Merge branch 'master' into vhs
This commit is contained in:
commit
a6907d7a91
@ -26,6 +26,8 @@ The chronology should never branch.
|
||||
If `gitea` can use three different types of database, the documentation should simply pick one and continue instructions from there.
|
||||
Repetition works better than a reference - if a database requires three commands to set up, it's better to repeat those three commands for every program that requires a database than to just link to another file which discusses databases.
|
||||
|
||||
---
|
||||
|
||||
### Closing
|
||||
|
||||
Introductory documents should show anything required to cleanly uninstall a program, without leaving bulky configuration files behind.
|
||||
@ -52,6 +54,8 @@ Non-commands (e.g. output) should be shown as quoted text:
|
||||
> Mail kn
|
||||
> Projects music
|
||||
|
||||
---
|
||||
|
||||
# Example
|
||||
|
||||
```
|
||||
|
@ -14,20 +14,31 @@ Once installed, search for the service name, and start it.
|
||||
|
||||
```bash
|
||||
sudo systemctl list-unit-files | grep cron
|
||||
sudo systemctl enable --now $NAME
|
||||
```
|
||||
|
||||
Make a file for your crontab, like this:
|
||||
|
||||
```bash
|
||||
sudo systemctl enable --now cron
|
||||
echo '39 */3 * * * /usr/bin/updatedb' > "$USER".cron
|
||||
```
|
||||
|
||||
You can *e*dit your crontab with:
|
||||
Then apply that crontab:
|
||||
|
||||
```bash
|
||||
crontab -e
|
||||
crontab "$USER".cron
|
||||
rm "$USER".cron
|
||||
```
|
||||
The `cron` program will check your syntax before adding the tab.
|
||||
|
||||
Your crontab file sits somewhere in `/var/spool/`.
|
||||
Probably in `/var/spool/cron`.
|
||||
|
||||
> 39 */3 * * * /usr/bin/updatedb
|
||||
Check how your tab currently looks:
|
||||
|
||||
```bash
|
||||
crontab -l
|
||||
```
|
||||
|
||||
## Syntax
|
||||
|
||||
@ -91,7 +102,7 @@ run-parts /etc/cron.hourly
|
||||
### Variables
|
||||
|
||||
Add your `$HOME` to crontab to use scripts.
|
||||
First add `HOME=/home/user`, then you can use syntax like this:
|
||||
First add `HOME=/home/$USER`, then you can use syntax like this:
|
||||
|
||||
0 * * * * $HOME/.scripts/myScript.sh
|
||||
|
||||
@ -100,7 +111,6 @@ First add `HOME=/home/user`, then you can use syntax like this:
|
||||
```bash
|
||||
$HOME/.scripts/myScript.sh
|
||||
```
|
||||
|
||||
You can also add your regular path to your crontab as a variable (see example below).
|
||||
If you're using vim as the editor, just run this at the top of your crontab:
|
||||
|
||||
@ -131,5 +141,3 @@ PATH=/usr/condabin:/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/site_perl:/u
|
||||
50 18 * * * /usr/bin/timeout 30m /usr/bin/syncthing
|
||||
|
||||
```
|
||||
|
||||
|
||||
|
22
basics/eval.md
Normal file
22
basics/eval.md
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
title: "eval"
|
||||
tags: [ "basics" ]
|
||||
---
|
||||
|
||||
Compose a statement for execution.
|
||||
|
||||
```bash
|
||||
x='echo $y'
|
||||
echo $x
|
||||
y=dragon
|
||||
eval "$x"
|
||||
```
|
||||
|
||||
The results remain in the current shell, unlike sub-shells.
|
||||
|
||||
```bash
|
||||
b=basilisk
|
||||
sh -c 'echo $b'
|
||||
eval "g=goblin"
|
||||
echo $g
|
||||
```
|
11
basics/games.md
Normal file
11
basics/games.md
Normal file
@ -0,0 +1,11 @@
|
||||
---
|
||||
title: "bash games"
|
||||
tags: [ "Documentation", "Games" ]
|
||||
---
|
||||
|
||||
Games are a great way to learn bash.
|
||||
|
||||
- `mapscii.me` is an interactive terminal map.
|
||||
1. Install telnet.
|
||||
1. `telnet mapscii.me`
|
||||
- [Over the Wire](https://overthewire.org/wargames) teaches bash with small challenging you can do over `ssh`.
