jellyjellyrobot/._

## ._
#!/bin/sh

# Change Mirrors
# sed --in-place 's/us.archive.ubuntu.com/mirror.0x.sg/' /etc/apt/sources.list
# sed --in-place 's/us.archive.ubuntu.com/download.nus.edu.sg\/mirror/' /etc/apt/sources.list

get_and_execute()
{
  FILE=$1
  echo "Getting $FILE"
  curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/$FILE > ~/$FILE
  chmod +x ~/$FILE
  echo "Running $FILE"
  ~/$FILE
}

# apt-get install sudo wget curl
# yum install sudo wget curl

get_and_execute install.sh

## Install Docker
# export PROXY_HOST=127.0.0.1
# export PROXY_PORT=80
# get_and_execute init_docker.sh

## Install OpenVPN
# get_and_execute init_openvpn.sh
## Haxxor
# get_and_execute haxxor.sh

## ._.todo
# Migrate to ansible
  - PERIOD

# Investigate docker-openvpn
  - https://github.com/kylemanna/docker-openvpn

# Haxxor.sh
  - Binwalk + related binary tools
  - ropper
  - radere (https://github.com/sashs/Ropper)

## .curlrc
# https://github.com/deiga/dotfiles/blob/master/curlrc

create-dirs

verbose
#silent
#show-error

## FTP setup
# ftp-create-dirs
# ftp-ssl
# ftp-pasv
# ftp-method = nocwd

# Limit the time (in seconds) the connection to the server is allowed to take
connect-timeout = 10

# Follow HTTP redirects
location

# Limit the time (in seconds) the whole operation is allowed to take
# (prevents cURL from hanging due to slow networks or links going down)
#max-time = 120

progress-bar

## .gitignore_global
# -- Vagrant --

.vagrant/

# -- Vim --

# swap
[._]*.s[a-v][a-z]
[._]*.sw[a-p]
[._]s[a-v][a-z]
[._]sw[a-p]
# session
Session.vim
# temporary
.netrwhist
*~
# auto-generated tag files
tags


# -- GPG --

secring.*

# -- Ansible --

*.retry

# -- XCode --

# Xcode
#
# gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore

## Build generated
build/
DerivedData/

## Various settings
*.pbxuser
!default.pbxuser
*.mode1v3
!default.mode1v3
*.mode2v3
!default.mode2v3
*.perspectivev3
!default.perspectivev3
xcuserdata/

## Other
*.moved-aside
*.xccheckout
*.xcscmblueprint


# -- VirtualEnv --

# Virtualenv
# http://iamzed.com/2009/05/07/a-primer-on-virtualenv/
.Python
[Bb]in
[Ii]nclude
[Ll]ib
[Ll]ib64
[Ll]ocal
[Ss]cripts
pyvenv.cfg
.venv
pip-selfcheck.json


# -- MacOS --

*.DS_Store
.AppleDouble
.LSOverride

# Icon must end with two \r
Icon


# Thumbnails
._*

# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent

# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk


## .tmux.conf
# Global settings

# Set prefix key to Ctrl-a
unbind-key C-b
set-option -g prefix C-a

# https://github.com/seebi/tmux-colors-solarized/blob/master/tmuxcolors-256.conf
set-option -g status-bg colour235 #base02
set-option -g status-fg colour136 #yellow
set-option -g status-attr default

# set window split
bind-key v split-window -h
bind-key b split-window

# default window title colors
set-window-option -g window-status-fg colour244 #base0
set-window-option -g window-status-bg default
#set-window-option -g window-status-attr dim

# active window title colors
set-window-option -g window-status-current-fg colour166 #orange
set-window-option -g window-status-current-bg default
#set-window-option -g window-status-current-attr bright

# pane border
set-option -g pane-border-fg colour235 #base02
set-option -g pane-active-border-fg colour240 #base01

# message text
set-option -g message-bg colour235 #base02
set-option -g message-fg colour166 #orange

# pane number display
set-option -g display-panes-active-colour colour33 #blue
set-option -g display-panes-colour colour166 #orange
# clock
set-window-option -g clock-mode-colour green #green

set -g status-interval 1
set -g status-justify centre # center align window list
set -g status-left-length 50
set -g status-right-length 180
set -g status-left '#[fg=green]#H #[fg=black]• #[fg=green,bright]#(uname -r | cut -c 1-6)#[default]'
set -g status-right "#[fg=green]Ext_ip: #(dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | egrep -v 'no servers could be reached|connection timed out' | sed -e 's/\\\"//g') :: #[fg=yellow]#(python2 ~/.tmuxinator/jelly/int.py ip) #[fg=red,bright]#(python2 ~/.tmuxinator/jelly/int.py speed) #[fg=green,bg=default,bright]#(tmux-mem-cpu-load --colors --interval 1) #[fg=red,dim,bg=default]:: #(uptime | cut -f 4-5 -d ' ' | cut -f 1 -d ',') #[fg=white,bg=default]%a %l:%M:%S %p#[default] #[fg=green]%Y-%m-%d"


# C-b is not acceptable -- Vim uses it
set-option -g prefix C-a
bind-key C-a last-window

# Start numbering at 1
set -g base-index 1
setw -g pane-base-index 1


# Allows for faster key repetition
set -s escape-time 1

# Extend the repeat interval for repeatable commands (e.g., resize-pane)
set -sg repeat-time 1000

# Rather than constraining window size to the maximum size of any client
# connected to the *session*, constrain window size to the maximum size of any
# client connected to *that window*. Much more reasonable.
setw -g aggressive-resize on

# Allows us to use C-a a <command> to send commands to a TMUX session inside
# another TMUX session
bind-key a send-prefix

# Activity monitoring
setw -g monitor-activity on
set -g visual-activity on

# Highlight active window
#set-window-option -g window-status-current-bg red

bind-key C command-prompt -p "Name of new window: " "new-window -n '%%'"

# reload config
bind r source-file ~/.tmux.conf \; display-message "Config reloaded..."

# auto window rename
set-window-option -g automatic-rename

# mouse mode
set -g mouse on

# mouse mode - tmux lt 2.1
# set -g mode-mouse on
# set -g mouse-resize-pane on
# set -g mouse-select-pane on
# set -g mouse-select-window on

# default shell
set-option -g default-shell /usr/bin/zsh

# color
set -g default-terminal "screen-256color"

#type prefix P to activate this
bind P pipe-pane -o "cat >> ~/#W.log" \; display "Toggled logging to ~/#W.log"

## .vimrc
" Dein.vim based vimrc
" Checkout https://github.com/Shougo/dein.vim
"
" Some configs courtesy of @jin

""""""""""
"""Dein"""
""""""""""

"" Start of Dein cfg

if &compatible
  set nocompatible
endif
set runtimepath+=~/.vim/dein.repo

" TODOs
"
"
" file browser
" NeoBundle 'scrooloose/nerdtree'
"
" fuzzy file finder
" NeoBundle "kien/ctrlp.vim"
"
" Add support for autocomplete for
"  - js
"  - latex
"
" Add support for syntax highlighting for
"  - less
" Preview markdown files with html?

if dein#load_state('~/.vim/dein.plugins')
  call dein#begin('~/.vim/dein.plugins')
  call dein#add('~/.vim/dein.repo')
  " Autocomplete
  call dein#add('Shougo/neocomplete.vim') " https://github.com/Shougo/neocomplete.vim
  call dein#add('Raimondi/delimitMate') " https://github.com/Raimondi/delimitMate
  " Syntatic Parsers
  call dein#add('vim-syntastic/syntastic') " https://github.com/vim-syntastic/syntastic
  call dein#end()
  call dein#save_state()
endif

" Required:
filetype plugin indent on
syntax enable

""""""""""""""""""
"""Standard Vim"""
""""""""""""""""""

set number relativenumber
set encoding=utf-8
set mouse=a

" Suppress default message at launch
set shortmess+=I

" Increase performance when dealing with long strings
set lazyredraw

" set nobackup
" no viminfo files
set viminfo=
set backupdir=/tmp
set directory=/tmp

"" Whitespace stuff
set tabstop=2
set shiftwidth=2
set softtabstop=2
set expandtab
set smarttab "" Indent start of lines with shiftwidth, not tabstop

"" Nicer autocomplete in command mode
set wildmode=longest,list

" Allow backspace to work everywhere
set backspace=indent,eol,start

"" Enable vim omnicompletion
set omnifunc=syntaxcomplete#Complete

"" Soft wrap long lines
set wrap

"" Searching stuff
set hlsearch
set incsearch
set ignorecase
set smartcase

"" Spellcheck for markdown and text files
"" Refer to plugins for NeoComplete Autocomplete
autocmd BufRead,BufNewFile *.md,*.txt,*.mdown,*.markdown setlocal spell spelllang=en_us textwidth=79 complete+=kspell

