Divers/mkdocs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

25-03-2025

Browse Source
This commit is contained in:
Bruno21
2025-03-25 15:52:48 +01:00
parent 259b9c6a24
commit 011cfcba40
64 changed files with 2993 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
docs/Divers/Untitled.md Normal file
View File

@@ -0,0 +1,98 @@
### Pushover
```bash
curl -s \
--form-string "token=APP_TOKEN" \
--form-string "user=USER_KEY" \
--form-string "message=here is an image attachment" \
-F "attachment=@image.jpg" \
https://api.pushover.net/1/messages.json
```
```bash
# A ajouter dans .zshrc
function push {
curl -s -F "token=YOUR_TOKEN_HERE" \
-F "user=YOUR_USER_KEY_HERE" \
-F "title=YOUR_TITLE_HERE" \
-F "message=$1" https://api.pushover.net/1/messages.json
}
```
```bash
send_pushover_notification() {
echo -e "Sending Pushover notification ..."
curl -s -F "token=$BASH_APP" \
-F "user=$USER_KEY" \
-F "title=$1" \
-F priority=2 \
-F html=1 \
-F retry=60 \
-F expire=86400 \
-F "message=$2" https://api.pushover.net/1/messages.json
[ $? -eq 0 ] && echo -e "${greenbold}Pushover notification sent successfully !${reset}" || echo -e "${redbold}error sending Pushover notification !${reset}"
}
```
```bash
curl -s -F "token=$BASH_APP" -F "user=$USER_KEY" -F "title=Salut" -F "message=Bien" https://api.pushover.net/1/messages.json
# token: "API token" (Créer une application)
# user: "Your User Key"
# Message avec des tags HTML:
curl -s -F "user=$USER_KEY" -F "title=Great Title" -F "html=1" -F "token=$BASH_APP" -F "message='message<b> de</b> test'" https://api.pushover.net/1/messages.json
{"status":1,"request":"4b6b1655-1276-4c7d-932f-7baf0b93e5dc"}%
msg="'This is a <b>HTML</b> test'"
./pushover.sh -a "bash" -m "$msg" -f 1
```
```bash
# push a notification to your phone. can be handy if you're running a
# build and you want to be notified when it's finished.
push() {
curl -s -F "token=PUSHOVER_TOKEN" \
-F "user=PUSHOVER_USER" \
-F "title=terminal" \
-F "message=$1" https://api.pushover.net/1/messages.json > /dev/null 2>&1
}
command_to_run && push "yes! command finished successfully!" || push "awww man! something failed :-("
```
[send the IP of my Raspberry Pi via Pushover](https://gist.github.com/PJUllrich/e95baa0d718e55a6c67f85cd8e53dabe)
### nfty
```bash
curl -H "X-Priority: 4" -d "yo" https://notif.maboiteverte.fr/pihole
```
### gotify
```bash
send_gotify_notification() {
now=$(date +"%d-%m-%Y %T")
gotify_server="https://gotify.maboiteverte.fr"
TITLE="Pi-hole on $host update"
MESSAGE="**A new version of Pi-hole is available:**\n\n $msg_md\n\n $infos\n\n Please run *pihole -up* on $host to update !"
PRIORITY=8
URL="$gotify_server/message?token=$token_gotify&?format=markdown"
echo -e "Sending notification to $gotify_server ..."
curl -s -S --output /dev/null --data '{"message": "'"${MESSAGE}"'", "title": "'"${TITLE}"'", "priority":'"${PRIORITY}"', "extras": {"client::display": {"contentType": "text/markdown"}}}' -H 'Content-Type: application/json' "$URL"
[ $? -eq 0 ] && echo -e "${greenbold}Gotify notification sent successfully !${reset}" || echo -e "${redbold}error sending Gotify notification !${reset}"
}
```

6
docs/Divers/bash/bash_exemples.md
View File

@@ -104,6 +104,12 @@ echo -e "\e[1;34m $dd $dh $dm $ds \e[0m"
END_COMMENT
```
```bash
: '
comment
'
```
#### Créer une playlist .m3u:

96
docs/Divers/bash/certif.md Normal file
View File

@@ -0,0 +1,96 @@
```bash
$ curl -w %{certs} https://nextcloud.photos-nas.ovh/ --silent -o /dev/null | grep -Ei "^(start|expire) date:" | head -n 2
Start date:Jul 10 14:55:12 2024 GMT
Expire date:Oct 8 14:55:11 2024 GMT
# Issuer:C = US, O = Let's Encrypt, CN = R10
# X509v3 Subject Alternative Name:DNS:*.photos-nas.ovh, DNS:photos-nas.ovh
```
```bash
$ curl --insecure -vvI https://nextcloud.photos-nas.ovh 2>&1 | grep "expire date" | awk '{print $4,$5,$6,$7,$8,$9}'
Oct 8 14:55:11 2024 GMT
```
```bash
$ nmap -p 443 --script ssl-cert nextcloud.photos-nas.ovh
Starting Nmap 7.95 ( https://nmap.org ) at 2024-07-26 16:34 CEST
Nmap scan report for nextcloud.photos-nas.ovh (192.168.2.57)
Host is up (0.0030s latency).
rDNS record for 192.168.2.57: photos-nas.fr
PORT STATE SERVICE
443/tcp open https
| ssl-cert: Subject: commonName=photos-nas.ovh
| Subject Alternative Name: DNS:*.photos-nas.ovh, DNS:photos-nas.ovh
| Issuer: commonName=R10/organizationName=Let's Encrypt/countryName=US
| Public Key type: rsa
| Public Key bits: 4096
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2024-07-10T14:55:12
| Not valid after: 2024-10-08T14:55:11
| MD5: 2051:3683:b6ef:060e:073b:58c9:ea6d:4c48
|_SHA-1: 4abc:421e:08eb:fd29:8c9e:5ed2:1510:422f:aea4:2100
Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
```
```bash
$ showcert nextcloud.photos-nas.ovh
IP: 192.168.2.57
Names: photos-nas.ovh *.photos-nas.ovh
notBefore: 2024-07-10 14:55:12 (16 days old)
notAfter: 2024-10-08 14:55:11 (73 days left)
Issuer: C=US O=Let's Encrypt CN=R10
Tags: [CHAIN-VERIFIED]
```
```bash
$ echo | openssl s_client -connect nextcloud.photos-nas.ovh:443 2>/dev/null | openssl x509 -noout -enddate
notAfter=Oct 8 14:55:11 2024 GMT
ssl_expiry () {
echo | openssl s_client -connect ${1}:443 2> /dev/null | openssl x509 -noout -enddate
}
echo | openssl s_client -connect nextcloud.photos-nas.ovh:443 2>/dev/null | openssl x509 -noout -dates -issuer -subject
notBefore=Jul 10 14:55:12 2024 GMT
notAfter=Oct 8 14:55:11 2024 GMT
issuer=C=US, O=Let's Encrypt, CN=R10
subject=CN=photos-nas.ovh
```
```bash
keytool -printcert -sslserver nextcloud.photos-nas.ovh:443
The operation couldnt be completed. Unable to locate a Java Runtime.
Please visit http://www.java.com for information on installing Java.
```
```bash
openssl s_client -showcerts -connect nextcloud.photos-nas.ovh:443
Connecting to 192.168.2.57
CONNECTED(00000005)
depth=2 C=US, O=Internet Security Research Group, CN=ISRG Root X1
verify return:1
depth=1 C=US, O=Let's Encrypt, CN=R10
verify return:1
depth=0 CN=photos-nas.ovh
verify return:1
---
Certificate chain
0 s:CN=photos-nas.ovh
i:C=US, O=Let's Encrypt, CN=R10
a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
v:NotBefore: Jul 10 14:55:12 2024 GMT; NotAfter: Oct 8 14:55:11 2024 GMT
-----BEGIN CERTIFICATE-----
.../...
```

43
docs/Divers/bash/cryptage.md Normal file
View File

@@ -0,0 +1,43 @@
# Cryptage
### openssl
#### Crypter un mot-de-passe:
```bash
echo 'rusty!herring.pitshaft' | openssl enc -aes-256-cbc -md sha512 -a -pbkdf2 -iter 100000 -salt -pass pass:'sjkXF*4kX.@9mh-ut8y.'
U2FsdGVkX1/4rGXLZs9q1GJk7lQsE0gLNecO4BzPFmg9YfIyrn7QmdScn9Jb907G
echo 'rusty!herring.pitshaft' | openssl enc -aes-256-cbc -md sha512 -a -pbkdf2 -iter 100000 -salt -pass pass:'sjkXF*4kX.@9mh-ut8y.' > .secret_vault.txt
```
#### Décrypter un mot-de-passe:
```bash
echo "U2FsdGVkX199dZHjA0wtjtt0OapR8EOpVwZ5mPqN3JJd40yhCS3fYYxEflQTXTwr" | openssl enc -aes-256-cbc -md sha512 -a -d -pbkdf2 -iter 100000 -salt -pass pass:'sjkXF*4kX.@9mh-ut8y.'
rusty!herring.pitshaft
cat .secret_vault.txt | openssl enc -aes-256-cbc -md sha512 -a -d -pbkdf2 -iter 100000 -salt -pass pass:'sjkXF*4kX.@9mh-ut8y.'
```
```bash
echo "U2FsdGVkX199dZHjA0wtjtt0OapR8EOpVwZ5mPqN3JJd40yhCS3fYYxEflQTXTwr" | openssl enc -aes-256-cbc -md sha512 -a -d -pbkdf2 -iter 100000 -salt
enter AES-256-CBC decryption password:
rusty!herring.pitshaft
```
#### Crypter un mot-de-passe:
```bash
```

8
docs/Divers/bash/json.md
View File

@@ -1,4 +1,4 @@
# json
# json (jq)
@@ -79,3 +79,9 @@ $ jq '.english.adjective[1]' file.js
good
```
### Loop
https://unix.stackexchange.com/questions/732602/create-a-json-using-bash-script

91
docs/Divers/bash/loop.md Normal file
View File

@@ -0,0 +1,91 @@
# Les boucles
### For
```bash
array=('item1' 'item2' 'item3')
for i in "${array[@]}"
do
echo "$i"
done
```
```bash
fruits=('apple' 'banana' 'cherry')
colors=('red' 'yellow' 'red')
for i in "${!fruits[@]}"
do
echo "The ${fruits[$i]} is ${colors[$i]}"
done
```
```bash
numbers=(1 2 3 4 5)
for num in "${numbers[@]}"
do
if ((num % 2 == 0))
then
echo "$num is even"
else
echo "$num is odd"
fi
done
```
```bash
declare -A fruits
fruits=( [apple]='red' [banana]='yellow' [cherry]='red' )
for fruit in "${!fruits[@]}"
do
echo "The $fruit is ${fruits[$fruit]}"
done
```
### While
```bash
fruits=('apple' 'banana' 'cherry')
index=0
while [ $index -lt ${#fruits[@]} ]
do
echo "I like ${fruits[$index]}"
((index++))
done
```
### Until
```bash
numbers=(1 2 3 4 5)
index=0
until [ $index -eq ${#numbers[@]} ]
do
echo "Processing number: ${numbers[$index]}"
((index++))
done
```
### mapfile
```bash
mapfile -t lines < file.txt
for line in "${lines[@]}"
do
echo "Processing line: $line"
done
```

91
docs/Divers/bash/mail_from_commandline.md Normal file
View File

@@ -0,0 +1,91 @@
# Send mail from command line
### ssmtp
Fichier de configuration:
```bash
nano /etc/ssmtp/ssmtp.conf
```
```bash
UseTTLS=YES
root=bruno@clicclac.info
mailhub=smtp.ovh.net:465
AuthUser=bruno@clicclac.info
AuthPass=xxxxxxxxxxxxxxx
FromLineOverride=YES
```
Email:
```
From: router@clicclac.info
To: bruno@clicclac.info
Subject: Sent from a terminal!
Your content goes here. Lorem ipsum dolor sit amet, consectetur adipisicing.
(Notice the blank space between the subject and the body.)
```
Envoyer l'email:
```bash
ssmtp bruno@clicclac.info < email.txt
```
### msmtp
Fichier de configuration:
```bash
nano ~/.msmtprc
```
```bash
defaults
tls on
tls_starttls off
logfile ~/.msmtp.log
account router
host ssl0.ovh.net
port 465
protocol smtp
from router@clicclac.info
from_full_name DS923
auth on
user router@clicclac.info
#passwordeval gpg --no-tty -q -d ~/.msmtp-password.gpg
password xxxxxxxxxxxxxxxxxxx
account default : router
```
```bash
chmod 600 ~/.msmtprc
```
Email:
```
From: router@clicclac.info
To: bruno@clicclac.info
Subject: Sent from a terminal!
Your content goes here. Lorem ipsum dolor sit amet, consectetur adipisicing.
(Notice the blank space between the subject and the body.)
```
Envoyer l'email:
```bash
msmtp -d -t < email.txt
```

13
docs/Divers/bash/passwords.md
View File

@@ -5,18 +5,27 @@
### Stocker un mot-de-passe, un token dans la Keychain:
```bash
$ security add-generic-password -s gh_access_tokens -a bruno -w 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
$ security add-generic-password -s gh_access_tokens -a bruno -w github_pat_xxyyzz
```
### Récupérer le mot-de-pass depuius la keychain:
```bash
$ security find-generic-password -w -s gh_access_tokens
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
github_pat_xxyyzz
$ gh_access_tokens=$(security find-generic-password -w -s gh_access_tokens)
```
### Supprimer un mot-de-passe, un token dans la Keychain:
```bash
$ security delete-generic-password -s gh_access_tokens -a bruno
keychain: "/Users/bruno/Library/Keychains/login.keychain-db"
.../...
password has been deleted.
```
https://scriptingosx.com/2021/04/get-password-from-keychain-in-shell-scripts/

