-
-
Save AnneTheAgile/5e6666bd2e2c25890e1e to your computer and use it in GitHub Desktop.
--- | |
# FILE: talk-battle-ansi-config | |
# README: Prepare a mac 10.9 machine for running battleschool by ensuring a config file/folder exists. | |
# USAGE: $ ansible-playbook -i ansinv ansiboot.yml # Where ansinv= Your inventory file; ansiboot.yml= This script. | |
# PREREQ: | |
# $ curl -L THIS-URL > ~/.battleschool/config.yml # TIP-Bash-Curl: L: If location redirects, go there instead. | |
# $ ansible all -m ping # Test that the inventory file exists and ansible works with local host. | |
# $ ansible workstation -m ping -i ansinv # Test that the given inventory file contains 'workstation'. | |
# NEXT: $ battle --ask-sudo-pass --config-file=/Users/YOURUSER/.battleschool/config.yml # Config is created by this script. | |
# []TODO- Ansible-Battle; IDK why Tilde is not accepted to find path for config file - especially given it defaults ok. | |
# URL: As of 2014-08-23S. | |
# https://gist.githubusercontent.com/AnneTheAgile/5e6666bd2e2c25890e1e/raw/a166f7ed2a27ea71cdca806dcab$ | |
# https://gist.github.com/AnneTheAgile/5e6666bd2e2c25890e1e | |
# FUTURE: []TODO- Add Bash wrapper to get this URL content and run the [usage] step. This is how brew.sh's one-liner works. | |
- hosts: workstation | |
vars: | |
SSHPWD: "{{ lookup('env','MY_PWD') }}" | |
# TIP-Bash-Env: Put Secret passwords (use LastPass) in environment variables, ~/.bashrc. $ export MY_PWD="aSecret" | |
# TODO-SSH: This section is for creating SSH keys during bootstrap-2. | |
tasks: | |
- name: "BattleSchool: Create Hidden Dot Folder for config files - ~/.battleschool/." | |
file: path=~/.battleschool state=directory | |
# TODO-Ansible: IDK when to / not use shell vs command module. Bash flavor may matter. | |
# TIP-Ansible-Yml: Colon in Name cannot be unquoted. | |
- name: "BattleSchool: Create Empty Configuration file for bootstrap initialization - ~/.battleschool/config.yml." | |
get_url: url=https://gist.githubusercontent.com/AnneTheAgile/071ce60cc5205b133db4/raw/3a5b9f3848c00ede0aa8aa1a435ba1eccf7888fc/talk-battle-config-empty.yml | |
dest=~/.battleschool/config.yml | |
# TIP-Battle: Original author's config.yml includes numerous things; https://db.tt/aG2uyydU | |
# TIP-Ansible: Use only get_url, not curl nor git module for gist text files. | |
- name: "BattleSchool: Apply correct permissions to config file - ~/.battleschool/config.yml." | |
file: path=~/.battleschool/config.yml state=file mode=755 | |
# TIP-Bash: chmod = 751 => owner=rwx, all others=rx. | |
# TIP-Battle: Config file must be readable and executable. => Updt; Maybe X-only is ok without Tilde. | |
# TIP-Bash: Chmod's numeric equivalents of text directives. URL: http://www.onlineconversion.com/html_chmod_calculator.htm |
BUG: Must have a local playbook.
I have given above the default as ;
https://gist.githubusercontent.com/AnneTheAgile/071ce60cc5205b133db4/raw/3a5b9f3848c00ede0aa8aa1a435ba1eccf7888fc/talk-battle-config-empty.yml
dest=~/.battleschool/config.yml
But error;
$ battle --ask-sudo-pass
sudo password:
## Updating sources ##############################################################################################
Task OK: git
Traceback (most recent call last):
File "/usr/local/bin/battle", line 337, in <module>
sys.exit(main(sys.argv[1:]))
File "/usr/local/bin/battle", line 215, in main
playbooks = source.run(inventory, sshpass, sudopass)
File "/Library/Python/2.7/site-packages/battleschool/source/__init__.py", line 98, in run
for playbook in source['playbooks']:
TypeError: 'NoneType' object is not utterable
$ cat ~/.battleschool/local.yml
$ cat ~/.battleschool/config.yml
---
# Empty Battleschool config.yml.
sources:
local:
#- playbook.yml
url:
#- name: playbook.yml
# url: https://db.tt/VcyI9dvr
git:
- name: 'osx'
repo: 'https://github.com/spencergibb/ansible-osx'
playbooks:
#- adium.ym
Line98 of init.py code: https://github.com/spencergibb/battleschool/blob/44d53439400b4078e3041013b1f9ee5995fb33bf/lib/battleschool/source/__init__.py
Cross-ref: Ticket to ask about this;
spencergibb/battleschool#11
OK, on to completely different :). Working on the blog post.
Firefox Install DMG PKG;
0.[] Working reference;
http://apple.stackexchange.com/questions/112639/how-to-install-firefox-using-the-terminal-app
Despite cannot list info, this does work;
$ curl http://mozilla.mirrors.tds.net/pub/mozilla.org/firefox/releases/latest/mac/en-US/Firefox%2032.0.3.dmg --list-only
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /pub/mozilla.org/firefox/releases/latest/mac/en-US/Firefox 32.0.3.dmg was not found on this server.</p>
</body></html>
$ curl http://mozilla.mirrors.tds.net/pub/mozilla.org/firefox/releases/latest/mac/en-US/Firefox%2032.0.3.dmg -o firefox32.dmg
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 266 100 266 0 0 5515 0 --:--:-- --:--:-- --:--:-- 5541
$ ls
config.yml firefox25.dmg firefox32.dmg playbooks
REFS
Get path of the desired current Firefox , which is on FTP but with many many subfolders.