"" Python PEP8 style
" au FileType python set softtabstop=4 tabstop=4 shiftwidth=4 textwidth=79

"" Java style
" au FileType java set softtabstop=4 tabstop=4 shiftwidth=4

"" Use system clipboard
set clipboard=unnamed

"" Persistent undo
set undofile
set undodir=/tmp

"" MacVim default font and size
set guifont=Inconsolata-dz:h12

"" No error and visual bells
set noerrorbells
set visualbell t_vb=

"" Keep at least * lines around cursor
set scrolloff=6

"" -- PANES --
"" Set vsp and sp to open a new pane to the right and below by default
set splitbelow
set splitright

colorscheme delek

"""""""""""""""""""
""""Keymappings""""
"""""""""""""""""""
"" Set <leader> to ','
let mapleader = ","

"" Maintain selection after indentation [Visual]
" vmap > >gv
" vmap < <gv

"" Moves cursor to the midscreen while going through search terms
nnoremap N Nzz
nnoremap n nzz

"" Quicker pane switching
nnoremap <C-h> <C-w>h
nnoremap <C-j> <C-w>j
nnoremap <C-k> <C-w>k
nnoremap <C-l> <C-w>l

"" Set ':' to ';'
nnoremap ; :

"" 'j' and 'k' as they should be
nnoremap j gj
nnoremap k gk

"" Sudo write a file
cmap w!! w !sudo tee % >/dev/null

"""""""""""""
"""Plugins"""
"""""""""""""

""""
"" Shougo/neocomplete
""""

" Disable AutoComplPop.
" let g:acp_enableAtStartup = 0

" Use neocomplete.
let g:neocomplete#enable_at_startup = 1

" Use smartcase.
let g:neocomplete#enable_smart_case = 1

" Set minimum syntax keyword length.
let g:neocomplete#sources#syntax#min_keyword_length = 2

" Define dictionary.
let g:neocomplete#sources#dictionary#dictionaries = {
    \ 'default' : '',
    \ 'vimshell' : $HOME.'/.vimshell_hist',
    \ 'scheme' : $HOME.'/.gosh_completions'
        \ }

" Plugin key-mappings.
inoremap <expr><C-g>     neocomplete#undo_completion()
inoremap <expr><C-l>     neocomplete#complete_common_string()

" Enable omni completion.
autocmd FileType css setlocal omnifunc=csscomplete#CompleteCSS
autocmd FileType html,markdown setlocal omnifunc=htmlcomplete#CompleteTags
autocmd FileType javascript setlocal omnifunc=javascriptcomplete#CompleteJS
autocmd FileType python setlocal omnifunc=pythoncomplete#Complete
autocmd FileType xml setlocal omnifunc=xmlcomplete#CompleteTags

""""
"" Raimondi/delimitMate
""""

"" Disable delimiteMate for Rust source
let delimitMate_excluded_ft = "rust,ml,ocaml"


""""
"" vim-syntastic/syntastic
""""

set statusline+=%#warningmsg#
set statusline+=%{SyntasticStatuslineFlag()}
set statusline+=%*

let g:syntastic_always_populate_loc_list = 1
let g:syntastic_auto_loc_list = 1
let g:syntastic_check_on_open = 1
let g:syntastic_check_on_wq = 0

" Aggregate errors from more than 1 checker
let g:syntastic_aggregate_errors = 1

" Checkers
" Ref - https://github.com/vim-syntastic/syntastic/blob/master/doc/syntastic-checkers.txt
let g:syntastic_python_checkers = ['pylint', 'python']
let g:syntastic_php_checkers = ['php', 'phpcs', 'phpmd']

" TODO
" Ansible yaml support for Syntastic - http://erikzaadi.com/2015/11/15/linting-ansible-yaml-in-vim/
au BufNewFile,BufRead *.yaml set filetype=yaml.ansible

""""
""
""""

""""
""
""""

""""
""
""""

""""
""
""""


## .zshrc
# Tmuxinator
export ZSH=~/.oh-my-zsh
#PATH="`ruby -e 'puts Gem.user_dir'`/bin:$PATH"

ZSH_THEME="murilasso"

export UPDATE_ZSH_DAYS=7
export SHELL='zsh'

HIST_STAMPS="dd/mm/yyyy"
plugins=(git glance nova zsh-completions lxc)

export DISABLE_AUTO_UPDATE="true" # Check .oh-my-zsh/oh-my-zsh.sh
source $ZSH/oh-my-zsh.sh

# for mac keyboards
bindkey -s "^[OM" "^M"

# Aliases and Exports
if [ -f /etc/redhat-release ]; then
  # [Red Hat Based Systems]
  # SSHagent
  if [ `ps aux | grep ssh-agent | wc -l` -ne 1 ]; then
    SSH_PID=`ps aux | grep ssh-agent | egrep $(ls -l /tmp/ssh-*/agent.* | cut -d '.' -f 2 | paste -s -d '|') | awk '{print $2}'`
    SSH_SOCK=`ls -l /tmp/ssh-*/agent.* | grep "$SSH_PID" | awk '{print $NF}'`
    SSH_AUTH_SOCK=$SSH_SOCK; export SSH_AUTH_SOCK;
  fi
elif [ -f /etc/issue ]; then
  # [Debian based Systems]
  export PATH=$PATH:/usr/games

  # SSHagent
  if [ `ps aux | grep ssh-agent | wc -l` -ne 1 ]; then
    SSH_PID=`ps aux | grep ssh-agent | egrep $(ls -l /tmp/ssh-*/agent.* | cut -d '.' -f 2 | paste -s -d '|') | awk '{print $2}'`
    SSH_SOCK=`ls -l /tmp/ssh-*/agent.* | grep "$SSH_PID" | awk '{print $NF}'`
    SSH_AUTH_SOCK=$SSH_SOCK; export SSH_AUTH_SOCK;

  fi

elif [ $(uname) '==' 'Darwin' ]; then
  # [macOS based Systems]
  export PATH="/usr/local/bin:/usr/local/sbin:~/bin:$PATH"
  if [[ $(sw_vers -productName) == *Mac* ]]; then
    if which rbenv > /dev/null; then eval "$(rbenv init -)"; fi
    alias flushdns='sudo discoveryutil mdnsflushcache && sudo discoveryutil udnsflushcaches && sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist && sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist'
    # https://gist.github.com/textarcana/4611277
    export LESSOPEN="| /usr/local/bin/src-hilite-lesspipe.sh %s"
    export LESS=" -R "
    alias less='less -m -N -g -i -J --underline-special --SILENT'
    alias more='less'
    alias dd='sudo gdd status=progress bs=4M'
  fi

  # OPSec
  alias grip="echo 'no'"

fi

# Root should always be '#'
# Noobs should always be '$'
# Thanks SB

if [ -f /etc/redhat-release ]; then
  # [Red Hat Based Systems]
  :
elif [ -f /etc/issue ]; then
  # [Debian based Systems]
  export PATH=$PATH:/usr/games
  if [ $USER = "root" ]; then
    export PS1=`echo ${PS1} | sed 's/\%B$\%b/\%B#\%b/'`
  else
    export PS1=`echo ${PS1} | sed 's/\%B#\%b/\%B$\%b/'`
  fi
else
  :
fi


export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
export LANGUAGE=en_US.UTF-8
export EDITOR='vim'

# Python
if ls ~/.pythonrc 1>/dev/null 2>/dev/null
	then
	export PYTHONSTARTUP=~/.pythonrc
fi

## For pip packages installed with pip install --user
if [ $(uname) '==' 'Darwin' ]; then
  # [macOS based Systems]
    if [[ $(sw_vers -productName) == *Mac* ]]; then
        export PATH="$PATH:/Users/$USER/Library/Python/2.7/bin/"
    fi
  alias ssh-add-all='ssh-add $(ls ~/.ssh/*.pub | sed 's/.pub//g')'
fi

# Youtube-DL
if hash youtube-dl 1>/dev/null 2>/dev/null
	then
	alias yout='youtube-dl -f bestvideo+bestaudio'
  alias youn='yout -o "%(autonumber)s-%(title)s.%(ext)s"'
fi