20
docs/Divers/bash/printf.md
View File

@@ -91,3 +91,23 @@ printf " %-11s %-35b \n" "Width:" "${red}${width}${reset}"
# escapes are of the form \0 or \0NNN
```
Séparateur de millier ( ' )
```bash
LC_ALL=en_US.UTF-8 printf "| %-15s | %-4s | %'9.2f | %'9.2f | %'14d \n" "$name" "$symbol" "$price" "$price2" "$volume_24h"
| Bitcoin | BTC | 94,289.45 | 97,788.72 | 50,548,740,838 |
LC_ALL=fr_FR.UTF-8 printf "| %-15s | %-4s | %'9.2f | %'9.2f | %'14d \n" "$name" "$symbol" "$price" "$price2" "$volume_24h"
| Bitcoin | BTC | 94405,00 | 97909,00 | 50580369313 |
printf "| %-15s | %-4s | %'9.2f | %'9.2f | %'14d \n" "$name" "$symbol" "$price" "$price2" "$volume_24h"
| Bitcoin | BTC | 94348.51 | 97837.60 | 50613422301 |
```
https://stackoverflow.com/questions/9374868/number-formatting-in-bash-with-thousand-separator

91
docs/Divers/bash/strings.md
View File

@@ -4,8 +4,25 @@
### Concaténer une chaine:
##### Opérateur +=
```bash
upd+="$name "
string="Hello, "
string+="World"
echo "$string"
Hello, World
```
##### Les chaines côte à côte:
```bash
string1="Hello, "
string2="World"
string3="$string1$string2"
echo "$string3"
Hello, World
```
@@ -155,6 +172,42 @@ extension="${filename##*.}"
filename="${filename%.*}"
```
#### Sous-chaine entre 2 caractères ()
```bash
a="not_required=('drive' 'files' 'gitea' 'home-assistant' 'homebridge' 'portainer' 'tunes' 'wg' 'www')"
z=$(echo "$a" | awk -F"=" '{split($2, arr, "[()]"); print arr[2]}')
echo "$z"
'drive' 'files' 'gitea' 'home-assistant' 'homebridge' 'portainer' 'tunes' 'wg' 'www'
```
#### Entre 2 "" (quotes)
```bash
z=$(echo "$a" | awk -F'"' '{print $2}')
```
#### Extraire une sous-chaine par un délimiteur
```bash
$ string="Portez ce vieux whisky au juge blond qui fume"
# Supprime tout jusqu'à la 1ere occurence de ' '
$ echo "${string#* }"
ce vieux whisky au juge blond qui fume
# Supprime tout jusqu'à la dernière occurence de ' '
$ echo "${string##* }"
fume
# Supprime tout après la dernière occurence de ' '
echo ${string%' '*}
Portez ce vieux whisky au juge blond qui
```
### Remplacement de sous-chaine:
@@ -262,6 +315,20 @@ done <<< "$dependencies"
```
### Variable multi-line -> une ligne avec espaces
```bash
$ c=$(cat ~/.cryptos.yaml | yq '.lots[] | select(.quantity != 0) | .symbol')
BTC
ETH
$ c=$(cat ~/.cryptos.yaml | yq '.lots[] | select(.quantity != 0) | .symbol' | tr '\n' ' ')
BTC ETH
$ c=$(cat ~/.cryptos.yaml | yq '.lots[] | select(.quantity != 0) | .symbol' | tr -d '\n')
BTCETH
```
#### Regex:
@@ -381,6 +448,28 @@ BourgogneBurgundyBourgogneFranche-ComtéCôted'orcotedor
### URL
```bash
$ myurl='http://www.example.com/long/path/to/example/file.ext'
$ echo ${myurl##*/}
file.ext
awk -F / '{print $NF}'
$ echo ${myurl#*//}
www.example.com/long/path/to/example/file.ext
$ echo ${myurl%/*}
http://www.example.com/long/path/to/example
$ echo "$myurl" | grep -Eo '^http[s]?://[^/]+'
http://www.example.com
```
| **Parameter Expansion** | **Description** |
| --------------------------- | ------------------------------------------------------------ |
| ${variable:-value} | Si la variable est <u>unset</u> ou <u>undefined</u>, développez la **valeur**. |

69
docs/Divers/bash/tableaux.md
View File

@@ -135,8 +135,13 @@ sirop
```bash
$ tableau_indi=()
# Ajouter un élément à la fin du tableau
$ tableau_indi+=('cinq')
$ tableau_indi+=('six')
$ tableau_indi=("new_element" "${tableau_indi[@]}")
# Ajouter un élément au début du tableau
$ tableau_indi=("new_element" "${tableau_indi[@]}")
```
```bash
@@ -260,6 +265,19 @@ $ echo ${#tableau_indi[@]}
3 # 3 éléments
```
```
echo ${cryptos[@]}
echo ${#cryptos[@]}
for val in ${!cryptos[@]}
do
echo "index = ${val} , value = ${cryptos[$val]}"
done
```
```bash
$ declare -A tableau_asso=( ['chene']="gland" ['erable']="sirop" ['hetre']="faine" )
@@ -396,3 +414,54 @@ un deux # zsh: closing brace expected
```
### Ajouter le contenu d'un tableau à un autre tableau
```bash
$ array1+=(${array2[@]})
```
### Convertir une chaine en tableau
```bash
string="drive files gitea home-assistant homebridge portainer tunes wg www"
array=(${string})
echo "${array[@]}"
drive files gitea home-assistant homebridge portainer tunes wg www
```
### Trier un tableau
```bash
IFS=$'\n' sorted=($(sort <<<"${array[*]}"))
unset IFS
```
```bash
### Sort arrays alphabetically
IFS=$'\n'
NoUpdates=($(sort <<<"${NoUpdates[*]}"))
GotUpdates=($(sort <<<"${GotUpdates[*]}"))
unset IFS
```
### Copier un tableau
```bash
$ files=("a.txt" "b.txt")
$ filenames=("${files[@]}")
$ echo ${filenames[@]}
a.txt b.txt
```

55
docs/Divers/bash/translate.md
View File

@@ -9,12 +9,67 @@
https://github.com/eggplants/deepl-cli
```bash
# Pas besoin d'API Key
$ deepl --fr fr --to en -s <<'A'
bonjour
A
Hello
```
#### deep-cli
https://github.com/kojix2/deepl-cli
##### Translate text
```bash
export DEEPL_AUTH_KEY=your_api_key_here
deepl -i "bonjour" -t EN
Hello
deepl -i "bonjour" -f FR -t EN
Hello
echo "Hello" | deepl -t FR
Bonjour
wp --help | deepl -t FR | less
man git | deepl -t FR | less
deepl --paste -t DE
deepl -t FR foo.txt
```
##### Translate documents
```bash
deepl doc your.pdf -t pt
# The translated document will be saved as your_PT.pdf
```
##### Liste les languages disponibles
```
# Source
deepl -f
# Target
deepl -t
```
##### Environment Variables
| Name | Description |
| ----------------- | -------------------------------- |
| DEEPL_AUTH_KEY | DeepL API authentication key |
| DEEPL_TARGET_LANG | Default target language |
| DEEPL_USER_AGENT | User-Agent |
| EDITOR | Text editor for editing glossary |
#### translate shell

16
docs/Divers/bash/variables.md
View File

@@ -169,3 +169,19 @@ $ echo "$((5 / 2))"
2
```
##### Variables prédéfinies spéciales:
```bash
$# : nombre de paramètres de ligne de commande transmis au script.
$@ : tous les paramètres de ligne de commande transmis au script.
$ ? : le statut de sortie du dernier processus à exécuter.
$$ : ID de processus (PID) du script actuel.
$USER : le nom d'utilisateur de l'utilisateur exécutant le script.
$HOSTNAME : nom d'hôte de l'ordinateur exécutant le script.
$SECONDS : nombre de secondes pendant lesquelles le script a été exécuté.
$RANDOM : renvoie un nombre aléatoire.
$LINENO : renvoie le numéro de ligne actuel du script.
```

34
docs/Divers/certificat.md Normal file
View File

@@ -0,0 +1,34 @@
# Certificats
```bash
$ echo | openssl s_client -servername maboiteverte.fr -connect maboiteverte.fr:443 2>/dev/null | openssl x509 -noout -issuer -subject -dates
issuer=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Encryption Everywhere DV TLS CA - G2
subject=CN = *.maboiteverte.fr
notBefore=Jan 8 00:00:00 2024 GMT
notAfter=Jan 27 23:59:59 2025 GMT
```
```bash
$ echo | openssl s_client -servername maboiteverte.fr -connect maboiteverte.fr:443 2>/dev/null | openssl x509 -in /dev/stdin -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:68:76:d3:54:78:cf:e2:f8:d8:e0:16:89:c1:22:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Encryption Everywhere DV TLS CA - G2
Validity
Not Before: Jan 8 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: CN = *.maboiteverte.fr
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
```

6
docs/Divers/docker/docker.md
View File

@@ -444,6 +444,12 @@ WARNING! This will remove all custom networks not used by at least one container
Are you sure you want to continue? [y/N] y
```
**Voir les containers attaché à un réseau:**
```bash
$ docker network inspect --format '{{range $cid,$v := .Containers}}{{printf "%s: %s\n" $cid $v.Name}}{{end}}' "<network_id>"
```
## Stats:

141
docs/Divers/git/Untitled.md Normal file
View File

@@ -0,0 +1,141 @@
# Git : Divers
#### Trouver tous les repos:
```bash
find . -type d -exec [ -e '{}/.git' ] ';' -prune -print
```
#### Gitleaks
```bash
$ gitleaks detect -v
│╲
│ ○
○ ░
░ gitleaks
Finding: APIKEY="P500SaGgEA79l6wktSbakYGPjXfvAkTw0PMXykzKkrxLp"
Secret: P500SaGgEA79l6wktSbakYGPjXfvAkTw0PMXykzKkrxLp
RuleID: generic-api-key
Entropy: 4.631305
File: soco-cli-gui.sh
Line: 49
Commit: 8adf31b467bbe71d9a56b74761c40aeec5ceb171
Author: JohnDoe
Email: john@doe.com
Date: 2023-03-13T07:56:12Z
Fingerprint: 8adf31b467bbe71d9a56b74761c40aeec5ceb171:soco-cli-gui.sh:generic-api-key:49
Finding: APIKEY="P500SaGgEA79l6wktSbakYGPjXfvAkTw0PMXykzKkrxLp"
Secret: P500SaGgEA79l6wktSbakYGPjXfvAkTw0PMXykzKkrxLp
RuleID: generic-api-key
Entropy: 4.631305
File: soco-cli-gui.sh
Line: 1443
Commit: bdc25bc0a3eb61663a6437621f0ac3b7c41701ee
Author: JohnDoe
Email: john@doe.com
Date: 2023-03-11T14:57:24Z
Fingerprint: bdc25bc0a3eb61663a6437621f0ac3b7c41701ee:soco-cli-gui.sh:generic-api-key:1443
Finding: GITHUB_TOKEN=gdxfdo25vth9pvk3mev05s1z87y4t4s
Secret: gdxfdo25vth9pvk3mev05s1z87y4t4s
RuleID: generic-api-key
Entropy: 3.862815
File: soco-cli-gui.sh
Line: 17
Commit: e3fc8b675561b3d608e12a10cc1dd70241dcbc84
Author: JohnDoe
Email: john@doe.com
Date: 2021-01-16T11:04:35Z
Fingerprint: e3fc8b675561b3d608e12a10cc1dd70241dcbc84:soco-cli-gui.sh:generic-api-key:17
3:39PM INF 60 commits scanned.
3:39PM INF scan completed in 36.7ms
3:39PM WRN leaks found: 3
```
On indique les chaines à remplacer dans le fichier 'replace.txt':
```bash
~/Documents/Scripts/sonos main 15:39:25
$ echo '13314ba0099450eaa6c0b2233d0f6adde1f5c718==>GITHUB_TOKEN' >> replace.txt
```
```bash
~/Documents/Scripts/sonos main* 15:39:43
$ echo 'AIzaSyBtEqykacvWuWiLqq1-eIBZBrJzAYEx_xU==>GM_APIKEY' >> replace.txt
```
On initie le remplacement avec --force:
```bash
~/Documents/Scripts/sonos main* 15:39:49
$ git filter-repo --replace-text replace.txt
Aborting: Refusing to destructively overwrite repo history since
this does not look like a fresh clone.
(expected one remote, origin)
Please operate on a fresh clone instead. If you want to proceed
anyway, use --force.
```
```bash
~/Documents/Scripts/sonos main* 15:40:13
$ git filter-repo --replace-text replace.txt --force
Parsed 60 commits
New history written in 0.37 seconds; now repacking/cleaning...
Repacking your repo and cleaning out old unneeded objects
HEAD est maintenant à 0279b2d Rework alarms functions
Énumération des objets: 187, fait.
Décompte des objets: 100% (187/187), fait.
Compression par delta en utilisant jusqu'à 8 fils d'exécution
Compression des objets: 100% (111/111), fait.
Écriture des objets: 100% (187/187), fait.
Total 187 (delta 111), réutilisés 87 (delta 74), réutilisés du paquet 0 (depuis 0)
Completely finished after 0.83 seconds.
```
gitleaks ne détecte plus aucin leaks:
```bash
~/Documents/Scripts/sonos main* 15:40:22
$ gitleaks detect -v
│╲
│ ○
○ ░
░ gitleaks
3:40PM INF 60 commits scanned.
3:40PM INF scan completed in 29.8ms
3:40PM INF no leaks found
```
On pousse avec --force vers les remotes
```bash
~/Documents/Scripts/sonos main* 15:51:51
$ git push dsm923 main --force
Énumération des objets: 186, fait.
Décompte des objets: 100% (186/186), fait.
Compression par delta en utilisant jusqu'à 8 fils d'exécution
Compression des objets: 100% (73/73), fait.
Écriture des objets: 100% (186/186), 150.65 Kio | 75.32 Mio/s, fait.
Total 186 (delta 111), réutilisés 186 (delta 111), réutilisés du paquet 0 (depuis 0)
remote: Resolving deltas: 100% (111/111), done.
To dsm923e:/volume1/Repositories/repos/sonos.git
+ 56bbfb1...0279b2d main -> main (forced update)
```

12
docs/Divers/git/git.md
View File

@@ -43,7 +43,7 @@ Sur le serveur (DS916), aller dans le dossier Repo:
```bash
dsm916> cd /volume1/Repositories/
dsm916> git init -bare wp2012.git
dsm916> git init --bare wp2012.git
```
```bash
@@ -152,7 +152,7 @@ Bash.git est un repo --bare sur le NAS.
Créer un répertoire contenant les données du dépôt (working tree) ainsi qu'un répertoire .git
```bash
$ git clone ssh://bruno@clicclac.synology.me:42666/volume1/Repositories/bash.git
$ git clone ssh://bruno@photos-nas.ovh:42667/volume1/Repositories/bash.git
$ cd bash
drwxr-xr-x 12 bruno staff 384 May 8 07:46 .git
@@ -571,6 +571,14 @@ mbv git@gitea.maboiteverte.fr:shell/kymsu_mbv.git (fetch)
mbv git@gitea.maboiteverte.fr:shell/kymsu_mbv.git (push)
```
[Push to multiple remotes at once](https://leighmcculloch.com/posts/git-push-to-multiple-remotes-at-once/)
https://gist.github.com/rvl/c3f156e117e22a25f242
[Pushing to multiple git remotes simultaneously](https://jeffkreeftmeijer.com/git-multiple-remotes/)
[Working with Git remotes and pushing to multiple Git repositories](https://jigarius.com/blog/multiple-git-remote-repositories)
### Etiquettes:

