *) echo "$0: Internal error!" ; exit 1 ;; + esac done if [[ -s $default_args_file ]]; then - echo "$0: warning: default btrbk-run options set in $default_args_file (sleeping 5 seconds):" - cat $default_args_file - sleep 5 + echo "$0: warning: default btrbk-run options set in $default_args_file (sleeping 5 seconds):" + cat $default_args_file + sleep 5 fi echo -e "$0: options: conf_only=$conf_only\ndry_run=$dry_run\nresume_arg=$resume_arg\nrate_limit=$rate_limit\nverbose=$verbose" # set default targets if [[ ! -v targets ]]; then - case $HOSTNAME in - x2|kw) - if [[ $HOSTNAME == "$MAIL_HOST" ]]; then - targets=($HOME_DOMAIN) - fi - ;; - tp) - targets=(frodo) - if [[ $HOSTNAME == "$MAIL_HOST" ]]; then - if timeout -s 9 10 ssh x2 :; then - targets+=(x2) - fi - fi - ;; - frodo) - targets=() - ;; - *) - echo "$0: error: no default targets for this host, use -t" - exit 1 - ;; - esac + case $HOSTNAME in + x2|kw) + if [[ $HOSTNAME == "$MAIL_HOST" ]]; then + targets=($HOME_DOMAIN) + fi + ;; + tp) + targets=(frodo) + if [[ $HOSTNAME == "$MAIL_HOST" ]]; then + if timeout -s 9 10 ssh x2 :; then + targets+=(x2) + fi + fi + ;; + frodo) + targets=() + ;; + *) + echo "$0: error: no default targets for this host, use -t" + exit 1 + ;; + esac fi echo "targets: ${targets[*]}" -if (( ${#mountpoints[@]} )); then - for mp in ${mountpoints[@]}; do - if [[ -e /nocow/btrfs-stale/$mp ]]; then - echo "$0: warning: $mp stale. Sleeping for 3 seconds in case you want to cancel." - sleep 3 - fi - done -else # set default mountpoints - case $HOSTNAME in - frodo) - prospective_mps=(/i) - ;; - *) - prospective_mps=(/a /q) - if [[ $HOSTNAME == "$MAIL_HOST" ]]; then - prospective_mps+=(/o) - fi - ;; - esac - case ${targets[0]} in - kw|kww) - prospective_mps=(/a) - ;; - esac - - for mp in ${prospective_mps[@]}; do # default mountpoints to sync - if [[ -e /nocow/btrfs-stale/$mp ]]; then - echo "$0: warning: $mp stale, not adding to default mountpoints" - continue - fi - if awk '{print $2}' /etc/fstab | grep -xF $mp &>/dev/null; then - mountpoints+=($mp) - fi - done -fi +# set default mountpoints +case $HOSTNAME in + frodo) + prospective_mps=(/i) + ;; + *) + prospective_mps=(/a /q) + if [[ $HOSTNAME == "$MAIL_HOST" ]]; then + prospective_mps+=(/o) + fi + ;; +esac +case ${targets[0]} in + kw|kww) + prospective_mps=(/a) + ;; +esac + +for mp in ${prospective_mps[@]}; do # default mountpoints to sync + if [[ -e /nocow/btrfs-stale/$mp ]]; then + echo "$0: warning: $mp stale, not adding to default mountpoints" + continue + fi + if awk '{print $2}' /etc/fstab | grep -xF $mp &>/dev/null; then + mountpoints+=($mp) + fi +done echo "mountpoints: ${mountpoints[*]}" ##### end command line parsing ######## rsync-dirs() { - local host=$1 - local path=$2 - m rsync $dry_run_arg -ahi --relative --delete "$path" "root@$host:/" + local host=$1 + local path=$2 + m rsync $dry_run_arg -ahi --relative --delete "$path" "root@$host:/" } vol-conf() { - cat >>/etc/btrbk.conf <>/etc/btrbk.conf <>/etc/btrbk.conf <>/etc/btrbk.conf <>/etc/btrbk.conf <>/etc/btrbk.conf </dev/null; then - echo "$0: error: no btrbk binary found" + echo "$0: error: no btrbk binary found" + exit 1 fi +# if our mountpoints are from stale snapshots, +# it doesn't make sense to do a backup. +check-subvol-stale ${mountpoints[@]} || exit 1 + cat >/etc/btrbk.conf </dev/null; then - for tg in ${targets[@]}; do - case $tg in - tp|li|lk) - for x in /p/c/machine_specific/*.hosts; do - if grep -qxF $tg $x; then - dir=${x%.hosts} - rsync-dirs $tg $dir - fi - done - ;; - esac - done + for tg in ${targets[@]}; do + case $tg in + tp|li|lk) + for x in /p/c/machine_specific/*.hosts; do + if grep -qxF $tg $x; then + dir=${x%.hosts} + rsync-dirs $tg $dir + fi + done + ;; + esac + done fi if ! $dry_run; then - m $script_dir/mount-latest-remote ${targets[@]} + m $script_dir/mount-latest-remote ${targets[@]} fi diff --git a/check-subvol-stale b/check-subvol-stale index bdb4749..c585cea 100644 --- a/check-subvol-stale +++ b/check-subvol-stale @@ -13,16 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -# usage: $0 SUBVOL_MOUNTPOINT... -# -# In git, this is not not executable because it's meant to be installed -# using ./install-my-scripts -# -# If latest subvols $@ are not mounted, exit 1, print message, and touch -# /nocow/btrfs-stale/$subvol -# -# Either SUBVOL_MOUNTPOINT is a snapshot of the latest, or -# the latest snapshot is snapshot of SUBVOL_MOUNTPOINT. [[ $EUID == 0 ]] || exec sudo -E "$BASH_SOURCE" "$@" @@ -31,6 +21,41 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR shopt -s nullglob +usage() { + cat </dev/null; then cgen=$(echo "$show" | sed -rn 's,^\s*Gen at creation:\s+([0-9]+).