Differences

This shows you the differences between two versions of the page.

--- onny:notizen [2022/03/06 18:26] – old revision restored (2021/12/10 09:39) 167.114.158.215
+++ onny:notizen [2023/11/25 19:56] – [nixos] 127.0.0.1
@@ Line 1: / Line 1: @@
-===== System setup =====
-<code bash>
-# fde1: http://www.brunoparmentier.be/blog/how-to-install-arch-linux-on-an-encrypted-btrfs-partition.html
-# fde2: http://danynativel.com/blog/2013/02/10/archlinux-installation-guide-on-encrypted-ssd/
-# https://bbs.archlinux.org/viewtopic.php?pid=1187153#p1187153
-gdisk /dev/sda
-cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat /dev/sda2
-cryptsetup luksOpen /dev/sda2 root
-mkfs.btrfs /dev/mapper/root
-wifi-menu
-mount /dev/mapper/root /mnt
-pacstrap /mnt base base-devel tmux mosh wipe rsync procps neovim lsof strace htop net-tools pkgfile dnsutils iotop aria2 tcpdump nload btrfs-progs ntp wget acpid alsa-utils cups curl eog evince ffmpeg firefox gedit gimp git vinagre gvfs-mtp gvfs-smb nautilus openvpn gparted pidgin plowshare youtube-dl pulseaudio qt5-wayland samba sigil virt-manager wireshark-gtk unbound unrar unzip valgrind vlc wine-mono winetricks xorg-server-xwayland sshfs efibootmgr ttf-dejavu mpv acpi pm-utils ntfs-3g pavucontrol gnome-disk-utility bluez-utils conky pwgen libreoffice-fresh linux-headers minicom android-udev ansible mlocate terminus-font fail2ban pulseaudio-bluetooth udisks sway pv otf-ipafont xdg-utils devtools atom qpdfview termite brightnessctl nextcloud-client py3status arch-audit grim fragments fish swaylock slurp pdfarranger nftables grc time foliate vlc-bittorrent brightnessctl depot-tools-git downgrade  signal-desktop ocenaudio-bin smloadr soulseekqt ttf-font-awesome wcalc anbox-git krop zeronet id3ted redshift-wlr-gamma-control-git split2flac r128gain foo2zjs-nightly tor-browser-en venom pkgbuild-introspection iwd rofi-wifi-menu-git wl-clipboard librewolf pacaur ripgrep bat fd gnome-passwordsafe wf-recorder
-ln -s /usr/lib/udev/rules.d/51-android.rules /etc/udev/rules.d
-genfstab -p /mnt >> /mnt/etc/fstab
-mount /dev/sda1 /mnt/boot
-arch-chroot /mnt
-chsh -s $(which fish)
-sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
-sed -i 's/^#?SystemMaxUse=.*$/SystemMaxUse=200M/g' /etc/systemd/journald.conf
-sed -i 's/^#Color/Color/g' /etc/pacman.conf
-mkdir /etc/pacman.d/hooks
-ln -s /usr/share/libalpm/hooks/30-systemd-daemon-reload.hook /etc/pacman.d/hooks/
-echo "http-pub2" >> /etc/hostname
-timedatectl set-timezone Europe/Berlin
-sed -i 's/#en_US.UTF-8/en_US.UTF-8/' /etc/locale.gen
-locale-gen
-localectl set-locale LANG=en_US.UTF-8
-echo "KEYMAP=de" > /etc/vconsole.conf
-mkinitcpio -p linux
-bootctl install
-passwd
-useradd -m onny -s /usr/bin/fish
-passwd onny
-usermod -a -G sudo onny
-updatedb
-timedatectl set-ntp true
-mkdir -p /etc/systemd/system/getty@tty1.service.d
-ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
-systemctl enable --now NetworkManager nftables fail2ban iwd
-exit
-reboot
-# gpasswd -a onny lock
-# gpasswd -a onny uucp
-gpasswd -a onny adbusers # mtp support
-gpasswd -a onny storage # polkit-rule mount hdds
-</code>
-==== core ====
-<file - /etc/fstab>
-# Static information about the filesystems.
-# See fstab(5) for details.
-/dev/mapper/root    	/         	btrfs     	rw,relatime,ssd,space_cache,subvolid=5,subvol=/	0 0
-UUID=4a8c7d1d-5839-429b-9c85-3cb6046c8b21           	/boot     	ext2      	rw,relatime,stripe=4	0 2
+===== bash =====
-# <file system> <dir> <type> <options> <dump> <pass>
-</file>
-==== grub ====
-<file - /etc/default/grub>
-[...]
-GRUB_CMDLINE_LINUX="cryptdevice=UUID=17987958-47c1-4566-b56b-83e527d4929b:root:allow-discards"
-[...]
-</file>
-==== systemd-networkd ====
-<file - /etc/systemd/network/wg0.netdev>
-[NetDev]
-Name = wg0
-Kind = wireguard
-Description = Wireguard
-[WireGuard]
-PrivateKey = ****
-[WireGuardPeer]
-PublicKey = ****
-AllowedIPs = 10.25.0.0/16
-Endpoint = 2a01:4f8:191:327::2:51820
-Endpoint = 144.76.16.40:51820
-PersistentKeepalive = 25
-</file>
-<file - /etc/systemd/network/wg0.network>
-[Match]
-Name = wg0
-[Network]
-Address = 10.25.40.2/16
-DNS=10.25.0.1
-DNSSEC=false
-</file>
-<file - /etc/systemd/network/eno1.network>
-[Match]
-Name = eno1
-[Network]
-DHCP=yes
-DNS=10.25.0.1
-DNSSEC=false
-</file>
-<file - /etc/systemd/network/wlan0.network>
-[Match]
-Name = wlan0
-[Network]
-DHCP=yes
-DNS=10.25.0.1
-DNSSEC=false
-</file>
-<file - /etc/systemd/network/wlp3s0.network>
-[Match]
-Name = wlp3s0
-[Network]
-DHCP=yes
-DNS=10.25.0.1
-DNSSEC=false
-</file>
-<file - /etc/systemd/network/10-tornet.netdev>
-[NetDev]
-Name=tornet
-Kind=bridge
-</file>
-<file - /etc/systemd/network/10-tornet.network>
-[Match]
-Name=tornet
-[Network]
-Address=10.100.100.1/24
-ConfigureWithoutCarrier=true
-</file>
-<code bash>
-systemctl enable --now systemd-networkd systemd-resolved
-</code>
-==== nftables ====
-<file - /etc/nftables.conf>
-table inet filter {
-	set tcp_accepted {
-		type inet_service
-		flags interval
-	}
-	set udp_accepted {
-		type inet_service
-		flags interval
-	}
-	chain base_checks {
-		ct state { established, related } accept
-		ct state invalid drop
-	}
-	chain input {
-		type filter hook input priority filter; policy drop;
-		jump base_checks
-		iifname "lo" accept
-		ip protocol icmp icmp type { echo-reply, destination-unreachable, echo-request, time-exceeded, parameter-problem } accept
-		ip6 nexthdr ipv6-icmp icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, echo-request, echo-reply, mld-listener-query, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert } accept
-		tcp dport @tcp_accepted accept
-		udp dport @udp_accepted accept
-		iifname "tornet" tcp dport 9040 accept # tornet routing
-		iifname "tornet" udp dport 5353 accept # tornet routing
-		reject
-	}
-	chain forward {
-		type filter hook forward priority filter; policy drop;
-		jump base_checks
-		iifname "tornet" oifname "wlan0" ip protocol tcp accept # tornet routing
-		iifname "tornet" oifname "wlan0" udp dport 53 accept # tornet routing
-	}
-	chain output {
-		type filter hook output priority filter; policy accept;
-	}
-}
-# nat tables for tornet network interface
-table ip nat {
-	chain prerouting {
-		type nat hook prerouting priority dstnat; policy accept;
-		iifname "tornet" udp dport 53 dnat to 127.0.0.1:5353
-		iifname "tornet" ip protocol tcp dnat to 127.0.0.1:9040
-	}
-	chain postrouting {
-		type nat hook postrouting priority srcnat; policy accept;
-		oifname "wlan0" ip saddr 10.100.100.0/24 masquerade
-	}
-}
-</file>
-==== pacman ====
-project-insanity build server repo
-<file - /etc/pacman.conf>
-[...]
