This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
onny:notizen [2022/03/06 13:02] – old revision restored (2021/09/12 07:39) 167.114.103.160 | onny:notizen [2023/11/10 14:16] – [avahi] 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== System setup ===== | ||
- | <code bash> | ||
- | # fde1: http:// | ||
- | # fde2: http:// | ||
- | # https:// | ||
- | gdisk /dev/sda | ||
- | cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat /dev/sda2 | ||
- | cryptsetup luksOpen /dev/sda2 root | ||
- | mkfs.btrfs / | ||
- | wifi-menu | ||
- | mount / | ||
- | pacstrap /mnt base base-devel tmux mosh wipe rsync procps neovim lsof strace htop net-tools pkgfile dnsutils iotop aria2 tcpdump nload btrfs-progs ntp wget acpid alsa-utils cups curl eog evince ffmpeg firefox gedit gimp git vinagre gvfs-mtp gvfs-smb nautilus openvpn gparted pidgin plowshare youtube-dl pulseaudio qt5-wayland samba sigil virt-manager wireshark-gtk unbound unrar unzip valgrind vlc wine-mono winetricks xorg-server-xwayland sshfs efibootmgr ttf-dejavu mpv acpi pm-utils ntfs-3g pavucontrol gnome-disk-utility bluez-utils conky pwgen libreoffice-fresh linux-headers minicom android-udev ansible mlocate terminus-font fail2ban pulseaudio-bluetooth udisks sway pv otf-ipafont xdg-utils devtools atom qpdfview termite brightnessctl nextcloud-client py3status arch-audit grim fragments fish swaylock slurp pdfarranger nftables grc time foliate vlc-bittorrent brightnessctl depot-tools-git downgrade | ||
- | ln -s / | ||
- | genfstab -p /mnt >> / | ||
- | mount /dev/sda1 /mnt/boot | ||
- | arch-chroot /mnt | ||
- | chsh -s $(which fish) | ||
- | sed -i ' | ||
- | sed -i ' | ||
- | sed -i ' | ||
- | mkdir / | ||
- | ln -s / | ||
- | echo " | ||
- | timedatectl set-timezone Europe/ | ||
- | sed -i ' | ||
- | locale-gen | ||
- | localectl set-locale LANG=en_US.UTF-8 | ||
- | echo " | ||
- | mkinitcpio -p linux | ||
- | bootctl install | ||
- | passwd | ||
- | useradd -m onny -s / | ||
- | passwd onny | ||
- | usermod -a -G sudo onny | ||
- | updatedb | ||
- | timedatectl set-ntp true | ||
- | mkdir -p / | ||
- | ln -sf / | ||
- | systemctl enable --now NetworkManager nftables fail2ban iwd | ||
- | exit | ||
- | reboot | ||
- | # gpasswd -a onny lock | ||
- | # gpasswd -a onny uucp | ||
- | gpasswd -a onny adbusers # mtp support | ||
- | gpasswd -a onny storage # polkit-rule mount hdds | ||
- | </ | ||
- | ==== core ==== | ||
- | <file - / | ||
- | # Static information about the filesystems. | ||
- | # See fstab(5) for details. | ||
- | / | ||
- | UUID=4a8c7d1d-5839-429b-9c85-3cb6046c8b21 | ||
- | |||
- | |||
- | # <file system> <dir> < | ||
- | </ | ||
- | ==== grub ==== | ||
- | <file - / | ||
- | [...] | ||
- | GRUB_CMDLINE_LINUX=" | ||
- | [...] | ||
- | </ | ||
- | ==== systemd-networkd ==== | ||
- | <file - / | ||
- | [NetDev] | ||
- | Name = wg0 | ||
- | Kind = wireguard | ||
- | Description = Wireguard | ||
- | |||
- | [WireGuard] | ||
- | PrivateKey = **** | ||
- | |||
- | [WireGuardPeer] | ||
- | PublicKey = **** | ||
- | AllowedIPs = 10.25.0.0/ | ||
- | Endpoint = 2a01: | ||
- | Endpoint = 144.76.16.40: | ||
- | PersistentKeepalive = 25 | ||
- | </ | ||
- | <file - / | ||
- | [Match] | ||
- | Name = wg0 | ||
- | |||
- | [Network] | ||
- | Address = 10.25.40.2/ | ||
- | DNS=10.25.0.1 | ||
- | DNSSEC=false | ||
- | </ | ||
- | <file - / | ||
- | [Match] | ||
- | Name = eno1 | ||
- | |||
- | [Network] | ||
- | DHCP=yes | ||
- | DNS=10.25.0.1 | ||
- | DNSSEC=false | ||
- | </ | ||
- | <file - / | ||
- | [Match] | ||
- | Name = wlan0 | ||
- | |||
- | [Network] | ||
- | DHCP=yes | ||
- | DNS=10.25.0.1 | ||
- | DNSSEC=false | ||
- | </ | ||
- | <file - / | ||
- | [Match] | ||
- | Name = wlp3s0 | ||
- | |||
- | [Network] | ||
- | DHCP=yes | ||
- | DNS=10.25.0.1 | ||
- | DNSSEC=false | ||
- | </ | ||
- | <file - / | ||
- | [NetDev] | ||
- | Name=tornet | ||
- | Kind=bridge | ||
- | </ | ||
- | <file - / | ||
- | [Match] | ||
- | Name=tornet | ||
- | |||
- | [Network] | ||
- | Address=10.100.100.1/ | ||
- | ConfigureWithoutCarrier=true | ||
- | </ | ||
- | <code bash> | ||
- | systemctl enable --now systemd-networkd systemd-resolved | ||
- | </ | ||
- | ==== nftables ==== | ||
- | <file - / | ||
- | table inet filter { | ||
- | set tcp_accepted { | ||
- | type inet_service | ||
- | flags interval | ||
- | } | ||
- | |||
- | set udp_accepted { | ||
- | type inet_service | ||
- | flags interval | ||
- | } | ||
- | |||
- | chain base_checks { | ||
- | ct state { established, | ||
- | ct state invalid drop | ||
- | } | ||
- | |||
- | chain input { | ||
- | type filter hook input priority filter; policy drop; | ||
- | jump base_checks | ||
- | iifname " | ||
- | ip protocol icmp icmp type { echo-reply, destination-unreachable, | ||
- | ip6 nexthdr ipv6-icmp icmpv6 type { destination-unreachable, | ||
- | tcp dport @tcp_accepted accept | ||
- | udp dport @udp_accepted accept | ||
- | iifname " | ||
- | iifname " | ||
- | reject | ||
- | } | ||
- | |||
- | chain forward { | ||
- | type filter hook forward priority filter; policy drop; | ||
- | jump base_checks | ||
- | iifname " | ||
- | iifname " | ||
- | } | ||
- | |||
- | chain output { | ||
- | type filter hook output priority filter; policy accept; | ||
- | } | ||
- | } | ||
- | # nat tables for tornet network interface | ||
- | table ip nat { | ||
- | chain prerouting { | ||
- | type nat hook prerouting priority dstnat; policy accept; | ||
- | iifname " | ||
- | iifname " | ||
- | } | ||
- | |||
- | chain postrouting { | ||
- | type nat hook postrouting priority srcnat; policy accept; | ||
- | oifname " | ||
- | } | ||
- | } | ||
- | </ | ||
- | ==== pacman ==== | ||
- | project-insanity build server repo | ||
- | <file - / | ||
- | [...] | ||
- | |||
- | [projectinsanity] | ||
- | SigLevel = PackageOptional | ||
- | Server = https:// | ||
- | </ | ||
- | autoupdate | ||
- | <file - / | ||
- | [Unit] | ||
- | | ||
- | | ||
- | |||
- | [Service] | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | |||
- | [Install] | ||
- | | ||
- | </ | ||
- | <file - / | ||
