From e4beb16951bc87925d7b83e6a35f36d9aeec1f9c Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Tue, 27 Feb 2024 18:47:53 +0100 Subject: [PATCH 01/21] add over the wire games --- basics/games.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 basics/games.md diff --git a/basics/games.md b/basics/games.md new file mode 100644 index 0000000..b4a34f3 --- /dev/null +++ b/basics/games.md @@ -0,0 +1,4 @@ + +Games are a great way to learn bash. + +- [Over the Wire](https://overthewire.org/wargames) From ce3e10e442ea9a36296fcc24986020be40fa8652 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Wed, 28 Feb 2024 18:36:56 +0100 Subject: [PATCH 02/21] fix journal command --- system/systemd/journal.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/systemd/journal.md b/system/systemd/journal.md index 09ce55e..490e0de 100644 --- a/system/systemd/journal.md +++ b/system/systemd/journal.md @@ -2,8 +2,6 @@ title: "journal" tags: [ "Documentation", "systemd" ] --- -``` - Find errors since November ```bash @@ -14,3 +12,5 @@ Limit size to 2G. ```bash journalctl --vacuum-size=2G +``` + From b8a9fb3fbfa38df8124421364ad67d8d7c89c504 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Wed, 28 Feb 2024 18:45:21 +0100 Subject: [PATCH 03/21] more journalctl checks --- system/systemd/journal.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/system/systemd/journal.md b/system/systemd/journal.md index 490e0de..66cfbff 100644 --- a/system/systemd/journal.md +++ b/system/systemd/journal.md @@ -2,6 +2,20 @@ title: "journal" tags: [ "Documentation", "systemd" ] --- + +See a running log of all system messages: + + +```bash +journalctl -f +``` + +Or just one unit (`sshd`): + +```bash +journalctl -f -u sshd +``` + Find errors since November ```bash @@ -14,3 +28,11 @@ Limit size to 2G. journalctl --vacuum-size=2G ``` +Log the fact that you've installed your own `dnsmasq` on your system to `journalctl`, so that you can notice why your system's broken: + + +```bash +logger "Installed new dnsmasq" +sudo journalctl -f +``` + From 54a944454410be0a82504d0be430a69a1a2cb092 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Fri, 8 Mar 2024 23:29:28 +0100 Subject: [PATCH 04/21] split otr from profanity --- chat/profanity-otr.md | 57 +++++++++++++++++++++++++++++++++++++++++++ chat/profanity.md | 54 +++------------------------------------- 2 files changed, 60 insertions(+), 51 deletions(-) create mode 100644 chat/profanity-otr.md diff --git a/chat/profanity-otr.md b/chat/profanity-otr.md new file mode 100644 index 0000000..236254b --- /dev/null +++ b/chat/profanity-otr.md @@ -0,0 +1,57 @@ +--- +title: "profanity" +tags: [ "Documentation", "Chat", "OTR" ] +--- +# otr + +'Off The Record' encryption seems mostly dead to me. +But this is what I did, back in the day... + +Install libotr-dev or libotr5-dev or whatever.. + +``` +sudo apt -y install lib5otr-dev +``` + +Make your otr keys. + +``` +/otr gen +``` + +Then you can start an otr converstation. + +``` +/otr start bob@jobbies.org +``` + +Or if you already have a conversation windows open, switch to our using: + +``` +/otr +``` + +Finally, verify! + +``` +/otr question "Who are you?" bob +``` + +Bob is verified upon the answer, 'bob'. + +### OTR Finger Prints + +Get yours with + +``` +/otr myfp +``` + +``` +/otr theirfp +``` + +``` +/otr myfp +``` + diff --git a/chat/profanity.md b/chat/profanity.md index 951eba2..8e484e8 100644 --- a/chat/profanity.md +++ b/chat/profanity.md @@ -1,6 +1,6 @@ --- title: "profanity" -tags: [ "Documentation", "Chat" ] +tags: [ "Documentation", "Chat", "omemo" ] --- # Setup (Commands) @@ -140,54 +140,6 @@ You can ensure omemo automatcally turns on: ``` /omemo policy automatic ``` +--- -## otr - -Install libotr-dev or libotr5-dev or whatever.. - -``` -sudo apt -y install lib5otr-dev -``` - -Make your otr keys. - -``` -/otr gen -``` - -Then you can start an otr converstation. - -``` -/otr start bob@jobbies.org -``` - -Or if you already have a conversation windows open, switch to our using: - -``` -/otr -``` - -Finally, verify! - -``` -/otr question "Who are you?" bob -``` - -Bob is verified upon the answer, 'bob'. - -### OTR Finger