phg/.files
0
0
Fork 0
mirror of https://github.com/shokinn/.files.git synced 2025-06-28 07:40:40 +00:00
Code Issues Projects Releases Packages Wiki Activity

relocate files from .bin to .local/bin; remove dotdrop submodule; Update Installation process; remove pip, pylint and pyenv oh-my-zsh plugins; Update LICENSE;

Browse source
This commit is contained in:
Philip Henning 2024-11-29 11:19:50 +01:00
parent 4c529a3fb0
commit 53ff1bfffa
26 changed files with 68 additions and 145 deletions
Download patch file Download diff file Expand all files Collapse all files

250
dotfiles/local/bin/agenix-helper Executable file
View file

@ -0,0 +1,250 @@
#!/usr/bin/env bash
# More safety, by turning some bugs into errors.
# Without `errexit` you dont need ! and can replace
# ${PIPESTATUS[0]} with a simple $?, but I prefer safety.
set -euf -o pipefail
#---------------------------------------------------
#
# {{@@ header() @@}}
#
# age encryption / decryption helpers
# based on https://github.com/ryantm/agenix
#
# For macOS coreutils and gnu-getopt are required
# to run this script.
# brew install coreutils gnu-getopt
#
#---------------------------------------------------
#TMPPATH="/dev/shm"
TMPPATH="/tmp"
[[ -d "/opt/homebrew/opt/coreutils/libexec/gnubin" ]] && export PATH="/opt/homebrew/opt/coreutils/libexec/gnubin:${PATH}"
[[ -d "/opt/homebrew/opt/gnu-getopt/bin" ]] && export PATH="/opt/homebrew/opt/gnu-getopt/bin:${PATH}"
update_keys() {
local file="${1}"
local start_marker="${2}"
local end_marker="${3}"
local new_key="${4}"
local list_name="${5}"
local tmp_file=$(mktemp -p ${TMPPATH})
local content_file=$(mktemp -p ${TMPPATH})
local content_array=()
local content_array_unsorted=()
# Get current configured keys and save them to the array "content_array"
mapfile -t content_array_unsorted < <(awk "/${start_marker}/{f=1;next} /${end_marker}/{f=0} f" ${file})
# Add new key to the array "content_array"
content_array_unsorted+=("${new_key}")
# Sort content alphabetically
IFS=$'\n' content_array=($(sort <<<"${content_array_unsorted[*]}")); unset IFS
# Remove duplicates from the array
declare -A seen=()
unique_content_array=()
for item in "${content_array[@]}"; do
key="${item%%=*}" # Extract the key part
if [[ -z "${seen[$key]+unset}" ]]; then
unique_content_array+=("${item}")
seen[$key]=1
fi
done
# Write the unique contents of the array to a temporary file
printf "%s\n" "${unique_content_array[@]}" > "${content_file}"
# Process the file to replace the keyword list and the block of text
awk -v start="${start_marker}" -v end="${end_marker}" -v content_file="${content_file}" -v keys="${!seen[*]}" -v list_name="${list_name}" '
BEGIN {
in_block = 0
split(keys, key_array, " ")
}
{
if ($0 ~ start) {
print
in_block = 1
while ((getline line < content_file) > 0) {
print line
}
close(content_file)
next
}
if ($0 ~ end) {
in_block = 0
print
next
}
if (!in_block) {
if ($0 ~ list_name " = \\[.*\\];") {
# Recreate the list_name list from the keys of unique_content_array
printf " %s = [ ", list_name
sep = ""
for (i in key_array) {
gsub(/^ +/, "", key_array[i]) # Remove leading spaces from keys
printf "%s%s", sep, key_array[i]
sep = " "
}
print " ];"
next
}
print
}
}
' "${file}" > "${tmp_file}"
# Move the temporary file to the original file
mv "${tmp_file}" "${file}"
rm "${content_file}"
}
gen-user-key() {
local keyname="${1}"
local public_key="${2}"
local working_directory="${3:-$(pwd)}"
local begin_marker='#-----BEGIN USER PUBLIC KEYS-----'
local end_marker='#------END USER PUBLIC KEYS------'
local input_file="${working_directory}/secrets/secrets.nix"
local userkey
if [[ ${public_key} == "EMPTY" ]]; then
echo "generating new keys for host ${keyname}";
ssh-keygen \
-t ed25519 \
-f ~/.ssh/${keyname} \
