Merge branch 'master' into dev
This commit is contained in:
commit
9c81d240f2
@ -44,4 +44,6 @@ How to see which websites you're actively accessing:
|
||||
This started as a few personal notes, and will probably continue to look like that for some time.
|
||||
It's a bit of a mess.
|
||||
|
||||
Systemd is taken as a default. Non-systemd commands we relegate to their respective distros, e.g. runit for Void Linux.
|
||||
Systemd is taken as a default.
|
||||
Non-systemd commands we relegate to their respective distros, e.g. runit for Void Linux.
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "at"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
Install with:
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "basics"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
title: "Basics"
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
|
||||
You need about a dozen commands to move around Linux.
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "clock"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
|
||||
Show system time:
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "conditionals"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
# If statements
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "cron"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
# Cron
|
||||
|
||||
|
@ -1,11 +1,13 @@
|
||||
---
|
||||
title: "kernel"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
# Living Space
|
||||
## Living Space
|
||||
|
||||
Kernel modules live in lib/modules/$(uname -r)
|
||||
|
||||
## Change
|
||||
|
||||
Load them with
|
||||
|
||||
> sudo modprobe ath9k
|
||||
@ -16,5 +18,9 @@ Or remove one with
|
||||
|
||||
The PC's irritating speaker beep can be really annoying. Disable it with:
|
||||
|
||||
> sudo rmmod pcspeaker
|
||||
> sudo modprobe -r pcspeaker
|
||||
|
||||
Permanently disable a module by blacklisting it in `/etc/modprobe.d`:
|
||||
|
||||
> echo 'blacklist pcspkr' > /etc/modprobe.d/*nobeep*.conf
|
||||
|
||||
|
@ -1,16 +1,17 @@
|
||||
---
|
||||
title: "kill"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
If you want to kill a program in a graphical environment, open a terminal and typeL
|
||||
|
||||
## Graphical Programs
|
||||
If you want to kill a program in a graphical environment, open a terminal and type:
|
||||
|
||||
# Graphical Programs
|
||||
|
||||
> xkill
|
||||
|
||||
Then click on the application which you want to kill.
|
||||
|
||||
## All Programs
|
||||
# All Programs
|
||||
|
||||
To kill a program, find it with:
|
||||
|
||||
@ -22,7 +23,7 @@ Kill the program with:
|
||||
|
||||
> kill 19643
|
||||
|
||||
## Types of Kill
|
||||
# Types of Kill
|
||||
|
||||
To see an ordered list of termination signals:
|
||||
|
||||
|
@ -1,12 +1,15 @@
|
||||
---
|
||||
title: "links"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
Link from X to Y.
|
||||
|
||||
> ln -s X ../otherdir/Y
|
||||
|
||||
Links cause ownership headaches. Solve this with -h:
|
||||
If you want a hard link, this will make a single file exist in two locations.
|
||||
If it is deleted in one location, it continues to exist in the other.
|
||||
|
||||
> chown -h user1 mysymlink
|
||||
> ln *X* *Y*
|
||||
|
||||
Both files must be on the same hard drive, as they have the same inode (check this with `ls -i file`).
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "locale"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
|
||||
A list of supported locales is available at /usr/share/i18n/SUPPORTED
|
||||
|
@ -1,7 +1,13 @@
|
||||
---
|
||||
title: "locating"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
# Type
|
||||
|
||||
`type` shows what kind of thing you're running, be it an alias, function, or binary program.
|
||||
|
||||
> type cmus
|
||||
|
||||
# Whereis the Program
|
||||
|
||||
Ask where the `angband` program is, along with all its configuration files:
|
||||
@ -12,13 +18,10 @@ Also `which` shows where a binary file (the program) is,
|
||||
|
||||
> which cmus
|
||||
|
||||
`type` shows what kind of thing you're running, be it an alias, or binary program.
|
||||
|
||||
> type cmus
|
||||
|
||||
# Quick Search for Files
|
||||
|
||||
You'll need to set up `locate` for this by installing `mlocate`. `mlocate` needs a list of all files on the machine, so run:
|
||||
You'll need to set up `locate` for this by installing `mlocate`.
|
||||
`mlocate` needs a list of all files on the machine, so run:
|
||||
|
||||
> sudo updatedb
|
||||
|
||||
@ -26,3 +29,5 @@ Then to find a file called 'my-cats.jpg', run:
|
||||
|
||||
> locate cats
|
||||
|
||||
For best results, run `updatedb` regularly, perhaps in crontab.
|
||||
|
||||
|
@ -1,52 +0,0 @@
|
||||
---
|
||||
title: "packages"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
---
|
||||
# Looking
|
||||
|
||||
Your package has something to do with unzipping. Find out more:
|
||||
|
||||
> apropos unzip
|
||||
|
||||
# Maintenance
|
||||
|
||||
> dpkg -l
|
||||
|
||||
List what's installed.
|
||||
|
||||
# Libraries
|
||||
|
||||
Libraries under /lib/ typically contain an .so suffix when they're dynamic. It means 'shared object' as a number of programs will refer to it.
|
||||
|
||||
Others will have an /a/ suffix, meaning that they're static, and will be loaded at runtime.
|
||||
|
||||
We can check the dependencies of a program using the ldd command upon anything in a library. For example:
|
||||
|
||||
> ldd/usr/bin/md5sum
|
||||
|
||||
... shows us that md5sum depends upon:
|
||||
|
||||
- linux-vdso.so.1
|
||||
|
||||
- libc.so.6
|
||||
|
||||
- lib64/ld-linux-x86-64.so.2
|
||||
|
||||
To list all libraries, run:
|
||||
|
||||
> ldconfig -p
|
||||
|
||||
For example, if looking at /usr/lib/x86_64-linux-gnu/libXcomposite.so.1, we might wonder what it's for. We can then run:
|
||||
|
||||
> ldconfig -p | grep libXcomposite
|
||||
|
||||
... and find out nothing except that it redirects /usr/lib/x86...
|
||||
|
||||
So at least we know where it is.
|
||||
|
||||
> ldconfig -p | grep usb
|
||||
|
||||
... this will show where things which nominally relate to usbs live.
|
||||
|
||||
You can add to the libarary path by putting just any text file in /etc/ld.so.cache, e.g. in Arch where the path to the fakeroot environment is placed there.
|
||||
|
@ -1,19 +1,7 @@
|
||||
---
|
||||
title: "processes"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
# Free
|
||||
|
||||
See free space with:
|
||||
|
||||
> free
|
||||
|
||||
and make it human readable with:
|
||||
|
||||
> free -h
|
||||
|
||||
Or `-m` for megabytes.
|
||||
|
||||
# Proccesses
|
||||
|
||||
See running items in current terminal with
|
||||
|
@ -1,39 +0,0 @@
|
||||
---
|
||||
title: "shell"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
---
|
||||
|
||||
Dash - fast but limited funcionality, great for scripts
|
||||
|
||||
sh - a simple link to whatever your default shell is
|
||||
|
||||
bash - the standard
|
||||
|
||||
elvish - user-friendly, but new, with a full file-browser embedded into the system.
|
||||
|
||||
# Login
|
||||
|
||||
All shells launch either as login or non-login. All remote sessions without a GUI withl require authentication, and therefore will be login.
|
||||
|
||||
## Login
|
||||
|
||||
These shells start by reading /etc/profile then the first of ~/.bash_profile, ~/.bash_login or ~/.profile, and load all given values.
|
||||
|
||||
## Non-Login
|
||||
|
||||
Non-login shells will read /etc/bash.bashrc and then the ~/.bashrc file. You can summon the different shell perameters with the command `.`.
|
||||
|
||||
For example, so summon the file ~/.bashrc, you can perform:
|
||||
|
||||
`. ~/.bashrc`
|
||||
|
||||
How the logout is handled depends upon ~/.bash_logout
|
||||
|
||||
# Defaults
|
||||
|
||||
The default shell config files to create for a new user are under /etc/skel.
|
||||
|
||||
# Shellcheck
|
||||
|
||||
Run `shellcheck script.sh` on your scripts to check them for mistakes.
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "time"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
# systemd
|
||||
|
||||
@ -8,7 +8,7 @@ Set time to synchronize with an ntp server:
|
||||
|
||||
> timedatectl set-ntp true
|
||||
|
||||
This info stays in /usr/share/zoneinfo
|
||||
This info stays in `/usr/share/zoneinfo`.
|
||||
|
||||
# Local Time
|
||||
|
||||
@ -46,21 +46,9 @@ Then set that language, with:
|
||||
|
||||
# Network Time Protocol
|
||||
|
||||
Enter the shell with:
|
||||
Glimpse an overview with:
|
||||
|
||||
> ntpq
|
||||
> ntpq -p
|
||||
|
||||
Or just glimpse and overview with:
|
||||
|
||||
> ntpq -q
|
||||
|
||||
This clock can drift, which is then listed under /var/log/ntp.drift
|
||||
|
||||
The config is under /etc/ntp.conf. If a line for the stats directory is listed, it'll log stats, e.g.:
|
||||
|
||||
`statsdir /var/log/ntpstats/`
|
||||
|
||||
This can show if clock drift occurs.
|
||||
|
||||
The config file also lets you specify servers to obtain time from.
|
||||
Usually this is run as a service, so just start that service.
