├── .github └── FUNDING.yml ├── LICENSE ├── README.md ├── ansible.cheat ├── bitwarden.cheat ├── chezmoi.cheat ├── chrt.cheat ├── cloud ├── az.cheat ├── az_aks.cheat ├── az_apim.cheat ├── az_network_dns.cheat ├── az_sp.cheat ├── az_storage.cheat └── gcloud.cheat ├── distros ├── pacman.cheat └── zypper.cheat ├── docker.cheat ├── ffmpeg.cheat ├── fswatch.cheat ├── fuser.cheat ├── git ├── gh.cheat ├── git.cheat └── glab.cheat ├── gitguardian.cheat ├── gnome.cheat ├── gpg.cheat ├── helm.cheat ├── kubernetes ├── k8s.cheat ├── k8s_nodes.cheat ├── k8s_ns.cheat ├── k8s_pvc.cheat ├── k8s_rancher.cheat ├── k8s_secrets-cm.cheat └── k8s_workload.cheat ├── lsfd.cheat ├── lsns.cheat ├── navi_sync_repos.sh ├── networking ├── dig.cheat ├── ss.cheat ├── ssh.cheat └── ssl.cheat ├── nix ├── nix-env.cheat ├── nix_flake.cheat └── nixos.cheat ├── obsidian.cheat ├── rancher-cli.cheat ├── restic.cheat ├── salt.cheat ├── utils ├── awk.cheat ├── disk.cheat ├── du.cheat ├── find.cheat ├── grep.cheat ├── head.cheat ├── ip.cheat ├── loginctl.cheat ├── lsof.cheat ├── scp.cheat ├── sed.cheat ├── system.cheat ├── systemctl.cheat ├── tar.cheat ├── time.cheat └── wc.cheat ├── velero.cheat └── windows └── windows.cheat /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | github: papanito 3 | ko_fi: papanito 4 | patreon: papanito -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Creative Commons Legal Code 2 | 3 | CC0 1.0 Universal 4 | 5 | CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE 6 | LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN 7 | ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS 8 | INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES 9 | REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS 10 | PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM 11 | THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED 12 | HEREUNDER. 13 | 14 | Statement of Purpose 15 | 16 | The laws of most jurisdictions throughout the world automatically confer 17 | exclusive Copyright and Related Rights (defined below) upon the creator 18 | and subsequent owner(s) (each and all, an "owner") of an original work of 19 | authorship and/or a database (each, a "Work"). 20 | 21 | Certain owners wish to permanently relinquish those rights to a Work for 22 | the purpose of contributing to a commons of creative, cultural and 23 | scientific works ("Commons") that the public can reliably and without fear 24 | of later claims of infringement build upon, modify, incorporate in other 25 | works, reuse and redistribute as freely as possible in any form whatsoever 26 | and for any purposes, including without limitation commercial purposes. 27 | These owners may contribute to the Commons to promote the ideal of a free 28 | culture and the further production of creative, cultural and scientific 29 | works, or to gain reputation or greater distribution for their Work in 30 | part through the use and efforts of others. 31 | 32 | For these and/or other purposes and motivations, and without any 33 | expectation of additional consideration or compensation, the person 34 | associating CC0 with a Work (the "Affirmer"), to the extent that he or she 35 | is an owner of Copyright and Related Rights in the Work, voluntarily 36 | elects to apply CC0 to the Work and publicly distribute the Work under its 37 | terms, with knowledge of his or her Copyright and Related Rights in the 38 | Work and the meaning and intended legal effect of CC0 on those rights. 39 | 40 | 1. Copyright and Related Rights. A Work made available under CC0 may be 41 | protected by copyright and related or neighboring rights ("Copyright and 42 | Related Rights"). Copyright and Related Rights include, but are not 43 | limited to, the following: 44 | 45 | i. the right to reproduce, adapt, distribute, perform, display, 46 | communicate, and translate a Work; 47 | ii. moral rights retained by the original author(s) and/or performer(s); 48 | iii. publicity and privacy rights pertaining to a person's image or 49 | likeness depicted in a Work; 50 | iv. rights protecting against unfair competition in regards to a Work, 51 | subject to the limitations in paragraph 4(a), below; 52 | v. rights protecting the extraction, dissemination, use and reuse of data 53 | in a Work; 54 | vi. database rights (such as those arising under Directive 96/9/EC of the 55 | European Parliament and of the Council of 11 March 1996 on the legal 56 | protection of databases, and under any national implementation 57 | thereof, including any amended or successor version of such 58 | directive); and 59 | vii. other similar, equivalent or corresponding rights throughout the 60 | world based on applicable law or treaty, and any national 61 | implementations thereof. 62 | 63 | 2. Waiver. To the greatest extent permitted by, but not in contravention 64 | of, applicable law, Affirmer hereby overtly, fully, permanently, 65 | irrevocably and unconditionally waives, abandons, and surrenders all of 66 | Affirmer's Copyright and Related Rights and associated claims and causes 67 | of action, whether now known or unknown (including existing as well as 68 | future claims and causes of action), in the Work (i) in all territories 69 | worldwide, (ii) for the maximum duration provided by applicable law or 70 | treaty (including future time extensions), (iii) in any current or future 71 | medium and for any number of copies, and (iv) for any purpose whatsoever, 72 | including without limitation commercial, advertising or promotional 73 | purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each 74 | member of the public at large and to the detriment of Affirmer's heirs and 75 | successors, fully intending that such Waiver shall not be subject to 76 | revocation, rescission, cancellation, termination, or any other legal or 77 | equitable action to disrupt the quiet enjoyment of the Work by the public 78 | as contemplated by Affirmer's express Statement of Purpose. 