# Git
alias gita='git add -A'
alias gitc='git commit -m'
alias gitp='git push origin master'
gitdd () {
	echo "Files untracked but to be staged\n"
	git ls-files --others --exclude-standard
	echo "\nFor more info try < git status >"
	git diff --color "$@" | diff-so-fancy | less
}

alias grepp='grep -rnw '.' -e'

if hash aria2c 1>/dev/null 2>/dev/null
  then
  alias aria="aria2c -s 4 -x 4"
fi

# SuperCow Power
export ANSIBLE_NOCOWS="1"

# Watch logins
watch=all
LOGCHECK=5  # every 5 seconds
WATCHFMT="%B%n%b from %B%M%b has %a tty%l at %D{'%d/%m/%y %T %Z'}"

## MOTD
COWS=(`cowsay -l | tail -n +2 | tr '\n' ' '`)
THE_CHOSEN_COW=${COWS[$(($RANDOM % ${#COWS[@]} + 1)) ]}
# NOT SAFE FOR WORK!
# command cowsay -W $((`tput cols` - 20)) -f ${THE_CHOSEN_COW} $(fortune)
command cowsay $(fortune)

## init_docker.sh
#!/bin/bash
# installs docker only on ubuntu instances
# TODO centos instances

set -eux pipefail


if [ -f /etc/redhat-release ]; then
  # Red-hat
  # https://docs.docker.com/engine/installation/linux/docker-ce/centos/

  echo "not supported"

elif [ -f /etc/issue ]; then
  # Debian
  # https://docs.docker.com/engine/installation/linux/docker-ce/ubuntu/

  echo "installing docker-ce"
  sudo apt-get remove docker docker-engine docker.io
  sudo apt-get update
  sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    software-properties-common -y
  curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
  sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"
  sudo apt-get update
  sudo apt-get install docker-ce -y


  echo "installing docker-compose"
  if [ -f /etc/redhat-release ]
  then
    sudo rm /usr/local/bin/docker-compose
  elif command -v docker-compose
  then
    pip uninstall docker-compose
  fi

  sudo -E curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
  sudo chmod +x /usr/local/bin/docker-compose

  # export PROXY_HOST=127.0.0.1
  # export PROXY_PORT=80
  ## Proxy https://docs.docker.com/engine/admin/systemd/#runtime-directory-and-storage-driver
  sudo mkdir -p /etc/systemd/system/docker.service.d
  sudo cat <<EOF >> /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://$PROXY_HOST:$PROXY_PORT/" "NO_PROXY=localhost,127.0.0.1"
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

elif [ $(uname) '==' 'Darwin' ]; then
  echo "not supported"
fi


## init_openvpn.sh
#!/bin/bash
# installs docker only on ubuntu instances
# TODO centos instances

set -eux pipefail

if [ -f /etc/redhat-release ]; then
  # Red-hat
  echo "not supported"
elif [ -f /etc/issue ]; then
  # Debian/Ubuntu
  # https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04

  echo "installing OVPN"
  sudo apt-get update
  sudo apt-get install openvpn easy-rsa -y
  make-cadir ~/openvpn-ca
  cd ~/openvpn-ca

cat <<EOF >> vars
export KEY_COUNTRY="SG"
export KEY_PROVINCE="SG"
export KEY_CITY="Singapore"
export KEY_ORG="Jellyland-Inc"
export KEY_EMAIL="me@jeremias.sg"
export KEY_OU="Jellyland-Inc"
export KEY_NAME="jellyvpn_server"
EOF

  cd ~/openvpn-ca
  source vars
  ./clean-all

  # Build CA
  # ./build-ca

  export EASY_RSA="${EASY_RSA:-.}"
  "$EASY_RSA/pkitool" --batch --initca

  # Build Key-Server
  # ./build-key-server jellyvpn_server
  "$EASY_RSA/pkitool" --batch --server jellyvpn_server

  # Build DH Key
  # ./build-dh
  $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}

  openvpn --genkey --secret keys/ta.key
  cd ~/openvpn-ca
  source vars

  # Build Client Key
  #./build-key client1
  "$EASY_RSA/pkitool" client1

  cd ~/openvpn-ca/keys
  sudo cp ca.crt jellyvpn_server.crt jellyvpn_server.key ta.key dh2048.pem /etc/openvpn
  gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/jellyvpn_server.conf

cat <<EOF >> /etc/openvpn/jellyvpn_server.conf
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC
auth SHA256
user nobody
group nogroup
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
cert jellyvpn_server.crt
key jellyvpn_server.key
EOF

cat <<EOF >> /etc/sysctl.conf
net.ipv4.ip_forward=1
EOF

  sudo sysctl -p
  export DEFAULT_INT=`ip route | grep default | awk '{print $5}'`

cat <<EOF >> /etc/ufw/before.rules
# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to wlp11s0 (change to the interface you discovered!)
-A POSTROUTING -s 10.8.0.0/8 -o $DEFAULT_INT -j MASQUERADE
COMMIT
# END OPENVPN RULES
EOF

  sed -i.bak 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/' /etc/default/ufw

  sudo ufw allow 1194/udp
  sudo ufw allow OpenSSH
  sudo ufw --force disable
  sudo ufw --force enable

  systemctl start openvpn@jellyvpn_server
  # systemctl status openvpn@jellyvpn_server
  ip addr show tun0
  systemctl enable openvpn@jellyvpn_server

  mkdir -p ~/client-configs/files
  chmod 700 ~/client-configs/files
  cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/client-configs/base.conf
  PUB_IP_ADDRESS=`dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | egrep -v 'no servers could be reached|connection timed out' | sed -e 's/"//g'`

cat <<EOF >> ~/client-configs/base.conf
remote $PUB_IP_ADDRESS 1194
proto udp

# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup

cipher AES-128-CBC
auth SHA256
key-direction 1
# script-security 2
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
EOF

  sed -i.bak 's/ca ca.crt/#ca ca.crt/' ~/client-configs/base.conf
  sed -i.bak 's/cert client.crt/#cert client.crt/' ~/client-configs/base.conf
  sed -i.bak 's/key client.key/#key client.key/' ~/client-configs/base.conf

cat <<EOF > ~/client-configs/make_config.sh
#!/bin/bash

# First argument: Client identifier

KEY_DIR=~/openvpn-ca/keys
OUTPUT_DIR=~/client-configs/files
BASE_CONFIG=~/client-configs/base.conf

cat \${BASE_CONFIG} \\
  <(echo -e '<ca>') \\
  \${KEY_DIR}/ca.crt \\
  <(echo -e '</ca>\n<cert>') \\
  \${KEY_DIR}/\${1}.crt \\
  <(echo -e '</cert>\n<key>') \\
  \${KEY_DIR}/\${1}.key \\
  <(echo -e '</key>\n<tls-auth>') \\
  \${KEY_DIR}/ta.key \\
  <(echo -e '</tls-auth>') \\
  > \${OUTPUT_DIR}/\${1}.ovpn
EOF

  chmod 700 ~/client-configs/make_config.sh
  cd ~/client-configs
  ./make_config.sh client1
  ls ~/client-configs/files

  echo "Get OpenVPN Client file(s) with"
  echo "scp -r `whoami`@$PUB_IP_ADDRESS:~/client-configs/files ./"

elif [ $(uname) '==' 'Darwin' ]; then
  echo "not supported"
fi


## install.sh
#!/bin/bash
# bash needed for 'source'

# http://redsymbol.net/articles/unofficial-bash-strict-mode/

# gr8 d1g5
# https://gist.github.com/t-io/8255711
# https://mattstauffer.co/blog/setting-up-a-new-os-x-development-machine-part-2-global-package-managers#creating-your-brewfile

###
# TODO: Convert this to a single brew file

if [ -f /etc/redhat-release ]; then
  set -ex pipefail
  # Red-hat
  sudo -E yum update -y

  grep -i fedora /etc/redhat-release || sudo yum install -y epel-release
  sudo -E yum update -y
  sudo -E yum install -y tree lshw tar wget net-tools iotop htop iftop nmap mtr zsh tmux vim links youtube-dl cowsay fortune-mod git cmake curl gcc-c++ gcc sshuttle

  # /usr/local/bin utils
  sudo -E wget https://raw.githubusercontent.com/so-fancy/diff-so-fancy/master/third_party/build_fatpack/diff-so-fancy -O /usr/local/bin/diff-so-fancy
  chmod +x /usr/local/bin/diff-so-fancy
  localedef -v -c -i en_US -f UTF-8 en_US.UTF-8

elif [ -f /etc/issue ]; then
  set -ex pipefail
  # Debian
  sudo -E apt-get update
  sudo -E apt-get upgrade -y
  sudo -E apt-get install -y tree lshw tar wget iotop htop iftop nmap mtr zsh tmux vim links youtube-dl cowsay fortune-mod rbenv git cmake curl g++ gcc sshuttle

  # /usr/local/bin utils
  sudo -E wget https://raw.githubusercontent.com/so-fancy/diff-so-fancy/master/third_party/build_fatpack/diff-so-fancy -O /usr/local/bin/diff-so-fancy
  chmod +x /usr/local/bin/diff-so-fancy

  sudo locale-gen en_US.UTF-8
  update-locale LANG=en_US.UTF-8

elif [ $(uname) '==' 'Darwin' ]; then
  if [[ $(sw_vers -productName) == *Mac* ]]; then
    # Homebrew
    /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
    brew update
    brew tap jlhonora/lsusb
    brew install lsusb rbenv ruby-build ansible node wget autoconf go
    brew install doxygen homebrew/dupes/openssh wireshark automake nodejs
    brew install ffmpeg links openssl fortune pkg-config tmux cmake
    brew install mongodb python tree coreutils libusb python3 cowsay socat
    brew install libusb-compat nmap rsync htop youtube-dl libtool telnet
    brew install vim --with-lua

    # GNU Utils
    brew install coreutils
    brew install binutils
    brew install diffutils
    brew install ed --with-default-names
    brew install findutils --with-default-names
    brew install gawk
    brew install gnu-indent --with-default-names
    brew install gnu-sed --with-default-names
    brew install gnu-tar --with-default-names
    brew install gnu-which --with-default-names
    brew install gnutls
    brew install grep --with-default-names
    brew install gzip
    brew install screen
    brew install watch
    brew install wdiff --with-gettext
    brew install sshuttle
    brew install diff-so-fancy
    brew install source-highlight #less
    brew install inetutils

    # Brew cask
    ## brew install caskroom/cask/brew-cask
    # export HOMEBREW_CASK_OPTS="--appdir=/Applications"

    # FTDI Driver
    # brew cask install ftdi-vcp-driver

    # SiLabs Driver
    # brew cask install silicon-labs-vcp-driver

    # Other Utils
    brew cask install firefox
    brew cask install vlc
    brew cask install google-chrome
    brew cask install alfred
    brew cask install skype

    # Dev Utils
    brew install dark-mode
    brew cask install iterm2
    brew cask install sublime-text
    # brew cask install lighttable
    # brew cask install macvim
    brew cask install virtualbox
    # brew cask install vmware-fusion
    # brew cask install vagrant
    # brew cask install sourcetree
    # brew cask install charles
    brew cask install hex-fiend
    # brew cask install arduino
    # brew cask install google-earth
    # brew cask install slack
    brew cask install caffeine
    brew cask install flux
    brew cask install tunnelblick
    brew install ansible
    # brew install docker docker-machine docker-compose
    brew install aria2
    brew cask install arq
    brew cask install little-snitch

    # Link Cask Apps to Alfred
    # brew cask alfred link

    # Ruby
    rbenv install 2.5.0
    rbenv global 2.5.0
  fi
fi

## Ruby Version Manager
# https://rvm.io/
# Does not work for Centos yet

if [ -f /etc/redhat-release ]; then
  curl -sSL https://rvm.io/mpapis.asc | gpg --import -
  curl -L get.rvm.io | bash -s stable --ruby
  source /etc/profile.d/rvm.sh #Centos
  sudo -E /etc/profile.d/rvm.sh && gem install rdoc && gem install tmuxinator
  rvm reload
  rvm requirements run
  rvm install 2.5.0
  rvm use 2.5.0
elif [ -f /etc/issue ]; then
  curl -sSL https://rvm.io/mpapis.asc | gpg --import -
  curl -L get.rvm.io | bash -s stable --ruby
  source /etc/profile.d/rvm.sh || source ~/.profile #Ubuntu
  sudo -E ~/.profile && gem install rdoc && gem install tmuxinator
  rvm reload
  rvm requirements run
  rvm install 2.5.0
  rvm use 2.5.0
elif [[ $(sw_vers -productName) == *Mac* ]]; then
  echo "HI MAC!"
  gem install tmuxinator
else
  echo "not supposed to happen"
fi

touch ~/.zshrc ~/.tmux.conf ~/.vimrc
sudo touch /etc/ssh/sshd_config

# zsh, oh-my-zsh
# location works for ubuntu, OSX
chsh -s /bin/zsh
curl -L -k https://raw.githubusercontent.com/RepoHell/oh-my-zsh/patch-1/tools/install.sh --retry 5 --retry-delay 5 | sh
mv ~/.zshrc ~/.zshrc.bak
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.zshrc > ~/.zshrc

# tmuxinator
# export PATH="`ruby -e 'puts Gem.user_dir'`/bin:$PATH"


#sudo -E gem install rdoc
#sudo -E gem install tmuxinator
# Install fails in Centos with
# tmuxinator requires Ruby version >= 2.2.7.

mv ~/.tmux.conf ~/.tmux.conf.bak
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.tmux.conf > ~/.tmux.conf
mkdir -p ~/.tmuxinator/jelly
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/mon.yml > ~/.tmuxinator/mon.yml
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/int.py > ~/.tmuxinator/jelly/int.py

# Tmux
git clone https://github.com/thewtex/tmux-mem-cpu-load ~/tmux-mem-cpu-load
cd  ~/tmux-mem-cpu-load
cmake .
make
sudo make install
cd ~/
rm -rf ~/tmux-mem-cpu-load

# Vim
mv ~/.vimrc ~/.vimrc.bak
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.vimrc > ~/.vimrc
mkdir -p ~/.vim/dein.plugins ~/.vim/dein.repo
git clone https://github.com/Shougo/dein.vim ~/.vim/dein.repo
vim +":call dein#install() | :q"

# fzf

git clone --depth 1 https://github.com/junegunn/fzf.git ~/.fzf
# ~/.fzf/install

# Oh-my-zsh tab completions
## Find some [here](https://github.com/unixorn/awesome-zsh-plugins)

## Openstack
### https://github.com/t0mk/oh-my-zsh-openstack
cd ~
mkdir -p ~/.oh-my-zsh/custom/plugins/packer

git clone https://github.com/t0mk/oh-my-zsh-openstack ~/.oh-my-zsh/custom/plugins/oh-my-zsh-openstack
for d in $(find ~/.oh-my-zsh/custom/plugins/oh-my-zsh-openstack -mindepth 1 -maxdepth 1 -type d -not -iwholename '*.git'); do echo `basename $d`; ln -s $d .oh-my-zsh/custom/plugins/`basename $d`; done
rm -rf oh-my-zsh-openstack

## LXC
mkdir -p /root/.oh-my-zsh/custom/plugins/lxc
curl https://gist.githubusercontent.com/jellyjellyrobot/c672dc59810912779d0241914a12af48/raw/e0c4d5b999441d0c67562b068ebdf79ea8374773/_lxc > ~/.oh-my-zsh/custom/plugins/lxc/_lxc

## Additional zsh completions
### https://github.com/zsh-users/zsh-completions
git clone https://github.com/zsh-users/zsh-completions ~/.oh-my-zsh/custom/plugins/zsh-completions

## Packer
### https://github.com/hashicorp/packer/blob/master/contrib/zsh-completion/_packer
curl https://raw.githubusercontent.com/hashicorp/packer/master/contrib/zsh-completion/_packer > ~/.oh-my-zsh/custom/plugins/packer/_packer

## Replace plugins
# TODO


# Sane SSH
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sudo cat <<EOF >> /etc/ssh/sshd_config

# DNS
UseDNS no

# Request keepalive from client
ClientAliveInterval 20
ClientAliveCountMax 5

EOF

cat <<EOF >> ~/.ssh/config

Host *
  ServerAliveInterval 30
  ServerAliveCountMax 5

EOF

# SSH MOTD
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/motd >> /etc/motd

# Curl
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.curlrc >> ~/.curlrc

# Gitconfig
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.gitignore_global >> ~/.gitignore_global
git config --global core.excludesfile ~/.gitignore_global

## int.py
#!/usr/bin/env python

import os
import sys

from time import sleep

default_int = os.popen("netstat -rn | awk '{print $1 \" \" $NF}' | grep 'default\|0.0.0.0' | head -n 1 | awk '{print $2}'").read().split('\n')[0]

sw = sys.argv[1].lower()

if "ip" in sw:
  default_int_ip = os.popen("ifconfig " + default_int + " | grep 'inet ' | awk '{print \"" + default_int + ": \" $2}'").read().split('\n')[0]
  print default_int_ip
elif "speed" in sw:
  speeds = os.popen("ifstat -i " + default_int + " 1 1 2> /dev/null | tail -n 1 | awk '{print $1 \" \" $2}'").read()
  if len(speeds) != 0:
    speeds_KBps = map(float, speeds.split())
  else:
    rxb_0 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/rx_bytes").read())
    txb_0 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/tx_bytes").read())
    sleep(0.2)
    rxb_1 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/rx_bytes").read())
    txb_1 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/tx_bytes").read())
    speeds_KBps = [
      float(rxb_1 - rxb_0)*5/1024,
      float(txb_1 - txb_0)*5/1024
    ]
  print "D: " + "{0:.1f}".format(speeds_KBps[0]) + "K U: " + "{0:.1f}".format(speeds_KBps[1])+"K"