- | [Unit] | ||
- | | ||
- | |||
- | [Timer] | ||
- | | ||
- | | ||
- | | ||
- | |||
- | [Install] | ||
- | | ||
- | </ | ||
- | <code bash> | ||
- | systemctl enable --now autoupdate.timer | ||
- | </ | ||
- | ==== Nextcloud autosync ==== | ||
- | <file - ~/ | ||
- | [Unit] | ||
- | | ||
- | | ||
- | |||
- | [Service] | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | |||
- | [Install] | ||
- | | ||
- | </ | ||
- | <file - ~/ | ||
- | [Unit] | ||
- | | ||
- | |||
- | [Timer] | ||
- | | ||
- | | ||
- | | ||
- | |||
- | [Install] | ||
- | | ||
- | </ | ||
- | <file - ~/ | ||
- | default | ||
- | login onny | ||
- | password **** | ||
- | </ | ||
- | <file - ~/ | ||
- | projects | ||
- | .cache | ||
- | .config | ||
- | .local | ||
- | .cargo | ||
- | .nvm | ||
- | .mozilla | ||
- | .purple | ||
- | .jd | ||
- | .conan | ||
- | .tor-browser-en | ||
- | </ | ||
- | <code bash> | ||
- | sudo systemctl enable --user --now nextcloud_autosync.timer | ||
- | </ | ||
- | ==== misc ==== | ||
- | hack to power on bluetooth after waking up from suspend: | ||
- | <file - / | ||
- | [Unit] | ||
- | Description=Local system resume actions | ||
- | After=suspend.target | ||
- | |||
- | [Service] | ||
- | Type=simple | ||
- | ExecStart=/ | ||
- | |||
- | [Install] | ||
- | WantedBy=suspend.target | ||
- | </ | ||
- | <file - / | ||
- | Unit] | ||
- | Description=Power on bluetooth on startup | ||
- | |||
- | [Service] | ||
- | ExecStart=/ | ||
- | |||
- | [Install] | ||
- | WantedBy=multi-user.target | ||
- | </ | ||
- | < | ||
- | sudo systemctl enable root-resume activate_bt | ||
- | </ | ||
- | firefox addons | ||
- | < | ||
- | | ||
- | </ | ||
- | === flatpak === | ||
- | repos | ||
- | <code bash> | ||
- | | ||
- | | ||
- | | ||
- | </ | ||
- | apps | ||
- | <code bash> | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | </ | ||
- | sway | ||
- | <file - ~/ | ||
- | udisks --mount /dev/sda3 | ||
- | udisks --mount /dev/sda2 | ||
- | alias snipping_tool=' | ||
- | alias nmap=" | ||
- | redshift -m wayland & | ||
- | firejail brave --ignore-gpu-blacklist & | ||
- | dunst & | ||
- | firejail --net=tornet whatsapp-web-desktop & | ||
- | firejail --net=tornet signal-desktop & | ||
- | </ | ||
- | <file - ~/ | ||
- | [...] | ||
- | set $term termite | ||
- | [...] | ||
- | set $menu dmenu_run | ||
- | [...] | ||
- | #output * bg / | ||
- | [...] | ||
- | input " | ||
- | xkb_layout de | ||
- | xkb_variant ,nodeadkeys | ||
- | xkb_options grp: | ||
- | } | ||
- | [...] | ||
- | # | ||
- | # Workspaces: | ||
- | # | ||
- | workspace_auto_back_and_forth yes | ||
- | |||
- | # Fancy names for workspaces | ||
- | set $w1 1: brave | ||
- | set $w2 2: signal | ||
- | set $w3 3: whatsapp | ||
- | set $w4 4 | ||
- | set $w5 5 | ||
- | set $w6 6 | ||
- | set $w7 7 | ||
- | set $w8 8 | ||
- | set $w9 9 | ||
- | set $w10 10 | ||
- | |||
- | # switch to workspace | ||
- | bindsym $mod+1 workspace $w1 | ||
- | bindsym $mod+2 workspace $w2 | ||
- | bindsym $mod+3 workspace $w3 | ||
- | [...] | ||
- | bar { | ||
- | status_command py3status | ||
- | font pango: | ||
- | # | ||
- | strip_workspace_numbers yes | ||
- | } | ||
- | |||
- | input " | ||
- | tap enabled | ||
- | } | ||
- | |||
- | bindsym XF86AudioRaiseVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86AudioLowerVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86AudioMute exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86MonBrightnessDown exec brightnessctl set 5%- | ||
- | bar { | ||
- | status_command py3status | ||
- | font pango: | ||
- | # | ||
- | strip_workspace_numbers yes | ||
- | } | ||
- | |||
- | input " | ||
- | tap enabled | ||
- | } | ||
- | |||
- | bindsym XF86AudioRaiseVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86AudioLowerVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86AudioMute exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86MonBrightnessDown exec brightnessctl set 5%- | ||
- | bar { | ||
- | status_command py3status | ||
- | font pango: | ||
- | # | ||
- | strip_workspace_numbers yes | ||
- | } | ||
- | |||
- | input " | ||
- | tap enabled | ||
- | } | ||
- | |||
- | bindsym XF86AudioRaiseVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86AudioLowerVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86AudioMute exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/ | ||
- | bindsym XF86MonBrightnessDown exec brightnessctl set 5%- | ||
- | bindsym XF86MonBrightnessUp exec brightnessctl set 5%+ | ||
- | bindsym XF86Sleep exec systemctl suspend | ||
- | bindcode 244 exec swaylock -i / | ||
- | bindcode 156 exec ~/ | ||
- | |||
- | # | ||
- | # Assign windows to workspaces | ||
- | # | ||
- | |||
- | assign [class=" | ||
- | assign [class=" | ||
- | assign [class=" | ||
- | |||
- | |||
- | exec ~/ | ||
- | [...] | ||
- | </ | ||
- | dunst | ||
- | <file - .config/ | ||
- | font = lemon 10 | ||
- | allow_markup = yes | ||
- | format = " | ||
- | sort = yes | ||
- | indicate_hidden = yes | ||
- | alignment = left | ||
- | bounce_freq = 0 | ||
- | show_age_threshold = 60 | ||
- | word_wrap = yes | ||
- | ignore_newline = no | ||
- | geometry = " | ||
- | transparency = 20 | ||
- | show_indicators = yes | ||
- | idle_threshold = 120 | ||
- | monitor = 0 | ||
- | follow = mouse | ||
- | sticky_history = yes | ||
- | line_height = 5 | ||
- | separator_height = 0 | ||
- | padding = 10 | ||
- | horizontal_padding = 10 | ||
- | separator_color = #bfbfbf | ||
- | startup_notification = false | ||
- | browser = / | ||
- | icon_position = left | ||
- | icon_folders = / | ||
- | |||
- | [frame] | ||
- | color = "# | ||
- | width = 0 | ||
- | |||
- | [shortcuts] | ||
- | close = ctrl+space | ||
- | close_all = ctrl+shift+space | ||
- | context = ctrl+shift+period | ||
- | history = ctrl+shift | ||
- | |||
- | [urgency_low] | ||
- | background = "# | ||
- | foreground = "# | ||
- | timeout = 5 | ||
- | |||
- | [urgency_normal] | ||
- | background = "# | ||
- | foreground = "# | ||
- | timeout = 5 | ||
- | |||
- | [urgency_critical] | ||
- | background = "# | ||
