Me being a lazy guy

._

#!/bin/sh

# Change Mirrors
# sed --in-place 's/us.archive.ubuntu.com/mirror.0x.sg/' /etc/apt/sources.list
# sed --in-place 's/us.archive.ubuntu.com/download.nus.edu.sg\/mirror/' /etc/apt/sources.list

get_and_execute()
{
  FILE=$1
  echo "Getting $FILE"
  curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/$FILE > ~/$FILE
  chmod +x ~/$FILE
  echo "Running $FILE"
  ~/$FILE
}

# apt-get install sudo wget curl
# yum install sudo wget curl

get_and_execute install.sh

## Install Docker
# export PROXY_HOST=127.0.0.1
# export PROXY_PORT=80
# get_and_execute init_docker.sh

## Install OpenVPN
# get_and_execute init_openvpn.sh
## Haxxor
# get_and_execute haxxor.sh

._.todo

# Migrate to ansible
  - PERIOD

# Investigate docker-openvpn
  - https://github.com/kylemanna/docker-openvpn

# Haxxor.sh
  - Binwalk + related binary tools
  - ropper
  - radere (https://github.com/sashs/Ropper)

.curlrc

# https://github.com/deiga/dotfiles/blob/master/curlrc

create-dirs

verbose
#silent
#show-error

## FTP setup
# ftp-create-dirs
# ftp-ssl
# ftp-pasv
# ftp-method = nocwd

# Limit the time (in seconds) the connection to the server is allowed to take
connect-timeout = 10

# Follow HTTP redirects
location

# Limit the time (in seconds) the whole operation is allowed to take
# (prevents cURL from hanging due to slow networks or links going down)
#max-time = 120

progress-bar

.gitignore_global

# -- Vagrant --

.vagrant/

# -- Vim --

# swap
[._]*.s[a-v][a-z]
[._]*.sw[a-p]
[._]s[a-v][a-z]
[._]sw[a-p]
# session
Session.vim
# temporary
.netrwhist
*~
# auto-generated tag files
tags


# -- GPG --

secring.*

# -- Ansible --

*.retry

# -- XCode --

# Xcode
#
# gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore

## Build generated
build/
DerivedData/

## Various settings
*.pbxuser
!default.pbxuser
*.mode1v3
!default.mode1v3
*.mode2v3
!default.mode2v3
*.perspectivev3
!default.perspectivev3
xcuserdata/

## Other
*.moved-aside
*.xccheckout
*.xcscmblueprint


# -- VirtualEnv --

# Virtualenv
# http://iamzed.com/2009/05/07/a-primer-on-virtualenv/
.Python
[Bb]in
[Ii]nclude
[Ll]ib
[Ll]ib64
[Ll]ocal
[Ss]cripts
pyvenv.cfg
.venv
pip-selfcheck.json


# -- MacOS --

*.DS_Store
.AppleDouble
.LSOverride

# Icon must end with two \r
Icon


# Thumbnails
._*

# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent

# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk

.tmux.conf

# Global settings

# Set prefix key to Ctrl-a
unbind-key C-b
set-option -g prefix C-a

# https://github.com/seebi/tmux-colors-solarized/blob/master/tmuxcolors-256.conf
set-option -g status-bg colour235 #base02
set-option -g status-fg colour136 #yellow
set-option -g status-attr default

# set window split
bind-key v split-window -h
bind-key b split-window

# default window title colors
set-window-option -g window-status-fg colour244 #base0
set-window-option -g window-status-bg default
#set-window-option -g window-status-attr dim

# active window title colors
set-window-option -g window-status-current-fg colour166 #orange
set-window-option -g window-status-current-bg default
#set-window-option -g window-status-current-attr bright

# pane border
set-option -g pane-border-fg colour235 #base02
set-option -g pane-active-border-fg colour240 #base01

# message text
set-option -g message-bg colour235 #base02
set-option -g message-fg colour166 #orange

# pane number display
set-option -g display-panes-active-colour colour33 #blue
set-option -g display-panes-colour colour166 #orange
# clock
set-window-option -g clock-mode-colour green #green

set -g status-interval 1
set -g status-justify centre # center align window list
set -g status-left-length 50
set -g status-right-length 180
set -g status-left '#[fg=green]#H #[fg=black]• #[fg=green,bright]#(uname -r | cut -c 1-6)#[default]'
set -g status-right "#[fg=green]Ext_ip: #(dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | egrep -v 'no servers could be reached|connection timed out' | sed -e 's/\\\"//g') :: #[fg=yellow]#(python2 ~/.tmuxinator/jelly/int.py ip) #[fg=red,bright]#(python2 ~/.tmuxinator/jelly/int.py speed) #[fg=green,bg=default,bright]#(tmux-mem-cpu-load --colors --interval 1) #[fg=red,dim,bg=default]:: #(uptime | cut -f 4-5 -d ' ' | cut -f 1 -d ',') #[fg=white,bg=default]%a %l:%M:%S %p#[default] #[fg=green]%Y-%m-%d"