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "users"
|
||||
tags: [ "Documentation", "basics" ]
|
||||
tags: [ "Documentation", "Basics" ]
|
||||
---
|
||||
# Basic Information
|
||||
|
||||
@ -14,8 +14,6 @@ Obviously:
|
||||
|
||||
> getent shadow
|
||||
|
||||
will require sudo.
|
||||
|
||||
## Examples
|
||||
|
||||
> sudo adduser maestro
|
||||
|
@ -1,23 +0,0 @@
|
||||
---
|
||||
title: "email"
|
||||
tags: [ "Documentation", "chat" ]
|
||||
---
|
||||
# Sendmail
|
||||
|
||||
Compose a message like this:
|
||||
|
||||
```
|
||||
To: alice@domain.com
|
||||
Subject: my new mail server
|
||||
From: literally@anything.com
|
||||
|
||||
This is the message
|
||||
|
||||
```
|
||||
|
||||
... and put it in ~/mail.txt.
|
||||
Then send with sendmail using:
|
||||
|
||||
> sendmail ~/mail.txt
|
||||
|
||||
|
@ -1,15 +0,0 @@
|
||||
---
|
||||
title: "irssi"
|
||||
tags: [ "Documentation", "chat" ]
|
||||
---
|
||||
In program:
|
||||
|
||||
> /NETWORK LIST
|
||||
> /CHANNEL LIST
|
||||
> /connect chat.freenode.net
|
||||
> /set nick ghast
|
||||
|
||||
> /join #hklbgd
|
||||
> /leave #lkj
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "profanity"
|
||||
tags: [ "Documentation", "chat" ]
|
||||
tags: [ "Documentation", "Chat" ]
|
||||
---
|
||||
|
||||
# Pre Setup
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "signal"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
tags: [ "Documentation", "Chat" ]
|
||||
---
|
||||
|
||||
> yay -S signal-cli
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "wgetpaste"
|
||||
tags: [ "Documentation", "chat" ]
|
||||
tags: [ "Documentation", "Chat" ]
|
||||
---
|
||||
|
||||
See available pastebins:
|
||||
@ -19,4 +19,3 @@ Paste in the file then load the result to the right-hand clipboard:
|
||||
|
||||
> wgetpaste -s dpaste -X
|
||||
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "archives"
|
||||
tags: [ "Documentation", "data" ]
|
||||
tags: [ "Documentation", "backups" ]
|
||||
---
|
||||
# GPG Archives
|
||||
|
52
data/backups/unison.md
Normal file
52
data/backups/unison.md
Normal file
@ -0,0 +1,52 @@
|
||||
---
|
||||
title: "unison"
|
||||
tags: [ "documentation", "backups", "sync" ]
|
||||
---
|
||||
|
||||
Install unison on both machines, and on both make the `~/.unison` directory.
|
||||
|
||||
Make a job called `backup`:
|
||||
|
||||
> vim ~/.unison/backup.prf
|
||||
|
||||
All jobs must end in `.prf`.
|
||||
|
||||
Here is an example job, which synchronizes the `~/music` directory with a remote machine.
|
||||
|
||||
```
|
||||
auto = true
|
||||
root=/home/ghost
|
||||
root=ssh://ghost@192.168.0.10//home/ghost/
|
||||
|
||||
path=music
|
||||
|
||||
ignore=Name *.flac
|
||||
|
||||
```
|
||||
The last command means it will ignore any file with a name ending in `.flac`.
|
||||
|
||||
Add a port with this line:
|
||||
|
||||
```
|
||||
sshargs=-p 4444
|
||||
```
|
||||
|
||||
## Automatic Runs
|
||||
|
||||
The first command means this will run but also confirm which files will be deleted, and which will be transferred, us `batch = true` instead.
|
||||
|
||||
Set unison to run with crontab or a systemd unit file to have directories synchronize automatically.
|
||||
|
||||
|
||||
## Problem Solving
|
||||
|
||||
Unison is extremely sensitive to version changes.
|
||||
Both machines must have exactly the same version of unison installed, as well as the same version of `ocaml`.
|
||||
|
||||
Check with:
|
||||
|
||||
> unison -version
|
||||
|
||||
You will see data files summarizing what has happened in the `~/.unison` directory.
|
||||
If something goes wrong, you may be prompted to delete these to start again.
|
||||
|
35
data/git.md
35
data/git.md
@ -6,21 +6,25 @@ tags: [ "Documentation", "data" ]
|
||||
|
||||
## New Machines
|
||||
|
||||
> git config --global user.email "malinfreeborn@tutamail.com"
|
||||
> git config --global user.email *"malinfreeborn@tutamail.com"*
|
||||
|
||||
> git config --global user.name "Malin Freeborn"
|
||||
> git config --global user.name *"Malin Freeborn"*
|
||||
|
||||
## New Git
|
||||
# New Git
|
||||
|
||||
Start a git:
|
||||
Start a git in a folder:
|
||||
|
||||
> mkdir *project* && cd *project*
|
||||
|
||||
> git init
|
||||
|
||||
Add whatever's in the folder.
|
||||
Make a file explaining what the project does:
|
||||
|
||||
> git add .
|
||||
> vim README.md
|
||||
|
||||
Then make the initial commit:
|
||||
> git add README.md
|
||||
|
||||
Then make the initial commit, explaining the change you just made:
|
||||
|
||||
> git commit
|
||||
|
||||
@ -38,9 +42,10 @@ Check your history:
|
||||
|
||||
# Remotes
|
||||
|
||||
Get the url of your git remote and add it, with the name "origin":
|
||||
If you want to keep a copy on a public site such as Gitlab, so others can see it, then go there and create a blank project (no readme, nothing).
|
||||
Find the address you want and add it as a remote:
|
||||
|
||||
> git remote add origin git@gitlab.com:bindrpg/core
|
||||
> git remote add *gitlab* *https://gitlab.com/username/projectx*
|
||||
|
||||
Tell git you're pushing the branch "master" to the remote repo "origin":
|
||||
|
||||
@ -55,7 +60,7 @@ If someone makes a change on the remote, pull it down with:
|
||||
A branch is a full copy of the project to test additional ideas.
|
||||
You can make a new branch called 'featurez' like this:
|
||||
|
||||
> git branch featurez
|
||||
> git branch *featurez*
|
||||
|
||||
Have a look at all your branches:
|
||||
|
||||
@ -63,23 +68,23 @@ Have a look at all your branches:
|
||||
|
||||
Switch to your new branch:
|
||||
|
||||
> git checkout featurez
|
||||
> git checkout *featurez*
|
||||
|
||||
And if your changes are rubbish, checkout the "master" branch again, then delete "featurez":
|
||||
|
||||
> git branch -D featurez
|
||||
> git branch -D *featurez*
|
||||
|
||||
Or if it's a good branch, push it to the remote:
|
||||
|
||||
> git push origin featurez
|
||||
> git push *origin* *featurez*
|
||||
|
||||
## Merging
|
||||
|
||||
Once you like the feature, merge it into the main branch. Switch to master then merge it:
|
||||
|
||||
> git merge featurez
|
||||
> git merge *featurez*
|
||||
|
||||
and delete featurez as you've already merged it:
|
||||
and delete `featurez` as you've already merged it:
|
||||
|
||||
> git branch -d featurez
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "groff"
|
||||
tags: [ "Documentation", "data" ]
|
||||
tags: [ "Documentation", "Data" ]
|
||||
---
|
||||
# Basic Documents
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "khard"
|
||||
tags: [ "Documentation", "data" ]
|
||||
tags: [ "Documentation", "Data" ]
|
||||
---
|
||||
Get the basic config:
|
||||
|
||||
|
@ -1,10 +0,0 @@
|
||||
---
|
||||
title: "tricks"
|
||||
tags: [ "Documentation", "data" ]
|
||||
---
|
||||
|
||||
# Find data from any table
|
||||
|
||||
> pg_dump --data-only --inserts -U postgres your-db-name > a.tmp
|
||||
|
||||
> grep 'my string' a.tmp
|
@ -1,57 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
export TASKDDATA=/var/lib/taskd
|
||||
|
||||
echo Change CN to hostname
|
||||
sleep 2
|
||||
|
||||
sudo vim /usr/share/doc/taskd/pki/vars
|
||||
|
||||
cd /usr/share/doc/taskd/pki/
|
||||
|
||||
sudo ./generate
|
||||
|
||||
mkdir -p $TASKDDATA
|
||||
|
||||
cp *.pem $TASKDDATA
|
||||
|
||||
chown -R root /var/lib/taskd
|
||||
|
||||
sudo cp *pem $TASKDDATA
|
||||
|
||||
chown -R taskd:taskd $TASKDDATA
|
||||
|
||||
taskd config "$user".cert=/var/lib/taskd/client.cert.pem
|
||||
taskd config "$user".key=/var/lib/taskd/client.key.pem
|
||||
taskd config "$(hostname)".cert=/var/lib/taskd/server.cert.pem
|
||||
taskd config "$(hostname)".key=/var/lib/taskd/server.key.pem
|
||||
taskd config "$(hostname)".crl=/var/lib/taskd/server.crl.pem
|
||||
taskd config ca.cert=/var/lib/taskd/ca.cert.pem
|
||||
|
||||
taskd config --force server $(hostname):53589
|
||||
|
||||
systemctl start taskd
|
||||
|
||||
|
||||
echo name a group
|
||||
read group
|
||||
|
||||
echo name user
|
||||
|
||||
read user
|
||||
|
||||
taskd add org $group
|
||||
|
||||
taskd add user $group $user
|
||||
|
||||
./generate.client $user
|
||||
|
||||
echo "
|
||||
taskd.server=alfred:port
|
||||
taskd.credentials=$group/$user/key
|
||||
taskd.certificate=~/.task/'$user'.cert.pem
|
||||
taskd.key=~/.task/'$user'.key.pem
|
||||
taskd.ca=~/.task/ca.cert.pem" >> /var/lib/taskd/config
|
||||
|
||||
tar cf $user.tar "$user"* ca.cert.pem
|
||||
|
@ -1,20 +1,71 @@
|
||||
---
|
||||
title: "task"
|
||||
tags: [ "Documentation", "data" ]
|
||||
tags: [ "Documentation", "Organization" ]
|
||||
---
|
||||
|
||||
Set up the configuration file:
|
||||
|
||||
> task
|
||||
|
||||
Add a task:
|
||||
|
||||
> task add *update linux*
|
||||
|
||||
See which task is next:
|
||||
|
||||
> task next
|
||||
|
||||
Note the id number.