79 | 80 | 3. Public License Fallback. Should any part of the Waiver for any reason 81 | be judged legally invalid or ineffective under applicable law, then the 82 | Waiver shall be preserved to the maximum extent permitted taking into 83 | account Affirmer's express Statement of Purpose. In addition, to the 84 | extent the Waiver is so judged Affirmer hereby grants to each affected 85 | person a royalty-free, non transferable, non sublicensable, non exclusive, 86 | irrevocable and unconditional license to exercise Affirmer's Copyright and 87 | Related Rights in the Work (i) in all territories worldwide, (ii) for the 88 | maximum duration provided by applicable law or treaty (including future 89 | time extensions), (iii) in any current or future medium and for any number 90 | of copies, and (iv) for any purpose whatsoever, including without 91 | limitation commercial, advertising or promotional purposes (the 92 | "License"). The License shall be deemed effective as of the date CC0 was 93 | applied by Affirmer to the Work. Should any part of the License for any 94 | reason be judged legally invalid or ineffective under applicable law, such 95 | partial invalidity or ineffectiveness shall not invalidate the remainder 96 | of the License, and in such case Affirmer hereby affirms that he or she 97 | will not (i) exercise any of his or her remaining Copyright and Related 98 | Rights in the Work or (ii) assert any associated claims and causes of 99 | action with respect to the Work, in either case contrary to Affirmer's 100 | express Statement of Purpose. 101 | 102 | 4. Limitations and Disclaimers. 103 | 104 | a. No trademark or patent rights held by Affirmer are waived, abandoned, 105 | surrendered, licensed or otherwise affected by this document. 106 | b. Affirmer offers the Work as-is and makes no representations or 107 | warranties of any kind concerning the Work, express, implied, 108 | statutory or otherwise, including without limitation warranties of 109 | title, merchantability, fitness for a particular purpose, non 110 | infringement, or the absence of latent or other defects, accuracy, or 111 | the present or absence of errors, whether or not discoverable, all to 112 | the greatest extent permissible under applicable law. 113 | c. Affirmer disclaims responsibility for clearing rights of other persons 114 | that may apply to the Work or any use thereof, including without 115 | limitation any person's Copyright and Related Rights in the Work. 116 | Further, Affirmer disclaims responsibility for obtaining any necessary 117 | consents, permissions or other rights required for any use of the 118 | Work. 119 | d. Affirmer understands and acknowledges that Creative Commons is not a 120 | party to this document and has no duty or obligation with respect to 121 | this CC0 or use of the Work. 122 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Cheatsheets for [navi](https://github.com/denisidoro/navi) 2 | 3 | This is my personal extension to the defaults provided by [navi]. 4 | 5 | > In order to add your own repository as a featured cheatsheet repo, please [edit this file](https://github.com/denisidoro/cheats/edit/master/featured_repos.txt). This list will be displayed when `navi repo browse` is run. 6 | -------------------------------------------------------------------------------- /ansible.cheat: -------------------------------------------------------------------------------- 1 | % ansible 2 | 3 | # Show decrypted string which was encrypted with vault 4 | ansible -m debug -a 'var=' -------------------------------------------------------------------------------- /bitwarden.cheat: -------------------------------------------------------------------------------- 1 | % bitwarden, bw 2 | $ pwd_options: echo -e "lusn\n " 3 | $ folder: bw list folders | jq -r '.[] | .name + " " + .id ' | awk '{printf "%-44s\t%-45s\n", $1,$2}' --- --column 2 --header-lines 1 4 | 5 | # Create new login in Bitwarden 6 | bw get template item | jq ".name=\"\" | .login=$(bw get template item.login | jq '.username="" | .password="" | .folderId=""')" | bw encode | bw create item && bw sync 7 | 8 | # Create random password with Bitwarden 9 | bw generate - --length 10 | 11 | # Create secure note in Bitwarden 12 | bw get template item | jq '.type = 2 | .secureNote.type = 0 | .notes = "" | .name = ""' | bw encode | bw create item -------------------------------------------------------------------------------- /chezmoi.cheat: -------------------------------------------------------------------------------- 1 | % chezmoi 2 | 3 | # Add file to be managed by chezmoi 4 | 5 | chezmoi add 6 | 7 | # Check what changes that chezmoi will make to your home directory 8 | 9 | chezmoi diff 10 | 11 | # Apply changes to your home directory 12 | 13 | chezmoi apply -v 14 | 15 | # Edit file 16 | 17 | chezmoi edit 18 | 19 | # invoke a merge tool (by default vimdiff) to merge changes between the current contents of the file, the file in your working copy, and the computed contents of the file: 20 | 21 | chezmoi merge 22 | 23 | # On any machine, you can pull and apply the latest changes from your repo 24 | 25 | chezmoi update -v 26 | 27 | # Install your dotfiles on new machine with a single command 28 | 29 | chezmoi init --apply