mikegerwitz
/
dotfiles
1
0
Fork 0
Code Releases Activity

Initial commit of many files; many more to come

org
Mike Gerwitz 2013-09-09 00:10:05 -04:00
commit a1522f9784
No known key found for this signature in database
GPG Key ID: F22BB8158EE30EAB
17 changed files with 956 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
.Xresources 100644
View File

@ -0,0 +1,49 @@
! urxvt configuration
! font
urxvt.font: xft:Monospace:pixelsize=10:antialias=true:hinting=true
urxvt.boldFont: xft:Monospace:pixelsize=10:bold:antialias=true:hinting=true
urxvt.letterSpace: -1.5
urxvt.lineSpace: -2
! misc
urxvt.scrollBar: false
urxvt.visualBell: true
urxvt.modifier: alt
!!! colors (based on Tango Icon Theme color scheme)
*background: Black
*foreground: #babdb6
! black
*color0: #2e3436
*color8: #555753
! red
*color1: #a40000
*color9: #cc0000
! green
*color2: #4e9a06
*color10: #73d216
! yellow
*color3: #c4a000
*color11: #edd400
! blue
*color4: #3465a4
*color12: #729fcf
! magenta
*color5: #75507b
*color13: #ad7fa8
! cyan
*color6: turquoise4
*color14: cyan3
! white
*color7: #babdb6
*color15: #d3d7cf

35
.gvimrc 100644
View File

@ -0,0 +1,35 @@
" vi: set tw=0
"
" Mike Gerwitz's personal gvim configuration
"
" Copyright (C) 2013 Mike Gerwitz
"
" This program is free software: you can redistribute it and/or modify
" it under the terms of the GNU General Public License as published by
" the Free Software Foundation, either version 3 of the License, or
" (at your option) any later version.
"
" This program is distributed in the hope that it will be useful,
" but WITHOUT ANY WARRANTY; without even the implied warranty of
" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
" GNU General Public License for more details.
"
" You should have received a copy of the GNU General Public License
" along with this program. If not, see <http://www.gnu.org/licenses/>.
"
" Most configuration options are within ~/.vimrc---these are only the
" options that apply to the GTK+ software gvim.
" "
set guifont=Droid\ Sans\ Mono\ 8
" remove all those annoying GUI options that take up space
set guioptions=
" I do not prefer slate on a terminal, so this is set only for gvim
color slatemg
" There is rarely a time where I use gvim and do not want to strip trailing
" whitespace or retab. If I do not want this, I do not use gvim.
autocmd BufWrite * :silent! :%s:\(\S\+\)\?\s\+$:\1:g
autocmd BufWrite * silent :retab

28
.screen/cpufan 100755
View File

@ -0,0 +1,28 @@
#!/bin/bash
#
# Display speed of CPU fan
#
# Copyright (C) 2013 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# Why? Primarily for tweaking BIOS configuration for fan speed to quiet a
# noisy fan or to see the fan speed when logging in remotely so as not to
# annoy people who may be physically present and wonder why the PC is
# preparing for takeoff.
#
# One day, fans will not exist within most home PCs.
##
sensors | grep fan1 | awk '{print "\005{+ .y}", $2, "rpm\005{-}"}'

25
.screen/getip 100755
View File

@ -0,0 +1,25 @@
#!/bin/sh
#
# Displays first match of non-localhost IP
#
# Copyright (C) 2011 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
##
# display first non-localhost IP
ifconfig \
| grep -m1 -oP 'inet addr:[^ ]+(?<!127\.0\.0\.1|::1) ' \
| cut -f2 -d: \
| sed 's/ $//'

29
.screen/load-avg 100755
View File

@ -0,0 +1,29 @@
#!/bin/sh
#
# System 1-minute load average screen status indicator
#
# Copyright (C) 2011 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This utility uses fetchmail in order to check for new messages. Please
# configure your ~/.fetchmailrc file appropriately.
##
uptime \
| grep -o 'average:.*' \
| cut -d' ' -f2 \
| sed 's/,$//' \
| awk '{print "\005{+ .y}", $1, "\005{-}"}'