|
||||
|
||||
Mark a task as started:
|
||||
|
||||
> task start *1*
|
||||
|
||||
Once finished:
|
||||
|
||||
> task *1 done*
|
||||
|
||||
# Projects
|
||||
|
||||
Add a project:
|
||||
|
||||
> task add project:*house buy potted plant*
|
||||
> task add proj:*house.repair buy screwdriver*
|
||||
> task add proj:*house.repair buy shelf brackets*
|
||||
3 task add pro:*house.paint buy white paint*
|
||||
> task add pro:*house.paint buy red paint*
|
||||
> task add pro:*house.paint buy black paint*
|
||||
> task add pro:*house.paint buy brushes*
|
||||
|
||||
## Summary
|
||||
|
||||
> task pro:house sum
|
||||
|
||||
> task burndown.daily pro:house
|
||||
|
||||
The summaries will show how fast a project is being completed, and when you can expect it to finish at the present rate.
|
||||
|
||||
# Tags
|
||||
|
||||
> task add +buy toothbrush
|
||||
|
||||
You can then see only tasks which involve buying something with:
|
||||
|
||||
> task +buy
|
||||
|
||||
# Contexts
|
||||
|
||||
Set three contexts by their tags:
|
||||
|
||||
> task context define work +sa or +hr
|
||||
> task context define *work +sa or +hr*
|
||||
|
||||
> task context define study +ed or +void or +rat
|
||||
> task context define *study +ed or +void or +rat*
|
||||
|
||||
> task context define home -sa -hr -ed -void -rat
|
||||
> task context define *home -sa -hr -ed -void -rat*
|
||||
|
||||
Change to the first context.
|
||||
|
||||
> task context work
|
||||
> task context *work*
|
||||
|
||||
Then stop.
|
||||
|
||||
@ -26,16 +77,6 @@ View list of tasks completed in the last week:
|
||||
|
||||
> task end.after:today-1wk completed
|
||||
|
||||
# Timewarrior
|
||||
|
||||
> timew start ed 'learn timewarrior'
|
||||
|
||||
> timew stop
|
||||
|
||||
> timew summary
|
||||
|
||||
> timew tags
|
||||
|
||||
# User Defined Attributes
|
||||
|
||||
Make a UDA 'size'.
|
||||
@ -48,3 +89,11 @@ Make a UDA 'size'.
|
||||
|
||||
> uda.size.default=medium
|
||||
|
||||
# Tricks
|
||||
|
||||
This command shows tasks I'm most interested in:
|
||||
|
||||
> task next +ACTIVE or +OVERDUE or due:today or scheduled:today or pri:H
|
||||
|
||||
The command is long, so `alias` is your friend.
|
||||
|
||||
|
@ -1,183 +0,0 @@
|
||||
---
|
||||
title: "taskd"
|
||||
tags: [ "Documentation", "data" ]
|
||||
---
|
||||
(instructions currently not working)
|
||||
|
||||
Switch to root to make things easier.
|
||||
|
||||
> yay -S
|
||||
|
||||
> export TASKDDATA=/var/lib/taskd
|
||||
|
||||
Edit `/usr/share/doc/taskd/pki/vars` so that ``CN'' = the hostname (IP is fine).
|
||||
|
||||
> cd /usr/share/doc/taskd/pki
|
||||
|
||||
Execute the `generate` file to generate a selfsigned certificate for the server. These will be \*.pem-files. Copy all \*.pem-files to /var/lib/taskd.
|
||||
|
||||
Make sure a copy of ca.cert.pem remains to generate user-certificates later.
|
||||
|
||||
# Taskd Configurations
|
||||
|
||||
> taskd config --force client.cert $TASKDDATA/client.cert.pem
|
||||
|
||||
> taskd config --force client.key $TASKDDATA/client.key.pem
|
||||
|
||||
> taskd config --force server.cert $TASKDDATA/server.cert.pem
|
||||
|
||||
> taskd config --force server.key $TASKDDATA/server.key.pem
|
||||
|
||||
> taskd config --force server.crl $TASKDDATA/server.crl.pem
|
||||
|
||||
> taskd config --force ca.cert $TASKDDATA/ca.cert.pem
|
||||
|
||||
# Change Taskd Log Location
|
||||
The default is /tmp/log, which obviously you don't want.
|
||||
|
||||
> touch /var/log/taskd.log
|
||||
|
||||
> chown taskd:taskd /var/log/taskd.log
|
||||
|
||||
> taskd config --force log /var/log/taskd.log
|
||||
|
||||
Finally, set up the servername - the same one as in the certificates. Mine is ``testarch''.
|
||||
|
||||
> taskd config --force server testarch:9001
|
||||
|
||||
# Adding users
|
||||
Let's add the group ``home'', then the user ``ghost'', will go in that group.
|
||||
|
||||
> taskd add org home
|
||||
|
||||
> taskd add user home ghost
|
||||
|
||||
`3f9e6154-25cb-4e45-88bb-45e98feef904`
|
||||
|
||||
> taskd add user home alfred
|
||||
|
||||
`4fbb319c-c493-437a-ab7a-028f5b75e522`
|
||||
|
||||
The user then gets a key.
|
||||
|
||||
Finally, make sure that taskd can read its own data>
|
||||
|
||||
> chown -R taskd:taskd /var/lib/taskd/orgs
|
||||
|
||||
... or perhaps the entire directory of /var/lib/taskd/.
|
||||
|
||||
Then it's back to /usr/share/doc/taskd/pki
|
||||
|
||||
Generate some userfiles:
|
||||
|
||||
> ./generate.client ghost
|
||||
|
||||
> ./generate.client alfred
|
||||
|
||||
The bob and ghost \*pem files have to be added to the given users' home directories.
|
||||
|
||||
# Setting up Users
|
||||
|
||||
> sudo apt-get install taskwarrior taskd
|
||||
|
||||
> task
|
||||
|
||||
Then move the \*pem files into the .task directory of the user.
|
||||
|
||||
Don't forget to add the ca.key.pem from `/usr/share/doc/taskd/pki`!
|
||||
|
||||
# Attempt 2
|
||||
|
||||
Well, none of that worked.
|
||||
|
||||
New info from [taskwarrior](https://gitpitch.com/GothenburgBitFactory/taskserver-setup#/1/4)
|
||||
|
||||
Default port = 53589
|
||||
|
||||
starting with
|
||||
|
||||
> taskd init
|
||||
|
||||
> taskd config server localhost:53589
|
||||
|
||||
View supported settings with `taskdrc`.
|
||||
|
||||
!!! Start with taskdctl start
|
||||
|
||||
Do a non-daemon version with
|
||||
|
||||
> taskd server --data $TASKDDATA --daemon
|
||||
|
||||
# Systemd Unit file
|
||||
|
||||
This needs to be edited for "$TASKDDATA", "$TASKDUSER", and "$TASKDGROUP".
