dotfiles/debian
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: dotfiles:d85d99fa5c660d29ca570b7410c925530386a891
Branches Tags
dotfiles:main
..
compare: dotfiles:main
Branches Tags
dotfiles:main

24 Commits
d85d99fa5c ... main

Author SHA1 Message Date
Charles Reid
cf451aefa9 sync dotfiles with mac 2026-04-13 17:53:50 -07:00
Charles Reid
e9815a1c4b add claude, gemini, deepseek to top level of bash profile 2026-04-13 17:41:36 -07:00
Charles Reid
aecfefd2f1 update vimrc 2022-08-22 18:09:15 -07:00
Charles Reid
15e7a59e38 fix hostname 2022-08-22 18:03:43 -07:00
Charles Reid
8ad19851bc fix vpp and fix socks 2022-08-22 17:11:01 -07:00
Charles Reid
4f37228dad fix uuidgen 2022-08-22 16:21:40 -07:00
Charles Reid
53190fd805 fix typo 2022-08-21 15:29:46 -07:00
Charles Reid
af3d4c1768 add script to generate ch4zm ssh key 2022-07-19 22:51:24 -07:00
Charles Reid
038fb927ff update debian dotfiles 2022-07-19 19:28:29 -07:00
Charles Reid
93659ea9fe fix find cmd 2022-07-16 13:56:47 -07:00
Charles Reid
2256de8e0e pare down functions 2022-07-09 23:47:26 -07:00
Charles Reid
9bccba22a5 fix 2022-07-09 23:42:01 -07:00
Charles Reid
9d99efd720 update 2022-07-09 23:39:29 -07:00
Charles Reid
d7e4965d14 update .aliases 2022-07-09 23:37:15 -07:00
Charles Reid
85e1baab05 update tmux config file 2022-03-17 15:08:22 -07:00
Charles Reid
ff9790e7ea remove backslash shortcut (randal no like) 2021-12-16 19:14:00 -08:00
Charles Reid
976a76a257 fix pyenv for debian 2021-12-05 10:35:13 -08:00
Charles Reid
97a76d807a update bash prompt machine colors 2021-11-30 13:47:59 -08:00
Charles Reid
eb94148598 correct syntax in bespin crontab 2021-09-10 13:15:41 -07:00
Charles Reid
39aff8105d update bespin crontab 2021-09-09 16:24:58 -07:00
Charles Reid
ba994a16ea update bespin crontab 2021-09-07 12:22:53 -07:00
Charles Reid
f06074820c add iptables for pihole/tinc setup 2021-09-07 12:22:53 -07:00
Charles Reid
38437019c4 add lars sudo crontab 2021-08-22 14:52:48 -07:00
Charles Reid
4badfe329c remove bear firewall (use ansible role instead) 2021-01-30 15:55:16 -08:00
13 changed files with 370 additions and 257 deletions
Expand all files Collapse all files

4
crontab/bespin.crontab
View File

@@ -5,6 +5,6 @@
# DOW (day of week): 0-6 or Sun-Sat # DOW (day of week): 0-6 or Sun-Sat
# #
# MIN HR DOM MONTH DOW CMD # MIN HR DOM MONTH DOW CMD
5 3 * * * /home/charles/pod-private-wiki/utils-backup/wikidb_dump.sh 3 3 * * * /home/charles/pod-private-wiki/utils-backup/wikidb_dump.sh
6 3 * * * /home/charles/pod-private-wiki/utils-backup/wikifiles_dump.sh 6 3 * * * /home/charles/pod-private-wiki/utils-backup/wikifiles_dump.sh
12 3 * * * bash -c '/usr/bin/test -d /media/charles/usb && /bin/ls -1 -t /home/charles/backups | /usr/bin/head -n1 | /usr/bin/xargs -IREPL cp -r /home/charles/backups/REPL /media/charles/usb/backups/.'

8
crontab/lars.sudo.crontab Normal file
View File

@@ -0,0 +1,8 @@
# MIN: 0-59
# HOUR: 0-23
# DOM (day of month): 1-31
# MONTH: 1-12 or Jan-Dec
# DOW (day of week): 0-6 or Sun-Sat
#
# MIN HR DOM MONTH DOW CMD
3 2 * * Sun cd /home/charles/pod-gollyx-mongo/d-mongodb/ && ./make_mongo_pem.sh