70
.screen/mail 100755
View File

@ -0,0 +1,70 @@
#!/bin/sh
#
# Unread E-mail screen status indicator
#
# Copyright (C) 2013 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# Unread e-mails will be displayed in the following format:
# [X X X unread!X]
#
# This utility uses fetchmail in order to check for new messages. Please
# configure your ~/.fetchmailrc file appropriately.
##
pidfile=~/.screen/.mail.pid
curpid="$( cat "$pidfile" )"
# kill any existing instances and replace (to ensure that code changes take
# effect)
[ "$curpid" ] && kill "$curpid"
echo "$$" > "$pidfile"
# this will be displayed until the first time the mail is received
echo "\005{+ mw}(...)\005{-}"
# continue looping while parent (screen) process is still running
parent="$PPID"
while [ "$( ps | grep $parent)" ]; do
fetchmail -t1 -c 2>/dev/null \
| sed 's/^\([0-9]\+\).*(\([0-9]\+\) seen).*$/\1 \2/' \
| awk '
BEGIN {
count=0
total=0
printf "%s", "\005{+ mw}[\005{+b}"
}
{
total += total + ( $1 - $2 )
count += $1
printf "%d ", total
}
END {
printf "%s", "\005{-}unread]\005{-}"
if ( count > 100 )
printf "%s%d%s", "\005{+ my}!", count, "\005{-}"
printf "\n"
if ( total > 0 )
print "mail" > "/tmp/.keyind"
else
print "" > "/tmp/.keyind"
}'
sleep 30
done

30
.screen/secstat 100755
View File

@ -0,0 +1,30 @@
#!/bin/sh
#
# Indicator for status of encrypted directory mount
#
# Copyright (C) 2012 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# The rationale behind this color scheme is that the system is unlikely to
# function properly (for standard use) if the directory is not mounted. For
# example, I symlink ~/.mozilla into this directory so that my sync'd
# data---containing browsing habits and years worth of bookmarks---is not
# available when I am not physically present at the PC.
##
color=r
[ -f ~/.enc/.available ] && color=m
echo -n "\005{+ ."$color"}*\005{-}"

38
.screen/ssh-agent-key 100755
View File

@ -0,0 +1,38 @@
#!/bin/sh
#
# SSH key indicator for ssh-agent
#
# Copyright (C) 2012 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# The rationale behind the coloring is simply that, without the key in the
# agent, I will be prompted for passwords for (depending on location)
# numerous boxes---a frustrating task. However, the reverse coloring would
# be equally applicable---remote systems are more vulnerable if someone has
# access to your agent. I take precautions to make the latter incredibly
# difficult.
##
. ~/.ssh/.agent
keys="$( ssh-add -L | grep ^ssh | wc -l )"
# green if keys exist in agent, otherwise yellow
color=g
[ "$keys" -eq 0 ] && color=y
# red if agent is not started
[ -z "$SSH_AGENT_PID" ] && color=r
echo -n "\005{+ ."$color"}*\005{-}"

79
.screen/weather 100755
View File

@ -0,0 +1,79 @@
#!/bin/bash
#
# Retrieves and formats current weather
#
# Copyright (C) 2013 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# In order to prevent the screen session from hanging due to network latency
# or a slow weather server, it is highly recommended that a cron job or some
# other task be used to populate /tmp/.weather with the output of the
# weather command. Should a file be empty or non-existant, the script will
# fall back to querying realtime.
##
export -n HTTP_PROXY http_proxy
# fall back to realtime weather data if no cache is available
wdata=/tmp/.weather
data="$(
if [ -s "$wdata" ]; then
cat /tmp/.weather
else
weather -i "${WEATHER_METAR:-kbuf}"
fi \
| sed 's/^ \+//g'
)"
weather_temp="$( echo "$data" \
| grep ^Temp \
)"
weather_f="$( echo "$weather_temp" \
| grep -oP '[0-9\.-]+ F' \
| cut -d' ' -f1 \
)"
weather_c="$( echo "$weather_temp" \
| grep -oP '[0-9\.-]+ C' \
| cut -d' ' -f1 \
)"
wind="$( grep -o '[0-9]\+ MPH' <<< "$data" \
| tr '\n' '-' \
| sed 's/-$//;s/ \?MPH-/-/' \
)"
# remove decimal
chk="$( echo "$weather_f" | cut -d. -f1 )"
# determine color based on temperature
color='.'
if [ $chk -gt 89 ]; then
color=r
elif [ $chk -gt 69 ]; then
color=y
elif [ $chk -gt 39 ]; then
color=d
elif [ $chk -gt 9 ]; then
color=b
else
color=m # purple with my color scheme
fi
# if it's sunny, make the status brighter
echo "$data" | grep -qP 'sunny|(mostly )?clear|partly cloudy' && {
color=$( echo $color | tr '[:lower:]' '[:upper:]' )
}
echo -e "\005{+ .$color}${weather_f}F/${weather_c}C $wind\005{-}"