-[projectinsanity]
-SigLevel = PackageOptional
-Server = https://onny.project-insanity.org/archlinux
-</file>
-autoupdate
-<file - /etc/systemd/system/autoupdate.service>
-[Unit]
- Description=Automatic Update
- After=network-online.target
-[Service]
- Type=simple
- ExecStart=/usr/bin/pacman -Syuq --noconfirm --needed --noprogressbar
- TimeoutStopSec=180
- KillMode=process
- KillSignal=SIGINT
-[Install]
- WantedBy=multi-user.target
-</file>
-<file - /etc/systemd/system/autoupdate.timer>
-[Unit]
- Description=Automatic Update when booted up after 5 minutes then check the system for updates every 60 minutes
-[Timer]
- OnBootSec=5min
- OnUnitActiveSec=60min
- Unit=autoupdate.service
-[Install]
- WantedBy=multi-user.target
-</file>
-<code bash>
-systemctl enable --now autoupdate.timer
-</code>
-==== Nextcloud autosync ====
-<file - ~/.config/systemd/user/nextcloud_autosync.service>
-[Unit]
- Description=Automatic Nextcloud file sync
- After=network-online.target
-[Service]
- Type=simple
- ExecStart=/usr/bin/nextcloudcmd -h -n --exclude /home/onny/.nextcloud/sync-exclude.lst /home/onny/. https://nextcloud.project-insanity.org/remote.php/webdav/
- TimeoutStopSec=180
- KillMode=process
- KillSignal=SIGINT
-[Install]
- WantedBy=multi-user.target
-</file>
-<file - ~/.config/systemd/user/nextcloud_autosync.timer>
-[Unit]
- Description=Automatic sync files with Nextcloud when booted up after 5 minutes then rerun every 60 minutes
-[Timer]
- OnBootSec=5min
- OnUnitActiveSec=60min
- Unit=nextcloud_autosync.service
-[Install]
- WantedBy=multi-user.target
-</file>
-<file - ~/.netrc>
-default
-login onny
-password ****
-</file>
-<file - ~/.nextcloud/sync-exclude.lst>
-projects
-.cache
-.config
-.local
-.cargo
-.nvm
-.mozilla
-.purple
-.jd
-.conan
-.tor-browser-en
-</file>
-<code bash>
-sudo systemctl enable --user --now nextcloud_autosync.timer
-</code>
-==== misc ====
-hack to power on bluetooth after waking up from suspend:
-<file - /etc/systemd/system/root-resume.service>
-[Unit]
-Description=Local system resume actions
-After=suspend.target
-[Service]
-Type=simple
-ExecStart=/usr/bin/btmgt power on
-[Install]
-WantedBy=suspend.target
-</file>
-<file - /etc/systemd/system/activate_bt.service>
-Unit]
-Description=Power on bluetooth on startup
-[Service]
-ExecStart=/usr/bin/btmgmt power on
-[Install]
-WantedBy=multi-user.target
-</file>
-<code>
-sudo systemctl enable root-resume activate_bt
-</code>
-firefox addons
-<code>
- ublock origin, https everywhere, cookie auto delete
-</code>
-=== flatpak ===
-repos
-<code bash>
- flatpak remote-add --if-not-exists gnome https://sdk.gnome.org/gnome.flatpakrepo
- flatpak remote-add --if-not-exists tingping https://dl.tingping.se/flatpak/tingping.flatpakrepo
- flatpak remote-add --from gnome-apps https://sdk.gnome.org/gnome-apps.flatpakrepo
-</code>
-apps
-<code bash>
- flatpak install --from http://download.documentfoundation.org/libreoffice/flatpak/latest/LibreOffice.flatpak
- flatpak install tingping io.github.TransmissionRemoteGtk
- flatpak install --from https://s3.amazonaws.com/alexlarsson/spotify-repo/spotify.flatpakref
- flatpak install gnome-apps org.gnome.gedit
- flatpak install gnome-apps org.gnome.evince
- flatpak install --from https://firefox-flatpak.mojefedora.cz/firefox-devedition.flatpakref
-</code>
-sway
-<file - ~/.config/sway/startup.sh>
-udisks --mount /dev/sda3
-udisks --mount /dev/sda2
-alias snipping_tool='grim -g ('slurp') ('date').png'
-alias nmap="grc nmap"
-redshift -m wayland &
-firejail brave --ignore-gpu-blacklist &
-dunst &
-firejail --net=tornet whatsapp-web-desktop &
-firejail --net=tornet signal-desktop &
-</file>
-<file - ~/.config/sway/config>
-[...]
-set $term termite
-[...]
-set $menu dmenu_run
-[...]
-#output * bg /usr/share/backgrounds/sway/Sway_Wallpaper_Blue_1920x1080.png fill
-[...]
-input "1:1:AT_Translated_Set_2_keyboard" {
-    xkb_layout de
-    xkb_variant ,nodeadkeys
-    xkb_options grp:alt_shift_toggle
-}
-[...]
-#
-# Workspaces:
-#
-    workspace_auto_back_and_forth yes
-# Fancy names for workspaces
-set $w1 1: brave
-set $w2 2: signal
-set $w3 3: whatsapp
-set $w4 4
-set $w5 5
-set $w6 6
-set $w7 7
-set $w8 8
-set $w9 9
-set $w10 10
-    # switch to workspace
-    bindsym $mod+1 workspace $w1
-    bindsym $mod+2 workspace $w2
-    bindsym $mod+3 workspace $w3
-[...]
