# Scripts

- [Configure SSH connection helper (remote pc not server)](#configure-ssh-connection-helper-remote-pc-not-server)
- [Docker commands](#docker-commands)
- [Remove every user R packages](#remove-every-user-r-packages)
- [Setup Git SSH key](#setup-git-ssh-key)
- [Font ligature test](#font-ligature-test)
- [QEMU cheat sheet](#qemu-cheat-sheet)
- [Share internet between two Linux interfaces using connman](#share-internet-between-two-linux-interfaces-using-connman)
  - [IP Host (eth1 has internet, eth0 is remote)](#ip-host-eth1-has-internet-eth0-is-remote)
  - [IP Remote](#ip-remote)
- [Remove DRM from Adobe Digital Editions](#remove-drm-from-adobe-digital-editions)
  - [Prerequisites](#prerequisites)
  - [Setting up Calibre](#setting-up-calibre)
  - [Getting the DRM-free PDF](#getting-the-drm-free-pdf)
- [Loop devices](#loop-devices)
- [Install img.xz](#install-imgxz)
- [Raise Linux open files limits](#raise-linux-open-files-limits)
- [Verify a PGP Signature](#verify-a-pgp-signature)
  - [Self-signed OpenSSL](#self-signed-openssl)
    - [interactive](#interactive)
    - [non-interactive and 10 years expiration](#non-interactive-and-10-years-expiration)
- [Bind to port 80 or 443](#bind-to-port-80-or-443)

## Configure SSH connection helper (remote pc not server)

In the file ~/.ssh/config

```conf
Host \$HOST_NAME
	HostName \$SERVER_IP
	Port \$SSH_PORT
	User \$USER_NAME
	IdentityFile ~/.ssh/\$SSH_KEY_NAME
```

Now you can just connect using ssh \$HOST_NAME

## Docker commands

```sh
# Remove every images
docker images --format='{{.ID}}' | xargs docker rmi
# Remove every containers
docker ps -a --format='{{.ID}}' | xargs docker stop | xargs docker rm
# Remove every volumes
docker volume ls --format='{{.Name}}' | xargs docker volume rm
# Remove every anonymous images (cached)
docker images --format='{{.Repository}};{{.Tag}};{{.ID}}' | grep '<none>;<none>' | cut -d ';' -f 3 | xargs docker rmi
# Get all used images tag in dir $PATH_ANALYSE
find $PATH_ANALYSE -name 'Dockerfile*' | while read file; do cat $file; echo ''; done | grep -e FROM | cut -d ' ' -f 2 | sed $'s/[^[:print:]\t]//g' | sort -u | xargs -n1 docker pull
# Calculate total docker images size
docker images --format {{.ID}} | xargs -n1 docker inspect | jq '.[0]["Size"]' | paste -sd + | bc | format_bytes_str
```

## Remove every user R packages

```R
my_packages = as.data.frame(installed.packages()[, c(1, 3:4)])
my_packages = my_packages[my_packages$Priority != 'base',]
for(lib in .libPaths()) lapply(my_packages$Package, remove.packages, lib = lib)
```

## Setup Git SSH key

```sh
# Generate a SSH key pair
ssh-keygen -t rsa -b 4096 -o -a 100 -C 'email@example.com' -f ~/.ssh/$KEY_NAME
ssh-keygen -t ed25519 -a 100 -C 'email@example.com' -f ~/.ssh/$KEY_NAME
# Copy the public key to clipboard
cat ~/.ssh/$KEY_NAME.pub | xclip
# Paste the contents into a new SSH key holder in https://github.com/settings/keys
# Test if the key is working
ssh -T git@github.com
# Set the remote stream of a git repo
git remote set-url origin git@github.com:username/your-repository.git
# Add key to SSH config file (~/.ssh/config)
echo -e "\n\nHost github.com\n\tIdentityFile ~/.ssh/$KEY_NAME" >> ~/.ssh/config
cat KEY_FILE | ssh REMOTE 'cat >> ~/.ssh/authorized_keys'
```

