From ecde1dee42a127aeaabdd650b651b2ded0ad72f2 Mon Sep 17 00:00:00 2001 From: Michele Cereda Date: Sat, 15 Jun 2024 18:48:34 +0200 Subject: [PATCH] chore: import notes from an old repository --- .../apt/preferences.d/99kde-latest-pinning | 3 + knowledge base/grafana.md | 2 +- knowledge base/vboxmanage.md | 25 ++++++- snippets/ansible.sh | 1 + snippets/apt.sh | 66 +++++++++++++++++++ snippets/dnf.sh | 22 +++++++ snippets/docker.sh | 6 ++ snippets/encrypt devices.sh | 7 ++ snippets/find.sh | 2 + snippets/git.sh | 37 +++++++++++ snippets/gnupg.fish | 23 ++++++- snippets/google-drive.sh | 3 + snippets/keybase.sh | 6 ++ snippets/osx.sh | 32 +++++++-- snippets/pacman.sh | 8 +++ snippets/pre-commit.sh | 17 +++++ snippets/rsync.sh | 14 ++++ snippets/ssh.sh | 3 + snippets/stow.sh | 3 + snippets/virtualbox.sh | 4 ++ snippets/winget.bat | 1 + snippets/zypper.sh | 2 +- 22 files changed, 274 insertions(+), 13 deletions(-) create mode 100644 examples/apt/preferences.d/99kde-latest-pinning create mode 100644 snippets/apt.sh create mode 100644 snippets/encrypt devices.sh create mode 100644 snippets/google-drive.sh create mode 100644 snippets/keybase.sh create mode 100644 snippets/pacman.sh create mode 100644 snippets/pre-commit.sh create mode 100644 snippets/rsync.sh create mode 100644 snippets/ssh.sh create mode 100644 snippets/stow.sh create mode 100644 snippets/virtualbox.sh create mode 100644 snippets/winget.bat diff --git a/examples/apt/preferences.d/99kde-latest-pinning b/examples/apt/preferences.d/99kde-latest-pinning new file mode 100644 index 0000000..0313451 --- /dev/null +++ b/examples/apt/preferences.d/99kde-latest-pinning @@ -0,0 +1,3 @@ +Package: kde-* plasma-* +Pin: release n=unstable +Pin-Priority: 600 diff --git a/knowledge base/grafana.md b/knowledge base/grafana.md index 0ed25b5..bd2a7fb 100644 --- a/knowledge base/grafana.md +++ b/knowledge base/grafana.md @@ -34,7 +34,7 @@ curl -sS \ ```sh helm repo add 'grafana' 'https://grafana.github.io/helm-charts' -helm -n 'monitoring' upgrade -i --create-namespace 'grafana' 'grafana/grafana' +helm -n 'monitoring' upgrade -i --create-namespace --set adminPassword='abc0123' 'grafana' 'grafana/grafana' helm -n 'monitoring' upgrade -i --create-namespace --repo 'https://grafana.github.io/helm-charts' 'grafana' 'grafana' ``` diff --git a/knowledge base/vboxmanage.md b/knowledge base/vboxmanage.md index 3af4c69..8ca8166 100644 --- a/knowledge base/vboxmanage.md +++ b/knowledge base/vboxmanage.md @@ -1,8 +1,8 @@ # VBoxManage -## Table of contents - 1. [TL;DR](#tldr) +1. [Further readings](#further-readings) + 1. [Sources](#sources) ## TL;DR @@ -10,4 +10,25 @@ # Create host-only virtual networks. VBoxManage hostonlynet add --name='network_name' --enable \ --netmask='255.255.255.0' --lower-ip=192.168.12.100 --upper-ip=192.168.12.200 + +# Install extension packs. +wget -q 'https://download.virtualbox.org/virtualbox/6.1.22/Oracle_VM_VirtualBox_Extension_Pack-6.1.22.vbox-extpack' \ + --output-document '/tmp/Oracle_VM_VirtualBox_Extension_Pack-6.1.22.vbox-extpack' +sudo VBoxManage extpack install '/tmp/Oracle_VM_VirtualBox_Extension_Pack-6.1.22.vbox-extpack' --replace \ + --accept-license '33d7284dc4a0ece381196fda3cfe2ed0e1e8e7ed7f27b9a9ebc4ee22e24bd23c' ``` + +## Further readings + +### Sources + + + + + + + + diff --git a/snippets/ansible.sh b/snippets/ansible.sh index 1cc8690..5a8f265 100644 --- a/snippets/ansible.sh +++ b/snippets/ansible.sh @@ -21,6 +21,7 @@ ansible-playbook 'gitlab.yml' --list-tasks --skip-tags 'system,user' # Create new roles. ansible-galaxy init 'gitlab' +ansible-galaxy role init 'my_role' ansible-galaxy role init --type 'container' --init-path 'gitlab' 'name' # Apply changes. diff --git a/snippets/apt.sh b/snippets/apt.sh new file mode 100644 index 0000000..fb42c6e --- /dev/null +++ b/snippets/apt.sh @@ -0,0 +1,66 @@ +#!