*,\1,p') - if [[ $cgen -gt $last_received_gen ]]; then + if [[ $cgen -gt $last_received_cgen ]]; then last_received_cgen=$cgen last_received=$f fi fi done + d last_received_cgen=$cgen + d last_received=$f # Get last_snap by date. # when a btrbk bugfix makes it into the distro, @@ -111,6 +146,7 @@ for d; do # if there is a last_received, we can assume stale or fresh if we are newer/older if [[ $last_received ]]; then svp_cgen=$(btrfs sub show $svp | sed -rn 's,^\s*Gen at creation:\s+([0-9]+).*,\1,p') + d svp_cgen=$svp_cgen if [[ $svp_cgen -ge $last_received_cgen ]]; then stale=false else diff --git a/conflink b/conflink index ec1b623..4e62edb 100755 --- a/conflink +++ b/conflink @@ -1,13 +1,10 @@ #!/bin/bash -source /a/bin/errhandle/errcatch-function -source /a/bin/errhandle/bash-trace-function - -errcatch +source /a/bin/errhandle/err m() { - echo "$*" - "$@" + echo "$*" + "$@" } s() { sudo "$@"; } lnf() { /a/exe/lnf "$@"; } @@ -22,88 +19,87 @@ shopt -s extglob # note, already set with bash -l # Also note, under filesystem/, symlinks are expanded. subdir-link-r() { - local root="$1" - local targets=() - if [[ $2 ]]; then - targets=( "$2"/!(.git|..|.) ) - else - for f in "$1"/!(.git|..|.); do - [[ -d $f ]] && targets+=("$f") ||: - done - fi - local below="$( readlink -f "$root/..")" - for path in "${targets[@]}"; do - local fullpath="$(readlink -f "$path")" - #e $fullpath $below # debug - if [[ -f $path || $(dirname $(readlink -f "$fullpath")) == "$below" ]]; then - m lnf -T "$path" "$HOME/${path#$root/}" - elif [[ -d "$path" ]]; then - subdir-link-r "$root" "$path" - fi + local root="$1" + local targets=() + if [[ $2 ]]; then + targets=( "$2"/!(.git|..|.) ) + else + for f in "$1"/!(.git|..|.); do + [[ -d $f ]] && targets+=("$f") ||: done + fi + local below="$( readlink -f "$root/..")" + for path in "${targets[@]}"; do + local fullpath="$(readlink -f "$path")" + #e $fullpath $below # debug + if [[ -f $path || $(dirname $(readlink -f "$fullpath")) == "$below" ]]; then + m lnf -T "$path" "$HOME/${path#$root/}" + elif [[ -d "$path" ]]; then + subdir-link-r "$root" "$path" + fi + done } common-file-setup() { - local dir fs x bdir f dst - for dir in "$@"; do - fs=$dir/filesystem - if [[ -e $fs && $USER =~ ^iank?$ ]]; then - # note, symlinks get resolved, not copied. - s tar --mode=g-s --owner=0 --group=0 -cz -C $fs . | s tar -xz -C / - fi - - if [[ -e $dir/subdir_files ]]; then - m subdir-link-r $dir/subdir_files - fi - local x=( $dir/!(binds|subdir_files|filesystem|machine_specific|..|.) ) - (( ${#x[@]} >= 1 )) || continue - m lnf ${x[@]} ~ - done + local dir fs x bdir f dst + for dir in "$@"; do + fs=$dir/filesystem + if [[ -e $fs && $USER =~ ^iank?$ ]]; then + # note, symlinks get resolved, not copied. + s tar --mode=g-s --owner=0 --group=0 -cz -C $fs . | s tar -xz -C / + fi + + if [[ -e $dir/subdir_files ]]; then + m subdir-link-r $dir/subdir_files + fi + local x=( $dir/!(binds|subdir_files|filesystem|machine_specific|..