From 112736aea70a5241fcf638f4f6244cbeb2b32fdd Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Thu, 4 Aug 2022 22:23:12 +0430 Subject: updates --- .bashrc | 19 +++---- .mongoshrc.js | 22 +++++++-- .tmux.conf | 2 + .vimrc | 1 + .zshrc | 12 ++++- bin/dmenu_launcher | 2 + bin/schemaspy | 3 ++ bin/xman | 4 +- cv/CV_Abridged.tex | 7 +-- db/mongo/build_db.js | 32 ++++++++++-- ipv6/ns_bind.sh | 52 +++++++++++++++++++ kubernetes/pihole/pi-hole.conf | 77 +++++++++++++++++++++++++++++ kubernetes/pihole/resolvconf_resolvers.conf | 20 ++++++++ postit | 1 + 14 files changed, 229 insertions(+), 25 deletions(-) create mode 100755 bin/dmenu_launcher create mode 100755 bin/schemaspy create mode 100755 ipv6/ns_bind.sh create mode 100644 kubernetes/pihole/pi-hole.conf create mode 100644 kubernetes/pihole/resolvconf_resolvers.conf diff --git a/.bashrc b/.bashrc index e1ca686..65c69b4 100644 --- a/.bashrc +++ b/.bashrc @@ -61,21 +61,22 @@ disk_usage=$(df | grep /dev/sdb3 | awk '{print $5}') function aa_prompt_defaults() { local colors=$(tput colors 2>/dev/null || echo -n 1) C= - if [[ $colors -ge 256 ]]; then - C="$(tput setaf 33 2>/dev/null)" - AA_P='mf=x mt=x n=0; while [[ $n < 1 ]];do read a mt a; read a mf a; (( n++ )); done/dev/null || readlink /proc/$$/fd/0 2>/dev/null)} PS1="\[\e[m\n\e[1;38m\][\$\$:\$PPID \j:\!\[\e[1;38m\]]\[\e[0;36m\] \T \d \[\e[1;34m\][${C}\u@\H\[\e[1;34m\]:\[\e[0;37m\]${SSH_TTY/\/dev\//} \[\e[0;37m\]+${SHLVL}\[\e[1;34m\]] \[\e[1;37m\]\w\[\e[0;37m\]\n\\$ " - export PS1 AA_P PROMPT_COMMAND SSH_TTY + # export PS1 AA_P PROMPT_COMMAND SSH_TTY + export PS1 PROMPT_COMMAND SSH_TTY } aa_prompt_defaults diff --git a/.mongoshrc.js b/.mongoshrc.js index 493e925..9533ee8 100644 --- a/.mongoshrc.js +++ b/.mongoshrc.js @@ -1,12 +1,26 @@ +"use strict"; + +config.set("editor", "vim"); +config.set("enableTelemetry", false); +config.set("inspectDepth", 8); +config.set("historyLength", 5000); + { const hostnameSymbol = Symbol("hostname"); prompt = () => { if (!db[hostnameSymbol]) db[hostnameSymbol] = db.serverStatus().host; - return `\x1b[38;5;22m${db.getName()}\x1b[38;5;24m@${ + return `\x1b[38;5;63m${ISODate().toLocaleTimeString()} \x1b[38;5;24m${db.getName()}\x1b[38;5;24m@${ db[hostnameSymbol] - }\x1b[38;5;22m:Uptime:${db.serverStatus().uptime}:Documents:${ + }\x1b[38;5;22m Uptime:${db.serverStatus().uptime}\x1b[38;5;26m Documents:${ db.stats().objects - } >>>\x1b[0m`; - ; + }\x1b[38;5;109m V:${db.version()} \n \x1b[38;5;30m>>>\x1b[0m`; }; } + +function get_mangas() { + return db.mangas.find(); +} + +function get_animes() { + return db.animes.find(); +} diff --git a/.tmux.conf b/.tmux.conf index e2337f5..43213bf 100644 --- a/.tmux.conf +++ b/.tmux.conf @@ -161,6 +161,8 @@ set -g pane-border-format "#{pane_index}:#{pane_current_command}" set -g message-style bg='#44475a',fg='#8be9fd' set-option -g status on +# toggle the display of the statusbar +bind-key -n S-F6 set-option -g status set-option -g status-justify "centre" set-option -g status-left-length 120 set-option -g status-right-length 170 diff --git a/.vimrc b/.vimrc index bbee88f..a223599 100644 --- a/.vimrc +++ b/.vimrc @@ -369,6 +369,7 @@ imap au BufEnter .i3blocks.conf setlocal filetype=i3blocks au BufEnter *.zsh-theme setlocal filetype=zsh au BufEnter .muttrc setlocal filetype=neomuttrc +au BufEnter .psqlrc setlocal filetype=pgsql au BufEnter *.toml setlocal