Compare commits

..

27 Commits

Author SHA1 Message Date
seb a81c6fccf1 BASH: add env vars for proton pass cli 2026-06-11 11:07:59 +02:00
seb 31ff93e96c TELEVISION: add some cable channels 2026-06-11 11:07:40 +02:00
seb 231217472f HELIX: disable auto-signature-help 2026-06-11 11:07:22 +02:00
seb 7986022558 add doom emacs config 2026-03-07 15:57:10 +01:00
seb 638a6503f1 add changes before system upgrade 2026-03-01 15:48:48 +01:00
seb a2ac456f72 Remove superfluous changelog and todos file 2025-12-04 00:54:39 +01:00
seb 04a07210a4 Don't hard code nu shell path for ghostty 2025-12-04 00:38:37 +01:00
seb 8ef6a87ba1 Add new lib for shell 2025-12-04 00:34:50 +01:00
seb 7c30e64c4b Misc updates
modified:   README.md
	modified:   bash/dot-bashrc
	modified:   git/dot-config/git/config
	new file:   helix/dot-config/helix/config.toml
	modified:   pet/dot-config/pet/snippet.toml
	renamed:    run.sh -> setup.sh
2025-12-03 22:33:58 +01:00
seb 6475b15d70 Source hcloud bash completions in bashrc 2025-07-15 11:10:55 +02:00
seb 36a3766aef Update global git ignore 2025-06-23 23:31:42 +02:00
seb 0a392b6252 Update gitignore 2025-06-23 23:28:16 +02:00
seb 3540c154e6 New global gitignore 2025-06-23 23:26:44 +02:00
seb 45b952f37a More stow refactoring; now actually including bashrc 2025-06-18 14:36:56 +02:00
seb 4a425ec8f1 Update: git global config 2025-06-18 11:45:28 +02:00
seb 4b3a47a17f Update README.md
README.md is changed to reflect that GNU stow is used.
2025-06-18 11:40:49 +02:00
seb 84b20638f3 FIX: Make run.sh actually follow task-file pattern 2025-06-18 11:40:20 +02:00
seb a4f2cff5f3 Create pet package: holds both config AND snippets for convenciance:) 2025-06-18 11:25:58 +02:00
seb c074cfa3e0 Make ghostty config stowable 2025-06-18 01:44:25 +02:00
seb cb481919c9 Move old scripts into resources; They have no active use currently but good to keep for reference 2025-06-18 01:29:54 +02:00
seb c86bf33b0d Start keeping track of todos 2025-06-18 01:28:32 +02:00
seb e947a9d04e Some more refactoring for GNU stow (git, vim and tmux) 2025-06-18 01:26:52 +02:00
seb 5508cfe264 Ad run.sh as top level taskfile. Currently just to bootstrap getting gnu stow 2025-06-18 01:17:23 +02:00
seb f4cae0306f Make stow verbose in stowrc 2025-06-18 00:44:31 +02:00
seb fad2c8b5dc Fix awk error in tasklib.sh by renaming 'func' variable
The variable name 'func' is a reserved builtin in gawk, causing
errors when running `./task help`. Renamed to 'funcname' to avoid
the conflict.
2025-06-18 00:41:35 +02:00
seb 854126bb4b Add some shell functions as shellib for task files 2025-06-18 00:29:11 +02:00
seb 7925f873a8 Add kanidm-eval example config and task file! 2025-06-18 00:11:45 +02:00
85 changed files with 5341 additions and 48 deletions
-4
View File
@@ -1,4 +0,0 @@
# Changes
## Monday June 16, 2025
Started to reorganize the repo for use with GNU stow. I'm thinking why develop and maintain a system myself, when such a good tool for symlink farming, and thus also my use case of dotfiles management, already exists.
+18 -31
View File
@@ -1,51 +1,38 @@
# Dotfiles
A collection of configuration files for various tools and applications I use, with an installation script to easily set them up on new systems.
Personal dotfiles and more
## Installation
### Clone the repository
Install [GNU stow](https://gnu.org/software/stow/).
You **will** want a version >= 8. September 2024! See [here](https://cgit.git.savannah.gnu.org/cgit/stow.git/tree/NEWS).
This is so `dot-*` named files (or dirs) are handled correctly!
See `run.sh`. Use it as taskfile to install stow.
Then, to make sure that stow is correctly handling `dot-*` named dirs, run
```bash
git clone git@github.com:sebaschi/dotfiles.git ~/.dotfiles
stow --dotfiles --verbose stow
```
{
This installs the `dot-stowrc` and global ignore list.
### Install configurations
The `dot-install` script can be used to install specific configurations or all of them at once:
```bash
# Install everything
~/.dotfiles/dot-install all
# Install specific configurations
~/.dotfiles/dot-install git nvim tmux
# Install only bash aliases
~/.dotfiles/dot-install bash:aliases
## Installing configs
```sh
stow <config-pkg-name>
```
Run `~/.dotfiles/dot-install` without arguments to see all available options.
## Testing
A test script is included to verify the installation script works correctly:
```bash
~/.dotfiles/test-dot-install
`<config-pkg-name>` is just one of the directories of this repo.
To see what the effect would be without applying anything (dry-run):
```sh
stow -n <config-pkg-name>
```
This runs the installation in an isolated environment to ensure all symlinks are correctly created.
Nothing fancy, just creates mock home in `/tmp` and changes some envars used by the install script.
The "Testing" amounts to check symlinks exist. This is mostly usefull once extended to detect config packages (just the directories containing an a config), to remind me to add a function for it in `dot-install`.
## Included Configurations
* **Shells**: Bash, Fish, Zsh
* **Terminal**: Tmux, Zellij, Ghostty
* **Editors**: Vim, Neovim (with lazy.nvim)
* **Tools**: Git, Starship prompt, Borg backup
* **Tools**: Git, Starship prompt, Borg backup, Fossil (**TODO**)
* **Utilities**: Rsync filters
## Tools Tools
-2
View File
@@ -1,2 +0,0 @@
export PATH="$HOME/scripts:$PATH"
+7
View File
@@ -0,0 +1,7 @@
# ~/.bash_logout: executed by bash(1) when login shell exits.
# when leaving the console clear the screen to increase privacy
if [ "$SHLVL" = 1 ]; then
[ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q
fi
+206
View File
@@ -0,0 +1,206 @@
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
case $- in
*i*) ;;
*) return;;
esac
# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth
# append to the history file, don't overwrite it
shopt -s histappend
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
HISTSIZE=1000
HISTFILESIZE=2000
# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize
# If set, the pattern "**" used in a pathname expansion context will
# match all files and zero or more directories and subdirectories.
#shopt -s globstar
# make less more friendly for non-text input files, see lesspipe(1)
[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
debian_chroot=$(cat /etc/debian_chroot)
fi
# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
xterm-color|*-256color) color_prompt=yes;;
esac
# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
#force_color_prompt=yes
if [ -n "$force_color_prompt" ]; then
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
# We have color support; assume it's compliant with Ecma-48
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
# a case would tend to support setf rather than setaf.)
color_prompt=yes
else
color_prompt=
fi
fi
if [ "$color_prompt" = yes ]; then
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
else
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt
# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*)
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
;;
*)
;;
esac
# enable color support of ls and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
alias ls='eza --color'
alias dir='dir --color'
alias vdir='vdir --color'
# using ugrep instead of grep
alias grep='ug -G --color'
alias fgrep='ug -F --color'
alias egrep='ug -E --color'
fi
# colored GCC warnings and errors
export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
# some more ls aliases
alias ll='ls -alF'
alias la='ls -A'
alias l='ls -hF'
# Add an "alert" alias for long running commands. Use like so:
# sleep 10; alert
alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"'
# Alias definitions.
# You may want to put all your additions into a separate file like
# ~/.bash_aliases, instead of adding them here directly.
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
if [ -f ~/.bash_aliases ]; then
. ~/.bash_aliases
fi
# Source bash env list
source $HOME/.local/share/bash/bash_env
# Pet snippet manager
# register previous command
function prev() {
PREV=$(echo $(history | tail -n2 | head -n1) | sed 's/[0-9]* //')
sh -c "pet new $(printf %q "$PREV")"
}
# TODO if [ -d ~/.bashrc.d ]; then
# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if ! shopt -oq posix; then
if [ -f /usr/share/bash-completion/bash_completion ]; then
. /usr/share/bash-completion/bash_completion
elif [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
fi
. "$HOME/.cargo/env"
# Starship init
eval "$(starship init bash)"
# Homebrew
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
# Pagers
export PAGER="less"
export LESS="-FIRX"
# export MANPAGER="$PAGER"
# Github CLI aliases
alias ghce="gh copilot explain"
alias ghcs="gh copilot suggest"
# Util Aliases
# broot does this now
# alias fcd='cd "$(dirname "$(fzf)")"'
alias st='systemctl-tui'
alias task='./task.py'
# BEGIN hcloud
source <(hcloud completion bash)
# END hcloud
source /home/seb/.config/broot/launcher/bash/br
[ -f "/home/seb/.ghcup/env" ] && . "/home/seb/.ghcup/env" # ghcup-env
alias nodeman='ssh hwsec nodeman'
# >>> conda initialize >>>
# !! Contents within this block are managed by 'conda init' !!
__conda_setup="$('/home/seb/miniforge3/bin/conda' 'shell.bash' 'hook' 2> /dev/null)"
if [ $? -eq 0 ]; then
eval "$__conda_setup"
else
if [ -f "/home/seb/miniforge3/etc/profile.d/conda.sh" ]; then
. "/home/seb/miniforge3/etc/profile.d/conda.sh"
else
export PATH="/home/seb/miniforge3/bin:$PATH"
fi
fi
unset __conda_setup
# <<< conda initialize <<<
# >>> mamba initialize >>>
# !! Contents within this block are managed by 'mamba shell init' !!
export MAMBA_EXE='/home/seb/miniforge3/bin/mamba';
export MAMBA_ROOT_PREFIX='/home/seb/miniforge3';
__mamba_setup="$("$MAMBA_EXE" shell hook --shell bash --root-prefix "$MAMBA_ROOT_PREFIX" 2> /dev/null)"
if [ $? -eq 0 ]; then
eval "$__mamba_setup"
else
alias mamba="$MAMBA_EXE" # Fallback on help from mamba activate
fi
unset __mamba_setup
# <<< mamba initialize <<<
# >>> juliaup initialize >>>
# !! Contents within this block are managed by juliaup !!
case ":$PATH:" in
*:/home/seb/.juliaup/bin:*)
;;
*)
export PATH=/home/seb/.juliaup/bin${PATH:+:${PATH}}
;;
esac
# <<< juliaup initialize <<<
+8
View File
@@ -0,0 +1,8 @@
export PATH="$HOME/scripts:$PATH"
export PATH="$HOME/.config/emacs/bin:$PATH"
export PAGER="less"
export LESS="-FIRX"
# Proton Pass cli settings
export PROTON_PASS_KEY_PROVIDER=keyring
export PROTON_PASS_LINUX_KEYRING=dbus
+75
View File
@@ -0,0 +1,75 @@
;;; $DOOMDIR/config.el -*- lexical-binding: t; -*-
;; Place your private configuration here! Remember, you do not need to run 'doom
;; sync' after modifying this file!
;; Some functionality uses this to identify you, e.g. GPG configuration, email
;; clients, file templates and snippets. It is optional.
;; (setq user-full-name "John Doe"
;; user-mail-address "john@doe.com")
;; Doom exposes five (optional) variables for controlling fonts in Doom:
;;
;; - `doom-font' -- the primary font to use
;; - `doom-variable-pitch-font' -- a non-monospace font (where applicable)
;; - `doom-big-font' -- used for `doom-big-font-mode'; use this for
;; presentations or streaming.
;; - `doom-symbol-font' -- for symbols
;; - `doom-serif-font' -- for the `fixed-pitch-serif' face
;;
;; See 'C-h v doom-font' for documentation and more examples of what they
;; accept. For example:
;;
;;(setq doom-font (font-spec :family "Fira Code" :size 12 :weight 'semi-light)
;; doom-variable-pitch-font (font-spec :family "Fira Sans" :size 13))
;;
;; If you or Emacs can't find your font, use 'M-x describe-font' to look them
;; up, `M-x eval-region' to execute elisp code, and 'M-x doom/reload-font' to
;; refresh your font settings. If Emacs still can't find your font, it likely
;; wasn't installed correctly. Font issues are rarely Doom issues!
;; There are two ways to load a theme. Both assume the theme is installed and
;; available. You can either set `doom-theme' or manually load a theme with the
;; `load-theme' function. This is the default:
(setq doom-theme 'doom-one)
;; This determines the style of line numbers in effect. If set to `nil', line
;; numbers are disabled. For relative line numbers, set this to `relative'.
(setq display-line-numbers-type t)
;; If you use `org' and don't want your org files in the default location below,
;; change `org-directory'. It must be set before org loads!
(setq org-directory "~/org/")
;; Whenever you reconfigure a package, make sure to wrap your config in an
;; `with-eval-after-load' block, otherwise Doom's defaults may override your
;; settings. E.g.
;;
;; (with-eval-after-load 'PACKAGE
;; (setq x y))
;;
;; The exceptions to this rule:
;;
;; - Setting file/directory variables (like `org-directory')
;; - Setting variables which explicitly tell you to set them before their
;; package is loaded (see 'C-h v VARIABLE' to look them up).
;; - Setting doom variables (which start with 'doom-' or '+').
;;
;; Here are some additional functions/macros that will help you configure Doom.
;;
;; - `load!' for loading external *.el files relative to this one
;; - `add-load-path!' for adding directories to the `load-path', relative to
;; this file. Emacs searches the `load-path' when you load packages with
;; `require' or `use-package'.
;; - `map!' for binding new keys
;;
;; To get information about any of these functions/macros, move the cursor over
;; the highlighted symbol at press 'K' (non-evil users must press 'C-c c k').
;; This will open documentation for it, including demos of how they are used.
;; Alternatively, use `C-h o' to look up a symbol (functions, variables, faces,
;; etc).
;;
;; You can also try 'gd' (or 'C-c c d') to jump to their definition and see how
;; they are implemented.
+198
View File
@@ -0,0 +1,198 @@
;;;init.el -*- lexical-binding: t; -*-
;;
;; This file controls what Doom modules are enabled and what order they load
;; in. Remember to run 'doom sync' after modifying it!
;;
;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's
;; documentation. There you'll find a link to Doom's Module Index where all
;; of our modules are listed, including what flags they support.
;;
;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or
;; 'C-c c k' for non-vim users) to view its documentation. This works on
;; flags as well (those symbols that start with a plus).