4
docs/Divers/git/gitea.md
View File

@@ -24,12 +24,12 @@ https://docs.gitea.io/en-us/install-from-binary/#recommended-server-configuratio
#### Importer un repo local dans Gitea:
Dans Gitea, créer un nouveau dépôt (ne pas cocher Initialiser le dépôt): gitea_bash
Dans Gitea, créer un nouveau dépôt (ne pas cocher Initialiser le dépôt): wordpress
Dans le repo local, ajouter le dépôt gitea comme nouveau repo distant:
```bash
$ git remote add gitea https://clicclac.synology.me:3001/bruno/gitea_bash.git
$ git remote add origin https://gitea.photos-nas.ovh/shell/wordpress.git
```
Il ne reste plus qu' à pousser les commits sur le dépôt gitea:

88
docs/Divers/git/github.md
View File

@@ -86,3 +86,91 @@ $ curl -s -H "Accept: application/vnd.github.v3+json" https://api.github.com/rep
$ curl -s -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/go-gitea/gitea/releases/latest | jq -r '.'
```
#### Repo privé
Sur Github.com, aller dans Réglages -> Personal access tokens
Créer un tokens (classic) avec repo, admin:org,admin:public_key,admin:repo_hook,admin:org_hook
```bash
$ curl -H 'Authorization: token ghp_xxx' \
-H 'Accept: application/vnd.github.v3.raw' \
-O \
-L https://api.github.com/repos/Bruno21/bashbirds/contents/bashbirds.sh
```
```bash
$ curl https://x-access-token:ghp_xxx@raw.githubusercontent.com/Bruno21/bashbirds/main/bashbirds.sh
```
### GitHub CLI
https://docs.github.com/en/github-cli/github-cli/quickstart
```bash
gh auth login
? What account do you want to log into? GitHub.com
? What is your preferred protocol for Git operations on this host? SSH
? Upload your SSH public key to your GitHub account? /Users/bruno/.ssh/id_rsa.pub
? Title for your SSH key: GitHub CLI
? How would you like to authenticate GitHub CLI? Login with a web browser
! First copy your one-time code: 2A9B-F28C
Press Enter to open github.com in your browser...
✓ Authentication complete.
- gh config set -h github.com git_protocol ssh
✓ Configured git protocol
✓ Uploaded the SSH key to your GitHub account: /Users/bruno/.ssh/id_rsa.pub
✓ Logged in as Bruno21
```
#### Créer un repo sur Github.com:
```bash
$ gh repo create Bruno21/bashbirds --private
✓ Created repository Bruno21/bashbirds on GitHub
https://github.com/Bruno21/bashbirds
```
#### Créer un repo sur Github.com (mode interactif):
Push an existing local repository to GitHub
```bash
$ gh repo create
? What would you like to do? Push an existing local repository to GitHub
? Path to local repository .
? Repository name bashbirds
? Description
? Visibility Private
✓ Created repository Bruno21/bashbirds on GitHub
https://github.com/Bruno21/bashbirds
? Add a remote? Yes
? What should the new remote be called? github
✓ Added remote git@github.com:Bruno21/bashbirds.git
? Would you like to push commits from the current branch to "github"? Yes
The authenticity of host 'github.com (140.82.121.4)' can't be established.
ED25519 key fingerprint is SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'github.com' (ED25519) to the list of known hosts.
Énumération des objets: 13, fait.
Décompte des objets: 100% (13/13), fait.
Compression par delta en utilisant jusqu'à 8 fils d'exécution
Compression des objets: 100% (13/13), fait.
Écriture des objets: 100% (13/13), 80.34 Kio | 5.36 Mio/s, fait.
Total 13 (delta 5), réutilisés 0 (delta 0), réutilisés du paquet 0 (depuis 0)
remote: Resolving deltas: 100% (5/5), done.
To github.com:Bruno21/bashbirds.git
* [new branch] HEAD -> plus
la branche 'plus' est paramétrée pour suivre 'github/plus'.
✓ Pushed commits to git@github.com:Bruno21/bashbirds.git
```

59
docs/Divers/pentest.md Normal file
View File

@@ -0,0 +1,59 @@
# pentest
### Outils
- Kali Linux est une distribution Linux intégrant tous les outils nécessaires à la réalisation de tests dintrusion. Plus de 300 outils de sécurité sont à la disposition du pentester qui peut ainsi vérifier les vulnérabilités dun système à une offensive. Tous nos outils favoris sont bien entendu inclus dans cette distribution et cest pourquoi nous la recommandons et nous lutilisons quotidiennement.
- [nmap](https://nmap.org/) est un scanner de ports. Il permet danalyser un serveur distant et de déterminer quels ports sont ouverts. Il lui sera également possible de recueillir des informations sur le système dexploitation utilisé ainsi que sur les services hébergés.
- [Metasploit](https://www.metasploit.com/) est conçu pour réaliser des tests de pénétration. Il fournit donc des outils pour détecter des vulnérabilités, fournir un maximum dinformations dessus et aider à les exploiter. Un framework de développement est disponible afin de pouvoir configurer et utiliser des « exploits » (morceau de code permettant dutiliser une vulnérabilité connue sur un système ou un logiciel) pour tenter de pénétrer un système cible.
- Wireshark
- John The Ripper
- Hashcat
- [Hydra](https://github.com/vanhauser-thc/thc-hydra) est un outil très performant pour réaliser des attaques en force brute. Il supporte de nombreux protocoles et teste toutes les combinaisons possibles de mots de passe afin dobtenir laccès à un système.
- Burp Suite
- [Zed Attack Proxy (ZAP)](https://www.zaproxy.org) est un outil open-source permettant de réaliser des tests de pénétration sur les applications web. Il se place entre lapplication web et le navigateur utilisé par le testeur. Il va ensuite intercepter puis inspecter tous les échanges ayant lieu entre le navigateur et lapplication web. Il va également modifier le contenu de certains messages avant de les faire parvenir à leur destinataire et de vérifier le comportement de lapplication.
- [sqlmap](https://sqlmap.org/) est un outil open-source ayant pour objectif dautomatiser des attaques par injection SQL sur des applications web. Il permet donc didentifier les vulnérabilités dune application ou dun site web vis-à-vis dune attaque par injection SQL.
- aircrack-ng
- Dirb
- [Nikto](https://cirt.net/nikto2) est un scanner de vulnérabilités open-source destiné plus particulièrement aux serveurs web. Il va notamment permettre de vérifier les versions des logiciels et des modules utilisés sur le serveur, mais également scanner larborescence des répertoires à la recherche dinformations sensibles.
- dir search
- [SSLScan](https://sourceforge.net/projects/sslscan/) est un outil léger et simple à utiliser permettant de scanner les requêtes échangées avec un service SSL (comme https par exemple, sécurisant bon nombre de sites web). Il permet ainsi dobtenir des informations sur le chiffrement et sur les certificats utilisés.
- [Social Engineer Toolkit (SET)](https://www.social-engineer.org/framework/se-tools/computer-based/social-engineer-toolkit-set/) est conçu spécifiquement pour faire de lingénierie sociale. Il est totalement configurable et permet entre autres choses de créer facilement des emails de phishing dans le cadre dun pentest.
- [theHarvester](https://pypi.org/project/theHarvester/) est également un outil de test de pénétration. Il permet de récupérer un grand nombre dinformations comme des noms de serveurs, noms de domaines, comptes emails, ports ouverts et même noms demployés sur le système dinformation dune entreprise. Pour cela, il base son analyse sur de nombreuses sources en accès public comme les moteurs de recherche.
- [OpenVas](https://www.openvas.org/) est lacronyme de « Open Vulnerability Assessment Scanner ». Comme son nom lindique, il sagit dun scanner de vulnérabilités. Il est capable de scanner tout matériel possédant une adresse IP et relié au réseau : poste de travail, serveur, routeur, pare-feu, smartphone, site web, objet connecté, poste téléphonique sur IP…
Le logiciel cartographie les cibles potentielles sur le réseau, détecte les ports accessibles, identifie les services actifs et leurs versions. A partir de ces informations, les différents éléments seront scannés à la recherche de vulnérabilités et un rapport sera généré.
https://www.lemondeinformatique.fr/actualites/lire-11-outils-pour-s-initier-au-pentest-80103.html
- [SearchSploit](https://www.exploit-db.com/searchsploit)
- [metasploit](https://www.metasploit.com)
OWASP

53
docs/Divers/wp-cli/Installation.md
View File

@@ -10,6 +10,22 @@ $ brew install wp-cli
```bash
$ brew install wp-cli-completion
# => /opt/homebrew/Cellar/wp-cli-completion/2.11.0/etc/bash_completion.d/wp
# Bash: /opt/homebrew/etc/bash_completion.d
# Zsh: /opt/homebrew/share/zsh-completions
# Bash: /opt/homebrew/share/bash-completion/completion
[[ -r $(brew --prefix)/Cellar/wp-cli-completion/2.11.0/etc/bash_completion.d/wp ]] && source $(brew --prefix)/Cellar/wp-cli-completion/2.11.0/etc/bash_completion.d/wp
```
#### Installer le script [**wp-cli bash completion**](https://github.com/wp-cli/wp-cli/raw/master/utils/wp-completion.bash)
- Télécharger le script et le copier dans le dossier Home
@@ -135,3 +151,40 @@ WP-CLI project config:
WP-CLI version: 2.0.0
```
### 4. Installer wp-cli sur sur-le-sentier.fr
```bash
# !/usr/bin/env bash
# Télécharger
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
# Test
php wp-cli.phar --info
chmod +x wp-cli.phar
sudo mv wp-cli.phar wp
# Test
./wp --info
# Ajouter dans .bash_aliases
alias wp='$HOME/wp'
# Installer les TAB completions
curl -O https://raw.githubusercontent.com/wp-cli/wp-cli/v2.6.0/utils/wp-completion.bash
echo "source ~/wp-completion.bash" >> .bashrc
```
```bash
# Mise-à-jour
wp cli update --nightly
wp cli update
```
https://make.wordpress.org/cli/handbook/references/shell-friends/

28
docs/Divers/wp-cli/wp_maintenance.md Normal file
View File

@@ -0,0 +1,28 @@
# wp maintenance-mode
Aide:
```bash
$ wp help maintenance-mod
```
```bash
NAME
wp maintenance-mode
DESCRIPTION
Activates, deactivates or checks the status of the maintenance mode of a site.
SYNOPSIS
wp maintenance-mode <command>
SUBCOMMANDS
activate Activates maintenance mode.
deactivate Deactivates maintenance mode.
is-active Detects maintenance mode status.
status Displays maintenance mode status.
```

6
docs/Divers/wp-cli/wp_search-replace.md
View File

@@ -90,4 +90,8 @@ Success: 3 replacements to be made.
Pour chercher dans toutes les tables (également celles des plug-ins): `--all-tables`
Pour simuler: `--dry-run`
Pour créer un dump des modfications: `--export=/tmp/staging.sql`
Pour créer un dump des modfications: `--export=/tmp/staging.sql`
https://www.it-connect.fr/wordpress-et-wp-cli-rechercher-et-remplacer-dans-la-base-de-donnees/

22
docs/Divers/zsh/plugins.md
View File

@@ -363,6 +363,28 @@ export PATH="$HOME/Documents/venv/soco-cli/bin:$PATH"
#### zsh-fzf-history-search
[zsh-fzf-history-search.zsh](https://github.com/joshskidmore/zsh-fzf-history-search/blob/master/zsh-fzf-history-search.zsh)
```bash
# zsh-fzf-history-search
zinit ice lucid wait'0'
zinit light joshskidmore/zsh-fzf-history-search
```
#### fzf-zsh-plugin
https://github.com/unixorn/fzf-zsh-plugin
```bash
zinit load unixorn/fzf-zsh-plugin
```
#### web-search *
Lance une recherche depuis le terminal.