- | foreground = "# | ||
- | timeout = 5 | ||
- | |||
- | [ignore1] | ||
- | appname = pa-applet | ||
- | format = "" | ||
- | |||
- | [ignore2] | ||
- | summary = Volume down notification | ||
- | format = "" | ||
- | |||
- | [ignore3] | ||
- | summary = Volume up notification | ||
- | format = "" | ||
- | |||
- | [ignore4] | ||
- | summary = Volume muted notification | ||
- | format = "" | ||
- | </ | ||
- | firejail | ||
- | <file - ~/ | ||
- | # Firejail profile for brave | ||
- | # This file is overwritten after every install/ | ||
- | # Persistent local customizations | ||
- | include / | ||
- | # Persistent global definitions | ||
- | include / | ||
- | |||
- | noblacklist ${HOME}/ | ||
- | # brave uses gpg for built-in password manager | ||
- | noblacklist ${HOME}/ | ||
- | |||
- | mkdir ${HOME}/ | ||
- | whitelist ${HOME}/ | ||
- | whitelist ${HOME}/ | ||
- | |||
- | # noexec /tmp is included in chromium-common.profile and breaks Brave | ||
- | ignore noexec /tmp | ||
- | |||
- | # Redirect | ||
- | include / | ||
- | </ | ||
- | <file - .config/ | ||
- | # Firejail profile for signal-desktop | ||
- | # This file is overwritten after every install/ | ||
- | # Persistent local customizations | ||
- | include / | ||
- | # Persistent global definitions | ||
- | include / | ||
- | |||
- | noblacklist ${HOME}/ | ||
- | noblacklist ${HOME} # hack | ||
- | |||
- | include / | ||
- | include / | ||
- | include / | ||
- | include / | ||
- | |||
- | mkdir ${HOME}/ | ||
- | whitelist ${DOWNLOADS} | ||
- | whitelist ${HOME}/ | ||
- | whitelist ${HOME} # hack | ||
- | include / | ||
- | include / | ||
- | |||
- | caps.drop all | ||
- | netfilter | ||
- | nodvd | ||
- | nogroups | ||
- | nonewprivs | ||
- | noroot | ||
- | notv | ||
- | protocol unix, | ||
- | #seccomp | ||
- | #shell none | ||
- | |||
- | disable-mnt | ||
- | private-dev | ||
- | # | ||
- | |||
- | #noexec ${HOME} | ||
- | </ | ||
- | <file - ~/ | ||
- | |||
- | noblacklist ~/.config | ||
- | mkdir ~/.config | ||
- | whitelist ~/.config | ||
- | noblacklist / | ||
- | whitelist / | ||
- | |||
- | |||
- | include / | ||
- | include / | ||
- | include / | ||
- | </ | ||
- | brave | ||
- | <code bash> | ||
- | echo kernel.unprivileged_userns_clone = 1 | sudo tee / | ||
- | </ | ||
- | fish config | ||
- | <file - ~/ | ||
- | export QT_QPA_PLATFORM=wayland-egl | ||
- | export GDK_BACKEND=' | ||
- | export CLUTTER_BACKEND=wayland | ||
- | export XKB_DEFAULT_LAYOUT=de | ||
- | export TERMINAL=termite | ||
- | export EDITOR=vim | ||
- | export BROWSER=firefox | ||
- | export XDG_SESSION_TYPE=wayland | ||
- | export XDG_DESKTOP_DIR="/ | ||
- | export XDG_DOWNLOAD_DIR=" | ||
- | |||
- | export ELECTRON_TRASH=gio | ||
- | |||
- | [[ -z $DISPLAY && $XDG_VTNR -eq 1 ]] && exec dbus-launch sway | ||
- | </ | ||
- | snipping tool | ||
- | <file - / | ||
- | if [ " | ||
- | wf-recorder -g " | ||
- | else | ||
- | slurp | grim -g - - | wl-copy && wl-paste > " | ||
- | fi | ||
- | </ | ||
- | ===== ArchLinux ===== | ||
- | ==== system ==== | ||
- | set extra capabilities for process | ||
- | <code bash> | ||
- | sudo setcap ' | ||
- | </ | ||
- | directory permissions | ||
- | <code bash> | ||
- | namei -l / | ||
- | </ | ||
- | use acl to grant permission to files for specific user | ||
- | <code bash> | ||
- | setfacl -R -m u:maddy:rX / | ||
- | </ | ||
- | pgrep get process pid by process name | ||
- | <code bash> | ||
- | $ pgrep sw3 | ||
- | 30636 | ||
- | </ | ||
- | set system time | ||
- | <code bash> | ||
- | timedatectl set-time " | ||
- | </ | ||
- | ==== packaging ==== | ||
- | git checkout aur package | ||
- | <code bash> | ||
- | git clone ssh:// | ||
- | </ | ||
- | === commands === | ||
- | update checksums inplace | ||
- | <code bash> | ||
- | updpkgsums | ||
- | </ | ||
- | building a package in a clean dev chroot, path for pacman conf ''/ | ||
- | <code bash> | ||
- | cd < | ||
- | ls PKGBUILD | ||
- | extra-x86_64-build # -c for cleaning up chroot. ~/ | ||
- | extra-x86_64-build -- -I ~/ | ||
- | </ | ||
- | advanced chroot with own packages preinstalled | ||
- | <code bash> | ||
- | mkdir ~/chroot | ||
- | export CHROOT=$HOME/ | ||
- | mkarchroot $CHROOT/ | ||
- | arch-nspawn $CHROOT/ | ||
- | makechrootpkg -r $CHROOT -I package-1.0-1-i686.pkg.tar.xz # -c for clean chroot | ||
- | # repackage: makechrootpkg -r / | ||
- | </ | ||
- | cheap python virtualenv | ||
- | <code bash> | ||
- | mkdir path | ||
- | ln -s / | ||
- | export PATH=" | ||
- | </ | ||
- | abs deprecated, using asp | ||
- | <code bash> | ||
- | asp export linux | ||
- | </ | ||
- | === PKGBUILD === | ||
- | Installation von Lizenzdateien: | ||
- | <code bash> | ||
- | install -D " | ||
- | </ | ||
- | Installation von Systemd-Units: | ||
- | <code bash> | ||
- | install -Dm644 " | ||
- | </ | ||
- | Installation von Docs: | ||
- | <code bash> | ||
- | install -Dm644 README.md " | ||
- | </ | ||
- | Installation von Tmpfiles: | ||
- | <code bash> | ||
- | install -Dm644 " | ||
- | </ | ||
- | Installation von Libs: | ||
- | <code bash> | ||
- | install -m644 libdouble-conversion.so.0.0.0* " | ||
- | </ | ||
- | do not strip binary files | ||
- | < | ||
- | options=(' | ||
- | </ | ||
- | Installation von ausführbare Dateien: | ||
- | <code bash> | ||
- | install -Dm755 shareLinkCreator " | ||
- | </ | ||
- | Nginx/ | ||
- | <code bash> | ||
- | if [[ -n $(which httpd 2> /dev/null) ]]; then | ||
- | | ||
- | fi | ||
- | | ||
- | # install apache .conf file if apache is installed | ||
- | if [[ -n $(which httpd 2> /dev/null) ]]; then | ||
- | install -d $pkgdir/ | ||
- | install -m 644 $srcdir/ | ||
- | fi | ||
- | } | ||
- | </ | ||
- | Zielname der Quelldatei ändern: | ||
- | <code bash> | ||
- | source=(" | ||
- | </ | ||
- | Architekturabhängige Build-Anweisung | ||
- | <code bash> | ||
- | | ||
- | cd " | ||
- | if [[ " | ||
- | make cudaHashcat64.bin | ||
- | else | ||
- | make cudaHashcat32.bin | ||
- | fi | ||
- | make nv_all | ||
- | } | ||
- | </ | ||
- | pkgver git | ||
- | <code bash> | ||
- | | ||
- | cd " | ||
- | #git describe --long | sed ' | ||