-C "agenix@${keyname}" \
-N ''
echo "getting user public key for user ${keyname}"
userkey=$(echo -n " ${keyname} = \"$(cat ~/.ssh/${keyname}.pub | awk -F' ' '{ print $1, $2 }')\";")
else
userkey=$(echo -n " ${keyname} = \"$(echo -n "${public_key}" | awk -F' ' '{ print $1, $2 }')\";")
fi
update_keys "${input_file}" "${begin_marker}" "${end_marker}" "${userkey}" "users"
}
get-host-key() {
local keyname="${1}"
local target="${2}"
local type="${3:-ssh-ed25519}"
local working_directory="${4:-$(pwd)}"
local begin_marker='#-----BEGIN SYSTEM PUBLIC KEYS-----'
local end_marker='#------END SYSTEM PUBLIC KEYS------'
local input_file="${working_directory}/secrets/secrets.nix"
local hostkey
echo "getting host public key for host ${keyname}"
hostkey=$(echo -n " ${keyname} = \"$(ssh-keyscan -t ${type} ${target} 2>/dev/null | awk -F' ' '{ print $2, $3 }')\";")
update_keys "${input_file}" "${begin_marker}" "${end_marker}" "${hostkey}" "systems"
}
help() {
echo "Usage: $(basename ${0}) < gen-user-key [argument ...] | get-host-key [argument ...] >"
echo ""
echo "Options:"
echo " gen-user-key generates a new ssh-ed25519 keypair and adds the public key to secrets.nix"
echo ""
echo " -k, --public-key provide a public key, instead of generiting a new keypair (format: \"ssh-ed25519 AAAAC3N...\")"
echo " -n, --name keyname, usually the hostname (e.g. <hostname>)"
echo " -p, --path path to the root directory for the nixOS configuration files, defaults to \`pwd\`"
echo ""
echo ""
echo " get-host-key get a ssh host public key via ssh-keyscan and adds it to secrets.nix"
echo ""
echo " -t, --target hostname, fqdn or IP from whom the host key is requested"
echo " -n, --name keyname, usually the hostname (e.g. <hostname>)"
echo " -p, --path path to the root directory for the nixOS configuration files, defaults to \`pwd\`"
echo " --type type of the key which is requested via ssh-keyscan, defaults to \`ssh-ed25519\`"
}
# -allow a command to fail with !s side effect on errexit
# -use return value from ${PIPESTATUS[0]}, because ! hosed $?
! getopt --test > /dev/null
if [[ ${PIPESTATUS[0]} -ne 4 ]]; then
echo 'Im sorry, `getopt --test` failed in this environment.'
exit 1
fi
# option --output/-o requires 1 argument
OPTIONS=hk:n:p:t:
LONGOPTS=help,name:,path:,public-key:,target:,type:
# -regarding ! and PIPESTATUS see above
# -temporarily store output to be able to check for errors
# -activate quoting/enhanced mode (e.g. by writing out “--options”)
# -pass arguments only via -- "$@" to separate them correctly
! PARSED=$(getopt --options=${OPTIONS} --longoptions=${LONGOPTS} --name "$(basename ${0})" -- "${@:--h}")
if [[ ${PIPESTATUS[0]} -ne 0 ]]; then
# e.g. return value is 1
# then getopt has complained about wrong arguments to stdout
exit 2
fi
# read getopts output this way to handle the quoting right:
eval set -- "${PARSED}"
# now enjoy the options in order and nicely split until we see --
while true; do
case "${1}" in
-h|--help)
shift
help
exit
;;
-k|--public-key)
public_key="${2}"
shift 2
;;
-n|--name)
name="${2}"
shift 2
;;
-p|--path)
path="${2}"
shift 2
;;
-t|--target)
target="${2}"
shift 2
;;
--type)
type="${2}"
shift 2
;;
--)
shift
break
;;
*)
echo "This option (${1}) does not exist. Exiting."
exit 3
;;
esac
done
# handle non-option arguments
if [[ ${#} -eq 1 ]]; then
while true; do
case "${1}" in
gen-user-key)
gen-user-key "${name:?Error, missing option \"-n\"}" "${public_key:-"EMPTY"}" "${path:-}"
shift
exit
;;
get-host-key)
get-host-key "${name:?Error, missing option \"-n\"}" "${target:?Error, missing option \"-t\"}" "${type:-}" "${path:-}"
shift
exit
;;
*)
echo "Wrong sub command, use -h to print the help."
exit 4
;;
esac
done
else
echo "No sub command provided, use -h to print the help."
fi