https://github.com//.git 30 | 31 | # Encrypt file 32 | chezmoi add --encrypt 33 | 34 | # To force a refresh the downloaded archives 35 | chezmoi --refresh-externals apply 36 | 37 | # Add attribute to file 38 | 39 | $addattr: echo -e "+after\n+before\n+empty\n+encrypted\n+exact\n+executable\n+modify\n+once\n+onchange" 40 | 41 | chezmoi chattr 42 | 43 | # Remove attribute to file 44 | 45 | $delattr: echo -e "-after\n-before\n-empty\n-encrypted\n-exact\n-executable\n-modify\n-once\n-onchange" 46 | 47 | chezmoi chattr -- 48 | 49 | # Pull the changes from your repo and apply them in a single command 50 | 51 | chezmoi update 52 | 53 | # Pull the latest changes from your repo and see what would change, without actually applying the changes 54 | 55 | chezmoi git pull -- --rebase && chezmoi 56 | 57 | # Install chezmoi and your dotfiles on a new machine with a single command 58 | 59 | sh -c "$(curl -fsLS https://chezmoi.io/get)" -- init --apply $GITHUB_USERNAME 60 | 61 | # setting up transitory environments (e.g. short-lived Linux containers) you can install chezmoi, install your dotfiles, and then remove all traces of chezmoi, including the source directory and chezmoi's configuration directory 62 | 63 | sh -c "$(curl -fsLS https://chezmoi.io/get)" -- init --one-shot $GITHUB_USERNAME 64 | -------------------------------------------------------------------------------- /chrt.cheat: -------------------------------------------------------------------------------- 1 | % linux, scheduler 2 | 3 | # Show the assigned policy and priority for process ID 1234 4 | 5 | chrt --pid 6 | 7 | # Runs a command with a fairly low priority as a batch task (SCHED_BATCH) 8 | 9 | chrt --batch 10 | 11 | # Assign SCHED_OTHER policy with priority 0 for process ID 1234 12 | 13 | chrt --other --pid -------------------------------------------------------------------------------- /cloud/az.cheat: -------------------------------------------------------------------------------- 1 | % azure, cloud 2 | $ subscriptions: az account list -otable --query '[].{Name: name,id: id}' --- --column 2 --header-lines 1 3 | $ format: echo "json\njsonc\nyaml\nyamlc\ntable\ntsv\nnone" 4 | # Get current subsription ID 5 | az account show --query id --output tsv 6 | 7 | # Get all Azure subscription names and ids 8 | az account list -otable --query '[].{Name: name,id: id}' 9 | 10 | # Fetch the subscription id within the current Azure CLI context. 11 | az account show --query id --output tsv 12 | 13 | # Fetch the subscription id of a given subscription 14 | az account show -n --query id --output tsv 15 | 16 | # Fetch the subscription id of a given subscription 17 | az account subscription list --query "[? displayName==''].subscriptionId | [0]" 18 | 19 | # Show details of a subscription 20 | az account show -n 21 | 22 | # Set the default output format 23 | az config set core.output= 24 | 25 | # Set subscription 26 | az account set --subscription 27 | 28 | # Get Tennant ID 29 | az account show -s --query tenantId -otsv 30 | -------------------------------------------------------------------------------- /cloud/az_aks.cheat: -------------------------------------------------------------------------------- 1 | % azure, aks, cloud 2 | 3 | $ clusters: az aks list -otable --query "[].{Name: name,Location: primaryLocation,ResourceGroup: resourceGroup}" --- --column 1 --header-lines 1 4 | $ rg: az aks list -otable --query "[].{Name: name,Location: primaryLocation,ResourceGroup: resourceGroup}" --- --column 2 --header-lines 1 5 | 6 | # Get kubernetes credentials for aks 7 | az aks get-credentials --resource-group --name 8 | -------------------------------------------------------------------------------- /cloud/az_apim.cheat: -------------------------------------------------------------------------------- 1 | % azure, apim, cloud 2 | @ azure, apim, cloud 3 | 4 | # list all api management services 5 | az apim list | jq -r ".[].name" 6 | 7 | # list all apis in an api management service 8 | az apim api list -g -n | jq -r ".[].name" 9 | 10 | # list all apis (in all subscriptions and all resource group) 11 | for s in $(az account subscription list --only-show-errors | jq -r '.[].subscriptionId' | sed 's/\\[tn]//g'); do 12 | for rg in $(az group list --subscription "${s}" --only-show-errors | jq -r '.[].name' | sed 's/\\[tn]//g'); do 13 | for apim in $(az apim list --subscription "${s}" --resource-group "${rg}" --only-show-errors | jq -r '.[].name' | sed 's/\\[tn]//g'); do 14 | # echo "az apim api list --subscription "${s}" --resource-group "${rg}" --service-name ${apim} | jq -r '.[].name'" 15 | for api in $(az apim api list --subscription "${s}" --resource-group "${rg}" --service-name ${apim} | jq -r '.[].name' | sed 's/\\[tn]//g'); do 16 | echo "${s}|${rg}|${apim}|${api}" 17 | done 18 | done 19 | done 20 | done 21 | 22 | # list all api management operations (in all subscriptions and all resource groups) 23 | for s in $(az account subscription list --only-show-errors | jq -r '.[].subscriptionId' | sed 's/\\[tn]//g'); do 24 | for rg in $(az group list --subscription "${s}" --only-show-errors | jq -r '.[].name' | sed 's/\\[tn]//g'); do 25 | for apim in $(az apim list --subscription "${s}" --resource-group "${rg}" --only-show-errors | jq -r '.[].name' | sed 's/\\[tn]//g'); do 26 | # echo "az apim api list --subscription "${s}" --resource-group "${rg}" --service-name ${apim} | jq -r '.[].name'" 27 | for api in $(az apim api list --subscription "${s}" --resource-group "${rg}" --service-name ${apim} | jq -r '.