43
.screen/wireless-signal 100755
View File

@ -0,0 +1,43 @@
#!/bin/sh
#
# Displays wireless signal strength for the given interface
#
# Copyright (C) 2013 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
##
iface="$1"
iwconfig "$iface" \
| grep -o 'Link Quality=[^ ]\+' \
| cut -d'=' -f2 \
| awk -F/ '
{
quality = ($1 / $2 * 100);
color = ".";
if ( quality >= 75 )
color = "g";
else if ( quality >= 50 )
color = "y";
else if ( quality < 25 )
{
color = "r";
}
printf "\005{+ .m}%s:\005{-}\005{+ .%c}%d%%\005{-}", \
"'$1'", color, quality;
}
'

63
.screenrc 100644
View File

@ -0,0 +1,63 @@
# personal screenrc - mikegerwitz
#
# This configuration file is provided in the hope that it will be helpful in
# configuring your own software, but WITHOUT ANY WARRANTY. Please be mindful of
# what is executing on your system.
#
# backtick commands
#
backtick 1 1 1 date '+%Y-%m-%d %H:%M:%S'
backtick 2 303 303 .screen/getip
backtick 3 999999 999999 whoami
backtick 50 59 59 .screen/ssh-agent-key
backtick 51 59 59 .screen/secstat
backtick 100 3 3 .screen/load-avg
backtick 101 0 0 .screen/mail
backtick 102 287 287 .screen/weather
#
# vim-style keybindings
#
bind j focus down
bind k focus up
bindkey ^b mapnotnext
bindkey -k k2 screen htop
bindkey -k k3 screen $EDITOR
bindkey -k k4 screen mutt
#
# general options
#
startup_message off
compacthist off
altscreen on
fit
attrcolor b ".i"
termcapinfo xterm 'Co#256:AB=\E[48;5;%dm:AF=\E[38;5;%dm'
defbce "on"
# memory is cheap
defscrollback 10000
#
# status lines
#
hardstatus alwayslastline
caption always "%{= kw}%-Lw%{=r}%n*%f %t%{-}%+Lw %= %{+b}%3`@%H %2`%{-}%{-}"
hardstatus string "%{= kw}%{+b}Happy Hacking%{-}%50`%51` %= %101` %100` %102` %1`%{-}"
sorendition "= kW"
#
# source any local configs at the end of all this so that the settings in there
# will override the settings here (this is needed, for example, because I have
# certain status indicators that I may use at work that differ from my personal
# PC)
#
source .screenrc-local