17
dotfiles/local/bin/c3check Executable file
View file

@ -0,0 +1,17 @@
#!/usr/bin/env bash
#
# {{@@ header() @@}}
#
if [[ -z "${1}" ]] || [[ -z "${2}" ]] || [[ -z "${3}" ]]; then
echo "Usage: ${0} <player> <event> <talk-id>"
echo "e.g.: ${0} vlc 35c3 9766"
exit 1
fi
mediainfo /video/video/encoded/${2}/${3}-hd.mp4
read -p "Press any key to continue... " -n1 -s
${1} /video/video/encoded/${2}/${3}-hd.mp4

12
dotfiles/local/bin/c3cp Executable file
View file

@ -0,0 +1,12 @@
#!/usr/bin/env bash
#
# {{@@ header() @@}}
#
if [[ -z "${1}" ]]; then
echo "Filepath missing."
exit 1
fi
rsync --verbose --progress --inplace ${1} /tmp/

13
dotfiles/local/bin/c3kdenlive Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/env bash
#
# {{@@ header() @@}}
#
if [[ -z "${1}" ]] || [[ -z "${2}" ]]; then
echo "Usage: ${0} <event> <talk-id>"
echo "e.g.: ${0} 35c3 9766"
exit 1
fi
kdenlive /video/fuse/${1}/*/${2}/project.kdenlive

13
dotfiles/local/bin/c3l Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/env bash
#
# {{@@ header() @@}}
#
if [[ -z "${1}" ]] || [[ -z "${2}" ]]; then
echo "Usage: ${0} <event> <talk-id>"
echo "e.g.: ${0} 35c3 9766"
exit 1
fi
ls -lah --color=tty /video/fuse/${1}/*/${2}/

13
dotfiles/local/bin/c3mpv Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/env bash
#
# {{@@ header() @@}}
#
if [[ -z "${1}" ]] || [[ -z "${2}" ]]; then
echo "Usage: ${0} <event> <talk-id>"
echo "e.g.: ${0} 35c3 9766"
exit 1
fi
mpv /video/fuse/${1}/*/${2}/uncut.ts

59
dotfiles/local/bin/mount_c3voc Executable file
View file

@ -0,0 +1,59 @@
#!/usr/bin/env bash
#
# {{@@ header() @@}}
#
if [[ ${UID} -ne 0 ]]; then
echo "You have to run this script as root!"
exit 1
fi
options=( storage aws umount )
if [[ -z "${1}" ]]; then
echo "Usage: ${0} <project>"
echo "e.g.: ${0} c3"
echo " "
echo "Valid options:"
for i in "${options[@]}"; do
echo " - ${i}"
done
fi
fuse="/video/fuse"
video="/video/video"
tmp="/video/tmp"
if mount | grep ${fuse} > /dev/null; then
umount ${fuse}
fi
if mount | grep ${video} > /dev/null; then
umount ${video}
fi
if mount | grep ${tmp} > /dev/null; then
umount ${tmp}
fi
case ${1} in
storage)
mount.cifs //storage.lan.c3voc.de/fuse ${fuse} -o rw,guest -o uid=phg
mount.cifs //storage.lan.c3voc.de/video ${video} -o rw,guest -o uid=phg
mount.cifs //storage.lan.c3voc.de/tmp ${tmp} -o rw,guest -o uid=phg
;;
aws)
mount.cifs //aws.lan.c3voc.de/fuse ${fuse} -o rw,guest -o uid=phg
mount.cifs //aws.lan.c3voc.de/video ${video} -o rw,guest -o uid=phg
mount.cifs //aws.lan.c3voc.de/tmp ${tmp} -o rw,guest -o uid=phg
;;
umount)
;;
*)
echo "Mountpoint does not exist."
echo "Please use one of the following:"
for i in "${options[@]}"; do
echo " - ${i}"
done
esac