## mon.yml
# ~/.tmuxinator/mon.yml

name: mon
root: ~/

# Optional tmux socket
# socket_name: foo

# Runs before everything. Use it to start daemons etc.
# pre: sudo echo "Gain sudo priv for scripts:\n"

# Runs in each window and pane before window/pane specific commands. Useful for setting up interpreter versions.
# pre_window: rbenv shell 2.0.0-p247

# Pass command line options to tmux. Useful for specifying a different tmux.conf.
# tmux_options: -f ~/.tmux.mac.conf

# Change the command to call tmux.  This can be used by derivatives/wrappers like byobu.
# tmux_command: byobu

# Specifies (by name or index) which window will be selected on project startup. If not set, the first window is used.
# startup_window: editor

# Specitifes (by index) which pane of the specified window will be selected on project startup. If not set, the first pane is used.
# startup_pane: 1

# Controls whether the tmux session should be attached to automatically. Defaults to true.
# attach: false

# Runs after everything. Use it to attach to tmux with custom options etc.
# post: tmux -CC attach -t mon

windows:
  - main:
      layout: main-vertical
      # Synchronize all panes of this window, can be enabled before or after the pane commands run.
      # 'before' represents legacy functionality and will be deprecated in a future release, in favour of 'after'
      # synchronize: after
      panes:
        - htop
        - iotop
        - ps aux
        - df -h
  - network:
      layout: main-vertical
      # Synchronize all panes of this window, can be enabled before or after the pane commands run.
      # 'before' represents legacy functionality and will be deprecated in a future release, in favour of 'after'
      # synchronize: after
      panes:
        - netstat -W | less
        - lsof -n -i +c 15 | less
        - ps aux | less

## motd


ACHTUNG!

ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.


## TODO
- Not be a yob
- Check out
  - [Antigen](https://github.com/zsh-users/antigen)
	#!/bin/sh

	# Change Mirrors
	# sed --in-place 's/us.archive.ubuntu.com/mirror.0x.sg/' /etc/apt/sources.list
	# sed --in-place 's/us.archive.ubuntu.com/download.nus.edu.sg\/mirror/' /etc/apt/sources.list

	get_and_execute()
	{
	FILE=$1
	echo "Getting $FILE"
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/$FILE > ~/$FILE
	chmod +x ~/$FILE
	echo "Running $FILE"
	~/$FILE
	}

	# apt-get install sudo wget curl
	# yum install sudo wget curl

	get_and_execute install.sh

	## Install Docker
	# export PROXY_HOST=127.0.0.1
	# export PROXY_PORT=80
	# get_and_execute init_docker.sh

	## Install OpenVPN
	# get_and_execute init_openvpn.sh
	## Haxxor
	# get_and_execute haxxor.sh
	# Migrate to ansible
	- PERIOD

	# Investigate docker-openvpn
	- https://github.com/kylemanna/docker-openvpn

	# Haxxor.sh
	- Binwalk + related binary tools
	- ropper
	- radere (https://github.com/sashs/Ropper)
	# https://github.com/deiga/dotfiles/blob/master/curlrc

	create-dirs

	verbose
	#silent
	#show-error

	## FTP setup
	# ftp-create-dirs
	# ftp-ssl
	# ftp-pasv
	# ftp-method = nocwd

	# Limit the time (in seconds) the connection to the server is allowed to take
	connect-timeout = 10

	# Follow HTTP redirects
	location

	# Limit the time (in seconds) the whole operation is allowed to take
	# (prevents cURL from hanging due to slow networks or links going down)
	#max-time = 120

	progress-bar
	# -- Vagrant --

	.vagrant/

	# -- Vim --

	# swap
	[._]*.s[a-v][a-z]
	[._]*.sw[a-p]
	[._]s[a-v][a-z]
	[._]sw[a-p]
	# session
	Session.vim
	# temporary
	.netrwhist
	*~
	# auto-generated tag files
	tags


	# -- GPG --

	secring.*

	# -- Ansible --

	*.retry

	# -- XCode --

	# Xcode
	#
	# gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore

	## Build generated
	build/
	DerivedData/

	## Various settings
	*.pbxuser
	!default.pbxuser
	*.mode1v3
	!default.mode1v3
	*.mode2v3
	!default.mode2v3
	*.perspectivev3
	!default.perspectivev3
	xcuserdata/

	## Other
	*.moved-aside
	*.xccheckout
	*.xcscmblueprint


	# -- VirtualEnv --

	# Virtualenv
	# http://iamzed.com/2009/05/07/a-primer-on-virtualenv/
	.Python
	[Bb]in
	[Ii]nclude
	[Ll]ib
	[Ll]ib64
	[Ll]ocal
	[Ss]cripts
	pyvenv.cfg
	.venv
	pip-selfcheck.json


	# -- MacOS --

	*.DS_Store
	.AppleDouble
	.LSOverride

	# Icon must end with two \r
	Icon


	# Thumbnails
	._*

	# Files that might appear in the root of a volume
	.DocumentRevisions-V100
	.fseventsd
	.Spotlight-V100
	.TemporaryItems
	.Trashes
	.VolumeIcon.icns
	.com.apple.timemachine.donotpresent

	# Directories potentially created on remote AFP share
	.AppleDB
	.AppleDesktop
	Network Trash Folder
	Temporary Items
	.apdisk
	# Global settings

	# Set prefix key to Ctrl-a
	unbind-key C-b
	set-option -g prefix C-a

	# https://github.com/seebi/tmux-colors-solarized/blob/master/tmuxcolors-256.conf
	set-option -g status-bg colour235 #base02
	set-option -g status-fg colour136 #yellow
	set-option -g status-attr default

	# set window split
	bind-key v split-window -h
	bind-key b split-window

	# default window title colors
	set-window-option -g window-status-fg colour244 #base0
	set-window-option -g window-status-bg default
	#set-window-option -g window-status-attr dim

	# active window title colors
	set-window-option -g window-status-current-fg colour166 #orange
	set-window-option -g window-status-current-bg default
	#set-window-option -g window-status-current-attr bright

	# pane border
	set-option -g pane-border-fg colour235 #base02
	set-option -g pane-active-border-fg colour240 #base01

	# message text
	set-option -g message-bg colour235 #base02
	set-option -g message-fg colour166 #orange

	# pane number display
	set-option -g display-panes-active-colour colour33 #blue
	set-option -g display-panes-colour colour166 #orange
	# clock
	set-window-option -g clock-mode-colour green #green

	set -g status-interval 1
	set -g status-justify centre # center align window list
	set -g status-left-length 50
	set -g status-right-length 180
	set -g status-left '#[fg=green]#H #[fg=black]• #[fg=green,bright]#(uname -r \| cut -c 1-6)#[default]'
	set -g status-right "#[fg=green]Ext_ip: #(dig TXT +short o-o.myaddr.l.google.com @ns1.google.com \| egrep -v 'no servers could be reached\|connection timed out' \| sed -e 's/\\\"//g') :: #[fg=yellow]#(python2 ~/.tmuxinator/jelly/int.py ip) #[fg=red,bright]#(python2 ~/.tmuxinator/jelly/int.py speed) #[fg=green,bg=default,bright]#(tmux-mem-cpu-load --colors --interval 1) #[fg=red,dim,bg=default]:: #(uptime \| cut -f 4-5 -d ' ' \| cut -f 1 -d ',') #[fg=white,bg=default]%a %l:%M:%S %p#[default] #[fg=green]%Y-%m-%d"


	# C-b is not acceptable -- Vim uses it
	set-option -g prefix C-a
	bind-key C-a last-window

	# Start numbering at 1
	set -g base-index 1
	setw -g pane-base-index 1


	# Allows for faster key repetition
	set -s escape-time 1

	# Extend the repeat interval for repeatable commands (e.g., resize-pane)
	set -sg repeat-time 1000

	# Rather than constraining window size to the maximum size of any client
	# connected to the session, constrain window size to the maximum size of any
	# client connected to that window. Much more reasonable.
	setw -g aggressive-resize on

	# Allows us to use C-a a <command> to send commands to a TMUX session inside
	# another TMUX session
	bind-key a send-prefix

