huhuhu_config/tutos/computer.txt

**screen size** pour 2*2: 137*38 / pour 1*1: 68*19 (37 et 18 si barre des menus cachee)
**ctrl c** termine l'action en cours du terminal
**ctrl s** bloque l'affichage du terminal
**ctrl q** rétablit la communication avec le terminal
**ctrl z** stop le travail en cours et le met sur pause
**fg** relance le dernier travail mis sur pause
**mkdir file{1..10}** creer 10 dossiers nommés de file1 à file10
**pwd** print working directory
**xdg-open .** open working directory
**du -sh** directory sizes
**ncdu** (visual version of 'du' command) quick presentation of directories size

**ssh username@ssh.server.domain -p XXXX** se connecter a un serveur via ssh en precisant un port
**sftp -P XXXX username@ssh.server.domain** se connecter a un server ssh avec le protocol ftp
**vim scp://username@ssh.server.domain:XXXX//home/path/to/file** edit a remote file from local vim

**ssh to server :**
	**ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_hugo2lejourdesprofs -C "hugo2lejourdesprofs"** :
	- creates a key of type ed25519 (more secure than rsa),
	- put it in the file ~/.ssh/id_ed25519_name_of_key,
	- and add a comment "name_of_key" (for exemple) -> it will be shown next to the key in the .pub file
	**ssh-copy-id -i ~/.ssh/id_ed25519_huho2planethoster.pub 9x3ph_hugo@9x3ph.ftp.infomaniak.com** :
	- send a copy of the public key to the server,
	- choose which key with -i (otherwise it send them all)
	- name of server ssh connexion (you will have to enter your password)


**install touchegg to allow more touchpad gestures, like pinch-to-zoom**
	- https://github.com/JoseExposito/touchegg
	- then I installed the graphical user interface, and i launch it with :
		**flatpak run com.github.joseexposito.touche**

**having multiples audio in the same time**
	https://askubuntu.com/questions/78174/play-sound-through-two-or-more-outputs-devices
	- launch paprefs (pulse audio preferences)
		- choose 'add virtual output' in 'simultaneous output'
	- restart pulsaudio for the changes to take effect : **pulseaudio -k**
	- launch pavucontrol (pulse audio volume controle)
		- choose the simultaneous output (this will also enable the computer speakers, so you might want to put them at 0)

**open .URL files :**
	https://askubuntu.com/questions/353932/equivalent-of-url-file-on-ubuntu#353952
	- create a file (ex: 'open_url') in /usr/local/bin/ (or another bin directory located in $PATH)
	- in this file :
		```
			#!/usr/bin/bash
			if [ "$1" == "" ] || [ "$1" == "--help" ] ; then
				echo "$(basename "$0") URLFILE - opens a .url file in the default browser"
			else
				sed 's/^BASEURL=/URL=/' "$1" | grep -m 1 '^URL=' | sed 's/^URL=//' | sed 's/\r//' | xargs xdg-open
			fi
		```
	- signification :
		- for the command "open_url file.URL" :
			- **$0**                      : /usr/local/bin/open_url
			- **$(basename "$0")**        : open_url
			- **$1**                      : file.URL
		- the sed command :
			- **grep -m 1** : tells grep to stop searching after the first match
			- **xargs**     : reads items from standard input and executes a command with those items as arguments
	- give execution permission : `chmod +x /usr/local/bin/open_url`
	- tell the file manager to use this script to open .URL files :
		- right click on a .URL file
		- open with other application
		- 'use a custom command' : /usr/local/bin/open_url
		- 'use as default for this kind of file' (or equivalent)
		- open :)


**open .webloc files :**
	- see above 'open .URL files'
	- in the script change the line "sed..." by this :
			grep -m 1 -oP '(?<=<string>).*?(?=<\/string>)' "$1" | xargs xdg-open
	- signification :
		- **-m 1**          : tells grep to stop searching after the first match
		- **-o**            : tells grep to print only the matching portion of the line
		- **-P**            : this option enables Perl-compatible regular expressions, which support lookaheads and lookbehinds
		- **(?<=<string>)** : this is a positive lookbehind that matches the position immediately after <string>.
		- **.*?**           : this matches any character (except for a newline) zero or more times, but as few times as possible.
		- **(?=<\/string>)** : this is a positive lookahead that matches the position immediately before </string>


