Autosave: 2025-05-04 18:01:46

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Advanced_listing_in_the_shell.md

@@ -0,0 +1,31 @@
+---
+tags: [procedural, shell]
+created: Tuesday, April 15, 2025
+---
+
+# Advanced listing in the shell
+
+## List items by most recently modified
+
+```sh
+# -l = long format, t = time
+ls -lt
+```
+
+To include the full date:
+
+```sh
+ls -l --time-style=long-iso
+```
+
+## Limit the number of items returned
+
+```sh
+ls -l | head -n
+```
+
+For example, to list the first five items:
+
+```sh
+ls -l | head -5
+```

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Certbot.md

@@ -1,5 +1,5 @@
 ---
-tags: [server-management, procedural]
+tags: [servers, procedural]
 created: Wednesday, April 02, 2025
 ---
 
@@ -20,6 +20,6 @@ sudo certbot certificates
 ## Delete a certifcate
 
 ```sh
-sudo cerbot delete --certname rootdomain.net
+sudo cerbot delete --cert-name rootdomain.net
 
 ```

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Certificate_authorities.md

@@ -1,5 +1,5 @@
 ---
-tags: [networks, server-management]
+tags: [networks, servers]
 created: Sunday, February 09, 2025
 ---
 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Disable_non-root_ssh_access.md

@@ -1,5 +1,5 @@
 ---
-tags: [server-management, ssh, procedural, linux]
+tags: [servers, ssh, procedural, linux]
 created: Saturday, February 15, 2025
 ---
 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Docker_Compose.md

@@ -71,6 +71,11 @@ docker compose logs --follow web
 
 # view processes by activity
 docker compose top
+
+# rebuild a container within the Compose and clear cache
+
+docker-compose build --no-cache <container_name>
+
 ```
 
 ## Environment variables

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Docker_cleanup.md

@@ -61,7 +61,7 @@ services:
 ### Identify
 
 ```sh
-sudo docker images --filter "dangling=tre"
+sudo docker images --filter "dangling=true"
 ```
 
 ### Delete

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Docker_networks.md

@@ -0,0 +1,18 @@
+---
+tags: [docker, networks, procedural]
+created: Thursday, April 24, 2025
+---
+
+# Docker networks
+
+## Show networks
+
+```sh
+docker network list
+```
+
+## Check which containers are attached to a given network
+
+```sh
+docker network inspect [container_name]
+```

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Enter_into_a_Docker_container.md

@@ -0,0 +1,12 @@
+---
+tags: [docker, procedural]
+created: Thursday, April 24, 2025
+---
+
+# Enter into a Docker container
+
+```sh
+docker exec -it <container_name_or_id> bash
+```
+
+This will will open up a Bash shell at the container root.

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/File_permissions_in_Linux.md

@@ -0,0 +1,39 @@
+---
+tags: [Linux, permissions]
+created: Friday, April 11, 2025
+---
+
+# File permissions in Linux
+
+## View permissions
+
+```bash
+ls -rfl
+```
+
+## What the letters mean
+
+```bash
+drwxr-xr-x  2 thomas thomas  4096 Jan 21 18:00 dist
+drwxr-xr-x  2 thomas thomas  4096 Dec 29 12:50 out
+-rw-r--r--  1 thomas thomas  1108 Jan 21 17:42 README.md
+```
+
+The first column of the permissions output is known as the file's _mode_. The
+sequence from left to right is as follows:
+
+```
+-       - - -                 - - -                 - - -
+type    user permissions      group permissions     other permissions
+```
+
+<dl>
+  <dt>type</dt>
+  <dd>The file type. A dash just means an ordinary file. `d` means directory </dd>
+ 
+  <dt>user permissions</dt>
+  <dd>read, write or execute. A dash means 'nothing': the permissions for that slot in the set have not be assigned</dd>
+
+  <dt>group and other</dt>
+  <dd>group is obviously what anyone belonging to the current file's user group can do. Everyone else (outside of the user and the group) is covered by the other permissions, sometimes known as 'world' permissions</dd>
+</dl>

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Firewalls.md

@@ -1,5 +1,5 @@
 ---
-tags: [networks, server-management, firewalls]
+tags: [networks, servers, firewalls]
 created: Sunday, February 09, 2025
 ---
 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Git_access_over_HTTPS_with_credentials.md

@@ -0,0 +1,33 @@
+---
+tags: [git]
+created: Sunday, April 13, 2025
+---
+
+# Git access with HTTPS and credentials
+
+If not using SSH, use HTTPS. However in order to combine this with 2FA it is
+necessary to use an access token as the pass, not your actual password.