7
dotfiles/local/bin/pu Executable file
View file

@ -0,0 +1,7 @@
#!/usr/bin/env zsh
#
# {{@@ header() @@}}
#
open -j -g 'jamfselfservice://content?entity=policy&id=810&action=execute'

7
dotfiles/local/bin/rmquarantine Executable file
View file

@ -0,0 +1,7 @@
#!/usr/bin/env zsh
#
# {{@@ header() @@}}
#
xattr -r -d com.apple.quarantine ${1}

7
dotfiles/local/bin/rpki Executable file
View file

@ -0,0 +1,7 @@
#!/usr/bin/env zsh
#
# {{@@ header() @@}}
#
open -j -g 'jamfselfservice://content?entity=policy&id=2135&action=execute'

325
dotfiles/local/bin/secretfiles Executable file
View file

@ -0,0 +1,325 @@
#!/usr/bin/env bash
# More safety, by turning some bugs into errors.
# Without `errexit` you dont need ! and can replace
# ${PIPESTATUS[0]} with a simple $?, but I prefer safety.
set -euf -o pipefail
#---------------------------------------------------
#
# {{@@ header() @@}}
#
# age encryption / decryption helpers
# based on https://git.sr.ht/~digital/secretFiles
#
# For macOS coreutils and gnu-getopt are required to
# run this script.
# brew install coreutils gnu-getopt
#
#---------------------------------------------------
#TMPPATH="/dev/shm"
TMPPATH="/tmp"
[[ -d "/opt/homebrew/opt/coreutils/libexec/gnubin" ]] && export PATH="/opt/homebrew/opt/coreutils/libexec/gnubin:${PATH}"
[[ -d "/opt/homebrew/opt/gnu-getopt/bin" ]] && export PATH="/opt/homebrew/opt/gnu-getopt/bin:${PATH}"
# get recipients for age file to encrypt with
get-recipients-list() {
local target="${1}"
local recipients=${2:-"-R" "$(pwd)/secrets/hostkeys/masterkey.pubkey"}
local search="${target}"
while true; do
if test -d "${search}.recipients"; then
for recip in $(ls ${search}.recipients) ; do
if test -n "${recip}"; then
recipients+=("-R" "${search}.recipients/${recip}")
fi
done
elif test -f "${search}.recipients"; then
recipients+=( "-R" "${search}.recipients")
fi
if test "$(realpath ${search})" == "$(realpath $(pwd))"; then
break
fi
search=$(dirname "${search}")
done
echo "${recipients[@]}"
}
gen-key() {
local keyname="${1}"
local working_directory="${2:-$(pwd)}"
mkdir -p "${working_directory}/secrets/hostkeys/"
echo "generating new keys for host ${keyname}";
age-keygen \
2> "${working_directory}/secrets/hostkeys/${keyname}.pubkey" \
| age -p --armor -e -o "${working_directory}/secrets/hostkeys/${keyname}.privkey"
sed -i 's/Public key: //' "${working_directory}/secrets/hostkeys/${keyname}.pubkey"
}
import-secret() {
# local stdin=$(</dev/stdin)
local working_directory="${3:-$(pwd)}"
local secret_path="${working_directory}/${2}"
if [[ "${1}" == "EMPTY" ]]; then
local data=$(</dev/stdin)
fi
local recipients_list=$(get-recipients-list "${secret_path}")
local dirname="$(dirname ${secret_path})"
local identity="${MASTERKEY_FILE:-secrets/hostkeys/masterkey.privkey}"
mkdir -p "${dirname}"
if [[ "${1}" == "EMPTY" ]]; then
echo -n ${data} | age $(sed -e "s/^\'//" -e "s/\'$//" <<<"${recipients_list[@]}") --encrypt --armor --output "${secret_path}"
else
age $(sed -e "s/^\'//" -e "s/\'$//" <<<"${recipients_list[@]}") --encrypt --armor --output "${secret_path}" "${working_directory}/${1}"
fi
}
edit-file() {
local current_umask=$(umask)
umask 177
local working_directory="${2:-$(pwd)}"
local secret_path="${working_directory}/${1}"
local tmp_path="$(mktemp -p ${TMPPATH})"