|.) ) + (( ${#x[@]} >= 1 )) || continue + m lnf ${x[@]} ~ + done } all_dirs=({/a/c,/p/c}{,/machine_specific/$HOSTNAME}) # note, we assume a group of hosts does not have the # same name as a single host, which is no problem on our scale. for x in /p/c/machine_specific/*.hosts; do - if grep -qxF $HOSTNAME $x; then all_dirs+=( ${x%.hosts} ); fi + if grep -qxF $HOSTNAME $x; then all_dirs+=( ${x%.hosts} ); fi done c_dirs=(/a/c{,/machine_specific/$HOSTNAME}) case $USER in - ian|iank) - # p needs to go first so .ssh link is created, then config link inside it - m common-file-setup ${all_dirs[@]} - - #### begin special extra stuff #### - install -d -m700 ~/gpg-agent-socket - if [[ -d /etc/bind/bind-writable ]]; then - # need bind writable dir for nsupdate, or else we get - # named[20823]: /etc/bind/db.iank.pw.jnl: create: permission denied - m s chgrp bind /etc/bind/bind-writable - fi - files=(/etc/bind/[Kk]*) - if [[ -e $files ]]; then - m s chgrp bind ${files[@]} - fi - if [[ -e /etc/davpass ]] && getent group www-data &>/dev/null; then - s chgrp www-data /etc/davpass - fi - if [[ -e /var/lib/znc ]] && getent group znc; then - s chown -R znc:znc /var/lib/znc - fi - /a/exe/lnf -T /p/arbtt-capture.log ~/.arbtt/capture.log - ##### end special extra stuff ##### - - sudo bash -c 'cd /etc/openvpn; for f in client/*; do ln -sf $f .; done' - - m sudo -H -u traci "$BASH_SOURCE" - ;; - traci) - m common-file-setup ${c_dirs[@]} - ;; - *) - echo "$0: error: unexpected user"; exit 1 - ;; + ian|iank) + # p needs to go first so .ssh link is created, then config link inside it + m common-file-setup ${all_dirs[@]} + + #### begin special extra stuff #### + install -d -m700 ~/gpg-agent-socket + + files=(/var/lib/bind) + if [[ -e $files ]]; then + # reset to the original permissions. + m s chgrp -R bind ${files[@]} + m s chmod g+w ${files[@]} + fi + if [[ -e /etc/davpass ]] && getent group www-data &>/dev/null; then + s chgrp www-data /etc/davpass + fi + if [[ -e /var/lib/znc ]] && getent group znc; then + s chown -R znc:znc /var/lib/znc + fi + /a/exe/lnf -T /p/arbtt-capture.log ~/.arbtt/capture.log + ##### end special extra stuff ##### + + sudo bash -c 'cd /etc/openvpn; for f in client/*; do ln -sf $f .; done' + sudo bash -c 'chmod 600 /etc/openvpn/client/*.key' + + m sudo -H -u traci "$BASH_SOURCE" + ;; + traci) + m common-file-setup ${c_dirs[@]} + ;; + *) + echo "$0: error: unexpected user"; exit 1 + ;; esac diff --git a/disabled/kodi-setup b/disabled/kodi-setup index 004acac..ef4a4f8 100644 --- a/disabled/kodi-setup +++ b/disabled/kodi-setup @@ -24,7 +24,7 @@ $a RPCMOUNTDOPTS="--manage-gids --port 32767" EOF ser restart nfs-kernel-server -if [[ $HOSTNAME == treetowl ]]; then +if [[ $HOSTNAME == kd ]]; then # persistent one time steps for webdav: # create persistent password, put it in ~/.kodi/userdata/advancedsettings.xml, # per http://kodi.wiki/view/MySQL/Sync_other_parts_of_Kodi diff --git a/disabled/samba-setup b/disabled/samba-setup index 2932fa3..e3b6e44 100644 --- a/disabled/samba-setup +++ b/disabled/samba-setup @@ -2,7 +2,7 @@ # this is from distro-end -if [[ $HOSTNAME == treetowl ]]; then +if [[ $HOSTNAME == kd ]]; then pi samba # note samba re-reads it\'s config every 1 minute case $distro in diff --git a/distro-begin b/distro-begin index fa5db41..35c904a 100755 --- a/distro-begin +++ b/distro-begin @@ -61,8 +61,6 @@ fi ### arg parsing recompile=false -# for copying to a new data fs -bootstrapfs=false # old flag, needs new look before using. while [[ $1 == -* ]]; do case $1 in -r) recompile=true; shift ;; @@ -74,12 +72,12 @@ fi ##### variables/env setup -script_dir="$(readlink -f "$BASH_SOURCE")" +script_dir="$(readlink -f "$BASH_SOURCE")"; script_dir=${script_dir%/*} source $script_dir/pkgs set +x source /a/bin/distro-functions/src/identify-distros $interactive || set -x -for f in iank-dev htpc treetowl x2 frodo tp li lj demohost kw fz; do +for f in iank-dev htpc kd x2 frodo tp li lj demohost kw fz; do eval "$f() { [[ $HOSTNAME == $f ]]; }" done has_p() { ! linode; } # when tp is tracis, then not tp either diff --git a/distro-end b/distro-end index 728161d..7bc1f4b 100755 --- a/distro-end +++ b/distro-end @@ -116,8 +116,12 @@ if isdeb; then $(debian-codename-compat) \ stable" p update - pi docker-ce - sgo docker + # docker eats up a fair amount of cpu when doing nothing, so don't enable it unless + # we really need it. + pi-nostart docker-ce + case $HOSTNAME in + li|lj) sgo docker ;; + esac # other distros unknown fi ### end docker install #### @@ -482,7 +486,7 @@ EOF ############### !!!!!!!!!!!!!!!!! ############### manual steps: - # only following 2 people atm, so not bothering to figure out backups + # only following a few people atm, so not bothering to figure out