• 0 Posts
  • 173 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle





  • Here’s one I have saved in my shell aliases.

    nscript() {
        local name="${1:-nscript-$(printf '%s' $(echo "$RANDOM" | md5sum) | cut -c 1-10)}"
        echo -e "#!/usr/bin/env bash\n#set -Eeuxo pipefail\nset -e" > ./"$name".sh && chmod +x ./"$name".sh && hx ./"$name".sh
    }
    alias nsh='nscript'
    

    Admittedly much more complicated than necessary, but it’s pretty full featured. first line constructs a filename for the new script from a generated 10 character random hash and prepends “nscript” and a user provided name.

    The second line writes out the shebang and a few oft used bash flags, makes the file executable and opens in in my editor (Helix in my case).

    The third line is just a shortened alias for the function.




  • How does the xz incident impacts the average user ?

    It doesn’t.

    Average person:

    • not running Debian sid, Fedora nightly, Arch, OpenSUSE Tumbleweed, or tbh any flavour of Linux. (Arch reportedly unafffected)
    • ssh service not exposed publicly

    The malicious code was discovered within a day or two a month of upload iirc and presumably very few people were affected by this. There’s more to it but it’s technical and not directly relevant to your question.

    For the average person it has no practical impact. For those involved with or interested in software supply chain security, it’s a big deal.

    Edit:
    Corrections:

    • OpenSUSE Tumbleweed was affected; Arch received malicious package but due to how it is implemented did not result in compromised SSH service.
    • Affected package was out in the wild for about a month, suggesting many more affected systems before malicious package was discovered and rolled back.


  • Probably not exactly what you’re looking for, but for my personal use I just set up a repo in my git forge (gitea in my case) with a bunch of markdown files in various folders and a Hugo theme.

    Every time I want to update a document I can click the link at the bottom of the “Wiki” page and edit it in Gitea’s WYSIWYG editor. Similar process if I want to make a new document. When I save the changes I have a CI job (native to Gitea/Github) that uses Hugo to build the markdown docs into a full website and sync it to a folder on one of my servers where it’s picked up by a web server.

    Sounds complicated when I type it all out, but the only thing that I can reasonably expect to be a deal breaker is the Hugo software, of which there are archived versions, and even if there wasn’t Hugo’s input is just markdown, so I can repurpose however I see fit.

    You could probably do something similar with other SSG’s or even use Github’s pages feature, though that does add a failure point if/when they decide to sunset or monetize the feature.






  • Even if you need something just once, just install it and then uninstall it, takes like 10 seconds.

    apt install foo && apt remove foo
    

    That’s essentially what nix-shell -p does. Not a special feature of nix, just nix’s way of doing the above.

    Actually using it though is pretty convenient; it disappears on its own when I exit the shell. I used it just the other day with nix-shell -p ventoy to install ventoy onto an ssd, I may not need that program again for years. Just used it with audible-cli to download my library and strip the DRM with ffmpeg. Probably won’t be needing that for a while either.

    The other thing to keep in mind is that since Nix is meant to be declarative, everything goes in a config file, which screams semi-permenant. Having to do that with ventoy and audible-cli would just be pretty inconvenient. That’s why it exists; due to how Nix is, you need a subcommand for temporary one-off operations.