]> Git — Sourcephile - julm/julm-nix.git/blob - home-manager/profiles/bash.nix
nix: security: add doc
[julm/julm-nix.git] / home-manager / profiles / bash.nix
1 { pkgs, lib, ... }:
2 with lib;
3 {
4 programs.bash = {
5 enable = mkDefault true;
6 enableCompletion = mkDefault true;
7 shellAliases = {
8 afk = "xset s activate dpms force off";
9 black-on-white = "echo -e '\\033]11;black\\007\\033]10;white\\007'";
10 c = "bat";
11 cl = "clear";
12 emacs = "emacsclient --create-frame";
13 grep = "grep --color";
14 j = "sudo journalctl -u";
15 jb = "sudo journalctl -b";
16 ju = "sudo journalctl --user -u";
17 l = "ls -alh";
18 ll = "ls -al";
19 ls = "ls --color=tty";
20 md-toc = "grep '^#\\+' --color";
21 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
22 mem-top = "smem --sort rss --autosize";
23 mpl = "mplayer";
24 n = "sudo networkctl";
25 nf = "sudo nft list ruleset | less";
26 nix-du-svg = "nix-du | dot -Tsvg >nix-du.svg";
27 nixos-clean = "sudo nix-collect-garbage -d";
28 nixos-history = "sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
29 nixos-rollback = "sudo nixos-rebuild switch --rollback";
30 nt = "sudo networkctl status";
31 pass-gen = "tr -d -C A-Za-z0-9_- </dev/urandom | head -c";
32 r = "reset";
33 rot13 = "tr A-Za-z N-ZA-Mn-za-m";
34 rot135 = "tr A-Za-z0-9 N-ZA-Mn-za-m5-90-4";
35 rsync = "rsync --no-inc-recursive --info=progress2 --inplace --partial";
36 s = "sudo systemctl";
37 sr = "sudo systemctl restart";
38 st = "sudo systemctl status";
39 t = "tmux";
40 t0 = "tmux new -t 0";
41 t1 = "tmux new -t 1";
42 t2 = "tmux new -t 2";
43 theme-black-on-white = "echo -e '\\033]10;black\\007\\033]11;white\\007'";
44 theme-white-on-black = "echo -e '\\033]10;white\\007\\033]11;black\\007'";
45 u = "systemctl --user";
46 ur = "systemctl --user restart";
47 ut = "systemctl --user status";
48 w = "watch --color --differences";
49 w1 = "watch --color --differences --interval 1";
50 w10 = "watch --color --differences --interval 10";
51 w5 = "watch --color --differences --interval 5";
52 watch = "watch --color --differences";
53 z = "zfs";
54 ze = "sudo zpool export";
55 zfs-umount = "zfs-unmount";
56 zi = "sudo zpool import";
57 zl = "zfs list";
58 zlb = "zfs list -t bookmarks";
59 zls = "zfs list -t snap";
60 zm = "zfs-mount";
61 zp = "sudo zpool";
62 zs = "zpool status";
63 zs5 = "w5 zpool status";
64 zu = "zfs-unmount";
65 };
66 historyControl = [ "erasedups" "ignorespace" ];
67 historyIgnore = [
68 "torify"
69 "mpv"
70 ];
71 historySize = 42000;
72 sessionVariables = {
73 PS1 = ''\[\033[1;32m\]\[\e]0;\u@\h: \w\a\]\W\[\033[0m\] \$(e=\$?; if [ \$e != 0 ]; then echo '\[\e[0;91m\]'\$e'\[\e[0m\]'; fi)\$ '';
74 # More throughput than chacha20-poly1305@openssh.com
75 # on hardware with AES acceleration.