filetype=toml au BufEnter *.s setlocal filetype=gas diff --git a/.zshrc b/.zshrc index a4e9d39..7d51901 100644 --- a/.zshrc +++ b/.zshrc @@ -194,6 +194,7 @@ alias zh_router_root="zssh root@192.168.90.71" alias zh_router_admin="zssh admin@192.168.90.71" alias youtube_dl="proxychains4 -f /home/devi/proxies/ca/proxychains.conf youtube-dl" alias campv="proxychains4 -f /home/devi/proxies/ca/proxychains.conf mpv --no-video" +alias tormpv="torsocks mpv --no-video" alias youtube="proxychains4 -f /home/devi/proxies/ca/proxychains.conf mpv --ytdl-format=160+249" alias tridactylrc="vim ~/scripts/.tridactylrc" alias fixtridactylrc="cp ~/scripts/.tridactylrc ~/" @@ -217,7 +218,7 @@ alias vagrant="https_proxy=socks5://[::1]:9993 vagrant --color --timestamp" alias vm_disposable="cp ~/scripts/vagrant/disposable/Vagrantfile ." alias vm_disposable_alpine="cp ~/scripts/vagrant/disposable-alpine/Vagrantfile ." alias checktor="curl --socks5 localhost:9050 --socks5-hostname localhost:9050 -s https://check.torproject.org/api/ip" -alias ip="ip --color=auto" +alias ip="grc ip" alias zathura="tabbed -c -r 2 zathura -e id" alias ytfzf="proxychains4 -q -f ~/proxies/ice/proxychains.conf ytfzf" alias newsboat="proxychains4 -q -f ~/proxies/ice/proxychains.conf newsboat" @@ -245,6 +246,14 @@ alias voiddocs="w3m /usr/share/doc/void/html/index.html" alias archwiki="python -m http.server --directory /home/devi/chroots/arch/usr/share/doc/arch-wiki/html" alias bombadillo="bombadillo -t" alias record_desktop="recordmydesktop --device hw:1,0 --no-wm-check -x 1920 --width 1920 --height 1080 --fps 15" +alias mongoshrc="vim ~/scripts/.mongoshrc.js" +alias fixmongoshrc="cp ~/scripts/.mongoshrc.js ~/.mongoshrc.js" +alias phone_net="sudo ip netns exec phone_ns" +alias netbsd_bmake="/usr/pkg/bin/bmake" + +get_domain_dns_records() { + jcurl -X GET -H "Accept: application/json" -H "Authorization: $(cat ~/scripts/arvan-api-key)" "https://napi.arvancloud.com/cdn/4.0/domains/terminaldweller.com/dns-records" +} #autosuggest ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE="fg=#5f5fff,bg=#000000,bold,underline" @@ -396,7 +405,6 @@ export PATH=$PATH:/home/devi/.fzf/bin # export PATH=$PATH:/home/devi/.ghcup/bin export PATH=$PATH:/home/devi/k3s export PATH=$PATH:/home/devi/kompose -export PATH=$PATH:/home/devi/mongosh/mongosh-1.1.7-linux-x64/bin export PATH=$PATH:/home/devi/powershell export PATH=$PATH:/home/devi/ytfzf.git/rewrite export PATH=$PATH:/home/devi/gotty diff --git a/bin/dmenu_launcher b/bin/dmenu_launcher new file mode 100755 index 0000000..3409348 --- /dev/null +++ b/bin/dmenu_launcher @@ -0,0 +1,2 @@ +#!/usr/bin/env zsh +dmenu_path | dmenu -fn "DejaVuSansMono Nerd Font Mono-11.3;antialias=true;autohint=true" "$@" | ${SHELL:-"/bin/sh"} & diff --git a/bin/schemaspy b/bin/schemaspy new file mode 100755 index 0000000..7451993 --- /dev/null +++ b/bin/schemaspy @@ -0,0 +1,3 @@ +#!/bin/sh + +exec env java -jar /home/devi/devi/schemaspy/schemaspy-6.1.1-SNAPSHOT.jar "$@" diff --git a/bin/xman b/bin/xman index c0de313..a2220ec 100755 --- a/bin/xman +++ b/bin/xman @@ -1,7 +1,7 @@ #!/bin/sh # xmandoc MANPAGE - read manpage of possibly not installed package -xlocate "man/man..\?/$1\.[0-9]" 2>/dev/null | +SOCKS_PROXY=socks5://127.0.0.1:9050 xlocate "man/man..\?/$1\.[0-9]" 2>/dev/null | { grep . || { echo "xmandoc: No entry for $1 found." 1>&2 exit 1 @@ -9,7 +9,7 @@ xlocate "man/man..