# Configuration file for dircolors, a utility to help you set the
# LS_COLORS environment variable used by GNU ls with the --color option.
# Copyright (C) 1996-2023 Free Software Foundation, Inc.
# Copying and distribution of this file, with or without modification,
# are permitted provided the copyright notice and this notice are preserved.
#
# The keywords COLOR, OPTIONS, and EIGHTBIT (honored by the
# slackware version of dircolors) are recognized but ignored.
# Global config options can be specified before TERM or COLORTERM entries
# ===================================================================
# Terminal filters
# ===================================================================
# Below are TERM or COLORTERM entries, which can be glob patterns, which
# restrict following config to systems with matching environment variables.
COLORTERM ?*
TERM Eterm
TERM ansi
TERM *color*
TERM con[0-9]*x[0-9]*
TERM cons25
TERM console
TERM cygwin
TERM *direct*
TERM dtterm
TERM gnome
TERM hurd
TERM jfbterm
TERM konsole
TERM kterm
TERM linux
TERM linux-c
TERM mlterm
TERM putty
TERM rxvt*
TERM screen*
TERM st
TERM terminator
TERM tmux*
TERM vt100
TERM xterm*
# ===================================================================
# Basic file attributes
# ===================================================================
# Below are the color init strings for the basic file types.
# One can use codes for 256 or more colors supported by modern terminals.
# The default color codes use the capabilities of an 8 color terminal
# with some additional attributes as per the following codes:
# Attribute codes:
# 00=none 01=bold 04=underscore 05=blink 07=reverse 08=concealed
# Text color codes:
# 30=black 31=red 32=green 33=yellow 34=blue 35=magenta 36=cyan 37=white
# Background color codes:
# 40=black 41=red 42=green 43=yellow 44=blue 45=magenta 46=cyan 47=white
#NORMAL 00 # no color code at all
#FILE 00 # regular file: use no color at all
RESET 0 # reset to "normal" color
DIR 01;96 # directory
LINK 01;36 # symbolic link. (If you set this to 'target' instead of a
# numerical value, the color is as for the file pointed to.)
MULTIHARDLINK 00 # regular file with more than one link
FIFO 40;33 # pipe
SOCK 01;35 # socket
DOOR 01;35 # door
BLK 40;33;01 # block device driver
CHR 40;33;01 # character device driver
ORPHAN 40;31;01 # symlink to nonexistent file, or non-stat'able file ...
MISSING 00 # ... and the files they point to
SETUID 37;41 # file that is setuid (u+s)
SETGID 30;43 # file that is setgid (g+s)
CAPABILITY 00 # file with capability (very expensive to lookup)
STICKY_OTHER_WRITABLE 30;42 # dir that is sticky and other-writable (+t,o+w)
OTHER_WRITABLE 34;42 # dir that is other-writable (o+w) and not sticky
STICKY 37;44 # dir with the sticky bit set (+t) and not other-writable
# This is for files with execute permission:
EXEC 01;32
# ===================================================================
# File extension attributes
# ===================================================================
# List any file extensions like '.gz' or '.tar' that you would like ls
# to color below. Put the suffix, a space, and the color init string.
# (and any comments you want to add after a '#').
# Suffixes are matched case insensitively, but if you define different
# init strings for separate cases, those will be honored.
#
# If you use DOS-style suffixes, you may want to uncomment the following:
#.cmd 01;32 # executables (bright green)