1.[] How to Perl or Curl -s aUrl --list-only plus Sed and Regext on an ftp download site.
http://stackoverflow.com/questions/18780322/listing-files-with-curl
2.[] LIST of releases, very long, including future ones
http://en.wikipedia.org/wiki/Firefox_release_history
3.[] A 2012 Step by step FTP URL from which I can download Firefox 10 for Mac
https://support.mozilla.org/en-US/questions/923426#answer-320582
3A.[]Mac; Type "curl -O http://download.cdn.mozilla.net/pub/mozilla.org/firefox/releases/20.0/mac/en-US/Firefox%2020.0.dmg" (without the quotations)
Ubuntu; Type "wget 'http://download.mozilla.org/?product=firefox-20.0&os=linux&lang=en-US' -O firefox-20.0.tar.bz2"
http://yourbusiness.azcentral.com/download-firefox-terminal-20997.html
4.[] Example DMG Application, Adium ()
https://github.com/spencergibb/ansible-osx/blob/master/adium.yml
5.[] Use Spencer's provided DMG installer. It is a custom module, so use;
--module-path=/usr/share/battleschool/library
spencergibb/battleschool#4
6.[] Adium FOSS IM app example yml.
https://github.com/spencergibb/ansible-osx/blob/master/adium.yml
$ site=ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/32*
$ curl -s "$site" --list-only
//etc very long; it did not respect 'start with 32'
$ curl -s "ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/32.0.3" --list-only | wc
512 512 3848
$ curl -s "ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/32.0.3/mac/en-US" --list-only | wc
91 91 355
$ curl -s "ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/32.0.3/mac/en-US/us" --list-only | wc
1 2 19
# finally
$ curl -s "ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/32.0.3/mac/en-US/us" --list-only
Firefox 32.0.3.dmg
7.[] Gist of doing it all.
http://pastebin.com/Gn0CRUdz
curl http://mozilla.mirrors.tds.net/pub/mozilla.org/firefox/releases/latest/mac/en-US/Firefox%2025.0.1.dmg -o firefox25.dmg
hdiutil attach firefox25.dmg
cd /Volumes/Firefox
cp Firefox.app /Applications/Firefox.app
hdiutil detach /Volumes/Firefox
8.[] Linux showing Both Wget and Curl.
http://smallbusiness.chron.com/download-firefox-terminal-52857.html
9.[] CURL CheatSheet introduction: Download, List, FTP, etc.
http://www.codediesel.com/tools/6-essential-curl-commands/
10.[] Curl for FTP.
http://linux.byexamples.com/archives/320/using-curl-to-access-ftp-server/
PYTHON fun with the job site q's xfile []TODO
Python 2.7.5 (default, Mar 9 2014, 22:15:05)
[GCC 4.2.1 Compatible Apple LLVM 5.0 (clang-500.0.68)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> >>> def (v,l=[]):
... l.append(v)
... return l
...
>>> def elist(v,l=[]):
... l.append(v)
... return l
...
>>> l1=elist(10)
>>> print l1
[10]
>>> l2=elist(123,[])
>>> print l2
[123]
>>> l3=elist('a')
>>> print l3
[10, 'a']
>>> print l1
[10, 'a']
>>> print l2
[123]
>>> l3=elist('b')
>>> print l3
[10, 'a', 'b']
>>> l4=elist('c')
>>> print l4
[10, 'a', 'b', 'c']
>>>
>>>
>>> # http://www.toptal.com/python/interview-questions#.
...
>>> def muls():
... return [ lambda x : i * x for i in range(4) ] # range 4=> 0..4]
...
>>> print [muls()]]
File "<stdin>", line 1
print [muls()]]
^
SyntaxError: invalid syntax
>>> print [muls()]
[[<function <lambda> at 0x1095f09b0>, <function <lambda> at 0x1095f0320>, <function <lambda> at 0x1095fa320>, <function <lambda> at 0x1095fa398>]]
>>> print [m(2) for m in muls()]
[6, 6, 6, 6]
>>> print [muls(i) for i in range(4)]
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
TypeError: muls() takes no arguments (1 given)
>>> print [str( muls() ) ]
['[<function <lambda> at 0x1095edb90>, <function <lambda> at 0x1095f09b0>, <function <lambda> at 0x1095f0320>, <function <lambda> at 0x1095fa320>]']
>>>
>>> print [m(2) for m in muls()]
[6, 6, 6, 6]
>>>
>>> quit()
7.[] Curl Man page, very friendly and they note per survey that more DOC is needed.
http://curl.haxx.se/docs/manpage.html
PREFS
$ nano ~/Library/Preferences/com.apple.finder.plist
$ defaults read com.apple.finder
{
DesktopViewSettings = {
//....etc etc very very long, including binary info chunks eg. 00f04f0c 00000000 24000000
$ defaults read com.apple.finder | grep -in side
97: ContainerShowSidebar = 1;
99: ShowSidebar = 1;
103: SidebarWidth = 148;
$ defaults read com.apple.finder | grep -in bar
80: FXToolbarUpgradedToTenEight = 1;
81: FXToolbarUpgradedToTenNine = 2;
82: FXToolbarUpgradedToTenSeven = 1;
97: ContainerShowSidebar = 1;
98: ShowPathbar = 0;
99: ShowSidebar = 1;
100: ShowStatusBar = 0;
102: ShowToolbar = 1;
103: SidebarWidth = 148;
107: "NSToolbar Configuration Browser" = {
$ defaults read com.apple.sidebarlists
{
favoriteitems = { //etc long like above
$ defaults read com.apple.sidebarlists | grep -in nevervisible
169: Visibility = NeverVisible;
179: Visibility = NeverVisible;
206: Visibility = NeverVisible;
$ # Finder / Go / /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/
# Can NOT convert to Json at least I didn't see //Maybe need json1?
$ plutil -convert xml1 ~/Library/Preferences/com.apple.sidebarlists.plist -o ~/Desktop/sidebarlists.json
$ nano ~/Desktop/sidebarlists.json
$ mv ~/Desktop/sidebarlists.json ~/Desktop/sidebarlists.xml
$ nano ~/Desktop/sidebarlists.xml
$ # hard to tell where to add a custom favorites item
$ defaults read com.apple.finder AppleShowAllFiles
2014-10-04 12:01:58.798 defaults[1316:507]
The domain/default pair of (/Users/ME/Library/Preferences/com.apple.finder, AppleShowAllFiles) does not exist
$ # http://ianlunn.co.uk/articles/quickly-showhide-hidden-files-mac-os-x-mavericks/
$ defaults write com.apple.finder AppleShowAllFiles YES
$ # http://www.thxbye.de/mac/mac-restarting-the-mac-os-x-dock-finder-spaces-or-menubar.html
$ killall -KILL Finder
$ # http://apple.stackexchange.com/questions/102452/can-i-undo-changes-made-via-defaults-write
$ defaults delete -g AppleShowAllFiles
2014-10-04 12:17:27.605 defaults[1345:507]
Domain (kCFPreferencesAnyApplication) not found.