|
||||
|
||||
|
||||
```
|
||||
|
||||
Unit]
|
||||
Description=Secure server providing multi-user, multi-client access to Taskwarrior data
|
||||
Requires=network.target
|
||||
After=network.target
|
||||
Documentation=http://taskwarrior.org/docs/#taskd
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/local/bin/taskd server --data $TASKDDATA
|
||||
Type=simple
|
||||
User=$TASKDUSER
|
||||
Group=$TASKDGROUP
|
||||
WorkingDirectory=$TASKDDATA
|
||||
PrivateTmp=true
|
||||
InaccessibleDirectories=/home /root /boot /opt /mnt /media
|
||||
ReadOnlyDirectories=/etc /usr
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
```
|
||||
|
||||
Enable all this by copying the file to `/etc/systemd/system`, reload daemon, then start it.
|
||||
|
||||
Key for ghost:
|
||||
29bd8a06-2cc0-4163-905d-6216257a3031
|
||||
|
||||
e29bffe0-72d8-45f2-b1f9-f29397cfab16
|
||||
|
||||
# Different:
|
||||
|
||||
$ task config taskd.certificate -- ~/.task/first_last.cert.pem
|
||||
$ task config taskd.key -- ~/.task/first_last.key.pem
|
||||
$ task config taskd.ca -- ~/.task/ca.cert.pem
|
||||
|
||||
# Trust
|
||||
|
||||
For troubleshooting we can set:
|
||||
|
||||
> taskd.trust=ignore [hostname]
|
||||
|
||||
> taskd.trust=allow all
|
||||
|
||||
> taskd.trust=strict
|
||||
|
||||
# User Defines Attributes - UDA
|
||||
|
||||
Each UDA has two to four attributes: type (numeric or string) and label are necessary:
|
||||
|
||||
> task config uda.THING.type {numeric,string}
|
||||
|
||||
> task config uda.THING.label Thg
|
||||
|
||||
Constrain these attributes to a comma-delineated set with:
|
||||
|
||||
> task config uda.THING.values brown,orange,green
|
||||
|
||||
You can also show how important the Attribute makes something:
|
||||
|
||||
> urgency.uda.THING.coefficient=2.8
|
||||
|
||||
# Aliases
|
||||
|
||||
Alias `delete' to `rm' with:
|
||||
|
||||
task config alias.rm delete
|
||||
|
@ -1,42 +0,0 @@
|
||||
#!/bin/bash
|
||||
# script currently not working
|
||||
|
||||
export TASKDDATA=/var/lib/taskd
|
||||
|
||||
sudo mkdir -p $TASKDDATA
|
||||
sudo chown taskd:$(whoami) $TASKDDATA
|
||||
sudo chmod 775 $TASKDDATA
|
||||
|
||||
cp -r /usr/share/doc/taskd/pki/ $TASKDDATA
|
||||
|
||||
cd $TASKDDATA/pki
|
||||
|
||||
sed -i s/localhost/$(hostname -f)/ vars
|
||||
|
||||
./generate
|
||||
|
||||
cp client.cert.pem $TASKDDATA
|
||||
cp client.key.pem $TASKDDATA
|
||||
cp server.cert.pem $TASKDDATA
|
||||
cp server.key.pem $TASKDDATA
|
||||
cp server.crl.pem $TASKDDATA
|
||||
cp ca.cert.pem $TASKDDATA
|
||||
|
||||
taskd config --force client.cert $TASKDDATA/client.cert.pem
|
||||
taskd config --force client.key $TASKDDATA/client.key.pem
|
||||
taskd config --force server.cert $TASKDDATA/server.cert.pem
|
||||
taskd config --force server.key $TASKDDATA/server.key.pem
|
||||
taskd config --force server.crl $TASKDDATA/server.crl.pem
|
||||
taskd config --force ca.cert $TASKDDATA/ca.cert.pem
|
||||
|
||||
cd $TASKDDATA/..
|
||||
taskd config --force log $PWD/taskd.log
|
||||
taskd config --force pid.file $PWD/taskd.pid
|
||||
taskd config --force server $(hostname -f):53589
|
||||
|
||||
taskd add org public
|
||||
|
||||
# 1515de89-cc81-4af6-a6a4-41c1430620b0
|
||||
|
||||
journalctl -u taskd
|
||||
|
@ -1,11 +1,7 @@
|
||||
---
|
||||
title: "timew"
|
||||
tags: [ "Documentation", "data" ]
|
||||
tags: [ "Documentation", "Data" ]
|
||||
---
|
||||
# Setup
|
||||
|
||||
Below commands mostly deal with timew alone. With taskwarrior installed as well, `locate on-modify-time`, then add it to ~/.task/hooks and make it executable.
|
||||
|
||||
# Summaries
|
||||
|
||||
Try:
|
||||
@ -153,3 +149,8 @@ with:
|
||||
|
||||
> python timew-dbcorrections.py
|
||||
|
||||
# Setup
|
||||
|
||||
With taskwarrior installed as well, `locate on-modify-time`, then add it to ~/.task/hooks and make it executable.
|
||||
This will track the time of any tasks used with [taskwarrior](task.md).
|
||||
|
||||
|
@ -1,49 +0,0 @@
|
||||
---
|
||||
title: "pi-hole-server"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
---
|
||||
|
||||
> yay -S pi-hole-server
|
||||
|
||||
> sudo systemctl enable --now pihole-FTL
|
||||
|
||||
> sudo systemctl disable --now systemd-resolved
|
||||
|
||||
Add yourself as a pihole user, then logout, and log back in.
|
||||
|
||||
> sudo usermod -aG pihole $USER
|
||||
|
||||
Remove that google dns server.
|
||||
|
||||
> pihole -a setdns 9.9.9.9 1.0.0.1
|
||||
|
||||
Disable pihole password by setting a blank password.
|
||||
|
||||
> pihole -a -p
|
||||
|
||||
Get a new list of blocked domains, then reload:
|
||||
|
||||
> pihole -g -r
|
||||
|
||||
Every so often, run `pihole -g` again (perhaps put it in crontab).
|
||||
|
||||
# Configure cloudflare DNS
|
||||
|
||||
This is optional.
|
||||
|
||||
> yay -S cloudflared-bin
|
||||
|
||||
echo "proxy-dns: true
|
||||
proxy-dns-upstream:
|
||||
- https://1.0.0.1/dns-query
|
||||
- https://1.1.1.1/dns-query
|
||||
- https://2606:4700:4700::1111/dns-query
|
||||
- https://2606:4700:4700::1001/dns-query
|
||||
proxy-dns-port: 5053
|
||||
proxy-dns-address: 0.0.0.0" > /etc/cloudflared/cloudflared.yml
|
||||
|
||||
echo "
|
||||
PRIVACYLEVEL=0
|
||||
IGNORE_LOCALHOST=no
|
||||
AAAA_QUERY_ANALYSIS=yes
|
||||
|
@ -1,9 +0,0 @@
|
||||
---
|
||||
title: "problems"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
---
|
||||
|
||||
Broken Xorg
|
||||
|
||||
> sudo X -configure
|
||||
|
@ -1,15 +0,0 @@
|
||||
---
|
||||
title: "basics"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
---
|
||||
|
||||
> cd /etc/yum.repos.d/
|
||||
|
||||
> vim public.yum*
|
||||
|
||||
These are branches of the same Oracle server.
|
||||
|
||||
The first - 'latest' - is enabled by default.
|
||||
|
||||
You can change 'enabled' from 0 to 1 for various repositories.
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "npm"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
tags: [ "Documentation", "Distros" ]
|
||||
---
|
||||
package.json is the basic configuration file.
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "yum"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
tags: [ "Documentation", "Distros" ]
|
||||
---
|
||||
# Overview
|
||||
|
||||
@ -22,5 +22,3 @@ Major features: reliable, shit package selection.
|
||||
|
||||
yum remove [package1] [package2]
|
||||
|
||||
|
||||
|
||||
|
@ -1,12 +0,0 @@
|
||||
---
|
||||
title: "http_server"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
---
|
||||
Nothing interesting.
|
||||
|
||||
1. Install
|
||||
2. Set a dns resolver in /etc/resolv.conf (`nameserver 1.1.1.1` works)
|
||||
3. Enable NetworkManager
|
||||
3. zypper install http-something php5 apache2
|
||||
4. vi /srv/www/htdocs/index.html
|
||||
5. Enable apache2
|
@ -1,13 +0,0 @@
|
||||
#!/bin/bash
|
||||
[ -z $1 ] && X=a || X=$1
|
||||
ls /dev/sd"$X"2 || exit 1
|
||||
mount /dev/sd"X"1 /mnt
|
||||
mkdir /mnt/boot
|
||||
|
||||
for dir in dev proc sys; do
|
||||
mkdir /mnt/$dir
|
||||
mount --rbind /$dir /mnt/$dir
|
||||
done
|
||||
|
||||
xbps-install -Sy -r /mnt base-system grub vim
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "lxc"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
tags: [ "Documentation", "Distros" ]
|
||||
---
|
||||
|
||||
LXC creates miniature virtual machines to play with.