**pdftotext** transforme un pdf en un fichier texte
**^** designe le debut d'une ligne
* n'importe quel caractere autant de fois que possible
**ls** ** montre tous les dossiers et sous-dossiers recursivement
**chmod 755 fichier** chmod change les droits des fichiers, organisés en : rwxrwxrwx avec pour valeur r=4 w=2 x=1 donc r-w == r + w == 4 + 1 == 5

**zsh**
		**sudo apt-get install zsh**
		**which zsh** donne le chemin d'acces de zsh (/usr/bin/zsh)
		**chsh -s /usr/bin/zsh** change shell (chsh) pour zsh
		(reboot le systeme pour que les changements prennent effet)
		**echo $SHELL** pour voir quel shell est utilisé
		(uncomment **line --DISABLE_AUTO_TITLE="true"--** in ~/.zshrc file pour empecher screen de donner un nom automatique aux sessions)

**sass name.scss name.css** create a css file from a scss file
**sass --watch name.scss:name.css** make the transformations of scss in css file

**'tree' like :**
find | sort | grep -ve "node_modules/" -e ".git/" | sed 's#[^/]*/#|__ #g;s#__ |#   |#g;s#|   #    #g;s#\(node_modules\|.git[ignore]*\)#\1 ...#;$a\ '

**format usb**
	**sudo fdisk -l** list all disks - find yours (something like /dev/sdx)
	**sudo fdisk /dev/sdx** enter in fdisk program
		**p** print the partions
		**o** create an empty dos table
		**n** add a new partition
			**p** primary
			**1** partition number 1
			**enter** default first selector
			**+1G** for 1Gb size or *enter* for default
		**a** toogle the flag *bootable*
		**n** again if you want more partitions
		**w** write and quit




**touchscreen :**
	**xinput --list** list all input
	**xinput disable 12** disable the input 12, touchscreen for Lenovo-FLEX-3-1120
	**load to start :** add "xinput disable 12" in application autostart
	ADD FORMULA TO FIND 12

**appimage :**
	- **chmod +x <name>.appimage** make it executable
	- create name for execution command :
		- create an symlink in a bin location :
			- /usr/bin if application is installed by systeme app manager (not the case for appimages)
			- /usr/sbin if need sudo to execute
			- /usr/local/bin or /usr/local/sbin if installed manually by user
			- ~/.local/bin is accessible only for this user (PREFFERED LOCATION)
		- make sure "~/.local/bin" is in $PATH
		- **ln -s /absolut/path/to/program.appImage ~/.local/bin/<name>** 
	.desktop file :
		- in    : /usr/share/applications/<name>.desktop
		- or in : ~/.local/share/applications/<name>.desktop
		- **locate "*<name>*desktop"** : to locate if the .desktop file already exist
		- min content :
			[Desktop Entry]
			Exec=<program name> (if symlink created, otherwise path to the appimage file)
			Name=<name>
			Type=Application
	**( cd /usr/share/applications && chmod 644 <name>.desktop )** maybe change permissions

**applications :**
	**ln -s /path/to/executable ~/.local/bin/**
	add /usr/share/applications/<name>.desktop as explained above for appimages
	**maybe, example with firefox :**
    Download Firefox
    Got to the Download folder in your terminal:
		**cd ~/Downloads**
    Extract the archive:
		**tar xjf firefox-*.tar.bz2**
    Move the Firefox files to /opt:
		**mv firefox /opt**
    Create a symlink to the Firefox binary:
		**ln -s /opt/firefox/firefox /usr/local/bin/firefox**
    Download a desktop file:
		**wget https://raw.githubusercontent.com/mozilla/sumo-kb/main/install-firefox-linux/firefox.desktop -P /usr/local/share/applications**
    Remove the snap version of Firefox:
		**sudo snap remove firefox**
    Launch the new Firefox by running this command in a terminal:
		**/usr/local/bin/firefox**
    Go to Dock -> right click on Firefox -> Add to Favorites -> Move it to the top