143
docs/Divers/zsh/zsh_with_just plugins.md Normal file
View File

@@ -0,0 +1,143 @@
# Zsh sans plugin manager ni OMZ
https://dev.to/hbenvenutti/using-zsh-without-omz-4gch
Au début du fichier .zshrc, insérer:
```bash
### ZSH HOME
export ZSH=$HOME/.zsh
autoload -Uz compinit
compinit
```
On insère les plugins à la fin du fichier .zshrc
```bash
# https://github.com/ikhurramraza/bol
~/.zsh/plugins
➜ git clone https://github.com/ikhurramraza/bol.git
# Inserer les citations dans /Users/bruno/.zsh/plugins/bol/quotes
# Ajouter au .zshrc
source $ZSH/plugins/bol/bol.plugin.zsh
```
```bash
# https://github.com/kazhala/dotbare
~/.zsh/plugins
➜ git clone https://github.com/kazhala/dotbare.git
# Ajouter au .zshrc
source $ZSH/plugins/dotbare/dotbare.plugin.zsh
```
```bash
# https://github.com/MichaelAquilina/zsh-you-should-use
~/.zsh/plugins
➜ git clone https://github.com/MichaelAquilina/zsh-you-should-use.git
# Ajouter au .zshrc
source $ZSH/plugins/dotbare/dotbare.plugin.zsh
```
```bash
# https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/history-substring-search
# https://github.com/zsh-users/zsh-history-substring-search
~/.zsh/plugins
➜ git clone https://github.com/zsh-users/zsh-history-substring-search
# Ajouter au .zshrc
source $ZSH/plugins/zsh-history-substring-search/zsh-history-substring-search.plugin.zsh
```
```bash
# https://github.com/zsh-users/zsh-autosuggestions
~/.zsh/plugins
➜ git clone https://github.com/zsh-users/zsh-autosuggestions.git
# Ajouter au .zshrc
source $ZSH/plugins/zsh-autosuggestions/zsh-autosuggestions.plugin.zsh
```
.zshrc
```bash
source $ZSH/plugins/bol/bol.plugin.zsh
source $ZSH/plugins/zsh-autosuggestions/zsh-autosuggestions.zsh
source $ZSH/plugins/zsh-history-substring-search/zsh-history-substring-search.plugin.zsh
fpath=($ZSH/plugins/zsh-completions/src $fpath)
# rm -f ~/.zcompdump; compinit
source $ZSH/plugins/fast-syntax-highlighting/fast-syntax-highlighting.plugin.zsh
```
https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/bbedit
https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/chezmoi
https://www.chezmoi.io/#what-does-chezmoi-do
https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/colored-man-pages
https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/colorize
https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/dotenv
https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/keychain
Coloration syntaxique dans nano:
```bash
curl https://raw.githubusercontent.com/scopatz/nanorc/master/install.sh | sh
```
```bash
~
cd
drwxr-xr-x@ - bruno staff 21 mar 21:01 21 mar 21:01  .nano
.rw-r--r--@ 2,7Ki bruno staff 21 mar 21:01 21 mar 21:01  .nanorc
```
.dircolors:
```bash
https://github.com/seebi/dircolors-solarized
```
Préférences:
| | |
| --------- | ----------------------------- |
| Multitail | /usr/local/etc/multitail.conf |
| | |
| | |

36
docs/Linux/conditions.md
View File

@@ -90,7 +90,39 @@ fi
### Conditions:
#### -fichier
#### -variables:
Si la variable est déclarée (présente) : -v
```bash
API_KEY=
if [ -v API_KEY ]; then echo "La variable API_KEY existe"; fi
La variable API_KEY existe
if [ -v $API_KEY ]; then echo "La variable API_KEY existe"; fi
La variable API_KEY existe
```
```bash
# Déclarée => vide
if [ -n "$API_KEY" ]; then echo "La variable API_KEY n'est pas vide"; else echo "La variable API_KEY est vide"; fi
La variable API_KEY est vide
# Non déclarée => vide
if [ -n "$API_KEY2" ]; then echo "La variable API_KEY2 n'est pas vide"; else echo "La variable API_KEY2 est vide"; fi
La variable API_KEY2 est vide
```
```bash
# Non déclarée => vide
if [ -z "$API_KEY3" ]; then echo "La variable API_KEY est vide"; else echo "La variable API_KEY n'est pas vide"; fi
La variable API_KEY est vide
```
#### -dossiers:
Si le répertoire *<u>directory</u>* existe
@@ -110,6 +142,8 @@ if find "$local_path/node_modules" -mindepth 1 -maxdepth 1 | read; then echo "di
if [ -d "$local_path/node_modules" ] && [ -n "$(ls -A "$local_path/node_modules")" ]; then echo "dir not empty"; else echo "dir empty"; fi
```
#### -fichiers:
Si le fichier *<u>regularfile</u> (ni un blockspecialfile, ni un characterspecialfile, ni un directory)* existe
```bash

31
docs/Linux/cron.md
View File

@@ -14,7 +14,7 @@
------------- Minute (0 - 59)
```
https://crontab.guru
@@ -48,3 +48,32 @@ Le fichier crontab s'ouvre dans l'éditeur spécifié par la variable d'environn
https://linuxize.com/post/scheduling-cron-jobs-with-crontab/
#### Voir si le cron est exécuté:
On ouvre la crontab avec `# crontab -e`:
```bash
# On redirige la sortie et les erreurs du scripts vers les logs avec 2>&1 | logger -t up_pihole
# Ici le cron est exécuté toutes les 2 minutes.
*/2 * * * * bash /root/update_pihole.sh 2>&1 | logger -t up_pihole
```
On cherche les sorties du cron dans les logs:
```bash
# journalctl -f | grep 'up_pihole\|cron'
```
```bash
Aug 25 16:40:01 PiHole1 CRON[438003]: (root) CMD (/usr/bin/env > /root/cron-env)
Aug 25 16:40:01 PiHole1 CRON[438004]: (root) CMD (bash /root/update_pihole.sh 2>&1 | logger -t up_pihole)
Aug 25 16:40:01 PiHole1 CRON[438001]: pam_unix(cron:session): session closed for user root
Aug 25 16:40:02 PiHole1 up_pihole[438007]: Find Pi-hole update on PiHole1
Aug 25 16:40:02 PiHole1 up_pihole[438007]:
Aug 25 16:40:02 PiHole1 up_pihole[438007]: Pi-hole Current Last
Aug 25 16:40:02 PiHole1 up_pihole[438007]: Pi-hole v5.18.3 v5.18.3
```

24
docs/Divers/bash/curl.md → docs/Linux/curl.md
View File

@@ -46,6 +46,30 @@ find /Users/bruno/Desktop/Juin -type f | xargs -L 1 bash -c '/opt/homebrew/opt/c
#### Rendre curl silencieux:
##### Masquer erreurs et barre de progression:
```bash
curl -s https://google.com
```
##### Complètement silencieux:
```bash
curl -s -o /dev/null https://google.com
```
##### Afficher juste les erreurs:
```bash
curl -S -s -o /dev/null https://google.com
```
#### Options:
```
-Z, --parallel
-#, --progress-bar

55
docs/Linux/cut.md
View File

@@ -8,3 +8,58 @@
```bash
# -d (delimiter) :
# -f (field) 1
$ cut -d':' -f1 /etc/passwd
nobody
root
daemon
_uucp
_taskgated
_networkd
cut -d':' -f1-3,5,6 /etc/passwd
```
```bash
# Tout sauf 7e champ
$ cut -d':' -f7 --complement /etc/passwd
```
```bash
# Remplace le séparateur ':' par ' '
$ cut -d':' -f7 --complement /etc/passwd --output-delimiter=' '
```
```bash
# 5e caractère
$ echo 'cut command' | cut -b 5
c
# 5 au 7e caractères
$ echo 'cut command' | cut -b 5-7
com
# 5 et 7e caractères
$ echo 'cut command' | cut -b 5,7
cm
# Du 5e à la fin
$ echo 'cut command' | cut -b 5-
command
# Du début au 5e
$ echo 'cut command' | cut -b -5
cut c
```

25
docs/Linux/fd.md
View File

@@ -32,6 +32,8 @@ pip/pip.conf
##### Recherche dans un répertoire particulier:
```bash
# Fichiers cachés (-H) dans le dossier .ssh
$ fd -HI 'id_*' .ssh
.ssh/id_ed25519
.ssh/id_ed25519.pub
@@ -72,6 +74,21 @@ $ fd -HI '.*[0-9]\.jpg$' ~
$ find ~ -iname '*[0-9].jpg'
```
##### Rechercher une extension:
```bash
# Rechercher les scripts bash (.sh) dans le répertoire courant
$ fd -e sh .
convert-videos-for-plex.sh
handbrake_for_plex.sh
keywords2insta.sh
macho.sh
```
##### Sans arguments:
```bash
@@ -96,6 +113,14 @@ $ fd -I -g php.ini /opt
/opt/homebrew/etc/php/8.0/php.ini
```
##### Rechercher plusieurs patterns:
```bash
$ fd -H ".env|docker-compose.yml"
.env
docker-compose.yml
```
#### Option:

14
docs/Linux/find.md
View File

@@ -213,6 +213,20 @@ $ find /volume1/@appstore/PHP7.4/etc ! -perm 644
/volume1/@appstore/PHP7.4/etc/php/conf.d
```
Rechercher les fichiers avec permission 644 et les afficher avec ls:
```bash
$ find -maxdepth 1 -type f -perm -644 -ls
920871 148 -rw-r--r-- 1 sentier psacln 148546 Nov 14 16:37 ./12_2008.jpg
920718 276 -rw-r--r-- 1 sentier psacln 278540 Nov 14 16:37 ./7_2017.jpg
920675 120 -rw-r--r-- 1 sentier psacln 120837 Nov 14 16:37 ./5_2020.jpg
$ find -maxdepth 1 -type f -perm -644 -exec ls -la {} \;
-rw-r--r-- 1 sentier psacln 89608 Nov 14 16:37 ./11_2018.jpg
-rw-r--r-- 1 sentier psacln 258835 Nov 14 16:37 ./9_2007.jpg
-rw-r--r-- 1 sentier psacln 343441 Nov 14 16:37 ./7_2005.jpg
```
Rechercher les fichiers avec permission 777 et les modifiés en 644:
```bash