-bar {
-	status_command py3status
-	font pango:Source Sans Pro, FontAwesome 8
-	#tray_output primary
-	strip_workspace_numbers yes
-}
-input "2:7:SynPS/2_Synaptics_TouchPad" {
-	tap enabled
-}
-bindsym XF86AudioRaiseVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') +5%
-bindsym XF86AudioLowerVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') -5%
-bindsym XF86AudioMute exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/{print $3}') toggle
-bindsym XF86MonBrightnessDown exec brightnessctl set 5%-
-bar {
-	status_command py3status
-	font pango:Source Sans Pro, FontAwesome 8
-	#tray_output primary
-	strip_workspace_numbers yes
-}
-input "2:7:SynPS/2_Synaptics_TouchPad" {
-	tap enabled
-}
-bindsym XF86AudioRaiseVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') +5%
-bindsym XF86AudioLowerVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') -5%
-bindsym XF86AudioMute exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/{print $3}') toggle
-bindsym XF86MonBrightnessDown exec brightnessctl set 5%-
-bar {
-	status_command py3status
-	font pango:Source Sans Pro, FontAwesome 8
-	#tray_output primary
-	strip_workspace_numbers yes
-}
-input "2:7:SynPS/2_Synaptics_TouchPad" {
-	tap enabled
-}
-bindsym XF86AudioRaiseVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') +5%
-bindsym XF86AudioLowerVolume exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') -5%
-bindsym XF86AudioMute exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/{print $3}') toggle
-bindsym XF86MonBrightnessDown exec brightnessctl set 5%-
-bindsym XF86MonBrightnessUp exec brightnessctl set 5%+
-bindsym XF86Sleep exec systemctl suspend
-bindcode 244 exec swaylock -i /home/onny/pictures/lockbg.jpg --scaling fill
-bindcode 156 exec ~/.config/sway/toggle-btaudio.sh
-#
-# Assign windows to workspaces
-#
-assign [class="brave-browser"]		 → $w1
-assign [class="Signal"]		 → $w2
-assign [class="whats-app"]	 → $w3
-exec ~/.config/sway/startup.sh
-[...]
-</file>
-dunst
-<file - .config/dunst/dunstrc>                                                                                                                                                         [global]
-    font = lemon 10
-    allow_markup = yes
-    format = "%s\n%b"
-    sort = yes
-    indicate_hidden = yes
-    alignment = left
-    bounce_freq = 0
-    show_age_threshold = 60
-    word_wrap = yes
-    ignore_newline = no
-    geometry = "300x10-10+48"
-    transparency = 20
-    show_indicators = yes
-    idle_threshold = 120
-    monitor = 0
-    follow = mouse
-    sticky_history = yes
-    line_height = 5
-    separator_height = 0
-    padding = 10
-    horizontal_padding = 10
-    separator_color = #bfbfbf
-    startup_notification = false
-    browser = /usr/bin/firefox -new-tab
-    icon_position = left
-    icon_folders = /usr/share/icons/Notifications
-[frame]
-    color = "#000000"
-    width = 0
-[shortcuts]
-    close = ctrl+space
-    close_all = ctrl+shift+space
-    context = ctrl+shift+period
-    history = ctrl+shift
-[urgency_low]
-    background = "#ffffff"
-    foreground = "#282828"
-    timeout = 5
-[urgency_normal]
-    background = "#ffffff"
-    foreground = "#282828"
-    timeout = 5
-[urgency_critical]
-    background = "#ffffff"
-    foreground = "#000000"
-    timeout = 5
-[ignore1]
-  appname = pa-applet
-  format = ""
-[ignore2]
-  summary = Volume down notification
-  format = ""
-[ignore3]
-  summary = Volume up notification
-  format = ""
-[ignore4]
-  summary = Volume muted notification
-  format = ""
-</file>
-firejail
-<file - ~/.config/firejail/brave.profile>
-# Firejail profile for brave
-# This file is overwritten after every install/update
-# Persistent local customizations
-include /etc/firejail/brave.local
-# Persistent global definitions
-include /etc/firejail/globals.local
-noblacklist ${HOME}/.config/BraveSoftware
-# brave uses gpg for built-in password manager
-noblacklist ${HOME}/.gnupg
-mkdir ${HOME}/.config/BraveSoftware
-whitelist ${HOME}/.config/BraveSoftware
-whitelist ${HOME}/.gnupg
-# noexec /tmp is included in chromium-common.profile and breaks Brave
-ignore noexec /tmp
-# Redirect
-include /etc/firejail/chromium-common.profile
-</file>
-<file - .config/firejail/signal.profile>
-# Firejail profile for signal-desktop
-# This file is overwritten after every install/update
-# Persistent local customizations
-include /etc/firejail/signal-desktop.local
-# Persistent global definitions
-include /etc/firejail/globals.local
-noblacklist ${HOME}/.config/Signal
-noblacklist ${HOME} # hack
-include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-devel.inc
-include /etc/firejail/disable-programs.inc
-include /etc/firejail/disable-passwdmgr.inc
-mkdir ${HOME}/.config/Signal
-whitelist ${DOWNLOADS}
-whitelist ${HOME}/.config/Signal
-whitelist ${HOME} # hack
-include /etc/firejail/whitelist-common.inc
-include /etc/firejail/whitelist-var-common.inc
-caps.drop all
-netfilter
-nodvd
-nogroups
-nonewprivs
-noroot
-notv
-protocol unix,inet,inet6,netlink
-#seccomp
-#shell none
-disable-mnt
-private-dev
-#private-tmp
-#noexec ${HOME}
-</file>
-<file - ~/.config/firejail/Whatsapp.profile>
-noblacklist ~/.config
-mkdir ~/.config
-whitelist ~/.config
-noblacklist /opt/Whatsapp
-whitelist /opt/Whatsapp
-include /etc/firejail/whitelist-common.inc
-include /etc/firejail/default.profile
-include /etc/firejail/electron.local
-</file>
-brave
-<code bash>
-echo kernel.unprivileged_userns_clone = 1 | sudo tee /etc/sysctl.d/00-local-userns.conf
-</code>
-fish config
-<file - ~/.config/fish/fish.config>
-export QT_QPA_PLATFORM=wayland-egl
-export GDK_BACKEND='wayland,x11'
-export CLUTTER_BACKEND=wayland
-export XKB_DEFAULT_LAYOUT=de
-export TERMINAL=termite
-export EDITOR=vim
-export BROWSER=firefox
-export XDG_SESSION_TYPE=wayland
-export XDG_DESKTOP_DIR="/home/onny"
-export XDG_DOWNLOAD_DIR="$HOME/downloads"
-export ELECTRON_TRASH=gio
-[[ -z $DISPLAY && $XDG_VTNR -eq 1 ]] && exec dbus-launch sway
-</file>
-snipping tool
-<file - /usr/bin/snipping_tool>
-if [ "$1" = "-v" ]; then
-	wf-recorder -g "$(slurp)" -f "$(xdg-user-dir PICTURES)/$(date +'%Y-%m-%d-%H%M%S_wf-recorder.mp4')"
-else
-	slurp | grim -g - - | wl-copy && wl-paste > "$(xdg-user-dir PICTURES)/$(date +'%Y-%m-%d-%H%M%S_grim.png')"
-fi
-</file>
-===== ArchLinux =====
-==== system ====
-set extra capabilities for process
-<code bash>
-sudo setcap 'CAP_NET_BIND_SERVICE=+ep' /usr/bin/maddy
-</code>
-directory permissions
-<code bash>
-namei -l /mnt/external/audio
-</code>
-use acl to grant permission to files for specific user
-<code bash>
-setfacl -R -m u:maddy:rX /etc/ssl/example.org.crt /etc/ssl/example.org.key
-</code>
-pgrep get process pid by process name
-<code bash>
-$ pgrep sw3
-</code>
-set system time
-<code bash>
-timedatectl set-time "2014-05-26 11:13:54"
-</code>
-==== packaging ====
-git checkout aur package
-<code bash>
-git clone ssh://aur@aur.archlinux.org/pkgbase.git
-</code>
-=== commands ===
-update checksums inplace
-<code bash>
-updpkgsums
-</code>
-building a package in a clean dev chroot, path for pacman conf ''/usr/share/devtools/pacman-extra.conf''
-<code bash>
-cd <package-patch>
-ls PKGBUILD
-extra-x86_64-build # -c for cleaning up chroot. ~/chroot/root is a btrfs subvolume and has to be removed with btrfs!