;;
;; Alternatively, press 'gd' (or 'C-c c d') on a module to browse its
;; directory (for easy access to its source code).
;;
(doom! :input
;;bidi ; (tfel ot) thgir etirw uoy gnipleh
;;chinese
;;japanese
;;layout ; auie,ctsrnm is the superior home row
:completion
;;company ; the ultimate code completion backend
(corfu +orderless) ; complete with cap(f), cape and a flying feather!
;;helm ; the *other* search engine for love and life
;;ido ; the other *other* search engine...
;;ivy ; a search engine for love and life
vertico ; the search engine of the future
:ui
;;deft ; notational velocity for Emacs
doom ; what makes DOOM look the way it does
doom-dashboard ; a nifty splash screen for Emacs
;;doom-quit ; DOOM quit-message prompts when you quit Emacs
;;(emoji +unicode) ; 🙂
hl-todo ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW
;;indent-guides ; highlighted indent columns
;;ligatures ; ligatures and symbols to make your code pretty again
;;minimap ; show a map of the code on the side
modeline ; snazzy, Atom-inspired modeline, plus API
;;nav-flash ; blink cursor line after big motions
;;neotree ; a project drawer, like NERDTree for vim
ophints ; highlight the region an operation acts on
(popup +defaults) ; tame sudden yet inevitable temporary windows
;;smooth-scroll ; So smooth you won't believe it's not butter
;;tabs ; a tab bar for Emacs
;;treemacs ; a project drawer, like neotree but cooler
;;unicode ; extended unicode support for various languages
(vc-gutter +pretty) ; vcs diff in the fringe
;; vi-tilde-fringe ; fringe tildes to mark beyond EOB
;;window-select ; visually switch windows
workspaces ; tab emulation, persistence & separate workspaces
;;zen ; distraction-free coding or writing
:editor
(evil +everywhere); come to the dark side, we have cookies
;; file-templates ; auto-snippets for empty files
fold ; (nigh) universal code folding
;;(format +onsave) ; automated prettiness
;;god ; run Emacs commands without modifier keys
;;lispy ; vim for lisp, for people who don't like vim
;;multiple-cursors ; editing in many places at once
;;objed ; text object editing for the innocent
;;parinfer ; turn lisp into python, sort of
;;rotate-text ; cycle region at point between text candidates
snippets ; my elves. They type so I don't have to
(whitespace +guess +trim) ; a butler for your whitespace
;;word-wrap ; soft wrapping with language-aware indent
:emacs
dired ; making dired pretty [functional]
electric ; smarter, keyword-based electric-indent
;;eww ; the internet is gross
;;ibuffer ; interactive buffer management
tramp ; remote files at your arthritic fingertips
undo ; persistent, smarter undo for your inevitable mistakes
vc ; version-control and Emacs, sitting in a tree
:term
;;eshell ; the elisp shell that works everywhere
;;shell ; simple shell REPL for Emacs
;;term ; basic terminal emulator for Emacs
;;vterm ; the best terminal emulation in Emacs
:checkers
syntax ; tasing you for every semicolon you forget
;;(spell +flyspell) ; tasing you for misspelling mispelling
;;grammar ; tasing grammar mistake every you make
:tools
;;ansible
;;biblio ; Writes a PhD for you (citation needed)
;;collab ; buffers with friends
;;debugger ; FIXME stepping through code, to help you add bugs
;;direnv
;;docker
;;editorconfig ; let someone else argue about tabs vs spaces
;;ein ; tame Jupyter notebooks with emacs
(eval +overlay) ; run code, run (also, repls)
lookup ; navigate your code and its documentation
;;llm ; when I said you needed friends, I didn't mean...
(lsp +eglot) ; M-x vscode
magit ; a git porcelain for Emacs
;;make ; run make tasks from Emacs
;;pass ; password manager for nerds
;;pdf ; pdf enhancements
;;terraform ; infrastructure as code
;;tmux ; an API for interacting with tmux
tree-sitter ; syntax and parsing, sitting in a tree...
;;upload ; map local to remote projects via ssh/ftp
:os
(:if (featurep :system 'macos) macos) ; improve compatibility with macOS
;;tty ; improve the terminal Emacs experience
:lang
;;ada ; In strong typing we (blindly) trust
;;agda ; types of types of types of types...
;;beancount ; mind the GAAP
(cc +lsp) ; C > C++ == 1
;;clojure ; java with a lisp
;;common-lisp ; if you've seen one lisp, you've seen them all
;;coq ; proofs-as-programs
;;crystal ; ruby at the speed of c
;;csharp ; unity, .NET, and mono shenanigans
data ; config/data formats
;;(dart +flutter) ; paint ui and not much else
;;dhall
;;elixir ; erlang done right
;;elm ; care for a cup of TEA?
emacs-lisp ; drown in parentheses
;;erlang ; an elegant language for a more civilized age
;;ess ; emacs speaks statistics
;;factor
;;faust ; dsp, but you get to keep your soul
;;fortran ; in FORTRAN, GOD is REAL (unless declared INTEGER)
;;fsharp ; ML stands for Microsoft's Language
;;fstar ; (dependent) types and (monadic) effects and Z3
;;gdscript ; the language you waited for
(go +lsp) ; the hipster dialect
;;(graphql +lsp) ; Give queries a REST
;;(haskell +lsp) ; a language that's lazier than I am
;;hy ; readability of scheme w/ speed of python
;;idris ; a language you can depend on
;;json ; At least it ain't XML
;;janet ; Fun fact: Janet is me!
(java +lsp) ; the poster child for carpal tunnel syndrome
;;javascript ; all(hope(abandon(ye(who(enter(here))))))
;;julia ; a better, faster MATLAB
;;kotlin ; a better, slicker Java(Script)
;;latex ; writing papers in Emacs has never been so fun
;;lean ; for folks with too much to prove
;;ledger ; be audit you can be
;;lua ; one-based indices? one-based indices
markdown ; writing docs for people to ignore
;;nim ; python + lisp at the speed of c
;;nix ; I hereby declare "nix geht mehr!"
;;ocaml ; an objective camel
org ; organize your plain life in plain text
;;php ; perl's insecure younger brother
;;plantuml ; diagrams for confusing people more
;;graphviz ; diagrams for confusing yourself even more
;;purescript ; javascript, but functional
python ; beautiful is better than ugly
;;qt ; the 'cutest' gui framework ever
;;racket ; a DSL for DSLs
;;raku ; the artist formerly known as perl6
;;rest ; Emacs as a REST client
;;rst ; ReST in peace
;;(ruby +rails) ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"}
(rust +lsp) ; Fe2O3.unwrap().unwrap().unwrap().unwrap()
;;scala ; java, but good
;;(scheme +guile) ; a fully conniving family of lisps
sh ; she sells {ba,z,fi}sh shells on the C xor
;;sml
;;solidity ; do you need a blockchain? No.
;;swift ; who asked for emoji variables?
;;terra ; Earth and Moon in alignment for performance.
;;web ; the tubes
;;yaml ; JSON, but readable
;;zig ; C, but simpler
:email
;;(mu4e +org +gmail)
;;notmuch
;;(wanderlust +gmail)
:app
;;calendar
;;emms
;;everywhere ; *leave* Emacs!? You must be joking
;;irc ; how neckbeards socialize
;;(rss +org) ; emacs as an RSS reader
:config
;;literate
(default +bindings +smartparens))
+54
View File
@@ -0,0 +1,54 @@
;; -*- no-byte-compile: t; -*-
;;; $DOOMDIR/packages.el
;; To install a package:
;;
;; 1. Declare them here in a `package!' statement,
;; 2. Run 'doom sync' in the shell,
;; 3. Restart Emacs.
;;
;; Use 'C-h f package\!' to look up documentation for the `package!' macro.
;; To install SOME-PACKAGE from MELPA, ELPA or emacsmirror:
;; (package! some-package)
;; To install a package directly from a remote git repo, you must specify a
;; `:recipe'. You'll find documentation on what `:recipe' accepts here:
;; https://github.com/radian-software/straight.el#the-recipe-format
;; (package! another-package
;; :recipe (:host github :repo "username/repo"))
;; If the package you are trying to install does not contain a PACKAGENAME.el
;; file, or is located in a subdirectory of the repo, you'll need to specify
;; `:files' in the `:recipe':
;; (package! this-package
;; :recipe (:host github :repo "username/repo"
;; :files ("some-file.el" "src/lisp/*.el")))
;; If you'd like to disable a package included with Doom, you can do so here
;; with the `:disable' property:
;; (package! builtin-package :disable t)
;; You can override the recipe of a built in package without having to specify
;; all the properties for `:recipe'. These will inherit the rest of its recipe
;; from Doom or MELPA/ELPA/Emacsmirror:
;; (package! builtin-package :recipe (:nonrecursive t))
;; (package! builtin-package-2 :recipe (:repo "myfork/package"))
;; Specify a `:branch' to install a package from a particular branch or tag.
;; This is required for some packages whose default branch isn't 'master' (which
;; our package manager can't deal with; see radian-software/straight.el#279)
;; (package! builtin-package :recipe (:branch "develop"))
;; Use `:pin' to specify a particular commit to install.
;; (package! builtin-package :pin "1a2b3c4d5e")
;; Doom's packages are pinned to a specific commit and updated from release to
;; release. The `unpin!' macro allows you to unpin single packages...
;; (unpin! pinned-package)
;; ...or multiple packages
;; (unpin! pinned-package another-pinned-package)
;; ...Or *all* packages (NOT RECOMMENDED; will likely break things)
;; (unpin! t)
@@ -7,7 +7,7 @@ window-width = 140
window-height = 35
window-save-state = always
auto-update = download
command = /home/linuxbrew/.linuxbrew/bin/nu
# command = /home/linuxbrew/.linuxbrew/bin/nu
keybind = ctrl+shift+l=goto_split:right
keybind = ctrl+shift+h=goto_split:left
keybind = ctrl+shift+j=goto_split:bottom
+9
View File
@@ -0,0 +1,9 @@
[user]
name = Sebastian Lenzlinger
email = s.m.lenzlinger@student.vu.nl
[init]
defaultBranch = devel
[core]
editor = nvim
[gpg "ssh"]
allowedSignersFile = /home/seb/.ssh/allowed_signers
+17
View File
@@ -0,0 +1,17 @@
.claude/
.claude
.claude/**
Claude.md
*.o
*.log
cache/
logs/
build/
# Python stuff
__pycache__/
*.pyc
# Environement/ 12 Factor
.env
-10
View File
@@ -1,10 +0,0 @@
[user]
email = 74497638+sebaschi@users.noreply.github.com
name = Sebastian Lenzlinger
[http]
sslVerify = false
[filter "lfs"]
clean = git-lfs clean -- %f
smudge = git-lfs smudge -- %f
process = git-lfs filter-process
required = true
+11
View File
@@ -0,0 +1,11 @@
theme = "yellowed"
[editor.cursor-shape]
insert = "bar"
[editor.soft-wrap]
enable = true
[editor.lsp]
auto-signature-help = false
+317
View File
@@ -0,0 +1,317 @@
::: {#mdbook-help-container}
::: {#mdbook-help-popup}
## Keyboard shortcuts {#keyboard-shortcuts .mdbook-help-title}
<div>
Press [←]{.kbd} or [→]{.kbd} to navigate between chapters
Press [S]{.kbd} or [/]{.kbd} to search in the book
Press [?]{.kbd} to show this help
Press [Esc]{.kbd} to hide this help
</div>
:::
:::
::: {#body-container}
::: {#sidebar-resize-handle .sidebar-resize-handle}
::: sidebar-resize-indicator
:::
:::
::: {#page-wrapper .page-wrapper}
::: page
::: {#menu-bar-hover-placeholder}
:::
::: {#menu-bar .menu-bar .sticky}
::: left-buttons
- Auto
- Light
- Rust
- Coal
- Navy
- Ayu
:::
# Kanidm Administration {#kanidm-administration .menu-title}
::: right-buttons
[](print.html "Print this book"){aria-label="Print this book"}
[](https://github.com/kanidm/kanidm "Git repository"){aria-label="Git repository"}
[](https://github.com/kanidm/kanidm/edit/master/book/src/evaluation_quickstart.md "Suggest an edit"){aria-label="Suggest an edit"}
:::
:::
::: {#search-wrapper .hidden}
::: {#searchresults-outer .searchresults-outer .hidden}
::: {#searchresults-header .searchresults-header}
:::
:::
:::
::: {#content .content}
::: {role="main"}
# [Evaluation Quickstart](#evaluation-quickstart){.header}
This section will guide you through a quick setup of Kanidm for
evaluation. It\'s recommended that for a production deployment you
follow the steps in the [installation
chapter](installing_the_server.html) instead as there are a number of
security considerations you should be aware of for production
deployments.
## [Requirements](#requirements){.header}
The only thing you\'ll need for this is Docker, Podman, or a compatible
containerd environment installed and running.
## [Get the software](#get-the-software){.header}
``` bash
docker pull docker.io/kanidm/server:latest
```
## [Create your configuration](#create-your-configuration){.header}
Create `server.toml`. The important parts are the `domain` and `origin`.
For this example, if you use `localhost` and `https://localhost:8443`
this will match later commands.