127
dotfiles/.aliases
View File

@@ -10,6 +10,17 @@ git() {
} }
alias gemini-flash='gemini --model gemini-3-flash-preview'
alias gemini-pro='gemini --model gemini-3-pro-preview'
alias claude-haiku='claude --model claude-haiku-4-5'
alias claude-sonnet='claude --model claude-sonnet-4-6'
alias claude-deep='ANTHROPIC_BASE_URL="https://api.deepseek.com/anthropic" ANTHROPIC_AUTH_TOKEN="$DEEPSEEK_API_KEY" ANTHROPIC_MODEL="deepseek-chat" ANTHROPIC_DEFAULT_HAIKU_MODEL="deepseek-chat" API_TIMEOUT_MS=600000 claude'
# Also need to add:
# export CLAUDE_CODE_MAX_TOKENS=4000
# export CLAUDE_CODE_COMPACT_LEVEL=aggressive
# lazy af # lazy af
# ------- # -------
alias mk='make' alias mk='make'
@@ -20,12 +31,16 @@ alias ipy='ipython --pylab'
alias ip="curl -4 icanhazip.com" alias ip="curl -4 icanhazip.com"
alias ipaddr="curl -4 icanhazip.com" alias ipaddr="curl -4 icanhazip.com"
# uuid generator
alias uuid="uuidgen"
# python stuff # python stuff
# ------------ # ------------
# https://unix.stackexchange.com/a/459586 # https://unix.stackexchange.com/a/459586
alias vp="[ -d vp ] || virtualenv -p python3 vp && source vp/bin/activate" alias vp="[ -d vp ] || virtualenv -p python3 vp && source vp/bin/activate"
if [[ "${HOSTNAME}" == "burro" ]]; then
alias vpp="[ -d vpp ] || virtualenv --python ${HOME}/.pyenv/versions/pypy3.9-7.3.9/bin/pypy3 vpp && source vpp/bin/activate"
fi
# one-letter aliases # one-letter aliases
# --------------- # ---------------
@@ -62,34 +77,24 @@ alias mv='mv -i'
# ls aliases # ls aliases
# -------------------- # --------------------
# Detect which `ls` flavor is in use # Detect which `ls` flavor is in use
# https://gist.github.com/skyzyx/3438280b18e4f7c490db8a2a2ca0b9da
LS=$(which ls)
if $LS --color > /dev/null 2>&1; then # GNU `ls`
colorflag="--color"
export LS_COLORS='no=00:fi=00:di=01;31:ln=01;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.avi=01;35:*.fli=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.ogg=01;35:*.mp3=01;35:*.wav=01;35:'
groupflag="--group-directories-first"
else # macOS `ls`
colorflag="-G"
export LSCOLORS='BxBxhxDxfxhxhxhxhxcxcx'
groupflag="--group-directories-first"
fi
LSBIN=$(which ls)
alias ls="$LS -1 ${colorflag} ${groupflag}" # the --color flag works with either verison of ls
alias ls='$LSBIN -lh --color'
alias sl='ls' alias sl='ls'
# List all files colorized in long format # List all files colorized in long format
alias l="$LS -lhAF ${colorflag}" alias l="ls -lhAF --color"
alias ll="l" alias ll="l"
# List all files colorized in long format, including dot files # List all files colorized in long format, including dot files
alias la="l -a" alias la="l -a"
# List only directories # List only directories
alias lsd="$LS -lF ${colorflag} | grep --color=never '^d'" alias lsd="ls -lF --color | grep --color=never '^d'"
alias lr='ls -r' # reverse alias lr='ls -r' # reverse
@@ -122,13 +127,79 @@ alias c='clear'
# socks proxy thru charlesreid1 # socks proxy thru seawater for private wiki access
# (forwards http traffic thru charlesreid1 port 8080) # (use with foxyproxy, point to localhost:5778)
# --------------- # ---------------
alias socks='ssh -fN -D 8080 charles@charlesreid1.com' alias socks='ssh -D 5778 -p 5778 charles@charlesreid1.party -f -N'
# tinc vpn
# ---------------
alias seawatervpn="seawatervpn"
function seawatervpn() {
ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null
rm -f ~/ssh.file
export IP="192.168.30.1"
ssh -p 5778 -Y charles@${IP} # the actual ssh call
}
alias randalvpn="randalvpn"
function randalvpn() {
ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null
rm -f ~/ssh.file
export IP="192.168.30.10"
ssh -p 5778 -Y charles@${IP} # the actual ssh call
}
alias mayavpn="mayavpn"
function mayavpn() {
ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null
rm -f ~/ssh.file
export IP="192.168.30.20"
ssh -Y charles@${IP} # the actual ssh call
}
alias bearvpn="bearvpn"
function bearvpn() {
ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null
rm -f ~/ssh.file
export IP="192.168.30.40"
ssh -p 5778 -Y charles@${IP} # the actual ssh call
}
alias emmettvpn="emmettvpn"
function emmettvpn() {
ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null
rm -f ~/ssh.file
export IP="192.168.30.55"
ssh -p 5778 -Y charles@${IP} # the actual ssh call
}
# Local machines
# ---------------
alias randal="randal"
function randal() {
ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null
rm -f ~/ssh.file
export IP="192.168.0.10"
ssh -p 5778 -Y charles@${IP} # the actual ssh call
}
# Remote machines # Remote machines
# --------------- # ---------------
@@ -149,27 +220,27 @@ function bear() {
~/ssh.file > /dev/null ~/ssh.file > /dev/null
rm -f ~/ssh.file rm -f ~/ssh.file
export IP="173.255.249.79" export IP="173.255.249.79"
ssh -Y charles@${IP} # the actual ssh call ssh -p 5778 -Y charles@${IP} # the actual ssh call
} }
alias bespin="bespin" alias emmett="emmett"
function bespin() { function emmett() {
ssh-agent > ~/ssh.file # env vars in ssh.file ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null ~/ssh.file > /dev/null
rm -f ~/ssh.file rm -f ~/ssh.file
export IP="bespin" export IP="173.255.252.181"
ssh -Y charles@${IP} # the actual ssh call ssh -p 5778 -Y charles@${IP} # the actual ssh call
} }
alias dorky="dorky" alias seawater="seawater"
function dorky() { function seawater() {
ssh-agent > ~/ssh.file # env vars in ssh.file ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null ~/ssh.file > /dev/null
rm -f ~/ssh.file rm -f ~/ssh.file
export IP="charlesreid1.party" export IP="charlesreid1.party"
ssh -Y charles@${IP} # the actual ssh call ssh -p 5778 -Y charles@${IP} # the actual ssh call
} }