**firefox extension source code :**
	**right click on install** and select "copy link"
	**curl -L <link> > /tmp/myextension.xpi** download the extension with curl inside a tmp file
	**unzip /tmp/myextension.xpi -d /tmp/myextension** unzip the content
	enjoy reading it ;)

**enable accents on ubuntu :**
	**compose key = right alt** change in keyboard > layout > compose key
		**sudo apt install gnome-tweaks** maybe install tweak to change compose key
	**r-alt ' e** é
	**r-alt ` e** è
	**alternatively :** https://askubuntu.com/questions/1028957/how-to-set-a-compose-key-in-ubuntu-18-04
			**man xkeyboard-config** look for the compose options (shortcut: enter /compose:). You will find
				compose:ralt          Right Alt                  
				compose:lwin          Left Win                   
				compose:lwin-altgr    3rd level of Left Win      
				compose:rwin          Right Win                  
				compose:rwin-altgr    3rd level of Right Win     
				compose:menu          Menu                       
				compose:menu-altgr    3rd level of Menu          
				compose:lctrl         Left Ctrl                  
				compose:lctrl-altgr   3rd level of Left Ctrl     
				compose:rctrl         Right Ctrl                 
				compose:rctrl-altgr   3rd level of Right Ctrl    
				compose:caps          Caps Lock                  
				compose:caps-altgr    3rd level of Caps Lock     
				compose:102           <Less/Greater>             
				compose:102-altgr     3rd level of <Less/Greater>
				compose:paus          Pause                      
				compose:prsc          PrtSc                      
				compose:sclk          Scroll Lock                
			**setxkbmap -option compose:paus** let us say you want to pick Pause as the compose key. Just issue
			**XKBOPTIONS="terminate:ctrl_alt_bksp,compose:paus"** to make it reboot-persistent,
																												edit /etc/default/keyboard
																												if you had other options already,
																												separate them with commas

**connect to planet hoster with ssh :**
	ssh hugugtzx@world-370.fr.planethoster.net -p 5022
	**to enable vi :** `export TERM=xterm`
	**locked files on nextcloud :** https://help.nextcloud.com/t/file-is-locked-how-to-unlock/1883
		**vi nextcloud.hugulumu.fr/nextcloud/config/config.php** : change maintenance mode to true
		**mysql -u hugugtzx_next645 -p** : the db username and password are in the config.php file of previous step
		**(SHOW DATABASES;)**
		**USE hugugtzx_next645;**
		**(SHOW TABLES;)**
		**DELETE FROM oc_file_locks WHERE 1;**
		**vi nextcloud.hugulumu.fr/nextcloud/config/config.php** : change maintenance mode back to false

**youtube-dl for france.tv :**
	https://github.com/ytdl-org/youtube-dl/issues/29956#issuecomment-1013345689

**remap keyboard keys :**
	/* FOR ONE SESSION */
	**xev** open a program that gives informations about key events, like keycode
	**xmodmap -pk | grep <keycode>** to find the name of the key, like Return
	**xmodmap -e "keycode <keycode> = <name>"** ex: `xmodmap -e "keycode 62 = Return"`
	/* OR FOREVER */
	**sudo cp /usr/share/X11/xkb/symbols/pc /usr/share/X11/xkb/symbols/pc.bak** save the file
	**sudo vim /usr/share/X11/xkb/symbols/pc** modify the file

**settings of firefox extension MultiTranslate :**
	iframe {
		/*min-width: 720px;*/
		min-height: 600px;
		border: none;
		margin-top: -160px;
	}
	iframe ~ * {
		display: none !important;
	}

**open default sites with firefox :**
	https://askubuntu.com/questions/79305/how-do-i-change-my-default-browser
	**sudo update-alternatives --config x-www-browser**
	**sudo update-alternatives --config gnome-www-browser**