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: "basics"
|
||||
title: "Void Linux Basics"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
---
|
||||
|
@ -1,20 +0,0 @@
|
||||
---
|
||||
title: "basics"
|
||||
tags: [ "Documentation", "hardware" ]
|
||||
---
|
||||
# Motherboard Information
|
||||
|
||||
> sudo dmidecode
|
||||
|
||||
Motherboard info, upgrading BIOS, memory capacity, LAN connections.
|
||||
|
||||
# Disks
|
||||
|
||||
View currently inserted disks:
|
||||
|
||||
lsblk
|
||||
|
||||
# CPU
|
||||
|
||||
> cat /proc/cpuinfo
|
||||
|
@ -1,27 +0,0 @@
|
||||
---
|
||||
title: "dns"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
---
|
||||
# Designate DNS
|
||||
|
||||
On Debian, a file might gain DNS services by adding the following to /etc/network/interfaces:
|
||||
|
||||
```
|
||||
|
||||
auto eth0
|
||||
iface eth0 inet static
|
||||
address 10.0.0.23
|
||||
netmast 255.255.255.0
|
||||
gateway 10.0.0.1
|
||||
dns-nameservers 208.67.222.222 208.67.220.220
|
||||
dns-search example.com
|
||||
|
||||
```
|
||||
|
||||
# URL Aliases
|
||||
|
||||
To change where hosts go, edit /etc/hostnames. You can enter, e.g.:
|
||||
|
||||
`54.239.25.200 www.amazon.com a`
|
||||
|
||||
... which then means simply the letter 'a' will lead you to amazon.com.
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "fail2ban"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
# SSH Daemon Jail
|
||||
|
||||
|
@ -1,5 +1,31 @@
|
||||
---
|
||||
title: "graph-easy"
|
||||
tags: [ "Documentation" ]
|
||||
---
|
||||
Set up a file like this, called `troubleshooting.txt`.
|
||||
|
||||
```
|
||||
[ Is there an IP address? ] -- no --> [ Check NIC driver, dmesg ]
|
||||
|
||||
[ Is there an IP address? ] -- yes --> [ Can you ping the router? ]
|
||||
|
||||
[ Can you ping the router? ] -- no --> [ Check cables, router, and switches ]
|
||||
|
||||
[ Can you ping the router? ] -- yes --> [ Can you ping a DNS address? ]
|
||||
|
||||
[ Can you ping a DNS address? ] -- no --> [ Trying pinging 8.8.8.8 ]
|
||||
|
||||
[ Can you ping a DNS address? ] -- yes --> [ Traceroute ]
|
||||
|
||||
```
|
||||
Then translate it with:
|
||||
|
||||
> graph-easy troubleshooting.txt --as boxart
|
||||
|
||||
```
|
||||
|
||||
┌────────────┐ ┌─────────────────────────┐ yes ┌────────────────────────────────────┐ yes ┌─────────────────────────────┐ yes ┌────────────┐
|
||||
│ no network │ ──> │ Is there an IP address? │ ─────> │ Can you ping the router? │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
|
||||
│ no Network │ ──> │ Is there an IP address? │ ─────> │ Can you ping the router? │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
|
||||
└────────────┘ └─────────────────────────┘ └────────────────────────────────────┘ └─────────────────────────────┘ └────────────┘
|
||||
│ │ │
|
||||
│ no │ no │ no
|
||||
@ -7,3 +33,18 @@
|
||||
┌─────────────────────────┐ ┌────────────────────────────────────┐ ┌─────────────────────────────┐
|
||||
│ Check NIC driver, dmesg │ │ Check cables, router, and switches │ │ Trying pinging 8.8.8.8 │
|
||||
└─────────────────────────┘ └────────────────────────────────────┘ └─────────────────────────────┘
|
||||
```
|
||||
Many options allow different displays.
|
||||
Try placing this in a file:
|
||||
|
||||
```
|
||||
[ One ] { fill: seagreen; color: white; } -- label --> [ Two ] { shape: triangle; }
|
||||
[ One ] => { arrow-style: closed; } [ Three ]
|
||||
[ Five ] { fill: maroon; color: yellow; } <=> [ Three ]
|
||||
[ One ] .. Test\n label ..> [ Four ]
|
||||
[ Three ] { border-style: dashed; }
|
||||
.. Test\n label ..> { arrow-style: closed; } [ Six ] { label: Sixty\n Six\nand\nsix; }
|
||||
[ Three ] <-- Test label --> { arrow-style: closed; } [ Six ]
|
||||
[ Eight ] .. [ None ] { shape: none; fill: red; color: brown; }
|
||||
[ no Network ] --> [ Is there an IP address? ]
|
||||
```
|
@ -1,12 +0,0 @@
|
||||
[ One ] { fill: seagreen; color: white; } -- label --> [ Two ] { shape: triangle; }
|
||||
[ One ] => { arrow-style: closed; } [ Three ]
|
||||
[ Five ] { fill: maroon; color: yellow; } <=> [ Three ]
|
||||
[ One ] .. Test\n label ..> [ Four ]
|
||||
[ Three ] { border-style: dashed; }
|
||||
.. Test\n label ..> { arrow-style: closed; } [ Six ] { label: Sixty\n Six\nand\nsix; }
|
||||
[ Seven ] -- [ Eight ]
|
||||
[ Five ] --> [ Eight ]
|
||||
[ Five ] --> [ Seven ]
|
||||
[ Two ] -> [ Four ]
|
||||
[ Three ] <-- Test label --> { arrow-style: closed; } [ Six ]
|
||||
[ Eight ] .. [ None ] { shape: none; fill: red; color: brown; }
|
@ -1,15 +0,0 @@
|
||||
[ no network ] --> [ Is there an IP address? ]
|
||||
|
||||
[ Is there an IP address? ] -- no --> [ Check NIC driver, dmesg ]
|
||||
|
||||
[ Is there an IP address? ] -- yes --> [ Can you ping the router? ]
|
||||
|
||||
[ Can you ping the router? ] -- no --> [ Check cables, router, and switches ]
|
||||
|
||||
[ Can you ping the router? ] -- yes --> [ Can you ping a DNS address? ]
|
||||
|
||||
[ Can you ping a DNS address? ] -- no --> [ Trying pinging 8.8.8.8 ]
|
||||
|
||||
[ Can you ping a DNS address? ] -- yes --> [ Traceroute ]
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "iptables"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
# Intro
|
||||
|
||||
@ -24,7 +24,7 @@ Let's 'A'dd, or 'A'ppend a rule with -A. Let's drop all input from a nearby IP
|
||||
|
||||
> iptables -A INPUT -s 192.168.0.23 -j DROP
|
||||
|
||||
Or we can block all input from a particular port on the full network.
|
||||
Or we can block all input from a particular port on the full Network.
|
||||
|
||||
> iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
|
||||
|
||||
@ -55,3 +55,26 @@ Flush all existing rules with:
|
||||
|
||||
> iptables -F
|
||||
|
||||
|
||||
# Examples
|
||||
|
||||
```
|
||||
# Allow all loopback (lo0) traffic and drop all traffic to 127/8
|
||||
# that doesn't use lo0
|
||||
iptables -A INPUT -i lo -j ACCEPT
|
||||
iptables -A OUTPUT -o lo -j ACCEPT
|
||||
iptables -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
|
||||
|
||||
# Allow established sessions to receive traffic
|
||||
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
|
||||
# Allow ICMP pings
|
||||
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
|
||||
|
||||
# Allow SSH remote
|
||||
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
# Reject all other inbound connections
|
||||
iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
|
||||
iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable
|
||||
```
|
||||
|
@ -1,19 +0,0 @@
|
||||
#!/bin/sh
|
||||
# Allow all loopback (lo0) traffic and drop all traffic to 127/8
|
||||
# that doesn't use lo0
|
||||
iptables -A INPUT -i lo -j ACCEPT
|
||||
iptables -A OUTPUT -o lo -j ACCEPT
|
||||
iptables -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
|
||||
|
||||
# Allow established sessions to receive traffic
|
||||
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
|
||||
# Allow ICMP pings
|
||||
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
|
||||
|
||||
# Allow SSH remote
|
||||
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
# Reject all other inbound connections
|
||||
iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
|
||||
iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable
|
@ -1,56 +0,0 @@
|
||||
---
|
||||
title: "iptables"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
---
|
||||
# Intro
|
||||
|
||||
This is a basic Linux firewall program.
|
||||
|
||||
Look at your firewalls:
|
||||
|
||||
> iptables -L
|
||||
|
||||
We see the output of input, output and forwarding rules.
|
||||
|
||||
# Forward
|
||||
|
||||
I don't need any forwarding, so I'm going to drop all forwarding:
|
||||
|
||||
> iptables -P FORWARD DROP
|
||||
|
||||
# Input
|
||||
|
||||
Let's 'A'dd, or 'A'ppend a rule with -A. Let's drop all input from a nearby IP
|
||||
|
||||
> iptables -A INPUT -s 192.168.0.23 -j DROP
|
||||
|
||||
Or we can block all input from a particular port on the full network.
