From c98e6f4ff27d09932a77368b963c365e1fd03c36 Mon Sep 17 00:00:00 2001 From: Sheppy Date: Thu, 11 May 2017 11:11:08 +0200 Subject: [PATCH 01/10] Change x to exec start x so it cannot be killed and exploited during lockscreen --- zshrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zshrc b/zshrc index 4540493..7183d47 100644 --- a/zshrc +++ b/zshrc @@ -93,7 +93,7 @@ if [[ $HOST =~ atlantis* ]]; then alias telegram='ssh uni -t "/proj/ciptmp/ik15ydit/Zeug/Telegram/tg/bin/telegram-cli -k tg-server.pub"' alias telegram-plain='ssh uni -t "/proj/ciptmp/ik15ydit/Zeug/Telegram/tg/bin/telegram-cli --disable-colors --disable-readline -k tg-server.pub"' - alias x='startx' + alias x='exec startx' else alias telegram='/proj/ciptmp/ik15ydit/Zeug/Telegram/tg/bin/telegram-cli -k tg-server.pub' fi From e94b1f96a4b1c4e47e9896cca86c60bab6bf13d3 Mon Sep 17 00:00:00 2001 From: Sheppy Date: Thu, 11 May 2017 14:10:13 +0200 Subject: [PATCH 02/10] Fixed SSH-Agent startup and keyaddding --- herbstluftwm/autostart | 7 ++++++- zshrc | 12 ++++++------ 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/herbstluftwm/autostart b/herbstluftwm/autostart index 57779a1..8b4dbb4 100755 --- a/herbstluftwm/autostart +++ b/herbstluftwm/autostart @@ -14,12 +14,17 @@ xsetroot -solid '#5A8E3A' hc keyunbind --all pkill dunst pkill xautolock -pkill -s 15 hl_pracct #send SIGTERM for correct termination during write +pkill -s 15 hl_pracct #send SIGTERM for correct termination during write +pkill ssh-agent #correctly terminate the current agent #variables Mod=Mod4 # Use the super key as the main modifier ######### MACHINE SPECIFIC SETUP ######### +### All Machines #### +if [ -f $HOME/.config/agent_socket ]; then + eval `ssh-agent -a /tmp/ssh-$(cat $HOME/.config/agent_socket)` +fi ### Atlantis PC-specific setup ### if [[ "$HOST" == "atlantispc" ]]; then hc detect_monitors diff --git a/zshrc b/zshrc index 7183d47..ccf9967 100644 --- a/zshrc +++ b/zshrc @@ -48,6 +48,11 @@ bindkey '^R' history-incremental-pattern-search-backward zmodload zsh/complist #bessere listen autoload -Uz compinit; compinit #completioni +### SSH-AGENT ### +if [ -f $HOME/.config/agent_socket ]; then + export SSH_AUTH_SOCK=/tmp/ssh-$(cat $HOME/.config/agent_socket) +fi + ### UMASK ### umask 077 @@ -195,12 +200,7 @@ alias l="ls -lh --color=auto" ## SSH-KEYS ## gitssh=~/.ssh/gitrsa -function key(){ - if [[ -z $SSH_AUTH_SOCK ]]; then - eval `ssh-agent` - fi - ssh-add $gitssh -} +ssh-add $gitssh ## ROOT ## alias udev_reload="udevadm control --reload-rules && udevadm trigger" #reload all udevrules on the fly From f86408ae5bdad31ae349259f30e5644f84bfdc6c Mon Sep 17 00:00:00 2001 From: Sheppy Date: Thu, 11 May 2017 14:11:59 +0200 Subject: [PATCH 03/10] fixed ssh-add alias --- zshrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zshrc b/zshrc index ccf9967..fbd8951 100644 --- a/zshrc +++ b/zshrc @@ -200,7 +200,7 @@ alias l="ls -lh --color=auto" ## SSH-KEYS ## gitssh=~/.ssh/gitrsa -ssh-add $gitssh +alias gitkey="ssh-add $gitssh" ## ROOT ## alias udev_reload="udevadm control --reload-rules && udevadm trigger" #reload all udevrules on the fly From 2a65b85f7c0cd6c8102fcede0cd9b166ea708cfd Mon Sep 17 00:00:00 2001 From: Sheppy Date: Sun, 14 May 2017 23:36:11 +0200 Subject: [PATCH 04/10] added radicale caldav server --- radicale/config | 192 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 192 insertions(+) create mode 100644 radicale/config diff --git a/radicale/config b/radicale/config new file mode 100644 index 0000000..4d9c1d9 --- /dev/null +++ b/radicale/config @@ -0,0 +1,192 @@ +# -*- mode: conf -*- +# vim:ft=cfg + +# Config file for Radicale - A simple calendar server +# +# Place it into /etc/radicale/config (global) +# or ~/.config/radicale/config (user) +# +# The current values are the default ones + + +[server] + +# CalDAV server hostnames separated by a comma +# IPv4 syntax: address:port +# IPv6 syntax: [address]:port +# For example: 0.0.0.0:9999, [::]:9999 +# IPv6 