# This file generated by command: gentballs gen ********************************** ********************************** geekutils/rollyourownca ********************************** ********************************** Overview -------- We want to have a Certification Auhtority. Our purpose is to sign certificates for: 1- https web page(s) in the ogopogo.biz domain. 2- https client certificates for authentication and access control to web pages in the ogopogo.biz domain. 3- certificates for sw integrity assurance. 4- smime certificates for signing/encrypting email. We are going to need to set up an ssl web page which contains: ca root certificate. ca root revocation list. ca operator revocation list. ca operator intermediate certificate. public keys corresponding to sw signing certificate. The reason why we create both root and intermediate CAs is because we want to be able to revoke the ca operator if it ever gets compromised. We will use the root exclusively to sign intermediate ca requests, and keep that entire process OFFLINE. I've experimented with tinyca and xca. Both seem adequate. For the time being I'm going to run with tinyca. To install this package ----------------------- sudo python setup.py install To install pre-requisites this needs to run ------------------------------------------- installbin/prerequisites (requires ubprerequisites installed first) to uninstall this package ------------------------- sudo rollyourownca_uninstall -h For more informations --------------------- doc/*.txt ********************************** ********************************** geekutils/ubprerequisites ********************************** ********************************** Overview -------- The idea of this package is to supply script snippets to be used to configure ubuntu desktops with prerequisite software required in certain circumstances. It is intended that other geekutil packages invoke the scripts supplied here as and when required, for instance in a package script called prerequisites. favourites --- Install ubuntu packages: emacs, keepassx, ttyrec minimal --- Install ubuntu packages: p7zip, ssh server, git, sharutils fundamental --- Install ubuntu packages: emacs, p7zip, ssh server, git, keepassx, s3cmd, ttyrec, sharutils pip --- Install underlying packages to use python pip installer processcontrol --- Install supervisor package which controls automatic launching of other processes. lightweb --- Installs lighttpd and lightpd docs, replaces the title in the default page with the given instance name and creates a cgi-bin link in /var/www to the ubuntu standard cgi-bin location. Use: 'lightweb ' To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo ubprerequisites_uninstall -h for more info see doc/*.txt ********************************** ********************************** geekutils/setupfw ********************************** ********************************** Overview -------- This is a collection of iptables firewall rule adjustment commands encapsulated to avoid needing to relearn the details each time a device or service needs to be configured on a ubuntu host. Encapsulates setting up the firewall discussed in article: 'https://wiki.archlinux.org/index.php/Simple_Stateful_Firewall' To install this package ----------------------- sudo python setup.py install To install pre-requisites that setupfw depends on to run. --------------------------------------------------------- (requires ubprerequisites installed first) installbin/prerequisites Command line help on our firewall utility ----------------------------------------- setupfw --help to uninstall this package ------------------------- sudo setupfw_uninstall -h useful example install script that uses setupfw: ================================================ Save rules, make firewall suitable for relay client with avahi -------------------------------------------------------------- installbin/save_and_setup mdnstcp mdnsudp Save rules, make firewall suitable for relay client --------------------------------------------------- installbin/save_and_setup none Save rules, make firewall suitable for relay server --------------------------------------------------- installbin/save_and_setup anyssh anyhttp anyhttps anyrelayrange Save rules, make firewall suitable for ssh server only ------------------------------------------------------ installbin/save_and_setup anyssh WARNING ======= 1- Even once the package has been uninstalled the system will continue booting to the current firewall rules until you 'apt-get remove iptables-persistent' 2- Running setupfw from a remote host can conceivably bring down your connection, terminate your session and leave you unable to recover remotely, even with reboot. USE 'screen' to assure your actions run to completion despite a potential drop in connection. AVOID changing rules and running 'setupfw --persist' in a single batch script. In between 'reset' and 'persist' disconnect and reconnect to make sure you can get through the firewall before making it persistent. This will leave the reboot recourse in the event of a problem. extra hardening scripts installed unrelated to iptables firewall ================================================================ Patch /etc/sysctl.conf to disable IPV6 -------------------------------------- /usr/lib/setupfw/blockIPv6 apply (good unless you need IPv6) Patch /etc/ssh/sshd_config to only allow connections using keys --------------------------------------------------------------- /usr/lib/setupfw/only_key_sshd apply (good in most cases) Patch /etc/ssh/sshd_config to only allow connections from localhost ------------------------------------------------------------------- /usr/lib/setupfw/only_local_sshd apply (when all incoming ssh traffic is via reverse channel) SYNOPSIS useful for a DEDICATED SSH SERVER such as the JOBBER SERVER Steps to configuring a server to only act as an ssh server ---------------------------------------------------------- sudo python setup.py install installbin/prerequisites install installbin/save_and_setup anyssh # disconnect and reconnect to make sure you can get in before making fw persistent sudo -E /usr/local/bin/setupfw --persist /usr/lib/setupfw/only_key_sshd apply ********************************** ********************************** geekutils/tunnelserver ********************************** ********************************** Overview -------- I manage quite a few ubuntu based hosts. To troubleshoot I need occasional remote access to them. The problem is that many of these hosts are behind NAT routers. Rather than attempt to control all the NAT router configurations to relay incoming ssh calls to the hosts I prefer to configure the hosts to bring up reverse ssh tunnels when they boot up. That way NAT routers only need to be configured to allow outgoing ssh connections to the internet (typically the default configuration). The plumbing required to enable this is a relay server in the internet cloud to which client hosts can connect reverse tunnels at boot time. Each client host must use a distinct unique port number for it's reverse channel. After bringing up a reverse tunnel all conection requests to a reverse channel's port number on the relay are forwarded to the specified local port on the associated host. Both the relay server host and client hosts should be configured with a fairly tight security barrier. The setupfw packages is available to take care of this need. Since each client host must use a unique port number for its reverse channel port we need a service on the relay host that allocates unique port numbers and reserves them for this purpose. A client host will use this service when first configuring its reverse tunnel to obtain the port number that will be assigned to it from then on. Since it is useful to allow a single client to open multiple reverse tunnels, one for each protocol it wants to serve, the port number allocation service takes a client name and a local port number and returns a relay port number bound to that pair of keys. The purpose of this collection of scripts is to implement the server side functionality of the relay server host, i.e. tunnel server, used to receive reverse channel connections. The client side of the setup is encapsulated in the tunnelclient package. The configuration of the server is performed by a script in the infrastructure package. To install this package ----------------------- sudo python setup.py install To install pre-requisites this needs to run on a server ------------------------------------------------------- installbin/prerequisites requires 'ubprerequisites' installed first. requires 'setupfw' installed first. Note that setupfw is required because 'tunnel_port_bind' imports 'relay_port_range' from 'setupfw' to initialize port assignment values. To fix an inconsistency between our cgi service and lighttpd.conf ----------------------------------------------------------------- installbin/webpatch To harden IP security on the host compatibly with tunnelserver ----------------------------------------------------------- It would be wise to harden your host as the scripts 'only_local_sshd' (for client setup), 'save_and_setup', 'blockIPv6' and 'only_key_sshd' do in the 'setupfw' tarball. For more info see the README.txt of that tarball. To open up the server to incoming connections to relay ports ------------------------------------------------------------ /usr/lib/tunnelserver/gatewayports_sshd To set up tunnelserver package for operation on a server ----------------------------------------------------- the script 'service_accounts_setup' of the 'infrastructure' bundle performs the set up to use this package. It suffices to install this and then use that script in the 'infrastructure' bundle. http functionality using cgi-scripts ------------------------------------ http:///cgi-bin/tunnelserver/tunnel_relay_hello http:///cgi-bin/tunnelserver/tunnel_relay_status e.g http://mamey.ogopogo.biz/cgi-bin/tunnelserver/tunnel_relay_status to uninstall this package ------------------------- sudo tunnelserver_uninstall -h server side scripts ------------------- tunnel_port_bind (used remotely by tunnelclient package) tunnel_status (used remotely by tunnelclient package) cgi-bin/tunnelkit/tunnel_relay_hello test http access to cgi scripts cgi-bin/tunnelkit/tunnel_relay_status http alternative to 'tunnel_helper -t' For more informations --------------------- doc/*.txt ********************************** ********************************** geekutils/tunnelclient ********************************** ********************************** Overview -------- I manage quite a few ubuntu based hosts. To troubleshoot I need occasional remote access to them. The problem is that many of these hosts are behind NAT routers. Rather than attempt to control all the NAT router configurations to relay incoming ssh calls to the hosts I prefer to configure the hosts to bring up reverse ssh tunnels when they boot up. That way NAT routers only need to be configured to allow outgoing ssh connections to the internet (typically the default configuration). The purpose of this collection of scripts is to encapsulate the configuration of these hosts, and the relay host used to receive reverse channel connections. The plumbing required to enable this is a relay server in the internet cloud to which client hosts can connect reverse tunnels at boot time. Each client host must use a distinct unique port number for it's reverse channel. After bringing up a reverse tunnel all conection requests to a reverse channel's port number on the relay are forwarded to the specified local port on the associated host. With this scheme, you can connect to the a given host by submitting connection requests to the relay host using the port number assigned to the target host and supplying the credentials and protocol required by the given client hosts local port. E.G. To connect SSH to the host called 'uchuva' as the user 'sysadmin' via the relay host called 'mamey' (assuming the local port number specified for the reverse tunnel is 22 for ssh): ssh -p sysadmin@mamey.ogopog.biz To copy a file to the home directory of sysadmin on the same host (note uppercase -P for scp): scp -P myfilename sysadmin@mamey.ogopog.biz: Since each client host must use a unique port number for its reverse channel port we also need a service on the relay host that allocates unique port numbers and reserves them for this purpose. A client host will use this service when first configuring its reverse tunnel to obtain the port number that will be assigned to it from then on. In fact it will be useful to allow a single client to open multiple reverse tunnels, one for each protocol it wants to serve so the port number allocation service takes a client name and a local port number and return a port number bound to that pair of keys. The tunnelclient and tunnelserver bundles accomplishes the above described functionality. The infrastructure bundle supplies 'service_accounts_setup' and 'setup_keys' which encapsulate additional server side steps needed to make them work together. The setupfw bundle supplies the firewall configuration useful to harden security of client and server hosts. To install this package ----------------------- sudo python setup.py install To install pre-requisites this needs to run ------------------------------------------- installbin/prerequisites requires 'ubprerequisites' installed first To set up tunnelkit package for operation on a client host using admin tunnel ------------------------------------------------------------------------------- installbin/clientsetup go Administrator should login through the admin tunnel to change the tunnelconfiguration ------------------------------------------------------------------------------------- tunnel_helper -c To harden IP security on the host compatibly with tunnelkit ----------------------------------------------------------- It would be wise to harden your host as the scripts 'only_local_sshd' (for client setup), 'save_and_setup', 'blockIPv6' and 'only_key_sshd' do in the 'setupfw' tarball. For more info see the README.txt of that tarball. to uninstall this package ------------------------- sudo tunnelclient_uninstall -h to install a launcher that will restart the supervisor daemon ------------------------------------------------------------- sudo desktop-file-install desktop/restartsuper.desktop to let a non-sudo user restart supervisor daemon (requires geekparts package) ----------------------------------------------------------------------------- sudo enablesudo -u -c /usr/local/bin/restartsuper client side scripts ------------------- tunnel_getparm (gets values of default parameters from .jsn file) tunnel_helper For interaction with the server side, must be invoked with ssh agent loaded with the appropriate key using ssh-add. See 'tunnel_helper -h' tunnel_ssh Not intended for direct use. Used by supervisor configuration to launch tunnels For more informations --------------------- doc/*.txt ********************************** ********************************** geekutils/infrastructure ********************************** ********************************** Overview -------- Scripts for setting up and maintaining remote instance services available via ssh: awssudopatch (for making sudo require password on instances make sure 'ubuntu' has a password first) gitmakerepo (for creating skeleton git repository) accountparms (for creating server accounts such as