+
+Create an access token in your remote Git client (GitHub, Forgejo).
+
+Then, clear any existing credentials with:
+
+```sh
+git config --global --unset credential.helper
+```
+
+Set Git config to use store mode:
+
+```sh
+git config --global credential.helper store
+```
+
+Do a push or pull in a repo to prompt authentication. Put in username but
+credential as password. You should be able to login.
+
+Confirm the credential has been added by viewing the credential file at the root
+of your home directory:
+
+```sh
+cat ${HOME}/.git-credentials
+```

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/HTTPS.md

@@ -1,5 +1,5 @@
 ---
-tags: [world-wide-web, internet, encryption, server-management]
+tags: [world-wide-web, internet, encryption, servers]
 created: Friday, December 14, 2024
 ---
 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Let's_Encrypt.md

@@ -1,5 +1,5 @@
 ---
-tags: [networks, server-management, encryption]
+tags: [networks, servers, encryption]
 created: Sunday, February 09, 2025
 ---
 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Repair_disks-with_fsck.md

@@ -0,0 +1,36 @@
+---
+tags: [disks, procedural, Linux]
+created: Saturday, April 26, 2025
+---
+
+# Repair disks with fsck
+
+Identify file system errors on a disk.
+
+Be sure to unmount the device beforehand.
+
+```sh
+sudo fsck.vfat -a /dev/sdf1
+```
+
+This will automatically apply repairs. An example output:
+
+```
+fsck.fat 4.2 (2021-01-31)
+There are differences between boot sector and its backup.
+This is mostly harmless. Differences: (offset:original/backup)
+  65:01/00
+  Not automatically fixing this.
+/.Trash-1000/files/retropie
+ Start does point to root directory. Deleting dir.
+Reclaimed 312130 unused clusters (2556968960 bytes) in 1553 chains.
+Dirty bit is set. Fs was not properly unmounted and some data may be corrupt.
+ Automatically removing dirty bit.
+Free cluster summary wrong (1516247 vs. really 1516241)
+  Auto-correcting.
+
+*** Filesystem was changed ***
+Writing changes.
+/dev/sdf1: 1582 files, 396097/1912338 clusters
+
+```

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/SSH.md

@@ -1,5 +1,5 @@
 ---
-tags: [encryption, shell, server-management]
+tags: [encryption, shell, servers]
 created: Tuesday, March 04, 2025
 ---
 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Secure_disk_wipe.md

@@ -0,0 +1,16 @@
+---
+tags: [disks, procedural]
+created: Saturday, April 26, 2025
+---
+
+# Secure disk wipe
+
+```sh
+sudo shred -v -n 2 -z /dev/sda1
+```
+
+Overwrites the disk with random data multiple times (`-n 2`) and finishes with
+zeros (`-z`).
+
+The more overwrites you specify, the longer it takes. Three overwrites on a USB
+flash disk can take like three hours so use advisedly.