185
docs/Linux/fzf.md
View File

@@ -228,6 +228,10 @@ https://reposhub.com/linux/shell-applications/lincheney-fzf-tab-completion.html
### Python
#### Activer un venv:
```bash
function activate-venv() {
local selected_env
@@ -239,3 +243,184 @@ function activate-venv() {
}
```
### Git
#### Git commit history
```bash
git log --oneline | fzf --preview 'git show --name-only {1}'
```
### Navigateurs
#### Recherche dans l'historique de Firefox:
```bash
cd ~/Library/Application\ Support/Firefox/Profiles/*.default-release
sqlite3 places.sqlite "SELECT url FROM moz_places" | fzf
```
#### Recherche dans les bookmarks de chrome:
```bash
b() {
bookmarks_path=~/Library/Application\ Support/Google/Chrome/Default/Bookmarks
jq_script='
def ancestors: while(. | length >= 2; del(.[-1,-2]));
. as $in | paths(.url?) as $key | $in | getpath($key) | {name,url, path: [$key[0:-2] | ancestors as $a | $in | getpath($a) | .name?] | reverse | join("/") } | .path + "/" + .name + "\t" + .url'
jq -r "$jq_script" < "$bookmarks_path" \
| sed -E $'s/(.*)\t(.*)/\\1\t\x1b[36m\\2\x1b[m/g' \
| fzf --ansi \
| cut -d$'\t' -f2 \
| xargs open
}
```
#### Recherche dans l'historique de Safari:
```bash
function sbh() {
local cols sep
cols=$(( COLUMNS / 3 ))
sep='{::}'
cp -f ~/Library/Safari/History.db /tmp/h
sqlite3 -separator $sep /tmp/h \
"select substr(id, 1, $cols), url
from history_items order by visit_count_score desc" |
awk -F $sep '{printf "%-'$cols's \x1b[36m%s\x1b[m\n", $1, $2}' |
fzf --ansi --multi | sed 's#.*\(https*://\)#\1#' | xargs open
}
fzf-safari-browser-history()
{
local cols sep
columns=$(( COLUMNS / 3 ))
separator='{::}'
sqlite3 -separator $separator $HOME/Library/Safari/History.db \
"select distinct substr(title, 1, $columns), url from history_items
inner join history_visits on history_items.id = history_visits.history_item
order by history_visits.visit_time desc;" |
awk -F $separator '{printf "%-'$columns's \x1b[36m%s\x1b[m\n", $1, $2}' |
fzf --ansi --multi | sed 's#.*\(https*://\)#\1#' | xargs open -a safari
}
```
### Terminal
#### Kill process:
```bash
kill -9 $(ps aux | fzf | awk '{print $2}')
```
#### File preview
```bash
fzf --preview 'bat --style=numbers --color=always --line-range :500 {}'
```
```bash
fd . '/opt/homebrew' | fzf --height=90% --reverse --preview 'cat {}' --query '_log'
```
### Docker
```bash
# Select a docker container to start and attach to
function da() {
local cid
cid=$(docker ps -a | sed 1d | fzf -1 -q "$1" | awk '{print $1}')
[ -n "$cid" ] && docker start "$cid" && docker attach "$cid"
}
```
```bash
# Select a running docker container to stop
function ds() {
local cid
cid=$(docker ps | sed 1d | fzf -q "$1" | awk '{print $1}')
[ -n "$cid" ] && docker stop "$cid"
}
```
```bash
# Select a docker container to remove
function drm() {
local cid
cid=$(docker ps -a | sed 1d | fzf -q "$1" | awk '{print $1}')
[ -n "$cid" ] && docker rm "$cid"
}
# Same as above, but allows multi selection:
function drm() {
docker ps -a | sed 1d | fzf -q "$1" --no-sort -m --tac | awk '{ print $1 }' | xargs -r docker rm
}
```
```bash
# Select a docker image or images to remove
function drmi() {
docker images | sed 1d | fzf -q "$1" --no-sort -m --tac | awk '{ print $3 }' | xargs -r docker rmi
}
```
### Homebrew Cask
```bash
# Install or open the webpage for the selected application
# using brew cask search as input source
# and display a info quickview window for the currently marked application
install() {
local token
token=$(brew search --casks "$1" | fzf-tmux --query="$1" +m --preview 'brew info {}')
if [ "x$token" != "x" ]
then
echo "(I)nstall or open the (h)omepage of $token"
read input
if [ $input = "i" ] || [ $input = "I" ]; then
brew install --cask $token
fi
if [ $input = "h" ] || [ $input = "H" ]; then
brew home $token
fi
fi
}
```
#### fzf-brew
```bash
antigen bundle thirteen37/fzf-brew
fbi: Fuzzy brew install
fbui: Fuzzy brew uninstall
fci: Fuzzy cask install
fcui: Fuzzy cask uninstall
```
https://github.com/thirteen37/fzf-brew?tab=readme-ov-file

6
docs/Linux/grep.md
View File

@@ -155,3 +155,9 @@ Afficher les 5 lignes qui suivent le motif recherché:
grep 'toto' -A5 fichier.txt
```
Afficher les 5 lignes qui précèdent le motif recherché:
```bash
grep 'toto' -B5 fichier.txt
```

13
docs/Linux/links.md
View File

@@ -26,10 +26,21 @@ hello.txt link
```bash
~ ln -s link/hello.txt hello_you.txt
~ ls
~
$ ls
hello.txt link hello_you.txt
```
```bash
~/.local/bin
$ ln -s ~/Documents/Scripts/pihole/sync_pihole_lan.sh sync_pihole
```
```bash
~/.local/bin
$ ln -s ~/Documents/Scripts/bashbirds/bashbirds.sh bashbird
```
### hard link:

5
docs/Linux/shell.md
View File

@@ -136,3 +136,8 @@ PING 192.168.1.8 (192.168.1.8): 56 data bytes
bck-i-search: nas_
```
### Interactive shell
https://unix.stackexchange.com/questions/46789/check-if-script-is-started-by-cron-rather-than-invoked-manually

14
docs/Linux/ssh.md
View File

@@ -28,12 +28,24 @@ bruno@macbook-pro:~$ sudo chmod 755 ~/.ssh
#### Copier un fichier:
#### Copier un fichier depuis le serveur:
```bash
macbook-pro:~ bruno$ ssh root@192.168.1.8 "cat prefs.tar.gz"> prefs.tar.gz
```
```bash
$ ssh pihole1 "cat update_pihole.sh"> update_pihole_pi1.sh
$ ssh pihole2 "cat update_pihole.sh"> update_pihole_pi2.sh
```
#### Envoyer un fichier sur le serveur:
```bash
$ cat update_pihole_pi1.sh | ssh pihole1 'cat > update_pihole.sh'
$ cat update_pihole_pi2.sh | ssh pihole2 'cat > update_pihole.sh'
```
#### Exécuter une (ou plusieurs) commande sur un serveur distant:

116
docs/Plesk/Plesk.md
View File

@@ -36,3 +36,119 @@ Outils et Paramètres -> **Apparence de Plesk** -> Langues
https://romantic-nightingale.212-227-191-167.plesk.page:8447/select_components.html
### zstd: error 25 : Write error : No space left on device (cannot write compressed block)
```bash
Setting up initramfs-tools (0.140ubuntu13.4) ...
update-initramfs: deferring update (trigger activated)
Processing triggers for initramfs-tools (0.140ubuntu13.4) ...
update-initramfs: Generating /boot/initrd.img-5.15.0-119-generic
zstd: error 25 : Write error : No space left on device (cannot write compressed block)
E: mkinitramfs failure zstd -q -1 -T0 25
update-initramfs: failed for /boot/initrd.img-5.15.0-119-generic with 1.
dpkg: error processing package initramfs-tools (--configure):
installed initramfs-tools package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
initramfs-tools
E: Sub-process /usr/bin/dpkg returned an error code (1)
```
[Safely Removing Old Kernels](https://help.ubuntu.com/community/RemoveOldKernels)
https://github.com/rubo77/remove-old-kernels
La partition /boot est pleine:
```bash
$ df
Filesystem 1K-blocks Used Available Use% Mounted on
tmpfs 396900 1576 395324 1% /run
/dev/mapper/vg00-lv01 121147748 23482928 92641976 21% /
tmpfs 1984492 4 1984488 1% /dev/shm
tmpfs 5120 20 5100 1% /run/lock
/dev/vda1 498900 385456 76748 84% /boot
overlay 121147748 23482928 92641976 21% /var/lib/docker/overlay2/c3f6a94615fd3d71bf9a30c4270abda191b82d740ec423366e15aff59954215b/merged
overlay 121147748 23482928 92641976 21% /var/lib/docker/overlay2/32937ff042ce2d6af0ace187f7a06019f273c7c47b9e0a3d43bd08bd910d7bfb/merged
overlay 121147748 23482928 92641976 21% /var/lib/docker/overlay2/c3a657579b376ee7079682eb1668115a001aef79fcd5e6e48f14786e0187023f/merged
overlay 121147748 23482928 92641976 21% /var/lib/docker/overlay2/64e527239f42c7255578257a7830f97b3df5e9ffba7cc14fcf1f51556573dbcb/merged
overlay 121147748 23482928 92641976 21% /var/lib/docker/overlay2/1a8ee224695743c7a8b7e0c2aae7d71f76789fd09583513190196f52ebb6599a/merged
tmpfs 396896 8 396888 1% /run/user/10001
```
#### Kernel courant:
```bash
$ uname -r
5.15.0-119-generic
```
#### Liste des Kernels
```bash
$ dpkg -l | tail -n +6 | grep -E 'linux-image-[0-9]+'
rc linux-image-4.2.0-14-generic ## The oldest kernel in the database
## Status 'rc' means it's already been removed
ii linux-image-4.2.0-15-generic ## The oldest installed kernel. Removable.
## Status 'ii' means Installed.
ii linux-image-4.2.0-16-generic ## Another old installed kernel. Removable.
ii linux-image-4.2.0-18-generic ## Another old installed kernel. Removalbe.
ii linux-image-4.2.0-19-generic ## The previous good kernel. Keep.
ii linux-image-4.2.0-21-generic ## Same version as 'uname -r', package for the current
## kernel. DO NOT REMOVE.
iU linux-image-4.2.0-22-generic ## DO NOT REMOVE. Status 'iU' means it's not installed,
## but queued for install in apt.
## This is the package we want apt to install.
```
```bash
$ sudo update-initramfs -d -k 4.2.0-15-generic
```
```bash
$ sudo dpkg --purge linux-image-4.2.0-15-generic
```
Si erreur:
```bash
$ sudo dpkg --purge linux-image-4.2.0-15-generic linux-image-extra-4.2.0-15-generic
```
#### Maintenance
```bash
$ sudo apt-get autoremove --purge
```
### apt update
##### 4 packages can be upgraded. Run 'apt list --upgradable' to see them.
```bash
root@eloquent-benz:/etc/apt/keyrings# apt update
.../...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
4 packages can be upgraded. Run 'apt list --upgradable' to see them.
```
```bash
root@eloquent-benz:/etc/apt/keyrings# apt list --upgradable
Listing... Done
python3-update-manager/jammy-updates,jammy-updates 1:22.04.20 all [upgradable from: 1:22.04.19]
ubuntu-advantage-tools/jammy-updates,jammy-updates 32.3.1~22.04 amd64 [upgradable from: 30~22.04]
ubuntu-pro-client-l10n/jammy-updates 32.3.1~22.04 amd64 [upgradable from: 30~22.04]
update-manager-core/jammy-updates,jammy-updates 1:22.04.20 all [upgradable from: 1:22.04.19]
```
```bash
root@eloquent-benz:/etc/apt/keyrings# apt-get install --only-upgrade python3-update-manager
```

13
docs/Programmation/Sqlite.md
View File

@@ -217,3 +217,16 @@ Array
)
```
#### Bash
```bash
~/Sites/sls/a master* 18:04:36
sqlite3 contact8.sqlite "SELECT * FROM Details"
1|Rebbecca|Didio|03-8174-9123|rebbecca.didio@didio.com.au
2|Stevie|Hallo|07-9997-3366|stevie.hallo@hotmail.com
3|Mariko|Stayer|08-5558-9019|mariko_stayer@hotmail.com
```

31
docs/Raspberry/backup_sd.md
View File

@@ -2,6 +2,8 @@
##### Sous Linux:
```bash
bruno@debian:~$ sudo fdisk -l
@@ -18,8 +20,6 @@ Périphérique Amorçage Début Fin Secteurs Taille Id Type
/dev/sdg2 98304 62333951 62235648 29,7G 83 Linux
```
```bash
bruno@debian:~$ sudo dd if=/dev/sdg of=~/raspian_backup.img status=progress
62333952+0 enregistrements lus
@@ -31,6 +31,26 @@ bruno@debian:~$ sudo dd if=/dev/sdg of=~/raspian_backup.img status=progress
# status=progress sinon dd n'affiche rien
```
##### Sur Mac:
```bash
$ diskutil list
/dev/disk6 (external, physical):
#: TYPE NAME SIZE IDENTIFIER
0: FDisk_partition_scheme *8.0 GB disk6
1: Windows_FAT_32 NO NAME 134.2 MB disk6s1
2: Linux 7.9 GB disk6s2
```
```bash
$ sudo dd if=/dev/disk6 of=/Volumes/Sophie/RaspberryPi/DietPi_RPi1-ARMv6.dmg
15712256+0 records in
15712256+0 records out
8044675072 bytes (8,0 GB, 7,5 GiB) copied, 143,074 s, 56,2 MB/s
```
Avec dd, l'image à la même taille que le disque, quelque soit la taille occupée réelle.
@@ -88,6 +108,11 @@ Utiliser WinDisk32 sourceforge.net/projects/win32diskimager
# Sous macOS
ApplePi-Baker permet de sauvegarder un carte SD en fichier image, et surtout de shrinker l'image (contracter une SD de 32Go en l'espace réellement utilisésolus)
ApplePi-Baker permet de sauvegarder un carte SD en fichier image, et surtout de shrinker l'image (contracter une SD de 32Go en l'espace réellement utilisé)
[ApplePi-Baker v2](https://www.tweaking4all.com/software/macosx-software/applepi-baker-v2/)
```bash
brew install applepi-baker
```

79
docs/Raspberry/diet-pi.md
View File

@@ -42,6 +42,13 @@ systemctl status dropbear.service
DROPBEAR_EXTRA_ARGS=“-w -g”
```
Editer et redémarrer Dropbear:
```bash
root@PiHole1:~# nano /etc/default/dropbear
root@PiHole1:~# systemctl restart dropbear.service
```
#### --help
@@ -95,3 +102,75 @@ Usage: dropbear [options]
cat ~/.ssh/id_rsa.pub | ssh -p65535 root@192.168.12.116 'cat>> ~/.ssh/authorized_keys'
```
### Log
```bash
# journalctl --no-pager | grep 'cron'
```
| Command | Remark |
| :-------------------------------------------- | :----------------------------------------------------------- |
| `journalctl -u UNITNAME` (`--unit UNITNAME`) | Displays messages of the given unit |
| `journalctl _PID=<process_id>` | Displays messages of process with PID equals to <process_id> |
| `journalctl -r` (`--reverse`) | Displays list in reverse order, i.e. newest messages first |
| `journalctl -f` (`--follow`) | Displays the tail of the log message list and shows new entries *live* |
| `journalctl -b` (`--boot`) | Displays messages since the last boot (i.e. no older messages). See also option `--list-boots` |
| `journalctl -k` (`--dmesg`) | Displays kernel messages |
| `journalctl -p PRIORITY` (priority PRIORITY) | Displays messages with the given priority. PRIORITY may be `merg`, `alert`, `crit`, `err`, `warning`, `notice`, `info` and `debug`. Also numbers as PRIORITY are possible |
| `journalctl -o verbose` | Displays additional meta data |
| `journalctl --disk-usage` | Displays the amount of disk space used by the logging messages |
| `journalctl --no-pager | grep <filter>` | Filters log messages (filtering with `grep`) |
#### Quand sont exécutés les scripts cron.hourly, cron.daily, cron.montly...
```bash
grep run-parts /etc/crontab
#*/0 * * * * root cd / && run-parts --report /etc/cron.minutely
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 1 * * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.daily; }
47 1 * * 7 root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.weekly; }
52 1 1 * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.monthly; }
```
#### Exécuter les scripts cron.hourly, cron.daily, cron.montly...
```bash
run-parts --test /etc/cron.hourly/
```
#### Ajouter un script à cron.hourly
```bash
root@PiHole1:/etc/cron.hourly# l
total 16
-rw-r--r-- 1 root root 102 Mar 2 2023 .placeholder
-rwxr-xr-x 1 root root 1311 Aug 27 19:49 dietpi
-rwxr-xr-x 1 root root 191 Feb 22 2012 fake-hwclock
-rwxr-xr-x 1 root root 60 Sep 5 09:47 pihole
```
```bash
nano /etc/cron.hourly/pihole
#!/bin/bash
#Look for pihole update
/root/update_pihole.sh
```
```bash
*/2 * * * * # toutes les 2 minutes
* */2 * * * # toutes les 2 heures
0 1 * * 1,3,5 # At 01:00 on Monday, Wednesday, and Friday
```

8
docs/Synology/Docker/docker-compose/snapdrop.md
View File

@@ -36,12 +36,6 @@ services:
PUID: 1026
PGID: 100
restart: on-failure:5
networks:
default:
driver: bridge
ipam:
config:
- subnet: 172.16.67.0/24
j
```