adresses are configured to only allow IPv6 connections +hosts = 192.168.178.42:5232 +#osts = 10.21.26.59:5232 + +# Daemon flag +#daemon = False + +# File storing the PID in daemon mode +#pid = + +# SSL flag, enable HTTPS protocol +ssl = True + +# SSL certificate path +certificate = /home/ik15ydit/radicale/ssl/server.crt + +# SSL private key +key = /home/ik15ydit/radicale/ssl/server.key + +# SSL Protocol used. See python's ssl module for available values +#protocol = PROTOCOL_SSLv23 + +# Ciphers available. See python's ssl module for available ciphers +#ciphers = + +# Reverse DNS to resolve client address in logs +#dns_lookup = True + +# Root URL of Radicale (starting and ending with a slash) +base_prefix = / + +# Possibility to allow URLs cleaned by a HTTP server, without the base_prefix +#can_skip_base_prefix = False + +# Message displayed in the client when a password is needed +#realm = Radicale - Password Required + + +[encoding] + +# Encoding for responding requests +request = utf-8 + +# Encoding for storing local collections +stock = utf-8 + + +[well-known] + +# Path where /.well-known/caldav/ is redirected +#caldav = ../../%(user)s/caldav/ + +# Path where /.well-known/carddav/ is redirected +#carddav = ../../%(user)s/carddav/ + + +[auth] + +# Authentication method +# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http | remote_user | custom +type = htpasswd + +# Custom authentication handler +#custom_handler = + +# Htpasswd filename +htpasswd_filename = /home/ik15ydit/radicale/users + +# Htpasswd encryption method +# Value: plain | sha1 | ssha | crypt | bcrypt | md5 +htpasswd_encryption = sha1 + +# LDAP server URL, with protocol and port +#ldap_url = ldap://localhost:389/ + +# LDAP base path +#ldap_base = ou=users,dc=example,dc=com + +# LDAP login attribute +#ldap_attribute = uid + +# LDAP filter string +# placed as X in a query of the form (&(...)X) +# example: (objectCategory=Person)(objectClass=User)(memberOf=cn=calenderusers,ou=users,dc=example,dc=org) +# leave empty if no additional filter is needed +#ldap_filter = + +# LDAP dn for initial login, used if LDAP server does not allow anonymous searches +# Leave empty if searches are anonymous +#ldap_binddn = + +# LDAP password for initial login, used with ldap_binddn +#ldap_password = + +# LDAP scope of the search +#ldap_scope = OneLevel + +# IMAP Configuration +#imap_hostname = localhost +#imap_port = 143 +#imap_ssl = False + +# PAM group user should be member of +#pam_group_membership = + +# Path to the Courier Authdaemon socket +#courier_socket = + +# HTTP authentication request URL endpoint +#http_url = +# POST parameter to use for username +#http_user_parameter = +# POST parameter to use for password +#http_password_parameter = + + +[git] + +# Git default options +#committer = Radicale + + +[rights] + +# Rights backend +# Value: None | authenticated | owner_only | owner_write | from_file | custom +type = owner_only + +# Custom rights handler +#custom_handler = + +# File for rights management from_file +file = ~/.config/radicale/rights + + +[storage] + +# Storage backend +# ------- +# WARNING: ONLY "filesystem" IS DOCUMENTED AND TESTED, +# OTHER BACKENDS ARE NOT READY FOR PRODUCTION. +# ------- +# Value: filesystem | multifilesystem | database | custom +type = filesystem + +# Custom storage handler +#custom_handler = + +# Folder for storing local collections, created if not present +filesystem_folder = /home/ik15ydit/radicale/collections + +# Database URL for SQLAlchemy +# dialect+driver://user:password@host/dbname[?key=value..] +# For example: sqlite:///var/db/radicale.db, postgresql://user:password@localhost/radicale +# See http://docs.sqlalchemy.org/en/rel_0_8/core/engines.html#sqlalchemy.create_engine +#database_url = + + +[logging] + +# Logging configuration file +# If no config is given, simple information is printed on the standard output +# For more information about the syntax of the configuration file, see: +# http://docs.python.org/library/logging.config.html +#config = /etc/radicale/logging +# Set the default logging level to debug +#debug = False +# Store all environment variables (including those set in the shell) +#full_environment = False + + +[headers] + +# Additional HTTP headers +#Access-Control-Allow-Origin = * From b6ffdb9f2affb83e15037da7024a61ecce112645 Mon Sep 17 00:00:00 2001 From: Sheppy Date: Mon, 15 May 2017 13:07:28 +0200 Subject: [PATCH 05/10] fixing the urxvt clipboard --- xconf/Xresources | 2 ++ 1 file changed, 2 insertions(+) diff --git a/xconf/Xresources b/xconf/Xresources index 0ba1f78..b1b8c94 100755 --- a/xconf/Xresources +++ b/xconf/Xresources @@ -2,3 +2,5 @@ URxvt.*.background: #000000 URxvt.*.foreground: #EEEEEE URxvt.*.scrollBar: off URxvt.print-pipe: true + +URxvt.perl-ext-common: selection-to-clipboard From 530d1078aaef0eeef95404324b915dc84fe18deb Mon Sep 17 00:00:00 2001 From: sheppy-squarez Date: Mon, 15 May 2017 18:12:46 +0200 Subject: [PATCH 06/10] added squarez hostname match --- zshrc | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/zshrc b/zshrc index 7e6b1ae..95eeaff 100644 --- a/zshrc +++ b/zshrc @@ -1,3 +1,9 @@ +#### SET CONDITIONALS #### +NO_LDPRELOAD=false +if [[ $HOST == "squarez" ]]; then + NO_LDPRELOAD=true +fi + #### ZSH-INTERNAL #### ### HISTORY ### STSIZE=2000 @@ -6,13 +12,18 @@ HISTFILE=~/.config/zshhistory.log ### COLOR STDERR ### #legacy, this causes problems in output odering exec 2>>( while IFS='' read X; do print "\e[91m${X}\e[0m" > /dev/tty; done & ) -LD_PRELOAD="$HOME/.config/libcoloredstderr.so" -COLORED_STDERR_FDS=2, -export LD_PRELOAD COLORED_STDERR_FDS +if [[ NO_LDPRELOAD == false ]]; then + LD_PRELOAD="$HOME/.config/libcoloredstderr.so" + COLORED_STDERR_FDS=2, + export LD_PRELOAD COLORED_STDERR_FDS +fi ### PROMT ### MAIN_PROMT_COLOR="green" USER_COLOR="yellow" +if [[ $HOST == "squarez" ]]; then + USER_COLOR="cyan" +fi if [[ $USER == "root" ]]; then USER_COLOR="red" MAIN_PROMT_COLOR="red" From 1bc2d9f9120e1da7044272c22a3e896c33e73dd2 Mon Sep 17 00:00:00 2001 From: sheppy-squarez Date: Mon, 15 May 2017 18:13:08 +0200 Subject: [PATCH 07/10] new radicale config --- radicale/config | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/radicale/config b/radicale/config index 4d9c1d9..e1b55f2 100644 --- a/radicale/config +++ b/radicale/config @@ -16,8 +16,8 @@ # IPv6 syntax: [address]:port # For example: 0.0.0.0:9999, [::]:9999 # IPv6 adresses are configured to only allow IPv6 connections -hosts = 192.168.178.42:5232 -#osts = 10.21.26.59:5232 +#hosts = 0.0.0.0:5232 +hosts = squarez.fauiwg.de:7000 # Daemon flag #daemon = False @@ -26,16 +26,16 @@ hosts = 192.168.178.42:5232 #pid = # SSL flag, enable HTTPS protocol -ssl = True +ssl = False # SSL certificate path -certificate = /home/ik15ydit/radicale/ssl/server.crt +certificate = /home/sheppy/radicale/ssl/fauiwg_radicale.cert # SSL private key -key = /home/ik15ydit/radicale/ssl/server.key +key = /home/sheppy/radicale/ssl/fauiwg_radicale.key # SSL Protocol used. See python's ssl module for available values -#protocol = PROTOCOL_SSLv23 +protocol = TLSv1.2 # Ciphers available. See python's ssl module for available ciphers #ciphers = @@ -44,13 +44,13 @@ key = /home/ik15ydit/radicale/ssl/server.key #dns_lookup = True # Root URL of Radicale (starting and ending with a slash) -base_prefix = / +# base_prefix = / # Possibility to allow URLs cleaned by a HTTP server, without the base_prefix #can_skip_base_prefix = False # Message displayed in the client when a password is needed -#realm = Radicale - Password Required +realm = fauiwg-caldav - Password Required [encoding] @@ -81,11 +81,11 @@ type = htpasswd #custom_handler = # Htpasswd filename -htpasswd_filename = /home/ik15ydit/radicale/users +htpasswd_filename = ~/radicale/htpasswd_users # Htpasswd encryption method # Value: plain | sha1 | ssha | crypt | bcrypt | md5 -htpasswd_encryption = sha1 +htpasswd_encryption = bcrypt # LDAP server URL, with protocol