$ defaults delete com.apple.finder AppleShowAllFiles
$ defaults read com.apple.finder AppleShowAllFiles
2014-10-04 12:18:29.491 defaults[1363:507]
The domain/default pair of (/Users/ME/Library/Preferences/com.apple.finder, AppleShowAllFiles) does not exist
$ killall -KILL Finder
$ # all works as expected MANUALLY show/ hide INVISIBLE FILES
$ date
Sat Oct 4 12:19:00 EDT 2014
$ pwd
/Users/ME/ambatt
$ ls
BUILDING.md MANIFEST.in bin lib share
LICENSE Makefile build packaging test
MANIFEST README.md etc setup.py
$ # GOAL do it in ansible
$ # first, also try the 'NO" value
$ defaults write com.apple.finder AppleShowAllFiles YES
$ killall -KILL Finder
$ defaults write com.apple.finder AppleShowAllFiles NO
$ killall -KILL Finder
$ # perfect, so as it said in directions, either is fine.
# reset back to std //deleted the key
1.[] My PRIOR Test files.
$ ls ansi*
ansiboot.retry ansiboot.yml ansigather.txt ansinv ansisay.yml ansissh.yml
$ # ansiboot.retry just says localhost
$ # ansiboot.yml ; Ensures ~/.battleschool/ exists with config.yml from Git repo.
$ # ansigather.txt: output of ansible gather stats info
$ # ansinv ; Remove necessity for SSH by specifying local ansible connection.
$ # ansisay.yml Tests out talking to the user including prompting - via ansible-playbook -i
$ # ansissh.yml Test out creating ~/.ssh/, a key, and prompting.
2.[] Ansible Test: Print a message
https://github.com/spencergibb/ansible-osx/blob/master/apps/test2.yml
3.[] Ansible Test; Below, next remark to load a particular DMG.
4.[] Ansible Check, Dry-Run, and Diffs Testing mode;
http://docs.ansible.com/playbooks_checkmode.html
ansible-playbook foo.yml --check --diff --limit foo.example.com
5.[] Spencer's intro, instructions.
http://spencer.gibb.us/blog/2014/02/03/introducing-battleschool/
To test out an app dmg with local ansible repo source;
https://github.com/spencergibb/battleschool/blob/44d53439400b4078e3041013b1f9ee5995fb33bf/test/test_app_dmg.sh
MODULE_PARAMS="pkg_type=app"
MODULE_PARAMS="$MODULE_PARAMS archive_type=dmg"
MODULE_PARAMS="$MODULE_PARAMS archive_path=Adium.app"
MODULE_PARAMS="$MODULE_PARAMS url=http://sourceforge.net/projects/adium/files/Adium_1.5.9.dmg/download"
#echo $MODULE_PARAMS
$ANSIBLE_SRC_PATH/hacking/test-module -m share/library/mac_pkg -a "$MODULE_PARAMS"
To see where Adium code, is, search in two locations:
1.BattleSchool
https://github.com/spencergibb/battleschool/search?utf8=✓&q=adium
2.Ansible-OSX
https://github.com/spencergibb/ansible-osx/search?utf8=✓&q=adium
About the fixed ticket, needing default config.
Sample empty config.
https://github.com/spencergibb/battleschool/blob/53eac5a560c25faa4fc57b1ed9aef9d12761889d/test/emptyconfig/config.yml
PYTHON fun with the job site q's xfile []TODO
1.[] Contractors' Job site
http://www.toptal.com/python/interview-questions#
2.[] Edu Python for Network Engineers , email IPyAndy.net
http://ipyandy.net/2014/04/how-and-where-to-learn-python/
Python 2.7.5 (default, Mar 9 2014, 22:15:05)
[GCC 4.2.1 Compatible Apple LLVM 5.0 (clang-500.0.68)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> >>> def (v,l=[]):
... l.append(v)
... return l
...
>>> def elist(v,l=[]):
... l.append(v)
... return l
...
>>> l1=elist(10)
>>> print l1
[10]
>>> l2=elist(123,[])
>>> print l2
[123]
>>> l3=elist('a')
>>> print l3
[10, 'a']
>>> print l1
[10, 'a']
>>> print l2
[123]
>>> l3=elist('b')
>>> print l3
[10, 'a', 'b']
>>> l4=elist('c')
>>> print l4
[10, 'a', 'b', 'c']
>>>
>>>
>>> # http://www.toptal.com/python/interview-questions#.
...
>>> def muls():
... return [ lambda x : i * x for i in range(4) ] # range 4=> 0..4]
...
>>> print [muls()]]
File "<stdin>", line 1
print [muls()]]
^
SyntaxError: invalid syntax
>>> print [muls()]
[[<function <lambda> at 0x1095f09b0>, <function <lambda> at 0x1095f0320>, <function <lambda> at 0x1095fa320>, <function <lambda> at 0x1095fa398>]]
>>> print [m(2) for m in muls()]
[6, 6, 6, 6]
>>> print [muls(i) for i in range(4)]
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
TypeError: muls() takes no arguments (1 given)
>>> print [str( muls() ) ]
['[<function <lambda> at 0x1095edb90>, <function <lambda> at 0x1095f09b0>, <function <lambda> at 0x1095f0320>, <function <lambda> at 0x1095fa320>]']
>>>
>>> print [m(2) for m in muls()]
[6, 6, 6, 6]
>>>
>>> quit()
3.[] Network Tutorial and info IPV6 , sounds neat.
https://ipv6.he.net/certification/
LIST of people who worked on configuring local machines with Ansible, plus some non-local :).