``` toml
# The server configuration file version.
version = "2"
# The webserver bind address. Requires TLS certificates.
# If the port is set to 443 you may require the
# NET_BIND_SERVICE capability.
# Defaults to "127.0.0.1:8443"
bindaddress = "[::]:8443"
#
# The read-only ldap server bind address. Requires
# TLS certificates. If set to 636 you may require
# the NET_BIND_SERVICE capability.
# Defaults to "" (disabled)
# ldapbindaddress = "[::]:3636"
#
# The path to the kanidm database.
db_path = "/data/kanidm.db"
#
# If you have a known filesystem, kanidm can tune the
# database page size to match. Valid choices are:
# [zfs, other]
# If you are unsure about this leave it as the default
# (other). After changing this
# value you must run a vacuum task.
# - zfs:
# * sets database pagesize to 64k. You must set
# recordsize=64k on the zfs filesystem.
# - other:
# * sets database pagesize to 4k, matching most
# filesystems block sizes.
# db_fs_type = "zfs"
#
# The number of entries to store in the in-memory cache.
# Minimum value is 256. If unset
# an automatic heuristic is used to scale this.
# You should only adjust this value if you experience
# memory pressure on your system.
# db_arc_size = 2048
#
# TLS chain and key in pem format. Both must be present.
# If the server receives a SIGHUP, these files will be
# re-read and reloaded if their content is valid.
tls_chain = "/data/chain.pem"
tls_key = "/data/key.pem"
#
# The log level of the server. May be one of info, debug, trace
#
# NOTE: this can be overridden by the environment variable
# `KANIDM_LOG_LEVEL` at runtime
# Defaults to "info"
# log_level = "info"
#
# The DNS domain name of the server. This is used in a
# number of security-critical contexts
# such as webauthn, so it *must* match your DNS
# hostname. It is used to create
# security principal names such as `william@idm.example.com`
# so that in a (future) trust configuration it is possible
# to have unique Security Principal Names (spns) throughout
# the topology.
#
# ⚠️ WARNING ⚠️
#
# Changing this value WILL break many types of registered
# credentials for accounts including but not limited to
# webauthn, oauth tokens, and more.
# If you change this value you *must* run
# `kanidmd domain rename` immediately after.
domain = "idm.example.com"
#
# The origin for webauthn. This is the url to the server,
# with the port included if it is non-standard (any port
# except 443). This must match or be a descendent of the
# domain name you configure above. If these two items are
# not consistent, the server WILL refuse to start!
# origin = "https://idm.example.com"
origin = "https://idm.example.com:8443"
# HTTPS requests can be reverse proxied by a loadbalancer.
# To preserve the original IP of the caller, these systems
# will often add a header such as "Forwarded" or
# "X-Forwarded-For". Some other proxies can use the PROXY
# protocol v2 header.
# This setting allows configuration of the list of trusted
# IPs or IP ranges which can supply this header information,
# and which format the information is provided in.
# Defaults to "none" (no trusted sources)
# Only one option can be used at a time.
# [http_client_address_info]
# proxy-v2 = ["127.0.0.1", "127.0.0.0/8"]
# # OR
# x-forward-for = ["127.0.0.1", "127.0.0.0/8"]
# LDAPS requests can be reverse proxied by a loadbalancer.
# To preserve the original IP of the caller, these systems
# can add a header such as the PROXY protocol v2 header.
# This setting allows configuration of the list of trusted
# IPs or IP ranges which can supply this header information,
# and which format the information is provided in.
# Defaults to "none" (no trusted sources)
# [ldap_client_address_info]
# proxy-v2 = ["127.0.0.1", "127.0.0.0/8"]
[online_backup]
# The path to the output folder for online backups
path = "/data/kanidm/backups/"
# The schedule to run online backups (see https://crontab.guru/)
# every day at 22:00 UTC (default)
schedule = "00 22 * * *"
# four times a day at 3 minutes past the hour, every 6th hours
# schedule = "03 */6 * * *"
# We also support non standard cron syntax, with the following format:
# sec min hour day of month month day of week year
# (it's very similar to the standard cron syntax, it just allows to specify the seconds
# at the beginning and the year at the end)
# Number of backups to keep (default 7)
# versions = 7
```
## [Start the container](#start-the-container){.header}
First we create a docker volume to store the data, then we start the
container.
``` bash
docker volume create kanidmd
docker create --name kanidmd \
-p '443:8443' \
-p '636:3636' \
-v kanidmd:/data \
docker.io/kanidm/server:latest
```
## [Copy the configuration to the container](#copy-the-configuration-to-the-container){.header}
``` bash
docker cp server.toml kanidmd:/data/server.toml
```
## [Generate evaluation certificates](#generate-evaluation-certificates){.header}
``` bash
docker run --rm -i -t -v kanidmd:/data \
docker.io/kanidm/server:latest \
kanidmd cert-generate
```
## [Start Kanidmd Container](#start-kanidmd-container){.header}
``` bash
docker start kanidmd
```
## [Recover the Admin Role Passwords](#recover-the-admin-role-passwords){.header}
The `admin` account is used to configure Kanidm itself.
``` bash
docker exec -i -t kanidmd \
kanidmd recover-account admin
```
The `idm_admin` account is used to manage persons and groups.
``` shell
docker exec -i -t kanidmd \
kanidmd recover-account idm_admin
```
## [Setup the client configuration](#setup-the-client-configuration){.header}
This happens on your computer, not in the container.
``` toml
# ~/.config/kanidm
uri = "https://localhost:8443"
verify_ca = false
```
## [Check you can login](#check-you-can-login){.header}
``` bash
kanidm login --name idm_admin
```
## [Create an account for yourself](#create-an-account-for-yourself){.header}
``` shell
kanidm person create <your username> <Your Displayname>
```
## [Set up your account credentials](#set-up-your-account-credentials){.header}
``` shell
kanidm person credential create-reset-token <your username>
```
Then follow the presented steps.
## [What next?](#what-next){.header}
You\'ll probably want to set it up properly, so that other computers can
access it, so [choose a domain name](choosing_a_domain_name.html) and
complete the full server installation.
Alternatively you might like to try configurig one of these:
- [OAuth2](./integrations/oauth2.html) for web services
- [PAM and nsswitch](./integrations/pam_and_nsswitch.html) for
authentication to Linux systems
- [Replication](repl/), if one Kanidm instance isn\'t enough
:::
[](introduction_to_kanidm.html "Previous chapter"){.mobile-nav-chapters
.previous rel="prev" aria-label="Previous chapter"
aria-keyshortcuts="Left"}
[](supported_features.html "Next chapter"){.mobile-nav-chapters .next
rel="next prefetch" aria-label="Next chapter" aria-keyshortcuts="Right"}
::: {style="clear: both"}
:::
:::
:::
[](introduction_to_kanidm.html "Previous chapter"){.nav-chapters
.previous rel="prev" aria-label="Previous chapter"
aria-keyshortcuts="Left"}
[](supported_features.html "Next chapter"){.nav-chapters .next
rel="next prefetch" aria-label="Next chapter" aria-keyshortcuts="Right"}
:::
:::
@@ -0,0 +1,481 @@
<!DOCTYPE HTML>
<html lang="en" class="light sidebar-visible" dir="ltr">
<head>
<!-- Book generated using mdBook -->
<meta charset="UTF-8">
<title>Evaluation Quickstart - Kanidm Administration</title>
<!-- Custom HTML head -->
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="theme-color" content="#ffffff">
<link rel="shortcut icon" href="favicon.png">
<link rel="stylesheet" href="css/variables.css">
<link rel="stylesheet" href="css/general.css">
<link rel="stylesheet" href="css/chrome.css">
<link rel="stylesheet" href="css/print.css" media="print">
<!-- Fonts -->
<link rel="stylesheet" href="FontAwesome/css/font-awesome.css">
<link rel="stylesheet" href="fonts/fonts.css">
<!-- Highlight.js Stylesheets -->
<link rel="stylesheet" id="highlight-css" href="highlight.css">
<link rel="stylesheet" id="tomorrow-night-css" href="tomorrow-night.css">
<link rel="stylesheet" id="ayu-highlight-css" href="ayu-highlight.css">
<!-- Custom theme stylesheets -->
<!-- Provide site root and default themes to javascript -->
<script>
const path_to_root = "";
const default_light_theme = "light";
const default_dark_theme = "navy";
</script>
<!-- Start loading toc.js asap -->
<script src="toc.js"></script>
</head>
<body>
<div id="mdbook-help-container">
<div id="mdbook-help-popup">
<h2 class="mdbook-help-title">Keyboard shortcuts</h2>
<div>
<p>Press <kbd></kbd> or <kbd></kbd> to navigate between chapters</p>
<p>Press <kbd>S</kbd> or <kbd>/</kbd> to search in the book</p>
<p>Press <kbd>?</kbd> to show this help</p>
<p>Press <kbd>Esc</kbd> to hide this help</p>
</div>
</div>
</div>
<div id="body-container">
<!-- Work around some values being stored in localStorage wrapped in quotes -->
<script>
try {
let theme = localStorage.getItem('mdbook-theme');
let sidebar = localStorage.getItem('mdbook-sidebar');
if (theme.startsWith('"') && theme.endsWith('"')) {
localStorage.setItem('mdbook-theme', theme.slice(1, theme.length - 1));
}
if (sidebar.startsWith('"') && sidebar.endsWith('"')) {
localStorage.setItem('mdbook-sidebar', sidebar.slice(1, sidebar.length - 1));
}
} catch (e) { }
</script>
<!-- Set the theme before any content is loaded, prevents flash -->
<script>
const default_theme = window.matchMedia("(prefers-color-scheme: dark)").matches ? default_dark_theme : default_light_theme;
let theme;
try { theme = localStorage.getItem('mdbook-theme'); } catch(e) { }
if (theme === null || theme === undefined) { theme = default_theme; }
const html = document.documentElement;
html.classList.remove('light')
html.classList.add(theme);
html.classList.add("js");
</script>
<input type="checkbox" id="sidebar-toggle-anchor" class="hidden">
<!-- Hide / unhide sidebar before it is displayed -->
<script>
let sidebar = null;
const sidebar_toggle = document.getElementById("sidebar-toggle-anchor");
if (document.body.clientWidth >= 1080) {
try { sidebar = localStorage.getItem('mdbook-sidebar'); } catch(e) { }
sidebar = sidebar || 'visible';
} else {
sidebar = 'hidden';
}
sidebar_toggle.checked = sidebar === 'visible';
html.classList.remove('sidebar-visible');
html.classList.add("sidebar-" + sidebar);
</script>
<nav id="sidebar" class="sidebar" aria-label="Table of contents">
<!-- populated by js -->
<mdbook-sidebar-scrollbox class="sidebar-scrollbox"></mdbook-sidebar-scrollbox>
<noscript>
<iframe class="sidebar-iframe-outer" src="toc.html"></iframe>
</noscript>
<div id="sidebar-resize-handle" class="sidebar-resize-handle">
<div class="sidebar-resize-indicator"></div>
</div>
</nav>
<div id="page-wrapper" class="page-wrapper">
<div class="page">
<div id="menu-bar-hover-placeholder"></div>
<div id="menu-bar" class="menu-bar sticky">
<div class="left-buttons">
<label id="sidebar-toggle" class="icon-button" for="sidebar-toggle-anchor" title="Toggle Table of Contents" aria-label="Toggle Table of Contents" aria-controls="sidebar">
<i class="fa fa-bars"></i>
</label>
<button id="theme-toggle" class="icon-button" type="button" title="Change theme" aria-label="Change theme" aria-haspopup="true" aria-expanded="false" aria-controls="theme-list">
<i class="fa fa-paint-brush"></i>
</button>
<ul id="theme-list" class="theme-popup" aria-label="Themes" role="menu">
<li role="none"><button role="menuitem" class="theme" id="default_theme">Auto</button></li>
<li role="none"><button role="menuitem" class="theme" id="light">Light</button></li>
<li role="none"><button role="menuitem" class="theme" id="rust">Rust</button></li>
<li role="none"><button role="menuitem" class="theme" id="coal">Coal</button></li>
<li role="none"><button role="menuitem" class="theme" id="navy">Navy</button></li>
<li role="none"><button role="menuitem" class="theme" id="ayu">Ayu</button></li>
</ul>
<button id="search-toggle" class="icon-button" type="button" title="Search (`/`)" aria-label="Toggle Searchbar" aria-expanded="false" aria-keyshortcuts="/ s" aria-controls="searchbar">
<i class="fa fa-search"></i>
</button>
</div>
<h1 class="menu-title">Kanidm Administration</h1>
<div class="right-buttons">
<a href="print.html" title="Print this book" aria-label="Print this book">
<i id="print-button" class="fa fa-print"></i>
</a>
<a href="https://github.com/kanidm/kanidm" title="Git repository" aria-label="Git repository">
<i id="git-repository-button" class="fa fa-github"></i>
</a>
<a href="https://github.com/kanidm/kanidm/edit/master/book/src/evaluation_quickstart.md" title="Suggest an edit" aria-label="Suggest an edit">
<i id="git-edit-button" class="fa fa-edit"></i>
</a>
</div>
</div>
<div id="search-wrapper" class="hidden">
<form id="searchbar-outer" class="searchbar-outer">
<input type="search" id="searchbar" name="searchbar" placeholder="Search this book ..." aria-controls="searchresults-outer" aria-describedby="searchresults-header">
</form>
<div id="searchresults-outer" class="searchresults-outer hidden">
<div id="searchresults-header" class="searchresults-header"></div>
<ul id="searchresults">
</ul>
</div>
</div>
<!-- Apply ARIA attributes after the sidebar and the sidebar toggle button are added to the DOM -->
<script>
document.getElementById('sidebar-toggle').setAttribute('aria-expanded', sidebar === 'visible');
document.getElementById('sidebar').setAttribute('aria-hidden', sidebar !== 'visible');
Array.from(document.querySelectorAll('#sidebar a')).forEach(function(link) {
link.setAttribute('tabIndex', sidebar === 'visible' ? 0 : -1);
});
</script>
<div id="content" class="content">
<main>
<style>
.mdbook-alerts {
padding: 8px 16px;
margin-bottom: 16px;
border-left: 0.25em solid var(--mdbook-alerts-color);
}
.mdbook-alerts > *:first-child {
margin-top: 0;
}
.mdbook-alerts > *:last-child {
margin-bottom: 0;
}
.mdbook-alerts-title {
display: flex;
font-weight: 600;
align-items: center;
line-height: 1;
color: var(--mdbook-alerts-color);
text-transform: capitalize;
}
.mdbook-alerts-icon {
display: inline-block;
width: 1em;
height: 1em;
margin-right: 0.2em;
background-color: currentColor;
-webkit-mask: no-repeat center / 100%;
mask: no-repeat center / 100%;
-webkit-mask-image: var(--mdbook-alerts-icon);
mask-image: var(--mdbook-alerts-icon);
}
.mdbook-alerts-note {
--mdbook-alerts-color: rgb(9, 105, 218);
/* https://icon-sets.iconify.design/material-symbols/info-outline-rounded/ */
--mdbook-alerts-icon: url('data:image/svg+xml,%3Csvg xmlns="http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg" width="24" height="24" viewBox="0 0 24 24"%3E%3Cpath fill="currentColor" d="M12 17q.425 0 .713-.288T13 16v-4q0-.425-.288-.712T12 11q-.425 0-.712.288T11 12v4q0 .425.288.713T12 17m0-8q.425 0 .713-.288T13 8q0-.425-.288-.712T12 7q-.425 0-.712.288T11 8q0 .425.288.713T12 9m0 13q-2.075 0-3.9-.788t-3.175-2.137q-1.35-1.35-2.137-3.175T2 12q0-2.075.788-3.9t2.137-3.175q1.35-1.35 3.175-2.137T12 2q2.075 0 3.9.788t3.175 2.137q1.35 1.35 2.138 3.175T22 12q0 2.075-.788 3.9t-2.137 3.175q-1.35 1.35-3.175 2.138T12 22m0-2q3.35 0 5.675-2.325T20 12q0-3.35-2.325-5.675T12 4Q8.65 4 6.325 6.325T4 12q0 3.35 2.325 5.675T12 20m0-8"%2F%3E%3C%2Fsvg%3E');
}
.mdbook-alerts-tip {
--mdbook-alerts-color: rgb(26, 127, 55);
/* https://icon-sets.iconify.design/material-symbols/lightbulb-outline-rounded/ */
--mdbook-alerts-icon: url('data:image/svg+xml,%3Csvg xmlns="http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg" width="24" height="24" viewBox="0 0 24 24"%3E%3Cpath fill="currentColor" d="M12 22q-.825 0-1.412-.587T10 20h4q0 .825-.587 1.413T12 22m-3-3q-.425 0-.712-.288T8 18q0-.425.288-.712T9 17h6q.425 0 .713.288T16 18q0 .425-.288.713T15 19zm-.75-3q-1.725-1.025-2.738-2.75T4.5 9.5q0-3.125 2.188-5.312T12 2q3.125 0 5.313 2.188T19.5 9.5q0 2.025-1.012 3.75T15.75 16zm.6-2h6.3q1.125-.8 1.738-1.975T17.5 9.5q0-2.3-1.6-3.9T12 4Q9.7 4 8.1 5.6T6.5 9.5q0 1.35.613 2.525T8.85 14M12 14"%2F%3E%3C%2Fsvg%3E');
}
.mdbook-alerts-important {
--mdbook-alerts-color: rgb(130, 80, 223);
/* https://icon-sets.iconify.design/material-symbols/chat-info-outline-rounded/ */
--mdbook-alerts-icon: url('data:image/svg+xml,%3Csvg xmlns="http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg" width="24" height="24" viewBox="0 0 24 24"%3E%3Cpath fill="currentColor" d="M12 7q.425 0 .713-.288T13 6q0-.425-.288-.712T12 5q-.425 0-.712.288T11 6q0 .425.288.713T12 7m0 8q.425 0 .713-.288T13 14v-4q0-.425-.288-.712T12 9q-.425 0-.712.288T11 10v4q0 .425.288.713T12 15m-6 3l-2.3 2.3q-.475.475-1.088.213T2 19.575V4q0-.825.588-1.412T4 2h16q.825 0 1.413.588T22 4v12q0 .825-.587 1.413T20 18zm-.85-2H20V4H4v13.125zM4 16V4z"%2F%3E%3C%2Fsvg%3E');
}
.mdbook-alerts-warning {
--mdbook-alerts-color: rgb(154, 103, 0);
/* https://icon-sets.iconify.design/material-symbols/warning-outline-rounded/ */
--mdbook-alerts-icon: url('data:image/svg+xml,%3Csvg xmlns="http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg" width="24" height="24" viewBox="0 0 24 24"%3E%3Cpath fill="currentColor" d="M2.725 21q-.275 0-.5-.137t-.35-.363q-.125-.225-.137-.488t.137-.512l9.25-16q.15-.25.388-.375T12 3q.25 0 .488.125t.387.375l9.25 16q.15.25.138.513t-.138.487q-.125.225-.35.363t-.5.137zm1.725-2h15.1L12 6zM12 18q.425 0 .713-.288T13 17q0-.425-.288-.712T12 16q-.425 0-.712.288T11 17q0 .425.288.713T12 18m0-3q.425 0 .713-.288T13 14v-3q0-.425-.288-.712T12 10q-.425 0-.712.288T11 11v3q0 .425.288.713T12 15m0-2.5"%2F%3E%3C%2Fsvg%3E');
}
.mdbook-alerts-caution {
--mdbook-alerts-color: rgb(207, 34, 46);
/* https://icon-sets.iconify.design/material-symbols/brightness-alert-outline-rounded/ */
--mdbook-alerts-icon: url('data:image/svg+xml,%3Csvg xmlns="http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg" width="24" height="24" viewBox="0 0 24 24"%3E%3Cpath fill="currentColor" d="M12 17q.425 0 .713-.288T13 16q0-.425-.288-.712T12 15q-.425 0-.712.288T11 16q0 .425.288.713T12 17m0-4q.425 0 .713-.288T13 12V8q0-.425-.288-.712T12 7q-.425 0-.712.288T11 8v4q0 .425.288.713T12 13m-3.35 7H6q-.825 0-1.412-.587T4 18v-2.65L2.075 13.4q-.275-.3-.425-.662T1.5 12q0-.375.15-.737t.425-.663L4 8.65V6q0-.825.588-1.412T6 4h2.65l1.95-1.925q.3-.275.663-.425T12 1.5q.375 0 .738.15t.662.425L15.35 4H18q.825 0 1.413.588T20 6v2.65l1.925 1.95q.275.3.425.663t.15.737q0 .375-.15.738t-.425.662L20 15.35V18q0 .825-.587 1.413T18 20h-2.65l-1.95 1.925q-.3.275-.662.425T12 22.5q-.375 0-.737-.15t-.663-.425zm.85-2l2.5 2.5l2.5-2.5H18v-3.5l2.5-2.5L18 9.5V6h-3.5L12 3.5L9.5 6H6v3.5L3.5 12L6 14.5V18zm2.5-6"%2F%3E%3C%2Fsvg%3E');
}
</style>
<h1 id="evaluation-quickstart"><a class="header" href="#evaluation-quickstart">Evaluation Quickstart</a></h1>
<p>This section will guide you through a quick setup of Kanidm for evaluation. It's recommended that
for a production deployment you follow the steps in the
<a href="installing_the_server.html">installation chapter</a> instead as there are a number of security
considerations you should be aware of for production deployments.</p>
<h2 id="requirements"><a class="header" href="#requirements">Requirements</a></h2>
<p>The only thing you'll need for this is Docker, Podman, or a compatible containerd environment
installed and running.</p>
<h2 id="get-the-software"><a class="header" href="#get-the-software">Get the software</a></h2>
<pre><code class="language-bash">docker pull docker.io/kanidm/server:latest
</code></pre>
<h2 id="create-your-configuration"><a class="header" href="#create-your-configuration">Create your configuration</a></h2>
<p>Create <code>server.toml</code>. The important parts are the <code>domain</code> and <code>origin</code>. For this example, if you
use <code>localhost</code> and <code>https://localhost:8443</code> this will match later commands.</p>
<pre><code class="language-toml"># The server configuration file version.
version = "2"
# The webserver bind address. Requires TLS certificates.
# If the port is set to 443 you may require the
# NET_BIND_SERVICE capability.
# Defaults to "127.0.0.1:8443"
bindaddress = "[::]:8443"
#
# The read-only ldap server bind address. Requires
# TLS certificates. If set to 636 you may require
# the NET_BIND_SERVICE capability.
# Defaults to "" (disabled)
# ldapbindaddress = "[::]:3636"
#
# The path to the kanidm database.
db_path = "/data/kanidm.db"
#
# If you have a known filesystem, kanidm can tune the
# database page size to match. Valid choices are:
# [zfs, other]
# If you are unsure about this leave it as the default
# (other). After changing this
# value you must run a vacuum task.
# - zfs:
# * sets database pagesize to 64k. You must set
# recordsize=64k on the zfs filesystem.
# - other:
# * sets database pagesize to 4k, matching most
# filesystems block sizes.
# db_fs_type = "zfs"
#
# The number of entries to store in the in-memory cache.
# Minimum value is 256. If unset
# an automatic heuristic is used to scale this.
# You should only adjust this value if you experience
# memory pressure on your system.
# db_arc_size = 2048
#
# TLS chain and key in pem format. Both must be present.
# If the server receives a SIGHUP, these files will be
# re-read and reloaded if their content is valid.
tls_chain = "/data/chain.pem"
tls_key = "/data/key.pem"
#
# The log level of the server. May be one of info, debug, trace
#
# NOTE: this can be overridden by the environment variable
# `KANIDM_LOG_LEVEL` at runtime
# Defaults to "info"
# log_level = "info"
#
# The DNS domain name of the server. This is used in a
# number of security-critical contexts
# such as webauthn, so it *must* match your DNS
# hostname. It is used to create
# security principal names such as `william@idm.example.com`
# so that in a (future) trust configuration it is possible
# to have unique Security Principal Names (spns) throughout
# the topology.
#
# ⚠️ WARNING ⚠️
#
# Changing this value WILL break many types of registered
# credentials for accounts including but not limited to
# webauthn, oauth tokens, and more.
# If you change this value you *must* run
# `kanidmd domain rename` immediately after.
domain = "idm.example.com"
#
# The origin for webauthn. This is the url to the server,
# with the port included if it is non-standard (any port
# except 443). This must match or be a descendent of the
# domain name you configure above. If these two items are
# not consistent, the server WILL refuse to start!
# origin = "https://idm.example.com"
origin = "https://idm.example.com:8443"
# HTTPS requests can be reverse proxied by a loadbalancer.
# To preserve the original IP of the caller, these systems
# will often add a header such as "Forwarded" or
# "X-Forwarded-For". Some other proxies can use the PROXY
# protocol v2 header.
# This setting allows configuration of the list of trusted
# IPs or IP ranges which can supply this header information,
# and which format the information is provided in.
# Defaults to "none" (no trusted sources)
# Only one option can be used at a time.
# [http_client_address_info]
# proxy-v2 = ["127.0.0.1", "127.0.0.0/8"]
# # OR
# x-forward-for = ["127.0.0.1", "127.0.0.0/8"]
# LDAPS requests can be reverse proxied by a loadbalancer.
# To preserve the original IP of the caller, these systems
# can add a header such as the PROXY protocol v2 header.
# This setting allows configuration of the list of trusted
# IPs or IP ranges which can supply this header information,
# and which format the information is provided in.
# Defaults to "none" (no trusted sources)
# [ldap_client_address_info]
# proxy-v2 = ["127.0.0.1", "127.0.0.0/8"]
[online_backup]
# The path to the output folder for online backups
path = "/data/kanidm/backups/"
# The schedule to run online backups (see https://crontab.guru/)
# every day at 22:00 UTC (default)
schedule = "00 22 * * *"
# four times a day at 3 minutes past the hour, every 6th hours
# schedule = "03 */6 * * *"
# We also support non standard cron syntax, with the following format:
# sec min hour day of month month day of week year
# (it's very similar to the standard cron syntax, it just allows to specify the seconds
# at the beginning and the year at the end)
# Number of backups to keep (default 7)
# versions = 7
</code></pre>
<h2 id="start-the-container"><a class="header" href="#start-the-container">Start the container</a></h2>
<p>First we create a docker volume to store the data, then we start the container.</p>
<pre><code class="language-bash">docker volume create kanidmd
docker create --name kanidmd \
-p '443:8443' \
-p '636:3636' \
-v kanidmd:/data \
docker.io/kanidm/server:latest
</code></pre>
<h2 id="copy-the-configuration-to-the-container"><a class="header" href="#copy-the-configuration-to-the-container">Copy the configuration to the container</a></h2>
<pre><code class="language-bash">docker cp server.toml kanidmd:/data/server.toml
</code></pre>
<h2 id="generate-evaluation-certificates"><a class="header" href="#generate-evaluation-certificates">Generate evaluation certificates</a></h2>
<pre><code class="language-bash">docker run --rm -i -t -v kanidmd:/data \
docker.io/kanidm/server:latest \
kanidmd cert-generate
</code></pre>
<h2 id="start-kanidmd-container"><a class="header" href="#start-kanidmd-container">Start Kanidmd Container</a></h2>
<pre><code class="language-bash">docker start kanidmd
</code></pre>
<h2 id="recover-the-admin-role-passwords"><a class="header" href="#recover-the-admin-role-passwords">Recover the Admin Role Passwords</a></h2>
<p>The <code>admin</code> account is used to configure Kanidm itself.</p>
<pre><code class="language-bash">docker exec -i -t kanidmd \
kanidmd recover-account admin
</code></pre>
<p>The <code>idm_admin</code> account is used to manage persons and groups.</p>
<pre><code class="language-shell">docker exec -i -t kanidmd \
kanidmd recover-account idm_admin
</code></pre>
<h2 id="setup-the-client-configuration"><a class="header" href="#setup-the-client-configuration">Setup the client configuration</a></h2>
<p>This happens on your computer, not in the container.</p>
<pre><code class="language-toml"># ~/.config/kanidm
uri = "https://localhost:8443"
verify_ca = false
</code></pre>
<h2 id="check-you-can-login"><a class="header" href="#check-you-can-login">Check you can login</a></h2>
<pre><code class="language-bash">kanidm login --name idm_admin
</code></pre>
<h2 id="create-an-account-for-yourself"><a class="header" href="#create-an-account-for-yourself">Create an account for yourself</a></h2>
<pre><code class="language-shell">kanidm person create &lt;your username&gt; &lt;Your Displayname&gt;
</code></pre>
<h2 id="set-up-your-account-credentials"><a class="header" href="#set-up-your-account-credentials">Set up your account credentials</a></h2>
<pre><code class="language-shell">kanidm person credential create-reset-token &lt;your username&gt;
</code></pre>
<p>Then follow the presented steps.</p>
<h2 id="what-next"><a class="header" href="#what-next">What next?</a></h2>
<p>You'll probably want to set it up properly, so that other computers can access it, so
<a href="choosing_a_domain_name.html">choose a domain name</a> and complete the full server installation.</p>
<p>Alternatively you might like to try configurig one of these:</p>
<ul>
<li><a href="./integrations/oauth2.html">OAuth2</a> for web services</li>
<li><a href="./integrations/pam_and_nsswitch.html">PAM and nsswitch</a> for authentication to Linux systems</li>
<li><a href="repl/">Replication</a>, if one Kanidm instance isn't enough</li>
</ul>
</main>
<nav class="nav-wrapper" aria-label="Page navigation">
<!-- Mobile navigation buttons -->
<a rel="prev" href="introduction_to_kanidm.html" class="mobile-nav-chapters previous" title="Previous chapter" aria-label="Previous chapter" aria-keyshortcuts="Left">
<i class="fa fa-angle-left"></i>
</a>
<a rel="next prefetch" href="supported_features.html" class="mobile-nav-chapters next" title="Next chapter" aria-label="Next chapter" aria-keyshortcuts="Right">
<i class="fa fa-angle-right"></i>
</a>
<div style="clear: both"></div>
</nav>
</div>
</div>
<nav class="nav-wide-wrapper" aria-label="Page navigation">
<a rel="prev" href="introduction_to_kanidm.html" class="nav-chapters previous" title="Previous chapter" aria-label="Previous chapter" aria-keyshortcuts="Left">
<i class="fa fa-angle-left"></i>
</a>
<a rel="next prefetch" href="supported_features.html" class="nav-chapters next" title="Next chapter" aria-label="Next chapter" aria-keyshortcuts="Right">
<i class="fa fa-angle-right"></i>
</a>
</nav>
</div>
<script>
window.playground_copyable = true;
</script>
<script src="elasticlunr.min.js"></script>
<script src="mark.min.js"></script>
<script src="searcher.js"></script>
<script src="clipboard.min.js"></script>
<script src="highlight.js"></script>
<script src="book.js"></script>
<!-- Custom JS scripts -->
<script src="mermaid.min.js"></script>
<script src="mermaid-init.js"></script>
</div>
</body>
</html>
+2
View File
@@ -0,0 +1,2 @@
uri = "https://localhost:8443"
verify_ca = false
+171
View File
@@ -0,0 +1,171 @@
#!/usr/bin/env bash
# Source the task library for help functionality
TASKLIB_PATH="${TASKLIB_PATH:-${HOME}/.local/lib/shellib/tasklib.sh}"
if [[ -f "$TASKLIB_PATH" ]]; then
source "$TASKLIB_PATH"
fi
# Configuration variables with defaults
# URLs and remote resources
KANIDM_SERVER_CONFIG_URL="${KANIDM_SERVER_CONFIG_URL:-https://raw.githubusercontent.com/kanidm/kanidm/master/examples/server.toml}"
KANIDM_DOCKER_IMAGE="${KANIDM_DOCKER_IMAGE:-docker.io/kanidm/server:latest}"
# File paths
SERVER_CONFIG_FILE="${SERVER_CONFIG_FILE:-server.toml}"
SERVER_LOCALHOST_CONFIG="${SERVER_LOCALHOST_CONFIG:-server_localhost.toml}"
CLIENT_CONFIG_FILE="${CLIENT_CONFIG_FILE:-./kanidm}"
# Container and volume settings
CONTAINER_NAME="${CONTAINER_NAME:-kanidmd}"
VOLUME_NAME="${VOLUME_NAME:-kanidmd}"
CONTAINER_DATA_PATH="${CONTAINER_DATA_PATH:-/data}"
# Network settings
HTTPS_PORT="${HTTPS_PORT:-8443}"
LDAP_PORT="${LDAP_PORT:-3636}"
KANIDM_URI="${KANIDM_URI:-https://localhost:8443}"
# Domain settings
ORIGINAL_DOMAIN="${ORIGINAL_DOMAIN:-idm.example.com}"
TARGET_DOMAIN="${TARGET_DOMAIN:-localhost}"
# Account names
ADMIN_ACCOUNT="${ADMIN_ACCOUNT:-admin}"
IDM_ADMIN_ACCOUNT="${IDM_ADMIN_ACCOUNT:-idm_admin}"
# Package lists
FEDORA_SYSTEM_DEPS="${FEDORA_SYSTEM_DEPS:-systemd-devel sqlite-devel openssl-devel pam-devel clang lld}"
FEDORA_WEBUI_DEPS="${FEDORA_WEBUI_DEPS:-perl-FindBin perl-File-Compare}"
fedora_build_notes () {
# Usage: Display build requirements and notes for Fedora systems
echo "NOTE: clang and lld are required to build Kanidm for performance"
echo "Rustup toolchain is needed"
}
install_system_lib_deps_fedora () {
# Usage: Install system library dependencies required for building Kanidm on Fedora
dnf install ${FEDORA_SYSTEM_DEPS}
}
install_webui_additional_pkgs () {
# Usage: Install additional packages required for the Kanidm web UI on Fedora
dnf install ${FEDORA_WEBUI_DEPS}
}
get_server_dev_config () {
# Usage: Download the example server configuration file from the Kanidm repository
wget "${KANIDM_SERVER_CONFIG_URL}"
}
make_localhost_config () {
# Usage: Create a localhost version of the server config by replacing the domain
if [[ -f "${SERVER_CONFIG_FILE}" ]];then
sed "s/${ORIGINAL_DOMAIN}/${TARGET_DOMAIN}/g" "${SERVER_CONFIG_FILE}" > "${SERVER_LOCALHOST_CONFIG}"
else
echo "First get example ${SERVER_CONFIG_FILE}!"