# C-b is not acceptable -- Vim uses it
set-option -g prefix C-a
bind-key C-a last-window

# Start numbering at 1
set -g base-index 1
setw -g pane-base-index 1


# Allows for faster key repetition
set -s escape-time 1

# Extend the repeat interval for repeatable commands (e.g., resize-pane)
set -sg repeat-time 1000

# Rather than constraining window size to the maximum size of any client
# connected to the *session*, constrain window size to the maximum size of any
# client connected to *that window*. Much more reasonable.
setw -g aggressive-resize on

# Allows us to use C-a a <command> to send commands to a TMUX session inside
# another TMUX session
bind-key a send-prefix

# Activity monitoring
setw -g monitor-activity on
set -g visual-activity on

# Highlight active window
#set-window-option -g window-status-current-bg red

bind-key C command-prompt -p "Name of new window: " "new-window -n '%%'"

# reload config
bind r source-file ~/.tmux.conf \; display-message "Config reloaded..."

# auto window rename
set-window-option -g automatic-rename

# mouse mode
set -g mouse on

# mouse mode - tmux lt 2.1
# set -g mode-mouse on
# set -g mouse-resize-pane on
# set -g mouse-select-pane on
# set -g mouse-select-window on

# default shell
set-option -g default-shell /usr/bin/zsh

# color
set -g default-terminal "screen-256color"

#type prefix P to activate this
bind P pipe-pane -o "cat >> ~/#W.log" \; display "Toggled logging to ~/#W.log"

.vimrc

" Dein.vim based vimrc
" Checkout https://github.com/Shougo/dein.vim
" 
" Some configs courtesy of @jin

""""""""""
"""Dein"""
""""""""""

"" Start of Dein cfg

if &compatible
  set nocompatible
endif
set runtimepath+=~/.vim/dein.repo

" TODOs
" 
"
" file browser
" NeoBundle 'scrooloose/nerdtree'
"
" fuzzy file finder
" NeoBundle "kien/ctrlp.vim"
"
" Add support for autocomplete for
"  - js
"  - latex
"
" Add support for syntax highlighting for
"  - less
" Preview markdown files with html?

if dein#load_state('~/.vim/dein.plugins')
  call dein#begin('~/.vim/dein.plugins')
  call dein#add('~/.vim/dein.repo')
  " Autocomplete
  call dein#add('Shougo/neocomplete.vim') " https://github.com/Shougo/neocomplete.vim
  call dein#add('Raimondi/delimitMate') " https://github.com/Raimondi/delimitMate
  " Syntatic Parsers
  call dein#add('vim-syntastic/syntastic') " https://github.com/vim-syntastic/syntastic
  call dein#end()
  call dein#save_state()
endif

" Required:
filetype plugin indent on
syntax enable

""""""""""""""""""
"""Standard Vim"""
""""""""""""""""""

set number relativenumber
set encoding=utf-8
set mouse=a

" Suppress default message at launch
set shortmess+=I

" Increase performance when dealing with long strings
set lazyredraw

" set nobackup
" no viminfo files
set viminfo=
set backupdir=/tmp
set directory=/tmp

"" Whitespace stuff
set tabstop=2
set shiftwidth=2
set softtabstop=2
set expandtab
set smarttab "" Indent start of lines with shiftwidth, not tabstop

"" Nicer autocomplete in command mode
set wildmode=longest,list

" Allow backspace to work everywhere
set backspace=indent,eol,start

"" Enable vim omnicompletion
set omnifunc=syntaxcomplete#Complete

"" Soft wrap long lines
set wrap

"" Searching stuff
set hlsearch
set incsearch
set ignorecase
set smartcase

"" Spellcheck for markdown and text files
"" Refer to plugins for NeoComplete Autocomplete
autocmd BufRead,BufNewFile *.md,*.txt,*.mdown,*.markdown setlocal spell spelllang=en_us textwidth=79 complete+=kspell

"" Python PEP8 style
" au FileType python set softtabstop=4 tabstop=4 shiftwidth=4 textwidth=79

"" Java style
" au FileType java set softtabstop=4 tabstop=4 shiftwidth=4

"" Use system clipboard
set clipboard=unnamed

"" Persistent undo
set undofile
set undodir=/tmp

"" MacVim default font and size
set guifont=Inconsolata-dz:h12

"" No error and visual bells
set noerrorbells
set visualbell t_vb=

"" Keep at least * lines around cursor
set scrolloff=6

"" -- PANES --
"" Set vsp and sp to open a new pane to the right and below by default
set splitbelow
set splitright

colorscheme delek

"""""""""""""""""""
""""Keymappings""""
"""""""""""""""""""
"" Set <leader> to ','
let mapleader = ","