Prints - -Get yours with - -``` -/otr myfp -``` - -``` -/otr theirfp -``` - -``` -/otr myfp -``` - +'OTR' encryption is mostly dead, but you can find the old instructions [here](profanity-otr). From 38bcdd15cc1038f6da02a2f2129b5a01af7d7358 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Fri, 22 Mar 2024 18:58:20 +0100 Subject: [PATCH 05/21] embiggen cron --- basics/cron.md | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/basics/cron.md b/basics/cron.md index 2983cab..8c66feb 100644 --- a/basics/cron.md +++ b/basics/cron.md @@ -14,20 +14,31 @@ Once installed, search for the service name, and start it. ```bash sudo systemctl list-unit-files | grep cron +sudo systemctl enable --now $NAME ``` +Make a file for your crontab, like this: + ```bash -sudo systemctl enable --now cron +echo '39 */3 * * * /usr/bin/updatedb' > "$USER".cron ``` -You can *e*dit your crontab with: +Then apply that crontab: ```bash -crontab -e +crontab "$USER".cron +rm "$USER".cron ``` +The `cron` program will check your syntax before adding the tab. +Your crontab file sits somewhere in `/var/spool/`. +Probably in `/var/spool/cron`. -> 39 */3 * * * /usr/bin/updatedb +Check how your tab currently looks: + +```bash +crontab -l +``` ## Syntax @@ -91,7 +102,7 @@ run-parts /etc/cron.hourly ### Variables Add your `$HOME` to crontab to use scripts. -First add `HOME=/home/user`, then you can use syntax like this: +First add `HOME=/home/$USER`, then you can use syntax like this: 0 * * * * $HOME/.scripts/myScript.sh @@ -100,7 +111,6 @@ First add `HOME=/home/user`, then you can use syntax like this: ```bash $HOME/.scripts/myScript.sh ``` - You can also add your regular path to your crontab as a variable (see example below). If you're using vim as the editor, just run this at the top of your crontab: @@ -131,5 +141,3 @@ PATH=/usr/condabin:/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/site_perl:/u 50 18 * * * /usr/bin/timeout 30m /usr/bin/syncthing ``` - - From f666ac3dc9848ac0ad58df0722bf1b57b4296d9c Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Sat, 6 Apr 2024 01:04:43 +0200 Subject: [PATCH 06/21] tree to markdown command --- basics/tree.md | 13 ++++++++++++- data/sqlite.md | 21 +++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 data/sqlite.md diff --git a/basics/tree.md b/basics/tree.md index 1aa08d3..910d67f 100644 --- a/basics/tree.md +++ b/basics/tree.md @@ -1,6 +1,6 @@ --- title: "tree" -tags: [ "basics" ] +tags: [ "basics", "tree", "markdown" ] --- The `tree` utility outputs a full listing of everything in your current directory, and those below. @@ -23,3 +23,14 @@ README.md ``` Each description-line starts with a tab. + +## Markdown Conversion + +To represent a file structure as a nested series of markdown lists, you can try this horrifying `sed` one-liner: + +```bash +tree -tf --dirsfirst --gitignore --noreport --charset ascii | \ + sed -e 's/| \+/ /g' \ + -e 's/[|`]-\+/ */g' \ + -e 's:\(* \)\(\(.*/\)\([^/]\+\)\):\1[\4](\2):g' +``` diff --git a/data/sqlite.md b/data/sqlite.md new file mode 100644 index 0000000..77d3eb7 --- /dev/null +++ b/data/sqlite.md @@ -0,0 +1,21 @@ +--- +title: "sqlite" +tags: [ "Documentation", "data" ] +--- + +Work with a database: + +```bash +sqlite3 "$FILE".sqlite3 +``` +Compress the database: + +```sqlite +pragma vacuum; +``` +Optimize the database: + +```sqlite +pragma optimize; +``` + From 5b3a12d6282e150c74d704ef7243a194a44a608d Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Sat, 6 Apr 2024 01:25:01 +0200 Subject: [PATCH 07/21] place git in dir --- data/{git.md => git/basics.md} | 0 data/{ => git}/git-lfs.md | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename data/{git.md => git/basics.md} (100%) rename data/{ => git}/git-lfs.md (100%) diff --git a/data/git.md b/data/git/basics.md similarity index 100% rename from data/git.md rename to data/git/basics.md diff --git a/data/git-lfs.md b/data/git/git-lfs.md similarity index 100% rename from data/git-lfs.md rename to data/git/git-lfs.md From 72d624ec95f00e0ecfccb1f37dabf52b9b270d7b Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Sat, 6 Apr 2024 02:00:09 +0200 Subject: [PATCH 08/21] write git hooks --- data/git/hooks.md | 29 +++++++++++++++++++++++++++++ new.sh | 2 +- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 data/git/hooks.md diff --git a/data/git/hooks.md b/data/git/hooks.md new file mode 100644 index 0000000..652b61c --- /dev/null +++ b/data/git/hooks.md @@ -0,0 +1,29 @@ +--- +title: "git hooks" +tags: [ "Documentation", "data", "git" ] +--- + +Check out the sample hooks: + +```bash +cd $GIT_REPO +ls .git/hooks +head .git/hooks/pre-commit.sample +``` + +Add a hook to check the shell scripts in `$GIT_REPO` before making a commit: + +```bash +echo '#!