[dev] ddns; better ssh agent; riot sshl; sys.online; zsh hist import; DFS_DEBUG; cbd/cbds (#36)

* riot: bj1 -> proxy

* ci: test ask_for_yn

* --wip-- [skip ci]

* install.sh: will prompt version

* zshrc: piv-agent now can re-use agents

* zshrc: in docker use theme robbyrussell

* update.sh: will send online beacon

* beacon: support meta with limited len 64

* bug fix (Sat Jan 21 16:45:35 CST 2023)

* well, finally add ssh key for ltp1-bd

* set DFS_INITED and do not send login beacon if it was set

* rewrite piv-agent to sagent; fmt_note and fmt_into will write to stderr

* bug fix (Mon Jan 30 19:41:00 CST 2023)

* bug fix (Mon Jan 30 19:46:27 CST 2023)

* login beacon add details

* $DFS_ORPHAN turns logger off

* disable more beacons in CI

* install.sh: prepare config earlier

* init pbin

* install.sh: -H|--hist|--history

* install.sh: -H hint

* install.sh: -H support multiple keys

* fix zsh hist with no new line at the end

* remove ^M in hist

* bug fix (Wed Feb  1 21:11:41 CST 2023)

* bug fix (Wed Feb  1 21:16:29 CST 2023)

* bug fix (Wed Feb  1 21:20:21 CST 2023)

* ci will send gh.ci.fail

* show install opts

* DFS_DEBUG to set -x

* bug fix: install.sh re-start itself with no args incorrectly

* bug fix (Thu Feb  2 18:43:16 CST 2023)

* riot: ob->ebd, swap option $1 and $2 and $2 is default to ssh

* riot: introduce sshl

* logger.sh: support ddns

* bug fix (Wed Mar  1 16:37:42 CST 2023)

* dfs.ddns.failed -> dfs.ddns.fail

* login beacon 2>/dev/null

* logger.sh -> frigg-client.sh; curl add time limit 10s

* to-install.sh: improve docker-ce

* use $DFS_CURL_OPTIONS

* ci: add ddns

* bug fix (Wed Mar 15 19:37:21 CST 2023)

* Revert "bug fix (Wed Mar 15 19:37:21 CST 2023)"

This reverts commit 2df87ce1a8.

* Revert "ci: add ddns"

This reverts commit 4fe8321504.

* alias cbd and cbds, riot nasp port to 12022

* .zshrc: sagent -> sagt

* fix ci

* riot: bug fix when 'tmp' has leading zeros

* add ci for cbds

---------

Co-authored-by: xiongdian.me <xiongdian.me@bytedance.com>

.ssh/authorized_keys2

@@ -30,3 +30,5 @@ ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNvHya5i
 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC5gu+U4picxVvCNYjLlmxGLpJl7svj3LklO7jSpwqdrNxlE+/xkx07PJx76AbA77dDM1Dxmm/VOvVQCKTRLTgk= ip14/sep
 
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF52mPmbLEriZ+DfmrMHFtvg2kiO2JpRpitvs7PbJowh home0
+
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhS4voo3K/Dvzqckr0bouO1WkCI5XxswstHWnuuyKBz ltp1-bd

.update.sh

@@ -7,6 +7,15 @@ source "$THIS_DIR/tools/common.sh"
 DFS_UPDATED_RET=${DFS_UPDATED_RET:-0}
 DFS_UPDATE_CHANNEL=${DFS_UPDATE_CHANNEL:-"main"}
 
+# send beacon online
+apost_beacon "sys.online"
+
+# update dns
+if [[ "$DFS_DDNS_ENABLE" == "1" ]]; then
+    fmt_info "updating dns ..."
+    "$THIS_DIR/tools/frigg-client.sh" ddns || (fmt_error "failed to update dns" && apost_beacon "dfs.ddns.fail")
+fi
+
 # fetch origin
 cd $DOTFILES
 git fetch --all --prune
@@ -18,7 +27,7 @@ fi
 
 # get the specified commit id
 case $DFS_UPDATE_CHANNEL in
-    "main" ) DFS_COMMIT=$(curl -fsSL https://api.beardic.cn/get-var/dfs-commit-id) ;;
+    "main" ) DFS_COMMIT=$(curl $DFS_CURL_OPTIONS -fsSL https://api.beardic.cn/get-var/dfs-commit-id) ;;
     "dev" ) DFS_COMMIT=$(git rev-parse origin/dev 2> /dev/null) || DFS_COMMIT=$(git rev-parse origin/main) ;;
     "latest" ) DFS_COMMIT=$(git for-each-ref --sort=-committerdate refs/heads refs/remotes --format='%(objectname)' | head -n 1) ;;
     * ) fmt_fatal "invalid update channel: $DFS_UPDATE_CHANNEL" ;;

.zshrc2

@@ -79,7 +79,7 @@ done
 # select theme
 TMP_THEME=ys
 if [[ -e /.dockerenv ]]; then
-    TMP_THEME=blinks
+    TMP_THEME=robbyrussell
     echo "==========================="
     echo "This is in docker container"
     echo "==========================="
@@ -90,10 +90,12 @@ antigen apply
 # end of antigen config
 
 # beacon
-if [[ "$EUID" == "0" ]]; then
+if [[ -z "$DFS_INITED" && -z "$CI"  ]]; then
-    "$DOTFILES/tools/common.sh" apost_beacon "sys.login.root"
+    if [[ "$EUID" == "0" ]]; then
-else
+        "$DOTFILES/tools/common.sh" apost_beacon "sys.login.root" "$(who am i | sed -E 's/ +/ /g' | awk '$1=$1')" 2>/dev/null
-    "$DOTFILES/tools/common.sh" apost_beacon "sys.login.user"
+    else
+        "$DOTFILES/tools/common.sh" apost_beacon "sys.login.user" "$(who am i | sed -E 's/ +/ /g' | awk '$1=$1')" 2>/dev/null
+    fi
 fi
 
 # alias
@@ -102,6 +104,8 @@ alias "se"='sudo -sE'
 alias "pbd"='ping baidu.com'
 alias "p114"='ping 114.114.114.114'
 alias "p666"='ping6 2001:da8::666'
+alias "cbd"='curl http://www.baidu.com'
+alias "cbds"='curl https://www.baidu.com'
 alias "gdebug"='git add -A; git commit --allow-empty -m "bug fix ($(date))"'
 case $(bash "$DOTFILES/tools/common.sh" get_os_type) in
     macos  ) alias l='ls -lAGh -D "%y-%m-%d %H:%M"' ;;
@@ -111,24 +115,7 @@ if [[ -x $(command -v trash) ]]; then
     alias "rm"="echo use the full path i.e. '/bin/rm'\; consider using trash"
 fi
 gbes() { git for-each-ref --sort=-committerdate refs/heads refs/remotes --format="%(authordate:format:%y-%m-%d.%a %H:%M %z)|%(color:red)%(objectname:short)|%(color:yellow)%(refname:short)%(color:reset)|%(color:reset)%(authorname): %(color:green)%(subject)" --color=always | column -ts"|" | less -FX }
-piv-agent()
+sagt() { eval "$($DOTFILES/tools/sagent.sh $@)" }
-{
-    eval $(ssh-agent -k)
-    # they are: ubuntu, macos, respectively
-    local SO_PATHS=( "/usr/lib64/opensc-pkcs11.so" "/usr/local/lib/opensc-pkcs11.so" )
-    for i in ${SO_PATHS[*]}; do
-        if [[ -f "$i" ]]; then
-            echo "using: $i"
-            eval $(ssh-agent -P "$i")
-            ssh-add -s "$i"
-            echo "now available keys:"
-            ssh-add -l
-            return 0
-        fi
-    done
-    echo "opensc-pkcs11.so not found"
-    return 1
-}
 
 # key bindings
 bindkey "^b" beginning-of-line  # ctrl+b
@@ -182,10 +169,11 @@ dfs()
             echo 'Done. Please open a new shell to see the changes.'
             ;;
         log    ) "$DOTFILES/tools/common.sh" "post_log" "INFO" "dfs" "$2" ;;
-        beacon ) "$DOTFILES/tools/common.sh" "post_beacon" "$2" ;;
+        beacon ) "$DOTFILES/tools/common.sh" "post_beacon" "$2" "$3" ;;
         *      ) echo "unknown command \"$1\". available: update, force-update, version, reset, cd, log" ;;
     esac
 }
 
 # clean
 unset i
+export DFS_INITED=1

install.sh

@@ -109,6 +109,12 @@ prepare_config()
     echo
 }
 
+append_hist()
+{
+    fmt_note "appending zsh history ..."
+    "$DOTFILES/tools/append_zsh_hist.sh" "$@"
+}
+
 install_file_content()
 {
     fmt_note "installing file content ..."
@@ -249,7 +255,7 @@ install_update()
     RET=$?
     if [[ $RET == 85 ]]; then
         fmt_note "dfs updated. re-running install.sh ..."
-        "${DOTFILES}/install.sh" "$@" && exit
+        "${DOTFILES}/install.sh" "${ORIGIN_ARGS[@]}" && exit
     elif [[ $RET != 0 ]]; then
         fmt_fatal "update.sh failed with exit code $RET"
     fi
@@ -265,9 +271,9 @@ uninstall_update()
 install()
 {
     if [[ "$INSTALL_DEP" == "1" ]]; then install_dependencies; fi
+    prepare_config
     install_update
     preinstall_check
-    prepare_config
     install_crontab
     install_file_content
     install_symlink
@@ -275,6 +281,7 @@ install()
     # those that won't be uninstalled in the future
     install_tmux_tpm
     install_vim_vundle
+    if [[ -n "$DFS_HIST" ]]; then append_hist "$DFS_HIST"; fi
     fmt_note "done installing!"
 }
 
@@ -292,21 +299,30 @@ uninstall()
     fmt_note "done uninstalling!"
 }
 
+echo "this is the dotfiles installer, version $(cd "$DOTFILES" && git describe --tags --always --dirty)"
+echo "install options:" "${GOT_OPTS[@]}"
 FUNC=install
 INSTALL_DEP=0
 store_config=0
+store_hist=0
 for i in ${GOT_OPTS[@]}; do
     if [[ "$store_config" == "1" ]]; then
         store_config=0
         DFS_CONFIGS+=("$i")
         continue
     fi
+    if [[ "$store_hist" == "1" ]]; then
+        store_hist=0
+        DFS_HIST=$i
+        continue
+    fi
     case $i in
         -i ) FUNC=install ;;
         -r ) FUNC=uninstall ;;
         -d|--dev ) export DFS_DEV=1; set -x ;;
         -a|--auto ) INSTALL_DEP=1 ;;
         -s|--secure ) export DFS_DEV=0 ;;
+        -H|--hist|--history ) store_hist=1 ;;
         -x ) store_config=1 ;;
         * ) fmt_fatal "unknown option \"$i\"" ;;
     esac

scripts/pbin

@@ -0,0 +1,44 @@
+#!/bin/bash
+set -e
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+source "$THIS_DIR/../tools/common.sh"
+
+get()
+{
+    local key=$1
+    if [[ -z "$key" ]]; then
+        fmt_fatal "missing key"
+    fi
+    local output=${2:-/dev/stdout}
+    local url="https://pastebin.com/raw/$key"
+    curl -fsSL "$url" > "$output"
+}
+
+put()
+{
+    local input=${1:-/dev/stdin}
+    (echo -n api_paste_code=; cat "$input") | curl -fsSL -X POST -d 'api_dev_key=SKZLfq9y_zW2hkgQOKZz1b5rw8hGiqxZ' -d 'api_option=paste' --data-binary @- "https://pastebin.com/api/api_post.php"
+}
+
+route()
+{
+    local cmd=$1
+    if [[ -z "$cmd" ]]; then
+        put
+        exit
+    else
+        shift
+    fi
+    case $cmd in
+        get )
+            get "$@"
+            ;;
+        put )
+            put "$@"
+            ;;
+        * )
+            fmt_fatal "unknown command: $cmd"
+    esac
+}
+
+route "${GOT_OPTS[@]}"

scripts/riot

@@ -17,27 +17,22 @@ get_server_meta()
         domain=""
     fi
     case $domain in
-        ibd )
+        ibd|ebd )
-            SERVER=$host.ibd.ink
+            SERVER=$host.$domain.ink
             PORT=12022
             SSH_USERNAME=root
             ;;
-        ob )
-            SERVER=$host.ob.ac.cn
-            PORT=24022
-            SSH_USERNAME=root
-            ;;
         nasp )
             SERVER=$host
-            PORT=22
+            PORT=12022
             SSH_USERNAME=dictxiong
             SSH_OPTIONS='-o ProxyJump="ssh@nasp.ob.ac.cn:36022"'
             ;;
         "" )
-            SERVER=bj1.ob.ac.cn
+            SERVER=proxy.beardic.cn
             local tmp=$(sha256sum <<< "$host" | tr -cd "[:digit:]")
             tmp=${tmp:0:4}
-            PORT=$((tmp+36000))
+            PORT=$((10#$tmp+36000))
             SSH_USERNAME=root
             ;;
         * )
@@ -46,33 +41,59 @@ get_server_meta()
 }
 
 # ssh
-_ssh()
+run_ssh()
 {
-    get_server_meta "$1"
+    CMD="ssh -p $PORT $SSH_OPTIONS $SSH_USERNAME@$SERVER"
-    fmt_note "--> ssh to $SERVER:$PORT"
+    fmt_note "-->" $CMD
-    eval ssh -p $PORT $SSH_OPTIONS $SSH_USERNAME@$SERVER
+    eval $CMD
+}
+
+# sshl
+run_sshl()
+{
+    if [[ -z "$1" || "$1" != *":"* ]]; then
+        fmt_fatal "invalid remote address: $1"
+    fi
+    while
+        local port=$(shuf -n 1 -i 49152-65535)
+        netstat -atun | grep -q "$port"
+    do
+        continue
+    done
+    CMD="ssh -p $PORT $SSH_OPTIONS -NC -L $port:$1 $SSH_USERNAME@$SERVER"
+    fmt_note "-->" $CMD
+    fmt_note "  > please access localhost:$port"
+    eval $CMD
 }
 
 # main
 print_help()
 {
-    fmt_info "usage: $0 <command> <service> [options]"
+    fmt_info "usage: $0 <service> [command] [options]"
-    echo "available commands: ssh"
+    echo "available commands: ssh (default), sshl (ssh -L)"
 }
 
 router()
 {
-    test $# -eq 2 || (print_help && fmt_fatal "invalid arguments")
+    if [[ -z "$1" || "$1" == "-h" || "$1" == "--help" ]]; then
-    case $1 in
+        print_help
+        exit
+    fi
+    get_server_meta "$1"
+    case $2 in
         -h|--help)
             print_help
+            exit
             ;;
-        ssh )
+        ssh|"" )
-            _ssh "$2"
+            run_ssh
+            ;;
+        sshl )
+            run_sshl "$3"
             ;;
         * )
             print_help
-            fmt_fatal "unknown command: $1"
+            fmt_fatal "unknown command: $2"
             ;;
     esac
 }

tools/append_zsh_hist.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+source "$THIS_DIR/common.sh"
+
+zsh_hist_file="$HOME/.zsh_history"
+
+do_append()
+{
+    timestamp=$(date +%s)
+    while read -r line; do
+        if [[ -n "$line" ]]; then
+            echo ": $timestamp:0;$line" >> "$zsh_hist_file"
+        fi
+    done
+}
+
+main()
+{
+    key=$1
+    if [[ -z "$key" ]]; then
+        fmt_fatal "missing key"
+    fi
+    IFS=',' read -r -a keys<<<"$key"
+    for k in "${keys[@]}";do
+        if [[ -z "$k" ]]; then
+            continue
+        fi
+        (curl -fsSL "https://pastebin.com/raw/$k" && echo) | sed 's/\r//' | do_append
+    done
+}
+
+main "${GOT_OPTS[@]}"

tools/common.sh

@@ -3,8 +3,11 @@ set -e
 THIS_DIR_COMMON_SH=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
 export DOTFILES=$( cd "$THIS_DIR_COMMON_SH/.." && pwd )
 if [[ -f ~/.config/dotfiles/env ]]; then set -a; source ~/.config/dotfiles/env; set +a; fi
+if [[ "$DFS_DEBUG" == "1" ]]; then set -x; fi
+DFS_CURL_OPTIONS="--retry 2 --max-time 20"
 
 # parse args and set env, when it is sourced
+# todo: make this skipable
 if [[ "${BASH_SOURCE[0]}" != "${0}" ]]; then
     ORIGIN_ARGS=("$@")
     ARG=""
@@ -29,7 +32,7 @@ if [[ "${BASH_SOURCE[0]}" != "${0}" ]]; then
     done
     set -- "${ORIGIN_ARGS[@]}"
     unset ARG
-    unset ORIGIN_ARGS
+    # outputs: GOT_OPTS and ORIGIN_ARGS
 fi
 
 # Color settings
@@ -74,11 +77,11 @@ fmt_warning() {
 }
 
 fmt_info() {
-    printf '%sinfo: %s\n' "${FMT_RESET}" "$*" >&1
+    printf '%sinfo: %s\n' "${FMT_RESET}" "$*" >&2
 }
 
 fmt_note() {
-    printf '%s%s%s\n' "${FMT_GREEN}" "$*" "${FMT_RESET}" >&1
+    printf '%s%s%s\n' "${FMT_GREEN}" "$*" "${FMT_RESET}" >&2
 }
 
 setup_color() {
@@ -163,7 +166,7 @@ post_log()
     if [[ $# != 3 || -z "$1" || -z "$2" || -z "$3" ]]; then
         fmt_fatal "usage: post_log <level> <section> <content>"
     fi
-    "${DOTFILES}/tools/logger.sh" "log" "[$1][$2] $3"
+    "${DOTFILES}/tools/frigg-client.sh" "log" "[$1][$2] $3"
 }
 
 apost_log()
@@ -173,10 +176,10 @@ apost_log()
 
 post_beacon()
 {
-    if [[ $# != 1 || -z "$1" ]]; then
+    if [[ $# < 1 || -z "$1" ]]; then
         fmt_fatal "usage: post_beacon <beacon>"
     fi
-    "${DOTFILES}/tools/logger.sh" "beacon" "$1"
+    "${DOTFILES}/tools/frigg-client.sh" "beacon" "$1" "$2"
 }
 
 apost_beacon()

tools/frigg-client.sh

@@ -0,0 +1,165 @@
+#!/bin/bash
+
+set -e
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+source "$THIS_DIR/common.sh"
+
+if [[ "$DFS_ORPHAN" == "1" ]]; then
+    exit 0
+fi
+
+if [[ -n "$DFS_HOSTNAME" ]]; then
+    hostname=$DFS_HOSTNAME
+elif [[ -x $(command -v hostname) ]]; then
+    hostname=$(hostname)
+elif [[ -x $(command -v uname) ]]; then
+    hostname=$(uname -n)
+elif [[ -x $(command -v hostnamectl) ]]; then
+    hostname=$(hostnamectl --static)
+elif [[ -n "$HOSTNAME" ]]; then
+    hostname=$HOSTNAME
+elif [[ -f /proc/sys/kernel/hostname ]]; then
+    hostname=$(cat /proc/sys/kernel/hostname)
+elif [[ -f /etc/hostname ]]; then
+    hostname=$(cat /etc/hostname)
+else
+    fmt_fatal "unable to get hostname"
+fi
+
+init_uuid()
+{
+    if  [[ -f ~/.config/dotfiles/uuid ]]; then
+        uuid=$(cat ~/.config/dotfiles/uuid)
+    else
+        if [[ -x $(command -v uuidgen) ]]; then
+            uuid=$(uuidgen)
+        elif [[ -f /proc/sys/kernel/random/uuid ]]; then
+            uuid=$(cat /proc/sys/kernel/random/uuid)
+        else
+            fmt_fatal "unable to generate uuid"
+        fi
+        mkdir -p ~/.config/dotfiles
+        echo "$uuid" > ~/.config/dotfiles/uuid
+    fi
+}
+
+handle_resp()
+{
+    local resp="$1"
+    if grep -q "200" <<< "$resp"; then
+        echo $resp
+    elif grep -q "403" <<< "$resp"; then
+        echo $resp >&2
+        fmt_error "error accessing api: authentification failed"
+        fmt_info "try to register you hostname and uuid"
+        fmt_info "hostname: $hostname"
+        fmt_info "uuid: $uuid"
+    else
+        echo $resp >&2
+        fmt_fatal "server returned an error"
+        # here return 1 because this is not expected
+    fi
+}
+
+post_beacon()
+{
+    local beacon_type=$1
+    local meta=$2
+    if [[ -n "$CI" && "$beacon_type" != "gh.ci" && "$beacon_type" != "dfs.invalid-commit" && "$beacon_type" != "dfs.dirty" ]]; then
+        return
+    fi
+    if [[ -z "$beacon_type" ]]; then
+        fmt_fatal "beacon type is required"
+    fi
+    resp=$(curl $DFS_CURL_OPTIONS -sSL -X POST -H "Content-Type: text/plain" -d "$meta" "https://api.beardic.cn/post-beacon?hostname=$hostname&beacon=$beacon_type")
+    handle_resp "$resp"
+}
+
+post_log()
+{
+    local log_content=$1
+    if [[ -z "$log_content" ]]; then
+        fmt_fatal "log content is required"
+    fi
+    init_uuid
+    resp=$(curl $DFS_CURL_OPTIONS -sSL -X POST -H "Content-Type: text/plain" -d "$log_content" "https://api.beardic.cn/post-log?hostname=$hostname&uuid=$uuid")
+    handle_resp "$resp"
+}
+
+update_dns()
+{
+    if [[ -z "$DFS_DDNS_IP4$DFS_DDNS_IP6" ]]; then
+        fmt_fatal "neither DFS_DDNS_IP4 nor DFS_DDNS_IP6 is configured"
+    fi
+    if [[ "$DFS_DDNS_IP4$DFS_DDNS_IP6" == "autoauto" ]]; then
+        fmt_fatal "DFS_DDNS_IP4 and DFS_DDNS_IP6 cannot both be auto"
+    fi
+    init_uuid
+    local ip4
+    local ip6
+    local api_url="https://api.beardic.cn"
+    # get ip4
+    if [[ -z "$DFS_DDNS_IP4" ]]; then
+        ip4=""
+    elif [[ "$DFS_DDNS_IP4" == "auto" ]]; then
+        ip4="auto"
+    elif [[ "$DFS_DDNS_IP4" == "api" ]]; then
+        ip4=$(curl $DFS_CURL_OPTIONS -sSL "https://api.ipify.org")
+    elif [[ "$DFS_DDNS_IP4" == "http"* ]]; then
+        ip4=$(curl $DFS_CURL_OPTIONS -sSL "$DFS_DDNS_IP4")
+    else
+        ip4=$(ip a show $DFS_DDNS_IP4 | grep inet | grep global | awk '/inet / {print $2}' |  awk -F'[/]' '{print $1}')
+    fi
+    if [[ -n "$DFS_DDNS_IP4" && -z "$ip4" ]]; then
+        fmt_fatal "failed getting ip4 address"
+    fi
+    # get ip6
+    if [[ -z "$DFS_DDNS_IP6" ]]; then
+        ip6=""
+    elif [[ "$DFS_DDNS_IP6" == "auto" ]]; then
+        ip6="auto"
+        api_url="https://api6.beardic.cn"
+    elif [[ "$DFS_DDNS_IP6" == "api" ]]; then
+        ip6=$(curl $DFS_CURL_OPTIONS -sSL "https://api6.ipify.org")
+    elif [[ "$DFS_DDNS_IP6" == "http"* ]]; then
+        ip6=$(curl $DFS_CURL_OPTIONS -sSL "$DFS_DDNS_IP6")
+    else
+        ip6=$(ip a show $DFS_DDNS_IP6 | grep inet6 | grep global | awk '/inet6 / {print $2}' |  awk -F'[/]' '{print $1}')
+    fi
+    if [[ -n "$DFS_DDNS_IP6" && -z "$ip6" ]]; then
+        fmt_fatal "failed getting ip6 address"
+    fi
+    # update dns
+    fmt_note "updating dns record for $hostname with ip4=$ip4 ip6=$ip6"
+    resp=$(curl $DFS_CURL_OPTIONS -sSL "$api_url/update-dns?hostname=$hostname&uuid=$uuid&ip4=$ip4&ip6=$ip6")
+    handle_resp "$resp"
+}
+
+print_help()
+{
+    fmt_info "usage: $0 <beacon|log|ddns> [beacon_type|log_content]"
+}
+
+router()
+{
+    case "$1" in
+        -h|--help)
+            print_help
+            ;;
+        beacon)
+            post_beacon "$2" "$3"
+            ;;
+        log)
+            post_log "$2"
+            ;;
+        ddns)
+            update_dns
+            ;;
+        *)
+            print_help
+            fmt_fatal "invalid argument"
+            ;;
+    esac
+}
+
+router "${GOT_OPTS[@]}"

tools/get.dotfiles.cn

@@ -45,6 +45,7 @@ for u in "${DFS_USERS[@]}";do
     echo "install for user $u in 3 seconds ..."
     sleep 3
     $SUCMD<<EOF
+set -e
 cd
 if [[ ! -f ~/dotfiles/install.sh ]];then
     git clone ${repo}

tools/logger.sh

@@ -1,105 +0,0 @@
-#!/bin/bash
-
-set -e
-THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
-source "$THIS_DIR/common.sh"
-
-if [[ -x $(command -v hostname) ]]; then
-    hostname=$(hostname)
-elif [[ -x $(command -v uname) ]]; then
-    hostname=$(uname -n)
-elif [[ -x $(command -v hostnamectl) ]]; then
-    hostname=$(hostnamectl --static)
-elif [[ -n "$HOSTNAME" ]]; then
-    hostname=$HOSTNAME
-elif [[ -f /proc/sys/kernel/hostname ]]; then
-    hostname=$(cat /proc/sys/kernel/hostname)
-elif [[ -f /etc/hostname ]]; then
-    hostname=$(cat /etc/hostname)
-else
-    fmt_fatal "unable to get hostname"
-fi
-
-init_uuid()
-{
-    if  [[ -f ~/.config/dotfiles/uuid ]]; then
-        uuid=$(cat ~/.config/dotfiles/uuid)
-    else
-        if [[ -x $(command -v uuidgen) ]]; then
-            uuid=$(uuidgen)
-        elif [[ -f /proc/sys/kernel/random/uuid ]]; then
-            uuid=$(cat /proc/sys/kernel/random/uuid)
-        else
-            fmt_fatal "unable to generate uuid"
-        fi
-        mkdir -p ~/.config/dotfiles
-        echo "$uuid" > ~/.config/dotfiles/uuid
-    fi
-}
-
-post_beacon()
-{
-    local beacon_type=$1
-    if [[ -z "$beacon_type" ]]; then
-        fmt_fatal "beacon type is required"
-    fi
-    resp=$(curl -sSL -X POST "https://api.beardic.cn/post-beacon?hostname=$hostname&beacon=$beacon_type")
-    if grep -q "200" <<< "$resp"; then
-        echo $resp
-    else
-        echo $resp >&2
-        fmt_fatal "error posting beacon"
-    fi
-}
-
-post_log()
-{
-    local log_content=$1
-    if [[ -z "$log_content" ]]; then
-        fmt_fatal "log content is required"
-    fi
-    init_uuid
-    resp=$(curl -sSL -X POST -H "Content-Type: text/plain" -d "$1" "https://api.beardic.cn/post-log?hostname=$hostname&uuid=$uuid")
-    if grep -q "200" <<< "$resp"; then
-        echo $resp
-    elif grep -q "403" <<< "$resp"; then
-        echo $resp >&2
-        fmt_error "error posting log: authentification failed"
-        fmt_info "try to register you hostname and uuid"
-        fmt_info "hostname: $hostname"
-        fmt_info "uuid: $uuid"
-    else
-        echo $resp >&2
-        fmt_fatal "error posting log"
-    fi
-}
-
-print_help()
-{
-    fmt_info "usage: $0 <beacon|log> <beacon_type|log_content>"
-}
-
-router()
-{
-    if [[ $# != 2 ]]; then
-        print_help >&2
-        exit 1
-    fi
-
-    case "$1" in
-        -h|--help)
-            fmt_info "usage: $0 <beacon|log> <beacon_type|log_content>"
-            ;;
-        beacon)
-            post_beacon "$2"
-            ;;
-        log)
-            post_log "$2"
-            ;;
-        *)
-            fmt_fatal "invalid argument"
-            ;;
-    esac
-}
-
-router "${GOT_OPTS[@]}"

tools/sagent.sh

@@ -0,0 +1,105 @@
+#!/bin/bash
+set -e
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+export DFS_COLOR=1
+source "$THIS_DIR/common.sh"
+
+
+find_so_file()
+{
+    local SO_PATHS=( "/usr/lib64/opensc-pkcs11.so" "/usr/local/lib/opensc-pkcs11.so" )
+    local SO_FILE
+    for SO_FILE in ${SO_PATHS[*]}; do
+        if [[ -f "$SO_FILE" ]]; then
+            echo "$SO_FILE"
+            return
+        fi
+    done
+}
+
+create_agent()
+{
+    local SO_FILE=$(find_so_file)
+    if [[ -n "$SO_FILE" ]]; then
+        fmt_note "opensc-pkcs11.so found"
+        SO_FILE="-P $SO_FILE"
+    fi
+    ssh-agent $SO_FILE
+}
+
+kill_agent()
+{
+    if pgrep -x ssh-agent > /dev/null; then
+        fmt_note "killing existing agent"
+        pkill -9 -x ssh-agent
+    fi
+}
+
+add_piv()
+{
+    local SO_FILE=$(find_so_file)
+    if [[ -n "$SO_FILE" ]]; then
+        echo ssh-add -s \"$SO_FILE\"
+    else
+        fmt_error "opensc-pkcs11.so not found"
+    fi
+    list
+}
+
+list()
+{
+    echo echo "available keys:"
+    echo ssh-add -l
+}
+
+reset()
+{
+    kill_agent
+    all
+}
+
+all()
+{
+    local agent_file="/tmp/piv-agent-$(whoami)"
+    if [[ -f $agent_file ]]; then
+        source $agent_file > /dev/null
+    else
+        touch $agent_file
+        chmod 600 $agent_file
+    fi
+    if ! ps -p "$SSH_AGENT_PID" 1>/dev/null 2>&1; then
+        kill_agent
+        fmt_note "launching a new agent"
+        create_agent | tee $agent_file
+    else
+        fmt_note "using existing agent: $SSH_AGENT_PID"
+        cat $agent_file
+    fi
+}
+
+route()
+{
+    if [[ $# -eq 0 ]]; then
+        all
+        return
+    fi
+    case $1 in
+        kill)
+            kill_agent
+            ;;
+        piv)
+            add_piv
+            ;;
+        reset)
+            reset
+            ;;
+        list|ls)
+            list
+            ;;
+        *)
+            fmt_error "unknown command: $1"
+            ;;
+    esac
+}
+
+route "$@"

tools/test.zsh

@@ -1,6 +1,7 @@
 #!/bin/false "This script should be sourced in zsh, not executed directly"
 
 set -ex
+trap "dfs beacon gh.ci.fail" ERR
 
 # check files
 cd /
@@ -17,20 +18,26 @@ grep -q ".zshrc2" ~/.zshrc
 # check scripts and functions
 dfs version
 dfs log 1
-dfs beacon gh.ci
+dfs beacon gh.ci $GITHUB_SHA
 z ~
 test ~ -ef "$(pwd)"
 dogo
 doll
 dfs cd
-./tools/test-getopts.sh
+tools/test-getopts.sh
-tools/common.sh get_os_type
+tools/common.sh get_os_name
-tools/common.sh get_linux_dist
+test $(echo y | tools/common.sh ask_for_yN "test") = "1"
+test $(echo n | tools/common.sh ask_for_yN "test") = "0"
+test $(echo | tools/common.sh ask_for_yN "test") = "0"
+test $(echo | tools/common.sh ask_for_Yn "test") = "1"
+test $(DFS_QUIET=1 tools/common.sh ask_for_Yn "test") = "1"
 
 # check alias
 alias p114
+alias cbds
 which riot
-piv-agent || which piv-agent
+sagt
+test -f "/tmp/piv-agent-$(whoami)"
 gbes || which gbes
 
 # check update
@@ -43,9 +50,11 @@ test `git rev-parse HEAD` = `curl -fsSL https://api.beardic.cn/get-var/dfs-commi
 git reset --hard $DFS_VERSION
 
 # then check install.sh
-./install.sh -dx DFS_CI=1
+./install.sh -dx DFS_CI=1 -H e153a2eL,f8At3iFw
-grep -q "DFS_CI=1" ~/.config/dotfiles/env
+grep -qE "testhist 1$" ~/.zsh_history
-./install.sh -l -x DFS_CI=1
+grep -qE "testhist 4$" ~/.zsh_history
+grep -qx "DFS_CI=1" ~/.config/dotfiles/env
+./install.sh -l
 dfs version
 test `git rev-parse HEAD` = `curl -fsSL https://api.beardic.cn/get-var/dfs-commit-id`
 

tools/to-install.sh

@@ -9,7 +9,7 @@ INSTALL_COMMANDS=(\
     [oh-my-tuna]='wget https://tuna.moe/oh-my-tuna/oh-my-tuna.py && sudo python oh-my-tuna.py --global' \
     [v2fly]="bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh) #--remove" \
     [zerotier-one]='curl -s https://install.zerotier.com | sudo bash' \
-    [docker-ce]='curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh #--mirror Aliyun #--dry-run' \
+    [docker-ce]='curl -fsSL https://get.docker.com | sudo bash -s - --mirror Aliyun #--dry-run' \
     [lemonbench]='curl -fsSL https://ilemonra.in/LemonBenchIntl | bash -s fast # or full' \
 )
 

tools/ubuntu.sh

@@ -17,7 +17,7 @@ apt_install()
     apt-get install -y git zsh bash tmux vim curl inetutils-ping less bsdmainutils
     # full
     if [[ -z "$DFS_LITE" || "$DFS_LITE" == "0" ]]; then
-        apt-get install wget dialog net-tools dnsutils netcat traceroute sudo python3 python3-pip cron openssh-client openssh-server htop gcc g++ cmake make zip
+        apt-get install -y wget dialog net-tools dnsutils netcat traceroute sudo python3 python3-pip cron openssh-client openssh-server htop gcc g++ cmake make zip
         for i in {fzf,ripgrep,man-db}; do apt-get install -y $i; done
     fi
 }