-extra-x86_64-build -- -I ~/packages/foobar/foobar-2-1-any.pkg.tar.xz
-</code>
-advanced chroot with own packages preinstalled
-<code bash>
-mkdir ~/chroot
-export CHROOT=$HOME/chroot
-mkarchroot $CHROOT/root base-devel
-arch-nspawn $CHROOT/root pacman -Syu # updating it
-makechrootpkg -r $CHROOT -I package-1.0-1-i686.pkg.tar.xz # -c for clean chroot
-# repackage: makechrootpkg -r /home/onny/chroot -- -R
-</code>
-cheap python virtualenv
-<code bash>
-mkdir path
-ln -s /usr/bin/python2 path/python
-export PATH="$srcdir/path:$PATH"
-</code>
-abs deprecated, using asp
-<code bash>
-asp export linux
-</code>
-=== PKGBUILD ===
-Installation von Lizenzdateien:
-<code bash>
-install -D "LICENSE.txt" "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
-</code>
-Installation von Systemd-Units:
-<code bash>
-install -Dm644 "${srcdir}/btlive.service" "${pkgdir}/usr/lib/systemd/system/btlive.service"
-</code>
-Installation von Docs:
-<code bash>
-install -Dm644 README.md "$pkgdir/usr/share/doc/$pkgname/README.md"
-</code>
-Installation von Tmpfiles:
-<code bash>
-install -Dm644 "wallace/wallace.tmpfiles.d.conf" "${pkgdir}/usr/lib/tmpfiles.d/wallace.conf"
-</code>
-Installation von Libs:
-<code bash>
-install -m644 libdouble-conversion.so.0.0.0* "${pkgdir}/usr/lib/"
-</code>
-do not strip binary files
-<code>
-options=('!strip')
-</code>
-Installation von ausführbare Dateien:
-<code bash>
-install -Dm755 shareLinkCreator "${pkgdir}/usr/bin/sharelinkcreator"
-</code>
-Nginx/Apache Template-Dateien:
-<code bash>
- if [[ -n $(which httpd 2> /dev/null) ]]; then
-   backup=('etc/httpd/conf/extra/owncloud.conf')
- fi
- package(){
-   # install apache .conf file if apache is installed
-   if [[ -n $(which httpd 2> /dev/null) ]]; then
-      install -d  $pkgdir/etc/httpd/conf/extra
-      install -m 644 $srcdir/owncloud.conf  $pkgdir/etc/httpd/conf/extra/
-   fi
- }
-</code>
-Zielname der Quelldatei ändern:
-<code bash>
-source=("$pkgname-$pkgver.tar.gz::https://gitlab.com/gitlab-org/gitlab-ce/repository/archive?ref=v${pkgver}")
-</code>
-Architekturabhängige Build-Anweisung
-<code bash>
- build() {
-   cd "${srcdir}/oclHashcat"
-   if [[ "$CARCH" = "x86_64" ]]; then
-     make cudaHashcat64.bin
-   else
-     make cudaHashcat32.bin
-   fi
-   make nv_all
- }
-</code>
-pkgver git
-<code bash>
- pkgver() {
-   cd "mail"
-   #git describe --long | sed 's/\([^-]*-g\)/r\1/;s/-/./g'
-   git log -1 --format=%cd.%h --date=short|tr -d -
- }
-</code>
-Common install file example
-<code bash>
-post_install() {
-  mkdir /var/lib/zabbix
-  getent group lool > /dev/null || groupadd -r lool > /dev/null
-  getent passwd lool > /dev/null || useradd lool > /dev/null
-  chown -R lool:lool /var/cache/loolwsd \
-                     /opt/lool/child-roots
-}
-post_remove() {
-   userdel -rf lool
-   groupdel lool
-}
-</code>
-in pkgbuild reference
-<code bash>
-install="libreoffice-online-bin.install"
-</code>
-=== aurutils ===
-install packages into build container
-<code bash>
-arch-chroot /var/lib/aurbuild/x86_64/root pacman -S git
-pacman --root=/var/lib/aurbuild/x86_64/root -S git
-</code>
-add gpg key into build container
-<code bash>
-sudo -u aur gpg --recv-keys EB774491D9FF06E2
-</code>
-rebuild prebuild package and add to custom AUR repo
-<code bash>
-fakepkg webkitgtk2
-sudo -u aur repo-add /var/cache/pacman/aur/aur.db.tar /tmp/webkitgtk2-3:2.4.11-16-x86_64.pkg.tar.xz
-cp /tmp/webkitgtk2-3:2.4.11-16-x86_64.pkg.tar.xz /var/cache/pacman/aur
-</code>
-==== bluetooth ====
-Example session ''bluetoothctl''
-<code bash>
-# bluetoothctl
-[bluetooth]# default-agent
-[bluetooth]# scan on
-[bluetooth]# pair 00:12:34:56:78:90
-[bluetooth]# connect 00:12:34:56:78:90
-</code>
-==== usefull stuff ====
-pipe stderr to stdout
-<code bash>
-command 2>&1 >/dev/null | grep 'something'
-</code>
-pipe stderr and stdout both to a file
-<code bash>
-command &> error_log
-</code>
-locate pacnew files
-<code bash>
-find /etc -regextype posix-extended -regex ".+\.pac(new|save)" 2> /dev/null
-</code>
-or search entire disk
-<code bash>
-find / -regextype posix-extended -regex ".+\.pac(new|save)" 2> /dev/null
-</code>
-=== swapfile on btrfs ===
-<code bash>
-swapfile=$(losetup -f) #free loop device
-truncate -s 8G /swap   #create 8G sparse swap file
-losetup $swapfile /swap #mount file to loop
-mkswap  $swapfile
-swapon  $swapfile
-</code>
-search library availability in system, print file paths
-<code bash>
-ldconfig -p | grep blas
-</code>
-==== systemd nspawn (container) ====
-<code bash>
-pacman -S arch-install-scripts
-btrfs subvol create /var/lib/container/archlinux-base
-mkdir /etc/systemd/nspawn
-pacstrap /var/lib/container/archlinux-base base base-devel
-systemctl enable --now systemd-networkd systemd-resolved
-systemd-nspawn --boot -nD /var/lib/machines/archlinux-nextcloudcli --template=/var/lib/container/archlinux-base
-systemctl start systemd-nspawnd@archlinux-nextcloudcli
-machinectl shell root@archlinux-nextcloudcli /bin/bash -c "systemctl enable --now systemd-networkd systemd-resolved"
-</code>
