snippets

Some pieces of code I find useful for some reason.

Bash

tmux new-session -As0
tmux setw -g mouse on
eval "$(ssh-agent)", ssh-add -t1800 (30 minutes), ssh-add -l, eval "$(ssh-agent -k)"
git log --graph --oneline
git fsck
git clone --depth=1 ...
git tag v1.2.3 && git push --tags
git diff --no-index dir1/ dir2/
git diff --cached > my.patch, git apply my.patch
git clean -dfnX
git remote set-url origin git@github.com:octocat/hello-world.git
git config --global credential.helper "cache --timeout=$((10*365*24*60*60))"
git lfs track '*.mp3', git lfs ls-files
reporoot=$(git rev-parse --show-toplevel)
latest_commit=$(git rev-parse HEAD)
grep -IRi --exclude-dir=.git pattern
type python3
tar -cvzf archive.tar.gz folder/, tar -xvzf archive.tar.gz
tar -cvzf archive.tar.gz -g snapshot.snar -C folder/ ., tar -xvzf archive.tar.gz -g snapshot.snar -C folder/
curl -fLO https://..., curl -fLo target.zip https://...
curl -I https://example.com/, curl -i https://example.com/
top and then press xcV. Then W to save the config
cd "$(dirname "$0")" or basedir=$(dirname "$0"), useful in a Bash script
sudo blkid -sUUID -ovalue /dev/sdb1
ffmpeg -i input.mp4 -ss 97 -t 10 output.mp4
ffmpeg -i input.jpg -vf 'scale=iw*1/2:ih*1/2' output.jpg
( ow=640; oh=360; ffmpeg -i input.mp4 -vf "scale=$ow:$oh:force_original_aspect_ratio=decrease,pad=$ow:$oh:(ow-iw)/2:(oh-ih)/2" output.mp4 )
for i in *.mp3; do echo "$i"; ffmpeg -i "$i" -af volumedetect -vn -sn -dn -f null /dev/null 2>&1 | grep -E '^\[Parsed_volumedetect.+_volume: .+$'; done
ffmpeg -i input.mp3 -filter:a 'dynaudnorm=p=0.9:s=5' output.mp3
ffmpeg -i input.mp3 -map 0:a -c:a copy -map_metadata -1 output.mp3
watch -n.2 date
scp myfile.txt user@hostname:/home/user/myfile.txt
ipfs daemon &, jobs, fg 1, kill %1
nohup mycommand &, pgrep mycommand, pkill mycommand
find -printf '%p %s %T@\n'
tree -paugh --inodes
find | grep -i pattern
cp -Rvt/media/destdisk /media/sourcedisk/folder
ss -tulpn
df -h
du -sh
zip -r archive.zip folder/
date -ur myfile.txt +%Y-%m-%d-%H%M%S, date +%s, date +%s.%N
less myfile.txt
last, lastb, lastlog
read -rsp 'Password: ' MYPASSWORD && export MYPASSWORD
diff <(ls -l) <(ls -la)
ps -aux --sort -pcpu | head -10
strings /proc/1234/environ | grep -i MY_ENV_VAR
export SSH_AUTH_SOCK=/run/user/$UID/keyring/ssh
python3 -mhttp.server
sleep infinity
dig @ns1.example.com www.example.com
git pull --no-edit && git add . && { git commit "-m$(date +%s)" || :; } && git push
find -type d -name .git | while read -r i; do echo "${i:0:-5}"; done
git describe --tags --exact-match, git describe --tags --dirty
[ -z "$(git status -s)" ]
git reset --soft HEAD^ && git push --force
git log --follow --format=%H myfile.txt | while read -r i; do echo -n "$i,$(git show -s --format=%aI "$i"),"; grep -ci 'mypattern' <(git show "$i:./myfile.txt"); done
ssh-keygen -t ed25519 -C mydevice -f ~/.ssh/id_ed25519, ssh-keygen -t rsa -b 4096 -C mydevice -f ~/.ssh/id_rsa
ssh-keygen -yf ~/.ssh/id_ed25519
ssh-copy-id myuser@192.168.0.123
ssh-keygen -R [myserver.example.com]:2222
ssh-keygen -lf <(cat /etc/ssh/ssh_host_*_key.pub)
ansible-playbook -Kk -i hosts.yml playbook.yml -t tags --list-tasks
withprefix() { while read -r i; do echo "$1$i"; done }
echo Message | mail -s Subject recipient@example.com
iostat -o JSON
S_COLORS=always watch -d -n.5 --color iostat
systemctl -a | grep -Fi myunit (-a = also dead ones), systemctl list-unit-files | grep -Fi myunit (also disabled ones)
systemctl list-timers
: "${myvar:=myvalue}", export MY_ENV_VAR="${MY_ENV_VAR:-myvalue}"
socat - TCP:example.com:80
socat UNIX-LISTEN:/tmp/my.sock,mode=777,fork -, date | socat - UNIX-CONNECT:/tmp/my.sock
export XDG_RUNTIME_DIR=/run/user/$UID to use systemctl --user as a linger-enabled user
nano -Sav filename, vim -R filename
vboxmanage startvm myvm --type=headless
vboxmanage controlvm myvm acpipowerbutton
while read -r i; do vboxmanage controlvm myvm keyboardputstring "$i"; vboxmanage controlvm myvm keyboardputscancode 1C 9C; done
echo 'Hello $USER!' | envsubst
sudo tcpdump -wfile.pcap, termshark -rfile.pcap
bash <(curl -fsSL https://sh.rustup.rs/) -y && . ~/.cargo/env, rustup update, cargo install rust-script
export RUSTUP_HOME=~/my-portable-rust/rustup CARGO_HOME=~/my-portable-rust/cargo, bash <(curl -fsSL https://sh.rustup.rs/) -y --no-modify-path, ~/my-portable-rust/cargo/bin/cargo run