"" Maintain selection after indentation [Visual]
" vmap > >gv
" vmap < <gv

"" Moves cursor to the midscreen while going through search terms
nnoremap N Nzz
nnoremap n nzz

"" Quicker pane switching
nnoremap <C-h> <C-w>h
nnoremap <C-j> <C-w>j
nnoremap <C-k> <C-w>k
nnoremap <C-l> <C-w>l

"" Set ':' to ';'
nnoremap ; :

"" 'j' and 'k' as they should be
nnoremap j gj
nnoremap k gk

"" Sudo write a file
cmap w!! w !sudo tee % >/dev/null

"""""""""""""
"""Plugins"""
"""""""""""""

""""
"" Shougo/neocomplete
""""

" Disable AutoComplPop.
" let g:acp_enableAtStartup = 0

" Use neocomplete.
let g:neocomplete#enable_at_startup = 1

" Use smartcase.
let g:neocomplete#enable_smart_case = 1

" Set minimum syntax keyword length.
let g:neocomplete#sources#syntax#min_keyword_length = 2

" Define dictionary.
let g:neocomplete#sources#dictionary#dictionaries = {
    \ 'default' : '',
    \ 'vimshell' : $HOME.'/.vimshell_hist',
    \ 'scheme' : $HOME.'/.gosh_completions'
        \ }

" Plugin key-mappings.
inoremap <expr><C-g>     neocomplete#undo_completion()
inoremap <expr><C-l>     neocomplete#complete_common_string()

" Enable omni completion.
autocmd FileType css setlocal omnifunc=csscomplete#CompleteCSS
autocmd FileType html,markdown setlocal omnifunc=htmlcomplete#CompleteTags
autocmd FileType javascript setlocal omnifunc=javascriptcomplete#CompleteJS
autocmd FileType python setlocal omnifunc=pythoncomplete#Complete
autocmd FileType xml setlocal omnifunc=xmlcomplete#CompleteTags

""""
"" Raimondi/delimitMate
""""

"" Disable delimiteMate for Rust source
let delimitMate_excluded_ft = "rust,ml,ocaml"



""""
"" vim-syntastic/syntastic
""""

set statusline+=%#warningmsg#
set statusline+=%{SyntasticStatuslineFlag()}
set statusline+=%*

let g:syntastic_always_populate_loc_list = 1
let g:syntastic_auto_loc_list = 1
let g:syntastic_check_on_open = 1
let g:syntastic_check_on_wq = 0

" Aggregate errors from more than 1 checker
let g:syntastic_aggregate_errors = 1

" Checkers
" Ref - https://github.com/vim-syntastic/syntastic/blob/master/doc/syntastic-checkers.txt
let g:syntastic_python_checkers = ['pylint', 'python']
let g:syntastic_php_checkers = ['php', 'phpcs', 'phpmd']

" TODO
" Ansible yaml support for Syntastic - http://erikzaadi.com/2015/11/15/linting-ansible-yaml-in-vim/
au BufNewFile,BufRead *.yaml set filetype=yaml.ansible

""""
"" 
""""

""""
"" 
""""

""""
"" 
""""

""""
"" 
""""

.zshrc

# Tmuxinator
export ZSH=~/.oh-my-zsh
#PATH="`ruby -e 'puts Gem.user_dir'`/bin:$PATH"

ZSH_THEME="murilasso"

export UPDATE_ZSH_DAYS=7
export SHELL='zsh'

HIST_STAMPS="dd/mm/yyyy"
plugins=(git glance nova zsh-completions lxc)

export DISABLE_AUTO_UPDATE="true" # Check .oh-my-zsh/oh-my-zsh.sh
source $ZSH/oh-my-zsh.sh

# for mac keyboards
bindkey -s "^[OM" "^M"

# Aliases and Exports
if [ -f /etc/redhat-release ]; then
  # [Red Hat Based Systems]
  # SSHagent
  if [ `ps aux | grep ssh-agent | wc -l` -ne 1 ]; then
    SSH_PID=`ps aux | grep ssh-agent | egrep $(ls -l /tmp/ssh-*/agent.* | cut -d '.' -f 2 | paste -s -d '|') | awk '{print $2}'`
    SSH_SOCK=`ls -l /tmp/ssh-*/agent.* | grep "$SSH_PID" | awk '{print $NF}'`
    SSH_AUTH_SOCK=$SSH_SOCK; export SSH_AUTH_SOCK;
  fi
elif [ -f /etc/issue ]; then
  # [Debian based Systems]
  export PATH=$PATH:/usr/games
  