/bin/sh +shellcheck *.sh' > .git/hooks/commit-msg +chmod u+x .git/hooks/commit-msg +``` + +## Committing + +Your `git hooks` will not enter the repository, but you can commit them to a repository, then request others add these git hooks to their own branch, by putting a note in the project's `README.md`. + +```markdown +The project comes with recommended git hooks. +You can activate the hooks with `git config core.hooksPath hooks`. +``` diff --git a/new.sh b/new.sh index f9227bb..f9985a8 100755 --- a/new.sh +++ b/new.sh @@ -14,7 +14,7 @@ filePath="$category/$(echo $name | sed 's/ /_/g').md" tagsList="$(echo \"$category | sed 's#\/#", "#g')\"" -[ -e "$filePath" ] && $EDITOR $filePath && exit 0 +[ -e "$filePath" ] && $EDITOR "$filePath" && exit 0 echo "--- title: \"$name\" From e0e403fc96efd3f6d6f259c7ab7fcd4ecdde3ac6 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Sun, 7 Apr 2024 11:52:24 +0200 Subject: [PATCH 09/21] write eval --- basics/eval.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 basics/eval.md diff --git a/basics/eval.md b/basics/eval.md new file mode 100644 index 0000000..0f3fdd9 --- /dev/null +++ b/basics/eval.md @@ -0,0 +1,22 @@ +--- +title: "eval" +tags: [ "basics" ] +--- + +Compose a statement for execution. + +```bash +x='echo $y' +echo $x +y=dragon +eval "$x" +``` + +The results remain in the current shell, unlike sub-shells. + +```bash +b=basilisk +sh -c 'echo $b' +eval "g=goblin" +echo $g +``` From 09f3afa35b9a6711a3968ed21fedc351e37c6c28 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Sun, 7 Apr 2024 12:38:33 +0200 Subject: [PATCH 10/21] edit radicale --- data/radicale.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/data/radicale.md b/data/radicale.md index d6586ed..2f5ab64 100644 --- a/data/radicale.md +++ b/data/radicale.md @@ -29,11 +29,10 @@ Edit `/etc/radicale/config`, changing the `[auth]` section from this: ...to this: ``` -#type = htpasswd +type = htpasswd ``` -If the service is started, restart it to make sure nobody can sign in without a password. - +Make sure the service is off, as people may be able to sign in without a password at this point. Next, find the `htpasswd` program. You might get it in the `apache` package or similar. @@ -41,7 +40,7 @@ You might get it in the `apache` package or similar. `htpasswd` allows you to generate passwords for users, and place them in `/etc/radicale/users`. ```bash -PASS="$(xkcdpass) +PASS="$(xkcdpass)" htpasswd -nb $USER "$PASS" | sudo tee -a /etc/radicale/users echo "Your username is $USER" echo "Your password is $PASS" @@ -96,14 +95,12 @@ Finally, replace the example `DOMAIN` with your actual domain name. ```bash DOMAIN=whatever.com sudo sed -i "s/DOMAIN/$DOMAIN/g" /etc/nginx/sites-available/radicale - ``` (optional: replace that `cal.` prefix with anything else) Check nginx is happy: - ```bash sudo nginx -t ``` @@ -115,7 +112,6 @@ sudo certbod -d cal.$DOMAIN Start or restart both services: - ```bash sudo systemctl start radicale sudo systemctl restart nginx @@ -123,4 +119,4 @@ sudo systemctl restart nginx You should now be able to log into your calendar, and add it to a phone. -NB: you don't need the port number. +**NB:** you don't need the port number. From 531cb8da3d7914fbf822ef955e51acafeea19969 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Sun, 7 Apr 2024 18:20:42 +0200 Subject: [PATCH 11/21] note vim-gnupg --- data/gpg.md | 141 +-------------------------------------------- data/gpg/basics.md | 141 +++++++++++++++++++++++++++++++++++++++++++++ data/gpg/extras.md | 10 ++++ 3 files changed, 154 insertions(+), 