backups # when mastodon has not documented it at all. # # fsf@status.fsf.org @@ -538,7 +542,7 @@ EOF # alo would be nice if erc supported # https://wiki.znc.in/self-message # https://wiki.znc.in/Query_buffers \ - # + # s useradd --create-home -d /var/lib/znc --system --shell /sbin/nologin --comment "Account to run ZNC daemon" --user-group znc || [[ $? == 9 ]] # 9 if it exists already chmod 700 /var/lib/znc s chown -R znc:znc /var/lib/znc @@ -575,7 +579,11 @@ case $distro in s add-apt-repository -y ppa:ansible/ansible p update fi - pi ansible + s pip install --upgrade pip + # newer 2.7 versions have a bug that incorrectly detects trisquel version. fixed once 2.8 arrives + # in 2019 + pip install --user ansible=2.7.4 + #pi ansible ;; esac @@ -803,10 +811,11 @@ fi ####### begin misc packages ########### +# sakura config is owned by ian reset-sakura -sudo -u traci -i reset-sakura reset-konsole sudo -u traci -i reset-konsole +# traci xscreensaver we don't want to reset reset-xscreensaver @@ -891,6 +900,44 @@ case $distro in # others unknown esac +case $(debian-codename) in + # needed for debootstrap scripts for fai since fai requires debian + flidas) + s dd of=/etc/apt/preferences.d/flidas-xenial </dev/null < + + + + sans-serif + + Noto Sans + + + diff --git a/filesystem/etc/synergy.conf b/filesystem/etc/synergy.conf index 8abb8de..1cf8484 100644 --- a/filesystem/etc/synergy.conf +++ b/filesystem/etc/synergy.conf @@ -1,6 +1,6 @@ section: screens - treetowl: + kd: frodo: tp: end @@ -8,9 +8,9 @@ end section: links tp: right = frodo - treetowl: + kd: left = frodo frodo: left = tp - right = treetowl + right = kd end diff --git a/filesystem/etc/systemd/system/networking.service.d/timeout.conf b/filesystem/etc/systemd/system/networking.service.d/timeout.conf new file mode 100644 index 0000000..e496ec0 --- /dev/null +++ b/filesystem/etc/systemd/system/networking.service.d/timeout.conf @@ -0,0 +1,2 @@ +[Service] +TimeoutStartSec=20 diff --git a/fsf-get-mail b/fsf-get-mail deleted file mode 100755 index 4bcd151..0000000 --- a/fsf-get-mail +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -# commented, because relying on cronjob -#offlineimap -a fsf - -# delete based on http://deflexion.com/2006/05/imap-way-of-deleting-message -sieve-filter -eW -o mail_location=maildir:/nocow/user/fsfmd:LAYOUT=fs:INBOX=/nocow/user/fsfmd/INBOX ~/sieve/fsf.sieve INBOX delete &>>/tmp/fsfsieve.log - -# mu indexing happens after this, and if offlineimap is running, -# it can index messages which are in the wrong folder. -# Just run it again if this happens. - -# to test new rules, update fsf-test.sieve, run these commands, then copy new fsf-test.sieve to fsf.sieve -# sieve-filter -o mail_location=maildir:/nocow/user/fsfmd:LAYOUT=fs:INBOX=/nocow/user/fsfmd/INBOX ~/sieve/fsf-test.sieve INBOX &>/tmp/testfsfsieve.log -# sed -rn '/^Performed actions:/{n;n;p}' /tmp/testfsfsieve.log | sort -u diff --git a/gitslink b/gitslink index 3274c72..1352ecd 100755 --- a/gitslink +++ b/gitslink @@ -1,8 +1,6 @@ #!/bin/bash -source /a/bin/errhandle/errcatch-function -source /a/bin/errhandle/bash-trace-function -errcatch +source /a/bin/errhandle/err e() { echo "$*"; "$@"; } lnf() { /a/bin/lnf/lnf "$@"; } diff --git a/machine_specific/btrbk.hosts b/machine_specific/btrbk.hosts index 3128123..1c0b74c 100644 --- a/machine_specific/btrbk.hosts +++ b/machine_specific/btrbk.hosts @@ -1,2 +1,2 @@ -treetowl +kd frodo \ No newline at end of file diff --git a/machine_specific/treetowl/filesystem/etc/cron.d/treetowl b/machine_specific/kd/filesystem/etc/cron.d/kd similarity index 100% rename from machine_specific/treetowl/filesystem/etc/cron.d/treetowl rename to machine_specific/kd/filesystem/etc/cron.d/kd diff --git a/machine_specific/treetowl/filesystem/etc/cron.daily/check-lets-encrypt-ssl-settings b/machine_specific/kd/filesystem/etc/cron.daily/check-lets-encrypt-ssl-settings similarity index 100% rename from machine_specific/treetowl/filesystem/etc/cron.daily/check-lets-encrypt-ssl-settings rename to machine_specific/kd/filesystem/etc/cron.daily/check-lets-encrypt-ssl-settings diff --git