|
||||
|
||||
> iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
|
||||
|
||||
> iptables -A INPUT --dport 80 -j ACCEPT
|
||||
|
||||
|
||||
This allows http traffic to an Apache web server over port 80.
|
||||
|
||||
However, rules are accepted in order - so a packet cannot be rejected and then accepted.
|
||||
|
||||
To delete rule 2 from the INPUT chain:
|
||||
|
||||
> iptables -D INPUT 3
|
||||
|
||||
Alternatively, you can 'I'nsert a rule at the start, rather than 'A'ppending it.
|
||||
|
||||
> iptables -I INPUT -s 192.168.0.13 DROP
|
||||
|
||||
# Catchalls
|
||||
|
||||
Catchall rules state that anything which is not permitted is forbidden. They must be allowed last.
|
||||
|
||||
# -Jurice-Diction
|
||||
|
||||
The -j flag accepts ACCEPT/REJECT/DROP. The last two are identical except that "REJECT" acknowledges the rejection.
|
||||
|
||||
Flush all existing rules with:
|
||||
|
||||
> iptables -F
|
File diff suppressed because it is too large
Load Diff
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "protocols"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
# Protocols
|
||||
|
||||
@ -16,7 +16,7 @@ tags: [ "Documentation", "networking" ]
|
||||
|
||||
## IPv4
|
||||
|
||||
Three address ranges pertain only to private networks, so no computer looks beyond the local router to resolve them:
|
||||
Three address ranges pertain only to private Networks, so no computer looks beyond the local router to resolve them:
|
||||
|
||||
10.0.0.0 to 10.255.255.255
|
||||
|
||||
@ -24,7 +24,7 @@ Three address ranges pertain only to private networks, so no computer looks beyo
|
||||
|
||||
192.168.0.0 to 192.168.255.255
|
||||
|
||||
In theory, networks should fall within one of 3 ranges, depending upon their first octet:
|
||||
In theory, Networks should fall within one of 3 ranges, depending upon their first octet:
|
||||
|
||||
Class A 1-127
|
||||
|
||||
@ -63,13 +63,13 @@ Add an interface to a device as so:
|
||||
|
||||
> sudo ip a add 192.168.0.15/255.255.255.0 dev eth1
|
||||
|
||||
See network interfaces available on Fedora with:
|
||||
See Network interfaces available on Fedora with:
|
||||
|
||||
> less /etc/sysconfig/network-scripts/ifcfg-enp2s0f0
|
||||
> less /etc/sysconfig/Network-scripts/ifcfg-enp2s0f0
|
||||
|
||||
or on Debian with:
|
||||
|
||||
> less /etc/network/interfaces
|
||||
> less /etc/Network/interfaces
|
||||
|
||||
Mostly, interfaces will receive automatic addresses from a DHCP server. If this hasn't happened for you, you can request a dhcp address with:
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "basics"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
title: "Networking"
|
||||
tags: [ "Documentation", "Networking", "ip" ]
|
||||
---
|
||||
# You
|
||||
|
||||
@ -53,12 +53,12 @@ The starting numbers tell you about the address. You just have to memorize the m
|
||||
|:---:|:---:|
|
||||
| 127.X | The computer's name for itself, for when you want to ssh into your own machine |
|
||||
| ::1/128 | Same thing, with ipv6 |
|
||||
| 192.168.X | A small network address, given by a DHCP server (possibly your router) |
|
||||
| 192.168.X | A small Network address, given by a DHCP server (possibly your router) |
|
||||
| 169.X | The interface to the internet wasn't given an ip address, so it's made up its own |
|
||||
|
||||
# `arp-scan`
|
||||
|
||||
Look around your local network with `arp-scan`.
|
||||
Look around your local Network with `arp-scan`.
|
||||
|
||||
> sudo arp-scan -l
|
||||
|
||||
@ -85,7 +85,7 @@ Mac addresses are easy to fake, so don't trust this output to keep you safe.
|
||||
|
||||
# `nmap`
|
||||
|
||||
Look around your entire network from 192.168.0.1 to 192.168.0.255:
|
||||
Look around your entire Network from 192.168.0.1 to 192.168.0.255:
|
||||
|
||||
> sudo nmap -F 192.168.0.1/24
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "nmap"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
|
||||
Example:
|
||||
|
56
networking/pi-hole-server.md
Normal file
56
networking/pi-hole-server.md
Normal file
@ -0,0 +1,56 @@
|
||||
---
|
||||
title: "pi-hole-server"
|
||||
tags: [ "Documentation", "Distros" ]
|
||||
---
|
||||
# Installation
|
||||
|
||||
## Arch
|
||||
|
||||
> yay -S pi-hole-server
|
||||
|
||||
> sudo systemctl enable --now pihole-FTL
|
||||
|
||||
> sudo systemctl disable --now systemd-resolved
|
||||
|
||||
> sudo rm -f /dev/shm/FTL-\*
|
||||
|
||||
## Debian
|
||||
|
||||
Debian has a long, boring setup.
|
||||
|
||||
> sudo apt-get install wget curl net-tools gamin lighttpd lighttpd-mod-deflate
|
||||
|
||||
> curl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=true sudo -E bash
|
||||
|
||||
# Setup
|
||||
|
||||
> sudo usermod -aG pihole $USER
|
||||
|
||||
Remove that google dns server.
|
||||
|
||||
> pihole -a setdns 9.9.9.9 1.0.0.1
|
||||
|
||||
Disable pihole password by setting a blank password.
|
||||
|
||||
> pihole -a -p
|
||||
|
||||
Get a new list of blocked domains, then reload:
|
||||
|
||||
> pihole -g -r
|
||||
|
||||
Every so often, run `pihole -g` again (perhaps put it in crontab).
|
||||
|
||||
## Check the Pihole
|
||||
|
||||
Observe the pihole's output while you ask it a question:
|
||||
|
||||
> pihole -t
|
||||
|
||||
Then ask the question from another computer:
|
||||
|
||||
> dig @[ pihole ip ] archlinux.org
|
||||
|
||||
## System-Wide Setup
|
||||
|
||||
To make the pihole work for the entire Network, enter your router and set the DNS server as nothing but your pihole.
|
||||
|
@ -1,30 +0,0 @@
|
||||
---
|
||||
title: "pihole"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
---
|
||||
View DNS traffic
|
||||
|
||||
> pihole -t
|
||||
|
||||
Change password
|
||||
|
||||
> pihole -a -p
|
||||
|
||||
Get new list of cancer
|
||||
|
||||
> pihole -g
|
||||
|
||||
Change upstream DNS
|
||||
|
||||
> sudo vim /etc/dnsmasq/01-pihole.conf
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
> sudo usermod -aG pihole $USER
|
||||
|
||||
> sudo systemctl stop systemd-resolved
|
||||
|
||||
> sudo rm -f /dev/shm/FTL-*
|
||||
|
||||
> pihole -g -r
|
||||
|
@ -1,9 +1,21 @@
|
||||
---
|
||||
title: "pip"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
|
||||
Searching does not work.
|
||||
|
||||
Install with:
|
||||
|
||||
> pip install [ package ]
|
||||
|
||||
Upgrade all packages
|
||||
|
||||
> pip freeze --local | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U
|
||||
|
||||
# Troubleshooting
|
||||
|
||||
You may need a python3 package.
|
||||
In this case, try:
|
||||
|
||||
> pip3 install [ package ]
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "rclone"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
The manpage's 'Synopsis' provides a fast reference.
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "screen"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
|
||||
start session: screen
|
||||
@ -46,8 +46,10 @@ Screens have a list of commands to send
|
||||
|
||||
------Example----------
|
||||
Start a new session with 'screen -S base' (which calls that session 'base'). Make a horizontal split with ^|, move into it with ^tab then create a new screen with ^c in that second split. The new screen can be named with ^A as 'music' before entering cmus. Next up, visualizations with vis in another screen. ^S makes a horizontal split and you can switch into that with ^tab to name is 'visualizations' and start vis. Switch back to the first screen and make another horizontal split and a screen in there with the name 'reading'. Inside reading you type ^? to get a list of useless screen commands. Reading can then be detatched with ^d and the horizontal split destroyed with ^X.
|
||||
Those visualizations should be larger, so we enlarge them with Ctrl+: to send the command resize 50 and :resize -h 100.
|
||||
Once done with reading, you can destroy it wil ^k then destroy the lot once done with ^\. Outside the screens entirely you can ensure complete death with 'killall screen'.
|
||||
|
||||
Those visualizations should be larger, so we enlarge them with Ctrl+: to send the command resize 50 and :resize -h 100.
|
||||
|
||||
Once done with reading, you can destroy it wil ^k then destroy the lot once done with ^\. Outside the screens entirely you can ensure complete death with 'killall screen'.
|
||||
|
||||
----------------------
|
||||
|
||||
|
@ -1,9 +1,9 @@
|
||||
---
|
||||
title: "agate"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
Make sure your dns is in order.