2
docs/Synology/Docker/index.md
View File

@@ -94,6 +94,8 @@ $ sudo docker login --username=foo
$ cat ~/my_password.txt | docker login --username foo --password-stdin
```
https://www.howtogeek.com/devops/how-to-login-to-docker-hub-and-private-registries-with-the-docker-cli/
### Backups

215
docs/Synology/certificats.md Normal file
View File

@@ -0,0 +1,215 @@
# Certificats
Tous les certificats se trouvent dans le dossier `/usr/syno/etc/certificate/_archive`, chacun dans son dossier (ici, cjN5Vb, Ks8Ngt, mqkgNA)
```bash
root@DS923:/usr/syno/etc/certificate/_archive# ls -la
total 72
drwx------ 5 root root 4096 Dec 25 15:50 .
drwxr-xr-x 9 root root 4096 Jan 14 2024 ..
drwx------ 2 root root 4096 Jan 13 2024 cjN5Vb
-rw------- 1 root root 7 Dec 8 01:49 DEFAULT
-rw------- 1 root root 23093 Dec 25 15:50 INFO
drwx------ 2 root root 4096 Nov 14 08:57 Ks8Ngt
drwx------ 2 root root 4096 Dec 8 01:49 mqkgNA
-rwx------ 1 root root 18832 Dec 25 15:48 SERVICES
-rw-r--r-- 1 root root 41 Jan 10 2024 .syno-ca-cert.srl
```
#### DEFAULT indique le certificat par défaut:
```bash
nano DEFAULT
mqkgNA
```
```bash
root@DS923:/usr/syno/etc/certificate/_archive/mqkgNA# ls -la
total 24
drwx------ 2 root root 4096 Dec 8 01:49 .
drwx------ 5 root root 4096 Dec 25 15:50 ..
-r-------- 1 root root 2139 Dec 8 01:49 cert.pem
-r-------- 1 root root 1801 Dec 8 01:49 chain.pem
-r-------- 1 root root 3940 Dec 8 01:49 fullchain.pem
-r-------- 1 root root 3272 Dec 8 01:49 privkey.pem
```
#### INFO liste tous les certificats et leurs utilisations:
**Ks8Ngt** utilisé par Synology DSM
```json
"Ks8Ngt" : {
"desc" : "",
"services" : [
{
"display_name" : "KMIP",
"display_name_i18n" : "remote_key:kmip_tab_title",
"isPkg" : false,
"owner" : "root",
"service" : "kmip",
"subscriber" : "kmip"
},
{
"display_name" : "Hyper Backup Vault",
"display_name_i18n" : "HyperBackupVault:app:package_name",
"isPkg" : true,
"owner" : "root",
"service" : "HyperBackupVault",
"subscriber" : "HyperBackupVault"
},
{
"display_name" : "Replication Service",
"display_name_i18n" : "app:displayname",
"isPkg" : true,
"owner" : "root",
"service" : "snapshot_receiver",
"subscriber" : "ReplicationService"
}
]
},
```
**cjN5Vb** utilisé par Active Backup for Business
```json
"cjN5Vb" : {
"desc" : "Certificate created by Active Backup for Business",
"services" : [
{
"display_name" : "Active Backup",
"display_name_i18n" : "SYNO.ActiveBackup.AppInstance:app:package_name",
"isPkg" : true,
"owner" : "ActiveBackup",
"service" : "ActiveBackup",
"subscriber" : "ActiveBackup"
}
],
"user_deletable" : true
},
```
**mqkgNA** est le certificat Let's Encrypt
```json
"mqkgNA" : {
"desc" : "Let's Encrypt",
"services" : [
{
"display_name" : "Synology Drive Server",
"display_name_i18n" : "SYNO.SDS.Drive.Application:app:pkg_name",
"isPkg" : true,
"owner" : "SynologyDrive",
"service" : "SynologyDrive",
"subscriber" : "SynologyDrive"
},
{
"display_name" : "ds923.photos-nas.ovh",
"isPkg" : false,
"multiple_cert" : true,
"owner" : "root",
"service" : "FQDN",
"subscriber" : "system",
"user_setable" : true
},
{
"display_name" : "photos-nas.ovh:443",
"isPkg" : true,
"multiple_cert" : true,
"owner" : "root",
"service" : "cbd90216-eab3-48ad-b957-fd11af0d558d",
"subscriber" : "WebStation"
},
{
"display_name" : "gitea.photos-nas.ovh",
"isPkg" : false,
"multiple_cert" : true,
"owner" : "root",
"service" : "12c8d3ad-54aa-4782-b929-a8be2fe56a67",
"subscriber" : "ReverseProxy",
"user_setable" : true
},
{
"display_name" : "dockge.photos-nas.ovh",
"isPkg" : false,
"multiple_cert" : true,
"owner" : "root",
"service" : "13a1de2b-3659-44a6-9169-413b6f669684",
"subscriber" : "ReverseProxy",
"user_setable" : true
},
],
"user_deletable" : true
}
}
```
#### SERVICES liste les services de DSM et les Reverses Proxy:
```bash
[
{
"display_name" : "KMIP",
"display_name_i18n" : "remote_key:kmip_tab_title",
"isPkg" : false,
"owner" : "root",
"service" : "kmip",
"subscriber" : "kmip"
},
{
"display_name" : "FTPS",
"isPkg" : false,
"owner" : "root",
"service" : "ftpd",
"subscriber" : "smbftpd"
},
{
"display_name" : "DSM Desktop Service",
"display_name_i18n" : "common:web_desktop",
"isPkg" : false,
"multiple_cert" : true,
"owner" : "root",
"service" : "default",
"subscriber" : "system",
"user_setable" : true
},
{
"display_name" : "home-assistant.photos-nas.ovh",
"isPkg" : false,
"multiple_cert" : true,
"owner" : "root",
"service" : "0aa5255b-fdb5-436b-9a7c-6cc5ad609c6e",
"subscriber" : "ReverseProxy",
"user_setable" : true
},
{
"display_name" : "gitea.photos-nas.ovh",
"isPkg" : false,
"multiple_cert" : true,
"owner" : "root",
"service" : "12c8d3ad-54aa-4782-b929-a8be2fe56a67",
"subscriber" : "ReverseProxy",
"user_setable" : true
},
{
"display_name" : "nmap.photos-nas.ovh",
"isPkg" : false,
"multiple_cert" : true,
"owner" : "root",
"service" : "f1a8b6b3-ec6e-45d7-a113-eb1088efa9b7",
"subscriber" : "ReverseProxy",
"user_setable" : true
}
]
```

19
docs/Synology/dsm7/go.md Normal file
View File

@@ -0,0 +1,19 @@
# go
### Installation:
1. Supprimer l'ancienne installation: `rm -rf $HOME/go`
2. [Télécharger go](https://go.dev/dl/): `wget https://go.dev/dl/go1.23.5.linux-amd64.tar.gz`
3. Décompresser l'archive dans $HOME: `tar -xzvf go1.23.5.linux-amd64.tar.gz`
4. Ajouter \$HOME/go/bin dans le $PATH: `export PATH=$PATH:$HOME/go/bin`
5. Vérifier l'installation: `go version`
### Package:
[OWASP Amass](https://github.com/owasp-amass/amass/blob/master/doc/tutorial.md)
[assetfinder](https://github.com/tomnomnom/assetfinder)

50
docs/Synology/dsm7/node.md
View File

@@ -19,7 +19,10 @@ lrwxrwxrwx 1 root root 38 Oct 26 2022 npx -> ../lib/node_modules/npm/bin/
### Installer nvm
```bash
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.0/install.sh | bash
$ nvm -v
0.40.0
```
Installer node=lts/fermium (ou mettre-à-jour)
@@ -28,6 +31,11 @@ Installer node=lts/fermium (ou mettre-à-jour)
nvm install --lts=hydrogen
```
```bash
$ which node
/var/services/homes/bruno/.nvm/versions/node/v20.11.0/bin/node
```
Mettre-à-jour npm:
```bash
@@ -42,6 +50,46 @@ nvm reinstall-packages 14.17.0
### npm
```bash
$ which npm
/var/services/homes/bruno/.nvm/versions/node/v20.11.0/bin/npm
```
```bash
$ npm doctor
Check Value Recommendation/Notes
npm ping ok
npm -v not ok Use npm v10.8.2
node -v not ok Use node v20.16.0 (current: v20.11.0)
npm config get registry ok using default registry (https://registry.npmjs.org/)
git executable in PATH ok /usr/local/bin/git
global bin folder in PATH not ok Error: Add /volume1/homes/bruno/.nvm/versions/node/v20.11.0/bin to your $PATH
Perms check on cached files ok
Perms check on local node_modules ok
Perms check on global node_modules ok
Perms check on local bin folder ok
Perms check on global bin folder ok
npm WARN verifyCachedFiles Content garbage-collected: 9 (5411539 bytes)
npm WARN verifyCachedFiles Cache issues have been fixed
Verify cache contents ok verified 380 tarballs
npm notice
npm notice New minor version of npm available! 10.4.0 -> 10.8.2
npm notice Changelog: https://github.com/npm/cli/releases/tag/v10.8.2
npm notice Run npm install -g npm@10.8.2 to update!
npm notice
npm ERR! Some problems found. See above for recommendations.
npm ERR! A complete log of this run can be found in: /var/services/homes/bruno/.npm/_logs/2024-08-21T07_58_05_115Z-debug-0.log
```
### Installer thumbsup
```bash

98
docs/Synology/dsm7/python.md
View File

@@ -7,15 +7,22 @@
#### Python 3 est installé par défaut:
```bash title="Python3"
$ python -V
Python 3.8.8
$ which python
/bin/python
$ python -V
Python 3.8.15
$ which python3
/bin/python3
$ /bin/python3 -V
Python 3.8.15
# Les modules sont installés là:
# /usr/lib/python3.8/site-packages
# /volume1/homes/bruno/.local/lib/python3.8/site-packages
$ find / -iname "site-packages" -type d -print 2>/dev/null
```
@@ -56,15 +63,11 @@ Successfully installed pip-21.1.3
# Utiliser sudo pour une install globale
```
```bash title="Chemins en installation locale"
which pip3
/var/services/homes/bruno/.local/bin/pip3
$ which pip3
bruno@DS916:~/.local/bin $ pip --version
bruno@DS916:~/.local/bin $ pip3 --version
pip 21.1.3 from /var/services/homes/bruno/.local/lib/python3.8/site-packages/pip (python 3.8)
$ pip3 --version
pip 23.2.1 from /var/packages/python311/target/lib/python3.11/site-packages/pip (python 3.11)
```
@@ -96,3 +99,76 @@ bruno@DS916:~/venv $ source mkdocs/bin/activate
mkdocs, version 1.2.1 from /volume1/homes/bruno/venv/mkdocs/lib/python3.8/site-packages/mkdocs (Python 3.8)
```
#### Paquets Python 3.9 et Python 3.11 SynoCommunity
```bash
$ which python3.9
/usr/local/bin/python3.9
$ which python3.11
/usr/local/bin/python3.11
$ python3 -V
Python 3.11.5
# /volume1/@appstore/Python3.9/usr/lib/python3.9/site-packages
# <vide>
# /volume1/@appstore/python311/lib/python3.11/site-packages
# pip 23.2.1
# /volume1/homes/bruno/.local/lib/python3.11/site-packages
# pipx 1.6.0
```
#### pipx
```bash
$ which pipx
/var/services/homes/bruno/.local/bin/pipx
# Virtual Environment location is /volume1/homes/bruno/.local/share/pipx/venvs.
# Symlinks to apps are placed in /volume1/homes/bruno/.local/bin.
# Symlinks to manual pages are placed in /volume1/homes/bruno/.local/share/man.
$ pipx -v
pipx >(setup:1083): pipx version is 1.6.0
```
Upgrade pipx:
```
python3 -m pip install --user -U pipx
```
Commandes:
```
install Install a package
upgrade Upgrade a package
upgrade-all Upgrade all packages. Runs `pip install -U <pkgname>` for each package.
uninstall Uninstall a package
uninstall-all Uninstall all packages
reinstall Reinstall a package
reinstall-all Reinstall all packages
list List installed packages
```
```bash
$ pipx list
venvs are in /volume1/homes/bruno/.local/share/pipx/venvs
apps are exposed on your $PATH at /volume1/homes/bruno/.local/bin
manual pages are exposed at /volume1/homes/bruno/.local/share/man
package showcert 0.2.3, installed using Python 3.11.5
- gencert
- showcert
```