- | git log -1 --format=%cd.%h --date=short|tr -d - | ||
- | } | ||
- | </ | ||
- | Common install file example | ||
- | <code bash> | ||
- | post_install() { | ||
- | mkdir / | ||
- | getent group lool > /dev/null || groupadd -r lool > /dev/null | ||
- | getent passwd lool > /dev/null || useradd lool > /dev/null | ||
- | chown -R lool:lool / | ||
- | / | ||
- | } | ||
- | |||
- | post_remove() { | ||
- | | ||
- | | ||
- | } | ||
- | </ | ||
- | in pkgbuild reference | ||
- | <code bash> | ||
- | install=" | ||
- | </ | ||
- | === aurutils === | ||
- | install packages into build container | ||
- | <code bash> | ||
- | arch-chroot / | ||
- | pacman --root=/ | ||
- | </ | ||
- | add gpg key into build container | ||
- | <code bash> | ||
- | sudo -u aur gpg --recv-keys EB774491D9FF06E2 | ||
- | </ | ||
- | rebuild prebuild package and add to custom AUR repo | ||
- | <code bash> | ||
- | fakepkg webkitgtk2 | ||
- | sudo -u aur repo-add / | ||
- | cp / | ||
- | </ | ||
- | ==== bluetooth ==== | ||
- | Example session '' | ||
- | <code bash> | ||
- | # bluetoothctl | ||
- | [bluetooth]# | ||
- | [bluetooth]# | ||
- | [bluetooth]# | ||
- | [bluetooth]# | ||
- | </ | ||
- | |||
- | ==== usefull stuff ==== | ||
- | pipe stderr to stdout | ||
- | <code bash> | ||
- | command 2>&1 >/ | ||
- | </ | ||
- | pipe stderr and stdout both to a file | ||
- | <code bash> | ||
- | command &> error_log | ||
- | </ | ||
- | locate pacnew files | ||
- | <code bash> | ||
- | find /etc -regextype posix-extended -regex " | ||
- | </ | ||
- | or search entire disk | ||
- | <code bash> | ||
- | find / -regextype posix-extended -regex " | ||
- | </ | ||
- | === swapfile on btrfs === | ||
- | <code bash> | ||
- | swapfile=$(losetup -f) #free loop device | ||
- | truncate -s 8G /swap # | ||
- | losetup $swapfile /swap #mount file to loop | ||
- | mkswap | ||
- | swapon | ||
- | </ | ||
- | search library availability in system, print file paths | ||
- | <code bash> | ||
- | ldconfig -p | grep blas | ||
- | </ | ||
+ | ===== bash ===== | ||
- | ==== systemd nspawn (container) ==== | ||
- | <code bash> | ||
- | pacman -S arch-install-scripts | ||
- | btrfs subvol create / | ||
- | mkdir / | ||
- | pacstrap / | ||
- | systemctl enable --now systemd-networkd systemd-resolved | ||
- | systemd-nspawn --boot -nD / | ||
- | systemctl start systemd-nspawnd@archlinux-nextcloudcli | ||
- | machinectl shell root@archlinux-nextcloudcli /bin/bash -c " | ||
- | </ | ||
- | quit / exit / kill container: Hold '' | ||
- | |||
- | ==== systemd service ==== | ||
- | set environment | ||
- | <file - / | ||
- | [Unit] | ||
- | Description=PiRadio | ||
- | After=network-online.target | ||
- | After=bluetooth.service | ||
- | |||
- | [Service] | ||
- | Environment=" | ||
- | Type=simple | ||
- | User=piradio | ||
- | WorkingDirectory=/ | ||
- | ExecStartPre=/ | ||
- | ExecStart=/ | ||
- | Restart=on-abort | ||
- | |||
- | [Install] | ||
- | WantedBy=multi-user.target | ||
- | WantedBy=network-online.target | ||
- | </ | ||
- | ===== kernel ===== | ||
- | grep kernel config running system | ||
- | <code bahs> | ||
- | zcat / | ||
- | </ | ||
- | ===== fish ===== | ||
- | unset history | ||
- | < | ||
- | fish --private | ||
- | </ | ||
- | ===== bash ===== | ||
lzma hado compression and extraction | lzma hado compression and extraction | ||
<code bash> | <code bash> | ||
Line 939: | Line 88: | ||
chmod +x $FILE | chmod +x $FILE | ||
$FILE " | $FILE " | ||
- | </ | ||
- | ==== sed ==== | ||
- | Mit sed inplace eine Zeile zu einer Datei hinzufügen: | ||
- | <code bash> | ||
- | sed -i ' | ||
- | </ | ||
- | add to end of file | ||
- | <code bash> | ||
- | sed -i -e ' | ||
- | </ | ||
- | Comment out specific line matching a string | ||
- | <code bash> | ||
- | sudo sed -e '/ | ||
- | </ | ||
- | comment out multiple lines / range | ||
- | <code bash> | ||
- | sed -i "28,33 s/# *//" autogen.sh | ||
- | </ | ||
- | regex parse value of xml tags | ||
- | <code bash> | ||
- | sed -n ' | ||
- | </ | ||
- | delete multiple lines | ||
- | <code bash> | ||
- | sed -i ' | ||
</ | </ | ||
Line 988: | Line 112: | ||
</ | </ | ||
- | ==== rg ==== | + | execute command |
- | + | ||
- | filter file type | + | |
<code bash> | <code bash> | ||
- | rg GPIO_CFG_2MA | + | fd --type f -e doc -e docx -e pdf -i gabriel -x cp --backup=t {} / |
</ | </ | ||
- | ==== curl ==== | + | |
- | post data | + | find filenames unallowed characters |
<code bash> | <code bash> | ||
- | curl --data " | + | fd '[^A-Z a-züö@0-9._-]' |
- | </ | + | |
- | download and extract archive | + | |
- | <code bash> | + | |
- | curl http:// | + | |
- | </ | + | |
- | set host header | + | |
- | <code bash> | + | |
- | torify curl --header "Host: http.pi" | + | |
- | </ | + | |
- | ==== tcpdump ==== | + | |
- | specific ports | + | |
- | <code bash> | + | |
- | tcpdump -i eth0 -q '(tcp port 80) or (tcp port 443)' -A | + | |
- | </code> | + | |
- | exclude specific host | + | |
- | <code bash> | + | |
- | tcpdump -i eth0 -q '(ip or ip6) and (tcp port 80) or (tcp port 443) and not host ifconfig.co' | + | |
</ | </ | ||
+ | |||
+ | |||
==== patching ==== | ==== patching ==== | ||
=== appling === | === appling === | ||
Line 1031: | Line 138: | ||
</ | </ | ||
+ | ==== xargs ==== | ||
+ | |||
+ | < | ||
+ | fd . | xargs -I {} rm " | ||
+ | </ | ||
===== rsync ===== | ===== rsync ===== | ||
custom ssh port | custom ssh port | ||
Line 1055: | Line 167: | ||
</ | </ | ||
===== networking ===== | ===== networking ===== | ||
- | netcat | ||
- | <code bash> | ||
- | netcat -l 4444 | ||
- | </ | ||
- | <code bash> | ||
- | netcat playground.pi 4444 | ||
- | </ | ||
==== nftables ==== | ==== nftables ==== | ||
<code bash> | <code bash> | ||
Line 1104: | Line 209: | ||
</ | </ | ||
</ | </ | ||
- | ==== ip ==== | + | |
- | route command example | + | |
- | <code bash> | + | |
- | ip route add 192.168.1.0/ | + | |
- | ip route add default via 192.168.1.1 | + | |
- | </ | + | |
- | flush addresses | + | |
- | <code bash> | + | |
- | ip addr flush dev enp8s0 | + | |