-quit / exit / kill container: Hold ''Ctrl'' press '']'' three times
-==== systemd service ====
-set environment
-<file - /etc/systemd/system/piradio.service>
-[Unit]
-Description=PiRadio
-After=network-online.target
-After=bluetooth.service
-[Service]
-Environment="XDG_RUNTIME_DIR=/run/user/1001"
-Type=simple
-User=piradio
-WorkingDirectory=/usr/lib/piradio
-ExecStartPre=/bin/sleep 5
-ExecStart=/usr/lib/piradio/piradio
-Restart=on-abort
-[Install]
-WantedBy=multi-user.target
-WantedBy=network-online.target
-</file>
-===== kernel =====
-grep kernel config running system
-<code bahs>
-zcat /proc/config.gz | grep VDSO
-</code>
-===== fish =====
-unset history
-<code>
-fish --private
-</code>
-===== bash =====
 lzma hado compression and extraction
 <code bash>
@@ Line 939: / Line 88: @@
 chmod +x $FILE
 $FILE "$@"
-</code>
-==== sed ====
-Mit sed inplace eine Zeile zu einer Datei hinzufügen:
-<code bash>
-sed -i '9i#include <algorithm>' liboffsetfinder64/vmem.cpp
-</code>
-add to end of file
-<code bash>
-sed -i -e '$aretry $@' retry.sh
-</bash>
-Comment out specific line matching a string
-<code bash>
-sudo sed -e '/pam_securetty.so/ s/^#*/#/' -i delugecontainer/etc/pam.d/login
-</code>
-comment out multiple lines / range
-<code bash>
-sed -i "28,33 s/# *//" autogen.sh
-</code>
-regex parse value of xml tags
-<code bash>
-sed -n 's/.*<id>\(.*\)<\/id>.*/\1/p' myfile.txt
-</code>
-delete multiple lines
-<code bash>
-sed -i '2,3d;5d;8d' file
 </code>
-insert line after match
-<code bash>
-sed  '/\[option\]/a Hello World' input
-</code>
 ==== grep ====
 regex match group
@@ Line 992: / Line 112: @@
 </code>
-==== rg ====
+execute command
-filter file type
 <code bash>
-rg GPIO_CFG_2MA -g '*.h'
+fd --type f -e doc -e docx -e pdf -i gabriel -x cp --backup=t {} /tmp/gabriel/
 </code>
-==== curl ====
-post data
+find filenames unallowed characters
 <code bash>
-curl --data "UserId=eb8c2ec5352843d3a16ca11c26d3551c&Name=lolorollo&api_key=a5dc4e***9c9e0a***3" "https://turbotux.de/Playlists?UserId=eb8c2ec5352843d3a16ca11c26d3551c&Name=lolorollo&api_key=a5***d***9e0***3"
+fd '[^A-Z a-züö@0-9._-]' remote/200_Archiv/CP_Dont_Touch
-</code>
-download and extract archive
-<code bash>
-curl http://wordpress.org/latest.tar.gz | tar xvz
-</code>
-set host header
-<code bash>
-torify curl --header "Host: http.pi" blog.project-insanity.org
-</code>
-==== tcpdump ====
-specific ports
-<code bash>
-tcpdump -i eth0 -q '(tcp port 80) or (tcp port 443)' -A
-</code>
-exclude specific host
-<code bash>
-tcpdump -i eth0 -q '(ip or ip6) and (tcp port 80) or (tcp port 443) and not host ifconfig.co' -A
 </code>
 ==== patching ====
 === appling ===
@@ Line 1035: / Line 138: @@
 </code>
+==== xargs ====
+<code>
+fd . | xargs -I {} rm "{}"
+</code>
 ===== rsync =====
 custom ssh port
@@ Line 1059: / Line 167: @@
 </file>
 ===== networking =====
-netcat
-<code bash>
-netcat -l 4444
-</code>
-<code bash>
-netcat playground.pi 4444
-</code>
 ==== nftables ====
 <code bash>
@@ Line 1108: / Line 209: @@
 </code>
 </code>
-==== ip ====
-route command example
-<code bash>
-ip route add 192.168.1.0/24 dev eth0
-ip route add default via 192.168.1.1
-</code>
-flush addresses
-<code bash>
-ip addr flush dev enp8s0
-</code>
-remove interface
-<code bash>
-ip link delete br0
-</code>
-delete address
-<code bash>
-ip addr del 192.168.178.20/24 dev eth0
-</code>
-set address
-<code bash>
-ip address add dev usb0 172.16.42.1/24
-ip link set usb0 up
-</code>
-show only specific interface
-<code bash>
-ip a show wg0
-</code>
 ==== dnsmasq ====
 minimal hostapd and dnsmasq config
@@ Line 1187: / Line 262: @@
 compression
 <code bash>
-convert -density 200x200 -units PixelsPerInch -compress jpeg -quality 70 in.pdf out.pdf
+gm convert -density 200x200 -units PixelsPerInch -compress jpeg -quality 70 in.pdf out.pdf
 </code>
 lossless merge
@@ Line 1225: / Line 300: @@
 ==== batch convert images ====
 <code bash>
-for i in *.png ; do gm convert "$i" "${i%.*}.jpg" ; done
+for i in *.jpeg; convert -resize 30% $i (string replace jpeg jpg $i); end
 </code>
 ==== lossless mp3 merge ====
@@ Line 1243: / Line 318: @@
 </code>
 ===== security =====
+==== web discovery ====
+=== photon ===
+<code>
+photon -u test.example.org
+</code>
 ==== lynis ====
@@ Line 1258: / Line 341: @@
 ==== wfuzz ====
 <code bash>
-torify wfuzz -c --hc 404 -w /opt/wfuzz/wordlist/general/megabeast.txt http://www.leeel.de/FUZZ
+wfuzz -c --hc 404 -w /opt/wfuzz/wordlist/general/megabeast.txt http://www.leeel.de/FUZZ
-torify wfuzz -c --hc 404,403 -w /opt/wfuzz/wordlist/general/admin-panels.txt -w /opt/wfuzz/wordlist/general/extensions_common.txt http://www.leeel.de/FUZZFUZ2Z
+wfuzz -c --hc 404,403 -w /opt/wfuzz/wordlist/general/admin-panels.txt -w /opt/wfuzz/wordlist/general/extensions_common.txt http://www.leeel.de/FUZZFUZ2Z
 </code>
 Preparing data for LFI scan
@@ Line 1274: / Line 357: @@
     * https://github.com/maurosoria/dirsearch
   * wifite wifi auditing tool
+sec tools
+  * dirbuster
+  * https://mitmproxy.org/
+  * **tiger** - system sec scanner
+  * sub domain evaluation
+    * https://github.com/kpcyrd/sn0int