a/machine_specific/treetowl/filesystem/etc/cron.daily/mediawiki_backup b/machine_specific/kd/filesystem/etc/cron.daily/mediawiki_backup similarity index 100% rename from machine_specific/treetowl/filesystem/etc/cron.daily/mediawiki_backup rename to machine_specific/kd/filesystem/etc/cron.daily/mediawiki_backup diff --git a/machine_specific/treetowl/filesystem/etc/systemd/system/btrbk.service b/machine_specific/kd/filesystem/etc/systemd/system/btrbk.service similarity index 100% rename from machine_specific/treetowl/filesystem/etc/systemd/system/btrbk.service rename to machine_specific/kd/filesystem/etc/systemd/system/btrbk.service diff --git a/machine_specific/treetowl/filesystem/etc/systemd/system/btrbk.timer b/machine_specific/kd/filesystem/etc/systemd/system/btrbk.timer similarity index 100% rename from machine_specific/treetowl/filesystem/etc/systemd/system/btrbk.timer rename to machine_specific/kd/filesystem/etc/systemd/system/btrbk.timer diff --git a/machine_specific/li/filesystem/etc/bind/named.conf.local b/machine_specific/li/filesystem/etc/bind/named.conf.local index e3e3229..126da01 100644 --- a/machine_specific/li/filesystem/etc/bind/named.conf.local +++ b/machine_specific/li/filesystem/etc/bind/named.conf.local @@ -10,7 +10,7 @@ include "/etc/bind/zones.rfc1918"; zone "b8.nz" { type master; -file "/etc/bind/bind-writable/db.b8.nz"; +file "/var/lib/bind/db.b8.nz"; update-policy { // allow host to update themselves with a key having their own name grant b8.nz. name b8.nz. A TXT; diff --git a/machine_specific/li/filesystem/etc/bind/bind-writable/db.b8.nz b/machine_specific/li/filesystem/var/lib/bind/db.b8.nz similarity index 100% rename from machine_specific/li/filesystem/etc/bind/bind-writable/db.b8.nz rename to machine_specific/li/filesystem/var/lib/bind/db.b8.nz diff --git a/mail-route b/mail-route index 81a3ccb..11f92c6 100755 --- a/mail-route +++ b/mail-route @@ -1,6 +1,6 @@ #!/bin/bash # Copyright (C) 2016 Ian Kelling - +set -x # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -15,13 +15,10 @@ [[ $EUID == 0 ]] || exec sudo "$BASH_SOURCE" "$@" -source /a/bin/errhandle/errcatch-function -source /a/bin/errhandle/errallow-function -source /a/bin/errhandle/bash-trace-function -errcatch +source /a/bin/errhandle/err usage() { - cat <<'EOF' + cat <<'EOF' Usage: mail-route up|down|show Marks tcp packets on port 25 and 143 to be routed through @@ -30,125 +27,131 @@ tun_dev, and action is from $script_type. Is idempotent. EOF - exit $1 + exit $1 } if (( $# < 1 )); then - usage 1 + usage 1 fi up() { - start=true - stop=false - iptables_op=-A - ip_op=add - if [[ ! $tun_dev ]]; then - # delays because I was running this outside of openvpn before - found=false - for ((i=1; i<=30; i++)); do - tun_dev=$(ip a show to 10.8.0.4/24 | sed -rn '1s/^\S+\s+([^:]+).*/\1/p') - if [[ $tun_dev == tun* ]]; then - found=true - break - fi - sleep 1 - done - if ! $found; then - echo "$0: error: timeout waiting for valid tun_dev, currently:$tun_dev" - exit 1 - fi + start=true + stop=false + iptables_op=-A + ip_op=add + timeout_secs=20 + if [[ ! $tun_dev ]]; then + # delays because I was running this outside of openvpn before + found=false + for ((i=1; i<=timeout_secs; i++)); do + tun_dev=$(ip a show to 10.8.0.4/24 | sed -rn '1s/^\S+\s+([^:]+).*/\1/p') + if [[ $tun_dev == tun* ]]; then + found=true + break + fi + sleep 1 + done + if ! $found; then + echo "$0: error: timeout after $timeout_secs waiting for valid tun_dev, currently:$tun_dev" + exit 1 fi - e() { echo "$0: $*"; "$@"; } - _errcatch_cleanup=stop - modify - # we leave it as is even when stopping, because we would like it to be default, but the only way - # to change the default is for every device, and I want to avoid that, even though I wouldn't mind, others users of this script might. + fi + e() { echo "$0: $*"; "$@"; } + _errcatch_cleanup=stop + modify + # we leave it as is even when stopping, because we would like it to be default, but the only way + # to change the default is for every device, and I want to avoid that, even though I wouldn't mind, others users of this script might. + val=$(sysctl -n net.ipv4.conf.