local recipients_list=$(get-recipients-list "${secret_path}")
local identity="${MASTERKEY_FILE:-$([[ -f "$(realpath "${working_directory}/secrets/hostkeys/masterkey.privkey")" ]] && echo -n "$(realpath "${working_directory}/secrets/hostkeys/masterkey.privkey")" || echo -n "/dev/stdin")}"
if test -e "${secret_path}"; then
set +e +o pipefail
age \
--decrypt \
--identity "${identity}" \
--output "${tmp_path}" \
"${secret_path}" || local decrypt_failed=true
set -e -o pipefail
else
# if file descriptor 0 is not a terminal, ie if /dev/stdin is a pipe
if [ ! -t 0 ]; then
cat "${identity}" > /dev/null
fi
fi
if [[ ! ${decrypt_failed:-} ]]; then
local mod_time_before=$(stat --format "%Y" "${tmp_path}")
${EDITOR} "${tmp_path}"
local mod_time_after=$(stat --format "%Y" "${tmp_path}")
if test "${mod_time_before}" != "${mod_time_after}"; then
echo "change detected, reencrypting file" > /dev/stderr
age $(sed -e "s/^\'//" -e "s/\'$//" <<<"${recipients_list[@]}") --encrypt --armor --output "${secret_path}" "${tmp_path}"
else
echo "no change detected, not reencrypting file" > /dev/stderr
fi
fi
rm "${tmp_path}"
umask ${current_umask}
}
reencrypt-all() {
local current_umask=$(umask)
umask 177
local working_directory="${2:-$(pwd)}"
local identity="${1:-/dev/stdin}"
local identity_file="$(mktemp -u -p ${TMPPATH})"
# make the identity file reuseable, in case it actually is /dev/stdin
umask 177
cat "${identity}" > "${identity_file}"
cd ${working_directory}
find "secrets" -type f -not -name "*\.recipients" \
| grep -v "^secrets/hostkeys/"| while read line; do
if ! grep -q "^-----BEGIN AGE ENCRYPTED FILE-----$" "${line}"; then
echo "skipping unecrypted file '${line}'"
continue
fi
local recipients=$(get-recipients-list "${line}")
echo "reencrypting '${line}' for recipients ${recipients[@]}"
local content="$(age --decrypt \
--identity "${identity_file}" \
"${line}" \
)" || {
echo "ERROR: failed decryption of '${line}'" > /dev/stderr
echo "aborting and leaving secrets store in an inconsistent state" > /dev/stderr
exit 2
}
if test $? -eq 0 ; then
echo -n "${content}" \
| age $(sed -e "s/^\'//" -e "s/\'$//" <<<"${recipients[@]}") \
--encrypt \
--armor \
--output "${line}"
fi
done
rm "${identity_file}"
umask ${current_umask}
echo "SUCCESS" > /dev/stderr
}
pass-import-key() {
local keyname="${1}"
local passbase="${2:-nixfiles/hostkeys}/${keyname}"
local working_directory="${3:-$(pwd)}"
local secretbase="${working_directory}/secrets/hostkeys/${keyname}"
if test ! -f "${secretbase}.privkey"; then
echo "missing private key file for key ${keyname}"
exit 1
elif test ! -f "${secretbase}.pubkey"; then
echo "missing public key file for key ${keyname}"
exit 1
fi
echo "importing the keyfiles for host ${keyname}"
echo "enter the password for the private key file"
pass insert "${passbase}.pw"
pass -c "${passbase}.pw"
echo "enter the password for the private key file again"
age -d "${secretbase}.privkey" | pass insert -m "${passbase}.privkey" > /dev/null
cat "${secretbase}.pubkey" | pass insert -m "${passbase}.pubkey" > /dev/null
echo "success"
}
help() {
echo "Usage: $(basename ${0}) <edit | gen-key | import | pass-import-key | reencrypt-all>"
echo ""
echo "Options:"
echo " edit"
echo " -f, --file relative path to the nixOS root directory to the file"
echo " -p, --path path to the root directory for the nixOS configuration files, defaults to \`pwd\`"
echo " gen-key"
echo " -k, --key keyname, usually the hostname (e.g. host-<hostname>)"
echo " -p, --path path to the root directory for the nixOS configuration files, defaults to \`pwd\`"
echo " import"
echo " -f, --file relative path to the nixOS root directory to the file which should be imported"
echo " Instead of using this option to reference a file, you can also pass the input via \`stdin\`"
echo " -o, --output relative path to the nixOS root directory where the encrypted secret will be stored"
echo " -p, --path path to the root directory for the nixOS configuration files, defaults to \`pwd\`"
echo " pass-import-key"
echo " -k, --key keyname, usually the hostname (e.g. host-<hostname>)"
echo " -b, --passbase base path in pass for stored secret, defaults to \`nixfiles/hostkeys\`"
echo " -p, --path path to the root directory for the nixOS configuration files, defaults to \`pwd\`"
echo " reencrypt-all"
echo " -i, --identity identity / age private key to DECRYPT the secret for reencryption"
echo " -p, --path path to the root directory for the nixOS configuration files, defaults to \`pwd\`"
}
# -allow a command to fail with !s side effect on errexit
# -use return value from ${PIPESTATUS[0]}, because ! hosed $?
! getopt --test > /dev/null
if [[ ${PIPESTATUS[0]} -ne 4 ]]; then
echo 'Im sorry, `getopt --test` failed in this environment.'
exit 1
fi
# option --output/-o requires 1 argument
OPTIONS=b:f:hi:k:o:p:
LONGOPTS=passbase:,file:,help,identity:,key:,output:,path:
# -regarding ! and PIPESTATUS see above
# -temporarily store output to be able to check for errors
# -activate quoting/enhanced mode (e.g. by writing out “--options”)
# -pass arguments only via -- "$@" to separate them correctly
! PARSED=$(getopt --options=${OPTIONS} --longoptions=${LONGOPTS} --name "$(basename ${0})" -- "${@:--h}")
if [[ ${PIPESTATUS[0]} -ne 0 ]]; then
# e.g. return value is 1
# then getopt has complained about wrong arguments to stdout
exit 2
fi
# read getopts output this way to handle the quoting right:
eval set -- "${PARSED}"
# now enjoy the options in order and nicely split until we see --
while true; do
case "${1}" in
-b|--passbase)
passbase="${2}"
shift 2
;;
-f|--file)
file="${2}"
shift 2
;;
-h|--help)
shift
help
exit
;;
-i|--identity)
identity="${2}"
shift 2
;;
-k|--key)
key="${2}"
shift 2
;;
-o|--output)
output="${2}"
shift 2
;;
-p|--path)
path="${2}"
shift 2
;;
--)
shift
break
;;
*)
echo "This option (${1}) does not exist. Exiting."
exit 3
;;
esac
done
# handle non-option arguments
if [[ ${#} -eq 1 ]]; then
while true; do
case "${1}" in
edit)
edit-file "${file:?Error, missing option \"-f\"}" "${path:-}"
shift
exit
;;
gen-key)
gen-key "${key:?Error, missing option \"-k\"}" "${path:-}"
shift
exit
;;
import)
import-secret "${file:-"EMPTY"}" "${output:?Error, missing option \"-o\"}" "${path:-}"
shift
exit
;;
pass-import-key)
pass-import-key "${key:?Error, missing option \"-k\"}" "${passbase:?Error, missing option \"-b\"}" "${path:-}"
shift
exit
;;
reencrypt-all)
reencrypt-all "${identity:?Error, missing option \"-i\"}" "${path:-}"
shift
exit
;;
*)
echo "Wrong sub command, use -h to print the help."
exit 4
;;
esac
done
else
echo "No sub command provided, use -h to print the help."
fi

12
dotfiles/local/bin/wsladdhypervroute Executable file
View file

@ -0,0 +1,12 @@
#!/usr/bin/env bash
#
# {{@@ header() @@}}
#
HYPER_V_SWITCH_ADDRESS=$(powershell.exe 'Get-NetIPAddress -ifAlias "vEthernet (Default Switch)" -AddressFamily IPv4 | Select -ExpandProperty IPAddress')
HYPER_V_SWITCH_ADDRESS="${HYPER_V_SWITCH_ADDRESS%.*}.0"
HYPER_V_SWITCH_PREFIX_LENGTH=$(echo "$(powershell.exe 'Get-NetIPAddress -ifAlias "vEthernet (Default Switch)" -AddressFamily IPv4 | Select -ExpandProperty PrefixLength')" | tr -d '\r')
WSL_SWITCH_ADDRESS=$( echo "$(powershell.exe 'Get-NetIPAddress -ifAlias "vEthernet (WSL)" -AddressFamily IPv4 | Select -ExpandProperty IPAddress')" | tr -d '\r')
sudo ip r add ${HYPER_V_SWITCH_ADDRESS}/${HYPER_V_SWITCH_PREFIX_LENGTH} via ${WSL_SWITCH_ADDRESS}

44
dotfiles/local/bin/wslenablehypervforwarding Executable file
View file

@ -0,0 +1,44 @@
#!/usr/bin/env bash
#
# This dotfile is managed using dotdrop
#
WINHOME="$(echo "$(cmd.exe /C "echo %USERPROFILE%")" | tr -d '\r')"
WINHOMEWSL="$(wslpath ${WINHOME})"
cat <<EOF > "${WINHOMEWSL}/enablewslhypervforwarding.ps1"
#at top of script
if (!
#current role
(New-Object Security.Principal.WindowsPrincipal(
[Security.Principal.WindowsIdentity]::GetCurrent()
#is admin?
)).IsInRole(
[Security.Principal.WindowsBuiltInRole]::Administrator
)
) {
#elevate script and exit current non-elevated runtime
Start-Process \`
-FilePath 'powershell' \`
-ArgumentList (
#flatten to single array
'-ExecutionPolicy', 'Bypass', \`
'-File', \$MyInvocation.MyCommand.Source, \$args \`
| %{ \$_ }
) \`
-Verb RunAs
exit
}
Set-NetIPInterface -ifAlias "vEthernet (Default Switch)" -Forwarding Enabled
Set-NetIPInterface -ifAlias "vEthernet (WSL)" -Forwarding Enabled
EOF
powershell.exe -ExecutionPolicy Bypass -File "${WINHOME}\\enablewslhypervforwarding.ps1"
sleep 3
powershell.exe -ExecutionPolicy Bypass "Get-NetIPInterface | select ifIndex,InterfaceAlias,AddressFamily,ConnectionState,Forwarding | Sort-Object -Property IfIndex | Format-Table"
rm ${WINHOMEWSL}/enablewslhypervforwarding.ps1

6
dotfiles/local/bin/wslshowhypervforwarding Executable file
View file

@ -0,0 +1,6 @@
#!/usr/bin/env bash
#
# This dotfile is managed using dotdrop
#
powershell.exe -ExecutionPolicy Bypass "Get-NetIPInterface | select ifIndex,InterfaceAlias,AddressFamily,ConnectionState,Forwarding | Sort-Object -Property IfIndex | Format-Table"