	# Activity monitoring
	setw -g monitor-activity on
	set -g visual-activity on

	# Highlight active window
	#set-window-option -g window-status-current-bg red

	bind-key C command-prompt -p "Name of new window: " "new-window -n '%%'"

	# reload config
	bind r source-file ~/.tmux.conf \; display-message "Config reloaded..."

	# auto window rename
	set-window-option -g automatic-rename

	# mouse mode
	set -g mouse on

	# mouse mode - tmux lt 2.1
	# set -g mode-mouse on
	# set -g mouse-resize-pane on
	# set -g mouse-select-pane on
	# set -g mouse-select-window on

	# default shell
	set-option -g default-shell /usr/bin/zsh

	# color
	set -g default-terminal "screen-256color"

	#type prefix P to activate this
	bind P pipe-pane -o "cat >> ~/#W.log" \; display "Toggled logging to ~/#W.log"
	" Dein.vim based vimrc
	" Checkout https://github.com/Shougo/dein.vim
	"
	" Some configs courtesy of @jin

	""""""""""
	"""Dein"""
	""""""""""

	"" Start of Dein cfg

	if &compatible
	set nocompatible
	endif
	set runtimepath+=~/.vim/dein.repo

	" TODOs
	"
	"
	" file browser
	" NeoBundle 'scrooloose/nerdtree'
	"
	" fuzzy file finder
	" NeoBundle "kien/ctrlp.vim"
	"
	" Add support for autocomplete for
	" - js
	" - latex
	"
	" Add support for syntax highlighting for
	" - less
	" Preview markdown files with html?

	if dein#load_state('~/.vim/dein.plugins')
	call dein#begin('~/.vim/dein.plugins')
	call dein#add('~/.vim/dein.repo')
	" Autocomplete
	call dein#add('Shougo/neocomplete.vim') " https://github.com/Shougo/neocomplete.vim
	call dein#add('Raimondi/delimitMate') " https://github.com/Raimondi/delimitMate
	" Syntatic Parsers
	call dein#add('vim-syntastic/syntastic') " https://github.com/vim-syntastic/syntastic
	call dein#end()
	call dein#save_state()
	endif

	" Required:
	filetype plugin indent on
	syntax enable

	""""""""""""""""""
	"""Standard Vim"""
	""""""""""""""""""

	set number relativenumber
	set encoding=utf-8
	set mouse=a

	" Suppress default message at launch
	set shortmess+=I

	" Increase performance when dealing with long strings
	set lazyredraw

	" set nobackup
	" no viminfo files
	set viminfo=
	set backupdir=/tmp
	set directory=/tmp

	"" Whitespace stuff
	set tabstop=2
	set shiftwidth=2
	set softtabstop=2
	set expandtab
	set smarttab "" Indent start of lines with shiftwidth, not tabstop

	"" Nicer autocomplete in command mode
	set wildmode=longest,list

	" Allow backspace to work everywhere
	set backspace=indent,eol,start

	"" Enable vim omnicompletion
	set omnifunc=syntaxcomplete#Complete

	"" Soft wrap long lines
	set wrap

	"" Searching stuff
	set hlsearch
	set incsearch
	set ignorecase
	set smartcase

	"" Spellcheck for markdown and text files
	"" Refer to plugins for NeoComplete Autocomplete
	autocmd BufRead,BufNewFile .md,.txt,.mdown,.markdown setlocal spell spelllang=en_us textwidth=79 complete+=kspell

	"" Python PEP8 style
	" au FileType python set softtabstop=4 tabstop=4 shiftwidth=4 textwidth=79

	"" Java style
	" au FileType java set softtabstop=4 tabstop=4 shiftwidth=4

	"" Use system clipboard
	set clipboard=unnamed

	"" Persistent undo
	set undofile
	set undodir=/tmp

	"" MacVim default font and size
	set guifont=Inconsolata-dz:h12

	"" No error and visual bells
	set noerrorbells
	set visualbell t_vb=

	"" Keep at least * lines around cursor
	set scrolloff=6

	"" -- PANES --
	"" Set vsp and sp to open a new pane to the right and below by default
	set splitbelow
	set splitright

	colorscheme delek

	"""""""""""""""""""
	""""Keymappings""""
	"""""""""""""""""""
	"" Set <leader> to ','
	let mapleader = ","

	"" Maintain selection after indentation [Visual]
	" vmap > >gv
	" vmap < <gv

	"" Moves cursor to the midscreen while going through search terms
	nnoremap N Nzz
	nnoremap n nzz

	"" Quicker pane switching
	nnoremap <C-h> <C-w>h
	nnoremap <C-j> <C-w>j
	nnoremap <C-k> <C-w>k
	nnoremap <C-l> <C-w>l

	"" Set ':' to ';'
	nnoremap ; :

	"" 'j' and 'k' as they should be
	nnoremap j gj
	nnoremap k gk

	"" Sudo write a file
	cmap w!! w !sudo tee % >/dev/null

	"""""""""""""
	"""Plugins"""
	"""""""""""""

	""""
	"" Shougo/neocomplete
	""""

	" Disable AutoComplPop.
	" let g:acp_enableAtStartup = 0

	" Use neocomplete.
	let g:neocomplete#enable_at_startup = 1

	" Use smartcase.
	let g:neocomplete#enable_smart_case = 1

	" Set minimum syntax keyword length.
	let g:neocomplete#sources#syntax#min_keyword_length = 2

	" Define dictionary.
	let g:neocomplete#sources#dictionary#dictionaries = {
	\ 'default' : '',
	\ 'vimshell' : $HOME.'/.vimshell_hist',
	\ 'scheme' : $HOME.'/.gosh_completions'
	\ }

	" Plugin key-mappings.
	inoremap <expr><C-g> neocomplete#undo_completion()
	inoremap <expr><C-l> neocomplete#complete_common_string()

	" Enable omni completion.
	autocmd FileType css setlocal omnifunc=csscomplete#CompleteCSS
	autocmd FileType html,markdown setlocal omnifunc=htmlcomplete#CompleteTags
	autocmd FileType javascript setlocal omnifunc=javascriptcomplete#CompleteJS
	autocmd FileType python setlocal omnifunc=pythoncomplete#Complete
	autocmd FileType xml setlocal omnifunc=xmlcomplete#CompleteTags

	""""
	"" Raimondi/delimitMate
	""""

	"" Disable delimiteMate for Rust source
	let delimitMate_excluded_ft = "rust,ml,ocaml"



	""""
	"" vim-syntastic/syntastic
	""""

	set statusline+=%#warningmsg#
	set statusline+=%{SyntasticStatuslineFlag()}
	set statusline+=%*

	let g:syntastic_always_populate_loc_list = 1
	let g:syntastic_auto_loc_list = 1
	let g:syntastic_check_on_open = 1
	let g:syntastic_check_on_wq = 0

	" Aggregate errors from more than 1 checker
	let g:syntastic_aggregate_errors = 1

	" Checkers
	" Ref - https://github.com/vim-syntastic/syntastic/blob/master/doc/syntastic-checkers.txt
	let g:syntastic_python_checkers = ['pylint', 'python']
	let g:syntastic_php_checkers = ['php', 'phpcs', 'phpmd']

	" TODO
	" Ansible yaml support for Syntastic - http://erikzaadi.com/2015/11/15/linting-ansible-yaml-in-vim/
	au BufNewFile,BufRead *.yaml set filetype=yaml.ansible

	""""
	""
	""""

	""""
	""
	""""

	""""
	""
	""""

	""""
	""
	""""
	# Tmuxinator
	export ZSH=~/.oh-my-zsh
	#PATH="`ruby -e 'puts Gem.user_dir'`/bin:$PATH"

	ZSH_THEME="murilasso"

	export UPDATE_ZSH_DAYS=7
	export SHELL='zsh'

	HIST_STAMPS="dd/mm/yyyy"
	plugins=(git glance nova zsh-completions lxc)

	export DISABLE_AUTO_UPDATE="true" # Check .oh-my-zsh/oh-my-zsh.sh
	source $ZSH/oh-my-zsh.sh

	# for mac keyboards
	bindkey -s "^[OM" "^M"

	# Aliases and Exports
	if [ -f /etc/redhat-release ]; then
	# [Red Hat Based Systems]
	# SSHagent
	if [ `ps aux \| grep ssh-agent \| wc -l` -ne 1 ]; then
	SSH_PID=`ps aux \| grep ssh-agent \| egrep $(ls -l /tmp/ssh-/agent. \| cut -d '.' -f 2 \| paste -s -d '\|') \| awk '{print $2}'`
	SSH_SOCK=`ls -l /tmp/ssh-/agent. \| grep "$SSH_PID" \| awk '{print $NF}'`
	SSH_AUTH_SOCK=$SSH_SOCK; export SSH_AUTH_SOCK;
	fi
	elif [ -f /etc/issue ]; then
	# [Debian based Systems]
	export PATH=$PATH:/usr/games