/usr/bin/env sh + +cat <<-EOF | sudo tee /etc/apt/sources.list.d/debian-stable.list + deb http://deb.debian.org/debian/ stable main contrib non-free + #deb-src http://deb.debian.org/debian/ stable main contrib non-free + + deb http://security.debian.org/debian-security stable-security main contrib non-free + #deb-src http://security.debian.org/debian-security stable-security main contrib non-free + + # stable-updates, to get updates before a point release is made; + # see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports + deb http://deb.debian.org/debian/ stable-updates main contrib non-free + #deb-src http://deb.debian.org/debian/ stable-updates main contrib non-free + + # stable-backports, previously on backports.debian.org + # apt expects the release codename for backports, not "stable" + #deb http://deb.debian.org/debian/ stable-backports main contrib non-free + #deb-src http://deb.debian.org/debian/ stable-backports main contrib non-free +EOF +cat <<-EOF | sudo tee /etc/apt/sources.list.d/debian-testing.list + deb http://deb.debian.org/debian/ testing main contrib non-free + #deb-src http://deb.debian.org/debian/ testing main contrib non-free + + deb http://security.debian.org/debian-security testing-security main contrib non-free + #deb-src http://security.debian.org/debian-security testing-security main contrib non-free + + # testing-updates, to get updates before a point release is made; + # see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports + deb http://deb.debian.org/debian/ testing-updates main contrib non-free + #deb-src http://deb.debian.org/debian/ testing-updates main contrib non-free + + # testing-backports, previously on backports.debian.org + deb http://deb.debian.org/debian/ testing-backports main contrib non-free + #deb-src http://deb.debian.org/debian/ testing-backports main contrib non-free +EOF +cat <<-EOF | sudo tee /etc/apt/sources.list.d/debian-unstable.list + deb http://deb.debian.org/debian/ unstable main contrib non-free + #deb-src http://deb.debian.org/debian/ unstable main contrib non-free +EOF +cat <<-EOF | sudo tee /etc/apt/preferences.d/90pin-to-release + Package: * + Pin: release n=testing + Pin-Priority: 990 + + Package: * + Pin: release n=stable + Pin-Priority: 500 + + Package: * + Pin: release n=bullseye + Pin-Priority: 450 + + Package: * + Pin: release n=unstable + Pin-Priority: -1 +EOF + +sudo apt update + +sudo apt install './keybase_amd64.deb' +sudo apt install --assume-yes 'plasma-desktop' 'plasma-nm' 'dolphin-plugins' 'konsole' 'sddm-theme-debian-breeze' 'kate' +DEBIAN_FRONTEND='noninteractive' apt-get --assume-yes --target-release 'unstable' install 'kde-plasma-desktop' + +sudo apt-mark auto $(sudo apt-mark showmanual) + +sudo apt autoremove --purge diff --git a/snippets/dnf.sh b/snippets/dnf.sh index 1237648..2f8537e 100644 --- a/snippets/dnf.sh +++ b/snippets/dnf.sh @@ -1,8 +1,30 @@ #!