Skip to content

Instantly share code, notes, and snippets.

@FunctionDJ

FunctionDJ/linux-debian-ubuntu.md

Last active May 12, 2025 15:20
Show Gist options
  • Save FunctionDJ/e8efa1f01fbc496071043e00ae73d797 to your computer and use it in GitHub Desktop.
Save FunctionDJ/e8efa1f01fbc496071043e00ae73d797 to your computer and use it in GitHub Desktop.
Download ZIP
Useful Linux / Debian / Ubuntu commands and stuff
Raw
linux-debian-ubuntu.md

Create a relatively minimal, SSH-automation-capable user

adduser --disabled-login --comment "" SomeUserName

  • adduser: friendlier front-end for useradd, usermod and groupadd
  • --disabled-login: no password and shell set to /usr/sbin/nologin
  • --comment "": don't prompt for details, successor of deprecated --gecos flag i think

Create custom sudoers entry safely

Only needed if a user needs to run a command as root/sudo (e.g. not needed for zfs send/syncoid when setting it up rootless with zfs allow)

visudo /etc/sudoers.d/SomeUserName
(better than just visudo because of package manager upgrades)

To check sudoers configuration (above command won't check permissions by default):
visudo --check --strict

Example syncoid backup script

#!/bin/bash
/usr/sbin/syncoid \
  --sendoptions=w # send raw/encrypted
  --no-privilege-elevation \ # don't attempt to use root/sudo (assumes proper permissions / zfs allow)
  --no-sync-snap \ # don't create a snapshot for this sync (would require additional permissions, i skip this because sanoid already creates plenty of snapshots)
  --pv-options='-L 5M' \ # optional: limit bandwidth to 5MB/s 
  tank/source-dataset SomeUser@SomeServer:tank/target-dataset

Minimalistic, IP-limited authorized_keys entry to run a single command

from="192.168.0.0/24",restrict,command="SomeCommandHere" ssh-[...] [key] user@host

Prevent locale issues with SSH

ssh -F ~/.ssh/config user@ip
-F forces usage of the config, skipping global config which attempts to send locales.
Source: https://stackoverflow.com/a/41786965

Inline Docker file to build a container as part of a docker compose.yaml

services:
  app:
    build:
      context: .
      dockerfile_inline: |
        FROM baseimage ...

Grow Ubuntu VM on Proxmox

  1. grow VM disk on Proxmox
  2. in VM: growpart [device] [partitionNumber] (e.g. growpart /dev/sda 2)
  3. in VM: resize2fs [partition] (e.g. resize2fs /dev/sda2)
  4. verify with df -h

(WIP! NOT TESTED!) Automatically load ZFS keys for all datasets during boot

systemctl edit --full --force custom-zfs-load-keys

[Unit]
Before=zfs-mount.service
After=zfs-import.target
Requires=zfs-import.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/sbin/zfs load-key -a

[Install]
WantedBy=zfs-mount.service

(WIP! NOT TESTED!) Start Docker (and Docker containers) after ZFS mount

systemctl edit docker

[Unit]
Requires=zfs-mount.service

Vanilla Bash Shortcuts

Ctrl + W / Alt + Backspace: Remove word left
Ctrl + U: kill whole line
Ctrl + S: stop screen
Ctrl + Q: resume stopped screen
Alt + D: delete all right
Ctrl + _: undo

Global ACME / TLS (e.g. Cloudflare) with caddy-docker-proxy

tl;dr add a caddy.acme_dns: cloudflare TokenHere label to any container where you don't need the caddy: label (e.g. the caddy container itself). more info: lucaslorentz/caddy-docker-proxy#500 (comment)

Smart words in IT dev

  • idempotency (some http verbs, pure functions)
  • isomorphism (web dev)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment