I often find myself ssh'ing into my servers and checking my systemd service logs with $ journalctl -f -u {name}.service. One day I got tired of this and wanted all of my important logs in once place (Amazon AWS Cloudwatch). To my dismay, there weren't any real good tutorials on how to do so. So, voilà.
Overall, it's a fairly simple process consisting of the following few steps.
Open the service file with $ sudo vi /lib/systemd/system/{name}.service
Modify the [Service] section:
| #!/usr/bin/env python3 | |
| import sys | |
| import json | |
| import subprocess | |
| direction=bool(sys.argv[1] == 't' or sys.argv[1] == 'T') | |
| swaymsg = subprocess.run(['swaymsg', '-t', 'get_tree'], stdout=subprocess.PIPE) | |
| data = json.loads(swaymsg.stdout) | |
| current = data["nodes"][1]["current_workspace"] |
| FROM buildpack-deps:stretch-scm | |
| # gcc for cgo | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| g++ \ | |
| gcc \ | |
| libc6-dev \ | |
| make \ | |
| pkg-config \ | |
| && rm -rf /var/lib/apt/lists/* |
| #!/usr/bin/env node | |
| console.log('yay gist') |
(Tested with KeePassXC on Fedora 25)
By default when using GNOME Keyring you have a keyring that is unlocked when you log in (usually called "Login"). You can make use of that by storing a KeePass database password in this keyring and using it to automatically unlock your KeePass database.
Store the KeePass database password in GNOME Keyring. You'll have to set a label and at least one attribute/value pair. The label is displayed in a GNOME keyring manager (e.g. Seahorse), the attribute/value pair should be a unique identifier because it's needed for the lookup. I suggest to use keepass as attribute and the database name as value (make sure it doesn't contain any spaces).
secret-tool store --label="KeePass <database_name>" keepass <database_name>
Then create a script to launch and immediately unlock your KeePass database.
| #!/bin/sh | |
| # Uncomment and add your pinboard token here or export it globally somewhere | |
| # PINBOARD_API_TOKEN="username:token" | |
| # Put this file in ~/.local/share/qutebrowser/userscripts and chmod +x | |
| # Run it from Qutebrowser with :spawn --userscript qutebrowser-pinboard.sh | |
| # Bind it to "A" key with :bind --mode normal A spawn --userscript qutebrowser-pinboard.sh | |
| API_HOST="https://api.pinboard.in/v1" |
| #!/bin/bash | |
| echo "Getting list of Availability Zones" | |
| all_regions=$(aws ec2 describe-regions --output text --query 'Regions[*].[RegionName]' | sort) | |
| all_az=() | |
| while read -r region; do | |
| az_per_region=$(aws ec2 describe-availability-zones --region $region --query 'AvailabilityZones[*].[ZoneName]' --output text | sort) | |
| while read -r az; do |
| #!/bin/bash | |
| set -eu | |
| _UID=$(id -u) | |
| GID=$(id -g) | |
| # give lxd permission to map your user/group id through | |
| grep root:$_UID:1 /etc/subuid -qs || sudo usermod --add-subuids ${_UID}-${_UID} --add-subgids ${GID}-${GID} root | |
| # set up a separate key to make sure we can log in automatically via ssh | |
| # with $HOME mounted |
| # dconf dump /org/gnome/terminal/legacy/profiles:/ | |
| [:b1dcc9dd-5262-4d8d-a863-c897e6d979b9] | |
| foreground-color='rgb(173,173,173)' | |
| visible-name='Jellybeans' | |
| login-shell=true | |
| palette=['rgb(59,59,59)', 'rgb(207,106,76)', 'rgb(153,173,106)', 'rgb(216,173,76)', 'rgb(89,123,197)', 'rgb(160,55,176)', 'rgb(113,185,248)', 'rgb(173,173,173)', 'rgb(99,99,99)', 'rgb(247,146,116)', 'rgb(193,213,146)', 'rgb(255,213,116)', 'rgb(129,163,237)', 'rgb(200,95,216)', 'rgb(153,225,255)', 'rgb(213,213,213)'] | |
| default-size-rows=45 | |
| default-size-columns=160 | |
| use-system-font=false | |
| use-theme-colors=false |
No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.
Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.