fi
}
get_the_software () {
# Usage: Pull the Kanidm Docker image using podman
podman pull "${KANIDM_DOCKER_IMAGE}"
}
create_eval_config () {
# Usage: Download and configure the server config file for evaluation
get_server_dev_config && make_localhost_config
}
create_kanidmd_volume () {
# Usage: Create a podman volume for persistent Kanidm data storage
# First create volume for the data!
podman volume create "${VOLUME_NAME}"
}
start_eval_container () {
# Usage: Create the Kanidm container with proper ports and volume mappings
create_kanidmd_volume && podman create --name "${CONTAINER_NAME}" \
-p "${HTTPS_PORT}:${HTTPS_PORT}" \
-p "${LDAP_PORT}:${LDAP_PORT}" \
-v "${VOLUME_NAME}:${CONTAINER_DATA_PATH}" \
"${KANIDM_DOCKER_IMAGE}"
}
copy_config_to_container () {
# Usage: Copy the localhost configuration file into the container
podman cp "${SERVER_LOCALHOST_CONFIG}" "${CONTAINER_NAME}:${CONTAINER_DATA_PATH}/${SERVER_CONFIG_FILE}"
}
generate_eval_certs () {
# Usage: Generate self-signed certificates for the evaluation server
podman run --rm -i -t -v "${VOLUME_NAME}:${CONTAINER_DATA_PATH}" \
"${KANIDM_DOCKER_IMAGE}" \
kanidmd cert-generate
}
recover_admin_pw () {
# Usage: Recover/reset the admin account password
podman exec -i -t "${CONTAINER_NAME}" \
kanidmd recover-account "${ADMIN_ACCOUNT}"
}
recover_idm_admin_pw () {
# Usage: Recover/reset the idm_admin account password
podman exec -i -t "${CONTAINER_NAME}" \
kanidmd recover-account "${IDM_ADMIN_ACCOUNT}"
}
setup_eval_client_config () {
# Usage: Create a client configuration file for connecting to the evaluation server
cat <<EOF > "${CLIENT_CONFIG_FILE}"
uri = "${KANIDM_URI}"
verify_ca = false
EOF
}
check_can_login () {
# Usage: Test if the kanidm client can login to the server
if ! command -v kanidm > /dev/null; then
echo "First install kanidm client tools!"
else
kanidm login --name "${IDM_ADMIN_ACCOUNT}"
fi
}
create_account () {
# Usage: Create a new user account in Kanidm
# Usage:
# kanidm person create <username> <Display Name>
echo "Implement create_account"
}
setup_account_credentials () {
# Usage: Set up credentials for a user account
# Usage:
# kanidm person credential create-reset-token <username>
echo "Implement setup_account_credentials"
}
help() {
# Usage: Show this help message
if declare -f show_task_help >/dev/null 2>&1; then
show_task_help "$0"
else
echo "Task library not found. Available tasks:"
declare -F | awk '{print $3}' | grep -v '^_' | sort
fi
}
# make it runnable
if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
if [[ $# -eq 0 ]] || [[ "$1" == "help" ]] || [[ "$1" == "--help" ]] || [[ "$1" == "-h" ]]; then
help
else
"$@"
fi
fi
+37
View File
@@ -0,0 +1,37 @@
[GHEGist]
Public = false
access_token = ""
auto_sync = false
base_url = ""
file_name = ""
gist_id = ""
upload_url = ""
[General]
Backend = "gist"
Cmd = []
Color = false
Column = 40
Editor = "sensible-editor"
Format = "[$description]: $command $tags"
SelectCmd = "fzf --ansi --layout=reverse --border --height=90% --pointer=* --cycle --prompt=Snippets:"
SnippetDirs = []
SnippetFile = "/home/seb/.config/pet/snippet.toml"
SortBy = ""
[Gist]
Public = false
access_token = ""
auto_sync = false
file_name = "pet-snippet.toml"
gist_id = ""
[GitLab]
ID = ""
Url = ""
Visibility = "private"
access_token = ""
auto_sync = false
file_name = "pet-snippet.toml"
skip_ssl = false
+5
View File
@@ -0,0 +1,5 @@
# IMPORTANT
The two `prev.{bash, zsh}` functions need to go into `.bashrc` or `.zshrc` respectively.
The `pet-slect.*` need to be put in the rc EXACTLY AS IS!!!. Else the keys aren't rebound.
Those files are taken from [this](https://github.com/knqyf263/pet) Readme. As such,
that repos license might apply!
File diff suppressed because one or more lines are too long
+6
View File
@@ -0,0 +1,6 @@
function pet-select() {
BUFFER=$(pet search --query "$READLINE_LINE")
READLINE_LINE=$BUFFER
READLINE_POINT=${#BUFFER}
}
bind -x '"\C-x\C-r": pet-select'
+8
View File
@@ -0,0 +1,8 @@
function pet-select() {
BUFFER=$(pet search --query "$LBUFFER")
CURSOR=$#BUFFER
zle redisplay
}
zle -N pet-select
stty -ixon
bindkey '^s' pet-select
+4
View File
@@ -0,0 +1,4 @@
function prev() {
PREV=$(echo `history | tail -n2 | head -n1` | sed 's/[0-9]* //')
sh -c "pet new `printf %q "$PREV"`"
}
+4
View File
@@ -0,0 +1,4 @@
function prev() {
PREV=$(fc -lrn | head -n 1)
sh -c "pet new `printf %q "$PREV"`"
}
+12
View File
@@ -0,0 +1,12 @@
[[Snippets]]
Description = "Get root shell while preserving environment variables."
Output = ""
Tag = ["superuser", "bash", "sh", "envvar"]
command = "sudo -E --shell"
[[Snippets]]
Description = "Preprocess slabinfo header so that columns align correctly"
Output = ""
Tag = []
command = "sed 's/# //' /proc/slabinfo | column -t"
+45
View File
@@ -0,0 +1,45 @@
#!/bin/bash
source ./shellib/dot-local/lib/shellib/tasklib.sh
get_gnu_stow_latest_tar_gz() {
wget --secure-protocol=auto https://ftpmirror.gnu.org/gnu/stow/stow-latest.tar.gz || {
echo "Error: Failed to download GNU Stow" >&2
return 1
}
}
unpack_stow_tar_gz_archive() {
if [[ ! -f "stow-latest.tar.gz" ]]; then
echo "Error: stow-latest.tar.gz not found" >&2
return 1
fi
tar xvf stow-latest.tar.gz
}
install_stow_latest_from_source() {
local stow_dir=$(find . -name "stow-*" -type d | head -1)
if [[ -z "$stow_dir" ]]; then
echo "Error: Stow source directory not found" >&2
return 1
fi
cd "$stow_dir" || return 1
./configure --prefix="$HOME/.local" || return 1
make || return 1
make install || return 1
cd - > /dev/null
}
install_gnu_stow() {
if grep -q 'ID=fedora' /etc/os-release 2>/dev/null; then
sudo dnf install -y stow
else
get_gnu_stow_latest_tar_gz && \
unpack_stow_tar_gz_archive && \
install_stow_latest_from_source
fi
}
"@"