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "tree"
|
||||
tags: [ "basics" ]
|
||||
tags: [ "basics", "tree", "markdown" ]
|
||||
---
|
||||
|
||||
The `tree` utility outputs a full listing of everything in your current directory, and those below.
|
||||
@ -23,3 +23,14 @@ README.md
|
||||
```
|
||||
|
||||
Each description-line starts with a tab.
|
||||
|
||||
## Markdown Conversion
|
||||
|
||||
To represent a file structure as a nested series of markdown lists, you can try this horrifying `sed` one-liner:
|
||||
|
||||
```bash
|
||||
tree -tf --dirsfirst --gitignore --noreport --charset ascii | \
|
||||
sed -e 's/| \+/ /g' \
|
||||
-e 's/[|`]-\+/ */g' \
|
||||
-e 's:\(* \)\(\(.*/\)\([^/]\+\)\):\1[\4](\2):g'
|
||||
```
|
||||
|
57
chat/profanity-otr.md
Normal file
57
chat/profanity-otr.md
Normal file
@ -0,0 +1,57 @@
|
||||
---
|
||||
title: "profanity"
|
||||
tags: [ "Documentation", "Chat", "OTR" ]
|
||||
---
|
||||
# otr
|
||||
|
||||
'Off The Record' encryption seems mostly dead to me.
|
||||
But this is what I did, back in the day...
|
||||
|
||||
Install libotr-dev or libotr5-dev or whatever..
|
||||
|
||||
```
|
||||
sudo apt -y install lib5otr-dev
|
||||
```
|
||||
|
||||
Make your otr keys.
|
||||
|
||||
```
|
||||
/otr gen
|
||||
```
|
||||
|
||||
Then you can start an otr converstation.
|
||||
|
||||
```
|
||||
/otr start bob@jobbies.org
|
||||
```
|
||||
|
||||
Or if you already have a conversation windows open, switch to our using:
|
||||
|
||||
```
|
||||
/otr
|
||||
```
|
||||
|
||||
Finally, verify!
|
||||
|
||||
```
|
||||
/otr question "Who are you?" bob
|
||||
```
|
||||
|
||||
Bob is verified upon the answer, 'bob'.
|
||||
|
||||
### OTR Finger Prints
|
||||
|
||||
Get yours with
|
||||
|
||||
```
|
||||
/otr myfp
|
||||
```
|
||||
|
||||
```
|
||||
/otr theirfp
|
||||
```
|
||||
|
||||
```
|
||||
/otr myfp
|
||||
```
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "profanity"
|
||||
tags: [ "Documentation", "Chat" ]
|
||||
tags: [ "Documentation", "Chat", "omemo" ]
|
||||
---
|
||||
# Setup (Commands)
|
||||
|
||||
@ -140,54 +140,6 @@ You can ensure omemo automatcally turns on:
|
||||
```
|
||||
/omemo policy automatic
|
||||
```
|
||||
---
|
||||
|
||||
## otr
|
||||
|
||||
Install libotr-dev or libotr5-dev or whatever..
|
||||
|
||||
```
|
||||
sudo apt -y install lib5otr-dev
|
||||
```
|
||||
|
||||
Make your otr keys.
|
||||
|
||||
```
|
||||
/otr gen
|
||||
```
|
||||
|
||||
Then you can start an otr converstation.
|
||||
|
||||
```
|
||||
/otr start bob@jobbies.org
|
||||
```
|
||||
|
||||
Or if you already have a conversation windows open, switch to our using:
|
||||
|
||||
```
|
||||
/otr
|
||||
```
|
||||
|
||||
Finally, verify!
|
||||
|
||||
```
|
||||
/otr question "Who are you?" bob
|
||||
```
|
||||
|
||||
Bob is verified upon the answer, 'bob'.
|
||||
|
||||
### OTR Finger Prints
|
||||
|
||||
Get yours with
|
||||
|
||||
```
|
||||
/otr myfp
|
||||
```
|
||||
|
||||
```
|
||||
/otr theirfp
|
||||
```
|
||||
|
||||
```
|
||||
/otr myfp
|
||||
```
|
||||
|
||||
'OTR' encryption is mostly dead, but you can find the old instructions [here](profanity-otr).