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/UFW_firewall_management.md

@@ -1,5 +1,5 @@
 ---
-tags: [server-management, procedural, linux, firewalls]
+tags: [servers, procedural, linux, firewalls]
 created: Sunday, February 16, 2025
 ---
 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Viewing_Docker_logs.md

@@ -0,0 +1,28 @@
+---
+tags: [docker, procedural]
+created: Thursday, April 24, 2025
+---
+
+# Viewing Docker logs
+
+## View logs from outside of container
+
+```sh
+docker logs <container_name> OR <container_id>
+```
+
+To view the logs in realtime, apend `-f` for `--follow`:
+
+```sh
+docker logs -f <container_name> OR <container_id>
+```
+
+## View logs from within the container
+
+For example, to view nginx logs, first
+[enter into the container](Enter_into_a_Docker_container.md) and then:
+
+```sh
+cat /var/log/nginx/access.log
+cat /var/log/nginx/error.log
+```

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/Web_sockets.md

@@ -0,0 +1,52 @@
+---
+tags: [networks, network-protocols, WebSocket]
+created: Monday, April 14, 2025
+---
+
+# Web sockets
+
+The WebSocket protocol provides a mechanism whereby data can continuously be
+shared between a client and a server in both directions.
+
+This contrasts with standard HTTP whereby a server can only send data when a
+client specifically requests it and the communication channel is closed until
+such a request is made.
+
+Whereas HTTP works on the basis of a client-server architecture, WebSocket is an
+event-driven architecture. Under an event-driven architecture, _events_ trigger
+data flows rather than client requests.
+
+Examples of its application include instant messaging platforms where messages
+are sent in real time, stock trading platforms, social media feeds and
+cloud-based collaboration tools (e.g. Google Sheets). Hence WebSocket is best
+suited to applications where the immediacy and concurrency of server resolution
+is a factor.
+
+WebSocket was borne out of the limitations of HTTP. Prior to the creation of the
+WebSocket protocol, event-driven communication was attempted over HTTP through
+"long polling". Basically, the server sends a request to the server and if the
+response is not available, the server holds the request until the response is
+available and then returns it. Then, after an interval, the client sends the
+same request again and the process repeats. This is obviously inefficient.
+
+WebSocket is an [Application Layer](Application_Layer_of_Internet_Protocol.md)
+protocol just like HTTP. HTTP is used as the initial connection mechanism but
+the resulting TCP connection is kept alive after the HTTP request completes,
+establishing the web socket. The standard HTTP handshake takes place but the
+HTTP request will include an 'Upgrade' header that indicates the client wants to
+establish a socket. The presence of this header results in the protocol being
+upgraded from HTTP to WebSocket.
+
+> This is possible because both HTTP and WebSocket are Application Layer
+> protocols that run on top of the same TCP connection.
+
+## Encryption
+
+In the case of moving from HTTPS to WebSocket, the encryption of the former
+protocol is maintained. Although there is a protocol switch, the data is still
+being transferred on the same 443 port (used for HTTPS). Although the protocol
+has changed at the Application Layer, the encryption established at the TCP
+Layer is still in place.
+
+The HTTPS analog for WebSocket is WebSocketSecure (WSS). Thus HTTPS/WSS is the
+secure version of the HTTP/WS protocols.

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/chmod.md

@@ -0,0 +1,41 @@
+---
+tags: [permissions, Linux]
+created: Friday, April 11, 2025
+---
+
+# chmod
+
+Modify file permissions.
+
+We can use symbols or numbers.
+
+For example:
+
+```sh
+chmod +x filename
+```
+
+To make a file executable.
+
+When we use numbers this is called an _absolute_ change, because all permission
+bits are being set at once in octal notation.
+
+Best just to memorise the most common sequences. Bear in mind that some only
+apply to files, rather than directories or executable programs.