- | </ | + | |
- | remove interface | + | |
- | <code bash> | + | |
- | ip link delete br0 | + | |
- | </ | + | |
- | delete address | + | |
- | <code bash> | + | |
- | ip addr del 192.168.178.20/ | + | |
- | </ | + | |
- | set address | + | |
- | <code bash> | + | |
- | ip address add dev usb0 172.16.42.1/ | + | |
- | ip link set usb0 up | + | |
- | </ | + | |
- | show only specific interface | + | |
- | <code bash> | + | |
- | ip a show wg0 | + | |
- | </ | + | |
==== dnsmasq ==== | ==== dnsmasq ==== | ||
minimal hostapd and dnsmasq config | minimal hostapd and dnsmasq config | ||
Line 1183: | Line 262: | ||
compression | compression | ||
<code bash> | <code bash> | ||
- | convert -density 200x200 -units PixelsPerInch -compress jpeg -quality 70 in.pdf out.pdf | + | gm convert -density 200x200 -units PixelsPerInch -compress jpeg -quality 70 in.pdf out.pdf |
</ | </ | ||
lossless merge | lossless merge | ||
Line 1221: | Line 300: | ||
==== batch convert images ==== | ==== batch convert images ==== | ||
<code bash> | <code bash> | ||
- | for i in *.png ; do gm convert | + | for i in *.jpeg; convert |
</ | </ | ||
==== lossless mp3 merge ==== | ==== lossless mp3 merge ==== | ||
Line 1239: | Line 318: | ||
</ | </ | ||
===== security ===== | ===== security ===== | ||
+ | |||
+ | ==== web discovery ==== | ||
+ | |||
+ | === photon === | ||
+ | |||
+ | < | ||
+ | photon -u test.example.org | ||
+ | </ | ||
==== lynis ==== | ==== lynis ==== | ||
Line 1254: | Line 341: | ||
==== wfuzz ==== | ==== wfuzz ==== | ||
<code bash> | <code bash> | ||
- | torify | + | wfuzz -c --hc 404 -w / |
- | torify | + | wfuzz -c --hc 404,403 -w / |
</ | </ | ||
Preparing data for LFI scan | Preparing data for LFI scan | ||
Line 1269: | Line 356: | ||
* web scanner | * web scanner | ||
* https:// | * https:// | ||
+ | * wifite wifi auditing tool | ||
+ | |||
+ | sec tools | ||
+ | |||
+ | * dirbuster | ||
+ | * https:// | ||
+ | * **tiger** - system sec scanner | ||
+ | * sub domain evaluation | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * subfinder (passive, external sources) | ||
+ | * vhost scanning | ||
+ | * https:// | ||
+ | * bettercap - wifi network | ||
+ | * iodine dns tunnel https:// | ||
+ | * command searchsploit in exploitdb | ||
+ | * NixOS for Pentesting Overview https:// | ||
+ | |||
===== chromium / chrome ===== | ===== chromium / chrome ===== | ||
disable gpu blacklist, enable nouveau hardware acceleration | disable gpu blacklist, enable nouveau hardware acceleration | ||
Line 1275: | Line 380: | ||
</ | </ | ||
===== docker ===== | ===== docker ===== | ||
- | Short example | + | |
+ | Pull | ||
<code bash> | <code bash> | ||
- | sudo systemctl start docker | + | docker |
- | gpasswd -a onny docker | + | docker |
- | | + | |
- | | + | |
</ | </ | ||
+ | |||
+ | Run | ||
+ | <code bash> | ||
+ | docker run -td ubuntu: | ||
+ | </ | ||
+ | |||
+ | Executing | ||
+ | <code bash> | ||
+ | docker exec -it ffffdfdfsdfsdfsfsffsdfs /bin/bash | ||
+ | </ | ||
+ | |||
+ | Nextcloud | ||
+ | <code bash> | ||
+ | docker run -d -p 80:80 rootlogin/ | ||
+ | docker run -v / | ||
+ | </ | ||
+ | |||
Debugging it | Debugging it | ||
<code bash> | <code bash> | ||
Line 1287: | Line 408: | ||
| | ||
</ | </ | ||
+ | |||
Pull from repository | Pull from repository | ||
< | < | ||
Line 1297: | Line 419: | ||
| | ||
</ | </ | ||
- | Pull specific tagged image | + | |
- | <code bash> | + | |
- | docker pull rootlogin/ | + | |
- | </ | + | |
Build from Dockerfile | Build from Dockerfile | ||
< | < | ||
Line 1324: | Line 443: | ||
docker system prune -a | docker system prune -a | ||
</ | </ | ||
- | docker stop all container | + | |
- | <code bash> | + | |
- | docker stop (docker ps -a -q) | + | |
- | </ | + | |
prevent from auto start | prevent from auto start | ||
+ | |||
<code bash> | <code bash> | ||
- | docker update --restart=no | + | docker update --restart=no |
</ | </ | ||
docker commit container and rerun | docker commit container and rerun | ||
Line 1339: | Line 456: | ||
$ docker commit 5a8f89adeead newimagename | $ docker commit 5a8f89adeead newimagename | ||
$ docker run -ti -v " | $ docker run -ti -v " | ||
+ | </ | ||
+ | |||
+ | Run emulated multiarch images | ||
+ | <code bash> | ||
+ | docker run --rm --privileged multiarch/ | ||
+ | docker run --rm -t arm32v7/ | ||
+ | docker run -it --rm arm32v7/ | ||
+ | # keep it running | ||
+ | docker run -d -it --name alpine-armv7 --platform linux/ | ||
</ | </ | ||
Line 1451: | Line 577: | ||
https:// | https:// | ||
</ | </ | ||
- | ===== atom editor | + | ===== vs code ===== |
==== plugins ==== | ==== plugins ==== | ||
- | * [[https:// | + | * vetur (vuejs highlighting) |
- | * Usage CTRL-SHIFT-H | + | |
- | * [[https:// | + | |
- | * Right click on color value (html/css) | + | |
- | * teletype (collaboration for atom) | + | |
- | * run script: strg+b | + | |
- | * atom-beautify | + | |
- | * Run command palette: '' | + | |
- | * Type '' | + | |
- | * preview markdown | + | |
- | * Ctrl+Shift+m | + | |
- | * language-vue | + | |
===== firejail ===== | ===== firejail ===== | ||
Line 1529: | Line 643: | ||
</ | </ | ||
- | delete | + | |
+ | delete branch | ||
<code bash> | <code bash> | ||
- | git push onny --delete | + | git branch # list |
+ | git branch -d swaybar | ||
+ | git push onny -d samsung-treltexx | ||
</ | </ | ||
Line 1562: | Line 680: | ||
git checkout 13243f2eafc4292917178051fe1bb5aab2774dca -p include/ | git checkout 13243f2eafc4292917178051fe1bb5aab2774dca -p include/ | ||
</ | </ | ||
- | delete branch | + | |
- | <code bash> | + | |
- | git branch # list | + | |
- | git branch -d swaybar | + | |
- | </ | + | |
rebase | rebase | ||
+ | |||
<code bash> | <code bash> | ||
git remote add upstream https:// | git remote add upstream https:// | ||
Line 1575: | Line 690: | ||
git push -f origin master | git push -f origin master | ||
</ | </ | ||
+ | |||
+ | rebase, force overwrite upstream changes | ||
+ | <code bash> | ||
+ | git rebase -X theirs master | ||
+ | </ | ||
+ | |||
rebase branch | rebase branch | ||