20
docs/Synology/root.md Normal file
View File

@@ -0,0 +1,20 @@
# root
Pour passer en root:
```bash
sudo -i
```
Depuis root, les dossiers utilisateurs se trouvent à:
```bash
root@DS923:/volume1/homes/bruno#
```

23
docs/javascripts/dom.md Normal file
View File

@@ -0,0 +1,23 @@
DOM
```javascript
console.log(document.querySelector('#map'))
<div id="map" class="leaflet-container leaflet-touch leaflet-retina leaflet-safari leaflet-fade-anim leaflet-grab leaflet-touch-drag leaflet-touch-zoom" tabindex="0" style="position: relative;"></div>
```
```
console.log(document.querySelectorAll('ul'))
```
```javascript
javascript:alert(document.getElementById('map').innerHTML)
```

20
docs/macos/GPG.md
View File

@@ -183,3 +183,23 @@ batch
yes
```
### gpg: WARNING: unsafe permissions on homedir '/var/services/homes/bruno/.gnupg'
```bash
$ chown -R $(whoami) ~/.gnupg/
$ find ~/.gnupg -type f -exec chmod 600 {} \;
$ find ~/.gnupg -type d -exec chmod 700 {} \;
```
#### gpg: WARNING: server 'gpg-agent' is older than us (2.2.41 < 2.4.5)
gpg: problem with fast path key listing: Erreur de paramètre IPC - ignored
```bash
$ gpgconf --kill all
```

79
docs/macos/homebrew/brew.md
View File

@@ -69,6 +69,85 @@ bundle services
##### **brew bundle**
Usage: brew bundle [subcommand]
Bundler pour les dépendances non-Ruby provenant de Homebrew, Homebrew Cask, Mac App Store, Whalebrew et Visual Studio Code.
**brew bundle [install]:**
Install and upgrade (by default) all dependencies from the Brewfile.
You can specify the Brewfile location using --file or by setting the $HOMEBREW_BUNDLE_FILE environment variable.
You can skip the installation of dependencies by adding space-separated values to one or more of the following environment variables:
$HOMEBREW_BUNDLE_BREW_SKIP, $HOMEBREW_BUNDLE_CASK_SKIP, $HOMEBREW_BUNDLE_MAS_SKIP, $HOMEBREW_BUNDLE_WHALEBREW_SKIP,
$HOMEBREW_BUNDLE_TAP_SKIP.
**brew bundle upgrade:**
Shorthand for brew bundle install --upgrade.
**brew bundle dump:**
Write all installed casks/formulae/images/taps into a Brewfile in the current directory or to a custom file specified with the --file option.
**brew bundle cleanup:**
Uninstall all dependencies not present in the Brewfile.
This workflow is useful for maintainers or testers who regularly install lots of formulae.
Unless --force is passed, this returns a 1 exit code if anything would be removed.
**brew bundle check:**
Check if all dependencies present in the Brewfile are installed.
This provides a successful exit code if everything is up-to-date, making it useful for scripting.
**brew bundle list:**
List all dependencies present in the Brewfile.
By default, only Homebrew formula dependencies are listed.
**brew bundle edit:**
Edit the Brewfile in your editor.
**brew bundle exec command:**
Run an external command in an isolated build environment based on the Brewfile dependencies.
This sanitized build environment ignores unrequested dependencies, which makes sure that things you didn't specify in your Brewfile won't get picked up by commands like bundle install, npm install, etc. It will also add compiler flags which will help with finding keg-only dependencies like openssl, icu4c, etc.
**brew bundle sh:**
Run your shell in a brew bundle exec environment.
**brew bundle env:**
Print the environment variables that would be set in a brew bundle exec
environment.
##### **brew fetch**
Usage: brew fetch [options] formula|cask [...]
Télécharger une bottle (si disponible) ou les paquets sources pour les formules et les binaires pour les casks. Pour les fichiers, imprimer également les sommes de contrôle SHA-256.
##### **brew gist-logs**
Usage: brew gist-logs [options] formula
Transfère les logs d'un échec de construction de la formule vers un nouveau Gist. Présente un message d'erreur si aucun journal n'est trouvé.
##### **brew home**
Usage: brew home, homepage [--formula] [--cask] [formula|cask ...]
Ouvrir la page d'accueil d'une formule ou d'un cask dans un navigateur, ou ouvrir la page d'accueil de Homebrew si aucun argument n'est fourni.
##### **brew info**
Usage: brew info, abv [options] [formula|cask ...]
Affiche de brèves statistiques sur votre installation Homebrew. Si une formule ou un cask est fournie, afficher un résumé des informations la concernant.
### Formules:
#### Mettre à jour une formule:

16
docs/macos/homebrew/commandes.md Normal file
View File

@@ -0,0 +1,16 @@
# commandes
#### immich
```bash
$ immich login https://immich.photos-nas.ovh aYGUwGZXDJins0zLCjio7zEleblSFw5R27DqqLQM
```
```bash
$ immich upload /Users/bruno/Pictures/_Canon/Export/2024/Aout/2024-0807_Chevrette_1413.jpg
```

12
docs/macos/node/nvm.md
View File

@@ -49,7 +49,7 @@ $ nvm --version
#### Avec git (méthode officielle):
```bash
$ curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash
$ curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.40.1/install.sh | bash
```
Le script d'installation ajoute les lignes suivantes à votre profil (`~/.bash_profile`, `~/.zshrc`, `~/.profile`, or `~/.bashrc`).
@@ -64,7 +64,7 @@ export NVM_DIR="${XDG_CONFIG_HOME/:-$HOME/.}nvm"
Relancer le script d'installation
```bash
$ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.37.2/install.sh | bash
$ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
```
@@ -85,13 +85,15 @@ $ nvm install 8.9.4
# la dernière version 6
$ nvm install 6
# la dernière version LTS (v16)
$ nvm install --lts=gallium
# la dernière version LTS (v18)
$ nvm install --lts=hydrogen
# la dernière version LTS (v20)
$ nvm install --lts=iron
```
https://nodejs.org/fr/about/previous-releases
Mettre à jour NodeJS et réinstaller les paquets.
```bash

60
docs/macos/perl/homebrew.md
View File

@@ -226,8 +226,64 @@ Il est recommandé d'installer les modules suivants:
- Term::ReadLine::Perl (réclamé par le shell cpan)
- CPAN::DistnameInfo (réclamé par l'installeur de module)
- Log::Log4perl
- Log::Log4perl (pas installé le 3/9/24)
###
#####Mettre à jour tous les modules:
Lancer le shell cpan:
```bash
$ cpan
```
puis
```bash
cpan[1]> upgrade /(.*)/
```
#### Erreur après mise-à-jour de tous les modules:
```bash
$ exiftool -j /Users/bruno/Pictures/_Canon/Export/2024/Juillet/2024-07-13_Cerfs_9771.jpg
ListUtil.c: loadable library and perl binaries are mismatched (got handshake key 0x10200080, needed 0xfb80080)
```
```bash
brew uninstall perl
rm -rf $HOME/perl5
brew install perl
PERL_MM_OPT="INSTALL_BASE=$HOME/perl5" cpan local::lib
cpan -i App::pmuninstall
cpan -i App::cpanoutdated
```
##### perl-migrate-modules
```bash
$ cpan App::MigrateModules
```
```bash
$ perl-migrate-modules --from perl5_old /usr/bin/perl
# Don't be alarmed by passing /usr/bin/perl as the destination of perl-migrate-modules. As long as you have the local::lib environment variables configured, it'll make a new ~/perl5 directory (or whatever you have it set to) and migrate the modules into that folder.
```
```
perl -MCPAN -e 'recompile()'
```
https://stackoverflow.com/questions/11680500/how-to-upgrade-perl-modules-that-install-from-cpan/11680539

8
docs/macos/python/pipx.md
View File

@@ -67,6 +67,14 @@ $ pipx install 'glances[action,browser,cloud,cpuinfo,docker,export,folders,gpu,g
#### Installer un paquet avec une version précise de python:
```bash
$ pipx install mac-cleanup --python /opt/homebrew/opt/python@3.11/libexec/bin/python3
```
#### Exécuter un paquet sans l'installer:
```bash

53
docs/macos/python/python3_pep668.md Normal file
View File

@@ -0,0 +1,53 @@
# Python 3 (PEP 668)
```bash
$ brew install python@3.12
```
```bash
python3.12 -m pip install --upgrade pip
error: externally-managed-environment
× This environment is externally managed
╰─> To install Python packages system-wide, try brew install
xyz, where xyz is the package you are trying to
install.
If you wish to install a Python library that isn't in Homebrew,
use a virtual environment:
python3 -m venv path/to/venv
source path/to/venv/bin/activate
python3 -m pip install xyz
If you wish to install a Python application that isn't in Homebrew,
it may be easiest to use 'pipx install xyz', which will manage a
virtual environment for you. You can install pipx with
brew install pipx
You may restore the old behavior of pip by passing
the '--break-system-packages' flag to pip, or by adding
'break-system-packages = true' to your pip.conf file. The latter
will permanently disable this error.
If you disable this error, we STRONGLY recommend that you additionally
pass the '--user' flag to pip, or set 'user = true' in your pip.conf
file. Failure to do this can result in a broken Homebrew installation.
Read more about this behavior here: <https://peps.python.org/pep-0668/>
note: If you believe this is a mistake, please contact your Python installation or OS distribution provider. You can override this, at the risk of breaking your Python installation or OS, by passing --break-system-packages.
hint: See PEP 668 for the detailed specification.
[notice] A new release of pip is available: 24.0 -> 24.1.1
[notice] To update, run: python3.12 -m pip install --upgrade pip
```

2
docs/macos/python/virtuel.md
View File

@@ -231,7 +231,7 @@ soco-cli deactivate
soco-cli version: 0.4.52
soco version: 0.28.0
python version: 3.10.8
command path: /Users/bruno/Documents/venv/soco-cli/bin/soco
command path:
```

3
docs/macos/ssh/ssh-passwordless.md
View File

@@ -113,7 +113,8 @@ Agent pid 2876
Ajouter la clé à ssh-agent:
```bash
$ ssh-add -K ~/.ssh/id_rsa
$ ssh-add -K ~/.ssh/id_rsa # Déprécié
$ ssh-add --apple-use-keychain ~/.ssh/id_rsa
Enter passphrase for /Users/bruno/.ssh/id_rsa:
Identity added: /Users/bruno/.ssh/id_rsa (/Users/bruno/.ssh/id_rsa)
```

20
docs/macos/terminal/launchd.md
View File

@@ -85,7 +85,7 @@ Créer une .plist:
La copier dans `$HOME/Library/LaunchAgent`
```bash
cp com.update-motd.plist /Users/bruno/Library/LaunchAgents/
cp com.bruno21.update-motd.plist /Users/bruno/Library/LaunchAgents/
```
puis la charger:
@@ -109,6 +109,24 @@ launchctl load -w /Users/bruno/Library/LaunchAgents/com.bruno21.update-motd.plis
```bash
cp update-motd.sh ${HOME}/.local/bin/
```
```bash
# test
~/.local/bin
➜ ./update-motd.sh
./update-motd.sh: line 46: /etc/motd: Permission denied
# si erreur: /Users/bruno/.local/bin/update-motd.sh: line 46: /etc/motd: Permission denied
sudo touch /etc/motd
sudo chmod 666 /etc/motd
```
https://apple.stackexchange.com/questions/392789/launchctl-plist-has-a-stderr-that-talks-about-how-getcwd-operation-not-permitted?newreg=7f5230c960a74d99b1105a9f66d9cfa2
https://rakhesh.com/mac/macos-launchctl-commands/

13
docs/macos/terminal/youhavemail.md
View File

@@ -26,6 +26,19 @@ You have mail in /var/mail/bruno
Taper d 1 (delete) pour supprimer le message
```bash
$ mail
Mail version 8.1 6/6/93. Type ? for help.
"/var/mail/bruno": 3 messages 3 new
>N 1 MAILER-DAEMON@airboo Sat Aug 3 09:37 75/2510 "Undelivered Mail Returned to Sender"
N 2 MAILER-DAEMON@airboo Wed Aug 21 18:25 75/2510 "Undelivered Mail Returned to Sender"
N 3 MAILER-DAEMON@airboo Wed Aug 21 18:25 75/2510 "Undelivered Mail Returned to Sender"
d 1 # (delete) pour supprimer le message
d * # pour supprimer tous les messages
q # pour quitter
```
**Solution 2**
```bash