#.exe 01;32
#.com 01;32
#.btm 01;32
#.bat 01;32
# Or if you want to color scripts even if they do not have the
# executable bit actually set.
#.sh 01;32
#.csh 01;32
# archives or compressed (bright red)
.tar 01;31
.tgz 01;31
.arc 01;31
.arj 01;31
.taz 01;31
.lha 01;31
.lz4 01;31
.lzh 01;31
.lzma 01;31
.tlz 01;31
.txz 01;31
.tzo 01;31
.t7z 01;31
.zip 01;31
.z 01;31
.dz 01;31
.gz 01;31
.lrz 01;31
.lz 01;31
.lzo 01;31
.xz 01;31
.zst 01;31
.tzst 01;31
.bz2 01;31
.bz 01;31
.tbz 01;31
.tbz2 01;31
.tz 01;31
.deb 01;31
.rpm 01;31
.jar 01;31
.war 01;31
.ear 01;31
.sar 01;31
.rar 01;31
.alz 01;31
.ace 01;31
.zoo 01;31
.cpio 01;31
.7z 01;31
.rz 01;31
.cab 01;31
.wim 01;31
.swm 01;31
.dwm 01;31
.esd 01;31
# image formats
.avif 01;35
.jpg 01;35
.jpeg 01;35
.mjpg 01;35
.mjpeg 01;35
.gif 01;35
.bmp 01;35
.pbm 01;35
.pgm 01;35
.ppm 01;35
.tga 01;35
.xbm 01;35
.xpm 01;35
.tif 01;35
.tiff 01;35
.png 01;35
.svg 01;35
.svgz 01;35
.mng 01;35
.pcx 01;35
.mov 01;35
.mpg 01;35
.mpeg 01;35
.m2v 01;35
.mkv 01;35
.webm 01;35
.webp 01;35
.ogm 01;35
.mp4 01;35
.m4v 01;35
.mp4v 01;35
.vob 01;35
.qt 01;35
.nuv 01;35
.wmv 01;35
.asf 01;35
.rm 01;35
.rmvb 01;35
.flc 01;35
.avi 01;35
.fli 01;35
.flv 01;35
.gl 01;35
.dl 01;35
.xcf 01;35
.xwd 01;35
.yuv 01;35
.cgm 01;35
.emf 01;35
# https://wiki.xiph.org/MIME_Types_and_File_Extensions
.ogv 01;35
.ogx 01;35
# audio formats
.aac 00;36
.au 00;36
.flac 00;36
.m4a 00;36
.mid 00;36
.midi 00;36
.mka 00;36
.mp3 00;36
.mpc 00;36
.ogg 00;36
.ra 00;36
.wav 00;36
# https://wiki.xiph.org/MIME_Types_and_File_Extensions
.oga 00;36
.opus 00;36
.spx 00;36
.xspf 00;36
# backup files
*~ 00;90
*# 00;90
.bak 00;93
.crdownload 00;90
.dpkg-dist 00;90
.dpkg-new 00;90
.dpkg-old 00;90
.dpkg-tmp 00;90
.old 00;90
.orig 00;90
.part 00;90
.rej 00;90
.rpmnew 00;90
.rpmorig 00;90
.rpmsave 00;90
.swp 00;90
.tmp 00;93
.ucf-dist 00;90
.ucf-new 00;90
.ucf-old 00;90
#
# Subsequent TERM or COLORTERM entries, can be used to add / override
# config specific to those matching environment variables.
Linux Dark Terminal color preferences ~/.bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
case $- in
*i*) ;;
*) return;;
esac
# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth
# append to the history file, don't overwrite it
shopt -s histappend
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
HISTSIZE=1000
HISTFILESIZE=2000
# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize
# If set, the pattern "**" used in a pathname expansion context will
# match all files and zero or more directories and subdirectories.
#shopt -s globstar
# make less more friendly for non-text input files, see lesspipe(1)
[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
debian_chroot=$(cat /etc/debian_chroot)
fi
# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
xterm-color|*-256color) color_prompt=yes;;
esac
# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
force_color_prompt=yes
if [ -n "$force_color_prompt" ]; then
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
# We have color support; assume it's compliant with Ecma-48
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
# a case would tend to support setf rather than setaf.)
color_prompt=yes
else
color_prompt=
fi
fi
if [ "$color_prompt" = yes ]; then
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;92m\]\u@\h\[\033[00m\]:\[\033[01;96m\]\w\[\033[00m\]\$ '
else
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt
# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*)
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
;;
*)
;;
esac
# enable color support of ls and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
alias ls='ls --color=auto'
#alias dir='dir --color=auto'
#alias vdir='vdir --color=auto'
alias grep='grep --color=auto'
alias fgrep='fgrep --color=auto'
alias egrep='egrep --color=auto'
fi
# colored GCC warnings and errors
export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
# some more ls aliases
alias ll='ls -alF'
alias la='ls -A'
alias l='ls -CF'
alias now='date +%H%M:%d:%m:%Y'
alias dallas='TZ=America/Chicago now'
# Add an "alert" alias for long running commands. Use like so:
# sleep 10; alert
alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"'