mkfifo mypipe; while :; do date | tee mypipe; done
date | curl -sSXPOST "https://api.telegram.org/bot${1#bot}/sendMessage" -dchat_id="$2" --data-urlencode text@- --fail-with-body -w'\n'
for i in 192.168.1.1{01..19}; do ping "$i" & done | grep -i 'bytes from .*: icmp_seq='
find . -iname \*.mp3 -printf '%P\n' | { echo '#EXTM3U'; while read -r i; do echo "#EXTINF:0,$(basename "${i%.*}")"; echo "file://$HOME/Music/$i"; done; }
for i in var_01 VAR_02; do read -rsp "$i: " "${i?}"; if [[ "$i" = [[:upper:]]* ]]; then export "${i?}"; fi; done
shuf -en1 Alice Bob Carl, shuf -i1-10 -n1
tr -cd '0-9A-Za-z' < /dev/random | head -c64; echo, tr -cd '0-9a-f' < /dev/random | for i in {1..10}; do head -c8; echo; done | LC_ALL=C sort -u | shuf
myvar=$'string \\ with\nsome\nspecial \'chars\' to "escape"'; echo "${myvar@Q}"
find . -iname \*.mp3 -printf '%P\n' | while read -r i; do [[ "$i" =~ ^[0-9A-Za-z\ .\'/_+-]+$ ]] || echo "$i"; done
venv/bin/python3 -mpip install -U --progress-bar=off -r requirements.txt
escape_if_any() { echo "${1:+${1@Q}}"; }
json_min_escape() { cat | jq -c . | jq -Rrs 'rtrimstr("\n") | @json'; }
arr=(one two 'three four'); escaped_items=("${arr[@]@Q}"); echo "${escaped_items[0]}"; escaped_str="${arr[*]@Q}"; echo "$escaped_str"
bash -ec 'echo "${0@Q} - ${*@Q}"' bash hey 'hello world'
vlc -vvv -Idummy --no-audio screen:// --screen-fps=10 --sout='#transcode{vcodec=MJPG,scale=0.5}:standard{access=http,mux=mpjpeg,dst=:8080/}' --sout-http-mime='multipart/x-mixed-replace;boundary=--7b3cc56e5f51db803f790dad720ed50a' --live-caching=100
modprobe -r mymod01 mymod02, echo -e 'blacklist mymod01\nblacklist mymod02' > /etc/modprobe.d/blacklist-mymod.conf
bind -x '"\e": mycommand'
sudo iptables -nvL
sudo iptables -t nat -F OUTPUT
curl https://api.ipify.org/
ping my.dns.domain.10-0-0-1.nip.io, ping my.dns.domain.lvh.me
socat TCP4-LISTEN:9000,fork,reuseaddr - >/dev/null, dd if=/dev/zero bs=1M count=1024 status=progress | socat - TCP:192.168.0.2:9000
curl -fLo ~/.local/bin/kubectl "https://dl.k8s.io/release/$(curl -fsSL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" && chmod +x ~/.local/bin/kubectl
sudo dd if=/dev/mmcblk2 status=progress | gzip -c | split -b4GB - mmcblk2.img.gz.part
md5sum mmcblk2.img.gz.part* > MD5SUMS
cat mmcblk2.img.gz.part* | gunzip -c | sudo dd of=/dev/mmcblk2 status=progress
dpkg -s python3, dpkg -l | grep -Fi pyth
comm <(echo -e 'common\nonlyleft') <(echo -e 'common\nonlyright') --total
sunodl() { curl -fLO https://cdn1.suno.ai/$1.mp3; }
install -DT <(echo -e '#!/bin/bash\nexec "$(realpath "$(dirname "$0")/../Scripts/python")" "$@"') venv/bin/python3
shred -u myfile.txt
gpg -ac --cipher-algo=AES256 --no-symkey-cache -o encrypted.asc <(date), gpg -d --no-symkey-cache encrypted.asc
date | gpg -ac --batch --cipher-algo=AES256 --no-symkey-cache --passphrase-file=<(echo MyPassphrase) -o encrypted.asc, gpg -d --batch --no-symkey-cache --passphrase-file=<(echo MyPassphrase) encrypted.asc | sha256sum
echo -e 'default-cache-ttl 0\nmax-cache-ttl 0' >> ~/.gnupg/gpg-agent.conf && gpgconf -R
rsync -Phavn --delete --stats ~/sourcedir/ ~/targetdir/ (trailing slashes needed!)
restic -r my-restic-repo -p<(echo mypassword) init
env -C my-files restic -r "$(realpath my-restic-repo)" -p<(echo mypassword) backup -vn .
export RESTIC_REPOSITORY="$(realpath my-restic-repo)" RESTIC_PASSWORD_COMMAND='echo mypassword'
restic snapshots, restic ls latest, restic check --read-data
restic restore latest -t my-target-dir
RCLONE_CONFIG=rclone.conf rclone config, rclone config --config=rclone.conf
echo -e '[mygdrive]\ntype = drive\nscope = drive\nroot_folder_id = ...' > ~/.config/rclone/rclone.conf, rclone config reconnect mygdrive:
echo -e "[mycrypt]\ntype = crypt\nremote = mygdrive\npassword = $(echo mypass | rclone obscure -)" >> ~/.config/rclone/rclone.conf
rclone lsf myremote:
rclone --config=/dev/null lsf -R --format=pst . | LC_ALL=C sort
rclone sync -vn --create-empty-src-dirs myremote:/remote-src-dir ./local-dest-dir
export RCLONE_FTP_PASS=$(read -rsp 'Password: ' && echo "$REPLY" | rclone obscure -), rclone --config=/dev/null sync -vn --create-empty-src-dirs ./www :ftp:/ --ftp-host=myserver.example.com --ftp-user=myuser --ftp-ask-password --ftp-explicit-tls --ftp-no-check-certificate --size-only
rclone check myremote:/remote-src-dir ./local-dest-dir
rclone --config=/dev/null serve -v sftp --user=myuser --pass=mypass .