gituser, relay and tunneladmin consistently) refresh_keys (for generating/regenerating authorized_keys in those accounts) Scripts for discovering 'cloud' infrastructure information: awsinfo digthem Script for refreshing relay account authorized_keys with pub keys for client hosts which use the service: tunnel_refresh NOTE that tunnel_refresh is deprecated since we are now using ssh_certificates to authenticate these client hosts. We have kept it for backwards compatibility with old client hosts. To install this package ----------------------- sudo python setup.py install To install pre-requisites needed when this package scripts run. --------------------------------------------------------------- installbin/prerequisites To set up the host with accounts to serve as an ssh enabled account that acts as a remote git repository server and relay server. --------------------------------------------------------------------- installbin/service_accounts_setup to uninstall this package ------------------------- sudo infrastructure_uninstall -h note: This will remove the software, but will NOT remove the git repository account (by default gituser) so that any git repositories being served will remain intact and accessible by the usual git push/pull/clone etc.. The same goes for the relay account. to view step by step server configuration instructions ------------------------------------------------------ installbin/config_readme.sh more information ---------------- doc/*.txt ********************************** ********************************** geekutils/geekparts ********************************** ********************************** Overview -------- Collection of reusable modules for use by other projects. datetime_util wraps datetime and timezone functions See 'timezones' utility for example usage. At this writing contains: allzonenames() zinfo(zonename) is_naive(adatetime) serialize_datetime(adatetime) deserialize_datetime(datestring) aware_changetz(adatetime, zonename='UTC') awarenow(zonename='UTC') awaredatetime(*args, **kwargs) # like datetime.datetime, but with extra 'zonename=' argument aware_startup_datetime(zonename='UTC') zone_hierarchy() JSON support for encoding/decoding aware datetime: class DateTimeEncoder(json.JSONEncoder) Encodes __datetime__ pair: (datetime in UTC, timezone it came in) datetime_hook(dct) Decode pair and return datetime in the saved given timezone. In short json support to preserve the aware datetime including timezone across json encode/decode like this: encode: json.dump(objectcontainingawaredatetime, outfile, indent=4, cls=DateTimeEncoder) decpde" objectcontainingawaredatetime = json.load(infile, object_hook=datetime_hook) common simple often handy functions. At this writing contains: maybe_makedir(fullpath) .. makes the directory and any intermediate directories unless they exist. uptime_pair() .. Return a tuple (uptime_seconds, idletime_seconds) uptime_struct() .. Like uptime_pair, as a dict with keys: uphours, upseconds, idlehours, idleseconds uptime_current_seconds().. Seconds of up time in the current up time hour uptime_seconds() .. Total number of seconds of up time uptime_record() .. Human readable and machine readable up time record ec2metadata AWS instance metadata module At this writing contains: ec2metadata(defaultuserdata, defaultipv4=) .. returns a dict containing info about the current instance. logger Supplies functions to allow applications to log to a rotating logfile and/or the display. At this writing contains: init_logger(appname, filename, maxBytes=50000, backupCount=9) .. initializes the logging get_logger() .. gets a handle to the logger which is used to emit log messages e.g. logger = get_logger() log.debug("this is a debug message") squelch_display() ... inhibit all but critical messages from being displayed to stdout unsquelch_display() ... allow all messages including debug to be displayed to stdout shutdown Supplies a function to allow invoking shutdown from within a python program. At this writing contains: shutdown() .. invoke system shutdown e.g. shutdown(args=['-h', 'now'], dryrun=False, verbose=True) .. these are the defaults config Maintain configuration parameters in python (key, value) pair dictionaries stored in .json format files in one or both global and user specific directories such as : '/etc//', '~/./' '.jcfg' files in those directories are loaded and combined into a single namespace. The keys can be accessed using '.' notation. See the 'configsample' program which is installed with this package for example usage. thread_tools: At this writing contains: SignalCatcher(object) class. Use this like this: catcher = SignalCatcher(signal.SIG_TERM, signal.SIG_QUIT, ..., interrupt_syscalls=False) while True: do stuff siglist = catcher.caught_signals() if siglist is not None: for asig in siglist: print("Caught signal: {}".format(asig)) print("Terminating loop") break catcher = catcher.release() # restores signals and lets garbage collector free resources ExcThread(threading.Thread) class. A thread class that enqueues exceptions for the main thread to be able to emit them. helperscripts: configsample .. sample to illustrate