1.[] Spencer's Mac OSX BattleSchool, 2014, including the mac-pkg module which enables installation of DMG or PKG files.
http://spencer.gibb.us/blog/2014/02/03/introducing-battleschool/
2.[] Ubuntu setup Joseph Kahn 2014-07, including details on base-16 color scheme setup; Vim; Dev/Work roles; VCsh;
http://blog.josephkahn.io/articles/ansible/
3.[] CentOS Ec2 AWS
http://jpmens.net/2012/11/21/provisioning-centos-ec2-instances-with-ansible/
4.[] Docker, Mesos Cluster, Marathon , HAProxy, Zookeeper, Cron
https://github.com/mhamrah/ansible-mesos-playbook
5.[] Last but Primary! GeerlingGuy who wrote the Ansible book
https://leanpub.com/ansible-for-devops
https://github.com/geerlingguy/mac-dev-playbook
//Updated to credit to BattleSchoool , he says; See also:
http://spencer.gibb.us/blog/2014/02/03/introducing-battleschool
Battleschool, is a more general solution than what I've built here. (It may be a better option if you don't want to fork this repo and hack it for your own workstation...).
https://github.com/osxc
osxc is another more general solution, set up so you can fork the xc-custom repo and get your own local environment bootstrapped quickly.
5A.[] GeerlingGuy may not know about the Pkg download app, [OSX Add Terminal to the Dock, below, #4]. He says;
the Mac App Store is not able to be controlled via CLI, or any other way I can find (so far), I have to manually install all of these apps from within the App Store application.
Tutorials , Ansible commands.
1.[] Shell HereDocs & the script module supports arguments, is that what you mean?
http://docs.ansible.com/script_module.html
ansible/ansible#6511
2.[] Command, versus Shell
http://docs.ansible.com/command_module.html#examples
command: /usr/bin/make_database.sh arg1 arg2 creates=/path/to/database
3.[] Patch on Vagrant - using shell instead of command
http://serverfault.com/questions/573505/ansible-playbook-not-working-trying-to-run-patch
4.[] Ad-hoc Ansible
http://docs.ansible.com/intro_adhoc.html#file-transfer
Gathering Facts:
$ ansible all -m setup
5.[] HereDoc assigned to a Bash variable with Read.
http://stackoverflow.com/questions/1167746/how-to-assign-a-heredoc-value-to-a-variable-in-bash
$ read -r -d '' VAR <<'EOF'
abc'asdf"
$(dont-execute-this)
foo"bar"''
EOF
6.[] Ansible for a single machine, localhost and no inventory.
https://groups.google.com/forum/#!topic/ansible-project/RuntoPUvqHM
7.[] Ansible Overview
http://www.ansible.com/how-ansible-works
8.[] Ansible Tutorial.
http://liquidat.wordpress.com/2014/02/17/howto-first-steps-with-ansible/
9.[] Ansible Best Practices per the Authors.
http://docs.ansible.com/playbooks_best_practices.html#directory-layout
Allow playbooks to target machines based on role, as well as to assign role specific variables using the group variable system. via Inventory, Patterns for Multiple groups in a system, e.g. web servers, observers.
SSH and Bootstrapping Ansible, which normally needs SSH
1.[] Example Ansible Boostrap Shell command. Prereqs ssh, ssh-copy-id. Create an ansible user plus key copied.
https://github.com/serenecloud/ansible-bootstrap/blob/master/ansible_bootstrap.sh
2.[] Ansible Galaxy list of reusable modules/roles. Author MPDeHaan commented on numerous modules.
https://galaxy.ansible.com/list#/users/6
3.[] Avoiding SSH : Use connection: local per DeHaan.
https://groups.google.com/forum/#!topic/ansible-project/IBszBK8ylg0
4.[] SSH Key add or delete from Authorized
http://docs.ansible.com/authorized_key_module.html
5.[] Run commands locally to the host, leader of Ansible.
http://stackoverflow.com/questions/18900236/run-command-on-the-ansible-host
name: a play that runs entirely on the ansible host
hosts: 127.0.0.1
connection: local
tasks:
6.[] Be able to create SSH key for user in user module.
https://github.com/ansible/ansible/pull/1389/files
7.[] Variables & Jinja2 in Ansible
http://docs.ansible.com/playbooks_variables.html
8.[] Conditionally prompt for a variable can NOT be done in Ansible.
http://stackoverflow.com/questions/25466675/ansible-to-conditionally-prompt-for-a-variable
9.[] Vars_Prompt can get info from users and then can with_sequence to post that to add_host interactively for inventory.
http://stackoverflow.com/questions/25326386/ansible-define-inventory-at-run-time
10.[] Don’t look for if-exists; instead use Roles.
http://stackoverflow.com/questions/13663996/ansible-include-if-exists
11.[] SSH Security module from Geerling.
https://galaxy.ansible.com/list#/roles/1030
12.[] GeerlingGuy’s module on git; he’s the author of the book.
https://github.com/geerlingguy/ansible-role-security/blob/master/tasks/ssh.yml
13.[] Another to improve security of ssh, galaxy…731.
https://github.com/vitalk/ansible-secure-ssh
Disable the empty password login. Empty password is a very bad idea.
Disable remote root login. The preferred way to gain root permissions is use su or sudo command.
Add your identity key to ~/.ssh/authorized_keys on remote host for passwordless login.
Disable password login (done only if previous step is successful).
Enable PAM.
14.[] Ansible Git role 743 Galaxy
https://galaxy.ansible.com/list#/roles/743
15.[] Ansible User project, but to be deprecated in favor of [16]
https://github.com/nickjj/ansible-user
16.[] DebOps for Debian ops management with Ansible.
http://debops.org/
DebOps is a framework of:
50+ highly extensible roles with sane defaults
Tuned for production and works great for development
Built for modularity so extending it is simple
Custom scripts to tie everything together
17.[] Use Curl-O to install Fail2Ban which updates FireWall rules upon seeing bad IP’s in apache error_log.
http://www.fail2ban.org/wiki/index.php/Main_Page
https://forgetcomputers.zendesk.com/hc/en-us/articles/201010250-Setting-up-Fail2ban-on-Mac-OS-X-10-7-
18.[] Deploy SSL Keys securely with Ansible: have a passphrase openssl
http://red-badger.com/blog/2014/02/28/deploying-ssl-keys-securely-with-ansible/
19.[] Ggl for [18] ssh-keygen
https://www.google.com/search?client=safari&rls=en&q=ansible+ssh-keygen+playbook&ie=UTF-8&oe=UTF-8
20.[] Ansible User management: can now manipulate ssh keys in various ways.