90
dotfiles/.bash_profile
View File

@@ -5,6 +5,7 @@
# to add your own non-committed machine-specific settings, # to add your own non-committed machine-specific settings,
# use ~/.extra # use ~/.extra
# Must # Must
EDITOR="vim" EDITOR="vim"
GIT_EDITOR="vim" GIT_EDITOR="vim"
@@ -16,6 +17,7 @@ PAGER="most"
GOROOT=$HOME/go GOROOT=$HOME/go
GOPATH=$HOME/go GOPATH=$HOME/go
# Set $PATH here # Set $PATH here
PATH="${HOME}/scripts:${PATH}" PATH="${HOME}/scripts:${PATH}"
PATH="/usr/local/bin:$PATH" PATH="/usr/local/bin:$PATH"
@@ -23,43 +25,29 @@ PATH="/usr/local/sbin:${PATH}" # homebrew admin tools
PATH="${PATH}:${GOROOT}/bin" PATH="${PATH}:${GOROOT}/bin"
PATH="/usr/local/opt/coreutils/libexec/gnubin:${PATH}" PATH="/usr/local/opt/coreutils/libexec/gnubin:${PATH}"
PATH="${HOME}/bin:${PATH}" PATH="${HOME}/bin:${PATH}"
if [[ ("$HOSTNAME" == "seawater") || ("$HOSTNAME" == "bascom") ]]; then
PATH="${HOME}/bin/elasticsearch-5.4.2/bin:${PATH}"
# assume-role cli util: # claude code
# Add homebrew-installed ruby to path: export PATH="$HOME/.local/bin:$PATH"
# (WARNING: THIS CAN CAUSE PROBLEMS!) export ANTHROPIC_DEFAULT_OPUS_MODEL="claude-opus-4-6"
export PATH="/usr/local/opt/ruby/bin:$PATH" export ANTHROPIC_MODEL="claude-opus-4-6"
# Add homebrew-ruby-gem-installed packages to path: # gemini
export PATH="/usr/local/lib/ruby/gems/2.6.0/bin:$PATH" source $HOME/.gemini_api_key
# deepseek
source $HOME/.deepseek_api_key
# aws - load config file when using assume-role
export AWS_SDK_LOAD_CONFIG="1"
fi
# Tell git not to look for getext.sh # Tell git not to look for getext.sh
# since pyenv has trouble with that # since pyenv has trouble with that
export GIT_INTERNAL_GETTEXT_TEST_FALLBACKS=1 export GIT_INTERNAL_GETTEXT_TEST_FALLBACKS=1
if [[ "$HOSTNAME" == "bascom" ]]; then
# git tab completion
source ${HOME}/.git-completion.bash
fi
# goenv installer
export GOENV_ROOT="$HOME/.goenv"
export PATH="$GOENV_ROOT/bin:$PATH"
# Only enable this if you are using go.
# This will add half a second every time you
# open a new shell.
#eval "$(goenv init -)"
# pyenv installer # pyenv installer
# https://github.com/pyenv/pyenv-installer # https://github.com/pyenv/pyenv-installer
export PYENV_ROOT="$HOME/.pyenv" export PYENV_ROOT="$HOME/.pyenv"
export PATH="$PYENV_ROOT/bin:$PATH" export PATH="$PYENV_ROOT/bin:$PATH"
eval "$(pyenv init --path)"
eval "$(pyenv init -)" eval "$(pyenv init -)"
export PATH export PATH
@@ -89,34 +77,26 @@ PROMPT_COMMAND='history -a;history -n'
# don't try to autocomplete commands when tab is pressed and line is empty # don't try to autocomplete commands when tab is pressed and line is empty
shopt -s no_empty_cmd_completion shopt -s no_empty_cmd_completion
if [[ "$HOSTNAME" == "bascom" ]]; then
# aws cli tab-completion
# https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-completion.html
complete -C "$(pyenv which aws_completer)" aws
fi
############################# #############################
# ssh-agent setup # ssh-agent setup
SSH_ENV="$HOME/.ssh/agent-environment" ### SSH_ENV="$HOME/.ssh/agent-environment"
###
function start_agent { ### function start_agent {
/usr/bin/ssh-agent | sed 's/^echo/#echo/' > "${SSH_ENV}" ### /usr/bin/ssh-agent | sed 's/^echo/#echo/' > "${SSH_ENV}"
chmod 600 "${SSH_ENV}" ### chmod 600 "${SSH_ENV}"
. "${SSH_ENV}" > /dev/null ### . "${SSH_ENV}" > /dev/null
/usr/bin/ssh-add; ### /usr/bin/ssh-add;
} ### }
###
# Source SSH settings, if applicable ### # Source SSH settings, if applicable
if [ -f "${SSH_ENV}" ]; then ### if [ -f "${SSH_ENV}" ]; then
. "${SSH_ENV}" > /dev/null ### . "${SSH_ENV}" > /dev/null
ps -ef | grep ${SSH_AGENT_PID} | grep ssh-agent$ > /dev/null || { ### ps -ef | grep ${SSH_AGENT_PID} | grep ssh-agent$ > /dev/null || {
start_agent; ### start_agent;
} ### }
else ### else
start_agent; ### start_agent;
fi ### fi
############################# #############################
@@ -140,9 +120,7 @@ if [ -f /etc/bash_completion ]; then
source /etc/bash_completion; source /etc/bash_completion;
fi; fi;
if [[ "$HOSTNAME" == "bascom" ]]; then # shut up
# Enable tab completion for `g` by marking it as an alias for `git` touch ${HOME}/.hushlogin
if type _git &> /dev/null && [ -f /usr/local/etc/bash_completion.d/git-completion.bash ]; then export BASH_SILENCE_DEPRECATION_WARNING=1
complete -o default -o nospace -F _git g; export FILTER_BRANCH_SQUELCH_WARNING=1
fi;
fi