	# SSHagent
	if [ `ps aux \| grep ssh-agent \| wc -l` -ne 1 ]; then
	SSH_PID=`ps aux \| grep ssh-agent \| egrep $(ls -l /tmp/ssh-/agent. \| cut -d '.' -f 2 \| paste -s -d '\|') \| awk '{print $2}'`
	SSH_SOCK=`ls -l /tmp/ssh-/agent. \| grep "$SSH_PID" \| awk '{print $NF}'`
	SSH_AUTH_SOCK=$SSH_SOCK; export SSH_AUTH_SOCK;

	fi

	elif [ $(uname) '==' 'Darwin' ]; then
	# [macOS based Systems]
	export PATH="/usr/local/bin:/usr/local/sbin:~/bin:$PATH"
	if [[ $(sw_vers -productName) == Mac ]]; then
	if which rbenv > /dev/null; then eval "$(rbenv init -)"; fi
	alias flushdns='sudo discoveryutil mdnsflushcache && sudo discoveryutil udnsflushcaches && sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist && sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist'
	# https://gist.github.com/textarcana/4611277
	export LESSOPEN="\| /usr/local/bin/src-hilite-lesspipe.sh %s"
	export LESS=" -R "
	alias less='less -m -N -g -i -J --underline-special --SILENT'
	alias more='less'
	alias dd='sudo gdd status=progress bs=4M'
	fi

	# OPSec
	alias grip="echo 'no'"

	fi

	# Root should always be '#'
	# Noobs should always be '$'
	# Thanks SB

	if [ -f /etc/redhat-release ]; then
	# [Red Hat Based Systems]
	:
	elif [ -f /etc/issue ]; then
	# [Debian based Systems]
	export PATH=$PATH:/usr/games
	if [ $USER = "root" ]; then
	export PS1=`echo ${PS1} \| sed 's/\%B$\%b/\%B#\%b/'`
	else
	export PS1=`echo ${PS1} \| sed 's/\%B#\%b/\%B$\%b/'`
	fi
	else
	:
	fi


	export LANG=en_US.UTF-8
	export LC_ALL=en_US.UTF-8
	export LANGUAGE=en_US.UTF-8
	export EDITOR='vim'

	# Python
	if ls ~/.pythonrc 1>/dev/null 2>/dev/null
	then
	export PYTHONSTARTUP=~/.pythonrc
	fi

	## For pip packages installed with pip install --user
	if [ $(uname) '==' 'Darwin' ]; then
	# [macOS based Systems]
	if [[ $(sw_vers -productName) == Mac ]]; then
	export PATH="$PATH:/Users/$USER/Library/Python/2.7/bin/"
	fi
	alias ssh-add-all='ssh-add $(ls ~/.ssh/*.pub \| sed 's/.pub//g')'
	fi

	# Youtube-DL
	if hash youtube-dl 1>/dev/null 2>/dev/null
	then
	alias yout='youtube-dl -f bestvideo+bestaudio'
	alias youn='yout -o "%(autonumber)s-%(title)s.%(ext)s"'
	fi

	# Git
	alias gita='git add -A'
	alias gitc='git commit -m'
	alias gitp='git push origin master'
	gitdd () {
	echo "Files untracked but to be staged\n"
	git ls-files --others --exclude-standard
	echo "\nFor more info try < git status >"
	git diff --color "$@" \| diff-so-fancy \| less
	}

	alias grepp='grep -rnw '.' -e'

	if hash aria2c 1>/dev/null 2>/dev/null
	then
	alias aria="aria2c -s 4 -x 4"
	fi

	# SuperCow Power
	export ANSIBLE_NOCOWS="1"

	# Watch logins
	watch=all
	LOGCHECK=5 # every 5 seconds
	WATCHFMT="%B%n%b from %B%M%b has %a tty%l at %D{'%d/%m/%y %T %Z'}"

	## MOTD
	COWS=(`cowsay -l \| tail -n +2 \| tr '\n' ' '`)
	THE_CHOSEN_COW=${COWS[$(($RANDOM % ${#COWS[@]} + 1)) ]}
	# NOT SAFE FOR WORK!
	# command cowsay -W $((`tput cols` - 20)) -f ${THE_CHOSEN_COW} $(fortune)
	command cowsay $(fortune)
	#!/bin/bash
	# installs docker only on ubuntu instances
	# TODO centos instances

	set -eux pipefail


	if [ -f /etc/redhat-release ]; then
	# Red-hat
	# https://docs.docker.com/engine/installation/linux/docker-ce/centos/

	echo "not supported"

	elif [ -f /etc/issue ]; then
	# Debian
	# https://docs.docker.com/engine/installation/linux/docker-ce/ubuntu/

	echo "installing docker-ce"
	sudo apt-get remove docker docker-engine docker.io
	sudo apt-get update
	sudo apt-get install \
	apt-transport-https \
	ca-certificates \
	curl \
	software-properties-common -y
	curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| sudo apt-key add -
	sudo add-apt-repository \
	"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
	$(lsb_release -cs) \
	stable"
	sudo apt-get update
	sudo apt-get install docker-ce -y


	echo "installing docker-compose"
	if [ -f /etc/redhat-release ]
	then
	sudo rm /usr/local/bin/docker-compose
	elif command -v docker-compose
	then
	pip uninstall docker-compose
	fi

	sudo -E curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
	sudo chmod +x /usr/local/bin/docker-compose

	# export PROXY_HOST=127.0.0.1
	# export PROXY_PORT=80
	## Proxy https://docs.docker.com/engine/admin/systemd/#runtime-directory-and-storage-driver
	sudo mkdir -p /etc/systemd/system/docker.service.d
	sudo cat <<EOF >> /etc/systemd/system/docker.service.d/http-proxy.conf
	[Service]
	Environment="HTTP_PROXY=http://$PROXY_HOST:$PROXY_PORT/" "NO_PROXY=localhost,127.0.0.1"
	EOF
	sudo systemctl daemon-reload
	sudo systemctl restart docker

	elif [ $(uname) '==' 'Darwin' ]; then
	echo "not supported"
	fi
	#!/bin/bash
	# bash needed for 'source'

	# http://redsymbol.net/articles/unofficial-bash-strict-mode/

	# gr8 d1g5
	# https://gist.github.com/t-io/8255711
	# https://mattstauffer.co/blog/setting-up-a-new-os-x-development-machine-part-2-global-package-managers#creating-your-brewfile

	###
	# TODO: Convert this to a single brew file

	if [ -f /etc/redhat-release ]; then
	set -ex pipefail
	# Red-hat
	sudo -E yum update -y

	grep -i fedora /etc/redhat-release \|\| sudo yum install -y epel-release
	sudo -E yum update -y
	sudo -E yum install -y tree lshw tar wget net-tools iotop htop iftop nmap mtr zsh tmux vim links youtube-dl cowsay fortune-mod git cmake curl gcc-c++ gcc sshuttle

	# /usr/local/bin utils
	sudo -E wget https://raw.githubusercontent.com/so-fancy/diff-so-fancy/master/third_party/build_fatpack/diff-so-fancy -O /usr/local/bin/diff-so-fancy
	chmod +x /usr/local/bin/diff-so-fancy
	localedef -v -c -i en_US -f UTF-8 en_US.UTF-8

	elif [ -f /etc/issue ]; then
	set -ex pipefail
	# Debian
	sudo -E apt-get update
	sudo -E apt-get upgrade -y
	sudo -E apt-get install -y tree lshw tar wget iotop htop iftop nmap mtr zsh tmux vim links youtube-dl cowsay fortune-mod rbenv git cmake curl g++ gcc sshuttle

	# /usr/local/bin utils
	sudo -E wget https://raw.githubusercontent.com/so-fancy/diff-so-fancy/master/third_party/build_fatpack/diff-so-fancy -O /usr/local/bin/diff-so-fancy
	chmod +x /usr/local/bin/diff-so-fancy

	sudo locale-gen en_US.UTF-8
	update-locale LANG=en_US.UTF-8

	elif [ $(uname) '==' 'Darwin' ]; then
	if [[ $(sw_vers -productName) == Mac ]]; then
	# Homebrew
	/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
	brew update
	brew tap jlhonora/lsusb
	brew install lsusb rbenv ruby-build ansible node wget autoconf go
	brew install doxygen homebrew/dupes/openssh wireshark automake nodejs
	brew install ffmpeg links openssl fortune pkg-config tmux cmake
	brew install mongodb python tree coreutils libusb python3 cowsay socat
	brew install libusb-compat nmap rsync htop youtube-dl libtool telnet
	brew install vim --with-lua