160
docs/macos/webserver/geoipfast.md Normal file
View File

@@ -0,0 +1,160 @@
# geoipfast
Version:
```bash
$ geoip2fast -v
GeoIP2Fast v1.2.2 Usage: geoip2fast.py [-h] [-v] [-d] [-i] [data_filename_to_be_used] <ip_address_1>,<ip_address_2>,<ip_address_N>,...
```
Self-test:
```bash
$ geoip2fast geoip2fast-city-asn.dat.gz --self-test-city
GeoIP2Fast v1.2.2 is ready! geoip2fast-city-asn.dat.gz loaded with 2.405.140 networks in 0.25481 seconds and using 268.59 MiB.
Starting a self-test...
> x37,106,248,137 <invalid ip address> [0.000017000 sec] Cached > [0.000003042 sec]
> 90.120.130.164/32 <invalid ip address> [0.000002542 sec] Cached > [0.000001209 sec]
> 23.172.161.24 -- <not found in database> [0.000027041 sec] Cached > [0.000001750 sec]
> 192.168.134.8 -- Private Network Class C [0.000044917 sec] Cached > [0.000006208 sec]
> 61.158.159.224 CN China [0.000039167 sec] Cached > [0.000004166 sec] Shangqiu
> 51.251.173.172 GB United Kingdom [0.000022625 sec] Cached > [0.000002917 sec]
> 176.134.67.240 FR France [0.000020708 sec] Cached > [0.000003834 sec] Les Touches
> 118.34.78.111 KR South Korea [0.000019292 sec] Cached > [0.000004084 sec] Seosan City
Self-test with 30 randomic IPv4 addresses.
- Average Lookup Time: 0.000025018 seconds.
- Average Cached Lookups: 0.000004118 seconds.
```
```bash
$ geoip2fast --self-test-city
GeoIP2Fast v1.2.2 is ready! geoip2fast.dat.gz loaded with 494.069 networks in 0.02374 seconds and using 31.25 MiB.
Starting a self-test...
> x14,15,17,31 <invalid ip address> [0.000012000 sec] Cached > [0.000002959 sec]
> 59.92.124.53/32 <invalid ip address> [0.000002208 sec] Cached > [0.000001166 sec]
> 23.172.162.217 -- <not found in database> [0.000019792 sec] Cached > [0.000001583 sec]
> 172.31.55.201 -- Private Network Class B [0.000018125 sec] Cached > [0.000002958 sec]
> 1.250.34.180 KR South Korea [0.000010416 sec] Cached > [0.000001459 sec]
> 62.138.239.182 DE Germany [0.000011333 sec] Cached > [0.000001375 sec]
> 192.46.25.17 US United States [0.000011458 sec] Cached > [0.000001334 sec]
> 83.125.115.33 DE Germany [0.000011792 sec] Cached > [0.000001416 sec]
> 81.58.16.237 NL The Netherlands [0.000015500 sec] Cached > [0.000002208 sec]
> 32.187.65.34 US United States [0.000013208 sec] Cached > [0.000001625 sec]
> 77.152.80.234 FR France [0.000012500 sec] Cached > [0.000001583 sec]
> 93.9.4.164 FR France [0.000009959 sec] Cached > [0.000001375 sec]
> 7.231.125.137 US United States [0.000011500 sec] Cached > [0.000001334 sec]
Self-test with 30 randomic IPv4 addresses.
- Average Lookup Time: 0.000011775 seconds.
- Average Cached Lookups: 0.000001539 seconds.
```
Mise-à-jour des bases:
```bash
$ geoip2fast --update-file geoip2fast-city-asn.dat.gz
geoip2fast-city-asn.dat.gz
# Allowed values:
# geoip2fast.dat.gz OR geoip2fast-ipv6.dat.gz OR
# geoip2fast-asn.dat.gz OR geoip2fast-asn-ipv6.dat.gz OR
# geoip2fast-city.dat.gz OR geoip2fast-city-ipv6.dat.gz OR
# geoip2fast-city-asn.dat.gz OR geoip2fast-city-asn-ipv6.dat.gz
```
Le fichier data par défaut:
```bash
$ geoip2fast -i
{
"database_content": "Country with IPv4 only",
"database_fullpath": "/Users/bruno/.local/pipx/venvs/geoip2fast/lib/python3.12/site-packages/geoip2fast/geoip2fast.dat.gz",
"file_size": 1192502,
"uncompressed_file_size": 4970211,
"source_info": "MAXMIND:GeoLite2-Country-IPv4-en-20240618",
"dat_version": 120,
"country": {
"main_index_size": 99,
"first_ip_list_size": 494069,
"country_code_id_list_size": 494069,
"netlength_list_size": 494069,
"country_names": 267,
"ipv4_networks": 494069,
"ipv6_networks": 0,
"number_of_chunks": 99,
"chunk_size": 5000
}
}
```
On choisit le fichier data:
```bash
# Fibre
$ geoip2fast 86.235.4.116 geoip2fast-city-asn.dat.gz
{
"ip": "86.235.4.116",
"country_code": "FR",
"country_name": "France",
"city": {
"name": "Chenôve",
"subdivision_code": "BFC",
"subdivision_name": "Bourgogne-Franche-Comté",
"latitude": null,
"longitude": null
},
"cidr": "86.235.0.0/20",
"hostname": "",
"asn_name": "Orange",
"asn_cidr": "86.234.0.0/15",
"is_private": false,
"elapsed_time": "0.000076166 sec"
}
```
```bash
# 4G
$ geoip2fast 92.184.105.244 geoip2fast-city-asn.dat.gz
{
"ip": "92.184.105.244",
"country_code": "FR",
"country_name": "France",
"city": {
"name": "Paris",
"subdivision_code": "IDF",
"subdivision_name": "Île-de-France",
"latitude": null,
"longitude": null
},
"cidr": "92.184.96.0/20",
"hostname": "",
"asn_name": "Orange",
"asn_cidr": "92.184.96.0/19",
"is_private": false,
"elapsed_time": "0.000069667 sec"
}
```
https://www.maxmind.com/en/accounts/356803/geoip/downloads

1
docs/macos/webserver/mod-php.md
View File

@@ -195,6 +195,7 @@ $ pecl install apcu
# fatal error: 'pcre2.h' file not found
$ ln -s /opt/homebrew/Cellar/pcre2/10.42/include/pcre2.h /opt/homebrew/Cellar/php/
$ ln -s /opt/homebrew/opt/pcre2/include/pcre2.h /opt/homebrew/opt/php@8.4/include/php/ext/pcre/
ln -s /opt/homebrew/Cellar/pcre2/10.42/include/pcre2.h /opt/homebrew/Cellar/php/8.3.1/include/php/ext/pcre/pcre2.h

15
docs/macos/webserver/php-fpm.md
View File

@@ -178,6 +178,21 @@ Si PHP n'est pas interprété, redémarrer le mac.
### PHP interactif:
Executer PHP dans le terminal.
```bash
$ php -a
Interactive shell
php > $var = 'ABCDEFGH:/MNRPQR/';
php > echo "Original: $var<hr />\n";
Original: ABCDEFGH:/MNRPQR/<hr />
```
### Changer de version:
*PHP switcher script*:

117
docs/macos/webserver/security-txt.md Normal file
View File

@@ -0,0 +1,117 @@
# security.txt
Créer le fichier security.txt sur https://securitytxt.org
```bash
Contact: mailto:bruno@clicclac.info
Expires: 2026-09-05T18:00:00.000Z
Encryption: openpgp4fpr:2D5E 6C77 2EC1 15C8 21BD  6D8A 4B92 F1D5 84F5 513F
Preferred-Languages: en,fr
Canonical: https://photos-nas.ovh/.well-known/security.txt
```
Créer une signature numérique:
```bash
gpg --output security.txt.sig --armor --detach-sig security.txt
gpg: using "2D5E6C772EC115C821BD6D8A4B92F1D584F5513F" as default secret key for signing
```
Vérifier la signature:
```bash
gpg --verify security.txt.sig security.txt
gpg: Signature faite le Jeu 5 sep 15:35:53 2024 CEST
gpg: avec la clef RSA 2D5E6C772EC115C821BD6D8A4B92F1D584F5513F
gpg: Bonne signature de « Bruno Pesenti <bruno@clicclac.info> » [ultime]
```
Ajouter la signature au fichier security.txt
```bash
cat security.txt.sig >> security.txt
```
```bash
gpg --clearsign -o security-signed.txt security.txt
gpg: using "2D5E6C772EC115C821BD6D8A4B92F1D584F5513F" as default secret key for signing
```
```bash
gpg --verify -v security-signed.txt
gpg: enabled compatibility flags:
gpg: en-tête d'armure : Hash: SHA256
gpg: nom de fichier original : «  »
gpg: Signature faite le Jeu 5 sep 16:02:58 2024 CEST
gpg: avec la clef RSA 2D5E6C772EC115C821BD6D8A4B92F1D584F5513F
gpg: utilisation du modèle de confiance pgp
gpg: Bonne signature de « Bruno Pesenti <bruno@clicclac.info> » [ultime]
gpg: signature mode texte, algorithme de hachage SHA256, algorithme de clef rsa4096
```
```bash
mv security-signed.txt security.txt
```
```bash
cat security.txt
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Contact: https://photos-nas.ovh/contact/
Expires: 2026-09-05T18:00:00.000Z
Encryption: openpgp4fpr:2D5E 6C77 2EC1 15C8 21BD  6D8A 4B92 F1D5 84F5 513F
Preferred-Languages: en,fr
Canonical: https://photos-nas.ovh/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEELV5sdy7BFcghvW2KS5Lx1YT1UT8FAmbZuhIACgkQS5Lx1YT1
UT9hsg/6AjjR0ASQ1UA0rHwVeKw7WOlLJv1lkdypKi5Sou1sYZcM3sFNwq1T/KX8
lkgy3Y0uAH2QJ/nbsyhyNi5tHI2oA1zhF7U/l9ovRD3esQGoZ0iRIFRKzoKwNsBb
yxOzS1BJEvH3ntE2QwcTCBPx5D8RNBcIa3xK8DnrZCfkIU3tm49yRNyFo+MUWDZw
f0ASIWFwvPrB3oKdB9orzwQHq2UtwIK8yPkeZV2Tbe3OuN0utVSaqeSXDyNewCDI
ziorAnjl5TL41Lo3UtO69ByYB2yCHaIgGr/9EK19fZG7jx/AcD8wCQ5FKdj8woQB
KwCEu4PqoHpi8yncHAUZPsrH9XHTm5GegeGHU6/uguzDw4jc5Nxg/ARpDvD/337m
iWKoA7UXoffmGNizyGiP//zkzkp4wTStD9G8i9TA3BSSKIFtHQqYFqYQlJQEopRd
ju8KIHPORXxyR1GX58V0UUJ2Gtzk4AHRS5/XqAqSHyQyI9YK0O79iufx6nGW+zkR
c1MmVp4YkhQcHB5NbWH0XC/6lOn5jfx7hNfQDbPBemPOpBZ2n9V13ckxhgynlurh
hBNQQT526cZmxhLTXWrSRcuFiWjtpi8CgJaWMw7ebhncLb1dHlebq8cispqJn2vK
+v6pgoN0aJvtKZC8ugHi62SniVaX22B55QQDbfhGFvlhWnzJSl4=
=8KJk
-----END PGP SIGNATURE-----
```
### Content Security Policy (CSP)
https://content-security-policy.com/examples/
https://www.magentix.fr/blog/strategie-de-securite-du-contenu-content-security-policy.html
Ajouter l'entête:
```html
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; img-src https://*; child-src 'none';">
```
```php
<?php
header("Content-Security-Policy: default-src 'self'");
?>
```
### HSTS
https://hstspreload.org/

84
docs/pi-hole/pi-hole.md Normal file
View File

@@ -0,0 +1,84 @@
# Raspberry pi-hole
#### Envoyer un fichier sur le pi depuis le mac:
```bash
cat update_pihole.sh | ssh -p51322 root@192.168.2.116 'cat > /root/update_pihole.sh'
cat update_pihole.sh | ssh -p51522 root@192.168.2.216 'cat > /root/update_pihole.sh'
```
#### Récupérer un fichier depuis le pi sur le mac:
```bash
ssh -p51322 root@192.168.2.116 "cat /etc/pihole/lan.list" > lan.list.1
ssh -p51522 root@192.168.2.216 "cat /etc/pihole/lan.list" > lan.list.2
```
#### msmtp
Fichier de config:
```bash
# pihole2
$ nano /etc/msmtprc
#Set default values for all accounts.
defaults
auth login
tls on
tls_starttls off
tls_certcheck on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile /var/log/msmtp.log
#OVH settings
account ovh
host ssl0.ovh.net
#auth login
#tls on
#tls_starttls off
#tls_certcheck on
#tls_trust_file /etc/ssl/certs/ca-certificates.crt
from liste@clicclac.info
port 465
user liste@clicclac.info
password 8xnc8Jw47VYjr_yjGzqF
#Orange settings
account orange
host smtp.orange.fr
protocol smtp
#auth login
#tls on
#tls_starttls off
#tls_certcheck on
#tls_trust_file /etc/ssl/certs/ca-certificates.crt
from bruno.pesenti@orange.fr
maildomain orange.fr
port 465
user bruno.pesenti
#password G!yrgTy8XX9NhXzz
passwordeval gpg --no-tty -q -d /root/.msmtp-password.gpg
#Set a default account
account default : ovh
```
```bash
root@PiHole2:~#
.msmtp-password.gpg
.env
```