201
.vimrc 100644
View File

@ -0,0 +1,201 @@
" vi: set tw=0
"
" Mike Gerwitz's personal vim configuration
"
" Copyright (C) 2013 Mike Gerwitz
"
" This program is free software: you can redistribute it and/or modify
" it under the terms of the GNU General Public License as published by
" the Free Software Foundation, either version 3 of the License, or
" (at your option) any later version.
"
" This program is distributed in the hope that it will be useful,
" but WITHOUT ANY WARRANTY; without even the implied warranty of
" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
" GNU General Public License for more details.
"
" You should have received a copy of the GNU General Public License
" along with this program. If not, see <http://www.gnu.org/licenses/>.
"
" Refactoring needed.
" "
" pathogen
call pathogen#runtime_append_all_bundles()
" general configuration options
set ai
set autochdir
set backspace=indent,eol,start
set backupdir=~/.vim-tmp,~/.tmp,~/tmp,/var/tmp,/tmp
set directory=~/.vim-tmp,~/.tmp,~/tmp,/var/tmp,/tmp
set et
set exrc
set fdm=marker
set history=9000
set hlsearch
set incsearch
set number
set ruler
set sessionoptions=curdir,folds,globals,help,localoptions,options,resize,tabpages,winpos,winsize
set scrolloff=4
set spelllang=en_us
set spellfile=~/.vim/spellfile/common.add,~/.vim/spellfile/dev.add
set sw=4
set t_Co=256
set title
set ts=4
set tw=80
set undolevels=3000
set updatecount=50
set visualbell
syn on
" BASH-like tab completion
set wildmenu
set winminheight=0
set wildmode=longest,list,full
" enable filetype plugins
filetype on
filetype plugin on
" show whitespace characters
set list listchars=tab:>-,trail:•,precedes:•
" printing
set printfont=:h8
set printoptions=paper:letter,number:y,syntax:y,left:15pc
nmap <leader>ps :set printoptions+=duplex:short<CR>
nmap <leader>pS :set printoptions-=duplex:short<CR>
" closetag.vim
let b:unaryTagsStack=''
au FileType html,xml,xslt,xsd source ~/.vim/plugin/closetag.vim
" abbreviations
iab __NAME Mike Gerwitz
iab __UN mikegerwitz
iab __EMAIL mike@mikegerwitz.com
" save a generic session in case of an oopsie
au BufWrite * silent :call WriteSessAuto()
au BufWrite * silent :call WriteSessAuto()
function! WriteSessAuto()
" one capital letter for the Sessname global so that we can store it in the
" session file
let filename = '~/.vimsess-' .
\ ( !exists( 'g:Sessname' ) || ( empty( g:Sessname ) )
\ ? 'autosave' : (g:Sessname)
\ )
exec 'mksession! ' . filename
endfunction
" custom statusline
set statusline=%<%f\ %h%m%r%=[%n]\ \%-14.([%b:%B]\ \ %l,%c%V%)\ %P
" make the C-e and C-y mappings less painful
nnoremap <C-e> 3<C-e>
nnoremap <C-y> 3<C-y>
"
" redraw
nmap <silent> <leader>R :redraw!<CR>
" nohlsearch shortcut
nmap <silent> <leader>h :silent :nohlsearch<CR>
" for MultipleSearch
let g:MultipleSearchMaxColors = 10
" toggle cursorline/cursorcolumn
nmap <leader>c :set cursorline! cursorcolumn!<CR>
nmap <leader>C :set cursorcolumn!<CR>
" omnicomplete
set ofu=syntaxcomplete#Complete
autocmd FileType python set omnifunc=pythoncomplete#Complete
autocmd FileType javascript set omnifunc=javascriptcomplete#CompleteJS
autocmd FileType html set omnifunc=htmlcomplete#CompleteTags
autocmd FileType css set omnifunc=csscomplete#CompleteCSS
autocmd FileType xml,xsd,xslt set omnifunc=xmlcomplete#CompleteTags
autocmd FileType php set omnifunc=phpcomplete#CompletePHP
autocmd FileType c set omnifunc=ccomplete#Complete
" maps
""""""
" easy window switching
map <C-J> <C-W>j<C-W>_
map <C-K> <C-W>k<C-W>_
" easy common alignments
map <C-A>= :Align = :set et
map <C-A>> :Align => :set et
map <C-A>A :Align AS :set et
" focus fold
" map zO zMzo
" easy maximize window
map <C-W><SPACE> <C-W>_<C-W>k4<C-W>+<C-W>j
map <C-W><C-SPACE> <C-W><C><SPACE>
" toggle above fold
map zK zkza``
" toggle below field
map zJ zjza``
" comment out selected lines
map <C-A><C-D>c :s/^/\/\//
" remove comments
map <C-A><C-D>x :s/^\/\///
" CommandT
let g:CommandTMaxFiles=100000
map <silent> <leader>t :CommandT ~/gitrepos<CR>
map <silent> <leader>T :CommandTFlush<CR>:CommandT ~/gitrepos<CR>
map <silent> <leader>Hr :SearchReset<CR>:nohlsearch<CR>
map <silent> <leader>HR :SearchBuffersReset<CR>:nohlsearch<CR>
map <silent> <leader>vs :source ~/.vimrc<CR>
map <silent> <leader>gs :source ~/.vimrc<CR>:source ~/.gvimrc<CR>
map <silent> <leader>ss :setlocal spell spelllang=en_us<CR>
map <silent> <leader>S :setlocal nospell<CR>
map <silent> <leader>p :set paste<CR>
map <silent> <leader>P :set nopaste<CR>
" obnoxious mail ending chars (e.g. mutt)
map <silent> <leader>M :%s/=\n//g<CR>
" git blame history made easy
map <silent> <leader>gb :%!git blame -- %<CR>
map <silent> <leader>g< ^"byt :exe '%!git blame '.@b.'^ -- %'<CR>
map <silent> <leader>g. ^"byt :exe '%!git log -p '.@b.'^..'.@b<CR>
" snippets
function! ReloadSnippets( snippets_dir, ft )
if strlen( a:ft ) == 0
let filetype = "_"
else
let filetype = a:ft
endif
call ResetAllSnippets()
call GetSnippets( a:snippets_dir, filetype )
endfunction
" reload snippets
nmap <leader>rs :call ReloadSnippets(snippets_dir, &filetype)<CR>
" move single line of nested XML onto multiple lines and indent
map <leader>xj ^f>a<CR><ESC>>>$F<i<CR><ESC><<k^
map <leader>xJ ^f/ldF A<CR><C-_><ESC>O<TAB>
" xmllint
map <leader>xl :%!xmllint --format -<CR>
" system-specific configuration
source ~/.vimrc-local