|
||||
My domain name is `belgradecats.tk`, so put your own in there.
|
||||
My domain name is `malinfreeborn.com`, so put your own in there.
|
||||
|
||||
Install agate by placing the binary somewhere or (on Arch):
|
||||
|
||||
@ -27,16 +27,19 @@ Make a service file.
|
||||
|
||||
> sudo vim /etc/systemd/system/multi-user.target.wants/agate.service
|
||||
|
||||
Start agate once to make the certificates.
|
||||
|
||||
> agate --content /usr/share/gemini/gemini --hostname malinfreeborn.com --lang en-GB
|
||||
|
||||
```
|
||||
[Unit]
|
||||
Description=agate
|
||||
After=network.target
|
||||
After=Network.target
|
||||
|
||||
[Service]
|
||||
User=gemini
|
||||
Type=simple
|
||||
ExecStart=/usr/bin/agate -s --content /usr/share/gemini/gemini --key /usr/share/gemini/certs/key.pem --cert /usr/share/gemini/certs/cert.pem --hostname belgradecats.tk --lang en-GB
|
||||
ExecStart=/usr/bin/agate --content /usr/share/gemini/gemini --hostname malinfreeborn.com --lang en-GB
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "sshfs"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
# Mount
|
||||
|
||||
|
@ -1,11 +1,11 @@
|
||||
---
|
||||
title: "tricks"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
title: "ssh tricks"
|
||||
tags: [ "Documentation", "Networking", "ssh", "tricks" ]
|
||||
---
|
||||
|
||||
Mount a remote filesystem locally with fuse-sshfs:
|
||||
|
||||
> sshfs ghost@192.168.0.10:/home/ghost /tmp/mnt
|
||||
> sshfs *user*@192.168.0.10:/home/*user* /tmp/mnt
|
||||
|
||||
Unmount with:
|
||||
|
||||
@ -17,5 +17,5 @@ Set it up on /etc/fstab with:
|
||||
|
||||
Make image backup of sda1 and sda2 from one machine and pass it through ssh to another.
|
||||
|
||||
> for i in {1,2};do sudo dd if=/dev/sda$i | ssh -C ghost@192.168.0.10 "dd of=/mnt/Biggie/Backup/winback-oct-\"$i\".img" status=progress; done
|
||||
> for i in {1,2};do sudo dd if=/dev/sda$i | ssh -C *user*@192.168.0.10 "dd of=/mnt/Backup/winback-oct-\"$i\".img" status=progress; done
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "tor"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
|
||||
# Get a hostname
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "transmission"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
# Torrench
|
||||
|
||||
|
@ -1,11 +1,11 @@
|
||||
---
|
||||
title: "troubleshooting"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
|
||||
# Do you have an IP?
|
||||
|
||||
If not, try checking out what your local networking interfaces are, then check if they have been picked up:
|
||||
If not, try checking out what your local Networking interfaces are, then check if they have been picked up:
|
||||
|
||||
> dmesg | grep eth0
|
||||
|
||||
@ -13,8 +13,7 @@ If not, try checking out what your local networking interfaces are, then check i
|
||||
|
||||
> netstat -l
|
||||
|
||||
... or maybe narrow it down to http:
|
||||
...or maybe narrow it down to http:
|
||||
|
||||
> netstat -l | grep http
|
||||
|
||||
|
||||
|
@ -1,9 +0,0 @@
|
||||
┌────────────┐ ┌─────────────────────────┐ yes ┌────────────────────────────────────┐ yes ┌─────────────────────────────┐ yes ┌────────────┐
|
||||
│ no network │ ──> │ Is there an IP address? │ ─────> │ Can you ping the router? │ ─────> │ Can you ping a DNS address? │ ─────> │ Traceroute │
|
||||
└────────────┘ └─────────────────────────┘ └────────────────────────────────────┘ └─────────────────────────────┘ └────────────┘
|
||||
│ │ │
|
||||
│ no │ no │ no
|
||||
∨ ∨ ∨
|
||||
┌─────────────────────────┐ ┌────────────────────────────────────┐ ┌─────────────────────────────┐
|
||||
│ Check NIC driver, dmesg │ │ Check cables, router, and switches │ │ Trying pinging 8.8.8.8 │
|
||||
└─────────────────────────┘ └────────────────────────────────────┘ └─────────────────────────────┘
|
@ -1,67 +0,0 @@
|
||||
---
|
||||
title: "unison"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
---
|
||||
|
||||
# Local Sync
|
||||
|
||||
unison Dir_A Dir_B
|
||||
|
||||
Accept defaults with:
|
||||
|
||||
> unison -auto Dir_A Dir_B
|
||||
|
||||
Ask no questions with:
|
||||
|
||||
> unison -batch Dir_A Dir_B
|
||||
|
||||
# Remote Sync
|
||||
|
||||
Sync the folders ~/LK on pi and localhost with:
|
||||
|
||||
> unison LK ssh://pi@192.168.0.13/LK
|
||||
|
||||
|
||||
#Back Script Example
|
||||
Make backup script 'rat' by entering the configurations in ~/.unison/rat.prf
|
||||
|
||||
```{r}
|
||||
# Where to synchronize from
|
||||
root=/home/roach-1/
|
||||
|
||||
root=ssh://ubuntu@10.0.3.76/
|
||||
|
||||
auto = true
|
||||
batch = true
|
||||
## for ssh arguments, add as so:
|
||||
#sshargs=-p 4792
|
||||
|
||||
## Directories to synchronize
|
||||
## a path such as 'Album 1' will not work - don't use quotes.
|
||||
path=box 1
|
||||
path=box 2
|
||||
path=house
|
||||
path=.vimrc
|
||||
path=.bashrc
|
||||
|
||||
ignore=Name temp.*
|
||||
ignore=Name *.swp
|
||||
|
||||
## Merging
|
||||
## This line handles the merge, but it's based on Emacs, which cannot run in a tty, but requires X.
|
||||
|
||||
diff = diff -u CURRENT2 CURRENT1 | perl -pe 's/^\+/>/; s/^\-/</'
|
||||
```
|
||||
|
||||
# Scheduled Backups
|
||||
|
||||
A full backup can be run with:
|
||||
|
||||
> unison rat.prf
|
||||
|
||||
And a crontab can be set with:
|
||||
|
||||
* */4 * * * /usr/bin/unison rat
|
||||
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "nginx"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
Install nginx:
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "wifi"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
# Netstat Stuff
|
||||
|
||||
@ -50,19 +50,21 @@ This tells you that your ESSID is 'Gandalf WajFaj', and the access point name is
|
||||
|
||||
> nmcli radio
|
||||
|
||||
You get an overview of your radio devices. You're told that eth0 deals with your ethernet and wlan0 deals with wifi. wlan0 is a file which represents your wifi device.
|
||||
You get an overview of your radio devices.
|
||||
You're told that eth0 deals with your ethernet and `wlan0` deals with wifi.
|
||||
`wlan0` is a file which represents your wifi device.
|
||||
|
||||
> nmcli wlan0 wifi rescan
|
||||
|
||||
> nmcli device wifi list
|
||||
|
||||
Now to connect.
|
||||
Now to connect.
|
||||
|
||||
> nmcli device wifi connect [SSID] [your password] [wifi password]
|
||||
|
||||
Alternatively, you can use
|
||||
Alternatively, you can use
|
||||
|
||||
> nmcli -ask device wifi connect [SSID]
|
||||
|
||||
And it'll ask for your password, so you're not typing it in in full view.
|
||||
And it'll ask for your password, so you're not typing it in in full view.
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "wireless"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
|
||||
# Check wifi's working
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "wpa_supplicant"
|
||||
tags: [ "Documentation", "networking" ]
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
|
||||
wpa_supplicant configurations are stored in /etc/wpa_supplicant/wpa_supplicant-wlan0 (or equivalent).
|
||||
@ -33,23 +33,23 @@ This has a number of commands to input. In order:
|
||||
|
||||
> scan_results
|
||||
|
||||
> add_network
|
||||
> add_Network
|
||||
|
||||
This outputs a network number, e.g. '3'. This is the new network you'll work with.
|
||||
This outputs a Network number, e.g. '3'. This is the new Network you'll work with.