/usr/bin/env sh +sudo dnf makecache + sudo dnf list --available --showduplicates 'gitlab-runner' sudo dnf check-update --bugfix --security +sudo dnf install 'https://prerelease.keybase.io/keybase_amd64.rpm' +sudo dnf --assumeyes install 'git-lfs' +sudo dnf --assumeyes install \ + "https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm" \ + "https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm" + sudo dnf upgrade --security --sec-severity 'Critical' --downloadonly sudo dnf -y upgrade --security --sec-severity 'Important' + + +sudo rpmkeys --import 'https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/-/raw/master/pub.gpg' + + +cat <<-EOF | sudo tee -a /etc/yum.repos.d/vscodium.repo + [gitlab.com_paulcarroty_vscodium_repo] + name=gitlab.com_paulcarroty_vscodium_repo + baseurl=https://paulcarroty.gitlab.io/vscodium-deb-rpm-repo/rpms/ + enabled=1 + gpgcheck=1 + repo_gpgcheck=1 + gpgkey=https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/-/raw/master/pub.gpg +EOF diff --git a/snippets/docker.sh b/snippets/docker.sh index a9f5f0a..25ba8d3 100644 --- a/snippets/docker.sh +++ b/snippets/docker.sh @@ -2,3 +2,9 @@ docker images -a docker images --digests + +docker volume create 'website' +docker volume inspect -f '{{ .Mountpoint }}' 'website' +sudo vim '/var/lib/docker/volumes/website/_data/index.html' + +docker run -d --name 'some-nginx' -v '/some/content:/usr/share/nginx/html:ro' 'nginx' diff --git a/snippets/encrypt devices.sh b/snippets/encrypt devices.sh new file mode 100644 index 0000000..24b176e --- /dev/null +++ b/snippets/encrypt devices.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env sh + +sudo cryptsetup luksFormat '/dev/sdb' +sudo cryptsetup luksOpen '/dev/sdb' '1tb_disk' +sudo mkfs.btrfs --label '1tb_disk' '/dev/mapper/1tb_disk' +sudo mount --types btrfs --options compress-force=zstd:0 '/dev/mapper/1tb_disk' '/mnt/1tb_disk' +sudo umount '/mnt/1tb_disk' diff --git a/snippets/find.sh b/snippets/find.sh index c435ee2..055374c 100644 --- a/snippets/find.sh +++ b/snippets/find.sh @@ -7,3 +7,5 @@ find '/' -type 'f' -name 'git-remote-keybase' 2>/dev/null # GNU find. find '/' -type 'f' -name 'git-remote-keybase' -readable + +find '.' -type 'd' -name '.git' -exec dirname {} ';' | xargs -I {} -n 1 -t git -C {} remote --verbose diff --git a/snippets/git.sh b/snippets/git.sh index f734f79..8e2090d 100644 --- a/snippets/git.sh +++ b/snippets/git.sh @@ -1,7 +1,43 @@ #!/usr/bin/env sh +git init --initial-branch 'main' + +git config --get 'init.defaultBranch' +git config -C 'repos/test' --get 'init.defaultBranch' + +git config --local 'user.email' 'example.user@gmail.com' +git config --local 'user.name' 'Example User' +git config --local 'user.signingkey' 'ABCDEF01' +git config --local 'commit.gpgsign' true +git config --local 'pull.rebase' false + +git clone --recurse-submodules 'git@github.com:example/ansible-role-keychron-capable.git' + +git branch --list --remote 'origin/*' | cut -d/ -f2 + +git pull +git pull 'gitlab' 'main' + +git add '.' +git add -p '.gitignore' + +git commit --message 'feat: initial commit' + +git push --set-upstream 'origin' 'feat/add-soap' + +git remote add 'github' 'git@github.com:example/ansible-role-keychron-capable.git' +git remote add 'gitlab' 'git@gitlab.com:sample/ansible-role-keychron-capable.git' + +git remote set-url --push --add 'origin' 'git@github.com:example/ansible-role-keychron-capable.git' + +git remote | xargs -n 1 git push + +git lfs pull + + ## # Remove files from the latest commit. +# -------------------------------------- # The easiest way is to use `git gui`: 'Commit' => 'Amend Last Commit' => uncheck the files => 'Commit'. ## @@ -12,6 +48,7 @@ git commit -c ORIG_HEAD ## # Change the default branch from 'master' to 'main'. +# -------------------------------------- # Source: https://stevenmortimer.com/5-steps-to-change-github-default-branch-from-master-to-main/ ## diff --git a/snippets/gnupg.fish b/snippets/gnupg.fish index 1272edf..f396518 100644 --- a/snippets/gnupg.fish +++ b/snippets/gnupg.fish @@ -1,4 +1,4 @@ -#!fish +#!