18
dotfiles/.bash_prompt
View File

@@ -41,24 +41,14 @@ else
white="\e[1;37m"; white="\e[1;37m";
fi; fi;
if [[ "${HOSTNAME}" == "rojo" ]]; then if [[ "${HOSTNAME}" == "bear" ]]; then
userStyle="${red}" userStyle="${red}"
elif [[ "${HOSTNAME}" == "jupiter" ]]; then elif [[ "${HOSTNAME}" == "randal" ]]; then
userStyle="${green}"
elif [[ "${HOSTNAME}" == "krash" ]]; then
userStyle="${cyan}"
elif [[ "${HOSTNAME}" == "bear" ]]; then
userStyle="${red}"
elif [[ "${HOSTNAME}" == "bespin" ]]; then
userStyle="${purple}" userStyle="${purple}"
elif [[ "${HOSTNAME}" == "dorky" ]]; then
userStyle="${yellow}"
elif [[ "${HOSTNAME}" == "emmett" ]]; then elif [[ "${HOSTNAME}" == "emmett" ]]; then
userStyle="${green}" userStyle="${green}"
elif [[ "${HOSTNAME}" == "dudley" ]]; then elif [[ "${HOSTNAME}" == "seawater" ]]; then
userStyle="${cyan}" userStyle="${green}"
elif [[ "${HOSTNAME}" == "lars" ]]; then
userStyle="${white}"
else else
userStyle="${yellow}" userStyle="${yellow}"
fi fi

2
dotfiles/.bashrc
View File

@@ -1 +1,3 @@
[ -n "$PS1" ] && source ~/.bash_profile; [ -n "$PS1" ] && source ~/.bash_profile;
## uh... maybe just this?
#source ~/.bash_profile