+
+| Mode | Meaning                           | Applied to            |
+| ---- | --------------------------------- | --------------------- |
+| 644  | user: r/w, group/other: r         | files                 |
+| 600  | user: r/w, group/other: none      | files                 |
+| 755  | user: r/w/e, group/other: r/e     | directories, programs |
+| 700  | user: r/w/e, group/other: none    | directories, programs |
+| 711  | user: r/w/e, group/other: execute | directories           |
+
+### Useful options
+
+`-v` → verbose: tell the user what `chmod` is doing
+
+`-r` → work recursively, i.e apply the action to directories as well as files
+
+> You can list the contents of a directory if it's readable but you can only
+> access a file in a directory if the directory is executable!

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/chown.md

@@ -0,0 +1,56 @@
+---
+tags: [permissions, Linux]
+created: Friday, April 11, 2025
+---
+
+# chown
+
+Change the owner of system files and directories.
+
+Basic syntax: `chown <owner:group> filename`.
+
+```sh
+# Change file owner
+chown user1 doc.txt
+
+# Change owner and group
+chown user1:developers document.txt
+
+# Change only the group
+chown :staff shared_folder/
+
+# Do so recursively for dirs
+chown -R www-data:www-data /var/www/
+```
+
+TODO: Partition into separate entry on groups:
+
+> When a user account in Linux is created the system also creates a group with
+> the same name as the user (known as the _primary group_ or _user private
+> group_).
+
+Because of the above, you will often change owndership to yourself with:
+
+```sh
+chown thomas:thomas some_dir
+```
+
+See groups:
+
+```sh
+groups
+# thomas realtime docker input wheel adb plugdev
+```
+
+When reassigning users and groups, it's safest to use the actual name. But each
+user/group also has a numeric representation, corresponding to UID:GID.
+
+The first regular, non-system user created on most Unix distributions is 1000
+but this isn't universal. Likewise his group will be 1000.
+
+See your UID/GID and the GIDs of the groups you're in:
+
+```
+$ id
+uid=1000(thomas) gid=1000(thomas) groups=1000(thomas),959(realtime),966(docker),994(input),998(wheel),1001(adb),1002(plugdev)
+```

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/e383b8b3_nginx_vs_traefik.md

@@ -1,5 +1,5 @@
 ---
-tags: [networks, proxies]
+tags: [networks, proxies, nginx]
 created: Monday, February 03, 2025
 ---
 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/index.md

@@ -13,35 +13,35 @@ computer science.
 
 <a href="https://thomasabishop.github.io/eolas/tags">View tags</a>
  
-**Build ID:** 9445c5fd-135c-4b0b-a70c-7a6fd45d9d58
+**Build ID:** 465c3f1a-96c8-4f3f-9682-19d3ebacfb4a
 
-**Published:** Sat 05 Apr 2025 10:32:35
+**Published:** Sun 04 May 2025 18:01:40
 
 ### Recent edits 
 
-- [[Code_Craft_The_Practice_Of_Writing_Excellent_Code]] 
-- [[Docker_cleanup]] 
-- [[Certbot]] 
-- [[d212acdb_from_free-software_to_open_source]] 
-- [[c8820974_Tor_prioritising_uptake]] 
-- [[What_can_the_ISP_see]] 
-- [[Constructing paths in Python]] 
-- [[File_operations_in_Python]] 
-- [[Using a context manager in Python]] 
-- [[USB-C]] 
-- [[USB protocols and connectors]] 
+- [[Docker_CLI]] 
+- [[UFW_firewall_management]] 
 - [[SSH]] 
-- [[lsof]] 
-- [[a0ab0bfb_network_layer_clarification]] 
-- [[b01fd836_Transport_Layer_clarification]] 
-- [[Transport_Layer_of_Internet_Protocol]] 
+- [[Let's_Encrypt]] 
 - [[HTTPS]] 
-- [[How_tunneling_works_with_VPNs]] 
-- [[Network_tunnels]] 
-- [[Capturing_program_error_in_Bash]] 
+- [[Firewalls]] 
+- [[Disable_non-root_ssh_access]] 
+- [[Certificate_authorities]] 
+- [[Certbot]] 
+- [[rsync]] 
+- [[scp]] 
+- [[Repair_disks-with_fsck]] 
+- [[Secure_disk_wipe]] 
+- [[Advanced_listing_in_the_shell]] 
+- [[journalctl]] 
+- [[journald]] 
+- [[Viewing_Docker_logs]] 
+- [[e383b8b3_nginx_vs_traefik]] 
+- [[Enter_into_a_Docker_container]] 
+- [[Docker_Compose]] 
 
 
-### All notes (548) 
+### All notes (561) 
 
 - [[0716531c_rewilding_the_internet]] 
 - [[241fe1a3_the_Web_versus_modem_BBSs]] 
@@ -69,6 +69,7 @@ computer science.