$tun_dev.rp_filter) + if [[ $val != 2 ]]; then + echo "net.ipv4.conf.$tun_dev.rp_filter = $val" e sysctl net.ipv4.conf.$tun_dev.rp_filter=2 + fi + } down() { - start=false - stop=true - iptables_op=-D - ip_op=del - # note, this is not going to work if the interface has been deleted. - # we could also check for an iptable rule that on some tun interface like the one - # we use, but meh, the way I'm using the script now, tun_dev is supplied by openvpn - if [[ ! tun_dev ]]; then + start=false + stop=true + iptables_op=-D + ip_op=del + # note, this is not going to work if the interface has been deleted. + # we could also check for an iptable rule that on some tun interface like the one + # we use, but meh, the way I'm using the script now, tun_dev is supplied by openvpn + if [[ ! tun_dev ]]; then tun_dev=$(ip a show to 10.8.0.4/24 | sed -rn '1s/^\S+\s+([^:]+).*/\1/p') - fi - e() { echo "$0: $*"; "$@" || printf "maybe ok failure: %s\n" "$*"; } - modify + fi + e() { echo "$0: $*"; "$@" || printf "maybe ok failure: %s\n" "$*"; } + modify } show() { - e() { printf "${0##*/}: %s\n" "$*"; "$@"; } - e iptables -t mangle -S - e iptables -t nat -S - e ip rule - e ip route show table 1 - - tun_dev=$(ip a show to 10.8.0.4/24 | sed -rn '1s/^\S+\s+([^:]+).*/\1/p') - if [[ $tun_dev == tun* ]]; then - e sysctl net.ipv4.conf.$tun_dev.rp_filter - else - echo "$0: note, no tun device found" - fi - exit 0 + e() { printf "${0##*/}: %s\n" "$*"; "$@"; } + e iptables -t mangle -S + e iptables -t nat -S + e ip rule + e ip route show table 1 + + tun_dev=$(ip a show to 10.8.0.4/24 | sed -rn '1s/^\S+\s+([^:]+).*/\1/p') + if [[ $tun_dev == tun* ]]; then + e sysctl net.ipv4.conf.$tun_dev.rp_filter + else + echo "$0: note, no tun device found" + fi + exit 0 } runtest() { - # debugging: - #echo start=$start stop=$stop exists=$exists - { $start && ! $exists; } || { $stop && $exists; } + # debugging: + #echo start=$start stop=$stop exists=$exists + { $start && ! $exists; } || { $stop && $exists; } } iptmod() { #iptables modify - local check cmd="$*" exists=true - ${cmd/-[AD]/-C} &>/dev/null || exists=false - if runtest; then e $cmd; fi + local check cmd="$*" exists=true + ${cmd/-[AD]/-C} &>/dev/null || exists=false + if runtest; then e $cmd; fi } # code common to start and stop. modify() { - # match source or dest port. note, when we send to a port, it picks a random high port as - # the source. - for port in 25 143; do # smtp and imap. - iptcommon="OUTPUT -m tcp -p tcp -m multiport --ports $port -j MARK --set-mark" - iptmod iptables -t mangle $iptables_op $iptcommon 0x1 - iptmod iptables -t mangle $iptables_op $iptcommon 0x0 -d 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 - # note, we could have used a custom chain and returned instead of setting the mark again. - # in case anyone was ever curious, the inverse of private ips is: #0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4,224.0.0.0/3 - done + # match source or dest port. note, when we send to a port, it picks a random high port as + # the source. + for port in 25 143; do # smtp and imap. + iptcommon="OUTPUT -m tcp -p tcp -m multiport --ports $port -j MARK --set-mark" + iptmod iptables -t mangle $iptables_op $iptcommon 0x1 + iptmod iptables -t mangle $iptables_op $iptcommon 0x0 -d 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 + # note, we could have used a custom chain and returned instead of setting the mark again. + # in case anyone was ever curious, the inverse of private ips is: #0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4,224.0.0.0/3 + done - if [[ $tun_dev ]]; then - # when $tun_dev goes away, so does this rul - iptmod iptables -t nat $iptables_op POSTROUTING -o $tun_dev -m mark --mark 0x1 -j SNAT --to-source 10.8.0.4 - fi + if [[ $tun_dev ]]; then + # when $tun_dev goes away, so does this rul + iptmod iptables -t nat $iptables_op POSTROUTING -o $tun_dev -m mark --mark 0x1 -j SNAT --to-source 10.8.0.4 + fi - iprulecmd="fwmark 1 table 1" - exists=true; ip rule show $iprulecmd | grep . &>/dev/null || exists=false - if runtest; then e ip rule $ip_op $iprulecmd; fi + iprulecmd="fwmark 1 table 1" + exists=true; ip rule