The_miro
/
Dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Dotfiles/docs/md/utilities.md

174 lines
4.1 KiB
Markdown
Raw Blame History

# Utilities
Miscellaneous scripts and tools that live at the top level or in the `clamav/` directory.
---
## System Update
```bash
bash ~/Dotfiles/update.sh
```
Runs a full system update:
1. `sudo pacman -Syu` — official repos
2. `yay -Syu --answerdiff None --answerclean All --removemake` — AUR packages (no prompts)
For per-package AUR updates with confirmation:
```bash
bash ~/Dotfiles/update-aur-onebyone.sh
```
---
## Package Audit
```bash
bash ~/Dotfiles/setup/audit-packages.sh
```
Audits installed packages — useful for finding orphans or unexpected installations.
---
## Encryption Utilities
Simple OpenSSL wrappers for encrypting/decrypting arbitrary strings. Useful for storing secrets in scripts or config files without plaintext exposure.
### Encrypt
```bash
bash ~/Dotfiles/encrypt.sh "my secret text" "my-passphrase"
# Output: base64-encoded AES-256-CBC ciphertext
```
### Decrypt
```bash
bash ~/Dotfiles/decrypt.sh "<ciphertext>" "my-passphrase"
# Output: original plaintext
```
Both use AES-256-CBC with PBKDF2 key derivation via OpenSSL.
---
## Credential Storage
### Initial Setup
```bash
bash ~/Dotfiles/setup-creds-missing.sh
```
Installs `gnome-keyring` and `seahorse` (GUI manager), then sets git's credential helper to `store`.
### Git Credentials
`git/` contains `.gitconfig` with:
```ini
[user]
name = The_miro
email = amir@abdelbaki.eu
[credential]
helper = store
[init]
defaultBranch = main
[push]
autoSetupRemote = true
```
The `store` helper writes credentials to `~/.git-credentials`. For higher security, `gnome-keyring` intercepts this and stores the credentials in the system keyring instead of plaintext.
---
## Zsh Plugins
```bash
bash ~/Dotfiles/zshplugins.sh
```
Clones (or updates) the two Oh My Zsh community plugins:
- `zsh-syntax-highlighting` — real-time syntax colouring in the prompt
- `zsh-autosuggestions` — fish-style history-based suggestions
These are referenced in `.zshrc` and active after the next shell start.
---
## ClamAV On-Access Scanning
Full real-time antivirus scanning via ClamAV's `clamonacc` daemon.
### Installation
```bash
bash ~/Dotfiles/clamav/install-clam-onaccess.sh
```
What it does:
1. Installs `clamav`
2. Copies `clamd.conf` to `/etc/clamav/`
3. Installs `clamav-clamonacc.service` to `/etc/systemd/system/`
4. Installs the sudoers entry from `clamav-sudoer`
5. Updates virus definitions (`freshclam`)
6. Enables and starts `clamd` + `clamav-clamonacc`
### Key Files
| File | Purpose |
|------|---------|
| `clamav/clamd.conf` | Daemon configuration (30 KB, full options) |
| `clamav/clamav-clamonacc.service` | systemd unit for on-access scanning |
| `clamav/clamav-sudoer` | sudoers rule for ClamAV processes |
| `clamav/virus-event.bash` | Handler executed when a virus is detected |
### Virus Event Handler
`virus-event.bash` is called by clamonacc when a threat is found. Customise it to send notifications, quarantine files, or alert an admin.
---
## Shell Configuration
### `.zshrc`
- **Framework**: Oh My Zsh
- **Theme**: robbyrussell (overridden visually by Starship)
- **Plugins**: syntax-highlighting, autosuggestions
- **Walk integration**: `lk` function opens the `walk` file navigator
- **`WALK_MAIN_COLOR`**: set to `#5018DD` (CyberQueer violet)
- Sources Starship init at the end
### `.bashrc`
Minimal bash config — sets `PS1`, loads `~/.bash_profile` if present.
### Starship Prompt
`starship.toml` at the repo root is deployed to `~/.config/starship.toml`.
Key customisations:
- OS, username, directory, git, language, docker, and time segments
- CyberQueer colours throughout (colour-substitution target)
- Directory abbreviated to 3 levels with `…/` truncation
- Common directory substitutions (`~/Documents` → `📄`, etc.)
---
## Login Manager (ly)
`etc-ly-config.ini` is deployed to `/etc/ly/config.ini` during Hyprland install and kept as a colour-substitution target in `apply-theme.sh`.
ly is a minimal TUI display manager that runs on `tty1`:
```
systemctl enable ly@tty1
```
Session selection, auto-login, and timeout settings are all in the config.
Reference in New Issue View Git Blame Copy Permalink