http://docs.ansible.com/user_module.html
Create a 2048-bit SSH key for user smith
[dash] user: name=jsmith generate_ssh_key=yes ssh_key_bits=2048
21.[] Ansible Source, needed locally in order to run certain debug items.
https://github.com/ansible/ansible
22.[] Example workflow to set up enabling FOSS contributions to ‘NeatLine’, telling stories with maps and timelines.
http://scholarslab.org/uncategorized/omeka-neatline-mac-development-oh-my/
http://neatline.org/
https://github.com/erochest/neatline.dev/tree/mac-ansible
BATTLE Fix to add Default config; Make a Git Patch from CWD
1.[] My ticket , Bootstrap without any Local Playbook fails? #11
spencergibb/battleschool#11
1A.[] My working on making and demonstrating the patch; IPYNB.
http://localhost:8888/notebooks/ambatt-bug-11.ipynb
2.[] Git patch from current un/staged changes diffs.
http://stackoverflow.com/questions/5159185/create-a-git-patch-from-the-changes-in-the-current-working-directory
If you haven't commited the changes, then:
git diff > mypatch.patch
But sometimes it happens that part of the stuff you're doing are new files that are untracked and won't be in your 'git diff' output. So, one way to do a patch is to stage everything for a new commit (but don't do the commit), and then:
git diff --cached > mypatch.patch
You can later apply the patch:
git apply mypatch.patch
BASH Tips.
1.[] Find in History: Ctrl-R and start typing.
http://ruslanspivak.com/2010/11/20/bash-history-reverse-intelligent-search/
BASH history – reverse intelligent search
by RUSLAN SPIVAK on NOVEMBER 20, 2010
Martin July 14, 2014 at 11:27 PM
Perhaps you could consider BASH history suggest box https://github.com/dvorka/hstr that greatly simplifies navigation through the history and its management.
2.[] Forward search.
http://ruslanspivak.com/2010/11/25/bash-history-incremental-search-forward/
3.[] Make GUI Red if VNC is being used on your Machine, check for spying.
http://jacobsalmela.com/tell-someone-spying-computer-using-geektool/
4.[] Bash script: Ansible-pseudo-replacement to Install with MongoDb, MySql, Brew, Git, Postgres, Test for SSH Key, Fix Permissions,
https://raw.githubusercontent.com/esparkman/PairMeUp/master/mac
5.[] Bash Script to install HomeBrew shows how to make Colors TTY, Test for OSX Version# for CLang, Git, Prompt, Abort on various conditions with nice block syntax.
https://github.com/Homebrew/install/blob/master/install
OSX Tips
1.[] Get the OSX Animal name from Wikipedia and complex url grep.
http://superuser.com/questions/797687/can-i-get-the-osxs-animal-name-from-the-terminal-instead-of-just-the-version/798941
2.[] Ansible Debug print output of a variable; but can’t prompt to post to a variable. Can add extra-vars to a cli.
http://stackoverflow.com/questions/21283453/ansible-output-a-variable-in-vars-prompt
Windows Work from Ansible
1.[] Run ipconfig, add a user, test the stat module.
https://github.com/ansible/ansible-examples/blob/ab8aa27eb9808716c25d300ebe063765bb2feea1/windows/test.yml
Python Tips.
1.[] Error handling.
http://stackoverflow.com/questions/20652527/python-try-except-with-of-if-else
Jobs
1.[] Relo first seen in a while; Hoboken NJ
http://careers.stackoverflow.com/jobs/63624/devops-engineer-jetcom?a=5aoOxtjEjL&utm_source=stackoverflow.com&utm_medium=ad&utm_campaign=jobs-large-sidebar-orange-nearyou
OSX Show/Hide Invisible Files
1.[] Mavericks terminal command and Alias.
http://ianlunn.co.uk/articles/quickly-showhide-hidden-files-mac-os-x-mavericks/
alias showFiles='defaults write com.apple.finder AppleShowAllFiles YES; killall Finder /System/Library/CoreServices/Finder.app'
2.[] DotFiles for OSX including ShowAllFiles item , commented here.
https://github.com/mathiasbynens/dotfiles/blob/master/.osx
3.[] Undoing by Delete or Change yes/no status.
http://apple.stackexchange.com/questions/102452/can-i-undo-changes-made-via-defaults-write
4.[] Finder must restart, i.e. kill to get changes to take.
http://www.thxbye.de/mac/mac-restarting-the-mac-os-x-dock-finder-spaces-or-menubar.html
5.[] Show Hidden files per bbs.
https://discussions.apple.com/thread/5483892?start=30&tstart=0
defaults write com.apple.finder AppleShowAllFiles -boolean true
killall Finder
OSX Add Terminal to the Dock
1.[] How to as of 2010.
http://krypted.com/mac-os-x/adding-objects-to-the-dock/
Ex. Add an app;
defaults write com.apple.dock persistent-apps -array-add ‘tile-datafile-data_CFURLString/Applications/Microsoft Office 2008/Microsoft Word_CFURLStringType0’
http://code.google.com/p/dockutil
or local or traditional mcx.
or the jamf binary (if you use the casper suite for management).
This will add iSync.app ( Or any app – just change path to what you want ) to the dock, Make sure to run as current console user in ARD and that users are logged in
defaults write com.apple.dock persistent-apps -array-add “tile-datafile-data_CFURLString/Applications/iSync.app/_CFURLStringType0″;
to refresh dock:
killall -HUP Dock (run as root in ARD)
lucidsystems April 4, 2012 - 2:45 am | Permalink
You may also be interested in additemtodock : http://www.lucidsystems.tk/tools/additemtodock/
2.[] GUI Preferences for the Dock, with Defaults write equivalents.
http://www.tekrevue.com/tip/the-complete-guide-to-customizing-mac-os-xs-dock-with-terminal/
3.[] AppleScript to add a Terminal Dock icon, even one with special command.
http://superuser.com/questions/260594/osx-add-dock-icon-for-dedicated-terminal-command
tell application "Terminal" to do script "mutt"
Save as application anywhere you want, then drag from there to the Dock.