18
.xinitrc 100644
View File

@ -0,0 +1,18 @@
setxkbmap -option ctrl:nocaps
xmodmap ~/.xmodmap
xset mouse 5/0.1
xsetroot -cursor_name arrow
# .Xresources is managed by software (e.g. Puppet) whereas .Xresources-local
# may contain any system-specific configuration
xrdb -merge ~/.Xresources
test -f ~/.Xresources-local && xrdb -merge ~/.Xresources-local
# .xprofile is *not* managed by software (such as Puppet) and may therefore
# be used for system-specific configuration
test -f ~/.xprofile && source ~/.xprofile
# screensaver can be disabled by creating ~/.noscreensaver (not managed)
test -f ~/.noscreensaver || xscreensaver &
exec xmonad

22
.xscreensaver 100644
View File

@ -0,0 +1,22 @@
splash: false
mode: blank
timeout: 0:01:00
fade: true
unfade: false
lock: true
lockTimeout: 0:00:05
passwdTimeout: 0:00:03
dpmsEnabled: true
dpmsQuickOff: false
dpmsStandby: 0:05:00
dpmsStandby: 0:10:00
dpmsOff: 0:30:00
timestamp: true
verbose: false
captureStderr: true
pointerHysteresis: 10

97
desktop-bin/enc-setup 100755
View File

@ -0,0 +1,97 @@
#!/bin/bash
#
# Set up encrypted directory ~/.enc
#
# Copyright (C) 2013 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This encrypted directory strikes a balance between a full encrypted home
# directory (a feature provided by many modern GNU/Linux distributions) and
# privacy: Specifically, most files are configuration and do not really need
# to be private (indeed, many of them are even in my public repository).
#
# This expects that the ~/.enc{,-data} directories have already been created
# when the system was set up. Any data in either of the directories will be
# copied into the final, encrypted directory, with the ~/.enc-data contents
# taking precedence in the event of a filename conflict.
##
encdatadir="$HOME/.enc-data"
encdatadirtmp="$HOME/.enc-data.tmp"
encdir="$HOME/.enc"
readyfile=".ready"
# graceful exit if we've already been set up
[ -e "$encdatadir/$readyfile" ] && {
echo "$encdir is already set up."
exit
}
# do not allow this action to be performed over SSH or while sshd is running
# and tell the user to ensure that all running processes are trusted (no
# keyloggers, etc)
[ "$1" != --shutit ] && pgrep '^sshd?$' &>/dev/null && {
echo "fatal: please disable SSH and close all connections" >&2
echo "fatal: and then verify all running processes" >&2
echo "fatal: (or pass --shutit if you're confident)" >&2
exit 1
}
# allows glob to match dotfiles
shopt -s dotglob || {
echo "fatal: failed to enable dotglob" >&2
exit 1
}
# move the existing dir so that we can copy the files back in after (just in
# case files were created in anticipation); also copy over existing .enc dir
# contents, having .enc-data contents take precedence
[ -e "$encdatadir" ] && {
mv -v "$encdatadir" "$encdatadirtmp" \
&& cp -rnv "$encdir"/* "$encdatadirtmp/" \
&& mkdir -v "$encdatadir" \
|| exit $?
}
# proceed (the nonempty options ignores the fact that ~/.enc---out mount
# point---is likely not empty)
echo "creating $encdatadir -> $encdir..."
encfs "$encdatadir" "$encdir" -ononempty \
|| {
err=$?
echo "fatal: failed!" >&2
exit $err
}
# this file will be copied into the encrypted dir and is an easy mount check
# for scripts
touch "$encdatadirtmp/.available"
# mark as complete (yes, we intend to put this directly into the encrypted
# data dir)
date +%s > "$encdatadir/$readyfile"
# copy previous data into the newly mounted and decrypted directory
mv -v "$encdatadirtmp"/* "$encdir/" \
&& find "$encdatadirtmp" -type f -exec shred -fuvz {} \; \
&& rm -rfv "$encdatadirtmp" \
|| {
err=$?
echo "fatal: $encdatadir created, but data copy failed" >&2
echo "fatal: please copy $encdatadirtmp/* manually" >&2
echo "fatal: and then shred its contents" >&2
}
echo Setup complete.