+12
View File
@@ -0,0 +1,12 @@
log() {
# Write msg to stderr.
# Taken from https://github.com/oils-for-unix/oils/blob/master/stdlib/osh/two.sh
echo "$@" >&2
}
die() {
# Write error msg with script name and exit with status 1.
# Taken from https://github.com/oils-for-unix/oils/blob/master/stdlib/osh/two.sh
log "$@: fatal $@"
exit 1
}
+74
View File
@@ -0,0 +1,74 @@
#!/usr/bin/env bash
# Task library - provides help functionality for task files
# List all functions defined in the current environment
list_functions() {
declare -F | awk '{print $3}'
}
# Extract usage information from a function
get_function_usage() {
local func_name="$1"
local file="${2:-$0}"
# Get the function definition and extract Usage: comments
awk -v funcname="$func_name" '
/^[[:space:]]*'"$func_name"'[[:space:]]*\(\)/ {
in_func = 1
next
}
in_func && /^[[:space:]]*}[[:space:]]*$/ {
in_func = 0
}
in_func && /^[[:space:]]*#[[:space:]]*Usage:/ {
sub(/^[[:space:]]*#[[:space:]]*/, "", $0)
print $0
}
' "$file"
}
# Display help for all functions in a task file
show_task_help() {
local file="${1:-$0}"
local func_list=$(list_functions | sort)
echo "Available tasks:"
echo "================"
echo
for funcname in $func_list; do
# Skip internal functions and the help function itself
if [[ ! "$funcname" =~ ^(_|show_task_help|list_functions|get_function_usage) ]]; then
local usage=$(get_function_usage "$funcname" "$file")
if [[ -n "$usage" ]]; then
printf "%-30s %s\n" "$funcname" "- $usage"
else
printf "%-30s\n" "$funcname"
fi
fi
done
echo
echo "Run any task by calling it directly: ./tasks <task_name>"
}
# Alternative: Show detailed help for a specific function
show_function_help() {
local func_name="$1"
local file="${2:-$0}"
if ! declare -f "$func_name" >/dev/null 2>&1; then
echo "Error: Function '$func_name' not found" >&2
return 1
fi
echo "Help for: $func_name"
echo "==================="
local usage=$(get_function_usage "$func_name" "$file")
if [[ -n "$usage" ]]; then
echo "$usage"
else
echo "No usage information available"
fi
}
+1
View File
@@ -2,3 +2,4 @@
--dir=${HOME}/dotfiles
--target=${HOME}
--no-folding
--verbose
@@ -0,0 +1,14 @@
[metadata]
name = "alias"
description = "A channel to select from shell aliases"
[source]
# you may need to adjust the command depending on your shell
command = "$SHELL -ic 'alias'"
output = "{split:=:0}"
[preview]
command = "$SHELL -ic 'alias' | grep -E '^(alias )?{split:=:0}='"
[ui.preview_panel]
size = 30
@@ -0,0 +1,10 @@
# UNTESTED
[metadata]
name = "bash-history"
description = "A channel to select from your bash history"
requirements = ["bash"]
[source]
command = "sed '1!G;h;$!d' ${HISTFILE:-${HOME}/.bash_history}"
no_sort = true
frecency = false
@@ -0,0 +1,30 @@
[metadata]
name = "brew-packages"
description = "List and manage Homebrew packages"
requirements = ["brew"]
[source]
command = [
"brew list --formula",
"brew list --cask",
]
[preview]
command = "brew info '{}'"
[ui]
layout = "portrait"
[keybindings]
ctrl-u = "actions:upgrade"
ctrl-d = "actions:uninstall"
[actions.upgrade]
description = "Upgrade the selected package"
command = "brew upgrade '{}'"
mode = "execute"
[actions.uninstall]
description = "Uninstall the selected package"
command = "brew uninstall '{}'"
mode = "execute"
@@ -0,0 +1,22 @@
[metadata]
name = "cargo-commands"
description = "List available cargo commands and extensions"
requirements = ["cargo"]
[source]
command = "cargo --list 2>/dev/null | tail -n +2 | awk '{print $1}'"
[preview]
command = "cargo {} --help 2>/dev/null | head -50"
[ui]
layout = "portrait"
preview_panel = { size = 60 }
[keybindings]
enter = "actions:run"
[actions.run]
description = "Run the selected cargo command"
command = "cargo '{}'"
mode = "execute"
@@ -0,0 +1,18 @@
[metadata]
name = "channels"
description = "Select a television channel"
requirements = ["tv", "bat"]
[source]
command = ["tv list-channels"]
[preview]
command = "bat -pn --color always ${XDG_CONFIG_HOME:-$HOME/.config}/television/cable/**/{}.toml"
[keybindings]
enter = "actions:channel-enter"
[actions.channel-enter]
description = "Enter a television channel"
command = "tv {}"
mode = "execute"
@@ -0,0 +1,13 @@
[metadata]
name = "dirs"
description = "A channel to select from directories"
requirements = ["fd"]
[source]
command = ["fd -t d", "fd -t d --hidden"]
[preview]
command = "ls -la --color=always '{}'"
[keybindings]
shortcut = "f2"
@@ -0,0 +1,42 @@
[metadata]
name = "distrobox-list"
description = "A channel to select a container from distrobox"
requirements = ["distrobox", "bat"]
[source]
command = ["distrobox list | awk -F '|' '{ gsub(/ /, \"\", $2); print $2}' | tail --lines=+2"]
[preview]
command = "(distrobox list | column -t -s '|' | awk -v selected_name={} 'NR==1 || $0 ~ selected_name') && echo && distrobox enter -d {} | bat --plain --color=always -lbash"
[keybindings]
ctrl-e = "actions:distrobox-enter"
ctrl-l = "actions:distrobox-list"
ctrl-r = "actions:distrobox-rm"
ctrl-s = "actions:distrobox-stop"
ctrl-u = "actions:distrobox-upgrade"
[actions.distrobox-enter]
description = "Enter a distrobox"
command = "distrobox enter {}"
mode = "execute"
[actions.distrobox-list]
description = "List a distrobox"
command = "distrobox list | column -t -s '|' | awk -v selected_name={} 'NR==1 || $0 ~ selected_name'"
mode = "execute"
[actions.distrobox-rm]
description = "Remove a distrobox"
command = "distrobox rm {}"
mode = "execute"
[actions.distrobox-stop]
description = "Stop a distrobox"
command = "distrobox stop {}"
mode = "execute"
[actions.distrobox-upgrade]
description = "Upgrade a distrobox"
command = "distrobox upgrade {}"
mode = "execute"
@@ -0,0 +1,56 @@
[metadata]
name = "docker-containers"
description = "List and manage Docker containers"
requirements = ["docker"]
[source]
command = [
"docker ps --format '{{.Names}}\\t{{.Image}}\\t{{.Status}}'",
"docker ps -a --format '{{.Names}}\\t{{.Image}}\\t{{.Status}}'",
]
display = "{split:\\t:0} ({split:\\t:2})"
output = "{split:\\t:0}"
[preview]
command = "docker inspect '{split:\\t:0}' | jq -C '.[0] | {Name, State, Config: {Image: .Config.Image, Cmd: .Config.Cmd}, NetworkSettings: {IPAddress: .NetworkSettings.IPAddress}}'"
[ui]
layout = "portrait"
[keybindings]
ctrl-s = "actions:start"
f2 = "actions:stop"
ctrl-r = "actions:restart"
ctrl-l = "actions:logs"
ctrl-e = "actions:exec"
ctrl-d = "actions:remove"
[actions.start]
description = "Start the selected container"
command = "docker start '{split:\\t:0}'"
mode = "fork"
[actions.stop]
description = "Stop the selected container"
command = "docker stop '{split:\\t:0}'"
mode = "fork"
[actions.restart]
description = "Restart the selected container"
command = "docker restart '{split:\\t:0}'"
mode = "fork"
[actions.logs]
description = "Follow logs of the selected container"
command = "docker logs -f '{split:\\t:0}'"
mode = "execute"
[actions.exec]
description = "Execute shell in the selected container"
command = "docker exec -it '{split:\\t:0}' /bin/sh"
mode = "execute"
[actions.remove]
description = "Remove the selected container"
command = "docker rm '{split:\\t:0}'"
mode = "execute"
@@ -0,0 +1,34 @@
[metadata]
name = "docker-images"
description = "A channel to select from Docker images"
requirements = ["docker", "jq"]
[source]
command = "docker images --format '{{.Repository}}:{{.Tag}} {{.ID}}'"
output = "{split: :-1}"
[preview]
command = "docker image inspect '{split: :-1}' | jq -C"
[ui]
layout = "portrait"
[keybindings]
ctrl-r = "actions:run"
ctrl-d = "actions:remove"
ctrl-s = "actions:shell"
[actions.run]
description = "Run a container from the selected image"
command = "docker run -it '{split: :-1}'"
mode = "execute"
[actions.shell]
description = "Run a shell in the selected image"
command = "docker run -it '{split: :-1}' /bin/sh"
mode = "execute"
[actions.remove]
description = "Remove the selected image"
command = "docker rmi '{split: :-1}'"
mode = "execute"
@@ -0,0 +1,18 @@
[metadata]
name = "dotfiles"
description = "A channel to select from your user's dotfiles"
requirements = ["fd", "bat"]
[source]
command = "fd -t f . $HOME/.config"
[preview]
command = "bat -n --color=always '{}'"
[keybindings]
enter = "actions:edit"
[actions.edit]
description = "Edit the selected dotfile"
command = "${EDITOR:-vim} '{}'"
mode = "execute"
@@ -0,0 +1,31 @@
[metadata]
name = "downloads"
description = "Browse recent files in Downloads folder"
requirements = ["fd", "bat"]
[source]
command = "fd -t f . ~/Downloads --changed-within 30d 2>/dev/null | head -200"
[preview]
command = "bat -n --color=always '{}' 2>/dev/null || file '{}'"
env = { BAT_THEME = "ansi" }
[keybindings]
enter = "actions:open"
ctrl-d = "actions:delete"
ctrl-m = "actions:move"
[actions.open]
description = "Open the selected file with default application"
command = "xdg-open '{}' 2>/dev/null || open '{}'"
mode = "fork"
[actions.delete]
description = "Delete the selected file"
command = "rm -i '{}'"
mode = "execute"
[actions.move]
description = "Move the selected file to current directory"
command = "mv '{}' ."
mode = "fork"
@@ -0,0 +1,17 @@
[metadata]
name = "env"
description = "A channel to select from environment variables"
[source]
command = "printenv"
output = "{split:=:1..}" # output the value
[preview]
command = "echo '{split:=:1..}'"
[ui]
layout = "portrait"
preview_panel = { size = 20, header = "{split:=:0}" }
[keybindings]
shortcut = "f3"
@@ -0,0 +1,27 @@
[metadata]
name = "files"
description = "A channel to select files and directories"
requirements = ["fd", "bat"]
[source]
command = ["fd -t f", "fd -t f -H"]
[preview]
command = "bat -n --color=always '{}'"
env = { BAT_THEME = "ansi" }
[keybindings]
shortcut = "f1"
f12 = "actions:edit"
ctrl-up = "actions:goto_parent_dir"
[actions.edit]
description = "Opens the selected entries with the default editor (falls back to vim)"
command = "${EDITOR:-vim} '{}'"
# use `mode = "fork"` if you want to return to tv afterwards
mode = "execute"
[actions.goto_parent_dir]
description = "Re-opens tv in the parent directory"
command = "tv files .."
mode = "execute"
@@ -0,0 +1,32 @@
[metadata]
name = "gh-issues"
description = "List GitHub issues for the current repo"
requirements = ["gh", "jq"]
[source]
command = '''gh issue list --state open --limit 100 --json number,title,createdAt,author,labels | jq -r 'sort_by(.createdAt) | reverse | .[] | " \u001b[32m#\(.number)\u001b[39m \(.title) \u001b[33m@\(.author.login)\u001b[39m" + (if (.labels | length) > 0 then " " + ([.labels[] | "\u001b[35m" + .name + "\u001b[39m"] | join(" ")) else "" end)'
'''
ansi = true
output = "{strip_ansi|split:#:1|split: :0}"
[ui]
layout = "portrait"
preview_panel = { header = '{strip_ansi|split:#:1|split: :0}' }
[preview]
command = '''gh issue view '{strip_ansi|split:#:1|split: :0}' --json number,title,body,state,author,createdAt,updatedAt,labels,assignees | jq -r '
" " + .title,
" #" + (.number | tostring),
"",
" \u001b[36mStatus:\u001b[39m \u001b[32m" + .state + "\u001b[39m",
" \u001b[36mAuthor:\u001b[39m \u001b[33m" + .author.login + "\u001b[39m",
" \u001b[36mCreated:\u001b[39m " + (.createdAt | fromdateiso8601 | (now - .) | if . < 3600 then (./60|floor|tostring) + " minutes ago" elif . < 86400 then (./3600|floor|tostring) + " hours ago" else (./86400|floor|tostring) + " days ago" end),
" \u001b[36mUpdated:\u001b[39m " + (.updatedAt | fromdateiso8601 | (now - .) | if . < 3600 then (./60|floor|tostring) + " minutes ago" elif . < 86400 then (./3600|floor|tostring) + " hours ago" else (./86400|floor|tostring) + " days ago" end),
(if (.labels | length) > 0 then " \u001b[36mLabels:\u001b[39m " + ([.labels[] | "\u001b[35m" + .name + "\u001b[39m"] | join(" ")) else "" end),
(if (.assignees | length) > 0 then " \u001b[36mAssignees:\u001b[39m " + ([.assignees[].login] | join(", ")) else "" end),
"",
" \u001b[90m────────────────────────────────────────────────────────────\u001b[39m",
"",
(.body // "")'
'''
@@ -0,0 +1,32 @@
[metadata]
name = "gh-prs"
description = "List GitHub PRs for the current repo"
requirements = ["gh", "jq"]
[source]
command = '''gh pr list --state open --limit 100 --json number,title,createdAt,author,labels | jq -r 'sort_by(.createdAt) | reverse | .[] | " \u001b[32m#\(.number)\u001b[39m \(.title) \u001b[33m@\(.author.login)\u001b[39m" + (if (.labels | length) > 0 then " " + ([.labels[] | "\u001b[35m" + .name + "\u001b[39m"] | join(" ")) else "" end)'
'''
output = '{strip_ansi|split:#:1|split: :0}'
ansi = true
[ui]
layout = "portrait"
[preview]
command = '''gh pr view '{strip_ansi|split:#:1|split: :0}' --json number,title,body,state,headRefName,baseRefName,author,createdAt,updatedAt,mergeable,changedFiles,additions,deletions,labels,assignees,reviewDecision,headRepository,headRepositoryOwner | jq -r '
" " + .title,
" #" + (.number | tostring),
"",
" \u001b[36mStatus:\u001b[39m \u001b[32m" + .state + "\u001b[39m " + .baseRefName + " ← " + .headRefName,
" \u001b[36mRepo:\u001b[39m \u001b[34m" + (.headRepositoryOwner.login) + "/" + (.headRepository.name) + "\u001b[39m",
" \u001b[36mAuthor:\u001b[39m \u001b[33m" + .author.login + "\u001b[39m",
" \u001b[36mCreated:\u001b[39m " + (.createdAt | fromdateiso8601 | (now - .) | if . < 3600 then (./60|floor|tostring) + " minutes ago" elif . < 86400 then (./3600|floor|tostring) + " hours ago" else (./86400|floor|tostring) + " days ago" end),
" \u001b[36mUpdated:\u001b[39m " + (.updatedAt | fromdateiso8601 | (now - .) | if . < 3600 then (./60|floor|tostring) + " minutes ago" elif . < 86400 then (./3600|floor|tostring) + " hours ago" else (./86400|floor|tostring) + " days ago" end),
(if (.labels | length) > 0 then " \u001b[36mLabels:\u001b[39m " + ([.labels[] | "\u001b[35m" + .name + "\u001b[39m"] | join(" ")) else "" end),
" \u001b[36mMerge Status:\u001b[39m " + (if .mergeable == "MERGEABLE" then "\u001b[32m✓ Clean\u001b[39m" elif .mergeable == "CONFLICTING" then "\u001b[31m✗ Dirty\u001b[39m" else "\u001b[33m? Unknown\u001b[39m" end),
" \u001b[36mChanges:\u001b[39m " + (.changedFiles | tostring) + " files \u001b[32m+" + (.additions | tostring) + "\u001b[39m \u001b[31m-" + (.deletions | tostring) + "\u001b[39m",
"",
" \u001b[90m────────────────────────────────────────────────────────────\u001b[39m",
"",
(.body // "")'
'''
@@ -0,0 +1,37 @@
[metadata]
name = "git-branch"
description = "A channel to select from git branches"
requirements = ["git"]
[source]
command = "git --no-pager branch --all --format=\"%(refname:short)\""
output = "{split: :0}"
[preview]
command = "git show -p --stat --pretty=fuller --color=always '{0}'"
[keybindings]
enter = "actions:checkout"
ctrl-d = "actions:delete"
ctrl-m = "actions:merge"
ctrl-r = "actions:rebase"
[actions.checkout]
description = "Checkout the selected branch"
command = "git checkout '{0}'"
mode = "execute"
[actions.delete]
description = "Delete the selected branch"
command = "git branch -d '{0}'"
mode = "execute"
[actions.merge]
description = "Merge the selected branch into current branch"
command = "git merge '{0}'"
mode = "execute"
[actions.rebase]
description = "Rebase current branch onto the selected branch"
command = "git rebase '{0}'"
mode = "execute"
@@ -0,0 +1,33 @@
[metadata]
name = "git-diff"
description = "A channel to select files from git diff commands"
requirements = ["git"]
[source]
command = "git diff --name-only HEAD"
[preview]
command = "git diff HEAD --color=always -- '{}'"
[ui]
layout = "portrait"
[keybindings]
ctrl-s = "actions:stage"
ctrl-r = "actions:restore"
ctrl-e = "actions:edit"
[actions.stage]
description = "Stage the selected file"
command = "git add '{}'"
mode = "fork"
[actions.restore]
description = "Discard changes in the selected file"
command = "git restore '{}'"
mode = "fork"
[actions.edit]
description = "Open the selected file in editor"
command = "${EDITOR:-vim} '{}'"
mode = "execute"
@@ -0,0 +1,34 @@
[metadata]
name = "git-log"
description = "A channel to select from git log entries"
requirements = ["git"]
[source]
command = "git log --graph --pretty=format:'%C(yellow)%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit --color=always"
output = "{strip_ansi|split: :1}"
ansi = true
no_sort = true
frecency = false
[preview]
command = "git show -p --stat --pretty=fuller --color=always '{strip_ansi|split: :1}' | head -n 1000"
[keybindings]
ctrl-y = "actions:cherry-pick"
ctrl-r = "actions:revert"
ctrl-o = "actions:checkout"
[actions.cherry-pick]
description = "Cherry-pick the selected commit"
command = "git cherry-pick '{strip_ansi|split: :1}'"
mode = "execute"
[actions.revert]
description = "Revert the selected commit"
command = "git revert '{strip_ansi|split: :1}'"
mode = "execute"
[actions.checkout]
description = "Checkout the selected commit"
command = "git checkout '{strip_ansi|split: :1}'"
mode = "execute"
@@ -0,0 +1,28 @@
[metadata]
name = "git-reflog"
description = "A channel to select from git reflog entries"
requirements = ["git"]
[source]
command = "git reflog --decorate --color=always"
output = "{0|strip_ansi}"
ansi = true
no_sort = true
frecency = false
[preview]
command = "git show -p --stat --pretty=fuller --color=always '{0|strip_ansi}'"
[keybindings]
ctrl-o = "actions:checkout"
ctrl-r = "actions:reset"
[actions.checkout]
description = "Checkout the selected reflog entry"
command = "git checkout '{0|strip_ansi}'"
mode = "execute"
[actions.reset]
description = "Reset --hard to the selected reflog entry"
command = "git reset --hard '{0|strip_ansi}'"
mode = "execute"
@@ -0,0 +1,30 @@
[metadata]
name = "git-repos"
requirements = ["fd", "git"]
description = """
A channel to select from git repositories on your local machine.