76 RSYNC_RSH = "ssh -c aes128-gcm@openssh.com,chacha20-poly1305@openssh.com";
77 };
78 initExtra = ''
79 # Alias completion
80 . ${pkgs.complete-alias}/bin/complete_alias
81 complete -F _complete_alias "''${!BASH_ALIASES[@]}"
82
83 shopt -s globstar
84 shopt -s histappend
85 shopt -s histreedit
86 shopt -s histverify
87 # Disable ctrl-s/ctrl-q flow control
88 stty -ixon
89
90 ffmpeg-audio () {
91 for i in "$@"; do
92 ffmpeg -i "$i" -vn -map 0:a -acodec copy "''${i%.*}".audio-only.mkv
93 done
94 }
95 ffmpeg-opus () {
96 for i in "$@"; do
97 ffmpeg -i "$i" -vn -map 0:a -c:a libopus -b:a 64k -application voip "''${i%.*}".opus
98 done
99 }
100 opusenc-voice () {
101 find "$@" -depth -type f -print0 | sort -n -z |
102 xargs -0 -P "$(lscpu --online -p | grep -v "#" | wc -l)" -I {} bash -c '
103 test -e "''${0%.*}".opus ||
104 nice -n 19 ffmpeg -y -i "$0" -map 0:a -b:a 32k -application voip "''${0%.*}".opus
105 ' {} \;
106 }
107 ibm-fan () {
108 if [ $# -gt 0 ]
109 then sudo tee /proc/acpi/ibm/fan <<<"level $1"
110 else grep '^\(level\|speed\):' /proc/acpi/ibm/fan
111 fi
112 acpi -t
113 }
114 mkcd () {
115 mkdir -p "$1" &&
116 cd "$1"
117 }
118 mkpass () {
119 tr -d -C 'A-Za-z0-9' </dev/urandom | head -c 25 | xclip
120 }
121 smartctl-tbw () {
122 device=''${1:-/dev/sda}
123 sudo smartctl -A $device |
124 { awk '
125 $0 ~ /Power_On_Hours/ {
126 poh=$10;
127 printf "%s / %d hours / %d days / %.2f years\n", $2, $10, $10 / 24, $10 / 24 / 365.25
128 }
129 $0 ~ /Total_LBAs_Written/ {
130 lbas = $10;
131 bytes = $10 * 512;
132 mb = bytes / 1024^2;
133 gb = bytes / 1024^3;
134 tb = bytes / 1024^4;
135 printf "%s / %s / %d mb / %.1f gb / %.3f tb\n", $2, $10, mb, gb, tb
136 printf "mean writes per hour / %.2f", mb/poh
137 }
138 $0 ~ /Airflow_Temperature_Cel/ { print $2 " / " $10}
139 $0 ~ /Wear_Leveling_Count/ { printf "%s / %d (%% health)\n", $2, int($4) }
140 $0 ~ /Percentage Used:/ { printf "Percentage_Used / %d\n", int($3) }
141 '; echo; } |
142 sed -e 's:/:@:' |
143 sed -e "s\$^\$$device @ \$" |
144 column -ts@
145 }
146 stress-mem() { fac="$1"; stress-ng --vm 1 --vm-keep --vm-bytes $(awk "/MemAvailable/{ printf \"%d\n\", \$2 * $fac; }" </proc/meminfo)k; }
147 sysenter() { srv="$1"; shift; nsenter -a -t "$(systemctl show --property MainPID --value "$srv")" "$@"; }
148 systrace() { srv="$1"; shift; strace -f -p "$(systemctl show --property MainPID --value "$srv")" "$@"; }
149 swaplist () {
150 lastpid=
151 swap=0
152 sudo grep -H '^Swap:' /proc/*/smaps 2>/dev/null |
153 while IFS=: read -r file x size x
154 do
155 pid=''${file#/proc/}
156 pid=''${pid%/smaps}
157 size=''${size% kB}
158 size=''${size##* }
159 if test "$pid" = "$lastpid"
160 then swap=$(( swap + size ))
161 else
162 if test "$swap" -gt 0
163 then printf "%u pid=%u cmd=%s\n" "$swap" "$lastpid" "$(tr '\000' ' ' </proc/"$lastpid"/cmdline)"
164 fi
165 if test "$pid" = self
166 then break
167 else
168 lastpid=$pid
169 swap=$size
170 fi
171 fi
172 done |
173 sort -nk1,1
174 }
175
176 # Recursively mount not-mounted dataset,
177 # loading their keys if needed.
