for how i use software or recommendations, go to /uses

this just evolved over the years of being tired of trying to search for things again and again

always reference the arch wiki for good background info on stuff

use at your own risk!

if any of this is copypasta and i forgot where it came from, let me know so i can either credit it or delete it (no copyright infringement intended!!)

fedora vps installs (dnf based)

add public ssh key to remote machine after using ssh to login:

echo 'public-key-text' > ~/.ssh/authorized_keys

then exit

ssh back into the machine to test the key

once we verify that the key works, we gotta turn off access to the account via password

to do this,

sudo vi /etc/ssh/sshd_config.d/01-local.conf

and add

PasswordAuthentication no

save and quit

refresh sshd with

systemctl reload sshd

now only someone with ssh-keys can gain ssh access!

next we need to secure the remote system:

sudo dnf install firewalld fail2ban dnf-automatic -y

activate the firewall (on fedora-cloud)

sudo systemctl unmask firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo systemctl status firewalld

enable fail2ban

sudo systemctl enable fail2ban
sudo systemctl start fail2ban
sudo systemctl status fail2ban

activate automatic updates (without reboot since this is a server)

first create the config file:

sudo vi /etc/dnf/automatic.conf

then paste

[commands]
apply_updates=True

[emitters]
emit_via=motd

save and quit

then enable it:

sudo systemctl enable --now dnf-automatic.timer

and check it:

sudo systemctl status dnf-automatic.timer

reboot

installing a new fedora workstation (this section a work-in-progress)

check to encrypt your data in the installer!

enable 3rd party repos

once installed and booted, open a terminal and:

sudo dnf update

apply updates, reboot

install Homebrew per their site: https://brew.sh/

follow the directions at the end of the installer to make sure it is your $PATH

brew install hugo yewtube yt-dlp age hyfetch btop pandoc vim 

then from DNF

sudo dnf install google-chrome-stable gimp calibre kdenlive lyx darktable vlc mpv

convert videos to gif

one-liner from this website

note that the -ss option cuts the video from the second -to the specified second: in the example below, it creates a 5 second gif from the 3rd second to the 8th second

just remove -ss 3 -to 8 to convert the whole video

ffmpeg -ss 3 -to 8 -i input.mp4 -filter_complex "fps=10,scale=360:-1[s]; [s]split[a][b]; [a]palettegen[palette]; [b][palette]paletteuse" output.gif

u could also play with the fps and width

Compress mp4s to take up less space

for file in *.mp4 ; do ffmpeg -i "${file}" -vcodec libx264 -crf 32 "converted/${file}" ; done

You can also change the -crf value to be lower to have better quality or compress to libx265 if supported (there can be weird licenseing issues depending on the system)

Remove spaces and replace with underscore and switch case to all lowercase

for f in *\ *; do mv "$f" "${f// /_}"; done && prename 'y/A-Z/a-z/' *

Convert video to jpegs:

ffmpeg -i *.mp4 -vf fps=1 out%d.jpg

Resize jpgs by making them half size (saves aspect):

mogrify -verbose -resize 50% *.jpg

Convert jpegs to GIF:

magick -verbose -delay 200 -loop 0 *.jpg animatedGIF.gif

Take a bunch of jpgs sorted into folder (gif1/, gif2/, etc.), go into each subfolder, shrink the jpgs, assemble a gif of the jpgs and do the same thing in each subfolder:

find . -maxdepth 1 -type d \( ! -name . \) -exec bash -c "cd '{}' && mogrify -verbose -resize 50% *.jpg && magick -verbose -delay 200 -loop 0 *.jpg animatedGIF.gif" \;

Quick HTTP server:

python3 -m http.server

Quick archival backups:

rsync -aVP local-folder/ yyyy_mm_dd/

SSH setup with Yubikey and Github

Go to https://github.com/settings/emails and find the email address that Github provides.

Setup git on your local machine:

cat >> .gitconfig

And paste:

[user]
	name = [username]
	email = [github email]
[init]
	defaultBranch = main

Retrieve the key from your Yuibkey and put it into the .ssh directory:

mkdir .ssh && cd .ssh && ssh-keygen -K

then you’ll need to rename them for it to work

mv id_ed25519_sk_rk.pub id_ed25519_sk.pub

mv id_ed25519_sk_rk id_ed25519_sk

How to make toolbox apps run like normal apps in Fedora

Enter the toolbox and copy the .desktop file from /usr/share/applications to ~/.local/share/applications. Then edit the .desktop file and change the Exec lines to prefix the start command with 'toolbox run -c <container name>'.