138 deletions(-) create mode 100644 data/gpg/basics.md create mode 100644 data/gpg/extras.md diff --git a/data/gpg.md b/data/gpg.md index 4402f79..b00a719 100644 --- a/data/gpg.md +++ b/data/gpg.md @@ -1,142 +1,7 @@ --- title: "gpg" -tags: [ "Documentation", "data" ] +tags: [ "Documentation", "data", "GPG" ] --- -# Making keys - -Generate keys: - -```bash -gpg --gen-key -``` - -Follow the guide. - -# Encrypting a file - -```bash -gpg -r malinfreeborn@posteo.net -e file -``` - -`-r` specifies the recipient. - -Check you have an encrypted version of your file. - -# Changing Expiration Dates - -gpg --list-keys - -... and then use the second part of 'pub', which is the ID. But that's not appearing here so... on with gpg2? - -# Making encrypted files with a local password - -Make a password with a password (cypher encryption). - -```bash -gpg -c --output passwords.txt -``` - -or - -```bash -gpg -c > passwords.txt -``` - -Put in a password. - -Write message then stop with Ctrl+d. - -Get the message back out the file with: - -```bash -gpg -d passwords.txt -``` - -# Circles of Trust - -Search for a key at any key store: - -```bash -gpg --search-keys nestorv -``` - -Once you've made a decision about someone: - -```bash -gpg --list-keys -``` - -You get something like this: - -``` -pub rsa3072 2021-08-15 [SC] [expires: 2023-08-15] - CD30421FD825696BD95F1FF644C62C57B790D3CF -uid [ultimate] Malin Freeborn -sub rsa3072 2021-08-15 [E] [expires: 2023-08-15] - -``` - -Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is. -This is a fingerprint. - -You can now decide the trust level (this stays on your computer). - -```bash -gpg --edit-key CD30421FD825696BD95F1FF644C62C57B790D3CF -``` - -Once you're in the interface, type `trust`. - -```bash -gpg --sign-key alice@posteo.net -``` - -# Swapping Keys - -This system relies on a ring of people swapping key information. - -## Sending - -Send those trusted keys up to a server, so people can see you have verified them: - -```bash -gpg --send-keys 024C6B1C84449BD1CB4DF7A152295D2377F4D70F -``` - -## Upload Your Keys - -## Add More Key Servers - -Key servers often swap keys, but it's best to just send to multiple places immediately. -You can add key servers by adding this to `~/.gnupg/gpg.conf`. - -``` -keyserver hkps://keys.openpgp.org -keyserver hkps://mail-api.proton.me -keyserver hkps://keys.mailvelope.com -``` - -# Refresh Keys - -Refreshing keys will tell you if some key you have contains a signature from someone you already trust, or if someone has published a revocation certificate (meaning their key should not be trusted any more). - -```bash -gpg --refresh-keys -``` - -You can use the [crontab](../basics/cron.md) to refresh keys. - -# Export - -Your public key: - -```bash -gpg --output me.gpg --armor --export -``` - -or - -```bash -gpg --export -a person@email.tld > my_key.pub -``` +- [Setup](gpg/basics.md) +- [Extras](gpg/extras.md) diff --git a/data/gpg/basics.md b/data/gpg/basics.md new file mode 100644 index 0000000..4e5db11 --- /dev/null +++ b/data/gpg/basics.md @@ -0,0 +1,141 @@ +--- +title: "GPG Basics" +tags: [ "Documentation", "data", "GPG" ] +--- +# Making keys + +Generate keys: + +```bash +gpg --gen-key +``` + +Follow the guide. + +# Encrypting a file + +```bash +gpg -r malinfreeborn@posteo.net -e file +``` + +`-r` specifies the recipient. + +Check you have an encrypted version of your file. + +# Changing Expiration Dates + +gpg --list-keys + +... and then use the second part of 'pub', which is the ID. But that's not appearing here so... on with gpg2? + +# Making encrypted files with a local password + +Make a password with a password (cypher encryption). + +```bash +gpg -c --output passwords.txt +``` + +or + +```bash +gpg -c > passwords.txt +``` + +Put in a password. + +Write message then stop with Ctrl+d. + +Get the message back out the file with: + +```bash +gpg -d passwords.txt +``` + +# Circles of Trust + +Search for a key at any key store: + +```bash +gpg --search-keys nestorv +``` + +Once you've made a decision about someone: + +```bash +gpg --list-keys +``` + +You get something like this: + +``` +pub rsa3072 2021-08-15 [SC] [expires: 2023-08-15] + CD30421FD825696BD95F1FF644C62C57B790D3CF +uid [ultimate] Malin Freeborn +sub rsa3072 2021-08-15 [E] [expires: 2023-08-15] + +``` + +Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is. +This is a fingerprint. + +You can now decide the trust level (this stays on your computer). + +```bash +gpg --edit-key CD30421FD825696BD95F1FF644C62C57B790D3CF +``` + +Once you're in the interface, type `trust`. + +```bash +gpg --sign-key alice@posteo.net +``` + +# Swapping Keys + +This system relies on a ring of people swapping key information. + +## Sending + +Send those trusted keys up to a server, so people can see you have verified them: + +```bash +gpg --send-keys 024C6B1C84449BD1CB4DF7A152295D2377F4D70F +``` + +## Upload Your Keys + +## Add More Key Servers + +Key servers often swap keys, but it's best to just send to multiple places immediately. +You can add key servers by adding this to `~/.gnupg/gpg.conf`. + +``` +keyserver hkps://keys.openpgp.org +keyserver hkps://mail-api.proton.me +keyserver hkps://keys.mailvelope.com +``` + +# Refresh Keys + +Refreshing keys will tell you if some key you have contains a signature from someone you already trust, or if someone has published a revocation certificate (meaning their key should not be trusted any more). + +```bash +gpg --refresh-keys +``` + +You can use the [crontab](../basics/cron.md) to refresh keys. + +# Export + +Your public key: + +```bash +gpg --output me.gpg --armor --export +``` +Alternatively: + +```bash +gpg --export -a person@email.tld > my_key.pub +``` + diff --git a/data/gpg/extras.md b/data/gpg/extras.md new file mode 100644 index 0000000..47980b7 --- /dev/null +++ b/data/gpg/extras.md @@ -0,0 +1,10 @@ +--- +title: "gpg" +tags: [ "Documentation", "vim", "data", "GPG" ] +--- + +The `vim-gnupg` plugin lets vim edit gpg-encrypted files as if they were unencrypted. + +It's probably in your package manager. +If not, you'll need to endure the faff of following the [instructions](http://www.vim.org/scripts/script.php?script_id=3645). + From 55d5862b10adaafbaf0ec7bd2cf601a1025ad8e6 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Wed, 10 Apr 2024 23:42:21 +0200 Subject: [PATCH 12/21] note making easy pdfs --- README.md | 6 +++--- vision/lowdown.md | 21 +++++++++++++++++++++ 2 files changed, 24 insertions(+), 3 deletions(-) create mode 100644 vision/lowdown.md diff --git a/README.md b/README.md index 123a04d..00745fc 100644 --- a/README.md +++ b/README.md @@ -61,9 +61,9 @@ How to see which websites you're actively accessing: ss -tr dst :$PORT ` ` ` -> State Recv-Q Send-Q Local Address:Port Peer Address:Port Process -> ESTAB 0 0 192.168.0.14:42476 149.154.167.91:https -> ESTAB 0 0 192.168.0.14:43644 104.17.90.199:https +> State Recv-Q Send-Q Local Address:Port Peer Address:Port Process +> ESTAB 0 0 192.168.0.14:42476 149.154.167.91:https +> ESTAB 0 0 192.168.0.14:43644 104.17.90.199:https ``` diff --git a/vision/lowdown.md b/vision/lowdown.md new file mode 100644 index 0000000..44d64b8 --- /dev/null +++ b/vision/lowdown.md @@ -0,0 +1,21 @@ +--- +title: "Markdown to PDF" +tags: [ "Documentation", "Markdown", "PDF", "Vision" ] +--- + +Turn a markdown file into a pdf: + +```bash +lowdown -stms "$FILE".md | pdfroff -itk -mspdf > "$FILE".pdf +``` + +To give the document a title, put that title in the metadata: + +```bash +sed -i "1 i---" "$FILE".md +sed -i "1 ititle: $TITLE" "$FILE".md +sed -i "1 i---" "$FILE".md +lowdown -L "$FILE".md +lowdown -X title "$FILE".md +lowdown -stms "$FILE".md | pdfroff -itk -mspdf > "$FILE".pdf +``` From 2ab863d88fb7fb17be3a6131988d6428bfec71bd Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Fri, 19 Apr 2024 17:27:08 +0200 Subject: [PATCH 13/21] more games --- basics/games.