<code bash> | <code bash> | ||
Line 1608: | Line 729: | ||
git reset HEAD^ | git reset HEAD^ | ||
git push origin +HEAD | git push origin +HEAD | ||
+ | </ | ||
+ | |||
+ | integrate changes into last commit | ||
+ | <code bash> | ||
+ | git commit --amend --no-edit | ||
+ | </ | ||
+ | |||
+ | overwrite branch with other branch | ||
+ | <code bash> | ||
+ | git checkout maddy | ||
+ | git reset --hard maddytest | ||
+ | git push onny maddy -f | ||
+ | </ | ||
+ | |||
+ | modify older or specific commit | ||
+ | |||
+ | <code bash> | ||
+ | git rebase --interactive ' | ||
+ | # make changes | ||
+ | git commit --all --amend --no-edit | ||
+ | git rebase --continue | ||
+ | </ | ||
+ | |||
+ | add co-author / co-authors to commit | ||
+ | <code bash> | ||
+ | git commit --amend | ||
+ | # Add line: Co-authored-by: | ||
</ | </ | ||
===== yum ===== | ===== yum ===== | ||
Line 1811: | Line 959: | ||
ngrep -q -W byline " | ngrep -q -W byline " | ||
</ | </ | ||
- | * sec | ||
- | * https:// | ||
- | * **tiger** - system sec scanner | ||
- | * sub domain evaluation | ||
- | * https:// | ||
- | * https:// | ||
- | * subfinder (passive, external sources) | ||
- | * vhost scanning | ||
- | * https:// | ||
- | * bettercap - wifi network | ||
- | * iodine dns tunnel https:// | ||
- | * command searchsploit in exploitdb | ||
* sys | * sys | ||
* **usbtop** | * **usbtop** | ||
Line 1903: | Line 1039: | ||
</ | </ | ||
===== nixos ===== | ===== nixos ===== | ||
+ | |||
apply changes to system | apply changes to system | ||
- | < | + | |
- | nixos-rebuild switch | + | < |
+ | sudo nixos-rebuild switch | ||
+ | sudo nixos-rebuild boot --flake '/ | ||
</ | </ | ||
+ | |||
update channel, rebuild and switch | update channel, rebuild and switch | ||
+ | |||
<code bash> | <code bash> | ||
nixos-rebuild switch --upgrade | nixos-rebuild switch --upgrade | ||
</ | </ | ||
+ | |||
search package | search package | ||
+ | |||
<code bash> | <code bash> | ||
nix search gedit | nix search gedit | ||
</ | </ | ||
+ | |||
nixos testing environement | nixos testing environement | ||
+ | |||
<code bash> | <code bash> | ||
nix-shell -p toilet | nix-shell -p toilet | ||
</ | </ | ||
+ | |||
install unstable package | install unstable package | ||
+ | |||
<code bash> | <code bash> | ||
nix-channel --add https:// | nix-channel --add https:// | ||
Line 1925: | Line 1072: | ||
nix-env -iA unstable.pdfarranger | nix-env -iA unstable.pdfarranger | ||
</ | </ | ||
+ | |||
custom local repository, list packages | custom local repository, list packages | ||
+ | |||
<code bash> | <code bash> | ||
nix-env -f / | nix-env -f / | ||
</ | </ | ||
+ | |||
install package from local repo | install package from local repo | ||
+ | |||
<code bash> | <code bash> | ||
nix-env -f / | nix-env -f / | ||
</ | </ | ||
+ | |||
package shell script | package shell script | ||
+ | |||
< | < | ||
# Here we but a shell script into path, which lets us start sway.service (after importing the environment of the login shell). | # Here we but a shell script into path, which lets us start sway.service (after importing the environment of the login shell). | ||
Line 1987: | Line 1140: | ||
nix-env --query | nix-env --query | ||
</ | </ | ||
+ | |||
python virtualenv | python virtualenv | ||
+ | |||
<code bash> | <code bash> | ||
nix-shell -p python3Packages.virtualenv | nix-shell -p python3Packages.virtualenv | ||
Line 1994: | Line 1149: | ||
pip install -r requirements.txt | pip install -r requirements.txt | ||
</ | </ | ||
+ | |||
local repository (nixpkgs clone) as systemwide channel | local repository (nixpkgs clone) as systemwide channel | ||
+ | |||
<code bash> | <code bash> | ||
$ nix-build nixos/ | $ nix-build nixos/ | ||
Line 2003: | Line 1160: | ||
$ sudo nix-channel --update | $ sudo nix-channel --update | ||
</ | </ | ||
+ | |||
test packages git pull request | test packages git pull request | ||
+ | |||
< | < | ||
let | let | ||
Line 2028: | Line 1187: | ||
)]; | )]; | ||
</ | </ | ||
+ | |||
retrieve hash | retrieve hash | ||
+ | |||
<code bash> | <code bash> | ||
curl -sL https:// | curl -sL https:// | ||
Line 2037: | Line 1198: | ||
env NIXPKGS_ALLOW_UNFREE=1 nix-env -f / | env NIXPKGS_ALLOW_UNFREE=1 nix-env -f / | ||
</ | </ | ||
+ | |||
build local package | build local package | ||
+ | |||
<code bash> | <code bash> | ||
+ | cd nixpkgs | ||
+ | nix build -f ./. python310Packages.baserow | ||
+ | nix build -f ./. nodePackages.hyperpotamus | ||
nix-build -E 'with import < | nix-build -E 'with import < | ||
+ | nix-build -E 'with import / | ||
+ | |||
</ | </ | ||
+ | |||
rebuilding with progress indication | rebuilding with progress indication | ||
+ | |||
<code bash> | <code bash> | ||
nix build '(with import < | nix build '(with import < | ||
nixos-rebuild -I nixpkgs=/ | nixos-rebuild -I nixpkgs=/ | ||
</ | </ | ||
- | quick launch | + | |
+ | run program | ||
<code bash> | <code bash> | ||
- | nix run nixpkgs.electrum --command | + | nix run nixpkgs#electrum |
+ | nix run github: | ||
+ | nix shell nixpkgs# | ||
</ | </ | ||
+ | |||
review repository | review repository | ||
+ | |||
<code bash> | <code bash> | ||
git clone https:// | git clone https:// | ||
Line 2056: | Line 1232: | ||
nixpkgs-review pr 98044 | nixpkgs-review pr 98044 | ||
</ | </ | ||
+ | |||
setup python virtualenv, working pip | setup python virtualenv, working pip | ||
+ | |||
< | < | ||
15.17.3.6. How to consume python modules using pip in a virtual environment like I am used to on other Operating Systems? | 15.17.3.6. How to consume python modules using pip in a virtual environment like I am used to on other Operating Systems? | ||
Line 2062: | Line 1240: | ||
</ | </ | ||
+ | which package provides certain file | ||
+ | |||
+ | < | ||
+ | command-not-found telnet | ||
+ | </ | ||
+ | |||
+ | use module from unstable | ||
+ | |||
+ | < | ||
+ | let | ||
+ | |||
+ | # FIXME | ||
+ | unstableTarball = | ||
+ | fetchTarball | ||
+ | https:// | ||
+ | |||
+ | in | ||
+ | { | ||
+ | |||
+ | disabledModules = [ | ||
+ | " | ||
+ | " | ||
+ | ]; | ||