+    * https://github.com/OWASP/Amass
+    * subfinder (passive, external sources)
+  * vhost scanning
+    * https://github.com/codingo/VHostScan
+  * bettercap - wifi network
+  * iodine dns tunnel https://code.kryo.se/iodine/
+  * command searchsploit in exploitdb
+  * NixOS for Pentesting Overview https://github.com/NixOS/nixpkgs/issues/81418
 ===== chromium / chrome =====
@@ Line 1281: / Line 380: @@
 </code>
 ===== docker =====
-Short example
+Pull
 <code bash>
- sudo systemctl start docker
+docker pull ubuntu:22.04
- gpasswd -a onny docker
+docker pull rootlogin/nextcloud:develop
- docker run -d -p 80:80 rootlogin/nextcloud
- docker run -v /home/onny/projects/nextcloud-app-radio:/opt/nextcloud/apps/radio -d --name nextcloud -p 80:80 rootlogin/nextcloud
 </code>
+Run
+<code bash>
+docker run -td ubuntu:22.04
+</code>
+Executing
+<code bash>
+docker exec -it ffffdfdfsdfsdfsfsffsdfs /bin/bash
+</code>
+Nextcloud
+<code bash>
+docker run -d -p 80:80 rootlogin/nextcloud
+docker run -v /home/onny/projects/nextcloud-app-radio:/opt/nextcloud/apps/radio -d --name nextcloud -p 80:80 rootlogin/nextcloud
+</code>
 Debugging it
 <code bash>
@@ Line 1293: / Line 408: @@
  docker exec -i -t e326cbb922aa /bin/bash # exec new shell running container
 </code>
 Pull from repository
 <code>
@@ Line 1303: / Line 419: @@
  docker run -i -t e326cbb922aa /bin/bash
 </code>
-Pull specific tagged image
-<code bash>
-docker pull rootlogin/nextcloud:develop
-</code>
 Build from Dockerfile
 <code>
@@ Line 1330: / Line 443: @@
 docker system prune -a
 </code>
-docker stop all container
-<code bash>
-docker stop (docker ps -a -q)
-</code>
 prevent from auto start
 <code bash>
-docker update --restart=no
+docker update --restart=no client-iaro_db_1
 </code>
 docker commit container and rerun
@@ Line 1345: / Line 456: @@
 $ docker commit 5a8f89adeead newimagename
 $ docker run -ti -v "$PWD/dir1":/dir1 -v "$PWD/dir2":/dir2 newimagename /bin/bash
+</code>
+Run emulated multiarch images
+<code bash>
+docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+docker run --rm -t arm32v7/alpine uname -m
+docker run -it --rm arm32v7/alpine ash
+# keep it running
+docker run -d -it --name alpine-armv7 --platform linux/arm/v7 arm32v7/alpine /bin/sh
 </code>
@@ Line 1523: / Line 643: @@
 </code>
-delete remote branch (onny is the remote shortname)
+delete branch
 <code bash>
-git push onny --delete samsung-treltexx
+git branch # list
+git branch -d swaybar
+git push onny -d samsung-treltexx # delete remote branch
 </code>
@@ Line 1556: / Line 680: @@
 git checkout 13243f2eafc4292917178051fe1bb5aab2774dca -p include/mmc.h drivers/mmc/mmc.c arch/arm/include/asm/arch-exynos/mmc.h drivers/mmc/s5p_sdhci.c common/cmd_mmc.c common/cmd_mmc_spi.c common/env_mmc.c include/sdhci.h
 </code>
-delete branch
-<code bash>
-git branch # list
-git branch -d swaybar
-</code>
 rebase
 <code bash>
 git remote add upstream https://github.com/whoever/whatever.git
@@ Line 1613: / Line 734: @@
 <code bash>
 git commit --amend --no-edit
+</code>
+overwrite branch with other branch
+<code bash>
+git checkout maddy
+git reset --hard maddytest
+git push onny maddy -f
+</code>
+modify older or specific commit
+<code bash>
+git rebase --interactive 'bbc643cd^'
+# make changes
+git commit --all --amend --no-edit
+git rebase --continue
+</code>
+add co-author / co-authors to commit
+<code bash>
+git commit --amend
+# Add line: Co-authored-by: name <name@example.com>
 </code>
 ===== yum =====
@@ Line 1816: / Line 959: @@
 ngrep -q -W byline "search" host www.google.com and port 80
 </code>
-  * sec
-    * https://mitmproxy.org/
-    * **tiger** - system sec scanner
-    * sub domain evaluation
-      * https://github.com/kpcyrd/sn0int
-      * https://github.com/OWASP/Amass
-      * subfinder (passive, external sources)
-    * vhost scanning
-      * https://github.com/codingo/VHostScan
-    * bettercap - wifi network
-    * iodine dns tunnel https://code.kryo.se/iodine/
-    * command searchsploit in exploitdb
   * sys
     * **usbtop**
@@ Line 1908: / Line 1039: @@
 </code>
 ===== nixos =====
 apply changes to system
-<code bash>
-nixos-rebuild switch
+<code>
+sudo nixos-rebuild switch --flake '/etc/nixos#joes-desktop'
+sudo nixos-rebuild boot --flake '/etc/nixos#joes-desktop' # raspi specific
 </code>
 update channel, rebuild and switch
 <code bash>
 nixos-rebuild switch --upgrade
 </code>
 search package
 <code bash>
 nix search gedit
 </code>
 nixos testing environement
 <code bash>
 nix-shell -p toilet
 </code>
 install unstable package
 <code bash>
 nix-channel --add https://nixos.org/channels/nixos-unstable unstable
@@ Line 1930: / Line 1072: @@
 nix-env -iA unstable.pdfarranger
 </code>
 custom local repository, list packages
 <code bash>
 nix-env -f /etc/nixos/apps -qaP '*'
 </code>
 install package from local repo
 <code bash>
 nix-env -f /etc/nixos/apps -iA xerox6000-6010
 </code>
 package shell script
 <code>
   # Here we but a shell script into path, which lets us start sway.service (after importing the environment of the login shell).