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/basics/games.md b/basics/games.md index b4a34f3..c0b3c64 100644 --- a/basics/games.md +++ b/basics/games.md @@ -1,4 +1,11 @@ +--- +title: "bash games" +tags: [ "Documentation", "Games" ] +--- Games are a great way to learn bash. -- [Over the Wire](https://overthewire.org/wargames) +- `mapscii.me` is an interactive terminal map. + 1. Install telnet. + 1. `telnet mapscii.me` +- [Over the Wire](https://overthewire.org/wargames) teaches bash with small challenging you can do over `ssh`. From fc085dbb1ee7738a32a4cbe1ff084f98c50cb5fc Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Fri, 19 Apr 2024 17:28:37 +0200 Subject: [PATCH 14/21] formatting --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 00745fc..65b2eca 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,8 @@ The chronology should never branch. If `gitea` can use three different types of database, the documentation should simply pick one and continue instructions from there. Repetition works better than a reference - if a database requires three commands to set up, it's better to repeat those three commands for every program that requires a database than to just link to another file which discusses databases. +--- + ### Closing Introductory documents should show anything required to cleanly uninstall a program, without leaving bulky configuration files behind. @@ -52,6 +54,8 @@ Non-commands (e.g. output) should be shown as quoted text: > Mail kn > Projects music +--- + # Example ``` From ae1e0ad726eddeb3d65b91a9227fa1ae042cd114 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Tue, 30 Apr 2024 16:28:50 +0200 Subject: [PATCH 15/21] remove old scripts --- distros/arch/scripts/archpi.sh | 57 ------------------- distros/arch/scripts/gitea_install.sh | 9 --- distros/arch/scripts/pihole.sh | 79 --------------------------- distros/arch/scripts/steam.sh | 8 --- distros/arch/scripts/yay.sh | 10 ---- 5 files changed, 163 deletions(-) delete mode 100644 distros/arch/scripts/archpi.sh delete mode 100644 distros/arch/scripts/gitea_install.sh delete mode 100644 distros/arch/scripts/pihole.sh delete mode 100644 distros/arch/scripts/steam.sh delete mode 100644 distros/arch/scripts/yay.sh diff --git a/distros/arch/scripts/archpi.sh b/distros/arch/scripts/archpi.sh deleted file mode 100644 index 8e645b8..0000000 --- a/distros/arch/scripts/archpi.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -# https://www.unixmen.com/install-arch-linux-raspberry-pi/ - -pacman-key --init || echo init fail >> log -pacman-key --populate archlinuxarm || echo update fail >> log -pacman -Syyuu || echo update fail >> log - -sed -i s/#en_GB.UTF-8 UTF-8/en_GB.UTF-8 UTF-8/ /etc/locale.gen - -echo 'LANG=en_GB.UTF-8' >> /etc/locale.conf - -locale-gen - -pacman -S base-devel htop ranger tmux lolcat fortune-mod git figlet rxvt-unicode task timew calcurse fail2ban -# texlive-most -if [[ $2 == all || $1 == all ]]; then - pacman -S nnn feh dmenu rofi xf86-video-fbdev xorg xorg-xinit xorg-server xorg-server-utils xterm -fi - -# Audio -echo 'dtparam=audio=on' >> /boot/config.txt - -if [[ $1 == audio ]]; then - pacman -S alsa-utils alsa-firmware alsa-lib alsa-plugins -fi - -echo 'device_tree_param=spi=on' >> /boot/config.txt - -# for a vnc viewer -if [[ $1 == vnc ]]; then - tigervnc gcc geany i3 i3status compton feh sxiv rxvt-unicode -fi - -# Swap - -cd /var/cache/swap - -dd if=/dev/zero of=swapfile bs=1K count=2M - -chmod 600 swapfile - -mkswap swapfile - -swapon swapfile - -echo "/var/cache/swap/swapfile none swap sw 0 0" > /etc/fstab - -# fail2ban - -[ -e sshd.local ] && \ -pacman -S fail2ban && \ -mv sshd.local /etc/fail2ban/jail.d && \ -systemctl start fail2ban - -# If it won't reboot, install `arch-install-scripts` then try again and firstly: -# genfstab / > /etc/fstab diff --git a/distros/arch/scripts/gitea_install.sh b/distros/arch/scripts/gitea_install.sh deleted file mode 100644 index 36e70eb..0000000 --- a/distros/arch/scripts/gitea_install.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -pacman -S gitea postgresql -sudo su postgres -c 'initdb -D /var/lib/postgres/data' -sudo systemctl start postgresql -sudo su postgres -c 'createuser -P gitea' -sudo su postgres -c 'createdb -O gitea gitea' -sudo sed -i 's/mysql/postgres/' /etc/gitea/app.ini -sudo sed -i 's/root/gitea/' /etc/gitea/app.ini -sudo systemctl start gitea diff --git a/distros/arch/scripts/pihole.sh b/distros/arch/scripts/pihole.sh deleted file mode 100644 index ddb3570..0000000 --- a/distros/arch/scripts/pihole.