+ | |||
+ | imports = [ | ||
+ | " | ||
+ | / | ||
+ | ]; | ||
+ | nixpkgs.config.packageOverrides = pkgs: rec { | ||
+ | unstable = import unstableTarball { }; | ||
+ | opensnitch = unstable.opensnitch; | ||
+ | }; | ||
+ | # | ||
+ | </ | ||
+ | |||
+ | overlay: use / overwrite package from custom remote or local repo / fork: | ||
+ | |||
+ | < | ||
+ | nixpkgs.overlays = [ | ||
+ | (self: super: { | ||
+ | foo2zjs = (import (builtins.fetchTarball { | ||
+ | url = | ||
+ | " | ||
+ | sha256 = " | ||
+ | }) { config = { allowUnfree = true; }; }).foo2zjs; | ||
+ | linux-wifi-hotspot = (import / | ||
+ | }) | ||
+ | ]; | ||
+ | </ | ||
+ | |||
+ | overlay generate package derivation which includes custom files | ||
+ | |||
+ | < | ||
+ | nwjs' = nwjs.overrideAttrs (x: { | ||
+ | ffmpegPrebuilt = fetchurl { | ||
+ | url = " | ||
+ | sha256 = " | ||
+ | }; | ||
+ | patchPhase = '' | ||
+ | cd lib | ||
+ | ${unzip}/ | ||
+ | ${x.patchPhase or "" | ||
+ | ''; | ||
+ | }); | ||
+ | </ | ||
+ | |||
+ | use local src / source | ||
+ | |||
+ | < | ||
+ | src = / | ||
+ | unpackPhase = '' | ||
+ | </ | ||
+ | |||
+ | python environment with gobject introspection etc | ||
+ | |||
+ | <code bash> | ||
+ | nix-shell -p ' | ||
+ | </ | ||
+ | |||
+ | package overlay and override attributes | ||
+ | |||
+ | < | ||
+ | nixpkgs.overlays = [ | ||
+ | (self: super: { | ||
+ | foo2zjs = (import (builtins.fetchTarball { | ||
+ | url = | ||
+ | " | ||
+ | sha256 = " | ||
+ | }) {} ).foo2zjs; | ||
+ | wordpress = super.wordpress.overrideAttrs (oldAttrs: rec { | ||
+ | # Remove default plugins and themes | ||
+ | installPhase = oldAttrs.installPhase + '' | ||
+ | rm -r $out/ | ||
+ | rm -r $out/ | ||
+ | ''; | ||
+ | }); | ||
+ | foo2zjs = super.foo2zjs.overrideAttrs (oldAttrs: rec { | ||
+ | src = builtins.fetchurl { | ||
+ | url = " | ||
+ | sha256 = " | ||
+ | }; | ||
+ | patches = (oldAttrs.patches or []) ++ [ | ||
+ | (pkgs.fetchpatch { | ||
+ | url = " | ||
+ | sha256 = " | ||
+ | }) | ||
+ | ]; | ||
+ | }); | ||
+ | }) | ||
+ | ]; | ||
+ | </ | ||
+ | |||
+ | fetchpatch | ||
+ | |||
+ | < | ||
+ | patches = [ | ||
+ | # Support HBPL1 printers https:// | ||
+ | ./ | ||
+ | |||
+ | # Fix " | ||
+ | # https:// | ||
+ | (fetchpatch { | ||
+ | url = " | ||
+ | sha256 = " | ||
+ | stripLen = 1; | ||
+ | name = " | ||
+ | }) | ||
+ | |||
+ | ]; | ||
+ | </ | ||
+ | |||
+ | fetchpatch array | ||
+ | |||
+ | < | ||
+ | patches = map fetchpatch [ | ||
+ | /* This patch is currently necessary for the unit test suite to run correctly. | ||
+ | * See https:// | ||
+ | * and https:// | ||
+ | */ | ||
+ | #{ | ||
+ | # name = " | ||
+ | # sha256 = " | ||
+ | # url = " | ||
+ | #} | ||
+ | |||
+ | # This patch fixes test compile issues with glibc 2.33+. | ||
+ | #{ | ||
+ | # name = " | ||
+ | # sha256 = " | ||
+ | # url = " | ||
+ | #} | ||
+ | </ | ||
+ | |||
+ | locate / search file belongs to which package | ||
+ | < | ||
+ | nix-locate -w libnss3.so | ||
+ | </ | ||
+ | |||
+ | list package content | ||
+ | < | ||
+ | tree (nix-instantiate --eval -E 'with import < | ||
+ | </ | ||
+ | |||
+ | nixos-shell usage | ||
+ | |||
+ | <code bash> | ||
+ | QEMU_NET_OPTS=" | ||
+ | sudo -E QEMU_NET_OPTS=" | ||
+ | </ | ||
+ | |||
+ | systemd one shot service | ||
+ | |||
+ | < | ||
+ | # Symlink nvim user config for root user | ||
+ | systemd.services.nvim-symlink = { | ||
+ | script = '' | ||
+ | if [[ ! -h "/ | ||
+ | ln -s "/ | ||
+ | fi | ||
+ | ''; | ||
+ | wantedBy = [ " | ||
+ | serviceConfig = { | ||
+ | Type = " | ||
+ | }; | ||
+ | }; | ||
+ | </ | ||
+ | |||
+ | nix repl | ||
+ | |||
+ | <code bash> | ||
+ | nix repl '< | ||
+ | # wordpressPackages.plugins.gutenberg.meta.license | ||
+ | </ | ||
==== packaging ==== | ==== packaging ==== | ||
Line 2084: | Line 1455: | ||
cd / | cd / | ||
nix-build -A nodePackages.< | nix-build -A nodePackages.< | ||
+ | nix-build -E 'with import / | ||
</ | </ | ||
Line 2104: | Line 1476: | ||
< | < | ||
{ lib | { lib | ||
- | , mkDerivation | + | , stdenv |
, fetchFromGitLab | , fetchFromGitLab | ||
, cmake | , cmake | ||
Line 2114: | Line 1486: | ||
}: | }: | ||
- | mkDerivation rec { | + | stdenv.mkDerivation rec { |
pname = " | pname = " | ||
version = " | version = " | ||
Line 2169: | Line 1541: | ||
--prefix PATH : ${lib.makeBinPath [ iw ]} | --prefix PATH : ${lib.makeBinPath [ iw ]} | ||
''; | ''; | ||
+ | </ | ||
+ | |||
+ | wrapProgram add specific arguments | ||
+ | <code bash> | ||
+ | { lib, stdenv, fetchurl, makeWrapper, | ||
+ | |||
+ | [...] | ||
+ | nativeBuildInputs = [ makeWrapper ]; | ||
+ | |||
+ | installPhase = '' | ||
+ | mkdir -p $out/ | ||
+ | cp $src $out/ | ||
+ | makeWrapper ${jre}/ | ||
+ | --add-flags " | ||
+ | ''; | ||
+ | |||
</ | </ | ||
Line 2183: | Line 1571: | ||
''; | ''; | ||
</ | </ | ||
+ | |||
+ | build rust package | ||
+ | < | ||
+ | { lib | ||
+ | , fetchFromGitHub | ||
+ | , rustPlatform | ||
+ | , pkg-config | ||
+ | , openssl | ||
+ | , dbus | ||
+ | , sqlite | ||
+ | , file | ||
+ | , gzip | ||
+ | , makeWrapper | ||
+ | }: | ||
+ | |||
+ | rustPlatform.buildRustPackage rec { | ||
+ | pname = " | ||
+ | version = " | ||
+ | |||
+ | src = fetchFromGitHub { | ||
+ | owner = " | ||
+ | repo = " | ||
+ | rev = " | ||
+ | sha256 = " | ||
+ | }; | ||
+ | |||
+ | cargoSha256 = " | ||
+ | |||
+ | nativeBuildInputs = [ | ||
+ | pkg-config | ||
+ | gzip | ||
+ | makeWrapper | ||
+ | ]; | ||
+ | |||
+ | buildInputs = [ | ||
+ | openssl | ||
+ | dbus | ||
+ | sqlite | ||
+ | ]; | ||
+ | |||
+ | checkInputs = [ | ||
+ | file | ||
+ | ]; | ||
+ | |||
+ | meta = with lib; { | ||
+ | description = "A CLI helper to manage, package and publish Nextcloud apps"; | ||
+ | homepage = " | ||
+ | license = licenses.gpl3Only; | ||
+ | platforms = platforms.linux; | ||
+ | maintainers = with maintainers; | ||
+ | }; | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | packaging scheme unstable git | ||
+ | < | ||
+ | unstable-2018-05-15 | ||
+ | </ | ||
+ | |||
+ | package binary deb | ||
+ | < | ||
+ | { stdenv | ||
+ | , lib | ||
