Compare commits
3 Commits
fc085dbb1e
...
51e489a8e3
Author | SHA1 | Date | |
---|---|---|---|
51e489a8e3 | |||
d4ca81c2ae | |||
ae1e0ad726 |
23
data/sharing_secrest.md
Normal file
23
data/sharing_secrest.md
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
title: "Sharing Secrets"
|
||||
tags: [ "data", "death", "secrets", "ssss" ]
|
||||
---
|
||||
|
||||
You can share parts of a secret with multiple people, so only some of them need to agree to see the secret.
|
||||
|
||||
Install `ssss`, then decide on the total number of secrets (`N`), and the threshold of people who must share their shard of the secret in order to reveal the secret.
|
||||
|
||||
```bash
|
||||
N=5
|
||||
T=3
|
||||
FILE=secret.txt
|
||||
fortune | ssss-split -t $T -n $N > $FILE
|
||||
```
|
||||
Each shard is a line inside secret.txt.
|
||||
|
||||
Check it's working:
|
||||
|
||||
```bash
|
||||
head -n $T $FILE | ssss-combine -t $T
|
||||
tail -n $T $FILE | ssss-combine -t $T
|
||||
```
|
@ -1,57 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# https://www.unixmen.com/install-arch-linux-raspberry-pi/
|
||||
|
||||
pacman-key --init || echo init fail >> log
|
||||
pacman-key --populate archlinuxarm || echo update fail >> log
|
||||
pacman -Syyuu || echo update fail >> log
|
||||
|
||||
sed -i s/#en_GB.UTF-8 UTF-8/en_GB.UTF-8 UTF-8/ /etc/locale.gen
|
||||
|
||||
echo 'LANG=en_GB.UTF-8' >> /etc/locale.conf
|
||||
|
||||
locale-gen
|
||||
|
||||
pacman -S base-devel htop ranger tmux lolcat fortune-mod git figlet rxvt-unicode task timew calcurse fail2ban
|
||||
# texlive-most
|
||||
if [[ $2 == all || $1 == all ]]; then
|
||||
pacman -S nnn feh dmenu rofi xf86-video-fbdev xorg xorg-xinit xorg-server xorg-server-utils xterm
|
||||
fi
|
||||
|
||||
# Audio
|
||||
echo 'dtparam=audio=on' >> /boot/config.txt
|
||||
|
||||
if [[ $1 == audio ]]; then
|
||||
pacman -S alsa-utils alsa-firmware alsa-lib alsa-plugins
|
||||
fi
|
||||
|
||||
echo 'device_tree_param=spi=on' >> /boot/config.txt
|
||||
|
||||
# for a vnc viewer
|
||||
if [[ $1 == vnc ]]; then
|
||||
tigervnc gcc geany i3 i3status compton feh sxiv rxvt-unicode
|
||||
fi
|
||||
|
||||
# Swap
|
||||
|
||||
cd /var/cache/swap
|
||||
|
||||
dd if=/dev/zero of=swapfile bs=1K count=2M
|
||||
|
||||
chmod 600 swapfile
|
||||
|
||||
mkswap swapfile
|
||||
|
||||
swapon swapfile
|
||||
|
||||
echo "/var/cache/swap/swapfile none swap sw 0 0" > /etc/fstab
|
||||
|
||||
# fail2ban
|
||||
|
||||
[ -e sshd.local ] && \
|
||||
pacman -S fail2ban && \
|
||||
mv sshd.local /etc/fail2ban/jail.d && \
|
||||
systemctl start fail2ban
|
||||
|
||||
# If it won't reboot, install `arch-install-scripts` then try again and firstly:
|
||||
# genfstab / > /etc/fstab
|
@ -1,9 +0,0 @@
|
||||
#!/bin/sh
|
||||
pacman -S gitea postgresql
|
||||
sudo su postgres -c 'initdb -D /var/lib/postgres/data'
|
||||
sudo systemctl start postgresql
|
||||
sudo su postgres -c 'createuser -P gitea'
|
||||
sudo su postgres -c 'createdb -O gitea gitea'
|
||||
sudo sed -i 's/mysql/postgres/' /etc/gitea/app.ini
|
||||
sudo sed -i 's/root/gitea/' /etc/gitea/app.ini
|
||||
sudo systemctl start gitea
|
@ -1,79 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
yay -S pi-hole-ftl pi-hole-server
|
||||
|
||||
# Configuration in /etc/pihole/pihole-FTL.db
|
||||
# You can change DBINTERVAL to 60 or more to limit writes to disk
|
||||
|
||||
sudo systemctl disable --now systemd-resolved
|
||||
sudo systemctl enable --now pihole-FTL
|
||||
pihole -g
|
||||
pihole -c
|
||||
|
||||
if [ "$1" == "unbound" ]; then
|
||||
|
||||
sudo pacman -S unbound
|
||||
|
||||
sudo cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.old
|
||||
|
||||
echo "server:
|
||||
# If no logfile is specified, syslog is used
|
||||
# logfile: "/var/log/unbound/unbound.log"
|
||||
verbosity: 0
|
||||
|
||||
interface: 127.0.0.1
|
||||
port: 5335
|
||||
do-ip4: yes
|
||||
do-udp: yes
|
||||
do-tcp: yes
|
||||
|
||||
# May be set to yes if you have IPv6 connectivity
|
||||
do-ip6: no
|
||||
|
||||
# You want to leave this to no unless you have *native* IPv6. With 6to4 and
|
||||
# Terredo tunnels your web browser should favor IPv4 for the same reasons
|
||||
prefer-ip6: no
|
||||
|
||||
# Use this only when you downloaded the list of primary root servers!
|
||||
# If you use the default dns-root-data package, unbound will find it automatically
|
||||
#root-hints: "/var/lib/unbound/root.hints"
|
||||
|
||||
# Trust glue only if it is within the server's authority
|
||||
harden-glue: yes
|
||||
|
||||
# Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS
|
||||
harden-dnssec-stripped: yes
|
||||
|
||||
# Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes
|
||||
# see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details
|
||||
use-caps-for-id: no
|
||||
|
||||
# Reduce EDNS reassembly buffer size.
|
||||
# Suggested by the unbound man page to reduce fragmentation reassembly problems
|
||||
edns-buffer-size: 1472
|
||||
|
||||
# Perform prefetching of close to expired message cache entries
|
||||
# This only applies to domains that have been frequently queried
|
||||
prefetch: yes
|
||||
|
||||
# One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1.
|
||||
num-threads: 1
|
||||
|
||||
# Ensure kernel buffer is large enough to not lose messages in traffic spikes
|
||||
so-rcvbuf: 1m
|
||||
|
||||
# Ensure privacy of local IP ranges
|
||||
private-address: 192.168.0.0/16
|
||||
private-address: 169.254.0.0/16
|
||||
private-address: 172.16.0.0/12
|
||||
private-address: 10.0.0.0/8
|
||||
private-address: fd00::/8
|
||||
private-address: fe80::/10
|
||||
" | sudo tee /etc/unbound.conf
|
||||
|
||||
echo "Make this the only pihole DNS: PIHOLE_DNS_1=127.0.0.1 in /etc/pihole/setupVars.conf"
|
||||
|
||||
fi
|
||||
|
@ -1,8 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
||||
|
||||
flatpak --user install flathub com.valvesoftware.Steam
|
||||
|
||||
flatpak run com.valvesoftware.Steam
|
||||
|
@ -1,10 +0,0 @@
|
||||
git clone https://aur.archlinux.org/yay.git
|
||||
|
||||
cd yay
|
||||
|
||||
makepkg -si
|
||||
|
||||
yay -S perl-graph-easy signal-desktop sc-im ncpamixer xdg-utils-mimeo torrench
|
||||
|
||||
yay -S ttf-tengwar-annatar
|
||||
|
24
system/monitoring.md
Normal file
24
system/monitoring.md
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
title: "Monitoring"
|
||||
tags: [ "Documentation", "System", "CPU", "Memory" ]
|
||||
---
|
||||
|
||||
Print the average CPU load over 1 minute, 5 minutes, and 15 minutes:
|
||||
|
||||
```bash
|
||||
watch -d cat /proc/loadavg
|
||||
stress="$(cat /proc/loadavg | awk '{print "Usage:" $2"%"}')"
|
||||
```
|
||||
|
||||
Show memory usage in Gibitytes.
|
||||
|
||||
```bash
|
||||
free -g
|
||||
```
|
||||
Show low and high gigibtye usage on a *l*ine, and repeat the measurement every 5 seconds:
|
||||
|
||||
```bash
|
||||
REP=5
|
||||
free --lohi -g -s $REP | lolcat
|
||||
```
|
||||
|
Loading…
Reference in New Issue
Block a user