[].name' | sed 's/\\[tn]//g'); do 28 | # echo "az apim api operation list --subscription "${s}" --resource-group "${rg}" --service-name ${apim} --api-id ${api} | jq -r '.[].name'" 29 | for operation in $(az apim api operation list --subscription "${s}" --resource-group "${rg}" --service-name ${apim} --api-id ${api} | jq -r '.[].name' | sed 's/\\[tn]//g'); do 30 | echo "${s}|${rg}|${apim}|${api}|${operation}" 31 | done 32 | done 33 | done 34 | done 35 | done 36 | -------------------------------------------------------------------------------- /cloud/az_network_dns.cheat: -------------------------------------------------------------------------------- 1 | % azure, network, cloud 2 | 3 | # List all private-dns zones for a given resource group 4 | az network private-dns zone list -g 5 | -------------------------------------------------------------------------------- /cloud/az_sp.cheat: -------------------------------------------------------------------------------- 1 | % azure, service-principals, cloud 2 | @ azure, service-principals, cloud 3 | $ sp-id: az ad sp list -otable --query '[].{Name: displayName,subscription_id: id}' 4 | # List all service principals with displayName and ID 5 | az ad sp list -otable --query '[].{Name: displayName,id: id}' 6 | 7 | # Create without role assignment 8 | az ad sp create-for-rbac 9 | 10 | # Create using a custom display name 11 | az ad sp create-for-rbac -n 12 | 13 | # Create with a Contributor role assignments on specified scopes (space separated) 14 | az ad sp create-for-rbac -n --role Contributor --scopes 15 | 16 | # Create with a Contributor role assignments on subscription level 17 | az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/" --display-name 18 | 19 | # Create using a self-signed certificate 20 | az ad sp create-for-rbac --create-cert 21 | 22 | # Create using a self-signed certificate, and store it within KeyVault 23 | az ad sp create-for-rbac --keyvault --cert CertName --create-cert 24 | 25 | # Create using existing certificate in KeyVault 26 | az ad sp create-for-rbac --keyvault --cert 30 | 31 | # Get the details of a service principal with id in the form of 00000000-0000-0000-0000-000000000000 32 | az ad sp show --id 33 | 34 | Get the details of a service principal with identifier URI in the form of api://myapp 35 | az ad sp show --id 36 | 37 | # Delete a service principal's password credential 38 | az ad sp credential delete --id --key-id 39 | 40 | # Delete a service principal's certificate credential 41 | az ad sp credential delete --id --key-id --cert 42 | 43 | # List a service principal's password credentials 44 | az ad sp credential list --id 45 | 46 | # List a service principal's certificate credentials 47 | az ad sp credential list --id --cert 48 | 49 | # Reset a service principal's credential with a password 50 | az ad sp credential reset --id 51 | 52 | # Reset a service principal's credential with a new self-signed certificate 53 | az ad sp credential reset --id --create-cert 54 | 55 | # Append a certificate to the service principal with the certificate string. 56 | az ad sp credential reset --id --cert "" --append 57 | 58 | # Append a certificate to the service principal with the certificate file. 59 | az ad sp credential reset --id --cert "@" --append 60 | 61 | # List service principal owners. 62 | az ad sp owner list --id 63 | -------------------------------------------------------------------------------- /cloud/az_storage.cheat: -------------------------------------------------------------------------------- 1 | % azure, storage, cloud 2 | $ storage-accounts: az storage account list -otable --query "[].{Name: name,Location: primaryLocation,ResourceGroup: resourceGroup}" --- --column 1 --header-lines 1 3 | 4 | # Get storage accounts 5 | az storage account list -otable --query "[].{Name: name,Location: primaryLocation,ResourceGroup: resourceGroup}" 6 | -------------------------------------------------------------------------------- /cloud/gcloud.cheat: -------------------------------------------------------------------------------- 1 | % gcloud, cloud 2 | $ project: gcloud projects list --- --column 1 --header-lines 1 3 | $ secret: gcloud secrets list --- --column 1 --header-lines 1 4 | 5 | # Login to Google cloud 6 | gcloud auth login 7 | 8 | # Select authenticated account to use 9 | gcloud config set account 10 | 11 | # Select active google project 12 | gcloud config set project 13 | 14 | # List gcloud projects 15 | gcloud projects list 16 | 17 | # Create a new secret 18 | gcloud secrets add 19 | 20 | # Delete secret 21 | gcloud secrets delete 22 | 23 | # Create a new secret version from file 24 | gcloud secrets versions add --data-file="" 25 | 26 | # Create a new secret version from stdin (not recommended) 27 | echo -n "" | gcloud secrets versions add --data-file=- 28 | 29 | # Grant access to gcloud secret 30 | gcloud secrets add-iam-policy-binding --member="" --role="roles/secretmanager.secretAccessor" 31 | 32 | # Add labels to gcloud secret 33 | gcloud secrets update --update-labels== 34 | 35 | # List IAM roles (names and description) 36 | gcloud iam roles list --format json | jq ' .