+ | , fetchurl | ||
+ | , autoPatchelfHook | ||
+ | , dpkg | ||
+ | , qt5 | ||
+ | , libjack2 | ||
+ | , alsa-lib | ||
+ | , bzip2 | ||
+ | , libpulseaudio }: | ||
+ | |||
+ | stdenv.mkDerivation rec { | ||
+ | pname = " | ||
+ | version = " | ||
+ | |||
+ | src = fetchurl { | ||
+ | url = " | ||
+ | sha256 = " | ||
+ | }; | ||
+ | |||
+ | nativeBuildInputs = [ | ||
+ | autoPatchelfHook | ||
+ | qt5.qtbase | ||
+ | qt5.wrapQtAppsHook | ||
+ | libjack2 | ||
+ | libpulseaudio | ||
+ | bzip2 | ||
+ | alsa-lib | ||
+ | ]; | ||
+ | |||
+ | buildInputs = [ dpkg ]; | ||
+ | |||
+ | dontUnpack = true; | ||
+ | dontBuild = true; | ||
+ | dontStrip = true; | ||
+ | |||
+ | installPhase = '' | ||
+ | mkdir -p $out | ||
+ | dpkg -x $src $out | ||
+ | cp -av $out/ | ||
+ | rm -rf $out/opt | ||
+ | # Create symlink bzip2 library | ||
+ | ln -s ${bzip2.out}/ | ||
+ | ''; | ||
+ | |||
+ | meta = with lib; { | ||
+ | description = " | ||
+ | homepage = " | ||
+ | license = licenses.unfree; | ||
+ | platforms = platforms.linux; | ||
+ | maintainers = with maintainers; | ||
+ | }; | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | package appimage program | ||
+ | < | ||
+ | { lib | ||
+ | , fetchurl | ||
+ | , appimageTools | ||
+ | }: | ||
+ | |||
+ | appimageTools.wrapType2 rec { | ||
+ | pname = " | ||
+ | version = " | ||
+ | |||
+ | src = fetchurl { | ||
+ | url = " | ||
+ | sha256 = " | ||
+ | }; | ||
+ | |||
+ | extraInstallCommands = '' | ||
+ | mv $out/ | ||
+ | ''; | ||
+ | |||
+ | meta = with lib; { | ||
+ | description = " | ||
+ | homepage = " | ||
+ | license = licenses.gpl3Only; | ||
+ | maintainers = with maintainers; | ||
+ | platforms = [ " | ||
+ | }; | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | packaging java / jar file | ||
+ | |||
+ | < | ||
+ | installPhase = '' | ||
+ | mkdir -p $out/ | ||
+ | cp ${src}/ | ||
+ | makeWrapper ${openjdk}/ | ||
+ | --add-flags "-jar $out/ | ||
+ | ''; | ||
+ | </ | ||
+ | ==== tests ==== | ||
+ | |||
+ | run tests interactively | ||
+ | |||
+ | <code bash> | ||
+ | nix build -L -f . nixosTests.invoiceplane.driverInteractive | ||
+ | ./ | ||
+ | > startAll | ||
+ | > testScript | ||
+ | > $machine-> | ||
+ | > print($machine-> | ||
+ | </ | ||
+ | |||
==== nixops ==== | ==== nixops ==== | ||
Line 2237: | Line 1794: | ||
fatlabel /dev/sdb1 " | fatlabel /dev/sdb1 " | ||
</ | </ | ||
+ | |||
resize extX partition | resize extX partition | ||
+ | |||
<code bash> | <code bash> | ||
sfdisk -l /dev/sdb | sfdisk -l /dev/sdb | ||
Line 2265: | Line 1824: | ||
# 7. (a) partition is bootable flag | # 7. (a) partition is bootable flag | ||
# 8. (w) write changes | # 8. (w) write changes | ||
+ | </ | ||
+ | |||
+ | recover gpt partition | ||
+ | <code bash> | ||
+ | sgdisk -e /dev/sda | ||
</ | </ | ||
==== lvm ==== | ==== lvm ==== | ||
Line 2317: | Line 1881: | ||
</ | </ | ||
- | ===== avahi ===== | + | |
- | discover local services | + | |
- | <code bash> | + | |
- | avahi-browse --all --ignore-local --resolve --terminate | + | |
- | </ | + | |
===== curlftpfs ===== | ===== curlftpfs ===== | ||
<code bash> | <code bash> | ||
Line 2327: | Line 1887: | ||
</ | </ | ||
- | ===== npm ===== | + | ===== pnpm ===== |
<code bash> | <code bash> | ||
- | npm init | + | pnpm init |
- | npm install jquery@3.5.1 --save # see npmjs.com | + | pnpm install jquery@3.5.1 --save # see npmjs.com |
+ | </ | ||
+ | update packages | ||
+ | <code bash> | ||
+ | pnpm outdated | ||
</ | </ | ||
- | |||
===== gitlab-ci ===== | ===== gitlab-ci ===== | ||
Test gitlab-ci.yml, | Test gitlab-ci.yml, | ||
Line 2451: | Line 2014: | ||
readelf -Ws / | readelf -Ws / | ||
</ | </ | ||
+ | |||
+ | ===== wf-recorder ===== | ||
+ | |||
+ | record system video + audio | ||
+ | |||
+ | <code bash> | ||
+ | pactl list sources short | ||
+ | wf-recorder -aalsa_output.pci-0000_00_1b.0.analog-stereo.monitor --file=recording_with_audio.mp4 | ||
+ | </ | ||
+ | |||
+ | note there' | ||
+ | |||
+ | encoded | ||
+ | <code bash> | ||
+ | wf-recorder -d / | ||
+ | </ | ||
+ | |||
+ | ===== cups ===== | ||
+ | |||
+ | list printers | ||
+ | < | ||
+ | $ lpstat -p -d | ||
+ | printer Dell_1250c is idle. enabled since Tue 28 Dec 2021 09:44:59 AM UTC | ||
+ | printer Dell_1250c_USB is idle. enabled since Tue 28 Dec 2021 09:44:59 AM UTC | ||
+ | </ | ||
+ | |||
+ | print file | ||
+ | < | ||
+ | lp -d Dell_1250c_USB -o fit-to-page -o media=A4 scared_cat.png | ||
+ | </ | ||
+ | |||
+ | list jobs | ||
+ | < | ||
+ | $ lpstat | ||
+ | Dell_1250c_USB-2 | ||
+ | </ | ||
+ | |||
+ | cancel job | ||
+ | < | ||
+ | cancel 1 | ||
+ | </ | ||
+ | |||
+ | ===== qemu ===== | ||
+ | |||
+ | booting armv7 alpinelinux | ||
+ | <code bash> | ||
+ | # download kernel and stuff from here http:// | ||
+ | qemu-system-arm -M virt -m 512M -cpu cortex-a15 -kernel vmlinuz-lts -initrd initramfs-lts -append " | ||
+ | </ | ||
+ | |||
+ | ===== postgresql ===== | ||
+ | |||
+ | list all databases | ||
+ | <code bash> | ||
+ | sudo -u postgres psql | ||
+ | # \l | ||
+ | </ | ||
+ | |||
+ | drop database | ||
+ | <code bash> | ||
+ | sudo -u postgres psql | ||
+ | # drop database gitlabhq_production; | ||
+ | # drop database gitlabhq_production WITH (FORCE); | ||
+ | </ | ||
+ | |||
+ | list tables | ||
+ | <code bash> | ||
+ | sudo -u postgres psql | ||
+ | # \c gitlabhq_production | ||
+ | # \dt | ||
+ | </ | ||
+ | |||
+ | create and delete user | ||
+ | < | ||
+ | DROP ROLE gitlab; | ||
+ | CREATE USER gitlab WITH PASSWORD ' | ||
+ | </ | ||
+ | |||
+ | grant permissions | ||
+ | < | ||
+ | ALTER USER gitlab SUPERUSER; | ||
+ | CREATE DATABASE gitlabhq_production OWNER gitlab; | ||
+ | ALTER DATABASE gitlabhq_production OWNER TO gitlab; | ||
+ | </ | ||
+ | |||
+ | dump database | ||
+ | < | ||
+ | pg_dump -U gitlab gitlabhq_production > / | ||
+ | </ | ||
+ | |||
+ | dump all | ||
+ | < | ||
+ | pg_dumpall > / | ||
+ | </ | ||
+ | |||
+ | import database | ||
+ | < | ||
+ | psql# CREATE DATABASE gitlabhq_production; | ||
+ | psql -U gitlab gitlabhq_production < gitlab.pgsql | ||
+ | </ | ||
+ | |||
+ |