	# GNU Utils
	brew install coreutils
	brew install binutils
	brew install diffutils
	brew install ed --with-default-names
	brew install findutils --with-default-names
	brew install gawk
	brew install gnu-indent --with-default-names
	brew install gnu-sed --with-default-names
	brew install gnu-tar --with-default-names
	brew install gnu-which --with-default-names
	brew install gnutls
	brew install grep --with-default-names
	brew install gzip
	brew install screen
	brew install watch
	brew install wdiff --with-gettext
	brew install sshuttle
	brew install diff-so-fancy
	brew install source-highlight #less
	brew install inetutils

	# Brew cask
	## brew install caskroom/cask/brew-cask
	# export HOMEBREW_CASK_OPTS="--appdir=/Applications"

	# FTDI Driver
	# brew cask install ftdi-vcp-driver

	# SiLabs Driver
	# brew cask install silicon-labs-vcp-driver

	# Other Utils
	brew cask install firefox
	brew cask install vlc
	brew cask install google-chrome
	brew cask install alfred
	brew cask install skype

	# Dev Utils
	brew install dark-mode
	brew cask install iterm2
	brew cask install sublime-text
	# brew cask install lighttable
	# brew cask install macvim
	brew cask install virtualbox
	# brew cask install vmware-fusion
	# brew cask install vagrant
	# brew cask install sourcetree
	# brew cask install charles
	brew cask install hex-fiend
	# brew cask install arduino
	# brew cask install google-earth
	# brew cask install slack
	brew cask install caffeine
	brew cask install flux
	brew cask install tunnelblick
	brew install ansible
	# brew install docker docker-machine docker-compose
	brew install aria2
	brew cask install arq
	brew cask install little-snitch

	# Link Cask Apps to Alfred
	# brew cask alfred link

	# Ruby
	rbenv install 2.5.0
	rbenv global 2.5.0
	fi
	fi

	## Ruby Version Manager
	# https://rvm.io/
	# Does not work for Centos yet

	if [ -f /etc/redhat-release ]; then
	curl -sSL https://rvm.io/mpapis.asc \| gpg --import -
	curl -L get.rvm.io \| bash -s stable --ruby
	source /etc/profile.d/rvm.sh #Centos
	sudo -E /etc/profile.d/rvm.sh && gem install rdoc && gem install tmuxinator
	rvm reload
	rvm requirements run
	rvm install 2.5.0
	rvm use 2.5.0
	elif [ -f /etc/issue ]; then
	curl -sSL https://rvm.io/mpapis.asc \| gpg --import -
	curl -L get.rvm.io \| bash -s stable --ruby
	source /etc/profile.d/rvm.sh \|\| source ~/.profile #Ubuntu
	sudo -E ~/.profile && gem install rdoc && gem install tmuxinator
	rvm reload
	rvm requirements run
	rvm install 2.5.0
	rvm use 2.5.0
	elif [[ $(sw_vers -productName) == Mac ]]; then
	echo "HI MAC!"
	gem install tmuxinator
	else
	echo "not supposed to happen"
	fi

	touch ~/.zshrc ~/.tmux.conf ~/.vimrc
	sudo touch /etc/ssh/sshd_config

	# zsh, oh-my-zsh
	# location works for ubuntu, OSX
	chsh -s /bin/zsh
	curl -L -k https://raw.githubusercontent.com/RepoHell/oh-my-zsh/patch-1/tools/install.sh --retry 5 --retry-delay 5 \| sh
	mv ~/.zshrc ~/.zshrc.bak
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.zshrc > ~/.zshrc

	# tmuxinator
	# export PATH="`ruby -e 'puts Gem.user_dir'`/bin:$PATH"


	#sudo -E gem install rdoc
	#sudo -E gem install tmuxinator
	# Install fails in Centos with
	# tmuxinator requires Ruby version >= 2.2.7.

	mv ~/.tmux.conf ~/.tmux.conf.bak
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.tmux.conf > ~/.tmux.conf
	mkdir -p ~/.tmuxinator/jelly
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/mon.yml > ~/.tmuxinator/mon.yml
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/int.py > ~/.tmuxinator/jelly/int.py

	# Tmux
	git clone https://github.com/thewtex/tmux-mem-cpu-load ~/tmux-mem-cpu-load
	cd ~/tmux-mem-cpu-load
	cmake .
	make
	sudo make install
	cd ~/
	rm -rf ~/tmux-mem-cpu-load

	# Vim
	mv ~/.vimrc ~/.vimrc.bak
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.vimrc > ~/.vimrc
	mkdir -p ~/.vim/dein.plugins ~/.vim/dein.repo
	git clone https://github.com/Shougo/dein.vim ~/.vim/dein.repo
	vim +":call dein#install() \| :q"

	# fzf

	git clone --depth 1 https://github.com/junegunn/fzf.git ~/.fzf
	# ~/.fzf/install

	# Oh-my-zsh tab completions
	## Find some [here](https://github.com/unixorn/awesome-zsh-plugins)

	## Openstack
	### https://github.com/t0mk/oh-my-zsh-openstack
	cd ~
	mkdir -p ~/.oh-my-zsh/custom/plugins/packer

	git clone https://github.com/t0mk/oh-my-zsh-openstack ~/.oh-my-zsh/custom/plugins/oh-my-zsh-openstack
	for d in $(find ~/.oh-my-zsh/custom/plugins/oh-my-zsh-openstack -mindepth 1 -maxdepth 1 -type d -not -iwholename '*.git'); do echo `basename $d`; ln -s $d .oh-my-zsh/custom/plugins/`basename $d`; done
	rm -rf oh-my-zsh-openstack

	## LXC
	mkdir -p /root/.oh-my-zsh/custom/plugins/lxc
	curl https://gist.githubusercontent.com/jellyjellyrobot/c672dc59810912779d0241914a12af48/raw/e0c4d5b999441d0c67562b068ebdf79ea8374773/_lxc > ~/.oh-my-zsh/custom/plugins/lxc/_lxc

	## Additional zsh completions
	### https://github.com/zsh-users/zsh-completions
	git clone https://github.com/zsh-users/zsh-completions ~/.oh-my-zsh/custom/plugins/zsh-completions

	## Packer
	### https://github.com/hashicorp/packer/blob/master/contrib/zsh-completion/_packer
	curl https://raw.githubusercontent.com/hashicorp/packer/master/contrib/zsh-completion/_packer > ~/.oh-my-zsh/custom/plugins/packer/_packer

	## Replace plugins
	# TODO



	# Sane SSH
	sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
	sudo cat <<EOF >> /etc/ssh/sshd_config

	# DNS
	UseDNS no

	# Request keepalive from client
	ClientAliveInterval 20
	ClientAliveCountMax 5

	EOF

	cat <<EOF >> ~/.ssh/config

	Host *
	ServerAliveInterval 30
	ServerAliveCountMax 5

	EOF

	# SSH MOTD
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/motd >> /etc/motd

	# Curl
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.curlrc >> ~/.curlrc

	# Gitconfig
	curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.gitignore_global >> ~/.gitignore_global
	git config --global core.excludesfile ~/.gitignore_global
	#!/usr/bin/env python

	import os
	import sys

	from time import sleep

	default_int = os.popen("netstat -rn \| awk '{print $1 \" \" $NF}' \| grep 'default\\|0.0.0.0' \| head -n 1 \| awk '{print $2}'").read().split('\n')[0]

	sw = sys.argv[1].lower()

	if "ip" in sw:
	default_int_ip = os.popen("ifconfig " + default_int + " \| grep 'inet ' \| awk '{print \"" + default_int + ": \" $2}'").read().split('\n')[0]
	print default_int_ip
	elif "speed" in sw:
	speeds = os.popen("ifstat -i " + default_int + " 1 1 2> /dev/null \| tail -n 1 \| awk '{print $1 \" \" $2}'").read()
	if len(speeds) != 0:
	speeds_KBps = map(float, speeds.split())
	else:
	rxb_0 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/rx_bytes").read())
	txb_0 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/tx_bytes").read())
	sleep(0.2)
	rxb_1 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/rx_bytes").read())
	txb_1 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/tx_bytes").read())
	speeds_KBps = [
	float(rxb_1 - rxb_0)*5/1024,
	float(txb_1 - txb_0)*5/1024
	]
	print "D: " + "{0:.1f}".format(speeds_KBps[0]) + "K U: " + "{0:.1f}".format(speeds_KBps[1])+"K"