 - [[Adding_documents_to_a_Mongo_collection]] 
 - [[Additive_identity]] 
 - [[Additive_inverse_property]] 
+- [[Advanced_listing_in_the_shell]] 
 - [[Aggregate_functions_in_SQL]] 
 - [[Algebra_key_terms]] 
 - [[Algorithmic_complexity]] 
@@ -150,7 +151,7 @@ computer science.
 - [[Conjunction_Introduction]] 
 - [[Connect_to_Mongo_database]] 
 - [[Connecting_a_frontend_to_a_Docker_backend]] 
-- [[Constructing paths in Python]] 
+- [[Constructing_paths_in_Python]] 
 - [[Containerization]] 
 - [[Controlled_components_in_React]] 
 - [[Corresponding_material_and_biconditional]] 
@@ -203,6 +204,7 @@ computer science.
 - [[Docker_containers]] 
 - [[Docker_general_overview]] 
 - [[Docker_images]] 
+- [[Docker_networks]] 
 - [[Docker_storage]] 
 - [[Dynamic_and_static_websites]] 
 - [[DynamoDB_CLI_commands]] 
@@ -212,6 +214,7 @@ computer science.
 - [[Elastic_Compute_Cloud]] 
 - [[Electromagnetism]] 
 - [[Electrons]] 
+- [[Enter_into_a_Docker_container]] 
 - [[Enums]] 
 - [[Environmental_and_shell_variables]] 
 - [[Equivalent_equations]] 
@@ -228,7 +231,7 @@ computer science.
 - [[Fetch_from_Secrets_Manager]] 
 - [[File_descriptors]] 
 - [[File_operations_in_Python]] 
-- [[File_permissions_and_execution_in_Bash]] 
+- [[File_permissions_in_Linux]] 
 - [[File_system_error_handling_in_Python]] 
 - [[Filesystems]] 
 - [[Find_Bash_command]] 
@@ -251,6 +254,7 @@ computer science.
 - [[Further_examples_of_TS_generics]] 
 - [[GPU_versus_CPU]] 
 - [[Generics_in_TypeScript]] 
+- [[Git_access_over_HTTPS_with_credentials]] 
 - [[Git_bisect]] 
 - [[Git_rebasing]] 
 - [[Global_object_in_NodeJS]] 
@@ -437,6 +441,7 @@ computer science.
 - [[Relays]] 
 - [[Remote_tracking_branches]] 
 - [[Rename_a_branch]] 
+- [[Repair_disks-with_fsck]] 
 - [[Reset_to_remote_version]] 
 - [[Resistance]] 
 - [[Restructure_URLs_lambda]] 
@@ -452,6 +457,7 @@ computer science.
 - [[Save_readonly_Vim_file]] 
 - [[Schema_Definition_Language_in_GraphQL]] 
 - [[Secrets_or_env_vars_in_AWS]] 
+- [[Secure_disk_wipe]] 
 - [[Semantic_versioning]] 
 - [[Set_DNS_settings]] 
 - [[Sets_in_Python]] 
@@ -514,8 +520,8 @@ computer science.