|
||||
|
29
data/git/hooks.md
Normal file
29
data/git/hooks.md
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
title: "git hooks"
|
||||
tags: [ "Documentation", "data", "git" ]
|
||||
---
|
||||
|
||||
Check out the sample hooks:
|
||||
|
||||
```bash
|
||||
cd $GIT_REPO
|
||||
ls .git/hooks
|
||||
head .git/hooks/pre-commit.sample
|
||||
```
|
||||
|
||||
Add a hook to check the shell scripts in `$GIT_REPO` before making a commit:
|
||||
|
||||
```bash
|
||||
echo '#!/bin/sh
|
||||
shellcheck *.sh' > .git/hooks/commit-msg
|
||||
chmod u+x .git/hooks/commit-msg
|
||||
```
|
||||
|
||||
## Committing
|
||||
|
||||
Your `git hooks` will not enter the repository, but you can commit them to a repository, then request others add these git hooks to their own branch, by putting a note in the project's `README.md`.
|
||||
|
||||
```markdown
|
||||
The project comes with recommended git hooks.
|
||||
You can activate the hooks with `git config core.hooksPath hooks`.
|
||||
```
|
141
data/gpg.md
141
data/gpg.md
@ -1,142 +1,7 @@
|
||||
---
|
||||
title: "gpg"
|
||||
tags: [ "Documentation", "data" ]
|
||||
tags: [ "Documentation", "data", "GPG" ]
|
||||
---
|
||||
# Making keys
|
||||
|
||||
Generate keys:
|
||||
|
||||
```bash
|
||||
gpg --gen-key
|
||||
```
|
||||
|
||||
Follow the guide.
|
||||
|
||||
# Encrypting a file
|
||||
|
||||
```bash
|
||||
gpg -r malinfreeborn@posteo.net -e file
|
||||
```
|
||||
|
||||
`-r` specifies the recipient.
|
||||
|
||||
Check you have an encrypted version of your file.
|
||||
|
||||
# Changing Expiration Dates
|
||||
|
||||
gpg --list-keys
|
||||
|
||||
... and then use the second part of 'pub', which is the ID. But that's not appearing here so... on with gpg2?
|
||||
|
||||
# Making encrypted files with a local password
|
||||
|
||||
Make a password with a password (cypher encryption).
|
||||
|
||||
```bash
|
||||
gpg -c --output passwords.txt
|
||||
```
|
||||
|
||||
or
|
||||
|
||||
```bash
|
||||
gpg -c > passwords.txt
|
||||
```
|
||||
|
||||
Put in a password.
|
||||
|
||||
Write message then stop with Ctrl+d.
|
||||
|
||||
Get the message back out the file with:
|
||||
|
||||
```bash
|
||||
gpg -d passwords.txt
|
||||
```
|
||||
|
||||
# Circles of Trust
|
||||
|
||||
Search for a key at any key store:
|
||||
|
||||
```bash
|
||||
gpg --search-keys nestorv
|
||||
```
|
||||
|
||||
Once you've made a decision about someone:
|
||||
|
||||
```bash
|
||||
gpg --list-keys
|
||||
```
|
||||
|
||||
You get something like this:
|
||||
|
||||
```
|
||||
pub rsa3072 2021-08-15 [SC] [expires: 2023-08-15]
|
||||
CD30421FD825696BD95F1FF644C62C57B790D3CF
|
||||
uid [ultimate] Malin Freeborn <malinfreeborn@posteo.net>
|
||||
sub rsa3072 2021-08-15 [E] [expires: 2023-08-15]
|
||||
|
||||
```
|
||||
|
||||
Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is.
|
||||
This is a fingerprint.
|
||||
|
||||
You can now decide the trust level (this stays on your computer).
|
||||
|
||||
```bash
|
||||
gpg --edit-key CD30421FD825696BD95F1FF644C62C57B790D3CF
|
||||
```
|
||||
|
||||
Once you're in the interface, type `trust`.
|
||||
|
||||
```bash
|
||||
gpg --sign-key alice@posteo.net
|
||||
```
|
||||
|
||||
# Swapping Keys
|
||||
|
||||
This system relies on a ring of people swapping key information.
|
||||
|
||||
## Sending
|
||||
|
||||
Send those trusted keys up to a server, so people can see you have verified them:
|
||||
|
||||
```bash
|
||||
gpg --send-keys 024C6B1C84449BD1CB4DF7A152295D2377F4D70F
|
||||
```
|
||||
|
||||
## Upload Your Keys
|
||||
|
||||
## Add More Key Servers
|
||||
|
||||
Key servers often swap keys, but it's best to just send to multiple places immediately.
|
||||
You can add key servers by adding this to `~/.gnupg/gpg.conf`.