@@ Line 1992: / Line 1140: @@
 nix-env --query
 </code>
 python virtualenv
 <code bash>
 nix-shell -p python3Packages.virtualenv
@@ Line 1999: / Line 1149: @@
 pip install -r requirements.txt
 </code>
 local repository (nixpkgs clone) as systemwide channel
 <code bash>
 $ nix-build nixos/release.nix -A channel --arg nixpkgs  '{ outPath = ./. ; revCount = "'$(git rev-list HEAD | wc -l)'"; shortRev = "'$(git rev-parse --short HEAD)'"; }'
@@ Line 2008: / Line 1160: @@
 $ sudo nix-channel --update
 </code>
 test packages git pull request
 <code>
 let
@@ Line 2033: / Line 1187: @@
       )];
 </code>
 retrieve hash
 <code bash>
 curl -sL https://github.com/NixOS/nixpkgs/pull/64977.patch \
@@ Line 2042: / Line 1198: @@
 env NIXPKGS_ALLOW_UNFREE=1 nix-env -f /home/onny/projects/nur-packages -iA ocenaudio
 </code>
 build local package
 <code bash>
+cd nixpkgs
+nix build -f ./. python310Packages.baserow
+nix build -f ./. nodePackages.hyperpotamus
 nix-build -E 'with import <nixpkgs> { }; callPackage ./default.nix { nodejs = pkgs."nodejs-10_x"; }'
+nix-build -E 'with import /home/onny/nixpkgs { }; libsForQt5.callPackage ./pkgs/applications/office/shelf/default.nix {}'
 </code>
 rebuilding with progress indication
 <code bash>
 nix build '(with import <nixpkgs/nixos> { }; system)'
 nixos-rebuild -I nixpkgs=/home/onny/projects/nixpkgs switch --max-jobs 1
 </code>
-quick launch program
+run program
 <code bash>
-nix run nixpkgs.electrum --command electrum
+nix run nixpkgs#electrum -- --help
+nix run github:TheZombie1999/nixpkgs#upscaly
+nix shell nixpkgs#hash-slinger --command tlsa --create example.org
 </code>
 review repository
 <code bash>
 git clone https://github.com/NixOS/nixpkgs.git
@@ Line 2061: / Line 1232: @@
 nixpkgs-review pr 98044
 </code>
 setup python virtualenv, working pip
 <code>
 .17.3.6. How to consume python modules using pip in a virtual environment like I am used to on other Operating Systems?
@@ Line 2068: / Line 1241: @@
 which package provides certain file
 <code>
 command-not-found telnet
@@ Line 2073: / Line 1247: @@
 use module from unstable
 <code>
 let
@@ Line 2084: / Line 1259: @@
 {
-  # FIXME
+  disabledModules = [
+    "programs/firejail.nix"
+    "services/web-apps/nextcloud.nix"
+  ];
   imports = [
     "${fetchTarball "https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz"}/nixos/modules/services/security/opensnitch.nix"
+    /home/onny/projects/nixpkgs2/nixos/modules/services/networking/create_ap.nix
   ];
   nixpkgs.config.packageOverrides = pkgs: rec {
@@ Line 2095: / Line 1275: @@
 </code>
-overlay: use / overwrite package from custom repo or fork:
+overlay: use / overwrite package from custom remote or local repo / fork:
 <code>
   nixpkgs.overlays = [
@@ Line 2104: / Line 1285: @@
         sha256 = "1jp98jhc4mw9bipdiq7qdrzn3lslk4mi7prqfh2v43isgsvpd6bg";
       }) { config = { allowUnfree = true; }; }).foo2zjs;
+      linux-wifi-hotspot = (import /home/onny/projects/nixpkgs2 {}).linux-wifi-hotspot;
     })
   ];
+</code>
+overlay generate package derivation which includes custom files
+<code>
+  nwjs' = nwjs.overrideAttrs (x: {
+    ffmpegPrebuilt = fetchurl {
+      url = "https://github.com/iteufel/nwjs-ffmpeg-prebuilt/releases/download/${x.version}/${x.version}-linux-x64.zip";
+      sha256 = "1ch14s80p4dpwkhwa831kqy4j7m55v1mdxvq0bdaa5jpd7c75mbk";
+    };
+    patchPhase = ''
+      cd lib
+      ${unzip}/bin/unzip -o $ffmpegPrebuilt
+      ${x.patchPhase or ""}
+    '';
+  });
+</code>
+use local src / source
+<code>
+  src = /home/onny/projects/linux-wifi-hotspot;
+  unpackPhase = ''cp -r --no-preserve=mode $src/* .'';
 </code>
 python environment with gobject introspection etc
 <code bash>
 nix-shell -p 'python3.withPackages (p: [p.pygobject3])' -p libnotify -p gobjectIntrospection
@@ Line 2114: / Line 1320: @@
 package overlay and override attributes
 <code>
   nixpkgs.overlays = [
@@ Line 2128: / Line 1335: @@
           rm -r $out/share/wordpress/wp-content/themes/*
         '';
+      });
+      foo2zjs = super.foo2zjs.overrideAttrs (oldAttrs: rec {
+        src = builtins.fetchurl {
+          url = "https://github.com/onny/nixpkgs/archive/foo2zjs-colorfix.tar.gz";
+          sha256 = "0xksz2p2l0jx083hlbrh295ncb2lgsp9b8nwdig3lyinl5x";
+        };
+        patches = (oldAttrs.patches or []) ++ [
+          (pkgs.fetchpatch {
+            url = "https://raw.githubusercontent.com/onny/nixpkgs/12b6026fb0a4119e40a095aae224eaaf27098c10/pkgs/misc/drivers/foo2zjs/dell1250c-a4fix.patch";
+            sha256 = "0lvbryw6ymh0ahwkhqsgmjimg5saa8b1xnxmyyjxrbi3l3a6flll";
+          })
+        ];
       });
     })
@@ Line 2133: / Line 1352: @@
 </code>
-fetchpatch
+fetchpatch array
 <code>
-  patches = [
+patches = map fetchpatch [
-    ./no-hardcode-fw.diff
+  /* This patch is currently necessary for the unit test suite to run correctly.
+   * See https://www.mail-archive.com/klee-dev@imperial.ac.uk/msg03136.html
+   * and https://github.com/klee/klee/pull/1458 for more information.
+   */
+  #{
+  #  name = "fix-gtest";
+  #  sha256 = "F+/6videwJZz4sDF9lnV4B8lMx6W11KFJ0Q8t1qUDf4=";
+  #  url = "https://github.com/klee/klee/pull/1458.patch";
+  #}
-    # Support HBPL1 printers https://www.dechifro.org/hbpl/
+  # This patch fixes test compile issues with glibc 2.33+.