config usage myconfig .. displays config parameters enablesudo .. permit a user to run a single priviledged command timezone .. exercises datetime_util module and displays timezone info. To install this package ----------------------- sudo python setup.py install to install software this package depends on to run -------------------------------------------------- installbin/prerequisites install to uninstall this package ------------------------- sudo geekparts_uninstall -h ********************************** ********************************** geekutils/periferaltools ********************************** ********************************** Overview -------- Miscellaneous scripts to interact with periferal devices such as printers scansheets Scans, converts to jpeg and 7zips images from scanners. At this writing only tested on Brother MFC-7360N multi function center Try: scansheets -h To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo periferaltools_uninstall -h NOTE: Before this will work it is necessary to install the brother driver software for the device. Look in the directory: 'brother-mfc7360n' ********************************** ********************************** geekutils/webmaker ********************************** ********************************** Overview -------- makepages This utility generates web pages that use the bootstrap framework of html, jscript, css (see http://getbootstrap.com/). It combines components written in markdown, in html, and in javascript into full pages organized according to page descriptions written in json format files. It implements subcommands: 'init' to initialize a target directory with sample content. 'generate' to compile html from components in the content directory into the output directory. 'rebrand' to replace all branding in the content directory prior to compilation. 'transcode' to transcode mp4 video files in the output directory to both .webm and .ogv format so that we can increase the range of target browsers where the videos will play well. To install this package ----------------------- sudo python setup.py install To install the prerequisites this package needs to run ------------------------------------------------------ installbin/prerequisites install to uninstall this package ------------------------- sudo webmaker_uninstall -h ********************************** ********************************** geekutils/blendanim ********************************** ********************************** Overview -------- PromotionEfx rendering composition module borrowed from the refactor_with_batch project. This module provides the same functionality - interpreting composition files, rendering and encoding animations - as the one integrated into the old refactor_with_batch project, but it is disconnected from the old messaging infrastructure. We've made the following enhancements relative to the old package. -Enabled blender2.6+ and added a substitute script for that version -Added the ability to specify a first and last frame so that we can encode a slice of the full animation. -Added the ability to emit zip files of rendered png frames and or gif frames. -Added the ability to encode a gif animation. -Added the ability to merge an audio channel into to the encoded output. We've made a change to the composition file format. In the old version we maintained encoding parameters in a separate file (encodings) and only referenced the encoding file entry by name in the composition file. Now we embed the encoding parameters directly in the composition file and no longer refer to any encodings file. Note regarding gif colormap: In order to improve compression it is useful to use the same colormap for all gif frames. When we want to use this feature we currently store a .gif image in the composition directory. The image is only used for its colormap, and only when encoding a gif animation using gifsicle. When gif animations are encoded, we first look for an explicit file name in the GIFCOLORMAP config parameter. If it is non null, we use that image's colormap. Otherwize we use the file .gif in the compositions directory, finally failing those two, we use the 'web' colormap. The colormap is usually produced by selecting one of the rendered png frames to convert to gif and copy to the location of the colormap file. To install this package ----------------------- sudo python setup.py install To install the prerequisites this package needs to run ------------------------------------------------------ installbin/prerequisites install to uninstall this package ------------------------- sudo blendanim_uninstall -h ********************************** ********************************** geekutils/gifencoder ********************************** ********************************** Overview -------- Command line tools to combine image sequences into animated gifs. Leverages image magick's convert utility and the gifsicle utility. encode_gif Convert still frames into an animated gif file. Uses 'convert' to combine images into a single gif, sets frame timing and looping. Uses 'gifsicle' to further adjust and compress the animated gif. Note that if the 'lossy' parameter