Bash
install -m600 <(echo 'ACTION=="add", SUBSYSTEM=="pci",' \
    'ATTR{vendor}=="0x1234", ATTR{device}=="0x5678", ATTR{remove}="1"') \
    /etc/udev/rules.d/99-disable-pci-example.rules
udevadm trigger -vcadd -spci -avendor=0x1234 -adevice=0x5678
install -m600 <(echo 'ACTION=="add", SUBSYSTEM=="usb",' \
    'ATTR{idVendor}=="1a2b", ATTR{idProduct}=="3c4d", ATTR{remove}="1"') \
    /etc/udev/rules.d/99-disable-usb-example.rules
udevadm trigger -vcadd -susb -aidVendor=1a2b -aidProduct=3c4d

Bash
readonly user_id=1001 user_name=myuser

loginctl enable-linger "$user_name"
for i in {10..1}; do
    [ -e "/run/user/$user_id/systemd/private" ] && break
    echo "Waiting for systemd user session to initialize (max ${i}s)"
    sleep 1
done
[ -e "/run/user/$user_id/systemd/private" ] ||
    { echo 'Timeout waiting for systemd user session' >&2; exit 1; }

Shell snippets for Docker

docker run -it --rm docker.io/library/debian:12
docker run -d --name=mydeb01 docker.io/library/debian:12 sleep infinity, docker exec -it mydeb01 bash, docker rm -f mydeb01
docker ps -a --format {{.Names}}
docker rm -fv mycontainer
docker run --rm -v myvolume:/v --log-driver=none docker.io/library/busybox tar -cvzC/v . > mybackup.tar.gz
docker run --rm -v myvolume:/v -i docker.io/library/busybox tar -xvzC/v < mybackup.tar.gz
docker create --name=tmp01 docker.io/library/busybox
docker cp tmp01:/bin - | gzip > mybin.tar.gz
docker cp tmp01:/bin/sh - | tar -xv
docker rm -v tmp01
docker run -d --name=mydind01 --privileged docker.io/library/docker:dind
docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock wagoodman/dive docker.io/library/python:3
docker-compose down -v && docker-compose up -d --build && docker-compose logs -ft
docker-compose exec mycontainer bash
docker run -it --rm -p8080:8080 -v "$PWD:/v" php:8 -S '0.0.0.0:8080' -t /v
docker run --rm -v "$PWD:/v" -u "$(id -u):$(id -g)" ghcr.io/plantuml/plantuml -tsvg /v