This channel uses `fd` to find directories that contain a `.git` subdirectory, and then allows you to preview the git log of the selected repository.
"""
[source]
# this is a macos version of the command. While perfectly usable on linux, you may want to tweak it a bit.
command = "fd -g .git -HL -t d -d 10 --prune ~ -E 'Library' -E 'Application Support' --exec dirname '{}'"
display = "{split:/:-1}"
[preview]
command = "cd '{}'; git log -n 200 --pretty=medium --all --graph --color"
[keybindings]
enter = "actions:cd"
ctrl-e = "actions:edit"
[actions.cd]
description = "Open a new shell in the selected repository"
command = "cd '{}' && $SHELL"
mode = "execute"
[actions.edit]
description = "Open the repository in editor"
command = "${EDITOR:-vim} '{}'"
mode = "execute"
@@ -0,0 +1,37 @@
[metadata]
name = "git-stash"
description = "Browse and manage git stash entries"
requirements = ["git"]
[source]
command = "git stash list --color=always"
ansi = true
output = "{strip_ansi|split:\\::0}"
no_sort = true
frecency = false
[preview]
command = "git stash show -p --color=always '{strip_ansi|split:\\::0}'"
[ui]
layout = "portrait"
[keybindings]
enter = "actions:apply"
ctrl-p = "actions:pop"
ctrl-d = "actions:drop"
[actions.apply]
description = "Apply the selected stash"
command = "git stash apply '{strip_ansi|split:\\::0}'"
mode = "execute"
[actions.pop]
description = "Pop the selected stash (apply and remove)"
command = "git stash pop '{strip_ansi|split:\\::0}'"
mode = "execute"
[actions.drop]
description = "Drop the selected stash"
command = "git stash drop '{strip_ansi|split:\\::0}'"
mode = "execute"
@@ -0,0 +1,26 @@
[metadata]
name = "git-tags"
description = "Browse and checkout git tags"
requirements = ["git"]
[source]
command = "git tag --sort=-creatordate"
no_sort = true
frecency = false
[preview]
command = "git show --color=always '{}'"
[keybindings]
enter = "actions:checkout"
ctrl-d = "actions:delete"
[actions.checkout]
description = "Checkout the selected tag"
command = "git checkout '{}'"
mode = "execute"
[actions.delete]
description = "Delete the selected tag"
command = "git tag -d '{}'"
mode = "execute"
@@ -0,0 +1,24 @@
[metadata]
name = "git-worktrees"
description = "List and switch between git worktrees"
requirements = ["git"]
[source]
command = "git worktree list --porcelain | grep '^worktree' | cut -d' ' -f2-"
[preview]
command = "cd '{}' && git log --oneline -10 --color=always && echo && git status --short"
[keybindings]
enter = "actions:cd"
ctrl-d = "actions:remove"
[actions.cd]
description = "Change to the selected worktree"
command = "cd '{}' && $SHELL"
mode = "execute"
[actions.remove]
description = "Remove the selected worktree"
command = "git worktree remove '{}'"
mode = "execute"
@@ -0,0 +1,18 @@
[metadata]
name = "just-recipes"
description = "A channel to select recipes from Justfiles"
requirements = ["just"]
[source]
command = ["just --summary | tr '[:blank:]' '\n'"]
[preview]
command = "just -s {}"
[keybindings]
f5 = "actions:execute-recipe"
[actions.execute-recipe]
description = "Execute a justfile recipe"
command = "just {}"
mode = "execute"
@@ -0,0 +1,27 @@
[metadata]
name = "k8s-contexts"
description = "List and switch kubectl contexts"
requirements = ["kubectl"]
[source]
command = "kubectl config get-contexts -o name"
[preview]
command = "kubectl config view --minify --context='{}' -o yaml"
[ui]
layout = "portrait"
[keybindings]
enter = "actions:use"
ctrl-d = "actions:delete"
[actions.use]
description = "Switch to the selected context"
command = "kubectl config use-context '{}'"
mode = "execute"
[actions.delete]
description = "Delete the selected context"
command = "kubectl config delete-context '{}'"
mode = "execute"
@@ -0,0 +1,37 @@
[metadata]
name = "k8s-deployments"
description = '''List and preview Deployments in a Kubernetes Cluster.
The first source lists only from the current namespace, while the second lists from all.
Keybindings
Press `ctrl-d` to delete the selected Deployment.
'''
requirements = ["kubectl"]
[source]
command = [
'''
kubectl get deployments -o go-template --template '{{range .items}}{{.metadata.namespace}} {{.metadata.name}}{{"\n"}}{{end}}'
''',
'''
kubectl get deployments -o go-template --template '{{range .items}}{{.metadata.namespace}} {{.metadata.name}}{{"\n"}}{{end}}' --all-namespaces
''',
]
output = "{1}"
[preview]
command = "kubectl describe -n {0} deployments/{1}"
[ui]
layout = "portrait"
preview_panel = { size = 60 }
[keybindings]
ctrl-d = "actions:delete"
[actions.delete]
description = "Delete the selected Deployment"
command = "kubectl delete -n {0} deployments/{1}"
mode = "execute"
@@ -0,0 +1,51 @@
[metadata]
name = "k8s-pods"
description = '''List and preview Pods in a Kubernetes Cluster.
The first source lists only from the current namespace, while the second lists from all.
Keybindings
Press `ctrl-e` to execute shell inside the selected Pod.
Press `ctrl-d` to delete the selected Pod.
Press `ctrl-l` to print and follow the logs of the selected Pod.
'''
requirements = ["kubectl"]
[source]
command = [
'''
kubectl get pods -o go-template --template '{{range .items}}{{.metadata.namespace}} {{.metadata.name}}{{"\n"}}{{end}}'
''',
'''
kubectl get pods -o go-template --template '{{range .items}}{{.metadata.namespace}} {{.metadata.name}}{{"\n"}}{{end}}' --all-namespaces
''',
]
output = "{1}"
[preview]
command = "kubectl describe -n {0} pods/{1}"
[ui]
layout = "portrait"
preview_panel = { size = 60 }
[keybindings]
ctrl-d = "actions:delete"
ctrl-e = "actions:exec"
ctrl-l = "actions:logs"
[actions.exec]
description = "Execute shell inside the selected Pod"
command = "kubectl exec -i -t -n {0} pods/{1} -- /bin/sh"
mode = "execute"
[actions.delete]
description = "Delete the selected Pod"
command = "kubectl delete -n {0} pods/{1}"
mode = "execute"
[actions.logs]
description = "Follow logs of the selected Pod"
command = "kubectl logs -f -n {0} pods/{1}"
mode = "execute"
@@ -0,0 +1,37 @@
[metadata]
name = "k8s-services"
description = '''List and preview Services in a Kubernetes Cluster.
The first source lists only from the current namespace, while the second lists from all.
keybindings
Press `ctrl-d` to delete the selected Service.
'''
requirements = ["kubectl"]
[source]
command = [
'''
kubectl get services -o go-template --template '{{range .items}}{{.metadata.namespace}} {{.metadata.name}}{{"\n"}}{{end}}'
''',
'''
kubectl get services -o go-template --template '{{range .items}}{{.metadata.namespace}} {{.metadata.name}}{{"\n"}}{{end}}' --all-namespaces
''',
]
output = "{1}"
[preview]
command = "kubectl describe -n {0} services/{1}"
[ui]
layout = "portrait"
preview_panel = { size = 60 }
[keybindings]
ctrl-d = "actions:delete"
[actions.delete]
description = "Delete the selected Service"
command = "kubectl delete -n {0} services/{1}"
mode = "execute"
@@ -0,0 +1,18 @@
[metadata]
name = "make-targets"
description = "List and run Makefile targets"
requirements = ["make", "awk"]
[source]
command = "make -pRrq 2>/dev/null | awk -F: '/^[a-zA-Z0-9][^$#\\/\\t=]*:([^=]|$)/ {split($1,a,\" \"); print a[1]}' | sort -u | grep -v '^Makefile$'"
[preview]
command = "awk '/^{}[[:space:]]*:/{found=1} found{print; if(/^[^\\t]/ && NR>1 && !/^{}[[:space:]]*:/) exit}' Makefile"
[keybindings]
enter = "actions:run"
[actions.run]
description = "Run the selected make target"
command = "make {}"
mode = "execute"
@@ -0,0 +1,25 @@
[metadata]
name = "man-pages"
description = "Browse and preview system manual pages"
requirements = ["apropos", "man", "col"]
[source]
# List all man pages using apropos
command = "apropos ."