\?/$1\.[0-9]" 2>/dev/null | while read -r pkg page; do page=${page#* -> } # xbps-query --cat=$page ${pkg%-*} | mandoc -O width=205 -a - xbps-query --cat=$page ${pkg%-*} | + SOCKS_PROXY=socks5://127.0.0.1:9050 xbps-query --cat=$page ${pkg%-*} | mandoc -O width=205 -c | col -b | vim - -M -R \ -c 'set ft=man nomod nolist' \ diff --git a/cv/CV_Abridged.tex b/cv/CV_Abridged.tex index 2c2be27..a3f8f54 100644 --- a/cv/CV_Abridged.tex +++ b/cv/CV_Abridged.tex @@ -32,6 +32,10 @@ \end{center} \section*{Professional Experience} + \bf Zharfpouyan Tous (Tehran, Iran)\\ + March 2021 - June 2022\\ + 14 months\\ + \normalfont Developing/Maintaining code for unix-like operating systems.\\[5pt] \bf Erfan Salamat (Tehran, Iran)\\ Nov. 2020--Feb. 2021\\ 4 months\\ @@ -120,9 +124,6 @@ {\bf \href{https://github.com/terminaldweller}{Github}} My Github page.\\[5pt] {\bf \href{https://github.com/terminaldweller/hived}{Hived}} My personal tiny high-performance server written in Go.\\[5pt] {\bf \href{https://github.com/terminaldweller/cgrep}{Cgrep}} Grep for C-family source files.\\[5pt] - {\bf \href{https://terminaldweller.github.io/mutator/}{Mutator}} An experimental suite of tools aimed at C-family development written C++,C and Lua.\\[5pt] - \href{https://github.com/terminaldweller/faultreiber}{Faultreiber} generates a binary file parser in C using an XML description file.\\[5pt] - \href{https://github.com/terminaldweller/luatablegen}{Luatablegen} generates C code that wraps C structures as Lua tables using an XML description file.\\[5pt] {\bf \href{https://github.com/terminaldweller/dwasm}{Dwasm}} A WASM dump script written in python.\\[5pt] {\bf \href{https://github.com/terminaldweller/delf}{Delf}} An ELF dump script in python.\\[5pt] diff --git a/db/mongo/build_db.js b/db/mongo/build_db.js index 93884f0..0e3c7f7 100644 --- a/db/mongo/build_db.js +++ b/db/mongo/build_db.js @@ -1,5 +1,7 @@ "use strict;"; +disableTelemetry(); + const animes = { "vampire cosmonaut": "https://kissanime.lol/Anime/irina-the-vampire-cosmonaut.wowwo/", @@ -49,11 +51,33 @@ const mangas = { db = connect("192.168.1.109:27117/devi"); -const movies = { +const movies_obj = { "mad god": "https://www.imdb.com/title/tt15090124/", }; -db.movies.insertOne(movies); +const stash_obj = { + momo: "https://spankbang.com/73cjr/video/monoka+nishina", +}; + +function inser_into_db(mongo_collection, object) { + var entries = mongo_collection.find({}); + Object.keys(entries).forEach((prop) => { + console.log(prop); + }); + while (entries.hasNext()) { + var entry_id = entries.next()._id; + console.log(entry_id); + } + mongo_collection.updateOne( + { _id: entry_id }, + { + $set: object, + } + ); +} + +inser_into_db(db.stash, stash_obj); +inser_into_db(db.movies, movies_obj); var mangas_entry = db.mangas.find({}); Object.keys(mangas_entry).forEach((prop) => { @@ -67,9 +91,7 @@ db.mangas.updateOne( { _id: mangas_id }, { $set: { - "dungeon sherpa": "https://manganato.com/manga-kt987428", - gachiakuta: "https://manganato.com/manga-na990935", - "black lagoon": "https://readmanganato.com/manga-", + "hunter x hunter": "https://readmanganato.com/manga-oc955385", }, } ); diff --git a/ipv6/ns_bind.sh b/ipv6/ns_bind.sh new file mode 100755 index 0000000..32b529d --- /dev/null +++ b/ipv6/ns_bind.sh @@ -0,0 +1,52 @@ +#!