70
desktop-bin/resec 100755
View File

@ -0,0 +1,70 @@
#!/bin/bash
#
# Forcefully unmount ~/.enc and run any hooks
#
# Copyright (C) 2013 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This script mercilessly unmounts ~/.enc by killing any processes that are
# using files within it, running hooks both before and after. The preunmount
# hook has the chance to abort or delay the operation (delay by re-invoking
# this script).
#
# Run this as root to be certain that unmount will succeed.
##
encpath="$HOME/.enc"
avail="$encpath/.available"
preunmount="$encpath/.preunmount"
postunmount="$encpath/.postunmount"
# if not mounted, then abort
[ -e "$avail" ] || exit
# execute pre-mount script to allow system-specific preparation
[ -x "$preunmount" ] && {
"$preunmount" || {
err=$?
echo "fatal: $preunmount failed!" >&2
exit $err
}
}
# kill anything using this process, attempting to do so gracefully first by
# giving them some time to handle SIGTERM, after which we force any
# remaining processes to terminate
s=5
fuser -Mm "$encpath" -k -TERM \
&& echo "Waiting $s seconds for above processes to terminate (SIGTERM)..." \
&& sleep "$s" \
&& echo "Terminating any remaining processes (SIGKILL)..." \
&& fuser -Mm "$encpath" -k -KILL
# now that no processes are using the directory, unmount
fusermount -u "$encpath" \
&& {
[ ! -x "$postunmount" ] || "$postunmount" || {
err=$?
echo "warning: unmounted, but $postunmount failed!"
exit $err
}
} \
|| {
err=$?
echo "fatal: umount failed!"
exit $?
}
echo "$encpath unmounted."

59
desktop-bin/unsec 100755
View File

@ -0,0 +1,59 @@
#!/bin/bash
#
# Decrypt ~/.enc and run any hooks
#
# Copyright (C) 2013 Mike Gerwitz
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# Prompts to decrypt the encrypted directory after first running a premount
# script. Should the script succeed, mounting proceeds, after which a
# postmount script is run. In the event that the latter fails, the mount
# point will remain mounted, so any abort operations must occur in premount.
##
avail="$HOME/.enc/.available"
premount="$HOME/.enc/.premount"
postmount="$HOME/.enc/.postmount"
# enc-setup creates .available within the encrypted directory; if it's
# available, then ~/.enc-data is already mounted
[ -e "$avail" ] && exit
# execute pre-mount script to allow system-specific preparation (note that
# this premount script exists within the mount point, meaning it'll be
# hidden as soon as the mount succeeds)
[ -x "$premount" ] && {
"$premount" || {
err=$?
echo "fatal: $premount failed!" >&2
exit $err
}
}
# mount the directory understanding that ~/.enc is very likely non-empty (to
# provide ``secured'' defaults
encfs ~/.enc-data ~/.enc -ononempty \
&& {
[ ! -x "$postmount" ] || "$postmount" || {
err=$?
echo "warning: mounted, but $postmount failed!"
exit $err
}
} \
|| {
err=$?
echo "fatal: mount failed"
exit $err
}