41
dotfiles/.functions
View File

@@ -5,11 +5,6 @@ function mkd() {
mkdir -p "$@" && cd "$_"; mkdir -p "$@" && cd "$_";
} }
# Change working directory to the top-most Finder window location
function cdf() { # short for `cdfinder`
cd "$(osascript -e 'tell app "Finder" to POSIX path of (insertion location as alias)')";
}
# Create a .tar.gz archive, using `zopfli`, `pigz` or `gzip` for compression # Create a .tar.gz archive, using `zopfli`, `pigz` or `gzip` for compression
function targz() { function targz() {
local tmpFile="${@%/}.tar"; local tmpFile="${@%/}.tar";
@@ -58,14 +53,6 @@ function fs() {
fi; fi;
} }
# Use Gits colored diff when available
hash git &>/dev/null;
if [ $? -eq 0 ]; then
function diff() {
git diff --no-index --color-words "$@";
}
fi;
# Create a data URL from a file # Create a data URL from a file
function dataurl() { function dataurl() {
local mimeType=$(file -b --mime-type "$1"); local mimeType=$(file -b --mime-type "$1");
@@ -84,24 +71,6 @@ function server() {
python -c $'import SimpleHTTPServer;\nmap = SimpleHTTPServer.SimpleHTTPRequestHandler.extensions_map;\nmap[""] = "text/plain";\nfor key, value in map.items():\n\tmap[key] = value + ";charset=UTF-8";\nSimpleHTTPServer.test();' "$port"; python -c $'import SimpleHTTPServer;\nmap = SimpleHTTPServer.SimpleHTTPRequestHandler.extensions_map;\nmap[""] = "text/plain";\nfor key, value in map.items():\n\tmap[key] = value + ";charset=UTF-8";\nSimpleHTTPServer.test();' "$port";
} }
# Start a PHP server from a directory, optionally specifying the port
# (Requires PHP 5.4.0+.)
function phpserver() {
local port="${1:-4000}";
local ip=$(ipconfig getifaddr en1);
sleep 1 && open "http://${ip}:${port}/" &
php -S "${ip}:${port}";
}
# Compare original and gzipped file size
function gz() {
local origsize=$(wc -c < "$1");
local gzipsize=$(gzip -c "$1" | wc -c);
local ratio=$(echo "$gzipsize * 100 / $origsize" | bc -l);
printf "orig: %d bytes\n" "$origsize";
printf "gzip: %d bytes (%2.2f%%)\n" "$gzipsize" "$ratio";
}
# Syntax-highlight JSON strings or files # Syntax-highlight JSON strings or files
# Usage: `json '{"foo":42}'` or `echo '{"foo":42}' | json` # Usage: `json '{"foo":42}'` or `echo '{"foo":42}' | json`
function json() { function json() {
@@ -160,16 +129,6 @@ function getcertnames() {
fi; fi;
} }
# `s` with no arguments opens the current directory in Sublime Text, otherwise
# opens the given location
function s() {
if [ $# -eq 0 ]; then
subl .;
else
subl "$@";
fi;
}
# `v` with no arguments opens the current directory in Vim, otherwise opens the # `v` with no arguments opens the current directory in Vim, otherwise opens the
# given location # given location
function v() { function v() {

59
dotfiles/.tmux.conf
View File

@@ -15,10 +15,11 @@
set -g default-terminal "screen-256color" set -g default-terminal "screen-256color"
set-option -g default-terminal screen-256color set-option -g default-terminal screen-256color
# Use C-a, since it's on the home row and easier to hit than C-b # Use C-t instead
set-option -g prefix C-a set-option -g prefix C-t
unbind C-a unbind C-t
bind C-a send-prefix bind C-t send-prefix
# Set parent terminal title to reflect current window in tmux session # Set parent terminal title to reflect current window in tmux session
set -g set-titles on set -g set-titles on
@@ -44,7 +45,7 @@ bind enter next-layout
# use vim-like keys for splits and windows # use vim-like keys for splits and windows
# #
# Control-A plus: # Control-T plus:
# #
# s = horizontal split # s = horizontal split
# v = vertical split # v = vertical split
@@ -59,52 +60,55 @@ bind h select-pane -L
bind j select-pane -D bind j select-pane -D
bind k select-pane -U bind k select-pane -U
bind l select-pane -R bind l select-pane -R
bind C-h select-pane -L
bind C-l select-pane -R
# smart pane switching with awareness of vim splits # smart pane switching with awareness of vim splits
# (these interfere with the often-used Control-L shortcut
# to clear the screen, so that gets really annoying.)
# #
# Control plus: # Control then:
# #
# h = pick left pane # h = pick left pane
# j = pick left pane # j = pick down pane
# k = pick left pane # k = pick up pane
# l = pick left pane # l = pick right pane
# \ = pick another pane (?)
# #
bind -n C-h run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys C-h) || tmux select-pane -L" # bind -n C-h run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys C-h) || tmux select-pane -L"
bind -n C-j run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys C-j) || tmux select-pane -D" # bind -n C-j run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys C-j) || tmux select-pane -D"
bind -n C-k run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys C-k) || tmux select-pane -U" # bind -n C-k run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys C-k) || tmux select-pane -U"
bind -n C-l run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys C-l) || tmux select-pane -R" # bind -n C-l run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys C-l) || tmux select-pane -R"
bind -n C-\ run "(tmux display-message -p '#{pane_current_command}' | grep -iqE '(^|\/)vim$' && tmux send-keys 'C-\\') || tmux select-pane -l"
# Control-A then Control-L clears the screen # Control-T then Control-O swaps out windows in their respective positions
bind C-l send-keys 'C-l'
# Control-A then Control-O swaps out windows in their respective positions
bind C-o rotate-window bind C-o rotate-window
# Control-A plus + makes existing windows have horizontal layout # Control-T then + makes existing windows have vertical layout
bind + select-layout main-horizontal bind + select-layout main-vertical
# Control-A plus = makes existing windows have vertical layout # Control-T then = makes existing windows have horizontal layout
bind = select-layout main-vertical bind = select-layout main-horizontal
# Control-T Control-N makes a new window in the path of the current pane
bind C-n new-window -c '#{pane_current_path}'
## (no idea what this does) ## (no idea what this does)
#set-window-option -g other-pane-height 25 #set-window-option -g other-pane-height 25
#set-window-option -g other-pane-width 80 #set-window-option -g other-pane-width 80
# Control-A plus [ or ] moves into copy mode or paste mode # Control-T plus [ or ] moves into copy mode or paste mode
bind [ copy-mode bind [ copy-mode
bind ] paste-buffer bind ] paste-buffer
# (no idea) # (no idea)
set-window-option -g display-panes-time 1500 set-window-option -g display-panes-time 1500
# Control-A plus | or _ splits panes vertically (|) or horizontally (_) # Control-T plus | or _ splits panes vertically (|) or horizontally (_)
# (this is better than using percent, but now we've got muscle memory for %)
bind | split-window -h -c "#{pane_current_path}" bind | split-window -h -c "#{pane_current_path}"
bind _ split-window -v -c "#{pane_current_path}" bind _ split-window -v -c "#{pane_current_path}"
# because we were using this before
bind % split-window -h -c "#{pane_current_path}"
# Status Bar # Status Bar
set-option -g status-interval 1 set-option -g status-interval 1
set-option -g status-left '' set-option -g status-left ''
@@ -120,6 +124,7 @@ set -g visual-activity on
# Allow the arrow key to be used immediately after changing windows # Allow the arrow key to be used immediately after changing windows
set-option -g repeat-time 0 set-option -g repeat-time 0
# Set up easy go-to sessions with shortcuts # Set up easy go-to sessions with shortcuts
bind s source-file ~/.tmux.session1 bind s source-file ~/.tmux.session1