# Alias definitions.
# You may want to put all your additions into a separate file like
# ~/.bash_aliases, instead of adding them here directly.
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
if [ -f ~/.bash_aliases ]; then
. ~/.bash_aliases
fi
# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if ! shopt -oq posix; then
if [ -f /usr/share/bash-completion/bash_completion ]; then
. /usr/share/bash-completion/bash_completion
elif [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
fi
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
gpgconf --launch gpg-agent
zfs snapshot script(s)
here is a zfs snapshot script that keys off of scriptname
#!/usr/bin/bash
#
# vmsnaps.sh - make snapshots of all VM zfs
# no calling args. linked filename invoking script \
# determines behavior. zfs snapshots require root access
#
SCRIPTNAME=${0##*/}
DATETIME=`/usr/bin/date +%H%M-%d-%m-%Y`
ROOTSNAPS='rpool rpool/ROOT rpool/ROOT/oicuraqt rpool/Shotwell rpool/USERDATA rpool/USERDATA/luser rpool/USERDATA/luser2 rpool/USERDATA/root'
VMSNAPS=`zfs list |grep VM|awk '{printf(" "$1)}'`
ALLSNAPS=`zfs list -t snap 2>/dev/null|grep -v MOUNTPOINT|awk '{printf(" "$1)}'`
function rootsnaps() {
for ROOT in ${ROOTSNAPS}
do
echo snapshot ${ROOT}\@${DATETIME}
sudo zfs snapshot ${ROOT}@${DATETIME}
done
}
function vmsnaps() {
for VM in ${VMSNAPS}
do
echo snapshot ${VM}\@${DATETIME}
sudo zfs snapshot ${VM}@${DATETIME}
done
}
function destroyAllSnaps() {
if confirmDestroy; then
echo "luser chose YES. Destroying all existing snapshots..."
for ALLSNAP in ${ALLSNAPS}
do
sudo zfs destroy ${ALLSNAP}
done
else
echo "luser chose NO. Aborting destruction of all snapshots..."
fi
}
function confirmDestroy() {
while true; do
read -p "This will destroy ALL existing snapshots.\n Do you want to proceed? (YES/NO/CANCEL) " yn
case $yn in
[Yy]* ) return 0;;
[Nn]* ) return 1;;
[Cc]* ) exit;;
* ) echo "Please answer YES, NO, or CANCEL.";;
esac
done
}
# main script begins
case ${SCRIPTNAME} in
snaproots.sh)
rootsnaps
;;
snapvms.sh)
vmsnaps
;;
snapall.sh)
rootsnaps
vmsnaps
;;
destroyallsnaps.sh)
destroyAllSnaps
;;
*)
printf "\nValid scriptnames are snaproots.sh, snapvms.sh, snapall.sh or \n destroyallsnaps.sh \nPlease create symbolic link with one of theses names to snaps.sh\n"
;;
esac
Ubuntu 23.10 KVM /etc/netplan/01-netcfg.yaml
network:
version: 2
renderer: NetworkManager
ethernets:
enx00e04d711639:
dhcp4: false
dhcp6: false
mtu: 9000
bridges:
br0:
interfaces: [enx00e04d711639]
addresses:
- 192.168.3.99/24
routes:
- to: default
via: 192.168.3.1
nameservers:
addresses:
- 192.168.3.1
dhcp4: false
dhcp6: true
parameters:
stp: true
forward-delay: 4
Save yourself a lot of headaches and install yamllint and use it on your configs. Once changes are verified run netplan apply . networkctl will show status.
Ubuntu Mantic nginx & php-fm config
You need to add this to /etc/nginx/sites-enabled/default to execute php files on Nginx Server:
root@homey:/etc/nginx/sites-enabled# cat /etc/nginx/sites-available/default
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.php ;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
}
Here is a good .htaccess file:
root@homey:/var/www/html# cat .htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
## Begin RewriteBase
# If you are getting 500 or 404 errors on subpages, you may have to uncomment the RewriteBase entry
# You should change the '/' to your appropriate subfolder. For example if you have
# your Grav install at the root of your site '/' should work, else it might be something
# along the lines of: RewriteBase /<your_sub_folder>
##
RewriteBase /
## End - RewriteBase
## Begin - X-Forwarded-Proto
# In some hosted or load balanced environments, SSL negotiation happens upstream.
# In order for Grav to recognize the connection as secure, you need to uncomment
# the following lines.
#
RewriteCond %{HTTP:X-Forwarded-Proto} https
RewriteRule .* - [E=HTTPS:on]
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^(.*)$ https://www.investbitnow.com/$1 [R=301,L]