|
||||
|
||||
> set_network 3 ssid "Kosachok Cafe"
|
||||
> set_Network 3 ssid "Kosachok Cafe"
|
||||
|
||||
> set_network 3 psk "Kosachok2019"
|
||||
> set_Network 3 psk "Kosachok2019"
|
||||
|
||||
OR
|
||||
|
||||
> set_network 3 key_mgmt NONE
|
||||
> set_Network 3 key_mgmt NONE
|
||||
|
||||
> enable_network 3
|
||||
> enable_Network 3
|
||||
|
||||
> save_config
|
||||
|
||||
... and possibly:
|
||||
...and possibly:
|
||||
|
||||
> sudo sv restart dhcpcd
|
||||
|
||||
@ -57,4 +57,3 @@ or maybe:
|
||||
|
||||
> dhcpd wlp3s0
|
||||
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "festival"
|
||||
tags: [ "Documentation", "sound" ]
|
||||
tags: [ "Documentation", "Sound" ]
|
||||
---
|
||||
# Basics
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "ffmpeg"
|
||||
tags: [ "Documentation", "sound" ]
|
||||
tags: [ "Documentation", "Sound" ]
|
||||
---
|
||||
# Basics
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "mpd"
|
||||
tags: [ "Documentation", "sound" ]
|
||||
tags: [ "Documentation", "Sound" ]
|
||||
---
|
||||
# Setup
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "ncmpcpp"
|
||||
tags: [ "Documentation", "sound" ]
|
||||
tags: [ "Documentation", "Sound" ]
|
||||
---
|
||||
|
||||
# Music Player Daemon
|
||||
|
@ -1,8 +1,9 @@
|
||||
---
|
||||
title: "basics"
|
||||
tags: [ "Documentation", "sound" ]
|
||||
tags: [ "Documentation", "Sound" ]
|
||||
---
|
||||
# Pulse
|
||||
|
||||
If you have pulse, use pulse.
|
||||
Check with `which pulseaudio`. No output means you need to use alsa (below).
|
||||
|
||||
@ -19,11 +20,11 @@ Find working outputs:
|
||||
Surround.5 seems best.
|
||||
|
||||
|
||||
# Find what sound settings exist
|
||||
# Find what Sound settings exist
|
||||
|
||||
amixer scontrols
|
||||
|
||||
# Change a sound setting
|
||||
# Change a Sound setting
|
||||
|
||||
> amixer set Master 5%-
|
||||
|
||||
@ -49,8 +50,8 @@ Start with:
|
||||
|
||||
> alsamixer
|
||||
|
||||
Then press `F6` to see available sound cards.
|
||||
If you find a sound card called 'PinePhone', then you can select an audio source there, and adjust with:
|
||||
Then press `F6` to see available Sound cards.
|
||||
If you find a Sound card called 'PinePhone', then you can select an audio source there, and adjust with:
|
||||
|
||||
> amixer -c PinePhone set 'Headphone' 50%
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "youtube-dl"
|
||||
tags: [ "Documentation", "sound" ]
|
||||
tags: [ "Documentation", "Sound" ]
|
||||
---
|
||||
> youtube-dl --write-auto-sub <URL>
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "X"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
X is a server which listens to requests for display.
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "android"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
# mtpfs
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "awk"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
# Basics
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "bash_tricks"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
# Automatic mp3 Tagging
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "character-encoding"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
Convert a text file from one encoding type to another with:
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "compression"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
# Tar
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "cronie"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
|
||||
Various services from cron exist, e.g.
|
||||
@ -9,7 +9,7 @@ Various services from cron exist, e.g.
|
||||
|
||||
start the cronie with
|
||||
|
||||
> sudo systemctl start cronie
|
||||
> sudo Systemctl start cronie
|
||||
|
||||
start a cron with
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "e-mail"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
# Terminology
|
||||
|
||||
|
@ -1,10 +1,10 @@
|
||||
---
|
||||
title: "editors"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
The system's default text editor can be defined within /etc/profile. It's given the variable `EDITOR`.
|
||||
The System's default text editor can be defined within /etc/profile. It's given the variable `EDITOR`.
|
||||
|
||||
Add these lines to /etc/profile:
|
||||
Add these lines to `/etc/profile.d/local.sh`:
|
||||
|
||||
```
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "elvish"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
# Setup
|
||||
To run a shell as non-root, the shell must be listed in /etc/shells.
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "kernel"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
Check which kernet modules are loaded into memory
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "logs"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
|
||||
# Basic
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "partitions"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
# FDisk Basics
|
||||
|
||||
@ -27,7 +27,7 @@ Note the asterisk marking the boot partition.
|
||||
|
||||
fdisk will not help with a GPT formatted drive. For this, use gdisk, which is mostly the same.
|
||||
|
||||
Now that we have a partition, we can make it into a filesystem. Most will use:
|
||||
Now that we have a partition, we can make it into a fileSystem. Most will use:
|
||||
|
||||
> sudo mkfs -t ext4 /dev/sdc1
|
||||
|
||||
@ -35,7 +35,7 @@ or if you're making a swap partition, you can use:
|
||||
|
||||
> sudo mkswap /dev/sdb2
|
||||
|
||||
or for the reiser filesystem, we can use:
|
||||
or for the reiser fileSystem, we can use:
|
||||
|
||||
> sudo mkreiserfs /dev/sdc2
|
||||
|
||||
@ -65,7 +65,7 @@ or divide things by inode - the thing which records where files are?
|
||||
|
||||
> df -i
|
||||
|
||||
Examine a filesystem with:
|
||||
Examine a fileSystem with:
|
||||
|
||||
> sudo dumpe2fs /dev/sda1 | less
|
||||
|
||||
@ -78,12 +78,12 @@ This will check sda1 every 30 boots. It can also be checked every month.
|
||||
|
||||
> sudo tune2fs -i 1m /dev/sda1
|
||||
|
||||
This thing can also make a new label for the system:
|
||||
This thing can also make a new label for the System:
|
||||
|
||||
> sudo tune2fs -L new_name /dev/sdb3
|
||||
|
||||
# Repair
|
||||
Start by unmounting the filesystem.
|
||||
Start by unmounting the fileSystem.
|
||||
|
||||
> sudo umount /dev/sdc1
|
||||
|
||||
@ -112,15 +112,15 @@ or if you don't know the type, just try the lot:
|
||||
# File Systems
|
||||
xfs and zfs can only be expanded.
|
||||
|
||||
# Shrink Filesystem
|
||||
# Shrink FileSystem
|
||||
|
||||
NB: When I followed these instructions, the process destroyed my data. Seemed fine on the YouTube video.
|
||||
|
||||
Check the filesystem's health:
|
||||
Check the fileSystem's health:
|
||||
|
||||
> sudo e2fsck -f /dev/sdb1
|
||||
|
||||
Resize the file system to something smaller than what you want, so here I want 500G and so I resize to 450 G.
|
||||
Resize the file System to something smaller than what you want, so here I want 500G and so I resize to 450 G.
|
||||
|
||||
> resize2fs /dev/sdb1 450G
|
||||
|
||||
@ -130,7 +130,7 @@ Then delete the partition with either gdisk or fdisk, depending upon the layout.
|
||||
|
||||
> d
|
||||
|
||||
Then make a new filesystem of the desired type with:
|
||||
Then make a new fileSystem of the desired type with:
|
||||
|
||||
> n
|
||||
|
||||
|
@ -1,12 +1,6 @@
|
||||
---
|
||||
title: "snaps"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System", "Ubuntu", "snap" ]
|
||||
---
|
||||
> sudo apt-get purge -y snapd
|
||||
|
||||
#Hiding from Nautilus
|
||||
|
||||
> echo snap >> ~/.hidden
|
||||
|
||||
Moving the directory ~/snap to ~/.snap acts as expected.
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "journal"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "systemd" ]
|
||||
---
|
||||
|
||||
Find errors since November
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "Making Services"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "systemd" ]
|
||||
---
|
||||
# Basics
|
||||
|
||||
|
@ -1,27 +0,0 @@
|
||||
---
|
||||
title: "users"
|
||||
tags: [ "Documentation", "system" ]
|
||||
---
|
||||
# Automatic Login
|
||||
|
||||
> cp /usr/lib/systemd/system/getty@.service /etc/systemd/system/getty1@.service
|
||||
|
||||
Modify the lines to look like these:
|
||||
|
||||
`ExecStart=-/sbin/agetty --autologin <username> --noclear %I 38400 linux`
|
||||
|
||||
`Type=oneshot`
|
||||
|
||||
`Restart=no`
|
||||
|
||||
In the `[Install]` section:
|
||||
|
||||
`Alias=getty.target.wants/getty@tty1.service`
|
||||
|
||||
Then enable the service:
|
||||
|
||||
> ln -sf /etc/systemd/system/getty1@.service /etc/systemd/system/getty.target.wants/getty@tty9.service
|
||||
|
||||
> systemctl start getty@tty9.service
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "tmux"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
Start with:
|
||||
|
||||
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
title: "upx"
|
||||
tags: [ "Documentation", "system" ]
|
||||
---
|
||||
upx compresses binaries, so they take up less disk space, but take longer to start.
|
||||
|
||||
Make a binary, such as ls, compressed:
|
||||
|
||||
> upx ls
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: "urxvt"
|
||||
tags: [ "Documentation", "system" ]
|
||||
tags: [ "Documentation", "System" ]
|
||||
---
|
||||
Perl scripts typically kept in /usr/lib/urxvt/perl
|
||||
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
title: "wine"
|
||||
tags: [ "Documentation", "system" ]
|
||||
---
|
||||
maybe run \n> sudo dpkg --add-architecture i386
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user