4.[] DMG installer get from MacStore, normally invisible ; $2 app and a writeup about it.
http://jacobsalmela.com/tag/automation/
http://jacobsalmela.com/product/save-app-store-pkgs/
5.[] Login to GUI via CLI
https://github.com/jacobsalmela/login-user-to-gui-via-cli
Simulates keystrokes to log a user into the GUI from the login window.
This is useful in computer labs where you may need to log in a user to test out software or settings. Instead of typing in usernames/passwords manually at each computer, just send one of the commands via ARD and log them all in at once!
How it Works
OS X has access for assistive devices, which allows buttons to be pressed and keystrokes to be simulated. These features can be used via AppleScript GUI Scripting.
6.[] GUI post current info about the Mac.
http://projects.tynsoe.org/en/geektool/index.php
Julian Date CYWW Workweek TBA Code idea
1.[] Python; Three month Quarter outlook with Euro work week#’s.
http://www.macosxtips.co.uk/geeklets/productivity/calendar-3-months-european-week/
https://gist.github.com/tschloss/6207461
Python script that prints a 3-month calendar (previous, current, next month) WITH calendar weeks. The current day is highlighted. No parameters currently. INTENDED USE: Geeklet for Geek-Tool.
2.[] Ruby; FizzBuzz and fun things, organized as Gists. Idea/?
https://gist.github.com/mxcl?page=2
OSX Finder “SideBar”: Add Home and MyComputer
1.[] Events are used to update the info;
http://cocoadev.com/SideBarContent
~/Library/Preferences/com.apple.sidebarlists.plist
2.[] Defaults write to add back a few things
https://github.com/ymendel/dotfiles/blob/master/osx/finder.defaults
show external drives, removable media
defaults write com.apple.finder ShowExternalHardDrivesOnDesktop -bool true
defaults write com.apple.finder ShowRemovableMediaOnDesktop -bool true
3.[] LIST of what User wants to configure customize all; Scripting Configurations and Preferences - no replies, he did some already.
https://discussions.apple.com/thread/6430038?start=0&tstart=0
4.[] General procedure for plist update sidebarlists.plist. Does not seem applicable to my case. Their case was to get a list of Servers available, e.g. the school’s remote location.
https://groups.google.com/forum/#!topic/macenterprise/Ks-zHlY3h5I
5.[] Plists can be converted, with PLUtil, into XML1 and JSON1.
http://stackoverflow.com/questions/6066350/command-line-tool-for-converting-plist-to-json
[]Fix typo there, think the one suffix is read.
6.[] GUI App to edit instead of using ‘defaults’ command; fix for old tools didn’t know that there is now a message system that needs callback.
http://www.tempel.org/PrefsEditor
7.[] Restoring icons, everyone agrees can delete prefs; they are quite robust.
http://apple.stackexchange.com/questions/108299/how-to-reset-default-sidebar-favourites-icons-in-finder
OSX Prereq of Xcode and CommandLine Tools in order to be able to Compile
1.[] New xcode-select install option still uses GUI, unless add Applescript; otherwise hdiutil can attach and then delete, plus GUI prompt.
http://apple.stackexchange.com/questions/107307/how-can-i-install-the-command-line-tools-completely-from-the-command-line
applescript I wrote:
https://gist.github.com/brysgo/9007731
do shell script "xcode-select --install"
do shell script "sleep 1"
tell application "System Events"
tell process "Install Command Line Developer Tools"
keystroke return
click button "Agree" of window "License Agreement"
end tell
end tell
2.[] About the new OSX 10.9 Command line tool installer which is included, so now easier to get GCC and avoid the heavy Xcode download, if not desired.
http://osxdaily.com/2014/02/12/install-command-line-tools-mac-os-x/
3.[] OSX Apple website requires a userid ; the above [1] does not.
http://py-translate.readthedocs.org/en/latest/users/install_osx/
py-translate is a CLI Tool for Google Translate written in Python
HomeBrew Ruby Formulae and Bash Self-Installer
1.[] Example Go Language formula for brew.
https://github.com/Homebrew/homebrew/blob/master/Library/Formula/go.rb
2.[] Tutorial installing Xcode, HomeBrew, Git, RVM, Ruby Rails ; updated 2014.0929
http://www.moncefbelyamani.com/how-to-install-xcode-homebrew-git-rvm-ruby-on-mac/
Common Homebrew warnings and errors, and how to get rid of them
3.[] Deploy HomeBrew thru Casper (idk) & Make own Installer PKG DMG from a Brew Formula.
https://jamfnation.jamfsoftware.com/discussion.html?id=6999
Installer scripts are simple too, just run a file called "postinstall" - no deployment issues, right?
https://github.com/timsutton/brew-pkg
4.[] The HomeBrew one-line installer code is very clever and its source code is in a branch called /go/, i.e. Git-URL/Org/Project/BranchName/FilePath
Homebrew/legacy-homebrew#31825
5.[] Path moved,
https://github.com/Homebrew/homebrew/blob/go/install
puts <<-EOS
Whoops, the Homebrew installer has moved! Please instead run:
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Also, please ask wherever you got this link from to update it to the above.
Thanks!
EOS
6.[] Can go to here; direct content but NOT the repo, since can’t go ‘up’.
https://raw.githubusercontent.com/Homebrew/install/master/install
7.[] Custom install location and Uninstall HomeBrew.
https://github.com/Homebrew/homebrew/wiki/Installation
8.[] Old 2011 Uninstall Homebrew by MXCL user, BUT is referenced today 2014-Oct by the FAQ.
https://gist.github.com/mxcl/1173223
https://github.com/Homebrew/homebrew/wiki/FAQ
Why does Homebrew insist I install to /usr/local with such vehemence?
It’s safe
Apple has left this directory for us. Which means there is no /usr/local directory by default, so there is no need to worry about messing up existing tools.
Can I install my own stuff to /usr/local?
Yes, brew is designed to not get in your way so you can use it how you like.
Install your own stuff, but be aware that if you install common libraries, like libexpat yourself, it may cause trouble when trying to build certain Homebrew formula. As a result brew doctor will warn you about this.