/usr/bin/env fish gpg-connect-agent reloadagent '/bye' @@ -7,9 +7,26 @@ gpgconf --launch gpg-agent \ && set -x 'SSH_AUTH_SOCK' (gpgconf --list-dirs 'agent-ssh-socket') \ && set -x 'GPG_TTY' (tty) -# Export public keys. +# Import private keys +gpg --decrypt --output - 'keys.asc.gpg' | gpg --import + +# Trust keys +gpg --edit-key 'key.identifier@email.com' +# 'trust' > 5 (I trust ultimately) > save +gpg --list-secret-keys + +# Get short key IDs for use in git +gpg --list-keys --keyid-format 'short' 'key.identifier@email.com' \ +| grep -e "^pub\s*" | awk -F '/' '{print $2}' | awk '{print $1}' + +# Export public keys gpg --armor --export 'E455…50AB' | pbcopy gpg --export-ssh-key 'E455…50AB' | pbcopy -# Load identities in SSH. +# Load identities in SSH gpgconf --launch gpg-agent + +# Encrypt files +find . -type f -not -name '*.gpg' \ + -path '*/values.*.y*ml' -path '*/secrets/*.*' \ + -exec gpg --batch --encrypt-files --yes -r "0123...CDEF" "{}" ';' diff --git a/snippets/google-drive.sh b/snippets/google-drive.sh new file mode 100644 index 0000000..910d731 --- /dev/null +++ b/snippets/google-drive.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +google-drive-ocamlfuse -label 'testing' "${HOME}/Cloud storage/Google Drive/testing" diff --git a/snippets/keybase.sh b/snippets/keybase.sh new file mode 100644 index 0000000..3e36ca4 --- /dev/null +++ b/snippets/keybase.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env sh + +keybase git create 'dotfiles' +keybase git create --team 'the-magnificent-seven' 'common-ground' + +git remote add origin 'keybase://private/user/dotfiles' diff --git a/snippets/osx.sh b/snippets/osx.sh index 781e74d..e0596e4 100644 --- a/snippets/osx.sh +++ b/snippets/osx.sh @@ -1,14 +1,14 @@ -#!sh +#!/usr/bin/env sh -# Set the host's name. +# Set the host's name scutil --set 'ComputerName' "$(defaults read '/Library/Preferences/SystemConfiguration/com.apple.smb.server NetBIOSName')" scutil --set 'HostName' "$(defaults read '/Library/Preferences/SystemConfiguration/com.apple.smb.server NetBIOSName')" scutil --set 'LocalHostName' "$(defaults read '/Library/Preferences/SystemConfiguration/com.apple.smb.server NetBIOSName')" -# Clear the DNS cache. +# Clear the DNS cache sudo dscacheutil -flushcache; sudo killall -HUP 'mDNSResponder' -# Create custom DNS resolvers. +# Create custom DNS resolvers cat <<-EOF | sudo tee /etc/resolver/lan domain lan search lan @@ -18,6 +18,26 @@ EOF sudo dscacheutil -flushcache; sudo killall -HUP 'mDNSResponder' scutil --dns | grep -C '3' '192.168.1.254' -# Try resolving names. +# Try resolving names dscacheutil -q 'host' -a 'name' '192.168.1.35' -dscacheutil -q 'host' -a 'name' 'gitlab.lan' \ No newline at end of file +dscacheutil -q 'host' -a 'name' 'gitlab.lan' + +# Change the number of columns and rows in the springboard +defaults write 'com.apple.dock' 'springboard-columns' -int '9' +defaults write 'com.apple.dock' 'springboard-rows' -int '7' +killall 'Dock' + +# Install Xcode cli tools if missing +[[ -d "$(xcode-select --print-path)" ]] || xcode-select --install + +# Install 'brew' and its bundle +# Uses the user's global Brewfile if found +command -v 'brew' > '/dev/null' || /bin/bash -c "$(curl -fsSL 'https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh')" +[[ -r "${HOME}/.Brewfile" ]] && brew bundle --global --no-lock + +# Install macports +if ! command -v 'port' > '/dev/null' +then + curl -C- -o '/tmp/macports.pkg https://github.com/macports/macports-base/releases/download/v2.7.2/MacPorts-2.7.2-12-Monterey.pkg' + sudo installer -pkg '/tmp/macports.pkg' -target '/' +fi diff --git a/snippets/pacman.sh b/snippets/pacman.sh new file mode 100644 index 0000000..da83d67 --- /dev/null +++ b/snippets/pacman.