108
dotfiles/.vimrc
View File

@@ -152,7 +152,7 @@ let &guicursor = &guicursor . ",a:blinkon0"
" "
" now you need to "infect" yourself " now you need to "infect" yourself
" (questionable word choices...) " (questionable word choices...)
execute pathogen#infect() " execute pathogen#infect()
@@ -184,20 +184,24 @@ let g:go_fmt_command = "goimports"
" don't move comment hashtag to the first column. " don't move comment hashtag to the first column.
" smartindent is unnecessary for python anyway. " smartindent is unnecessary for python anyway.
" http://stackoverflow.com/questions/2063175/vim-insert-mode-comments-go-to-start-of-line " http://stackoverflow.com/questions/2063175/vim-insert-mode-comments-go-to-start-of-line
au! FileType python setl nosmartindent au! FileType python setl textwidth=0 nosmartindent
" golang " golang
" see https://github.com/paulswanson/congo/blob/master/congo.sh " see https://github.com/paulswanson/congo/blob/master/congo.sh
" ------------------------ " ------------------------
au BufRead,BufNewFile *.go set noexpandtab au BufRead,BufNewFile *.go set textwidth=0 noexpandtab
" Makefiles " Makefiles
" ------------------------ " ------------------------
au BufRead,BufNewFile Makefile*,*.make,*.mk set noexpandtab au BufRead,BufNewFile Makefile*,*.make,*.mk set textwidth=0 noexpandtab
" C++ " C++
" ------------------------ " ------------------------
au BufRead,BufNewFile *.cpp,*.cxx,*.cc,*.c,*.h,*.hpp,*.hxx,*.hh set tabstop=4 shiftwidth=4 softtabstop=4 nowrap au BufRead,BufNewFile *.cpp,*.cxx,*.cc,*.c,*.h,*.hpp,*.hxx,*.hh set textwidth=0 tabstop=4 shiftwidth=4 softtabstop=4 nowrap
" shell scripts
" ------------------------
au BufRead,BufNewFile *.sh set textwidth=0 noexpandtab
" Snakemake files: Snakefile, .rule, .snake, .settings, .smk " Snakemake files: Snakefile, .rule, .snake, .settings, .smk
" ------------------------ " ------------------------
@@ -219,7 +223,7 @@ endfunction
" Javascript " Javascript
" ------------------------- " -------------------------
au BufRead,BufNewFile *.js,*.javascript set tabstop=2 shiftwidth=2 softtabstop=2 nowrap au BufRead,BufNewFile *.js,*.javascript set textwidth=0 tabstop=2 shiftwidth=2 softtabstop=2 nowrap
@@ -244,18 +248,19 @@ set textwidth=115
" above directive will auto-wrap " above directive will auto-wrap
" your text as you type it, and may " your text as you type it, and may
" end up driving you mad. " end up driving you mad.
" Set textwidth to 0 or a different number for known (code) filetypes.
" > Bugbear's documentation explains 88 vs 80: """ " > Bugbear's documentation explains 88 vs 80:
" > "it's like highway speed limits, we won't bother """ " > "it's like highway speed limits, we won't bother
" > you if you overdo it by a few km/h". """ " > you if you overdo it by a few km/h".
" """ "
" Turn character 80/88 red """ " Turn character 80/88 red
" (for visibility conforming to """ " (for visibility conforming to
" coding standards) """ " coding standards)
" https://stackoverflow.com/questions/23246962/vim-highlight-a-single-character-at-column-80#23247938 """ " https://stackoverflow.com/questions/23246962/vim-highlight-a-single-character-at-column-80#23247938
hi Bang ctermfg=red guifg=red """ hi Bang ctermfg=red guifg=red
"match Bang /\%>87v.*\%<89v/ """ "match Bang /\%>87v.*\%<89v/
match Bang /\%>79v.*\%<81v/ """ match Bang /\%>79v.*\%<81v/
@@ -335,25 +340,25 @@ function! DisableIndent()
set indentexpr& set indentexpr&
endfunction endfunction
" fix latex highlighting in markdown """ " fix latex highlighting in markdown
function! MathAndLiquid() """ function! MathAndLiquid()
"" Define certain regions """ "" Define certain regions
" Block math. Look for "$$[anything]$$" """ " Block math. Look for "$$[anything]$$"
syn region math start=/\$\$/ end=/\$\$/ """ syn region math start=/\$\$/ end=/\$\$/
" inline math. Look for "$[not $][anything]$" """ " inline math. Look for "$[not $][anything]$"
syn match math_block '\$[^$].\{-}\$' """ syn match math_block '\$[^$].\{-}\$'
"""
" Fenced code blocks, used in GitHub Flavored Markdown (GFM) """ " Fenced code blocks, used in GitHub Flavored Markdown (GFM)
syn region highlight_block start='```' end='```' """ syn region highlight_block start='```' end='```'
"""
"" Actually highlight those regions. """ "" Actually highlight those regions.
hi link math Statement """ hi link math Statement
hi link math_block Function """ hi link math_block Function
hi link highlight_block Function """ hi link highlight_block Function
endfunction """ endfunction
"""
" Call everytime we open a Markdown file """ " Call everytime we open a Markdown file
autocmd BufRead,BufNewFile,BufEnter *.md,*.markdown call MathAndLiquid() """ autocmd BufRead,BufNewFile,BufEnter *.md,*.markdown call MathAndLiquid()
@@ -537,18 +542,18 @@ noremap <Leader>W :w !sudo tee % > /dev/null<cr>
" ---------------------------- " ----------------------------
" colorrrzzzzz " colorrrzzzzz
" ---------------------------- " ----------------------------
set background=dark """ set background=dark
"""
set t_Co=256 """ set t_Co=256
"""
function! BgToggle() """ function! BgToggle()
if &background == "light" """ if &background == "light"
execute ":set background=dark" """ execute ":set background=dark"
else """ else
execute ":set background=light" """ execute ":set background=light"
endif """ endif
endfunction """ endfunction
""" nnoremap <F5> :call BgToggle()<cr> """ nnoremap <F5> :call BgToggle()<cr>
@@ -598,4 +603,9 @@ vmap <C-j> xp`[V`]
" ----------------------------- " -----------------------------
" Jedi Autocomplete Plugin " Jedi Autocomplete Plugin
" ----------------------------- " -----------------------------
"let g:jedi#auto_initialization = 0
"" -----------------------
"" Black shortcut
"" -----------------------