[preview]
# Show the man page for the selected entry
command = "man '{0}' | col -bx"
env = { "MANWIDTH" = "80" }
[keybindings]
enter = "actions:open"
[actions.open]
description = "Open the selected man page in the system pager"
command = "man '{0}'"
mode = "execute"
[ui]
layout = "portrait"
preview_panel = { header = "{0}" }
@@ -0,0 +1,19 @@
[metadata]
name = "mounts"
description = "List mounted filesystems"
requirements = ["df", "awk"]
[source]
command = "df -h --output=target,fstype,size,used,avail,pcent 2>/dev/null | tail -n +2"
display = "{split: :0}"
[preview]
command = "df -h '{}' && echo && ls -la '{}' 2>/dev/null | head -20"
[keybindings]
enter = "actions:cd"
[actions.cd]
description = "Open a shell in the selected mount point"
command = "cd '{}' && $SHELL"
mode = "execute"
@@ -0,0 +1,22 @@
[metadata]
name = "npm-scripts"
description = "List and run npm scripts from package.json"
requirements = ["jq"]
[source]
command = "jq -r '.scripts | to_entries[] | \"\\(.key)\\t\\(.value)\"' package.json 2>/dev/null"
display = "{split:\\t:0}"
[preview]
command = "jq -r '.scripts[\"{split:\\t:0}\"]' package.json"
[ui.preview_panel]
size = 30
[keybindings]
enter = "actions:run"
[actions.run]
description = "Run the selected npm script"
command = "npm run '{split:\\t:0}'"
mode = "execute"
@@ -0,0 +1,9 @@
[metadata]
name = "nu-history"
description = "A channel to select from your nu history"
[source]
command = "nu -c 'open $nu.history-path | lines | uniq | reverse | to text'"
no_sort = true
frecency = false
@@ -0,0 +1,10 @@
[metadata]
name = "path"
description = "Investigate PATH contents"
requirements = ["fd", "bat"]
[source]
command = "printf '%s\n' \"$PATH\" | tr ':' '\n'"
[preview]
command = "fd -tx -d1 . \"{}\" -X printf \"%s\n\" \"{/}\" | sort -f | bat -n --color=always"
@@ -0,0 +1,24 @@
[metadata]
name = "pdf-files"
description = "Browse PDF files"
requirements = ["fd", "pdftotext"]
[source]
command = [
"fd -t f -e pdf .",
"fd -t f -e pdf -H .",
]
[preview]
command = "pdftotext -l 2 -layout '{}' - 2>/dev/null | head -100 || file '{}'"
[ui]
layout = "portrait"
[keybindings]
enter = "actions:open"
[actions.open]
description = "Open the selected PDF with default viewer"
command = "xdg-open '{}' 2>/dev/null || open '{}'"
mode = "fork"
@@ -0,0 +1,27 @@
[metadata]
name = "pip-packages"
description = "List installed Python packages"
requirements = ["pip"]
[source]
command = "pip list --format=freeze 2>/dev/null | cut -d= -f1"
[preview]
command = "pip show '{}'"
[ui]
layout = "portrait"
[keybindings]
ctrl-u = "actions:upgrade"
ctrl-d = "actions:uninstall"
[actions.upgrade]
description = "Upgrade the selected package"
command = "pip install --upgrade '{}'"
mode = "execute"
[actions.uninstall]
description = "Uninstall the selected package"
command = "pip uninstall '{}'"
mode = "execute"
@@ -0,0 +1,14 @@
[metadata]
name = "ports"
description = "List listening ports and associated processes"
requirements = ["ss", "awk"]
[source]
command = "ss -tlnp 2>/dev/null | tail -n +2 | awk '{gsub(/.*:/,\"\",$4); print $4, $1, $6}' | sed 's/users:((\"//; s/\".*//'"
display = "{split: :0} ({split: :2})"
[preview]
command = "ss -tlnp 2>/dev/null | grep ':{split: :0} ' | head -20"
[ui.preview_panel]
size = 40
@@ -0,0 +1,38 @@
[metadata]
name = "procs"
description = "A channel to find and manage running processes"
requirements = ["ps", "awk"]
[source]
command = "ps -e -o pid=,ucomm= | awk '{print $1, $2}'"
display = "{split: :1}"
output = "{split: :0}"
[preview]
command = "ps -p '{split: :0}' -o user,pid,ppid,state,%cpu,%mem,command | fold"
[keybindings]
ctrl-k = "actions:kill"
f2 = "actions:term"
ctrl-s = "actions:stop"
ctrl-c = "actions:cont"
[actions.kill]
description = "Kill the selected process (SIGKILL)"
command = "kill -9 {split: :0}"
mode = "execute"
[actions.term]
description = "Terminate the selected process (SIGTERM)"
command = "kill -15 {split: :0}"
mode = "execute"
[actions.stop]
description = "Stop/pause the selected process (SIGSTOP)"
command = "kill -STOP {split: :0}"
mode = "fork"
[actions.cont]
description = "Continue/resume the selected process (SIGCONT)"
command = "kill -CONT {split: :0}"
mode = "fork"
@@ -0,0 +1,22 @@
[metadata]
name = "recent-files"
description = "List recently modified files (via git or filesystem)"
requirements = ["git", "bat"]
[source]
command = [
"git diff --name-only HEAD~10 HEAD 2>/dev/null || find . -type f -mtime -7 -not -path '*/.*' 2>/dev/null | head -100",
"find . -type f -mmin -60 -not -path '*/.*' 2>/dev/null | head -100",
]
[preview]
command = "bat -n --color=always '{}'"
env = { BAT_THEME = "ansi" }
[keybindings]
enter = "actions:edit"
[actions.edit]
description = "Open the selected file in editor"
command = "${EDITOR:-vim} '{}'"
mode = "execute"
@@ -0,0 +1,18 @@
[metadata]
name = "ssh-hosts"
description = "A channel to select hosts from your SSH config"
requirements = ["grep", "tr", "cut", "awk"]
[source]
command = "grep -E '^Host(name)? ' $HOME/.ssh/config | tr -s ' ' | cut -d' ' -f2- | tr ' ' '\n' | grep -v '^$'"
[preview]
command = "awk '/^Host / { found=0 } /^Host (.*[[:space:]])?'{}'([[:space:]].*)?$/ { found=1 } found' $HOME/.ssh/config"
[keybindings]
enter = "actions:connect"
[actions.connect]
description = "SSH into the selected host"
command = "ssh '{}'"
mode = "execute"
@@ -0,0 +1,49 @@
[metadata]
name = "systemd-units"
description = "List and manage systemd services"
requirements = ["systemctl"]
[source]
command = [
"systemctl list-units --type=service --no-pager --no-legend --plain",
"systemctl list-units --type=service --all --no-pager --no-legend --plain",
]
display = "{split: :0}"
[preview]
command = "systemctl status '{split: :0}' --no-pager"
[ui]
layout = "portrait"
[keybindings]
ctrl-s = "actions:start"
f2 = "actions:stop"
ctrl-r = "actions:restart"
ctrl-e = "actions:enable"
ctrl-d = "actions:disable"
[actions.start]
description = "Start the selected service"
command = "sudo systemctl start '{split: :0}'"
mode = "execute"
[actions.stop]
description = "Stop the selected service"
command = "sudo systemctl stop '{split: :0}'"
mode = "execute"
[actions.restart]
description = "Restart the selected service"
command = "sudo systemctl restart '{split: :0}'"
mode = "execute"
[actions.enable]
description = "Enable the selected service"
command = "sudo systemctl enable '{split: :0}'"
mode = "execute"
[actions.disable]
description = "Disable the selected service"
command = "sudo systemctl disable '{split: :0}'"
mode = "execute"
@@ -0,0 +1,28 @@
[metadata]
name = "text"
description = "A channel to find and select text from files"
requirements = ["rg", "bat"]
[source]
command = [
"rg . --no-heading --line-number --colors 'match:fg:white' --colors 'path:fg:blue' --color=always",
"rg . --no-heading --line-number --hidden --colors 'match:fg:white' --colors 'path:fg:blue' --color=always",
]
ansi = true
output = "{strip_ansi|split:\\::..2}"
[preview]
command = "bat -n --color=always '{strip_ansi|split:\\::0}'"
env = { BAT_THEME = "ansi" }
offset = '{strip_ansi|split:\::1}'
[ui]
preview_panel = { header = '{strip_ansi|split:\::..2}' }
[keybindings]
enter = "actions:edit"
[actions.edit]
description = "Open file in editor at line"
command = "${EDITOR:-vim} '+{strip_ansi|split:\\::1}' '{strip_ansi|split:\\::0}'"
mode = "execute"
@@ -0,0 +1,21 @@
[metadata]
name = "tldr"
description = "Browse and preview TLDR help pages for command-line tools"
requirements = ["tldr"]
[source]
command = "tldr --list"
[preview]
command = "tldr '{0}' --color always"
[ui]
layout = "portrait"
[keybindings]
ctrl-e = "actions:open"
[actions.open]
description = "Open the selected TLDR page"
command = "tldr '{0}'"
mode = "execute"
@@ -0,0 +1,25 @@
[metadata]
name = "todo-comments"
description = "Find TODO, FIXME, HACK, and XXX comments in codebase"
requirements = ["rg", "bat"]
[source]
command = "rg -n --color=always '(TODO|FIXME|HACK|XXX|BUG|WARN):?'"
ansi = true
output = "{strip_ansi|split:\\::..2}"
[preview]
command = "bat -n --color=always --highlight-line '{strip_ansi|split:\\::1}' '{strip_ansi|split:\\::0}'"
env = { BAT_THEME = "ansi" }
offset = "{strip_ansi|split:\\::1}"
[ui]
preview_panel = { header = "{strip_ansi|split:\\::..2}" }
[keybindings]
enter = "actions:edit"
[actions.edit]
description = "Open file in editor at the comment"
command = "${EDITOR:-vim} '+{strip_ansi|split:\\::1}' '{strip_ansi|split:\\::0}'"
mode = "execute"
@@ -0,0 +1,43 @@
[metadata]
name = "unicode"
description = '''Search and insert unicode characters
The UnicodeData.txt file is included by many packages.
In addition to:
Alpine Linux: unicode-character-database
Arch: unicode-character-database
Debian/Ubuntu: unicode-data
Fedora / RHEL / CentOS unicode-ucd
Gentoo: app-i18n/unicode-data
NixOS: unicode/unicode-data
openSUSE: unicode-ucd
UnicodData.txt may also aleady be provided by:
1) Many java packages
2) Latex packages
3) Still others
It may in some cases be necessary to alter UNICODE_FILE below.
'''
requirements = ["awk", "perl"]
[source]
command = '''
UNICODE_FILE="/usr/share/unicode/ucd/UnicodeData.txt"
awk -F';' '
$2 !~ /^</ { print $1 "|" $2 }
' "$UNICODE_FILE" \
| perl -CS -F'\|' -lane '
$code = $F[0];
$desc = $F[1];
$char = chr(hex($code));
print "U+$code|$char|$desc" if $char =~ /\p{Print}/;
'
'''
display = "{split:|:0} {split:|:1} {split:|:2}"
output = "{split:|:1}"
@@ -0,0 +1,11 @@
[metadata]
name = "zsh-history"
description = "A channel to select from your zsh history"
requirements = ["zsh"]
[source]
command = "sed '1!G;h;$!d' ${HISTFILE:-${HOME}/.zsh_history}"
display = "{split:;:1..}"
output = "{split:;:1..}"
no_sort = true
frecency = false
@@ -0,0 +1,247 @@
# CONFIGURATION FILE LOCATION ON YOUR SYSTEM:
# -------------------------------------------
# Defaults:
# ---------
# Linux: `$HOME/.config/television/config.toml`
# macOS: `$HOME/.config/television/config.toml`
# Windows: `%LocalAppData%\television\config.toml`
#
# XDG dirs:
# ---------
# You may use XDG_CONFIG_HOME if set on your system.
# In that case, television will expect the configuration file to be in:
# `$XDG_CONFIG_HOME/television/config.toml`
#
# General settings
# ----------------------------------------------------------------------------
tick_rate = 50
default_channel = "files"
# History settings
# ---------------
# Maximum number of entries to keep in the global history (default: 100)
# The history tracks search queries across all channels and sessions
# Set to 0 to disable history functionality entirely
history_size = 200
# Whether to use global history (default: false)
# When true: history navigation shows entries from all channels
# When false: history navigation is scoped to the current channel
global_history = false
[ui]
# How much space to allocate for the UI (in percentage of the screen)
# ┌─────────────────────────┐
# │ Terminal screen │
# │ ┌───────────────────┐ │
# │ │ │ │
# │ │ Television UI │ │
# │ │ │ │
# │ └───────────────────┘ │
# │ │
# └─────────────────────────┘
ui_scale = 100
# What orientation should tv be (landscape or portrait)
orientation = "landscape"
# The theme to use for the UI
# A list of builtin themes can be found in the `themes` directory of the television
# repository. You may also create your own theme by creating a new file in a `themes`
# directory in your configuration directory (see the `config.toml` location above).
theme = "default"
# Feature-specific configurations
# Each feature can have its own configuration section
[ui.input_bar]
# Where to place the input bar in the UI (top or bottom)
position = "top"
# The input prompt string (defaults to ">" if not specified)
prompt = ">"
# header = "{}"
# padding = {"left": 0, "right": 0, "top": 0, "bottom": 0}
border_type = "rounded" # https://docs.rs/ratatui/latest/ratatui/widgets/block/enum.BorderType.html#variants
[ui.status_bar]
# Status bar separators (bubble):
#separator_open = ""
#separator_close = ""
# Status bar separators (box):
separator_open = ""
separator_close = ""
hidden = false
[ui.results_panel]
border_type = "rounded"
# padding = {"left": 0, "right": 0, "top": 0, "bottom": 0}
[ui.preview_panel]
# Preview panel size (percentage of screen width/height)
size = 50
#header = ""
#footer = ""
scrollbar = true
border_type = "rounded"
# padding = {"left": 0, "right": 0, "top": 0, "bottom": 0}
hidden = false
[ui.help_panel]
# Whether to split the help panel by categories
show_categories = true
hidden = true
[ui.remote_control]
# Whether to show channel descriptions in remote control mode
show_channel_descriptions = true
# Whether to sort channels alphabetically
sort_alphabetically = true
# disabled = false
# Theme color overrides
# ---------------------
# You can override specific colors from the selected theme by adding them here.
# This allows you to customize the appearance without creating a full theme file.
# Colors can be specified as ANSI color names (e.g., "red", "bright-blue") or
# as hex values (e.g., "#ff0000", "#1e1e2e").
#
# Example overrides:
# [ui.theme_overrides]
# background = "#000000"
# text_fg = "#ffffff"
# selection_bg = "#444444"
# match_fg = "#ff0000"
# Keybindings and Events
# ----------------------------------------------------------------------------
#
[keybindings]
# Application control
# ------------------
esc = "quit"
ctrl-c = "quit"
# Navigation and selection
# -----------------------
down = "select_next_entry"
ctrl-n = "select_next_entry"
ctrl-j = "select_next_entry"
up = "select_prev_entry"
ctrl-p = "select_prev_entry"
ctrl-k = "select_prev_entry"
# History navigation
# -----------------
ctrl-up = "select_prev_history"
ctrl-down = "select_next_history"
# Multi-selection
# --------------
tab = "toggle_selection_down"
backtab = "toggle_selection_up"
enter = "confirm_selection"
# Preview panel control
# --------------------
pagedown = "scroll_preview_half_page_down"
pageup = "scroll_preview_half_page_up"
ctrl-f = "cycle_previews"
# Data operations
# --------------
ctrl-y = "copy_entry_to_clipboard"
ctrl-r = "reload_source"
ctrl-s = "cycle_sources"
# UI Features
# ----------
ctrl-t = "toggle_remote_control"
ctrl-x = "toggle_action_picker"
ctrl-o = "toggle_preview"
ctrl-h = "toggle_help"
f12 = "toggle_status_bar"
ctrl-l = "toggle_layout"
# Input field actions
# ----------------------------------------
backspace = "delete_prev_char"
ctrl-w = "delete_prev_word"
ctrl-u = "delete_line"
delete = "delete_next_char"
left = "go_to_prev_char"
right = "go_to_next_char"
home = "go_to_input_start"
ctrl-a = "go_to_input_start"
end = "go_to_input_end"
ctrl-e = "go_to_input_end"
# Shell integration
# ----------------------------------------------------------------------------
#
# The shell integration feature allows you to use television as a picker for
# your shell commands (as well as your shell history with <CTRL-R>).
# E.g. typing `git checkout <CTRL-T>` will open television with a list of
# branches to choose from.
[shell_integration]
# This specifies the default fallback channel if no other channel is matched.
fallback_channel = "files"
[shell_integration.channel_triggers]
# Add your channel triggers here. Each key is a channel that will be triggered
# by the corresponding commands.
# Example: say you want the following commands to trigger the following channels
# when pressing <CTRL-T>:
# `git checkout` should trigger the `git-branches` channel
# `ls` should trigger the `dirs` channel
# `cat` and `cp` should trigger the `files` channel
#
# You would add the following to your configuration file:
# ```
# [shell_integration.channel_triggers]
# "git-branches" = ["git checkout"]
# "dirs" = ["ls"]
# "files" = ["cat", "cp"]
# ```
"alias" = ["alias", "unalias"]
"env" = ["export", "unset"]
"dirs" = ["cd", "ls", "rmdir", "z"]
"files" = [
"cat",
"less",
"head",
"tail",
"vim",
"nano",
"bat",
"cp",
"mv",
"rm",
"touch",
"chmod",
"chown",
"ln",
"tar",
"zip",
"unzip",
"gzip",
"gunzip",
"xz",
]
"git-diff" = ["git add", "git restore"]
"git-branch" = [
"git checkout",
"git branch",
"git merge",
"git rebase",
"git pull",
"git push",
]
"git-log" = ["git log", "git show"]
"docker-images" = ["docker run"]
"git-repos" = ["nvim", "code", "hx", "git clone"]
[shell_integration.keybindings]
# controls which key binding should trigger tv
# for shell autocomplete
"smart_autocomplete" = "ctrl-t"
# controls which keybinding should trigger tv
# for command history
"command_history" = "ctrl-r"
View File