/usr/bin/env sh +# this pretty much just creates a new network namespace for the interface we get +# when we enable USB tethering on the phone. This enables us to use the phone interface +# for certain applications only. +# reference: +# - https://unix.stackexchange.com/questions/210982/bind-unix-program-to-specific-network-interface +# - https://superuser.com/questions/241178/how-to-use-different-network-interfaces-for-different-processes +# - https://gist.github.com/mtds/4c4925c2aa022130e4b7c538fdd5a89f +# - https://unix.stackexchange.com/questions/494324/how-to-setup-dns-manually-on-linux +# example: sudo ip netns exec phone_ns bash + +PHONE_NS=phone_ns +IF=enp0s20f0u3u1u3 + +sudo ip netns add ${PHONE_NS} +sudo ip link set ${IF} netns ${PHONE_NS} +sudo ip netns exec ${PHONE_NS} ip link set ${IF} up +sudo ip netns exec ${PHONE_NS} ip link set dev lo up +# will need to install dhclient before runnning this dummy +# FIXME running dhclient fucks up resolv.conf +# FIXME right now we have to use sudo +sudo ip netns exec ${PHONE_NS} dhclient ${IF} + +# ip netns add myNamespace +# ip link set eth0 netns myNamespace +# ip netns exec myNamespace ifconfig eth0 192.168.0.10/24 up +# ip netns exec myNamespace ifconfig lo 127.0.0.1/8 up +# ip netns exec myNamespace route add default gw 192.168.0.1 +# ip netns exec myNamespace firefox + +# ip netns add ${PHONE_NS} +# ip link set ${IF} netns ${PHONE_NS} +# ip netns exec ${PHONE_NS} ifconfig ${IF} 192.168.0.10/24 up +# ip netns exec ${PHONE_NS} ifconfig lo 127.0.0.1/8 up +# ip netns exec ${PHONE_NS} route add default gw 192.168.0.1 +# ip netns exec ${PHONE_NS} dhclient ${IF} + +# IF_A=v_eth0a +# IF_B=v_eth0b +# ip netns add ${PHONE_NS} +# ip link add ${IF_A} veth peer name ${IF_B} +# ip link set ${IF_A} netns ${PHONE_NS} +# ip netns exec ${PHONE_NS} ifconfig ${IF_A} up {{NAMESPACE_IP}} netmask {{NAMESPACE_NETMASK}} +# ifconfig ${IF_B} up {{ROOT_NS_IP}} netmask {{ROOT_NS_NETMASK}} +# ip netns exec ${PHONE_NS} route add default gw {{ROOT_NS_IP}} dev ${IF_A} +# sysctl net.ipv4.ip_forward=1 +# iptables -t nat -A POSTROUTING -s {{ROUTE_SOURCE}}/24 -o {{NETWORK_INTERFACE}} -j SNAT --to-source {{ROUTE_TARGET}} +################################################################################ +#test +ip netns exec ${PHONE_NS} ping -4 9.9.9.9 +ip netns exec ${PHONE_NS} ping -4 google.com +ip netns exec ${PHONE_NS} curl -4 icanhazip.com diff --git a/kubernetes/pihole/pi-hole.conf b/kubernetes/pihole/pi-hole.conf new file mode 100644 index 0000000..35bbf56 --- /dev/null +++ b/kubernetes/pihole/pi-hole.conf @@ -0,0 +1,77 @@ +server: + # If no logfile is specified, syslog is used + logfile: "/var/log/unbound/unbound.log" + verbosity: 0 + + interface: 127.0.0.1 + port: 5335 + do-ip4: yes + do-udp: yes + do-tcp: yes + + # May be set to yes if you have IPv6 connectivity + do-ip6: yes + + # You want to leave this to no unless you have *native* IPv6. With 6to4 and + # Terredo tunnels your web browser should favor IPv4 for the same reasons + prefer-ip6: no + + # Use this only when you downloaded the list of primary root servers! + # If you use the default dns-root-data package, unbound will find it automatically + #root-hints: "/var/lib/unbound/root.hints" + + # Trust glue only if it is within the server's authority + harden-glue: yes + + # Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS + harden-dnssec-stripped: yes + + # Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes + # see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details + use-caps-for-id: no + + # Reduce EDNS reassembly buffer size. + # IP fragmentation is unreliable on the Internet today, and can cause + # transmission failures when large DNS messages are sent via UDP. Even + # when fragmentation does work, it may not be secure; it is theoretically + # possible to spoof parts of a fragmented DNS message, without easy + # detection at the receiving end. Recently, there was an excellent study + # >>> Defragmenting DNS - Determining the optimal maximum UDP response size for DNS <<< + # by Axel Koolhaas, and Tjeerd Slokker (https://indico.dns-oarc.net/event/36/contributions/776/) + # in collaboration with NLnet Labs explored DNS using real world data from the + # the RIPE Atlas probes and the researchers suggested different values for + # IPv4 and IPv6 and in different scenarios. They advise that servers should + # be configured to limit DNS messages sent over UDP to a size that will not + # trigger fragmentation on typical network links. DNS servers can switch + # from UDP to TCP when a DNS response is too big to fit in this limited + # buffer size. This value has also been suggested in DNS Flag Day 2020. + edns-buffer-size: 1232 + + # Perform prefetching of close to expired message cache entries + # This only applies to domains that have been frequently queried + prefetch: yes + + # One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1. + num-threads: 1 + + # Ensure kernel buffer is large enough to not lose messages in traffic spikes + so-rcvbuf: 1m + + # Ensure privacy of local IP ranges + private-address: 192.168.0.0/16 + private-address: 169.254.0.0/16 + private-address: 172.16.0.0/12 + private-address: 10.0.0.0/8 + private-address: fd00::/8 + private-address: fe80::/10 + + tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt" + # tls-cert-bundle: /etc/unbound/unbound_server.pem + hide-identity: yes + hide-version: yes + minimal-responses: yes + qname-minimisation: no + verbosity: 1 + cache-max-ttl: 14400 + cache-min-ttl: 1200 + rrset-roundrobin: no diff --git a/kubernetes/pihole/resolvconf_resolvers.conf b/kubernetes/pihole/resolvconf_resolvers.conf new file mode 100644 index 0000000..c8761e6 --- /dev/null +++ b/kubernetes/pihole/resolvconf_resolvers.conf @@ -0,0 +1,20 @@ +# Generated by resolvconf + +#forward-zone: + #name: "." + #forward-addr: 2a03:ef40:0:3::4 + #forward-addr: 2a03:ef40:0:3::5 +forward-zone: + name: "." + forward-tls-upstream: yes + forward-first: no + forward-addr: 8.8.8.8@853#dns.google + forward-addr: 1.1.1.1@853#one.one.one.one # cloudflare primary + forward-addr: 9.9.9.9@853 # quad9.net primary + forward-addr: 149.112.112.112@853#dns.quad9.net + forward-addr: 1.0.0.1@853#one.one.one.one # cloudflare secondary + forward-addr: 8.8.4.4@853#dns.google + forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com + forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com + forward-addr: 2a03:ef40:0:3::4 + forward-addr: 2a03:ef40:0:3::5 diff --git a/postit b/postit index a657e9e..7588b64 100644 --- a/postit +++ b/postit @@ -43,3 +43,4 @@ git reset --hard HEAD~2 tcpdump -ennqti enp0s0f0 \( arp or icmp \) zssh root@192.168.90.7 'tcpdump -ni enp3s0f0 -U -s0 -w - ' | wireshark -k -i - echo 1 > /proc/sys/kernel/task_delayacct +irancell 196242684 -- cgit v1.2.3