show $iprulecmd | grep . &>/dev/null || exists=false + if runtest; then e ip rule $ip_op $iprulecmd; fi - iproutecmd="default via 10.8.0.1 table 1" - exists=true; ip route show $iproutecmd | grep . &>/dev/null || exists=false - if runtest; then e ip route $ip_op $iproutecmd; fi + iproutecmd="default via 10.8.0.1 table 1" + exists=true; ip route show $iproutecmd | grep . &>/dev/null || exists=false + if runtest; then e ip route $ip_op $iproutecmd; fi - # on debian this is 0 (no filter), on ubuntu it\'s 1, which is no good. 0 or 2 both work fine. - # 2 drops it if the packet is not routable, martian address, or my default route is screwed up, - # so, eh, might as well. some rhel docs recommend using it. + # on debian this is 0 (no filter), on ubuntu it\'s 1, which is no good. 0 or 2 both work fine. + # 2 drops it if the packet is not routable, martian address, or my default route is screwed up, + # so, eh, might as well. some rhel docs recommend using it. } if (( $# > 1 )); then -tun_dev=$1 -$script_type + tun_dev=$1 + $script_type else - case $1 in - up|down|show) $1 ;; - *) usage 1 ;; - esac + case $1 in + up|down|show) $1 ;; + *) usage 1 ;; + esac fi diff --git a/mail-setup b/mail-setup index c3b11d8..9e867c8 100755 --- a/mail-setup +++ b/mail-setup @@ -19,6 +19,12 @@ set -eE -o pipefail trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR [[ $EUID == 0 ]] || exec sudo -E "$BASH_SOURCE" "$@" +if [[ ! $SUDO_USER ]]; then + echo "$0: error: requires running as nonroot or sudo" + exit 1 +fi +u=$SUDO_USER + usage() { cat <&2' ERR +# mail-route can get messed up a bit randomly, I don't know why. +#/b/ds/mail-route up | /b/log-quiet/log-once -1 mail-route + offlineimap -u quiet shopt -s nullglob @@ -11,7 +14,7 @@ omv() { # offlineimap mv. move mail files within $src_base/$1 to /m/md/$2 dst="$2" found_files=false for x in new cur; do - files=("$src_base"/"$src"/$x/*) + files=($src_base/"$src"/$x/*) if [[ $files ]]; then found_files=true mv "${files[@]}" /m/md/"$dst"/$x @@ -36,3 +39,21 @@ if $found_files; then # figure out if that is the same speed, or if we can make it faster. #mu index &>/dev/null ||: fi + + +# qemu-devel is our biggest list by far, so occasionally +# I want to hop into conversations about our mailing +# systems there, but I don't need many old messages. +find /nocow/user/fsfmd/l/qemu-devel/new -type f -mtime +14 -execdir rm -- '{}' + + +find /nocow/user/fsfmd/{sec,Spam,Drafts,{rtcc,sysadmin,l/outreachy-mentors}/new} -type f -mtime +100 -execdir rm -- '{}' + + +find /nocow/user/fsfmd/log -type f -mtime +300 -execdir rm -- '{}' + + + +# delete based on http://deflexion.com/2006/05/imap-way-of-deleting-message +sieve-filter -eW -o mail_location=maildir:/nocow/user/fsfmd:LAYOUT=fs:INBOX=/nocow/user/fsfmd/INBOX ~/sieve/fsf.sieve INBOX delete &>>/tmp/fsfsieve.log + +# to test new rules, update fsf-test.sieve, run these commands, then copy new fsf-test.sieve to fsf.sieve +# sieve-filter -o mail_location=maildir:/nocow/user/fsfmd:LAYOUT=fs:INBOX=/nocow/user/fsfmd/INBOX ~/sieve/fsf-test.sieve INBOX &>/tmp/testfsfsieve.log +# sed -rn '/^Performed actions:/{n;n;p}' /tmp/testfsfsieve.log | sort -u diff --git a/pkgs b/pkgs index 1038a28..b7c1111 100644 --- a/pkgs +++ b/pkgs @@ -7,6 +7,8 @@ p1=( trash-cli cryptsetup lvm2 + mbuffer + screen ) p2=( # 2nd @@ -31,6 +33,7 @@ p3=( rdiff-backup ruby ruby-rest-client + traceroute tree vim wcd @@ -45,6 +48,7 @@ p3=( # guvcview also adjusts webcam # pv is used by btrbk # libterm-readkey-perl for rt cli tool +# fonts pkgs are an attempt to get less block characters p4=( adb apache2 @@ -53,6 +57,8 @@ p4=( apt-listchanges apt-rdepends aptitude-doc-en + asciidoc + backupninja bash-doc beets beets-doc @@ -63,6 +69,7 @@ p4=( cloc cpulimit cron + debian-archive-keyring debootstrap debconf-doc dirmngr @@ -77,6 +84,12 @@ p4=( feh filelight flashrom + fonts-noto + fonts-roboto + fonts-thai-tlwg + fonts-thai-tlwg-otf + xfonts-intl-asian + fonts-sil-lateef gawk-doc gcc-doc gdb @@ -84,13 +97,15 @@ p4=( geoip-bin git-doc git-email + git-svn gitk glibc-doc goaccess gnome-screenshot + gnupg-doc guvcview i3lock - inetutils-traceroute + iputils-tracepath iperf3 iproute2-doc jq @@ -113,6 +128,7 @@ p4=( mpv mumble nagstamon + needrestart ncdu nginx-doc nmap @@ -129,6 +145,7 @@ p4=( pianobar pidgin pidgin-otr + pip pry pv python-autopep8 @@ -139,6 +156,8 @@ p4=( rng-tools sakura schroot + sig2dot + sipcalc sqlite3-doc squashfs-tools strace @@ -148,10 +167,13 @@ p4=( telnet transmission-remote-gtk vlc + w3m whois wondershaper xawtv xbacklight + xdot + xloadimage xprintidle xscreensaver xscreensaver-data-extra diff --git a/radicale-setup b/radicale-setup index 802e0b8..ba8fde2 100755 --- a/radicale-setup +++ b/radicale-setup @@ -83,9 +83,9 @@ fi # davdroid from f-druid. # login with url and user name -# url https://cal.iankelling.org +# url https://cal.iankelling.org/ian # username ian -# pass, see password manager +# pass, see password manager for radicale # # add account dialog: # diff --git a/subdir_files/.config/mpv/mpv.conf b/subdir_files/.config/mpv/mpv.conf index 923bb30..b7c2860 100644 --- a/subdir_files/.config/mpv/mpv.conf +++ b/subdir_files/.config/mpv/mpv.conf @@ -11,3 +11,4 @@ save-position-on-quit [d] loop-file=inf shuffle +#vo=gpu diff --git a/subdir_files/.gnupg/gpg.conf b/subdir_files/.gnupg/gpg.conf index 2e6db08..9641d86 100644 --- a/subdir_files/.gnupg/gpg.conf +++ b/subdir_files/.gnupg/gpg.conf @@ -35,4 +35,10 @@ default-key B125F60B7B287FF6A2B7DF8F170AF0E2954295DF # because something keeps deleting that directory # default keyserver -keyserver hkp://pool.sks-keyservers.net \ No newline at end of file +# +#keyserver hkp://pgp.mit.edu +# this one seems more reliable, but it's down now +keyserver hkp://pool.sks-keyservers.net + +# more secure, but had problems with my gpg version +#keyserver hkps://hkps.pool.sks-keyservers.net diff --git a/subdir_files/.xmonad/xmonad.hs b/subdir_files/.xmonad/xmonad.hs index b385ad5..2829810 100644 --- a/subdir_files/.xmonad/xmonad.hs +++ b/subdir_files/.xmonad/xmonad.hs @@ -90,8 +90,8 @@ myKeys conf@(XConfig {XMonad.modMask = modm}) = M.fromList $ -- primary firefox profile here. I'd rather have a command which -- sets which is the pimary for opening links. It could alter a file, -- and we could launch firefox with a wrapper script which looks at that file. - , ((modm, xK_3), spawn "firefox -P sfw") - , ((modm, xK_4), spawn "firefox -no-remote -P firefox-main-profile") + , ((modm, xK_3), spawn "abrowser -P sfw") + , ((modm, xK_4), spawn "abrowser -no-remote -P firefox-main-profile") , ((modm, xK_5), spawn "/a/exe/input-setup l") , ((modm, xK_1), spawn "/a/exe/input-setup k") diff --git a/subdir_files/sieve/fsf.sieve b/subdir_files/sieve/fsf.sieve index a661523..26d4c27 100644 --- a/subdir_files/sieve/fsf.sieve +++ b/subdir_files/sieve/fsf.sieve @@ -7,6 +7,7 @@ if anyof (header :contains "list-id" "") { if anyof ( address :is "from" "sysadmin@gnu.org", + address :is "from" "sysadmin-nonrt@gnu.org", address :is "to" "sysadmin-nonrt@gnu.org", address :is "from" "sysadmin-comment@gnu.org" ) { diff --git a/subdir_files/sieve/lists.sieve b/subdir_files/sieve/lists.sieve index f64aafb..4dd75a2 100644 --- a/subdir_files/sieve/lists.sieve +++ b/subdir_files/sieve/lists.sieve @@ -8,6 +8,13 @@ if anyof ( stop; } +if anyof ( + header :contains "list-id" "" + ) { + fileinto :create "l/outreachy-mentors"; + stop; + } + if anyof ( header :contains "list-id" "", header :contains "list-id" "", @@ -71,7 +78,15 @@ if anyof ( header :contains "list-id" "", header :contains "list-id" "", header :contains "list-id" "", - header :contains "list-id" "" + header :contains "list-id" "", + header :contains "list-id" "", + header :contains "list-id" "", + header :contains "list-id" "", + header :contains "list-id" "", + header :contains "list-id" "", + header :contains "from" "", + header :contains "list-id" "" + ) { fileinto :create "community"; stop; diff --git a/switch-mail-host b/switch-mail-host index b3e7832..b67203a 100755 --- a/switch-mail-host +++ b/switch-mail-host @@ -133,9 +133,10 @@ if [[ $new_host == $HOSTNAME ]] && ! $at_home; then echo | $wrt_shell cedit mail_host /etc/hosts || [[ $? == 1 ]] # 1 means file changed. else $wrt_shell bash -s <