is configured, the installed gifsicle utility must be the one from the giflossy fork of that project. use 'encode_gif setup' to set the parameters you need. use 'encode_gif encode' to encode the animated gif from frames. use 'encode_gif delays' prints a bit of information about delay sequences use 'encode_gif delays -e' prints example information regarding delay sequences use 'encode_gif -h', 'encode_gif setup -h', and 'encode_gif encode -h' for more information. For more information see: README.txt http://www.lcdf.org/gifsicle/ https://github.com/pornel/giflossy https://www.imagemagick.org/script/index.php doc/giflossy.txt delay parameter note ==================== Whatever parameters you have set, you can see the generated command lines without actually invoking them by using the dry run switch: encode_gif encode -d To set your parameters use: encode_gif setup Select delays for sequences of input frames as follows: delay "x" skips the full sequence of steps. delay "NxM" signifies N ticks at M ticks per second delay "N" signifies N ticks at 100 ticks per second. stepsize greater than 1 skips intervening frames. steps indicates the number of frames output for the segment steps of None or 0 runs to the end of inputs For examples use: encode_gif delays -e delay examples: every frame at fastest rate delay 6 stepsize 1 steps every 3rd frame at delay 12 frames per second delay 1x12 stepsize 3 steps every frame at 12 frames per second except a 3 frame chunk at position 50 of frames at 1 frame per second delay 1x12 stepsize 1 steps 50 delay 1x1 stepsize 1 steps 3 delay 1x12 stepsize 1 steps ONLY the frames from 10 to 60 at 12 frames per second delay x stepsize 1 steps 10 delay 1x12 stepsize 1 steps 50 delay x stepsize 1 steps to get and install giflossy fork of the gifsicle project -------------------------------------------------------- installbin/installgiflossy '{installdir}' e.g. installbin/installgiflossy ~/installdir to install prerequisities this package depends on to run --------------------------------------------------------- installbin/prerequisites To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo gifencoder_uninstall -h ********************************** ********************************** geekutils/s3cloud ********************************** ********************************** Overview -------- NOTE: I have not found much use for global data, nor host data referred to in the discussuion below. I've only been using the user data. So perhaps this package should soon be retired. We want to support a group of users on a group of hosts who all need access to cloud data. Think of this data as user state, host state, and world state. Global data of concern to all. Host data only of concern to individual hosts. User data only of concern to individual users on one or more hosts. We install s3cloud services on each host for three scopes. user scope, host scope, and global scope. On every host we configure access to global data shared by all, accessible from every account on the host. On each host we configure access to state specific to the host accessible to every account that has host wide priviledges on the host In each account of each host we configure private access to state specific to a given user. Note the user may have accounts on many hosts with access to that state but at this writing we are going to assume that no effort is made to guard against contention between user's updating the same state from different hosts at the same time. Users should update their private data on one host at a time. So when we install an account on a host, that user account needs access all three scopes. Private access to user scope. System wide access to host scope. World wide access to global scope, more accurately we are speaking of the the world as far as the given cloud is concerned. An individual user needs to be able to access his data from any host. To do so he must login to the host and configure s3cloud to access this data using s3cloudconfig. A single account on a host should be used to configure the global and host scope states and publish their location so other accounts can locate the buckets holding host and global state data. Typically we will start the configuration by setting up that account's access to host and and global state first. Possibly also configuring access to user state for the user with access to that account. A wrinkle we need to provide for is the fact that a given user may actually need access to more than one cloud. For example to maintain cloud wide state for different projects. So we may need to be able to configure more than one (user,host, global) triplet in a single user account. We are going to allow for that by allowing a user to set user, host and global scope parameter files using environment variables. In turn these parameter files contain specific file system locations of the resources: s3 config file, boring file, local bucket directory. This however is a special case, let's call it a multi cloud host. This software is going to assume that there is NO! overlap between scopes, nor between buckets. That is to say no two parameter files should reference the same file bucket, config file or boringfile. Utilites s3cloudconfig creates the parameter files in all three scopes. Initilizes localbucketdir, boringfile and .s3cfg file. The locations of host and parameter files should normally be the hard coded default locations for these. At this writing: /etc/s3cloud/cloud1/global_s3parms.jsn /etc/s3cloud/cloud1/host_s3parms.jsn You can override these default location by exporting environment paramters, for example: export S3CLOUDUSERPARMS='~/s3cloud/cloud2/user_s3parms.jsn' export S3CLOUDHOSTPARMS='/etc/s3cloud/cloud2/host_s3parms.jsn' export S3CLOUDGLOBALPARMS='/etc/s3cloud/cloud2/global_s3parms.jsn' The parameter files contain references to the localbucketdir, boringfile, and .s3cfg file locations. We are adopting the practise of always creating parameter files which reference their own copies of boring and .s3cfg files and their own bucket directories. We will adopt the practise of deleting referenced files and bucket when we delete a parameter file. To install this package ----------------------- sudo python setup.py install To install pre-requisites this needs to run ------------------------------------------- installbin/prerequisites (requires ubprerequisites installed first) To set up s3cloud buckets for operation --------------------------------------- We have 3 example scripts in installbin/ globalcacheinit hostcacheinit usercacheinit First modify the variables CLOUDUSER, CLOUDBUCKET, CLOUDASSETS and CLOUDFILES in each of them to suit your needs. Then invoke them to set up buckets accordingly. to uninstall this package ------------------------- sudo s3cloud_uninstall -h Note that even with the purge option the uninstall leaves orphans in /usr/share/pixmap and in /usr/share/applications. For more informations --------------------- doc/*.txt etc/README.txt ********************************** ********************************** geekutils/workbench ********************************** ********************************** This is not really a geekutils subproject. It is a place to store things I gather and work on before it materializes into a project. Things I don't want to lose but haven't figured out whether and how to wrap it up yet. ********************************** ********************************** geekutils/ssh_certificate ********************************** ********************************** Overview -------- Minimalistic program to help manage the creation of ssh certificate authorities for managing host authentication or client authentication or both. The idea is that when a client attempts to establish an ssh connection to a host. With host authentication the host presents a signed certificate that allows the client to authenticate the host. This avoids the 'unable to establish whether the host is authentic' related of messages. With client authentication we eliminate the need to distribute the individual user public keys to accounts on hosts so that users can connect to those accounts. Instead the user sends the public key to the CA and the CA makes him a certificate that grants him access. The user just needs to store the certificate the same place as the private key on his system and user ssh-add to load the private key. To install this package ----------------------- sudo python setup.py install installbin/linklocal install to uninstall this package ------------------------- sudo ssh_certificate_uninstall -h installbin/linklocal remove ********************************** ********************************** geekutils/mathdrill ********************************** ********************************** Overview -------- Drilling math questions. To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo mathdrill_uninstall -h ********************************** ********************************** geekutils/drawhead ********************************** ********************************** Overview -------- I'm builing some utilities to draw text into images. To install this package ----------------------- sudo python setup.py install To install pre-requisites that setupfw depends on to run. --------------------------------------------------------- (requires ubprerequisites installed first) installbin/prerequisites to uninstall this package ------------------------- sudo drawhead_uninstall -h ********************************** ********************************** geekutils/termgui ********************************** ********************************** Overview -------- This project is a gui layer for command line programs that can run in a terminal window. To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo termgui_uninstall -h ********************************** ********************************** geekutils/misc_server ********************************** ********************************** Overview -------- Handful of scripts that are handy for figuring out what may be going on on a server. (very rudimentary) To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo misc_server_uninstall -h For more informations --------------------- doc/*.txt ********************************** ********************************** geekutils/gnometweaks ********************************** ********************************** Overview -------- Encapsulation of configuration details necessary to accomplish adjustments I often need to make on ubuntu clients for functionality such as the following: - Interaction between remmina remote desktop client and vino remote desktop server. - Automatically logging in or not on reboot and enabling or disabling a guest user. - Enabling/Disabling touchpad. - Obtaining a list of listening services the computer. To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo gnometweaks_uninstall -h more info and trouble shooting notes ------------------------------------ See doc/spec.txt ********************************** ********************************** geekutils/jobgangsqs ********************************** ********************************** Overview -------- This project supplies the nuts and bolts to harness an AWS AMI image and use it to accomplish CPU intensive jobs using a single instance of the ami as a client instance that breaks down jobs into parallel tasks and launces worker instances to accomplish those tasks. Communication between jobber and workers is via AWSSQS message queue. All inputs to tasks are either in the file system contained within the AMI image or in accessible s3 buckets or in the sqs message queue or any combination of them. All outputs are to s3 buckets. The same AMI is used for the jobber instance and the worker instances it is organized with one or more user accounts, each of which is dedicated to servicing a single user customer. Processing request (currently in the form of mailing-lists are uploaded to the instance playing the jobber role. It converts the input to a job order which breaks down the job into a number of tasks. To launch the job it fills the sqs message queue with task orders. Instances playing the worker role take task orders off the queue and perform them and ship results to s3. Each account on the instance services a single user's jobs. Each user has a different sqs queue and different output buckets. User jobs are processed sequentially. A user's second job must only be launched after the previous job has completed. When a users job is launched, worker instances are spun up which are dedicated to that user's sqs message queue. The worker instances keep running until there are no more tasks in the queue. To install this package ----------------------- sudo python setup.py install To install the prerequisites this package needs to run ------------------------------------------------------ installbin/prerequisites install to uninstall this package ------------------------- sudo jobgangsqs_uninstall -h ********************************** ********************************** geekutils/template ********************************** ********************************** Overview -------- python project startup utility This package consists mainly of the gensetup script which inspects a project subdirectory and generates a tarball of the project including a setup program and an uninstall program. This package is maintained to encourage consistency from one python project to another. It supplies a skeleton tarball in /etc/template which you can extract into an empty source directory. You then create your scripts in the bin/ directory, cgi-scripts in the cgi-bin/ directory, etc data in the etc directory. You modify the overview.txt file in the docs directory to describe an overview of the project and add any additional docs in the doc/ directory. Once you have an initial project, you run gensetup to generate setup.py, MANIFEST.in, bin/_uninstall and generate a source distribution tarball. See gensetup -h. To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo template_uninstall -h ********************************** ********************************** geekutils/dnstweaks ********************************** ********************************** Overview -------- Convenience scripts to manipulate which dns servers a host will use. supersededns ----- supercede dhcp domain name servers. For WIFI connections that obtain their addresses and servers automatically from the dhcp server. This supersedes the dns servers and supplies instead the ones you have selected in the command. However if you choose them manually in the wifi configuration gui they will not be superseded. To install this package ----------------------- sudo python setup.py install To install pre-requisites this needs to run ------------------------------------------- installbin/prerequisites (requires ubprerequisites installed first) to uninstall this package ------------------------- sudo dnstweaks_uninstall -h For more informations --------------------- doc/*.txt ********************************** ********************************** geekutils/misc_client ********************************** ********************************** Overview -------- Miscellaneous client side scripts This packages bundles various scripts which may prove useful on a client or desktop host. To install this package ----------------------- sudo python setup.py install to uninstall this package ------------------------- sudo misc_client_uninstall -h