  # SSHagent
  if [ `ps aux | grep ssh-agent | wc -l` -ne 1 ]; then
    SSH_PID=`ps aux | grep ssh-agent | egrep $(ls -l /tmp/ssh-*/agent.* | cut -d '.' -f 2 | paste -s -d '|') | awk '{print $2}'`
    SSH_SOCK=`ls -l /tmp/ssh-*/agent.* | grep "$SSH_PID" | awk '{print $NF}'`
    SSH_AUTH_SOCK=$SSH_SOCK; export SSH_AUTH_SOCK;
  
  fi

elif [ $(uname) '==' 'Darwin' ]; then
  # [macOS based Systems]
  export PATH="/usr/local/bin:/usr/local/sbin:~/bin:$PATH"
  if [[ $(sw_vers -productName) == *Mac* ]]; then
    if which rbenv > /dev/null; then eval "$(rbenv init -)"; fi
    alias flushdns='sudo discoveryutil mdnsflushcache && sudo discoveryutil udnsflushcaches && sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist && sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist'
    # https://gist.github.com/textarcana/4611277
    export LESSOPEN="| /usr/local/bin/src-hilite-lesspipe.sh %s"
    export LESS=" -R "
    alias less='less -m -N -g -i -J --underline-special --SILENT'
    alias more='less'
    alias dd='sudo gdd status=progress bs=4M'
  fi
  
  # OPSec
  alias grip="echo 'no'"
  
fi

# Root should always be '#'
# Noobs should always be '$'
# Thanks SB

if [ -f /etc/redhat-release ]; then
  # [Red Hat Based Systems]
  :
elif [ -f /etc/issue ]; then
  # [Debian based Systems]
  export PATH=$PATH:/usr/games
  if [ $USER = "root" ]; then
    export PS1=`echo ${PS1} | sed 's/\%B$\%b/\%B#\%b/'`
  else 
    export PS1=`echo ${PS1} | sed 's/\%B#\%b/\%B$\%b/'`
  fi
else
  :
fi


export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
export LANGUAGE=en_US.UTF-8
export EDITOR='vim'

# Python
if ls ~/.pythonrc 1>/dev/null 2>/dev/null
	then
	export PYTHONSTARTUP=~/.pythonrc
fi

## For pip packages installed with pip install --user
if [ $(uname) '==' 'Darwin' ]; then
  # [macOS based Systems]
    if [[ $(sw_vers -productName) == *Mac* ]]; then
        export PATH="$PATH:/Users/$USER/Library/Python/2.7/bin/"
    fi
  alias ssh-add-all='ssh-add $(ls ~/.ssh/*.pub | sed 's/.pub//g')'
fi

# Youtube-DL
if hash youtube-dl 1>/dev/null 2>/dev/null
	then
	alias yout='youtube-dl -f bestvideo+bestaudio'
  alias youn='yout -o "%(autonumber)s-%(title)s.%(ext)s"'
fi

# Git
alias gita='git add -A'
alias gitc='git commit -m'
alias gitp='git push origin master'
gitdd () {
	echo "Files untracked but to be staged\n"
	git ls-files --others --exclude-standard
	echo "\nFor more info try < git status >"
	git diff --color "$@" | diff-so-fancy | less
}

alias grepp='grep -rnw '.' -e'

if hash aria2c 1>/dev/null 2>/dev/null
  then
  alias aria="aria2c -s 4 -x 4"
fi

# SuperCow Power
export ANSIBLE_NOCOWS="1"

# Watch logins
watch=all
LOGCHECK=5  # every 5 seconds
WATCHFMT="%B%n%b from %B%M%b has %a tty%l at %D{'%d/%m/%y %T %Z'}"

## MOTD
COWS=(`cowsay -l | tail -n +2 | tr '\n' ' '`)
THE_CHOSEN_COW=${COWS[$(($RANDOM % ${#COWS[@]} + 1)) ]}
# NOT SAFE FOR WORK!
# command cowsay -W $((`tput cols` - 20)) -f ${THE_CHOSEN_COW} $(fortune)
command cowsay $(fortune)

init_docker.sh

#!/bin/bash
# installs docker only on ubuntu instances
# TODO centos instances

set -eux pipefail


if [ -f /etc/redhat-release ]; then
  # Red-hat
  # https://docs.docker.com/engine/installation/linux/docker-ce/centos/
  
  echo "not supported"
  
elif [ -f /etc/issue ]; then
  # Debian
  # https://docs.docker.com/engine/installation/linux/docker-ce/ubuntu/

  echo "installing docker-ce"
  sudo apt-get remove docker docker-engine docker.io
  sudo apt-get update
  sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    software-properties-common -y
  curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
  sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"
  sudo apt-get update
  sudo apt-get install docker-ce -y
  

  echo "installing docker-compose"
  if [ -f /etc/redhat-release ]
  then
    sudo rm /usr/local/bin/docker-compose
  elif command -v docker-compose
  then
    pip uninstall docker-compose
  fi

  sudo -E curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
  sudo chmod +x /usr/local/bin/docker-compose

  # export PROXY_HOST=127.0.0.1
  # export PROXY_PORT=80
  ## Proxy https://docs.docker.com/engine/admin/systemd/#runtime-directory-and-storage-driver
  sudo mkdir -p /etc/systemd/system/docker.service.d
  sudo cat <<EOF >> /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]    
Environment="HTTP_PROXY=http://$PROXY_HOST:$PROXY_PORT/" "NO_PROXY=localhost,127.0.0.1"
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

elif [ $(uname) '==' 'Darwin' ]; then
  echo "not supported"
fi

init_openvpn.sh

#!/bin/bash
# installs docker only on ubuntu instances
# TODO centos instances

set -eux pipefail

if [ -f /etc/redhat-release ]; then
  # Red-hat
  echo "not supported"
elif [ -f /etc/issue ]; then
  # Debian/Ubuntu
  # https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04

  echo "installing OVPN"
  sudo apt-get update
  sudo apt-get install openvpn easy-rsa -y
  make-cadir ~/openvpn-ca
  cd ~/openvpn-ca

cat <<EOF >> vars
export KEY_COUNTRY="SG"
export KEY_PROVINCE="SG"
export KEY_CITY="Singapore"
export KEY_ORG="Jellyland-Inc"
export KEY_EMAIL="[email protected]"
export KEY_OU="Jellyland-Inc"
export KEY_NAME="jellyvpn_server"
EOF
  
  cd ~/openvpn-ca
  source vars
  ./clean-all

  # Build CA
  # ./build-ca

  export EASY_RSA="${EASY_RSA:-.}"
  "$EASY_RSA/pkitool" --batch --initca

  # Build Key-Server
  # ./build-key-server jellyvpn_server
  "$EASY_RSA/pkitool" --batch --server jellyvpn_server

  # Build DH Key
  # ./build-dh
  $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}

  openvpn --genkey --secret keys/ta.key
  cd ~/openvpn-ca
  source vars

  # Build Client Key
  #./build-key client1
  "$EASY_RSA/pkitool" client1

  cd ~/openvpn-ca/keys
  sudo cp ca.crt jellyvpn_server.crt jellyvpn_server.key ta.key dh2048.pem /etc/openvpn
  gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/jellyvpn_server.conf

cat <<EOF >> /etc/openvpn/jellyvpn_server.conf
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC
auth SHA256
user nobody
group nogroup
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
cert jellyvpn_server.crt
key jellyvpn_server.key
EOF

cat <<EOF >> /etc/sysctl.conf
net.ipv4.ip_forward=1
EOF

  sudo sysctl -p
  export DEFAULT_INT=`ip route | grep default | awk '{print $5}'`

cat <<EOF >> /etc/ufw/before.rules
# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0] 
# Allow traffic from OpenVPN client to wlp11s0 (change to the interface you discovered!)
-A POSTROUTING -s 10.8.0.0/8 -o $DEFAULT_INT -j MASQUERADE
COMMIT
# END OPENVPN RULES
EOF

  sed -i.bak 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/' /etc/default/ufw

  sudo ufw allow 1194/udp
  sudo ufw allow OpenSSH
  sudo ufw --force disable
  sudo ufw --force enable

  systemctl start openvpn@jellyvpn_server
  # systemctl status openvpn@jellyvpn_server
  ip addr show tun0
  systemctl enable openvpn@jellyvpn_server

  mkdir -p ~/client-configs/files
  chmod 700 ~/client-configs/files
  cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/client-configs/base.conf
  PUB_IP_ADDRESS=`dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | egrep -v 'no servers could be reached|connection timed out' | sed -e 's/"//g'`

cat <<EOF >> ~/client-configs/base.conf
remote $PUB_IP_ADDRESS 1194
proto udp

# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup

cipher AES-128-CBC
auth SHA256
key-direction 1
# script-security 2
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
EOF

  sed -i.bak 's/ca ca.crt/#ca ca.crt/' ~/client-configs/base.conf
  sed -i.bak 's/cert client.crt/#cert client.crt/' ~/client-configs/base.conf
  sed -i.bak 's/key client.key/#key client.key/' ~/client-configs/base.conf