|
||||
|
||||
```
|
||||
keyserver hkps://keys.openpgp.org
|
||||
keyserver hkps://mail-api.proton.me
|
||||
keyserver hkps://keys.mailvelope.com
|
||||
```
|
||||
|
||||
# Refresh Keys
|
||||
|
||||
Refreshing keys will tell you if some key you have contains a signature from someone you already trust, or if someone has published a revocation certificate (meaning their key should not be trusted any more).
|
||||
|
||||
```bash
|
||||
gpg --refresh-keys
|
||||
```
|
||||
|
||||
You can use the [crontab](../basics/cron.md) to refresh keys.
|
||||
|
||||
# Export
|
||||
|
||||
Your public key:
|
||||
|
||||
```bash
|
||||
gpg --output me.gpg --armor --export
|
||||
```
|
||||
|
||||
or
|
||||
|
||||
```bash
|
||||
gpg --export -a person@email.tld > my_key.pub
|
||||
```
|
||||
|
||||
- [Setup](gpg/basics.md)
|
||||
- [Extras](gpg/extras.md)
|
||||
|
141
data/gpg/basics.md
Normal file
141
data/gpg/basics.md
Normal file
@ -0,0 +1,141 @@
|
||||
---
|
||||
title: "GPG Basics"
|
||||
tags: [ "Documentation", "data", "GPG" ]
|
||||
---
|
||||
# Making keys
|
||||
|
||||
Generate keys:
|
||||
|
||||
```bash
|
||||
gpg --gen-key
|
||||
```
|
||||
|
||||
Follow the guide.
|
||||
|
||||
# Encrypting a file
|
||||
|
||||
```bash
|
||||
gpg -r malinfreeborn@posteo.net -e file
|
||||
```
|
||||
|
||||
`-r` specifies the recipient.
|
||||
|
||||
Check you have an encrypted version of your file.
|
||||
|
||||
# Changing Expiration Dates
|
||||
|
||||
gpg --list-keys
|
||||
|
||||
... and then use the second part of 'pub', which is the ID. But that's not appearing here so... on with gpg2?
|
||||
|
||||
# Making encrypted files with a local password
|
||||
|
||||
Make a password with a password (cypher encryption).
|
||||
|
||||
```bash
|
||||
gpg -c --output passwords.txt
|
||||
```
|
||||
|
||||
or
|
||||
|
||||
```bash
|
||||
gpg -c > passwords.txt
|
||||
```
|
||||
|
||||
Put in a password.
|
||||
|
||||
Write message then stop with Ctrl+d.
|
||||
|
||||
Get the message back out the file with:
|
||||
|
||||
```bash
|
||||
gpg -d passwords.txt
|
||||
```
|
||||
|
||||
# Circles of Trust
|
||||
|
||||
Search for a key at any key store:
|
||||
|
||||
```bash
|
||||
gpg --search-keys nestorv
|
||||
```
|
||||
|
||||
Once you've made a decision about someone:
|
||||
|
||||
```bash
|
||||
gpg --list-keys
|
||||
```
|
||||
|
||||
You get something like this:
|
||||
|
||||
```
|
||||
pub rsa3072 2021-08-15 [SC] [expires: 2023-08-15]
|
||||
CD30421FD825696BD95F1FF644C62C57B790D3CF
|
||||
uid [ultimate] Malin Freeborn <malinfreeborn@posteo.net>
|
||||
sub rsa3072 2021-08-15 [E] [expires: 2023-08-15]
|
||||
|
||||
```
|
||||
|
||||
Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is.
|
||||
This is a fingerprint.
|
||||
|
||||
You can now decide the trust level (this stays on your computer).
|
||||
|
||||
```bash
|
||||
gpg --edit-key CD30421FD825696BD95F1FF644C62C57B790D3CF
|
||||
```
|
||||
|
||||
Once you're in the interface, type `trust`.
|
||||
|
||||
```bash
|
||||
gpg --sign-key alice@posteo.net
|
||||
```
|
||||
|
||||
# Swapping Keys
|
||||
|
||||
This system relies on a ring of people swapping key information.
|
||||
|
||||
## Sending
|
||||
|
||||
Send those trusted keys up to a server, so people can see you have verified them:
|
||||
|
||||
```bash
|
||||
gpg --send-keys 024C6B1C84449BD1CB4DF7A152295D2377F4D70F
|
||||
```
|
||||
|
||||
## Upload Your Keys
|
||||
|
||||
## Add More Key Servers
|
||||
|
||||
Key servers often swap keys, but it's best to just send to multiple places immediately.
|
||||
You can add key servers by adding this to `~/.gnupg/gpg.conf`.
|
||||
|
||||
```
|
||||
keyserver hkps://keys.openpgp.org
|
||||
keyserver hkps://mail-api.proton.me
|
||||
keyserver hkps://keys.mailvelope.com
|
||||
```
|
||||
|
||||
# Refresh Keys
|
||||
|
||||
Refreshing keys will tell you if some key you have contains a signature from someone you already trust, or if someone has published a revocation certificate (meaning their key should not be trusted any more).
|
||||
|
||||
```bash
|
||||
gpg --refresh-keys
|
||||
```
|
||||
|
||||
You can use the [crontab](../basics/cron.md) to refresh keys.
|
||||
|
||||
# Export
|
||||
|
||||
Your public key:
|
||||
|
||||
```bash
|
||||
gpg --output me.gpg --armor --export
|
||||
```
|
||||
Alternatively:
|
||||
|
||||
```bash
|
||||
gpg --export -a person@email.tld > my_key.pub
|
||||
```
|
||||
|
10
data/gpg/extras.md
Normal file
10
data/gpg/extras.md
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
title: "gpg"
|
||||
tags: [ "Documentation", "vim", "data", "GPG" ]
|
||||
---
|
||||
|
||||
The `vim-gnupg` plugin lets vim edit gpg-encrypted files as if they were unencrypted.
|
||||
|
||||
It's probably in your package manager.
|
||||
If not, you'll need to endure the faff of following the [instructions](http://www.vim.org/scripts/script.php?script_id=3645).
|
||||
|
@ -29,11 +29,10 @@ Edit `/etc/radicale/config`, changing the `[auth]` section from this:
|
||||
|
||||
...to this:
|
||||
```
|
||||
#type = htpasswd
|
||||
type = htpasswd
|
||||
```
|
||||
|
||||
If the service is started, restart it to make sure nobody can sign in without a password.
|
||||
|
||||
Make sure the service is off, as people may be able to sign in without a password at this point.
|
||||
|
||||
Next, find the `htpasswd` program.
|
||||
You might get it in the `apache` package or similar.
|
||||
@ -41,7 +40,7 @@ You might get it in the `apache` package or similar.
|
||||
`htpasswd` allows you to generate passwords for users, and place them in `/etc/radicale/users`.
|
||||
|
||||
```bash
|
||||
PASS="$(xkcdpass)
|
||||
PASS="$(xkcdpass)"
|
||||
htpasswd -nb $USER "$PASS" | sudo tee -a /etc/radicale/users
|
||||
echo "Your username is $USER"
|
||||
echo "Your password is $PASS"
|
||||
@ -96,14 +95,12 @@ Finally, replace the example `DOMAIN` with your actual domain name.
|
||||
```bash
|
||||
DOMAIN=whatever.com
|
||||
sudo sed -i "s/DOMAIN/$DOMAIN/g" /etc/nginx/sites-available/radicale
|
||||
|
||||
```
|
||||
|
||||
(optional: replace that `cal.` prefix with anything else)
|
||||
|
||||
Check nginx is happy:
|
||||
|
||||
|
||||
```bash
|
||||
sudo nginx -t
|
||||
```
|
||||
@ -115,7 +112,6 @@ sudo certbod -d cal.$DOMAIN
|
||||
|
||||
Start or restart both services:
|
||||
|
||||
|
||||
```bash
|
||||
sudo systemctl start radicale
|
||||
sudo systemctl restart nginx
|
||||
@ -123,4 +119,4 @@ sudo systemctl restart nginx
|
||||
|
||||
You should now be able to log into your calendar, and add it to a phone.
|
||||
|
||||
NB: you don't need the port number.
|
||||
**NB:** you don't need the port number.
|
||||
|
23
data/sharing_secrets.md
Normal file
23
data/sharing_secrets.md
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
title: "Sharing Secrets"
|
||||
tags: [ "data", "death", "secrets", "ssss" ]
|
||||
---
|
||||
|
||||
You can share parts of a secret with multiple people, so only some of them need to agree to see the secret.
|
||||
|
||||
Install `ssss`, then decide on the total number of secrets (`N`), and the threshold of people who must share their shard of the secret in order to reveal the secret.
|
||||
|
||||
```bash
|
||||
N=5
|
||||
T=3
|
||||
FILE=secret.txt
|
||||
fortune | ssss-split -t $T -n $N > $FILE
|
||||
```
|
||||
Each shard is a line inside secret.txt.