178 zfs-mount () {
179 (
180 set -e
181 for d in $(zfs list -rH -o name "$@"); do
182 mountpoint /mnt/"$d" 2>/dev/null ||
183 sudo zfs mount -l "$d"
184 done
185 )
186 }
187 # Recursively unmount dataset,
188 # unloading their keys.
189 zfs-unmount () { sudo zfs unmount -u "$@"; }
190
191 # Create bookmarks for all the snapshots of the given datasets.
192 # Bookmarks are only useful on source datasets
193 # But syncoid --create-bookmark only creates
194 # a bookmark for the latest snapshot,
195 # possibly leaving the *_daily or *_monthly snapshots without a bookmark.
196 zfs-fix-bookmarks () {
197 local d
198 local -
199 set -x
200 for d in "$@"; do
201 for s in $(zfs list -Hrpt snapshot -o name "$d"); do
202 zfs bookmark "$s" "''${s//@/#}"
203 done
204 done
205 }
206
207 # Restore the inheritance of encryptionroot,
208 # usually broken by zfs send --raw.
209 # Note that it needs to decrypt the datasets.
210 zfs-fix-encryptionroot () {
211 local d
212 zfs load-key "$1"
213 for d in $(zfs list -rHo name "$1" | tail -n +2); do
214 echo >&2 "$d"
215 test "$(zfs get -Ho value encryptionroot $d)" = "$1" ||
216 zfs change-key -li "$d"
217 done
218 }
219
220 # Recursively remove all the snapshots of given datasets
221 zfs-destroy-snapshots () {
222 local d
223 for d in "$@"; do
224 zfs list -t snapshot -rHo name "$d" |
225 xargs --no-run-if-empty -L1 zfs destroy
226 done
227 }
228 '';
229 profileExtra = ''
230 '';
231 };
232 #programs.broot.enableBashIntegration = true;
233 programs.readline = {
234 enable = mkDefault true;
235 includeSystemConfig = true;
236 bindings = {
237 # Up/Down
238 "\\e[A" = "history-search-backward";
239 "\\e[B" = "history-search-forward";
240 "\\eOA" = "history-search-backward";
241 "\\eOB" = "history-search-forward";
242
243 # Ctrl-Left/Ctrl-Right
244 "\\e[1;5C" = "forward-word";
245 "\\e[1;5D" = "backward-word";
246 "\\e[5C" = "forward-word";
247 "\\e[5D" = "backward-word";
248 "\\e\\e[C" = "forward-word";
249 "\\e\\e[D" = "backward-word";
250
251 # Home/End
252 "\\e[1~" = "beginning-of-line";
253 "\\e[4~" = "end-of-line";
254
255 # Delete/Insert
256 "\\e[3~" = "delete-char";
257 "\\e[2~" = "quoted-insert";
258
259 # For non RH/Debian xterm, can't hurt for RH/Debian xterm
260 "\\eOF" = "end-of-line";
261 "\\eOH" = "beginning-of-line";
262
263 # For freebsd console
264 "\\e[F" = "end-of-line";
265 "\\e[H" = "beginning-of-line";
266
267 # $if term=rxvt
268 "\\e[7~" = "beginning-of-line";
269 "\\e[8~" = "end-of-line";
270 "\\eOc" = "forward-word";
271 "\\eOd" = "backward-word";
272 # $endif
273 };
274 variables = {
275 # Be 8 bit clean.
276 input-meta = mkDefault true;
277 output-meta = mkDefault true;
278 colored-completion-prefix = mkDefault true;
279 colored-stats = mkDefault true; # Note that this may cause completion text blink in some terminals (e.g. xterm).
280 echo-control-characters = mkDefault true;
281 mark-symlinked-directories = mkDefault true;
282 menu-complete-display-prefix = mkDefault true;
283 show-all-if-ambiguous = mkDefault true;
284 show-all-if-unmodified = mkDefault true;
285 visible-stats = mkDefault false; # Append char to indicate type
286 enable-bracketed-paste = mkDefault true;
287 };
288 };
289 }