and port #ldap_url = ldap://localhost:389/ @@ -147,7 +147,7 @@ type = owner_only #custom_handler = # File for rights management from_file -file = ~/.config/radicale/rights +file = ~/radicale/user_rights [storage] @@ -164,7 +164,7 @@ type = filesystem #custom_handler = # Folder for storing local collections, created if not present -filesystem_folder = /home/ik15ydit/radicale/collections +filesystem_folder = ~/radicale/collections/ # Database URL for SQLAlchemy # dialect+driver://user:password@host/dbname[?key=value..] @@ -179,9 +179,9 @@ filesystem_folder = /home/ik15ydit/radicale/collections # If no config is given, simple information is printed on the standard output # For more information about the syntax of the configuration file, see: # http://docs.python.org/library/logging.config.html -#config = /etc/radicale/logging +config = ~/radicale/logging # Set the default logging level to debug -#debug = False +debug = True # Store all environment variables (including those set in the shell) #full_environment = False @@ -189,4 +189,4 @@ filesystem_folder = /home/ik15ydit/radicale/collections [headers] # Additional HTTP headers -#Access-Control-Allow-Origin = * +# Access-Control-Allow-Origin = * From e55bc09188e59b3e1bd36d032f7c09ca67ca2242 Mon Sep 17 00:00:00 2001 From: Sheppy Date: Tue, 16 May 2017 23:13:49 +0200 Subject: [PATCH 08/10] added various new ignored config folders --- .gitignore | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index b99bb63..6aa3774 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,9 @@ *_old .nfs* *.log +*.swp +tubus/ Florian_Hackenberger/ Luminance/ QtProject.conf @@ -48,7 +50,24 @@ roxterm.sourceforge.net/ SEGGER/ sonata/ spring -tubus/ +agent_socket +akonadi-firstrunrc +akonadi_akonotes_resource_0rc +akonadi_contacts_resource_0rc +akonadi_davgroupware_resource_1rc +akonadi_ical_resource_0rc +akonadi_maildir_resource_0rc +akonadi_newmailnotifier_agentrc +dunst/ +emaildefaults +emailidentities +eventviewsrc +herbstluftwm/__pycache__/ +korgacrc +korganizerrc +nohup.out +specialmailcollectionsrc +unity3d/tubus/ user-dirs.dirs user-dirs.locale VirtualBox/ From 5752a66875c38e1135cd527fe34ec14894ca3664 Mon Sep 17 00:00:00 2001 From: Sheppy Date: Tue, 16 May 2017 23:20:55 +0200 Subject: [PATCH 09/10] Fix a problem which caused LD_PRELOAD not beeing set on any machine --- zshrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zshrc b/zshrc index 95eeaff..2309695 100644 --- a/zshrc +++ b/zshrc @@ -12,7 +12,7 @@ HISTFILE=~/.config/zshhistory.log ### COLOR STDERR ### #legacy, this causes problems in output odering exec 2>>( while IFS='' read X; do print "\e[91m${X}\e[0m" > /dev/tty; done & ) -if [[ NO_LDPRELOAD == false ]]; then +if [[ $NO_LDPRELOAD == false ]]; then LD_PRELOAD="$HOME/.config/libcoloredstderr.so" COLORED_STDERR_FDS=2, export LD_PRELOAD COLORED_STDERR_FDS From 3b06b407a236518569f108bb92e0f9ff2c78db48 Mon Sep 17 00:00:00 2001 From: Sheppy Date: Wed, 17 May 2017 17:32:53 +0200 Subject: [PATCH 10/10] fixed typo --- zshrc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/zshrc b/zshrc index 2309695..4cec87e 100644 --- a/zshrc +++ b/zshrc @@ -95,6 +95,7 @@ alias gadd="git add" if [[ $HOST =~ atlantis* ]]; then alias i3lock="i3lock --image=/home/ik15ydit/.config/i3lock/bg.png" alias hlock="i3lock --image=/home/ik15ydit/.config/i3lock/bg.png -t" + alias -g sq="sheppy@squarez.fauiwg.de" else alias transparent_xlock="xlock -mode blank -geometry 1x1" fi @@ -169,8 +170,8 @@ if [[ $HOST =~ faui* ]]; then alias mpstubs="cd /proj/ciptmp/ik15ydit/reps/mpstubs/" alias reps="cd /proj/ciptmp/ik15ydit/reps/" alias rudipub='cd /home/cip/2010/he29heri/pub/' - alias sudo="echo THIS IS THE CIP NOT YOUT COMPUTER!!!!! >&2" - alias su="echo THIS IS THE CIP NOT YOUT COMPUTER!!!!! >&2" + alias sudo="echo THIS IS THE CIP NOT YOUR COMPUTER!!!!! >&2" + alias su="echo THIS IS THE CIP NOT YOUR COMPUTER!!!!! >&2" fi ## MOUNTABLE CIP-SHORTCUTS ## if [[ $HOST =~ atlantis* ]]; then