#
## End - X-Forwarded-Proto
## Begin - Exploits
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Grav
#
# Block out any script trying to use twig tags in URL.
RewriteCond %{REQUEST_URI} ({{|}}|{%|%}) [OR]
RewriteCond %{QUERY_STRING} ({{|}}|{%25|%25}) [OR]
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
## End - Exploits
## Begin - Index
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
## End - Index
## Begin - Security
# Block all direct access for these folders
RewriteRule ^(\.git|cache|bin|logs|backup|webserver-configs|tests)/(.*) error [F]
# Block access to specific file types for these system folders
RewriteRule ^(system|vendor)/(.*)\.(txt|xml|md|html|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ error [F]
# Block access to specific file types for these user folders
RewriteRule ^(user)/(.*)\.(txt|md|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ error [F]
# Block all direct access to .md files:
RewriteRule \.md$ error [F]
# Block all direct access to files and folders beginning with a dot
RewriteRule (^|/)\.(?!well-known) - [F]
# Block access to specific files in the root folder
RewriteRule ^(LICENSE\.txt|composer\.lock|composer\.json|\.htaccess)$ error [F]
## End - Security
</IfModule>
# Begin - Prevent Browsing and Set Default Resources
Options -Indexes
DirectoryIndex index.php index.html index.htm
# End - Prevent Browsing and Set Default Resources
Edit /etc/php/8.2/fpm/php.in and make sure cgi.fix_pathinfo is set to 0
Restart Nginx and php8.2-fpm
sudo service nginx restart && sudo service php8.2-fpm restartCreate Local Debian Package Repository
Step1: Installing Required Package
On Debian-based systems, all repositories are managed by the APT utilities (apt, apt-get, apt-cache, etc). The dpkg-dev package is needed for local repository creation compatible with APT.
First Update the system packages using the following command:
$ sudo apt update && sudo apt upgradeNext install the dpkg-dev package by typing the following:
$ sudo apt-get install dpkg-devWhen package installation finishes, proceed with creating a directory for your package files.
Step 2: Create a Directory for Local Repository
Create a directory to keep binary packages. For this example, we’ll use /opt/local/debs, but you can use any directory you may like.
$ sudo mkdir -p /opt/local/debsNext, change directory:
$ cd /opt/local/debsStep 3: Adding Packages to Local Repo Directory
For the purpose of this tutorial, we will download the chrome-browser package to our local repository, because it is not found in the default Ubuntu repository:
$ sudo wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.debYou can copy or download as many packages as you like in this step.
Step 4: Create the Required Repository Package Meta for APT
For this, we must run several dpkg-scanpackages commands. I’ll switch to the root user account because I’m using the /opt/local directory to skip using sudo.
$ sudo suFirst, we will create a Release file by running the following command:
# dpkg-scanpackages . /dev/null > ReleaseYou should get a similar output depending on how many packages you have added to the local repository:
dpkg-scanpackages: warning: Packages in archive but missing from override file:
dpkg-scanpackages: warning: google-chrome-stable
dpkg-scanpackages: info: Wrote 1 entries to output Packages file.Next, scan all the deb files in the directory and create an appropriate Packages.gz file
# dpkg-scanpackages . /dev/null | gzip -9c > Packages.gzOutput:
dpkg-scanpackages: warning: Packages in archive but missing from override file:
dpkg-scanpackages: warning: google-chrome-stable
dpkg-scanpackages: info: Wrote 1 entries to output Packages file.Note that you must run these commands every time you add new deb packages to your local repository directory. You could also create a simple bash script and run it whenever you add new packages.
To List local repo directory structure, run ls command:
$ ls -lOutput:
-rw-r--r-- 1 root root 83325072 May 8 02:29 google-chrome-stable_current_amd64.deb
-rw-r--r-- 1 root root 761 May 17 20:44 Packages.gz
-rw-r--r-- 1 root root 1321 May 17 20:39 ReleaseStep 5: Adding Our Local Repository to Sources.list
The final step is to edit the sources.list file. Edit the file using the editor of your choice:
$ sudo nano /etc/apt/sources.listAdd the following line to your /etc/apt/sources.list:
deb [trusted=yes] file:/opt/local/debs ./Now we will test our local repository in action.
Step 6: Verification
We can verify by installing or removing the packages from Local Repository.
First we must update the packages:
$ sudo apt-get updateNow we install our package as usual using apt-get:
$ sudo apt-get install google-chrome-stableNow your local packages can be installed, updated and removed using Synaptic, aptitude and the apt commands: apt-get, apt-cache, etc. When you run apt-get install, any dependencies will be resolved and installed for you, as long as they can be met.
We can easily remove our installed packages the same way as with any installed package on our system:
$ sudo apt-get remove google-chrome-stableConclusion
In this tutorial, we have learned how to create our own local Debian repository and add/remove packages locally. These steps apply to most Debian-based distributions.