[] | ( .name + "\t" + .description) ' 37 | -------------------------------------------------------------------------------- /distros/pacman.cheat: -------------------------------------------------------------------------------- 1 | % pacman, arch 2 | 3 | # Import key 4 | pacman-key --recv-keys 5 | 6 | # Add key from file 7 | pacman-key --add 8 | 9 | # Verify fingerprint of key 10 | pacman-key --finger 11 | 12 | # Sync keys to pacman 13 | pacman-key --refresh-keys -------------------------------------------------------------------------------- /distros/zypper.cheat: -------------------------------------------------------------------------------- 1 | % zypper, suse 2 | 3 | # Audit SuSE with zypper: vulnerable packages 4 | zypper lp | awk '{ if ($7=="security") { if ($11=="update") { print $13 } else { print $11 } } }' | sed 's/:$//' | grep -v "^$" | sort | uniq -------------------------------------------------------------------------------- /docker.cheat: -------------------------------------------------------------------------------- 1 | % docker 2 | 3 | # Remove old and unused Docker images 4 | docker rmi $(docker images --filter "dangling=true" -q --no-trunc) 5 | 6 | # delete ALL dangling data (i.e. In order: containers stopped, volumes without containers and images with no containers). 7 | docker system prune 8 | 9 | # delete dangling data with filter 10 | docker system prune --filter 11 | 12 | # Shows docker image layers 13 | docker history --no-trunc ubuntu:oracular-20240527 | tac | tr -s ' ' | cut -d " " -f 5- | sed 's,^/bin/sh -c #(nop) ,,g' | sed 's,^/bin/sh -c,RUN,g' | sed 's, && ,\n & ,g' | sed 's,\s*[0-9]*[\.]*[0-9]*[kMG]*B\s*$,,g' | head -n -1 14 | 15 | # Check the user who launched the docker container 16 | docker inspect $(docker ps -q) --format '{{.Config.User}} {{.Name}}' 17 | -------------------------------------------------------------------------------- /ffmpeg.cheat: -------------------------------------------------------------------------------- 1 | % ffmpeg, video 2 | 3 | # Get Video Info 4 | ffmpeg -i -hide_banner 5 | 6 | # Extract Images from a Video into separate image files named image1.jpg, image2.jpg, and so on. 7 | ffmpeg -i _%d.jpg 8 | 9 | # Convert Images into Video - which will take all the images in the current folder (like "image1.jpg", "image2.jpg", etc.) 10 | ffmpeg -f image2 -i image%d.jpg imagestovideo.mpg 11 | 12 | # Convert a Video to MP3 Format 13 | ffmpeg -i -vn -ar 44100 -ac 2 -ab 192 -f mp3 .mp3 14 | 15 | # Convert Video to an animated, uncompressed gif file 16 | ffmpeg -i .gif 17 | 18 | # To convert a .avi file to an mpeg for dvd players 19 | ffmpeg -i .avi -target pal-dvd -ps 2000000000 -aspect 16:9 .mpeg 20 | 21 | # Extract audio or sound from a video file, and save it as MP3 file, use the following command: 22 | ffmpeg -i >video_file> -vn -ar 44100 -ac 2 -ab 192 -f mp3 .mp3 23 | 24 | # Combine an audio file and a video file into a single multimedia file 25 | ffmpeg -i -i _w_audio.mpg 26 | 27 | # Increase video playback speed, run the following command with the -vf option, which sets the video filters that help to adjust the playback speed. 28 | ffmpeg -i -vf "setpts=0.5*PTS" fast_ 29 | 30 | # Decrease video playback speed, run the following command with the -vf option, which sets the video filters that help to adjust the playback speed. 31 | ffmpeg -i -vf "setpts=4.0*PTS" slow_ hide_banner 32 | 33 | # Add subtitle to a video file 34 | ffmpeg -i -i -map 0 -map 1 -c copy -c:v libx264 -crf 23 -preset veryfast out_ 35 | 36 | # Add a cover poster or image to an audio file 37 | ffmpeg -loop 1 -i -i -c:v libx264 -c:a aac -------------------------------------------------------------------------------- /fswatch.cheat: -------------------------------------------------------------------------------- 1 | % file change monitor 2 | 3 | # list available monitors by employing the -M or - list-monitors option: 4 | fswatch -M 5 | 6 | # list available monitors by employing the -M or - list-monitors option: 7 | fswatch --list-monitors 8 | 9 | # Set the latency in seconds, the default being 1 second. 10 | fswatch -l 11 | 12 | # Using -t or --timestamp option prints the time stamp for every event 13 | fswatch --timestamp 14 | 15 | # -x or --event-flags tells fswatch to print the event flags alongside the event path 16 | fswatch --events-flags 17 | 18 | # To print the numeric value of an event indicating changes in your home directory and /var/log/auth.log file, use -n or --numeric option as below: 19 | fswatch --numeric 20 | -------------------------------------------------------------------------------- /fuser.cheat: -------------------------------------------------------------------------------- 1 | % linux, process, files, sockets 2 | 3 | # Show which processes have TCP port xx socket open including details 4 | 5 | fuser --verbose --ipv4 / 6 | 7 | # Select namespace 'tcp' and select port xx to see which processes have the socket open with verbose for details 8 | 9 | fuser --verbose --namespace tcp 10 | 11 | # Show all processes that have a file open at the specified mount point 12 | 13 | fuser --verbose --mount -------------------------------------------------------------------------------- /git/gh.cheat: -------------------------------------------------------------------------------- 1 | % github, github-cli, gh 2 | 3 | # Login with gh 4 | gh auth login 5 | 6 | % github, github-cli, gh, api 7 | 8 | # Get starred repos by authenticated user (table with only name and description) 9 | gh api \ 10 | -H "Accept: application/vnd.github+json" \ 11 | -H "X-GitHub-Api-Version: 2022-11-28" \ 12 | -H "per_page: 100" \ 13 | /user/starred --jq ".[] | [.name, .description] | @tsv" 14 | 15 | # print only specific fields from the response 16 | gh api repos///issues --jq '.[].title' 17 | 18 | # use a template for the output 19 | gh api repos///issues --template \ 20 | '{{range .