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash - -set -e - -yay -S pi-hole-ftl pi-hole-server - -# Configuration in /etc/pihole/pihole-FTL.db -# You can change DBINTERVAL to 60 or more to limit writes to disk - -sudo systemctl disable --now systemd-resolved -sudo systemctl enable --now pihole-FTL -pihole -g -pihole -c - -if [ "$1" == "unbound" ]; then - -sudo pacman -S unbound - -sudo cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.old - -echo "server: - # If no logfile is specified, syslog is used - # logfile: "/var/log/unbound/unbound.log" - verbosity: 0 - - interface: 127.0.0.1 - port: 5335 - do-ip4: yes - do-udp: yes - do-tcp: yes - - # May be set to yes if you have IPv6 connectivity - do-ip6: no - - # You want to leave this to no unless you have *native* IPv6. With 6to4 and - # Terredo tunnels your web browser should favor IPv4 for the same reasons - prefer-ip6: no - - # Use this only when you downloaded the list of primary root servers! - # If you use the default dns-root-data package, unbound will find it automatically - #root-hints: "/var/lib/unbound/root.hints" - - # Trust glue only if it is within the server's authority - harden-glue: yes - - # Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS - harden-dnssec-stripped: yes - - # Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes - # see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details - use-caps-for-id: no - - # Reduce EDNS reassembly buffer size. - # Suggested by the unbound man page to reduce fragmentation reassembly problems - edns-buffer-size: 1472 - - # Perform prefetching of close to expired message cache entries - # This only applies to domains that have been frequently queried - prefetch: yes - - # One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1. - num-threads: 1 - - # Ensure kernel buffer is large enough to not lose messages in traffic spikes - so-rcvbuf: 1m - - # Ensure privacy of local IP ranges - private-address: 192.168.0.0/16 - private-address: 169.254.0.0/16 - private-address: 172.16.0.0/12 - private-address: 10.0.0.0/8 - private-address: fd00::/8 - private-address: fe80::/10 -" | sudo tee /etc/unbound.conf - - echo "Make this the only pihole DNS: PIHOLE_DNS_1=127.0.0.1 in /etc/pihole/setupVars.conf" - -fi - diff --git a/distros/arch/scripts/steam.sh b/distros/arch/scripts/steam.sh deleted file mode 100644 index 99f2789..0000000 --- a/distros/arch/scripts/steam.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo - -flatpak --user install flathub com.valvesoftware.Steam - -flatpak run com.valvesoftware.Steam - diff --git a/distros/arch/scripts/yay.sh b/distros/arch/scripts/yay.sh deleted file mode 100644 index d11b2ec..0000000 --- a/distros/arch/scripts/yay.sh +++ /dev/null @@ -1,10 +0,0 @@ -git clone https://aur.archlinux.org/yay.git - -cd yay - -makepkg -si - -yay -S perl-graph-easy signal-desktop sc-im ncpamixer xdg-utils-mimeo torrench - -yay -S ttf-tengwar-annatar - From d4ca81c2ae70cb2ea836e0014401e79e498a78ab Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Tue, 30 Apr 2024 16:44:38 +0200 Subject: [PATCH 16/21] note monitoring basics --- system/monitoring.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 system/monitoring.md diff --git a/system/monitoring.md b/system/monitoring.md new file mode 100644 index 0000000..b43be36 --- /dev/null +++ b/system/monitoring.md @@ -0,0 +1,24 @@ +--- +title: "Monitoring" +tags: [ "Documentation", "System", "CPU", "Memory" ] +--- + +Print the average CPU load over 1 minute, 5 minutes, and 15 minutes: + +```bash +watch -d cat /proc/loadavg +stress="$(cat /proc/loadavg | awk '{print "Usage:" $2"%"}')" +``` + +Show memory usage in Gibitytes. + +```bash +free -g +``` +Show low and high gigibtye usage on a *l*ine, and repeat the measurement every 5 seconds: + +```bash +REP=5 +free --lohi -g -s $REP | lolcat +``` + From 51e489a8e3ee0b6747b2578640bd865a4e9b9809 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Mon, 13 May 2024 20:15:28 +0200 Subject: [PATCH 17/21] note sharding secrets --- data/sharing_secrest.