-    ./hbpl1.patch
+  #{
+  #  name = "fix-glibc-2.33";
-    # Fix "Unimplemented paper code" error for hbpl1 printers
+  #  sha256 = "PzxqtFyLy9KF1eA9AAKg1tu+ggRdvu7leuvXifayIcc=";
-    # https://github.com/mikerr/foo2zjs/pull/2
+  #  url = "https://github.com/klee/klee/pull/1385.patch";
-    (fetchpatch {
+  #}
-      url = "https://patch-diff.githubusercontent.com/raw/mikerr/foo2zjs/pull/2.patch";
-      sha256 = "0lvbryw6ymh0ahwkhqsgmjimg5saa8b1xnxmyyjxrbi3l3a6fbvy";
-    })
-  ];
 </code>
@@ Line 2155: / Line 1377: @@
 <code>
 nix-locate -w libnss3.so
+</code>
+list package content
+<code>
+tree (nix-instantiate --eval -E 'with import <nixpkgs> {}; glibcLocales.outPath' | xargs)
 </code>
 nixos-shell usage
 <code bash>
 QEMU_NET_OPTS="hostfwd=tcp::8080-:80" NIX_PATH=nixpkgs=/home/onny/projects/nixpkgs nixos-shell vm-invoiceplane.nix
+sudo -E QEMU_NET_OPTS="hostfwd=tcp::80-:80" NIX_PATH=nixpkgs=/home/onny/projects/nixpkgs nixos-shell vm-invoiceplane.nix
+</code>
+systemd one shot service
+<code>
+  # Symlink nvim user config for root user
+  systemd.services.nvim-symlink = {
+    script = ''
+      if [[ ! -h "/root/.config/nvim" ]]; then
+        ln -s "/home/onny/.config/nvim" "/root/.config/"
+      fi
+    '';
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "oneshot";
+    };
+  };
+</code>
+nix repl
+<code bash>
+nix repl '<nixpkgs>'
+# wordpressPackages.plugins.gutenberg.meta.license
 </code>
 ==== packaging ====
@@ Line 2183: / Line 1436: @@
 cd /path/to/nixpkgs
 nix-build -A nodePackages.<new-or-updated-package>
+nix-build -E 'with import /home/onny/projects/nixpkgs { }; python3Packages.callPackage ./pkgs/development/python-modules/pyasn {}'
 </code>
@@ Line 2203: / Line 1457: @@
 <code>
 { lib
-, mkDerivation
+, stdenv
 , fetchFromGitLab
 , cmake
@@ Line 2213: / Line 1467: @@
 }:
-mkDerivation rec {
+stdenv.mkDerivation rec {
   pname = "pdfmixtool";
   version = "1.0.2";
@@ Line 2421: / Line 1675: @@
 }:
-let
+appimageTools.wrapType2 rec {
-  version = "1.7.4";
+  pname = "sonixd";
-in
+  version = "0.14.0";
-appimageTools.wrapType2 {
-  name = "session-desktop-appimage-${version}";
   src = fetchurl {
-    url = "https://github.com/oxen-io/session-desktop/releases/download/v${version}/session-desktop-linux-x86_64-${version}.AppImage";
+    url = "https://github.com/jeffvli/sonixd/releases/download/v${version}/Sonixd-${version}-linux-x86_64.AppImage";
-    sha256 = "1yjah9ip3r2irvv2g9j0ql55nkmpwml7lngmq954xrkq9smrdrm5";
+    sha256 = "sha256-q+26Ut5wN9gFDBdqirR+he/ppu/b1wiqq23WkcRAQd4=";
   };
+  extraInstallCommands = ''
+    mv $out/bin/sonixd-${version} $out/bin/sonixd
+  '';
   meta = with lib; {
-    description = "Onion routing based messenger";
+    description = "Full-featured Subsonic/Jellyfin compatible desktop music player";
-    homepage = "https://getsession.org/";
+    homepage = "https://github.com/jeffvli/sonixd";
     license = licenses.gpl3Only;
-    maintainers = with maintainers; [ alexnortung ];
+    maintainers = with maintainers; [ onny ];
     platforms = [ "x86_64-linux" ];
   };
 }
 </code>
+packaging java / jar file
+<code>
+  installPhase = ''
+    mkdir -p $out/{bin,lib}
+    cp ${src}/briar-desktop.jar $out/lib/
+    makeWrapper ${openjdk}/bin/java $out/bin/briar-desktop \
+      --add-flags "-jar $out/lib/briar-desktop.jar"
+  '';
+</code>
+==== tests ====
+run tests interactively
+<code bash>
+nix build -L -f . nixosTests.invoiceplane.driverInteractive
+./result/bin/nixos-test-driver
+> startAll
+> testScript
+> $machine->succeed("touch /tmp/foo")
+> print($machine->succeed("pwd")) # Show stdout of command
+</code>
 ==== nixops ====
@@ Line 2494: / Line 1775: @@
 fatlabel /dev/sdb1 "mystick"
 </code>
 resize extX partition
 <code bash>
 sfdisk -l /dev/sdb
@@ Line 2522: / Line 1805: @@
 # 7. (a) partition is bootable flag
 # 8. (w) write changes
+</code>
+recover gpt partition
+<code bash>
+sgdisk -e /dev/sda
 </code>
 ==== lvm ====
@@ Line 2574: / Line 1862: @@
 </code>
-===== avahi =====
-discover local services
-<code bash>
-avahi-browse --all --ignore-local --resolve --terminate
-</code>
 ===== curlftpfs =====
 <code bash>
@@ Line 2727: / Line 2011: @@
 wf-recorder -d /dev/dri/renderD128 -c h264_vaapi --bframes 0 -p crf=20 -aalsa_output.pci-0000_00_1b.0.analog-stereo.monitor --file=recording_encoded.mp4
 </code>
+===== cups =====
+list printers
+<code>
+$ lpstat -p -d
+printer Dell_1250c is idle.  enabled since Tue 28 Dec 2021 09:44:59 AM UTC
+printer Dell_1250c_USB is idle.  enabled since Tue 28 Dec 2021 09:44:59 AM UTC
+</code>
+print file
+<code>
+lp -d Dell_1250c_USB -o fit-to-page -o media=A4 scared_cat.png
+</code>
+list jobs
+<code>
+$ lpstat
+Dell_1250c_USB-2        root            340992   Tue 28 Dec 2021 09:57:08 AM UTC
+</code>
+cancel job
+<code>
+cancel 1
+</code>
+===== qemu =====
+booting armv7 alpinelinux
+<code bash>
+# download kernel and stuff from here http://dl-cdn.alpinelinux.org/alpine/edge/releases/armv7/netboot/
+qemu-system-arm -M virt -m 512M -cpu cortex-a15 -kernel vmlinuz-lts -initrd initramfs-lts -append "console=ttyAMA0 ip=dhcp alpine_repo=http://dl-cdn.alpinelinux.org/alpine/edge/main/" -nographic
+</code>
+===== postgresql =====
+list all databases
+<code bash>
+sudo -u postgres psql
+# \l
+</code>
+drop database
+<code bash>
+sudo -u postgres psql
+# drop database gitlabhq_production;
+# drop database gitlabhq_production WITH (FORCE);
+</code>
+list tables
+<code bash>
+sudo -u postgres psql
+# \c gitlabhq_production
+# \dt
+</code>
+create and delete user
+<code>
+DROP ROLE gitlab;
+CREATE USER gitlab WITH PASSWORD 'test123';
+</code>
+grant permissions
+<code>
+ALTER USER gitlab SUPERUSER;
+CREATE DATABASE gitlabhq_production OWNER gitlab;
+ALTER DATABASE gitlabhq_production OWNER TO gitlab;
+</code>
+dump database
+<code>
+pg_dump -U gitlab gitlabhq_production > /tmp/gitlab.pgsql
+</code>
+dump all
+<code>
+pg_dumpall > /tmp/dump_file_name.tar
+</code>
+import database
+<code>
+psql# CREATE DATABASE gitlabhq_production;
+psql -U gitlab gitlabhq_production < gitlab.pgsql
+</code>

Project-Insanity

Site Tools

Differences

Page Tools