 - [[Type_hinting]] 
 - [[Typing_built_in_React_hooks]] 
 - [[UFW_firewall_management]] 
-- [[USB protocols and connectors]] 
 - [[USB-C]] 
+- [[USB_protocols_and_connectors]] 
 - [[Union_types_in_TS]] 
 - [[Unknown_type_in_TS]] 
 - [[Update_a_Mongo_document]] 
@@ -527,9 +533,9 @@ computer science.
 - [[User_agent]] 
 - [[User_management_in_Linux]] 
 - [[User_management_on_AWS]] 
-- [[Using a context manager in Python]] 
 - [[Using_GraphQL_with_Node]] 
 - [[Using_SQLite_with_Python]] 
+- [[Using_a_context_manager_in_Python]] 
 - [[Using_arguments_with_Apollo_Client]] 
 - [[Utilities_operators_flags]] 
 - [[Validating_Mongoose_schemas]] 
@@ -539,6 +545,7 @@ computer science.
 - [[Variables_and_data_types_in_Bash]] 
 - [[Variables_in_C]] 
 - [[View_IP_addresses]] 
+- [[Viewing_Docker_logs]] 
 - [[Viewing_remote_changes_without_merging]] 
 - [[Views_in_relational_databases]] 
 - [[VirtualMemory]] 
@@ -546,6 +553,7 @@ computer science.
 - [[Voltage]] 
 - [[Voltage_sources]] 
 - [[Weaving_the_Web_Berners_Lee]] 
+- [[Web_sockets]] 
 - [[What_are_disks]] 
 - [[What_can_the_ISP_see]] 
 - [[What_is_memory]] 
@@ -572,6 +580,8 @@ computer science.
 - [[c8820974_Tor_prioritising_uptake]] 
 - [[c9d7492f_requerimiento]] 
 - [[cfbef1c4_web_precursors]] 
+- [[chmod]] 
+- [[chown]] 
 - [[d212acdb_from_free-software_to_open_source]] 
 - [[e383b8b3_nginx_vs_traefik]] 
 - [[e470bf3d_IMPs_in_the_ARPANET]] 
@@ -581,11 +591,14 @@ computer science.
 - [[fbbfbc32-political-accommodation-inveigelment-surveillance-capitalism]] 
 - [[fs]] 
 - [[http_in_Node]] 
+- [[journalctl]] 
 - [[journald]] 
 - [[jq]] 
 - [[lsof]] 
 - [[ps]] 
 - [[python_advent_learnings]] 
+- [[rsync]] 
+- [[scp]] 
 - [[systemd]] 
 - [[systemd_status]] 
 - [[tags]] 

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/journalctl.md

@@ -0,0 +1,58 @@
+---
+tags: [Linux, procedural, logs]
+created: Thursday, April 24, 2025
+---
+
+# journalctl
+
+We use `journalctl` to access [journald](journald.md) logs. The command by
+itself outputs the entire log which will be huge and hard to scroll through. We
+can refine the results with modifiers.
+
+### View logs for a specific process with pid
+
+```bash
+journalctl _PID=1234
+```
+
+### View logs for a specific time period
+
+This can be really helpful since you can bracket the most recent events which
+will be more memorable.
+
+```bash
+journalctl -S -1h
+```
+
+### View logs for a specfic systemd unit
+
+```bash
+journalctl -u [unit_name] -e
+```
+
+### View boot logs
+
+```bash
+journalctl -b
+```
+
+#### Identify specific boot
+
+```bash
+journalctl --list-boots
+
+```
+
+### List only kernel entries to the journal
+
+```bash
+journalctl -k
+```
+
+### View logs in realtime
+
+Use `-f` for `--follow`:
+
+```sh
+journalctl -f
+```

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/journald.md

@@ -0,0 +1,16 @@
+---
+tags:
+  - systems-programming
+  - Linux
+  - procedural
+---
+
+# `journald`
+
+`journald` is a program that comes as default with [systemd](systemd.md). It is
+a service for collecting and storing system-level log data. I keeps a track of
+all [kernel](The_kernel.md) processes. It is invaluable when tracing the source
+of problems and errors that may arise on the system level. It keeps a track of
+all kernal processes.