}}{{.title}} ({{.labels | pluck "name" | join ", " | color "yellow"}}){{"\n"}}{{end}}' 21 | 22 | # list releases with GraphQL 23 | gh api graphql -F owner='{owner}' -F name='{repo}' -f query=' 24 | query($name: String!, $owner: String!) { 25 | repository(owner: $owner, name: $name) { 26 | releases(last: 3) { 27 | nodes { tagName } 28 | } 29 | } 30 | } 31 | ' 32 | 33 | # list all repositories for a user 34 | gh api graphql --paginate -f query=' 35 | query($endCursor: String) { 36 | viewer { 37 | repositories(first: 100, after: $endCursor) { 38 | nodes { nameWithOwner } 39 | pageInfo { 40 | hasNextPage 41 | endCursor 42 | } 43 | } 44 | } 45 | } 46 | ' 47 | 48 | # Lists the feeds available to the authenticated user. 49 | 50 | gh api \ 51 | -H "Accept: application/vnd.github+json" \ 52 | -H "X-GitHub-Api-Version: 2022-11-28" \ 53 | /feeds -------------------------------------------------------------------------------- /git/git.cheat: -------------------------------------------------------------------------------- 1 | % git 2 | 3 | # Get branch name of current branch 4 | git symbolic-ref --short HEAD 5 | 6 | # Remove branches that have already been merged with main a.k.a. ‘delete merged' 7 | git branch --merged | grep -v '\*\|master\|main\|dev' | xargs -n 1 git branch -d 8 | 9 | # Find tags containing commit 10 | git describe --always --contains 11 | 12 | # Find branches containing commit 13 | git branch -a --contains 14 | 15 | # Show the diff between the latest commit and the current state 16 | git diff-index --quiet HEAD -- || clear; git --no-pager diff --patch-with-stat 17 | 18 | # List config from ~/.gitconfig.user 19 | git config --file ~/.gitconfig.user -l 20 | 21 | # Configure user and mail in ~/.gitconfig.user 22 | git config --file ~/.gitconfig.user user.name / 23 | git config --file ~/.gitconfig.user user.email 24 | 25 | # Change author of a commit 26 | git commit --amend --author=" \<\>" 27 | 28 | # Re-sign previous commits with a new gpg key 29 | git rebase --exec 'git commit --amend --no-edit -S' 30 | 31 | # List modified files 32 | git status --porcelain | awk 'match($1, "M"){print $2}' 33 | 34 | # List deleted files 35 | git status --porcelain | awk 'match($1, "D"){print $2}' 36 | 37 | # List staged files 38 | git diff --name-only --cached 39 | 40 | # List staged files only added and modified 41 | git diff --name-only --cached --diff-filter=AM 42 | 43 | # List stages files and the working directory only 44 | comm -23 <(git diff --cached --name-only) <(git diff --name-only) 45 | -------------------------------------------------------------------------------- /git/glab.cheat: -------------------------------------------------------------------------------- 1 | % gitlab, glab, gitlab-cli 2 | 3 | 4 | % gitlab, glab, gitlab-cli, repos 5 | 6 | # create a repository under your account using the current directory name 7 | glab repo create 8 | 9 | # create a repository under a group using the current directory name 10 | glab repo create --group 11 | 12 | # create a repository with a specific name 13 | glab repo create 14 | 15 | # create a repository for a group 16 | glab repo create / 17 | 18 | -------------------------------------------------------------------------------- /gitguardian.cheat: -------------------------------------------------------------------------------- 1 | % gitguardian, vulnerabilities 2 | @ gitguardian, secrets 3 | 4 | # search for secrets in files 5 | ggshield secret scan path -r 6 | 7 | # search for secrets in repo 8 | ggshield secret scan repo -r 9 | 10 | # search for secrets in docker images 11 | ggshield secret scan docker : 12 | 13 | # search for secrets in Pypi packages 14 | ggshield secret scan pypi 15 | 16 | @ gitguardian, vulnerabilities 17 | 18 | # search for vulnerabilities in your IaC files 19 | ggshield iac scan all 20 | 21 | # search for new potential IaC vulnerabilities 22 | ggshield iac scan diff --ref=HEAD~1 . 23 | 24 | -------------------------------------------------------------------------------- /gnome.cheat: -------------------------------------------------------------------------------- 1 | % gnome 2 | 3 | # set default terminal application 4 | gsettings set org.gnome.desktop.default-applications.terminal exec 5 | 6 | # dump dconf to file 7 | dconf dump > dump.dconf 8 | -------------------------------------------------------------------------------- /gpg.cheat: -------------------------------------------------------------------------------- 1 | % gpg 2 | $ key_name: gpg --list-keys --with-colons | awk -F: '$1 == "uid" {print $8" "$10}' --- --column 1 --delimiter ' ' 3 | 4 | # Export Public Key as armored ASCII 5 | gpg --output --armor --export 6 | 7 | # List pgp keys 8 | gpg --list-keys --with-colons | awk -F: '$1 == "uid" {print $8 "\t" $10 }' 9 | 10 | # To locate the key of a user, by email address: 11 | gpg --auto-key-locate keyserver --locate-keys 12 | 13 | # Refresh all your keys (e.g. new revocation certificates and subkeys) 14 | gpg --refresh-keys 15 | 16 | # Upload and verify key to keys.openpgp.org 17 | gpg --export | curl -T - https://keys.openpgp.org 18 | 19 | # Generate revoke key 20 | gpg --output revoke.asc --gen-revoke 21 | 22 | # Import revocation certificate into your keyring 23 | gpg --import revoke.asc 24 | 25 | # Search your key on the keyserver 26 | gpg --keyserver --search-key 27 | 28 | # Generate a lot of random passwords 29 | gpg --gen-random --armor 1 30 | 31 | # Generate a random password of a given lenght 32 | gpg --gen-random --armor 1 -------------------------------------------------------------------------------- /helm.cheat: -------------------------------------------------------------------------------- 1 | % helm 2 | @ kubernetes 3 | 4 | $ helm_release_name: helm ls --kube-context $context -n $namespace --- --column 1 --header-lines 1 --delimiter '\s\s+' 5 | 6 | # Get helm values of