**change dns :**
	https://learnubuntu.com/change-dns-server/
	so far i just changed in /etc/resolv.conf

**format usb :**
	- list disk :
		**df -h** mounted partitions, or
		**lsblk** or
		**sudo fdisk -l** for more informations
	- unmount partitions :
	**sudo umount /dev/sdb1** unmount usb, replace /dev/sdb1 with name of your usb
	- if necessary, erase all memory :
	**sudo dd if=/dev/zero of=/dev/sdb bs=4k status=progress && sync** sync to flush the cache
	- if necessary, erase all partitions or create new ones :
	**sudo fdisk /dev/sdb**
		> Command (m for help): **o** for creating an empty partition table
		> Command (m for help): **n** for creating a new one
			> Select (default p): **<enter>** to select default p
			> Partition number (default 1): **<enter>** to create a partition number 1
			> First sector (default 2048): **<enter>** to start partition at begining
			> Last sector (default xxxxxxxx): **<enter>** to give partition full size
		> Command (m for help): **w** to write the changes (before that, nothing was really made)
	- format partitions (re list before) :
	**sudo mkfs -t vfat -n "<name>" /dev/sdb1** to format in fat32 (vfat) (MaKe FileSystem)


**list of automatic settings :**
	- install screen, omyzsh, keepassxc, curl, make, firefox, signal, gnome-tweaks, ffmpeg, yt-dlp, element
	- install or configure to avoid screen blue light
	- install nextcloud client (apt ? or appimage ? appimage need fuse : https://github.com/AppImage/AppImageKit/wiki/FUSE), and launch at startup
	- install these settings (connection with bitbucket ? ssh ? https ?)
	- configure cursor speed, click with touch
	- change dns
	- configure firefox :
		- default browser
		- duckduckgo default search
		- addons :
			- keepassxc
			- i dont care about cookies
			- auto tab discard
				- settings > barre d'outils action click gauche > desactiver tous les autres onglets
			- ublock origin
			- deepl/multitranslate
			- youtube speed control, by toxblh
		- download file
		- password settings
		- setting ctrl-tab to switch to last used tabs
	- configure desktop bar with infos and stats
	- configure git global email and name

**todo !**
	- re-add code to move cursor on wrap text in vimrc
	- add vimrc, zshrc, and screenrc in default screen windows

**ecowan server :**
	- list user : **cat /etc/passwd**
	- change users passwd :
		- **sudo passwd <username>**
		- first go on root with **su**
		- then change default user passwd **passwd <username>**
		- be carreful that if you made a mistake in the passwd you will not be abble to connect to the server again !
		- so open a new terminal window without closing this one, and try to connect with new passwd
		- and now you can change root passwd too
	- install some packages :
		- **su**
		- **apt install sudo vim git wget curl htop**
	- allow connection with ssh key :
		- runn this in local : **ssh-copy-id username@server_ip**
		- then change ssh configuration file `/etc/ssh/sshd_config` :
			- set **PubkeyAuthentication yes** to allow public key authentication
			- set **PasswordAuthentication no** to disable password-based authentication
			- set **ChallengeResponseAuthentication no** to disable any keyboard-interactive authentication
			- restart ssh with **sudo service ssh restart**
	- add user to the sudo group so it can use sudo :
		- **sudo usermod -aG sudo <username>**
		- then restart the ssh session by exiting ang logging again
		- did not add it to the sudoers file (`visudo` then add line `huho ALL=(ALL) ALL`)
	- fixed **perl: warning: Setting locale failed** :
		- https://stackoverflow.com/questions/2499794/how-to-fix-a-locale-setting-warning-from-perl
		- **sudo locale-gen**
		- **sudo dpkg-reconfigure locales**
			- then choose with SPACE BAR en_US.UTF-8 and fr_FR.UTF-8
	- changed debian10 to debian11 :
	  - https://forum.yunohost.org/t/install-yuno-on-debian-10-13-my-hoster-does-not-support-debian-11-bullseye/23147/2
		- which debian : **lsb_release -a**
		- run :
			- **sudo apt update**
			- **sudo apt upgrade**
			- **sudo apt full-upgrade**
		- then change /etc/apt/sources.list file :
		  - replace each instance of `stretch` with `buster`
			- replace each instance of `buster/updates` with `bullseye-security`
		- then again :
			- **sudo apt update**
			- **sudo apt upgrade**
			- **sudo apt full-upgrade**
		- **sudo systemctl reboot**
		- **sudo apt autoremove**
	- prevent loosing definitively ssh connection : https://www.reddit.com/r/servers/comments/17mtlxf/how_to_set_up_a_backup_connection_to_a_server_if/
	- use IPMI to access server without ssh :
		- need public ip address : **curl ifconfig.me**
		- need install java : **default-jdk**
		- need install javaws : **icedtea-netx**
		- run viewer.jnlp(...) file with **ajaws file** or by double clicking
		- need to change /etc/java-11-openjdk/security/java.security file by commenting SHA1 denyafter lines
			- https://unix.stackexchange.com/questions/143805/running-unsigned-javaws-code
			- not line 634 "SHA1 usage SignedJAR & denyAfter 2019-01-01, \"
			- but line 700 "#SHA1 denyAfter 2019-01-01, \"
	- create git project (having a local git project and beeing abble to push to a remote repo) :
		- on remote :
			- **mkdir my_project.git** ".git" is a convention for git "bare" repository
			- **cd my_project.git**
			- **git init --bare** : create a bare repository (it's a repo without any content, just the commits)
			- **cd hooks** : navigate to the hook folder
			- **touch post-receive** : create a post-receive file
			- **chmod +x post-receive** : make it executable
			- inside "post-receive" file :
				- https://stackoverflow.com/questions/7351551/writing-a-git-post-receive-hook-to-deal-with-a-specific-branch#answer-13057643
				- create a hook that will add a worktree, which is a folder with the content of the git repo :
						#!/bin/bash
						TARGET="/path/to/your/destination/folder"
						GIT_DIR="/path/to/your/bare/git/repository"
						git --work-tree=$TARGET --git-dir=$GIT_DIR checkout -f
		- on local :
			- **git remote add deploy ssh://user@host:1234/path/to/bare_repo.git** : https://stackoverflow.com/questions/3596260/git-remote-add-with-other-ssh-port#answer-3596272
			- 1234 is the port, not needed if 22
		- on remote, inside the bare.git folder, you can change the branches :
			- **git branch -a** : show the branches
			- **git --work-tree=/path/to/worktree checkout <name>** : change the branch on the worktree
			- if the worktree is a website, it's now the new branch that is being showed