+
+![](static/journald.png)

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/rsync.md

@@ -0,0 +1,85 @@
+---
+tags: [file-transfer, Linux, procedural, disks]
+created: Saturday, April 26, 2025
+---
+
+# rsync
+
+## Ordering
+
+### Local to local
+
+```
+SOURCE_DIR > TARGET_DIR
+```
+
+### Local to remote
+
+```
+LOCAL_SOURC_DIR > REMOTE_TARGET_DIR
+```
+
+### Remote to local
+
+```
+REMOTE_TARGET_DIR > LOCAL_SOURC_DIR
+```
+
+```sh
+rsync -a <dir_to_copy_to> <dir_to_copy_from>
+```
+
+## Expanding directories
+
+The following:
+
+```sh
+rsync -a local_dir  target_dir
+```
+
+Will create `/target_dir/local_dir` at the target. In other words it will nest
+the actual directory you are interested in within what you have named the
+target.
+
+To avoid this, add a slash to the source directory, viz:
+
+```sh
+rysync -a local_dir/ target_dir
+```
+
+Now, at the target, there will just be `local_dir`.
+
+## Standard options I use
+
+```sh
+rsync -vzP
+```
+
+- verbose output
+
+- use compression (only really useful when running rysnc over a network)
+
+- display progress
+
+- preserve partially copied filed and resume if network connection interrupted
+
+## Archive mode
+
+Use "archive mode" when specifically wanting to create a backup of a directory
+(i.e. for long term storage rather than immediate use).
+
+```sh
+rsync -a
+```
+
+Archive mode is an umbrella for the following flags:
+
+- `-r`: recursive
+
+- `l`: copy [symlinks](Symlinks.md) as symlinks
+
+- `p`: preserve permissions
+
+- `t`: preserve times
+
+- `g`: preserve group

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/scp.md

@@ -0,0 +1,12 @@
+---
+tags: [file-transfer, Linux, procedural, servers]
+created: Sunday, April 27, 2025
+---
+
+# scp
+
+```sh
+scp host:/dir/*.sql.gz /local_machine/dir
+```
+
+> Obviously SSH from local to remote is a prerequisite

neuron/465c3f1a-96c8-4f3f-9682-19d3ebacfb4a/tags.md

@@ -4,7 +4,7 @@ unlisted: true
 ---
 
 # Tags
-[algebra](./tags#algebra), [algorithms](./tags#algorithms), [analogue](./tags#analogue), [android](./tags#android), [APIs](./tags#APIs), [arch-linux](./tags#arch-linux), [arithmetic](./tags#arithmetic), [ARPA](./tags#ARPA), [ARPANET](./tags#ARPANET), [awk](./tags#awk), [AWS](./tags#AWS), [aws-lambda](./tags#aws-lambda), [binary](./tags#binary), [bulletin-boards](./tags#bulletin-boards), [bus](./tags#bus), [C](./tags#C), [computer-architecture](./tags#computer-architecture), [computer-history](./tags#computer-history), [containerization](./tags#containerization), [CPU](./tags#CPU), [cryptography](./tags#cryptography), [csv](./tags#csv), [data-structures](./tags#data-structures), [data-types](./tags#data-types), [databases](./tags#databases), [design-patterns](./tags#design-patterns), [disks](./tags#disks), [docker](./tags#docker), [dynamodb](./tags#dynamodb), [ecopolsoc](./tags#ecopolsoc), [electricity](./tags#electricity), [electromagnetism](./tags#electromagnetism), [electronics](./tags#electronics), [encryption](./tags#encryption), [exponents](./tags#exponents), [file-system](./tags#file-system), [firewalls](./tags#firewalls), [fleeting](./tags#fleeting), [FOSS](./tags#FOSS), [fractions](./tags#fractions), [git](./tags#git), [graphql](./tags#graphql), [hardware](./tags#hardware), [history