a given helm release 7 | helm --kube-context -n get values 8 | 9 | # Get all the information for the current release of in namespace 10 | helm -n get all 11 | 12 | # Show user defined values used in the helm release 13 | helm -n get values -n cattle-system get values rancher 20 | -------------------------------------------------------------------------------- /kubernetes/k8s.cheat: -------------------------------------------------------------------------------- 1 | % kubernetes, k8s 2 | $ context: kubectl config get-contexts --- --column 2 --header-lines 1 3 | $ namespace: kubectl get ns --- --column 1 --header-lines 1 4 | $ pod: kubectl get pod -n $namespace --- --column 1 --header-lines 1 5 | $ object: kubectl api-resources --- --column 1 --header-lines 1 6 | 7 | # Get all Kubernetes objects 8 | kubectl api-resources 9 | 10 | # Set default namespace of current context 11 | kubectl config set-context --current --namespace= 12 | 13 | # Passing long configuration file to Kubernetes in case you get "is invalid: metadata.annotations: Too long: must have at most 262144 characters" 14 | kubectl apply --server-side=true -f 15 | 16 | % kubernetes, k8s, context 17 | @ kubernetes, k8s 18 | $ namespace: kubectl get ns --context $context --- --column 1 --header-lines 1 19 | $ name: kubectl get pod -n $namespace --context $context --- --column 1 --header-lines 1 20 | $ source_context: kubectl config get-contexts --- --column 2 --header-lines 1 21 | $ target_context: kubectl config get-contexts --- --column 2 --header-lines 1 22 | $ source_namespace: kubectl get ns --context $source_context --- --column 1 --header-lines 1 23 | $ source_secret_name: kubectl get secret --context $context -n $namespace --- --column 1 --header-lines 1 24 | $ target_namespace: kubectl get ns --context $context --- --column 1 --header-lines 1 25 | 26 | # Get object names of a kubernetes, k8s context 27 | kubectl get --no-headers -o custom-columns=':metadata.name' --context 28 | 29 | # Set default namespace of current context 30 | kubectl config set-context --current --namespace= 31 | 32 | # Get info about current context 33 | kubectl config get-contexts $(kubectl config current-context) 34 | 35 | # Find running container's user ID in Kubernetes for all pods in a cluster 36 | for ns in $(kubectl get ns --no-headers); do 37 | for pod in $(kubectl get pods -n $ns --no-headers -o custom-columns=NAME:metadata.name); do 38 | userid=$(kubectl exec $pod -n $ns -- /bin/sh -c "id -u \$(whoami)") 39 | groupid=$(kubectl exec $pod -n $ns -- /bin/sh -c "id -g \$(whoami)") 40 | echo pod "$pod" in ns "$ns": "$userid/$groupid" 41 | done; 42 | done; -------------------------------------------------------------------------------- /kubernetes/k8s_nodes.cheat: -------------------------------------------------------------------------------- 1 | % kubernetes, k8s 2 | 3 | # Get cpu and memory of a node 4 | kubectl get nodes --context -o="jsonpath={range .items[*]}{.metadata.name}{'\t'}{.status.capacity.cpu}{'\t'}{.status.capacity.memory}{'\n'}{end}" -------------------------------------------------------------------------------- /kubernetes/k8s_ns.cheat: -------------------------------------------------------------------------------- 1 | % kubernetes, k8s, ns 2 | @ kubernetes, k8s 3 | # get all ns 4 | kubectl get ns 5 | 6 | % kubernetes, k8s, ns, rancher 7 | @ kubernetes, k8s, ns 8 | # Get all namespaces belonging to a specific rancher project(id) in the form of c-xxxxx:p-xxxxx 9 | kubectl get ns -o=jsonpath="{range .items[?(@.metadata.annotations.field\.cattle\.io/projectId!='')]}{.metadata.name}{'\n'}{end}" 10 | 11 | % kubernetes, k8s, ns, context 12 | @ kubernetes, k8s, ns 13 | # List all namespaces of a context 14 | kubectl get ns --context $context 15 | 16 | # Force delete namespaces 17 | kubectl delete ns --force --grace-period=0 --wait=false 18 | 19 | # Remove finalizer from namespace 20 | kubectl get namespaces -o json | jq '.spec.finalizers=[]' > .json | kubectl apply -f .json 21 | -------------------------------------------------------------------------------- /kubernetes/k8s_pvc.cheat: -------------------------------------------------------------------------------- 1 | % kubernetes, k8s, pvc 2 | @ kubernetes, k8s 3 | # Increase disk space of an existing pvc in current context 4 | kubectl patch -n pvc/ --patch '{"spec": {"resources": {"requests": {"storage": "Gi"}}}}' 5 | 6 | % kubernetes, k8s, context 7 | @ kubernetes, k8s 8 | 9 | $ namespace: kubectl get ns --context $context --- --column 1 --header-lines 1 10 | $ name: kubectl get pod -n $namespace --context $context --- --column 1 --header-lines 1 11 | 12 | # Get object names of a kubernetes, k8s context 13 | kubectl get --no-headers -o custom-columns=':metadata.name' --context 14 | 15 | # Copy truststore.jks from one secret to another 16 | kubectl --context= -n get secret -o json | jq -r '.data."truststore.jks"' | base64 -d -i > truststore.jks && kubectl --context= -n create secret generic --from-file=truststore.jk 17 | 18 | $ source_context: kubectl config get-contexts --- --column 2 --header-lines 1 19 | $ target_context: kubectl config get-contexts --- --column 2 --header-lines 1 20 | $ source_namespace: kubectl get ns --context $source_context --- --column 1 --header-lines 1 21 | $ source_secret_name: kubectl get secret --context $context -n $namespace --- --column 1 --header-lines 1 22 | $ target_namespace: kubectl get ns --context $context --- --column 1 --header-lines 1 23 | 24 | # Print logs of a pod in a specific context 25 | kubectl logs --context -n -f pods/ 26 | 27 | # Open shell to a pod in a specific context 28 | kubectl exec -it --context -n -- /bin/bash 29 | 30 | # Check disk space on pod in a specific context 31 | kubectl exec -it --context -n -- sh -c "df -h" 32 | 33 | # Set default namespace of current context 34 | kubectl config set-context --current --namespace= 35 | 36 | # Get info about current context 37 | kubectl config get-contexts $(kubectl config current-context) 38 | 39 | % kubernetes, k8s, context, pvc 40 | @ kubernetes, k8s, context 41 | # Get pvc names for a given namespace in a specific context 42 | kubectl get pvc --context -n -o=jsonpath=\"{range .items[?