|
||||
|
||||
Check it's working:
|
||||
|
||||
```bash
|
||||
head -n $T $FILE | ssss-combine -t $T
|
||||
tail -n $T $FILE | ssss-combine -t $T
|
||||
```
|
21
data/sqlite.md
Normal file
21
data/sqlite.md
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
title: "sqlite"
|
||||
tags: [ "Documentation", "data" ]
|
||||
---
|
||||
|
||||
Work with a database:
|
||||
|
||||
```bash
|
||||
sqlite3 "$FILE".sqlite3
|
||||
```
|
||||
Compress the database:
|
||||
|
||||
```sqlite
|
||||
pragma vacuum;
|
||||
```
|
||||
Optimize the database:
|
||||
|
||||
```sqlite
|
||||
pragma optimize;
|
||||
```
|
||||
|
@ -1,57 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# https://www.unixmen.com/install-arch-linux-raspberry-pi/
|
||||
|
||||
pacman-key --init || echo init fail >> log
|
||||
pacman-key --populate archlinuxarm || echo update fail >> log
|
||||
pacman -Syyuu || echo update fail >> log
|
||||
|
||||
sed -i s/#en_GB.UTF-8 UTF-8/en_GB.UTF-8 UTF-8/ /etc/locale.gen
|
||||
|
||||
echo 'LANG=en_GB.UTF-8' >> /etc/locale.conf
|
||||
|
||||
locale-gen
|
||||
|
||||
pacman -S base-devel htop ranger tmux lolcat fortune-mod git figlet rxvt-unicode task timew calcurse fail2ban
|
||||
# texlive-most
|
||||
if [[ $2 == all || $1 == all ]]; then
|
||||
pacman -S nnn feh dmenu rofi xf86-video-fbdev xorg xorg-xinit xorg-server xorg-server-utils xterm
|
||||
fi
|
||||
|
||||
# Audio
|
||||
echo 'dtparam=audio=on' >> /boot/config.txt
|
||||
|
||||
if [[ $1 == audio ]]; then
|
||||
pacman -S alsa-utils alsa-firmware alsa-lib alsa-plugins
|
||||
fi
|
||||
|
||||
echo 'device_tree_param=spi=on' >> /boot/config.txt
|
||||
|
||||
# for a vnc viewer
|
||||
if [[ $1 == vnc ]]; then
|
||||
tigervnc gcc geany i3 i3status compton feh sxiv rxvt-unicode
|
||||
fi
|
||||
|
||||
# Swap
|
||||
|
||||
cd /var/cache/swap
|
||||
|
||||
dd if=/dev/zero of=swapfile bs=1K count=2M
|
||||
|
||||
chmod 600 swapfile
|
||||
|
||||
mkswap swapfile
|
||||
|
||||
swapon swapfile
|
||||
|
||||
echo "/var/cache/swap/swapfile none swap sw 0 0" > /etc/fstab
|
||||
|
||||
# fail2ban
|
||||
|
||||
[ -e sshd.local ] && \
|
||||
pacman -S fail2ban && \
|
||||
mv sshd.local /etc/fail2ban/jail.d && \
|
||||
systemctl start fail2ban
|
||||
|
||||
# If it won't reboot, install `arch-install-scripts` then try again and firstly:
|
||||
# genfstab / > /etc/fstab
|
@ -1,9 +0,0 @@
|
||||
#!/bin/sh
|
||||
pacman -S gitea postgresql
|
||||
sudo su postgres -c 'initdb -D /var/lib/postgres/data'
|
||||
sudo systemctl start postgresql
|
||||
sudo su postgres -c 'createuser -P gitea'
|
||||
sudo su postgres -c 'createdb -O gitea gitea'
|
||||
sudo sed -i 's/mysql/postgres/' /etc/gitea/app.ini
|
||||
sudo sed -i 's/root/gitea/' /etc/gitea/app.ini
|
||||
sudo systemctl start gitea
|
@ -1,79 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
yay -S pi-hole-ftl pi-hole-server
|
||||
|
||||
# Configuration in /etc/pihole/pihole-FTL.db
|
||||
# You can change DBINTERVAL to 60 or more to limit writes to disk
|
||||
|
||||
sudo systemctl disable --now systemd-resolved
|
||||
sudo systemctl enable --now pihole-FTL
|
||||
pihole -g
|
||||
pihole -c
|
||||
|
||||
if [ "$1" == "unbound" ]; then
|
||||
|
||||
sudo pacman -S unbound
|
||||
|
||||
sudo cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.old
|
||||
|
||||
echo "server:
|
||||
# If no logfile is specified, syslog is used
|
||||
# logfile: "/var/log/unbound/unbound.log"
|
||||
verbosity: 0
|
||||
|
||||
interface: 127.0.0.1
|
||||
port: 5335
|
||||
do-ip4: yes
|
||||
do-udp: yes
|
||||
do-tcp: yes
|
||||
|
||||
# May be set to yes if you have IPv6 connectivity
|
||||
do-ip6: no
|
||||
|
||||
# You want to leave this to no unless you have *native* IPv6. With 6to4 and
|
||||
# Terredo tunnels your web browser should favor IPv4 for the same reasons
|
||||
prefer-ip6: no
|
||||
|
||||
# Use this only when you downloaded the list of primary root servers!
|
||||
# If you use the default dns-root-data package, unbound will find it automatically
|
||||
#root-hints: "/var/lib/unbound/root.hints"
|
||||
|
||||
# Trust glue only if it is within the server's authority
|
||||
harden-glue: yes
|
||||
|
||||
# Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS
|
||||
harden-dnssec-stripped: yes
|
||||
|
||||
# Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes
|
||||
# see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details
|
||||
use-caps-for-id: no
|
||||
|
||||
# Reduce EDNS reassembly buffer size.
|
||||
# Suggested by the unbound man page to reduce fragmentation reassembly problems
|
||||
edns-buffer-size: 1472
|
||||
|
||||
# Perform prefetching of close to expired message cache entries
|
||||
# This only applies to domains that have been frequently queried
|
||||
prefetch: yes
|
||||
|
||||
# One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1.
|
||||
num-threads: 1
|
||||
|
||||
# Ensure kernel buffer is large enough to not lose messages in traffic spikes
|
||||
so-rcvbuf: 1m
|
||||
|
||||
# Ensure privacy of local IP ranges
|
||||
private-address: 192.168.0.0/16
|
||||
private-address: 169.254.0.0/16
|
||||
private-address: 172.16.0.0/12
|
||||
private-address: 10.0.0.0/8
|
||||
private-address: fd00::/8
|
||||
private-address: fe80::/10
|
||||
" | sudo tee /etc/unbound.conf
|
||||
|
||||
echo "Make this the only pihole DNS: PIHOLE_DNS_1=127.0.0.1 in /etc/pihole/setupVars.conf"
|
||||
|
||||
fi
|
||||
|
@ -1,8 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
||||
|
||||
flatpak --user install flathub com.valvesoftware.Steam
|
||||
|
||||
flatpak run com.valvesoftware.Steam
|
||||
|
@ -1,10 +0,0 @@
|
||||
git clone https://aur.archlinux.org/yay.git
|
||||
|
||||
cd yay
|
||||
|
||||
makepkg -si
|
||||
|
||||
yay -S perl-graph-easy signal-desktop sc-im ncpamixer xdg-utils-mimeo torrench
|
||||
|
||||
yay -S ttf-tengwar-annatar
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "locales"
|
||||
tags: [ "void" ]
|
||||
title: "Void locale"
|
||||
tags: [ "void", "locale" ]
|
||||
---
|
||||
|
||||
Check the current locales:
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: "graph-easy"
|
||||
tags: [ "Documentation" ]
|
||||
title: "Easy Network Graph"
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
Set up a file like this, called `troubleshooting.txt`.
|
||||
|
||||
|
@ -1,27 +0,0 @@
|
||||
---
|
||||
title: "pip"
|
||||
tags: [ "Documentation", "Networking" ]
|
||||
---
|
||||
```
|
||||
|
||||
Searching does not work.
|
||||
|
||||
Install with:
|
||||
|
||||
```bash
|
||||
pip install [ package ]
|
||||
```
|
||||
|
||||
Upgrade all packages
|
||||
|
||||
```bash
|
||||
pip freeze --local | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U
|
||||
```
|
||||
|
||||
# Troubleshooting
|
||||
|
||||
You may need a python3 package.