cat <<EOF > ~/client-configs/make_config.sh
#!/bin/bash

# First argument: Client identifier

KEY_DIR=~/openvpn-ca/keys
OUTPUT_DIR=~/client-configs/files
BASE_CONFIG=~/client-configs/base.conf

cat \${BASE_CONFIG} \\
  <(echo -e '<ca>') \\
  \${KEY_DIR}/ca.crt \\
  <(echo -e '</ca>\n<cert>') \\
  \${KEY_DIR}/\${1}.crt \\
  <(echo -e '</cert>\n<key>') \\
  \${KEY_DIR}/\${1}.key \\
  <(echo -e '</key>\n<tls-auth>') \\
  \${KEY_DIR}/ta.key \\
  <(echo -e '</tls-auth>') \\
  > \${OUTPUT_DIR}/\${1}.ovpn
EOF

  chmod 700 ~/client-configs/make_config.sh
  cd ~/client-configs
  ./make_config.sh client1
  ls ~/client-configs/files

  echo "Get OpenVPN Client file(s) with"
  echo "scp -r `whoami`@$PUB_IP_ADDRESS:~/client-configs/files ./"

elif [ $(uname) '==' 'Darwin' ]; then
  echo "not supported"
fi

install.sh

#!/bin/bash
# bash needed for 'source'

# http://redsymbol.net/articles/unofficial-bash-strict-mode/

# gr8 d1g5
# https://gist.github.com/t-io/8255711
# https://mattstauffer.co/blog/setting-up-a-new-os-x-development-machine-part-2-global-package-managers#creating-your-brewfile

###
# TODO: Convert this to a single brew file

if [ -f /etc/redhat-release ]; then
  set -ex pipefail
  # Red-hat
  sudo -E yum update -y
  
  grep -i fedora /etc/redhat-release || sudo yum install -y epel-release
  sudo -E yum update -y
  sudo -E yum install -y tree lshw tar wget net-tools iotop htop iftop nmap mtr zsh tmux vim links youtube-dl cowsay fortune-mod git cmake curl gcc-c++ gcc sshuttle
  
  # /usr/local/bin utils
  sudo -E wget https://raw.githubusercontent.com/so-fancy/diff-so-fancy/master/third_party/build_fatpack/diff-so-fancy -O /usr/local/bin/diff-so-fancy
  chmod +x /usr/local/bin/diff-so-fancy
  localedef -v -c -i en_US -f UTF-8 en_US.UTF-8
  
elif [ -f /etc/issue ]; then
  set -ex pipefail
  # Debian
  sudo -E apt-get update
  sudo -E apt-get upgrade -y
  sudo -E apt-get install -y tree lshw tar wget iotop htop iftop nmap mtr zsh tmux vim links youtube-dl cowsay fortune-mod rbenv git cmake curl g++ gcc sshuttle
  
  # /usr/local/bin utils
  sudo -E wget https://raw.githubusercontent.com/so-fancy/diff-so-fancy/master/third_party/build_fatpack/diff-so-fancy -O /usr/local/bin/diff-so-fancy
  chmod +x /usr/local/bin/diff-so-fancy
  
  sudo locale-gen en_US.UTF-8
  update-locale LANG=en_US.UTF-8
  
elif [ $(uname) '==' 'Darwin' ]; then
  if [[ $(sw_vers -productName) == *Mac* ]]; then
    # Homebrew
    /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
    brew update
    brew tap jlhonora/lsusb
    brew install lsusb rbenv ruby-build ansible node wget autoconf go
    brew install doxygen homebrew/dupes/openssh wireshark automake nodejs
    brew install ffmpeg links openssl fortune pkg-config tmux cmake 
    brew install mongodb python tree coreutils libusb python3 cowsay socat
    brew install libusb-compat nmap rsync htop youtube-dl libtool telnet
    brew install vim --with-lua

    # GNU Utils
    brew install coreutils
    brew install binutils
    brew install diffutils
    brew install ed --with-default-names
    brew install findutils --with-default-names
    brew install gawk
    brew install gnu-indent --with-default-names
    brew install gnu-sed --with-default-names
    brew install gnu-tar --with-default-names
    brew install gnu-which --with-default-names
    brew install gnutls
    brew install grep --with-default-names
    brew install gzip
    brew install screen
    brew install watch
    brew install wdiff --with-gettext
    brew install sshuttle
    brew install diff-so-fancy
    brew install source-highlight #less
    brew install inetutils

    # Brew cask
    ## brew install caskroom/cask/brew-cask
    # export HOMEBREW_CASK_OPTS="--appdir=/Applications"

    # FTDI Driver
    # brew cask install ftdi-vcp-driver

    # SiLabs Driver
    # brew cask install silicon-labs-vcp-driver

    # Other Utils
    brew cask install firefox
    brew cask install vlc
    brew cask install google-chrome
    brew cask install alfred
    brew cask install skype