You may also want to copy the application icon from the toolbox to somewhere in your home as well and reference it in the local .desktop file.

Securely wipe a hard drive (HDD) before giving away, throwing away, etc.

NOTE: THIS ONLY APPLIES TO HARD DRIVES AND NOT SOLID STATE DRIVES

WARNING THAT THIS WILL ERASE ALL DATA ON A DRIVE AND BE CAREFUL TO SELECT THE CORRECT DRIVE BEFORE USING THIS COMMAND!!! IT WILL NOT ASK YOU TO CONFIRM!

1. First become root by sudo -i
2. Then look at what disks are available with fdisk -l
3. Next, find the drive which will be labeled /dev/sd(x) (where x will be a value like a, b, c, etc.)
4. Under the drive, find the value of the physical sector size (this is the block size, which will be refered to as (bs) in the example below)
5. To erase, dd if=/dev/zero of=/dev/sd(x) bs=(bs) status=progress
6. It will complain that there is no space left which means it is done (when it finishes it will return control of the terminal to you)
7. The drive has been filled with all zeros!

Securely Wipe a Solid State Drive (SSD)

Normal erasing of data SSDs or formatting will still leave data on the drive. So you have to use the ATA Secure erase commands with hdparm or nvme. Also, the drive should be connected via SATA and not over USB. You can’t securely erase USB flash drives either. This is why it’s important to always encrypt personal data on devices that are flash memory based. Wiping the encryption keys will erase the disk.

Create a journal

This system is designed to be a bare-bones command-line journal with the least amount of dependencies.

Assumptions

• You have access to a bash shell and common linux utilities
• You plan to journal once daily, not creating new entries for each exact time you want to journal
• You use your editor of choice to display things like word count and provide spell-check if wanted

Structure

Here is what the structure looks like:

journal
├── 2025
│   ├── 2025-05-01.md
│   └── 2025-10-06.md
└── past
    ├── 2023
    │   ├── 2023-04-01.md
    │   └── 2023-08-10.md
    └── 2024
        ├── 2024-06-01.md
        └── 2024-11-25.md

5 directories, 6 files

To make it:

1. Open your terminal
2. cd to where you want the structure to be (this is assuming that you are in the root of your home folder: ~/)
3. Create the folders: mkdir journal journal/"$(date +%Y)" journal/past (this will create a folder with the current year inside journal)

Usage

Add the following to your .bashrc (here, I’m using vim but you can use whatever editor you want. Try nano for a simple editor, or if not included you could use vi.):

alias daily="vim ~/journal/"$(date +%Y)"/"$(date --iso-8601)".md"

Refresh the shell:

bash

Create a new journal entry by:

daily

Finish writing, save and exit, and you’re done!

If it’s the same day and you want to write more, simply invoke daily and you’ll be back to the same document.

Today was @great! I got a great @workout by running down the trail today.

Note that we use @ to create tags. This allows us to easily search for content based upon the subject we are writing about. We use @ instead of # because there can be problems depending on how we want to use grep to show our tags because markdown uses the # as markup for a header.

Search

We can use grep to search for everything and anything in our journal, including using our @ tagging system:

grep -iR "text" --color=always -C5 | less -R

What is this doing?

The -i switch allows us to search without concern for case-sensitivity.

The -R switch searches recursively (down through sub-directories).

After that is our search term in quotes.

The –color=always switch will use color highlighting (of course, this optional).

The -C5 (note the capitalization of the C), gives us context around the grepped section of 5 lines above and 5 lines below the search.

The | (called a “pipe”) takes the output of grep and puts it into another program.

In this case, it’s piping to a program called less which is a “paging” program to help display things better for us.

The -R switch makes sure to keep the color highlighting.

What if we want to see a list of tags to choose from?

To simply list all the tags used in the journal:

grep -hoR "@[a-z]*" | sort -u | less

Want a more advanced search? Use ugrep.

ugrep is an external dependency, but you should be able to install it on Debian with sudo apt install ugrep.

You can then do the following from your journal’s directory:

ugrep -Q

This will give you an interactive fuzzy search of entries

Reading

To read the entirety of the journal in the terminal:

find ./ -type f | xargs tail -n +1 | less

To read entries in the daily journal, cd to daily and run the following:

tail -n +1 * | less

You could even sort by year or month like so

tail -n +1 2024-* | less

of course, you could set these commands up as aliases in your .bashrc!

So it’s a new year, now what?

when you enter a new year, your editor will probably complain that it can’t save your entry right away

that’s okay actually and what it means is that all we need to create a new directory of the current year!

i recommend doing this a few days before the new year so you won’t have any problems

then u can move that year into the past directory!