Bash
docker build -t img-sshsrv01:latest - << 'EOF'
FROM docker.io/library/debian:12
RUN apt-get update && \
    apt-get install -y sudo openssh-server && \
    rm -rf /var/lib/apt/lists/* && \
    mkdir -p /run/sshd
# Warning: leaving the generated host keys in place!
EXPOSE 22
RUN useradd -UGsudo -ms/bin/bash mainuser && \
    echo 'mainuser ALL=(ALL) NOPASSWD: ALL' | \
        install -m440 /dev/stdin /etc/sudoers.d/mainuser-nopassword && \
    echo mainuser:changeme | chpasswd # Warning: very bad password!
ENTRYPOINT ["/usr/sbin/sshd", "-De"]
EOF

docker run -d --name=sshsrv01 -p2222:22 img-sshsrv01:latest

Bash
docker build -t img-unpriv01:latest - << 'EOF'
FROM docker.io/library/debian:12
RUN apt-get update && \
    apt-get install -y sudo \
        git nano tmux tree wget zip curl socat procps jq \
        iputils-ping iproute2 && \
    rm -rf /var/lib/apt/lists/*
RUN useradd -UGsudo -ms/bin/bash mainuser && \
    echo 'mainuser ALL=(ALL) NOPASSWD: ALL' | \
        install -m440 /dev/stdin /etc/sudoers.d/mainuser-nopassword && \
    echo mainuser:changeme | chpasswd # Warning: very bad password!
USER mainuser
ENV USER=mainuser HOME=/home/mainuser
WORKDIR /home/mainuser
EOF

docker run -d --name=unpriv01 img-unpriv01:latest sleep infinity

Shell snippets for Podman

sudo XDG_RUNTIME_DIR=/run/user/1001 -iu myuser
podman ps -ap
systemctl --user status podman-kube@$(systemd-escape ~/kube.yaml)
journalctl --user -u podman-kube@$(systemd-escape ~/kube.yaml)
ls -la ~/.local/share/containers/storage/volumes
(read -rsp 'Password: ' && echo -e "{\"main\":\"$(echo -n "$REPLY" | base64 -w0)\"}") | podman secret create mypassword -
echo -e "{\"main\":\"$(base64 -w0 < mykey.pem)\"}" | podman secret create mykey -
podman image ls -a, podman image prune -af

Shell snippets for Kubernetes

kubectl get all -A, kubectl get pod -owide, kubectl get pod -w
kubectl run mypod --image=docker.io/library/debian:12 sleep infinity
kubectl exec -it mypod -- bash
kubectl delete pod/mypod
kubectl config current-context, kubectl config use-context mycontext
kubectl --context=mycontext -n mynamespace get pod
kubectl port-forward pod/mypod '8080:80'
kubectl get secret/mysecret -ojsonpath={.data.password} | base64 -d; echo
kubectl cordon mynode, kubectl drain --ignore-daemonsets --delete-emptydir-data mynode
kubectl rollout restart sts/mysts
time kubectl api-resources --verbs=list -oname | xargs -n1 kubectl get -A -owide --show-kind --ignore-not-found
helm repo add bitnami https://charts.bitnami.com/bitnami && helm repo update
helm --kube-context=mycontext -n mynamespace list

Bash
kubectl apply -f- << 'EOF'
---
apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: main
      image: docker.io/library/debian:12
      args: [sleep, infinity]
      volumeMounts: [{ mountPath: /v, name: v, readOnly: true }]
  volumes:
    - name: v
      persistentVolumeClaim: { claimName: mypvc, readOnly: true }
EOF

Git Bash (Windows)

export MSYS_NO_PATHCONV=1
winpty rclone ncdu .
choco list --local-only
choco install -y gsudo
sudo choco upgrade -y all
sudo choco install -y winfsp rclone, rclone mount myremote: X: --volname='Volume label' --vfs-disk-space-total-size=2T
MSYS=winsymlinks:nativestrict sudo ln -s original.txt link.txt
[[ "$(uname)" = MINGW* ]]; echo $?
MSYS_NO_PATHCONV=1 '/c/Program Files/VeraCrypt/VeraCrypt.exe' /q /v '\Device\Harddisk1\Partition1' /l X /m ro /m label='My label'
MSYS_NO_PATHCONV=1 '/c/Program Files/VeraCrypt/VeraCrypt.exe' /q /d X

Termux

termux-info
termux-open myimage.jpg
termux-open-url https://example.com/
termux-setup-storage

Prometheus queries

abs(mymetric - mymetric offset 1m)

Python

os.chdir(os.path.dirname(os.path.realpath(__file__)))