## Font ligature test

```c
-> --> => ?. == ===
... >>- >=
!= ~> := .= // /* */
/= ~= WWW 0xFF <>
&& || >-> =>> |>
<!-- -->
```

## QEMU cheat sheet

```sh
# Creating the disk image
qemu-img create -f qcow2 DISK_NAME.img 15G

# Starting the VM
qemu-system-x86_64 $DISK_NAME.img \
	-cdrom $CDROM_NAME.iso \
	-m $RAM_SIZE \
	-smp $NB_CORES \
	-name $VM_NAME &
```

## Share internet between two Linux interfaces using connman

### IP Host (eth1 has internet, eth0 is remote)

```sh
# Enable kernel port forwarding
sysctl -w net.ipv4.ip_forward=1
# Enable at reboot
echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
# See interfaces
ip a
# Configuration of interfaces
connmanctl
services <ethX>
config <eth0> --ipv4 manual 192.168.137.1 255.255.255.0 192.168.137.1
config <eth1> --nameservers <DNS-SERVER>
# Configure packets redirections
iptables -I INPUT -s 192.168.137.2/30 -j ACCEPT
iptables -I FORWARD -o eth0 -s 192.168.137.2/30 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
```

### IP Remote

```sh
connmanctl
config <eth0> --ipv4 manual 192.168.137.2 255.255.255.0 192.168.137.1 --nameservers <DNS-SERVER>
```

## Remove DRM from Adobe Digital Editions

### Prerequisites

On Windows, you must have _Adobe Digital Editions_ and _Calibre_ using Chocolatey

```sh
choco install -y adobedigitaleditions calibre
```

### Setting up Calibre

- Download the DeDRM plugin on [GitHub](https://github.com/noDRM/DeDRM_tools).
- Extract the plugin archive
- Install the plugin in Calibre → Preferences → Plugins → Add from file

### Getting the DRM-free PDF

- Open the PDF using _Adobe Digital Editions_
- Navigate to C:/Users/\<USER\>/My\ Digital\ Editions
- Add the PDF to calibre
- The DRM free PDF is available at C:/Users/\<USER\>/Calibre\ Library

## Loop devices

```sh
# Create loop device to $BLOCK_PATH of 4G
dd if=/dev/zero of=$BLOCK_PATH bs=1M count=4096
# Create loop filesystem
losetup -f $BLOCK_PATH
# Check if the loop was created and get LOOP_ID
losetup -a
mkfs.ext4 /dev/loop$LOOP_ID
mount /dev/loop$LOOP_ID $MOUNT_POINT
# Detach and remove loop file
umount $MOUNT_POINT
losetup -d /dev/loop$LOOP_ID
rm $BLOCK_PATH
```

## Install img.xz

```sh
xzcat $IMG_FILE | dd of=/dev/$DEVICE bs=64k oflag=dsync status=progress
```

## Raise Linux open files limits

In the file /etc/security/limits.conf add this :

```conf
*       soft    nofile    64000
*       hard    nofile    64000
root    soft    nofile    64000
root    hard    nofile    64000
```

## Verify a PGP Signature

```sh
mkdir /home/$USER/.XDG/data/gnupg
chmod 700 /home/$USER/.XDG/data/gnupg
gpg --import $PUBLIC_KEY
chmod 600 /home/$USER/.XDG/data/gnupg/$PUBLIC_KEY
gpg --verify $SIGNATURE.sig $FILE
```

### Self-signed OpenSSL

#### interactive
```sh
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365
```

#### non-interactive and 10 years expiration
```sh
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj '/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname'
```

## Bind to port 80 or 443

[Is there a way for non-root processes to bind to "privileged" ports on Linux?](https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux)

[Allow non-root process to bind to port 80 and 443?](https://superuser.com/questions/710253/allow-non-root-process-to-bind-to-port-80-and-443)