|
||||
In this case, try:
|
||||
|
||||
```bash
|
||||
pip3 install [ package ]
|
@ -136,3 +136,32 @@ Without the `--anonymize` flag, the torrent file output will have a 'created by'
|
||||
- udp://explodie.org:6969/announce
|
||||
- https://tracker.gbitt.info:443/announce
|
||||
- http://tracker.gbitt.info:80/announce
|
||||
|
||||
## Verify
|
||||
|
||||
Add your torrent and notes its number:
|
||||
|
||||
```bash
|
||||
transmission-remote -a "$file".torrent
|
||||
transmission-remote -l
|
||||
transmission-remote -t "$number" -i
|
||||
```
|
||||
|
||||
The information in the last command shows that it's not verified, so you can verify with `-v`.
|
||||
|
||||
```bash
|
||||
transmission-remote -t "$number" -v
|
||||
```
|
||||
|
||||
If transmission cannot find it, then tell it where to find the torrent:
|
||||
|
||||
```bash
|
||||
transmission-remote -t "$number" --find "$(pwd)"
|
||||
```
|
||||
...and of course, make sure the permissions allow transmission to see the target.
|
||||
|
||||
|
||||
```bash
|
||||
ls -ld "$file"
|
||||
```
|
||||
|
||||
|
2
new.sh
2
new.sh
@ -14,7 +14,7 @@ filePath="$category/$(echo $name | sed 's/ /_/g').md"
|
||||
|
||||
tagsList="$(echo \"$category | sed 's#\/#", "#g')\""
|
||||
|
||||
[ -e "$filePath" ] && $EDITOR $filePath && exit 0
|
||||
[ -e "$filePath" ] && $EDITOR "$filePath" && exit 0
|
||||
|
||||
echo "---
|
||||
title: \"$name\"
|
||||
|
24
system/monitoring.md
Normal file
24
system/monitoring.md
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
title: "Monitoring"
|
||||
tags: [ "Documentation", "System", "CPU", "Memory" ]
|
||||
---
|
||||
|
||||
Print the average CPU load over 1 minute, 5 minutes, and 15 minutes:
|
||||
|
||||
```bash
|
||||
watch -d cat /proc/loadavg
|
||||
stress="$(cat /proc/loadavg | awk '{print "Usage:" $2"%"}')"
|
||||
```
|
||||
|
||||
Show memory usage in Gibitytes.
|
||||
|
||||
```bash
|
||||
free -g
|
||||
```
|
||||
Show low and high gigibtye usage on a *l*ine, and repeat the measurement every 5 seconds:
|
||||
|
||||
```bash
|
||||
REP=5
|
||||
free --lohi -g -s $REP | lolcat
|
||||
```
|
||||
|
@ -2,6 +2,18 @@
|
||||
title: "journal"
|
||||
tags: [ "Documentation", "systemd" ]
|
||||
---
|
||||
|
||||
See a running log of all system messages:
|
||||
|
||||
|
||||
```bash
|
||||
journalctl -f
|
||||
```
|
||||
|
||||
Or just one unit (`sshd`):
|
||||
|
||||
```bash
|
||||
journalctl -f -u sshd
|
||||
```
|
||||
|
||||
Find errors since November
|
||||
@ -14,3 +26,13 @@ Limit size to 2G.
|
||||
|
||||
```bash
|
||||
journalctl --vacuum-size=2G
|
||||
```
|
||||
|
||||
Log the fact that you've installed your own `dnsmasq` on your system to `journalctl`, so that you can notice why your system's broken:
|
||||
|
||||
|
||||
```bash
|
||||
logger "Installed new dnsmasq"
|
||||
sudo journalctl -f
|
||||
```
|
||||
|
||||
|
21
vision/lowdown.md
Normal file
21
vision/lowdown.md
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
title: "Markdown to PDF"
|
||||
tags: [ "Documentation", "Markdown", "PDF", "Vision" ]
|
||||
---
|
||||
|
||||
Turn a markdown file into a pdf:
|
||||
|
||||
```bash
|
||||
lowdown -stms "$FILE".md | pdfroff -itk -mspdf > "$FILE".pdf
|
||||
```
|
||||
|
||||
To give the document a title, put that title in the metadata:
|
||||
|
||||
```bash
|
||||
sed -i "1 i---" "$FILE".md
|
||||
sed -i "1 ititle: $TITLE" "$FILE".md
|
||||
sed -i "1 i---" "$FILE".md
|
||||
lowdown -L "$FILE".md
|
||||
lowdown -X title "$FILE".md
|
||||
lowdown -stms "$FILE".md | pdfroff -itk -mspdf > "$FILE".pdf
|
||||
```
|
Loading…
Reference in New Issue
Block a user