    # Dev Utils
    brew install dark-mode
    brew cask install iterm2
    brew cask install sublime-text
    # brew cask install lighttable
    # brew cask install macvim
    brew cask install virtualbox
    # brew cask install vmware-fusion
    # brew cask install vagrant
    # brew cask install sourcetree
    # brew cask install charles
    brew cask install hex-fiend
    # brew cask install arduino
    # brew cask install google-earth
    # brew cask install slack
    brew cask install caffeine
    brew cask install flux
    brew cask install tunnelblick
    brew install ansible
    # brew install docker docker-machine docker-compose
    brew install aria2
    brew cask install arq
    brew cask install little-snitch

    # Link Cask Apps to Alfred
    # brew cask alfred link

    # Ruby
    rbenv install 2.5.0
    rbenv global 2.5.0
  fi
fi

## Ruby Version Manager
# https://rvm.io/
# Does not work for Centos yet

if [ -f /etc/redhat-release ]; then
  curl -sSL https://rvm.io/mpapis.asc | gpg --import -
  curl -L get.rvm.io | bash -s stable --ruby
  source /etc/profile.d/rvm.sh #Centos
  sudo -E /etc/profile.d/rvm.sh && gem install rdoc && gem install tmuxinator
  rvm reload
  rvm requirements run
  rvm install 2.5.0
  rvm use 2.5.0
elif [ -f /etc/issue ]; then
  curl -sSL https://rvm.io/mpapis.asc | gpg --import -
  curl -L get.rvm.io | bash -s stable --ruby
  source /etc/profile.d/rvm.sh || source ~/.profile #Ubuntu
  sudo -E ~/.profile && gem install rdoc && gem install tmuxinator
  rvm reload
  rvm requirements run
  rvm install 2.5.0
  rvm use 2.5.0
elif [[ $(sw_vers -productName) == *Mac* ]]; then
  echo "HI MAC!"
  gem install tmuxinator
else
  echo "not supposed to happen"
fi

touch ~/.zshrc ~/.tmux.conf ~/.vimrc 
sudo touch /etc/ssh/sshd_config

# zsh, oh-my-zsh
# location works for ubuntu, OSX
chsh -s /bin/zsh
curl -L -k https://raw.githubusercontent.com/RepoHell/oh-my-zsh/patch-1/tools/install.sh --retry 5 --retry-delay 5 | sh
mv ~/.zshrc ~/.zshrc.bak
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.zshrc > ~/.zshrc

# tmuxinator
# export PATH="`ruby -e 'puts Gem.user_dir'`/bin:$PATH"


#sudo -E gem install rdoc
#sudo -E gem install tmuxinator
# Install fails in Centos with
# tmuxinator requires Ruby version >= 2.2.7.

mv ~/.tmux.conf ~/.tmux.conf.bak
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.tmux.conf > ~/.tmux.conf
mkdir -p ~/.tmuxinator/jelly
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/mon.yml > ~/.tmuxinator/mon.yml
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/int.py > ~/.tmuxinator/jelly/int.py

# Tmux
git clone https://github.com/thewtex/tmux-mem-cpu-load ~/tmux-mem-cpu-load
cd  ~/tmux-mem-cpu-load
cmake .
make
sudo make install
cd ~/
rm -rf ~/tmux-mem-cpu-load

# Vim
mv ~/.vimrc ~/.vimrc.bak
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.vimrc > ~/.vimrc
mkdir -p ~/.vim/dein.plugins ~/.vim/dein.repo
git clone https://github.com/Shougo/dein.vim ~/.vim/dein.repo
vim +":call dein#install() | :q"

# fzf

git clone --depth 1 https://github.com/junegunn/fzf.git ~/.fzf
# ~/.fzf/install

# Oh-my-zsh tab completions
## Find some [here](https://github.com/unixorn/awesome-zsh-plugins)

## Openstack
### https://github.com/t0mk/oh-my-zsh-openstack
cd ~
mkdir -p ~/.oh-my-zsh/custom/plugins/packer

git clone https://github.com/t0mk/oh-my-zsh-openstack ~/.oh-my-zsh/custom/plugins/oh-my-zsh-openstack
for d in $(find ~/.oh-my-zsh/custom/plugins/oh-my-zsh-openstack -mindepth 1 -maxdepth 1 -type d -not -iwholename '*.git'); do echo `basename $d`; ln -s $d .oh-my-zsh/custom/plugins/`basename $d`; done
rm -rf oh-my-zsh-openstack