(@.spec.storageClassName=='')]}{.metadata.name}{' '}{end}\" 43 | 44 | # Get pvc names for a given namespace in current context 45 | kubectl get pvc -n -o=jsonpath=\"{range .items[?(@.spec.storageClassName=='')]}{.metadata.name}{' '}{end}\" 46 | 47 | # get label 'managed-by'" 48 | kubectl get --context -n -o=jsonpath=\"{range .items[*]}{.spec.volumeclaimtemplates[?(@.kind=='PersistentVolumeClaim')]}{.metadata.name}{' --- '}{.spec.template.metadata.labels.app\\.kubernetes, k8s\\.io/managed-by}{'\\n'}{end}\" 49 | 50 | # Increase disk space of an existing pvc in a given context 51 | kubectl patch --context -n pvc/ --patch '{"spec": {"resources": {"requests": {"storage": "Gi"}}}}' 52 | 53 | $ pvc_name: kubectl get pvc -n $namespace --context $context --- --column 1 --header-lines 1 54 | 55 | # Remove claimRef from pv (patch) 56 | kubectl patch pv --context -p '{\"spec\":{\"claimRef\": null}}' 57 | 58 | $ pv_name: kubectl get pv --context $source_context --- --column 1 --header-lines 1 59 | -------------------------------------------------------------------------------- /kubernetes/k8s_rancher.cheat: -------------------------------------------------------------------------------- 1 | % kubernetes, rancher, fleet 2 | @ kubernetes 3 | $ clusterid: kubectl -n fleet-default get clusters.provisioning.cattle.io --- --column 1 --header-lines 1 4 | 5 | # Get Fleet bundles 6 | kubectl get bundle -n fleet-default --context 7 | 8 | # Get Fleet bundles, filtered by pattern 9 | kubectl get bundle -n fleet-default --context | grep -E "" 10 | 11 | # Get Rancher clusters 12 | kubectl get clusters.management.cattle.io 13 | 14 | # Get Rancher nodes 15 | kubectl get nodes.management.cattle.io -A 16 | 17 | # Remove cluster manually from Rancher 18 | kubectl patch clusters.management.cattle.io -p '{"metadata":{"finalizers":[]}}' --type=merge && 19 | kubectl delete clusters.management.cattle.io 20 | 21 | # Get password of grafana 22 | kubectl get secret --namespace cattle-monitoring-system rancher-monitoring-grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo 23 | 24 | # User bindings for external provider 25 | kubectl get userattributes.management.cattle.io -ocustom-columns='NAME:.metadata.name,GENERATION:.metadata.generation,LASTREFRESH:.LastRefresh,EXTRABYPROVIDER:.ExtraByProvider' 26 | 27 | # Create an API key with no expiration 28 | kubectl patch tokens -–type='json' -p='[{"op": "replace", "path": "/ttl", "value": 0}]' && kubectl patch tokens --type='json' -p='[{"op": "remove", "path": "/expiresAt"}]' 29 | 30 | # collect the logs including the previous logs 31 | for pod in $(kubectl get pods -n cattle-system -l app=rancher --no-headers -o custom-columns=":metadata.name") 32 | do 33 | kubectl logs -n cattle-system $pod -c rancher |& gzip > $pod.log.gz 34 | kubectl logs -n cattle-system $pod -c rancher --previous |& gzip > $pod-previous.log.gz 35 | done 36 | 37 | # Change the log level for Rancher v2.x 38 | kubectl -n cattle-system get pods -l app=rancher --no-headers -o custom-columns=name:.metadata.name | while read rancherpod; do kubectl -n cattle-system exec $rancherpod -c rancher -- loglevel --set ; done 39 | 40 | $ rancher_pods: kubectl -n cattle-system get pods -l app=rancher --no-headers -o custom-columns=name:.metadata.name 41 | $ log_level: echo error\ninfo\ndebug 42 | -------------------------------------------------------------------------------- /kubernetes/k8s_secrets-cm.cheat: -------------------------------------------------------------------------------- 1 | % kubernetes, k8s 2 | @ kubernetes, k8s 3 | 4 | # Copy truststore.jks from one secret to another 5 | kubectl --context= -n get secret -o json | jq -r '.data."truststore.jks"' | base64 -d -i > truststore.jks && kubectl --context= -n create secret generic --from-file=truststore.jk 6 | -------------------------------------------------------------------------------- /kubernetes/k8s_workload.cheat: -------------------------------------------------------------------------------- 1 | % kubernetes, k8s 2 | 3 | # Print logs of a pod in current context 4 | kubectl logs -n -f pods/ 5 | 6 | # Open shell to a pod in current context 7 | kubectl exec -it -n -- /bin/bash 8 | 9 | # Check disk space on pod in current context 10 | kubectl exec -it -n -- sh -c "df -h" 11 | 12 | # Get resource limits for all objects in current context 13 | kubectl get -o name -o=jsonpath='{range .items[*]}{.metadata.namespace}{"\t"}{.metadata.name}{"\t"}{..resources.requests}{"\t"}{..resources.limits}{"\n"}{end}' -A | awk '{printf "%-44s\t%-45s\t%-40s\t%s\n", $1,$2,$3,$4 }' 14 | 15 | # Get events for specific pod 16 | kubectl get event --field-selector involvedObject.name="" -n 17 | 18 | # Get failing pods of all ns 19 | kubectl get pods --field-selector="status.phase!=Succeeded,status.phase!=Running" -A 20 | 21 | # Get failing pods of a specifc ns 22 | kubectl get pods --field-selector="status.phase!=Succeeded,status.phase!=Running" -n 23 | 24 | # Get object with a specific label 25 | kubectl get --selector