2
dotfiles/diff_dotfiles.sh
View File

@@ -4,7 +4,7 @@
#find . -type f -maxdepth 1 -name ".*" | xargs -t -n1 -I% diff % ~/% #find . -type f -maxdepth 1 -name ".*" | xargs -t -n1 -I% diff % ~/%
# The (more careful) loop version: # The (more careful) loop version:
for file in $(find . -type f -maxdepth 1 -name ".*"); do for file in $(find . -maxdepth 1 -type f -name ".*"); do
if [[ -f ~/$file ]]; then if [[ -f ~/$file ]]; then
echo "------------" echo "------------"
echo "$file exists in home directory, calculating diff..." echo "$file exists in home directory, calculating diff..."

39
firewall/bear_ufw.sh
View File

@@ -1,39 +0,0 @@
#!/bin/bash
#
# Set up the ufw firewall for bear.
# 22 - ssh
# 80 - http
# 443 - https
# 8080, 8888, 8000 - for something to use
if [ "$(id -u)" != "0" ]; then
echo ""
echo ""
echo "This script must be run as root!"
echo ""
echo ""
exit 1;
fi
set -x
# Start by setting defaults on ufw
ufw --force reset
ufw default deny incoming
ufw default allow outgoing
ufw allow 22
ufw allow 80
ufw allow 443
ufw --force enable
# allow ufw to nat connections from
# external interface to internal
# (docker) interfaces
sed -i -e 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/g' /etc/default/ufw
ufw reload
# enable packet masquerading so we can
# get the real IP of clients inside
# docker containers.
iptables -t nat -A POSTROUTING ! -o docker0 -s 172.17.0.0/16 -j MASQUERADE