## LXC
mkdir -p /root/.oh-my-zsh/custom/plugins/lxc
curl https://gist.githubusercontent.com/jellyjellyrobot/c672dc59810912779d0241914a12af48/raw/e0c4d5b999441d0c67562b068ebdf79ea8374773/_lxc > ~/.oh-my-zsh/custom/plugins/lxc/_lxc

## Additional zsh completions
### https://github.com/zsh-users/zsh-completions
git clone https://github.com/zsh-users/zsh-completions ~/.oh-my-zsh/custom/plugins/zsh-completions

## Packer
### https://github.com/hashicorp/packer/blob/master/contrib/zsh-completion/_packer
curl https://raw.githubusercontent.com/hashicorp/packer/master/contrib/zsh-completion/_packer > ~/.oh-my-zsh/custom/plugins/packer/_packer

## Replace plugins
# TODO



# Sane SSH
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sudo cat <<EOF >> /etc/ssh/sshd_config

# DNS
UseDNS no

# Request keepalive from client
ClientAliveInterval 20
ClientAliveCountMax 5

EOF

cat <<EOF >> ~/.ssh/config

Host *
  ServerAliveInterval 30
  ServerAliveCountMax 5

EOF

# SSH MOTD
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/motd >> /etc/motd

# Curl
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.curlrc >> ~/.curlrc

# Gitconfig
curl https://gist.githubusercontent.com/jellyjellyrobot/d90796a4232deeda75bca7c70c758428/raw/.gitignore_global >> ~/.gitignore_global
git config --global core.excludesfile ~/.gitignore_global

int.py

#!/usr/bin/env python

import os
import sys

from time import sleep

default_int = os.popen("netstat -rn | awk '{print $1 \" \" $NF}' | grep 'default\|0.0.0.0' | head -n 1 | awk '{print $2}'").read().split('\n')[0]

sw = sys.argv[1].lower()

if "ip" in sw:
  default_int_ip = os.popen("ifconfig " + default_int + " | grep 'inet ' | awk '{print \"" + default_int + ": \" $2}'").read().split('\n')[0]
  print default_int_ip
elif "speed" in sw:
  speeds = os.popen("ifstat -i " + default_int + " 1 1 2> /dev/null | tail -n 1 | awk '{print $1 \" \" $2}'").read()
  if len(speeds) != 0:
    speeds_KBps = map(float, speeds.split())
  else:
    rxb_0 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/rx_bytes").read())
    txb_0 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/tx_bytes").read())
    sleep(0.2)
    rxb_1 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/rx_bytes").read())
    txb_1 = int(os.popen("cat /sys/class/net/" + default_int + "/statistics/tx_bytes").read())
    speeds_KBps = [ 
      float(rxb_1 - rxb_0)*5/1024,
      float(txb_1 - txb_0)*5/1024
    ]
  print "D: " + "{0:.1f}".format(speeds_KBps[0]) + "K U: " + "{0:.1f}".format(speeds_KBps[1])+"K"

mon.yml

# ~/.tmuxinator/mon.yml

name: mon
root: ~/

# Optional tmux socket
# socket_name: foo

# Runs before everything. Use it to start daemons etc.
# pre: sudo echo "Gain sudo priv for scripts:\n"

# Runs in each window and pane before window/pane specific commands. Useful for setting up interpreter versions.
# pre_window: rbenv shell 2.0.0-p247

# Pass command line options to tmux. Useful for specifying a different tmux.conf.
# tmux_options: -f ~/.tmux.mac.conf

# Change the command to call tmux.  This can be used by derivatives/wrappers like byobu.
# tmux_command: byobu

# Specifies (by name or index) which window will be selected on project startup. If not set, the first window is used.
# startup_window: editor

# Specitifes (by index) which pane of the specified window will be selected on project startup. If not set, the first pane is used.
# startup_pane: 1

# Controls whether the tmux session should be attached to automatically. Defaults to true.
# attach: false

# Runs after everything. Use it to attach to tmux with custom options etc.
# post: tmux -CC attach -t mon

windows:
  - main:
      layout: main-vertical
      # Synchronize all panes of this window, can be enabled before or after the pane commands run.
      # 'before' represents legacy functionality and will be deprecated in a future release, in favour of 'after'
      # synchronize: after
      panes:
        - htop
        - iotop
        - ps aux
        - df -h
  - network:
      layout: main-vertical
      # Synchronize all panes of this window, can be enabled before or after the pane commands run.
      # 'before' represents legacy functionality and will be deprecated in a future release, in favour of 'after'
      # synchronize: after
      panes:
        - netstat -W | less
        - lsof -n -i +c 15 | less
        - ps aux | less

motd

ACHTUNG!

ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.

TODO

- Not be a yob
- Check out
  - [Antigen](https://github.com/zsh-users/antigen)