	- disable user shell access with **sudo usermod --shell /sbin/nologin <username>**
		- https://unix.stackexchange.com/questions/10852/whats-the-difference-between-sbin-nologin-and-bin-false#10867
		- its possible to re-enable it with **sudo usermod --shell /bin/bash <userrname>** 
		- to see the shell of a user : **grep <username> /etc/passwd**

	- auditd :
		- added rule **sudo auditctl -w /home/huho -p r -k huho_folder_access**
		- **sudo systemctl restart auditd**
		- **sudo ausearch -i -f /home/huho**
		- **sudo ausearch --start 18/10/2023 14:05 -i -f /home/huho**

	- todo :
		- monitoring software (Nagios, Zabbix, Prometheus)
		- ids (intrusion detection system) (Snort, Suricata)
		- siem (security information and event management) (Splunk, ELK Stack, Graylog)
		- remote logging
		- firewall

	- **ipmi / idrac6 : connect to the server as if **
		- connect to ipmi (enter the ip adress of the internet connection, not the one of the server)
		- in the idrac interface, go to the console and click on 'launch virtual console'
			-> it will download a viewer.jnlp file
		- open this file with java :
			- you can use a python script that does the jobs well
				- the script can be found here : **https://gist.github.com/TheJJ/2394cd76d3e2c34d02e3da1bd3e489b2?ref=blockdev.io**
				- I added it to this config folder
			- or you can try to open this file with java (last time I didn't succeed)
				- install java 8 (it might works better with idrac6) : **sudo apt-get install openjdk-8-jre**
				- install javaws : **sudo apt install icedtea-netx**
				- run **javaws viewer.jnlp(blablabla)**
				- i also needed to change the security file otherwise it wouldn't open the files because 'jar are not signed' :
					- either do it manually : in **/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security**, change lines:
						- **jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024...** to remove 'md5'
						- **jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024...**
					- alternatively you can have a local override, see **https://gist.github.com/xbb/4fd651c2493ad9284dbcb827dc8886d6**
						- this is a tutorial, it uses a local java engine (jre) just installed in the folder, and/or a local file to override the security settings
				- also, if needed to modify the java control panel, open it with : **/usr/bin/itweb-settings**