119
firewall/bespin_iptables_pihole_tinc.sh Executable file
View File

@@ -0,0 +1,119 @@
#!/bin/bash
set -e
ipt="sudo /sbin/iptables"
# Set default policies
$ipt -P INPUT DROP
$ipt -P FORWARD DROP
$ipt -P OUTPUT ACCEPT
# Flush and clear everything
$ipt -t nat -F
$ipt -t mangle -F
$ipt -F
$ipt -X
# Name of main ethernet connection device
ETH="wlan0"
# Name of PIA VPN tunnel device
PIATUN="tun1"
# Name of tinc tunnel device
TINCTUN="master"
# Name of loopback interface for PiHole DNS server
PHDNS="lo:1"
########### LOOPBACK ##########
$ipt -A INPUT -i lo -j ACCEPT
$ipt -A INPUT -i lo:1 -j ACCEPT
########### INCOMING ##########
# Allow any established connection to come in or out
$ipt -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
$ipt -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
########### PING ##############
# Allow incoming ping requests
$ipt -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
########### SSH ###############
# Allow incoming SSH sessions, new or established
$ipt -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
# Allow incoming SSH traffic, if part of established conversation
$ipt -A INPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT
########### TINC ##############
# Allow incoming VPN sessions destined for 655, new or established
$ipt -A INPUT -p udp --dport 655 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
# Allow incoming VPN traffic coming from 655, part of established conversation
$ipt -A INPUT -p udp --sport 655 -m conntrack --ctstate ESTABLISHED -j ACCEPT
########### HTTP/HTTPS ########
# Allow incoming HTTP/HTTPS traffic, part of established conversation
$ipt -A INPUT -p tcp --sport 80 -m conntrack --ctstate ESTABLISHED -j ACCEPT
$ipt -A INPUT -p tcp --sport 443 -m conntrack --ctstate ESTABLISHED -j ACCEPT
# Allow incoming HTTP/HTTPS requests from tinc tunnel
$ipt -A INPUT -p tcp -i ${TINCTUN} --dport 80 -j ACCEPT
$ipt -A INPUT -p tcp -i ${TINCTUN} --dport 443 -j ACCEPT
# Allow incoming HTTP/HTTPS requests from local ethernet
$ipt -A INPUT -p tcp -i ${ETH} --dport 80 -j ACCEPT
$ipt -A INPUT -p tcp -i ${ETH} --dport 443 -j ACCEPT
########### PIHOLE UI #########
# Allow incoming requests to 8888/8443 via tinc tunnel
$ipt -A INPUT -p tcp -i ${TINCTUN} --dport 8888 -j ACCEPT
$ipt -A INPUT -p tcp -i ${TINCTUN} --dport 8443 -j ACCEPT
########### TELEMETRY #########
# Allow node exporter traffic from source port 9100
$ipt -A INPUT -p tcp --dport 9100 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
$ipt -A INPUT -p tcp --sport 9100 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
# Allow cadvisor on port 8080
$ipt -A INPUT -p tcp --dport 8080 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
$ipt -A INPUT -p tcp --sport 8080 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
# Allow nginx on port 9113
$ipt -A INPUT -p tcp --dport 9113 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
$ipt -A INPUT -p tcp --sport 9113 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
########### DHCP ##############
# Allow any DHCP traffic to come in or out
$ipt -A INPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT
$ipt -A OUTPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT
########### DNS ###############
PROTOCOLS="tcp udp"
for prot in $PROTOCOLS; do
# General DNS Traffic:
# Allow incoming DNS traffic coming from 53, part of established conversation
$ipt -A INPUT -p $prot --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
# PiHole self-accept traffic from port 53
$ipt -A INPUT -p $prot -i ${PHDNS} --dport 53 -j ACCEPT
# # PiHole DNS (lo:1) <-> PIA VPN Tunnel (tun0):
# # PiHole can always send DNS queries out through tunnel
# $ipt -A FORWARD -p $prot -i ${PHDNS} -o ${PIATUN} --dport 53 -j ACCEPT
# # Responses to PiHole can always return via tunnel
# $ipt -A FORWARD -p $prot -i ${PIATUN} -o ${PHDNS} --dport 53 -m state --state ESTABLISHED,RELATED -j ACCEPT
# PiHole DNS (lo:1) <-> ethernet
# PiHole can always send DNS queries out through tunnel
$ipt -A FORWARD -p $prot -i ${PHDNS} -o ${ETH} --dport 53 -j ACCEPT
# Responses to PiHole can always return via ethernet
$ipt -A FORWARD -p $prot -i ${ETH} -o ${PHDNS} --dport 53 -m state --state ESTABLISHED,RELATED -j ACCEPT
done
# # Enable logging
# $ipt -N LOGGING
# $ipt -A INPUT -j LOGGING
# $ipt -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "iptables dropped: " --log-level 4
# $ipt -A LOGGING -j DROP
# Make rules persistent
sudo netfilter-persistent save
# Restore docker iptables rules
sudo service docker restart

10
tasks/secrets/ch4zm_gen_ssh_keys.sh Executable file
View File

@@ -0,0 +1,10 @@
#!/bin/bash
#
# this is where you would add any
# pre-baked public keys.
set -x
yes | ssh-keygen -f $HOME/.ssh/id_rsa_ch4zm -t rsa -N ''
chmod 700 $HOME/.ssh
touch $HOME/.ssh/authorized_keys
chmod 600 $HOME/.ssh/authorized_keys