Thus it’s probably better to install your own stuff to the Cellar and then brew link it. Like so:
$ cd foo-0.1
$ brew diy
./configure —prefix=/usr/local/Cellar/foo/0.1
$ ./configure —prefix=/usr/local/Cellar/foo/0.1
[snip]
$ make && make install
$ brew link foo
Linking /usr/local/Cellar/foo/0.1… 17 symlinks created
9.[] ROR Setup with Brew inc. PostGreSql or MySql DB. //cursing alert
https://gorails.com/setup/osx/10.9-mavericks
GoRails ; We're sharing everything we know about how to write great quality code
Join the GoRails mailing list to learn more about what great code looks like, why it is great, and how you can write great code yourself that you will enjoy working with.
10.[] HomeBrew Doctor to fix certain problems and cleanup: brew update; brew doctor.
https://github.com/Homebrew/homebrew/wiki/troubleshooting
11.[] Update; Homebrew Branch is now a separate repo in the org for Install script.
Homebrew/legacy-homebrew#31825
there is now a separate repo. Code is here;
https://github.com/Homebrew/install/blob/master/install
The way to find it is to go to the organization=Homebrew and search for 'install' in their repp's.
The command to run it is as above and as always, if not run as a shell command, navigating produces an error in the web browser.
https://raw.githubusercontent.com/Homebrew/install/master/install"
12.[] Homebrew how to install on homepage as of 2014-10-04.
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Misc
1.[] LastPass is very convenient to have installed ASAP.
https://lastpass.com/
2.[] May need to have Signon Login credentials for Apple/Developer handy.
https://developer.apple.com/
3.[] WWDC 2014 Videos, no descriptions, dates though.
https://developer.apple.com/videos/wwdc/2014/
https://developer.apple.com/wwdc/schedule/
4.[] Must click to see all the Descriptions WWDC Apple 2014.06.
https://developer.apple.com/wwdc/schedule/sessions/
Accessibility on iOS
Frameworks
iOS offers unmatched accessibility support that can help you reach a wider audience. Join us for an exploration of the features that iOS offers for users with specific needs, in areas such as vision, hearing, movement, and learning. Learn how to leverage existing and new UIAccessibility APIs in iOS 8, including expanded support for low vision users, to ensure that your app's features are available to all users.
5.[] R-Language running C++: RCpp, Given Clang.
http://seananderson.ca/2013/11/18/rcpp-mavericks.html
6.[] Cursing on GoRails, asked to remove.
https://gorails.com/about
https://gorails.com/setup/osx/10.9-mavericks
Easy to get Adium, the reference app to install.
https://github.com/spencergibb/battleschool/blob/44d53439400b4078e3041013b1f9ee5995fb33bf/test/test_app_dmg.sh
https://github.com/spencergibb/ansible-osx/blob/master/adium.yml
# Might not need sudo, was there from prior try
$ sudo ansible-playbook -vv -i ~/ansinv -M /usr/share/battleschool/library/ ~/.battleschool/playbooks/adium.yml
Password:
PLAY [workstation] ************************************************************
GATHERING FACTS ***************************************************************
<localhost> REMOTE_MODULE setup
ok: [localhost]
TASK: [say-tof] ***************************************************************
ok: [localhost] => {
"msg": "~HOME/.battleschool/playbooks/Adium.yml= Starting!"
}
TASK: [install Firefox] *******************************************************
<localhost> REMOTE_MODULE mac_pkg pkg_type=app url=http://sourceforge.net/projects/adium/files/Adium_1.5.9.dmg/download archive_type=dmg archive_path=Adium.app
changed: [localhost] => {"changed": true, "msg": "installed package /Applications/Adium.app", "version": "N/A"}
TASK: [say-eof] ***************************************************************
ok: [localhost] => {
"msg": "~HOME/.battleschool/playbooks/Adium.yml= Ended!"
}
PLAY RECAP ********************************************************************
localhost : ok=4 changed=1 unreachable=0 failed=0
$ ls -Flah /Applications/Adium.app/
total 0
drwxr-xr-x 3 root admin 102B Dec 3 2013 ./
drwxrwxr-x+ 37 root admin 1.2K Oct 4 20:52 ../
drwxr-xr-x 9 root admin 306B Dec 3 2013 Contents/
$ pwd
/Users/annemoroney/ansible
$ cat ~/.battleschool/playbooks/adium.yml
# exemplar
# https://github.com/spencergibb/battleschool/blob/44d53439400b4078e3041013b1f9ee5995fb33bf/test/test_app_dmg.sh
---
- hosts: workstation
vars:
THISAPP: Adium
tasks:
- name: say-tof
debug: msg="~HOME/.battleschool/playbooks/{{THISAPP}}.yml= Starting!"
- name: install Firefox
mac_pkg: pkg_type=app
url=http://sourceforge.net/projects/adium/files/Adium_1.5.9.dmg/download
archive_type=dmg archive_path={{THISAPP}}.app
sudo: yes
- name: say-eof
debug: msg="~HOME/.battleschool/playbooks/{{THISAPP}}.yml= Ended!"
# Tip: Ansible MSG can NOT have COLONs inside, but Tilde and Slash (forward, reverse sort of) ok.
# Tip: Ansible Playbook.YML CAN have a comment as line1 - does not need be the 3 dashes.
# WAS CURL url=curl http://mozilla.mirrors.tds.net/pub/mozilla.org/firefox/releases/latest/ma$
# url="ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/32.0.3/mac/en-US/us/$
The setup info.
$ ansible all -i ~/ansinv -m ping
localhost | success >> {
"changed": false,
"ping": "pong"
}
$ # NB confusion on location of ansible but so far ok ; i.e. have both local/devel and the pip
$ which ansible
/usr/local/bin/ansible
$ pip show ansible
---
Name: ansible
Version: 1.7.2
Location: /Library/Python/2.7/site-packages
Requires: paramiko, jinja2, PyYAML, setuptools, pycrypto
$ # NB names differ; battle vs battle school
$ pip show battle
$ pip show battleschool
---
Name: battleschool
Version: 0.3.6
Location: /Library/Python/2.7/site-packages
Requires: ansible, jinja2, pyyaml
$ which battle
/usr/local/bin/battle
1.[] Ansible Verbose output -v option or -vvv; or debug module.
http://serverfault.com/questions/531891/how-do-i-enable-additional-debugging-output-from-ansible-and-vagrant
2.[] Conditionally execute a task depending on category of Ansible variable.