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 data/sharing_secrest.md diff --git a/data/sharing_secrest.md b/data/sharing_secrest.md new file mode 100644 index 0000000..78439b0 --- /dev/null +++ b/data/sharing_secrest.md @@ -0,0 +1,23 @@ +--- +title: "Sharing Secrets" +tags: [ "data", "death", "secrets", "ssss" ] +--- + +You can share parts of a secret with multiple people, so only some of them need to agree to see the secret. + +Install `ssss`, then decide on the total number of secrets (`N`), and the threshold of people who must share their shard of the secret in order to reveal the secret. + +```bash +N=5 +T=3 +FILE=secret.txt +fortune | ssss-split -t $T -n $N > $FILE +``` +Each shard is a line inside secret.txt. + +Check it's working: + +```bash +head -n $T $FILE | ssss-combine -t $T +tail -n $T $FILE | ssss-combine -t $T +``` From a710375f82eb890b1c3397e61bdfcbc9e98bcd84 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Mon, 13 May 2024 22:17:24 +0200 Subject: [PATCH 18/21] rename grapheasy network-graph --- networking/graph-easy.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/networking/graph-easy.md b/networking/graph-easy.md index 3b4a7d1..d2798f0 100644 --- a/networking/graph-easy.md +++ b/networking/graph-easy.md @@ -1,6 +1,6 @@ --- -title: "graph-easy" -tags: [ "Documentation" ] +title: "Easy Network Graph" +tags: [ "Documentation", "Networking" ] --- Set up a file like this, called `troubleshooting.txt`. From df53667f91c4674dadc2daf5bfb5ccb96498a18f Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Tue, 14 May 2024 18:32:28 +0200 Subject: [PATCH 19/21] typo --- ...{sharing_secrest.md => sharing_secrets.md} | 0 networking/pip.md | 27 ------------------- 2 files changed, 27 deletions(-) rename data/{sharing_secrest.md => sharing_secrets.md} (100%) delete mode 100644 networking/pip.md diff --git a/data/sharing_secrest.md b/data/sharing_secrets.md similarity index 100% rename from data/sharing_secrest.md rename to data/sharing_secrets.md diff --git a/networking/pip.md b/networking/pip.md deleted file mode 100644 index d7d4862..0000000 --- a/networking/pip.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: "pip" -tags: [ "Documentation", "Networking" ] ---- -``` - -Searching does not work. - -Install with: - -```bash -pip install [ package ] -``` - -Upgrade all packages - -```bash -pip freeze --local | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U -``` - -# Troubleshooting - -You may need a python3 package. -In this case, try: - -```bash -pip3 install [ package ] From 60c5cd829e1503c9f1f6219a6ecc3fbf2fd7cb00 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Sun, 26 May 2024 16:00:18 +0200 Subject: [PATCH 20/21] rename void locale --- distros/void/locale.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/distros/void/locale.md b/distros/void/locale.md index a3fe25c..b11c43c 100644 --- a/distros/void/locale.md +++ b/distros/void/locale.md @@ -1,6 +1,6 @@ --- -title: "locales" -tags: [ "void" ] +title: "Void locale" +tags: [ "void", "locale" ] --- Check the current locales: From 6d44a44d0d6553af4c0efd7572356b544f505863 Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Wed, 29 May 2024 17:09:10 +0200 Subject: [PATCH 21/21] expand making torrents --- networking/transmission.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/networking/transmission.md b/networking/transmission.md index 25e9e45..07a7b4a 100644 --- a/networking/transmission.md +++ b/networking/transmission.md @@ -136,3 +136,32 @@ Without the `--anonymize` flag, the torrent file output will have a 'created by' - udp://explodie.org:6969/announce - https://tracker.gbitt.info:443/announce - http://tracker.gbitt.info:80/announce + +## Verify + +Add your torrent and notes its number: + +```bash +transmission-remote -a "$file".torrent +transmission-remote -l +transmission-remote -t "$number" -i +``` + +The information in the last command shows that it's not verified, so you can verify with `-v`. + +```bash +transmission-remote -t "$number" -v +``` + +If transmission cannot find it, then tell it where to find the torrent: + +```bash +transmission-remote -t "$number" --find "$(pwd)" +``` +...and of course, make sure the permissions allow transmission to see the target. + + +```bash +ls -ld "$file" +``` +