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env sh + +sudo pacman --noconfirm --sync --refresh + +sudo pacman --sync --refresh 'clinfo' 'opencl-mesa' +sudo pacman --noconfirm --sync --needed --quiet 'virtualbox-guest-utils' + +sudo pacman --noconfirm --sync --clean --clean diff --git a/snippets/pre-commit.sh b/snippets/pre-commit.sh new file mode 100644 index 0000000..d863148 --- /dev/null +++ b/snippets/pre-commit.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env sh + +cat > .pre-commit-config.yaml <<-EOF + repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.0.1 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - repo: https://github.com/ansible-community/ansible-lint + rev: v5.2.1 + hooks: + - id: ansible-lint +EOF + +pre-commit install diff --git a/snippets/rsync.sh b/snippets/rsync.sh new file mode 100644 index 0000000..d2caca0 --- /dev/null +++ b/snippets/rsync.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env sh + +rsync -AELPXansvvz --append-verify --delete \ + --fake-super --no-i-r --no-motd --exclude '@eaDir' --exclude "changes_*" \ + "synology.lan:/volume1/vault/" \ + "./" \ +| grep -Ev -e uptodate -e "/$" + +rsync -vv --append-verify --delete --executability --partial --progress --dry-run \ + --archive --acls --xattrs --human-readable --sparse --copy-links --preallocate \ + --fake-super --no-inc-recursive --no-motd --exclude '@eaDir' --compress --secluded-args \ + --backup --backup-dir="changes_$(date +'%F_%H-%m-%S')" --exclude "changes_*" \ + "synology.lan:/volume1/vault/" \ + "./" diff --git a/snippets/ssh.sh b/snippets/ssh.sh new file mode 100644 index 0000000..1b1f811 --- /dev/null +++ b/snippets/ssh.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +eval `ssh-agent` && ssh-add diff --git a/snippets/stow.sh b/snippets/stow.sh new file mode 100644 index 0000000..566c021 --- /dev/null +++ b/snippets/stow.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +stow --dotfiles --target "$HOME" --verbose 'antigen' 'bash' 'git' 'gpg' 'linux' 'python' 'ssh' 'tmux' 'vim' 'zsh' diff --git a/snippets/virtualbox.sh b/snippets/virtualbox.sh new file mode 100644 index 0000000..c4df201 --- /dev/null +++ b/snippets/virtualbox.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env sh + +sudo gpasswd -a 'user' 'vboxusers' +usermod --append --groups 'vboxusers' diff --git a/snippets/winget.bat b/snippets/winget.bat new file mode 100644 index 0000000..6c7b87a --- /dev/null +++ b/snippets/winget.bat @@ -0,0 +1 @@ +winget install --id BitSum.ProcessLasso diff --git a/snippets/zypper.sh b/snippets/zypper.sh index a8623bd..ec5ab16 100644 --- a/snippets/zypper.sh +++ b/snippets/zypper.sh @@ -21,7 +21,7 @@ sudo zypper install 'parallel' sudo zypper in --no-confirm --download 'in-advance' 'https://prerelease.keybase.io/keybase_amd64.rpm' sudo zypper in --no-recommends 'gv' 'virtualbox-ose=2.0.6' '/root/ansible.rpm' sudo zypper in -r 'https://repo.vivaldi.com/archive/vivaldi-suse.repo' 'vivaldi' -sudo zypper in -f 'amdgpu-dkms' +sudo zypper in -f 'amdgpu-dkms' 'bluez-auto-enable-devices' # Check the dependencies of *installed* resolvables are satisfied zypper verify 'git-lfs'