http://grokbase.com/t/gg/ansible-project/148jmn57w3/ansible-calling-a-playbook-inside-a-playbook-with-vars-prompt-giving-error-error-vars-prompt-is-not-a-legal-parameter-in-an-ansible-task-or-handler
3.[] NOT DONE yet, more complex test.
https://github.com/spencergibb/battleschool/blob/44d53439400b4078e3041013b1f9ee5995fb33bf/test/testconfig/playbooks/playbook.yml
4.[] FIND for mac_pkg
https://github.com/spencergibb/battleschool/search?p=2&q=mac_pkg&type=Code&utf8=✓
5.[] Say hi to all machines; can reverse the order of args.
http://docs.ansible.com/intro_getting_started.html
6.[] Ansible module must have its first line telling the type of language, else get odd failures; if get this failure and you were running a yml playbook, that's because it is not a module!
http://stackoverflow.com/questions/19527867/how-should-script-output-be-formatted-for-ansible-reporting
target_host | FAILED => module is missing interpreter line
# one fix
ansible target_hosts -m script.sh
7.[] Example Shell Bash Ansible module.
http://jpmens.net/2012/07/05/shell-scripts-as-ansible-modules/
8.[] PIP documentation; List=Tell ALL (no args read) related installed; Show X=Details for one; Search=Find on remote all with such words; List --outdated to hunt for new
http://pip.readthedocs.org/en/latest/user_guide.html#listing-packages
9.[] Pip Update
http://stackoverflow.com/questions/2720014/upgrading-all-packages-with-pip
$ pip search ansible
ansible - Radically simple IT automation
INSTALLED: 1.7.2 (latest)
ansigenome - A tool to help you gather information and manage your Ansible roles.
mist.ansible - Ansible modules for the mist.io service
augploy - AUGmentum dePLOYment automation tool, powered by ansible
ansible-vagrant - Simple helper to use ansible with vagrant
mr.awsome.ansible - A plugin for mr.awsome providing integration with Ansible.
tory_client - client tools for the tory ansible inventory
ploy_ansible - Plugin to integrate Ansible with ploy.
ansible-role-manager - A tool for installing and managing Ansible roles, playbooks & modules.
ansiblator - Ansiblator - makes Ansible api more pythonic
org_wayround_pyeditor - Simple extansible editor with projects and outline
ansible-lint - checks playbooks for practices and behaviour that could potentially be improved
suitable - Suitable is a thin wrapper around the Ansible API.
ansible-tower-cli - A CLI tool for Ansible Tower.
ansible-inventory-grapher - Creates graphs representing ansible inventory
ansible-shell - Interactive shell for ansible
supervisorclusterctl - supervisorclusterctl is a cmd line tool that allows to control a cluster of processes by
utilizing Supervisor and Ansible.
datemike - Create Ansible tasks, plays, and playbooks in pure Python
arpm - ansible package manager command line tool
playbook_assistant - Simple utility for Ansible playbook creation and download
futen - Conversion script to Ansible inventory file from OpenSSH configuration
$ pip list --outdated
altgraph (Current: 0.10.1 Latest: 0.12)
bdist-mpkg (Current: 0.4.4 Latest: 0.5.0)
Could not find any downloads that satisfy the requirement bonjour-py
Some externally hosted files were ignored (use --allow-external bonjour-py to allow).
macholib (Current: 1.5 Latest: 1.7)
matplotlib (Current: 1.1.1 Latest: 1.4.0)
modulegraph (Current: 0.10.1 Latest: 0.12)
numpy (Current: 1.6.2 Latest: 1.9.0)
py2app (Current: 0.7.1 Latest: 0.9)
//ETC
Bash Tips
1.[] Be sure to run export after changing the Path!
http://www.troubleshooters.com/linux/prepostpath.htm
PATH=$PATH:/data/myscripts
export PATH
2.[] Simple way to edit path is just use editor with output to a file!
http://stackoverflow.com/questions/370047/what-is-the-most-elegant-way-to-remove-a-path-from-the-path-variable-in-bash
echo ${PATH} > t1
vi t1
export PATH=`cat t1`
1.[] Modules don't need Paths, shouldn't need them.
https://groups.google.com/forum/#!topic/ansible-project/i_BFBfeZ4Ys
2.[] Nice Example , clearly shows all needed folder structures ; Tells Years of each Config mgmt tool intro inc. Juju.
http://tomoconnor.eu/blogish/getting-started-ansible/#.VDCPOlZ0UfE
3.[] Might need Recursive Sub-Git ; IDK WHY; might have been by mistake I did that.
http://docs.ansible.com/developing_modules.html#testing-modules
4.[] Running play books, another ex. Ubuntu.
https://www.digitalocean.com/community/tutorials/how-to-create-ansible-playbooks-to-automate-system-configuration-on-ubuntu
BUG? Do need Sudo prefix.
$ ansible-playbook -vv -i ~/ansinv -M /usr/share/battleschool/library/ ~/.battleschool/playbooks/adium.yml
PLAY [workstation] ************************************************************
GATHERING FACTS ***************************************************************
<localhost> REMOTE_MODULE setup
ok: [localhost]
TASK: [say-tof] ***************************************************************
ok: [localhost] => {
"msg": "~HOME/.battleschool/playbooks/Adium.yml= Starting!"
}
TASK: [install Firefox] *******************************************************
<localhost> REMOTE_MODULE mac_pkg pkg_type=app url=http://sourceforge.net/projects/adium/files/Adium_1.5.9.dmg/download archive_type=dmg archive_path=Adium.app
failed: [localhost] => {"failed": true, "parsed": false}
[sudo via ansible, key=bzhjymtqnhzygnqgteaneeyeesiqwbfg] password:
FATAL: all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/Users/HOME/adium.retry
localhost : ok=2 changed=0 unreachable=0 failed=1
TODO; Why firefox doesn't fit the model?
https://github.com/spencergibb/battleschool/blob/master/share/library/mac_pkg
https://github.com/spencergibb/ansible-osx/blob/master/adium.yml
Chmod need to get numbers for Ansible's file mode command.
http://docs.ansible.com/file_module.html
http://www.onlineconversion.com/html_chmod_calculator.htm
=> 711 for owner=rwx and all others=x.