](./tags#history), [IaC](./tags#IaC), [internet](./tags#internet), [javascript](./tags#javascript), [jest](./tags#jest), [json](./tags#json), [JSON](./tags#JSON), [kernel](./tags#kernel), [Linux](./tags#Linux), [linux](./tags#linux), [literature](./tags#literature), [logic](./tags#logic), [logic-gates](./tags#logic-gates), [memory](./tags#memory), [Microsoft](./tags#Microsoft), [middleware](./tags#middleware), [modems](./tags#modems), [mongo-db](./tags#mongo-db), [mongoose](./tags#mongoose), [nand-to-tetris](./tags#nand-to-tetris), [network-protocols](./tags#network-protocols), [networks](./tags#networks), [node-js](./tags#node-js), [number-systems](./tags#number-systems), [number-theory](./tags#number-theory), [OOP](./tags#OOP), [operating-systems](./tags#operating-systems), [packet-switching](./tags#packet-switching), [physics](./tags#physics), [ports](./tags#ports), [prealgebra](./tags#prealgebra), [privacy](./tags#privacy), [procedural](./tags#procedural), [propositional-logic](./tags#propositional-logic), [protocols](./tags#protocols), [proxies](./tags#proxies), [python](./tags#python), [question](./tags#question), [raspberry-pi](./tags#raspberry-pi), [react](./tags#react), [recursion](./tags#recursion), [regex](./tags#regex), [REST](./tags#REST), [S3](./tags#S3), [server-management](./tags#server-management), [set-theory](./tags#set-theory), [shell](./tags#shell), [SNS](./tags#SNS), [sound](./tags#sound), [SQL](./tags#SQL), [SQLite](./tags#SQLite), [SQS](./tags#SQS), [ssh](./tags#ssh), [storage](./tags#storage), [surveillance-capitalism](./tags#surveillance-capitalism), [systemd](./tags#systemd), [systems-programming](./tags#systems-programming), [testing](./tags#testing), [theorems](./tags#theorems), [theory-of-computation](./tags#theory-of-computation), [time](./tags#time), [Tor](./tags#Tor), [Turing](./tags#Turing), [typescript](./tags#typescript), [unix](./tags#unix), [USB](./tags#USB), [usb](./tags#usb), [VPN](./tags#VPN), [world-wide-web](./tags#world-wide-web), [yaml](./tags#yaml), 
+[algebra](./tags#algebra), [algorithms](./tags#algorithms), [analogue](./tags#analogue), [android](./tags#android), [APIs](./tags#APIs), [arch-linux](./tags#arch-linux), [arithmetic](./tags#arithmetic), [ARPA](./tags#ARPA), [ARPANET](./tags#ARPANET), [awk](./tags#awk), [AWS](./tags#AWS), [aws-lambda](./tags#aws-lambda), [binary](./tags#binary), [bulletin-boards](./tags#bulletin-boards), [bus](./tags#bus), [C](./tags#C), [computer-architecture](./tags#computer-architecture), [computer-history](./tags#computer-history), [containerization](./tags#containerization), [CPU](./tags#CPU), [cryptography](./tags#cryptography), [csv](./tags#csv), [data-structures](./tags#data-structures), [data-types](./tags#data-types), [databases](./tags#databases), [design-patterns](./tags#design-patterns), [disks](./tags#disks), [docker](./tags#docker), [dynamodb](./tags#dynamodb), [ecopolsoc](./tags#ecopolsoc), [electricity](./tags#electricity), [electromagnetism](./tags#electromagnetism), [electronics](./tags#electronics), [encryption](./tags#encryption), [exponents](./tags#exponents), [file-system](./tags#file-system), [file-transfer](./tags#file-transfer), [firewalls](./tags#firewalls), [fleeting](./tags#fleeting), [FOSS](./tags#FOSS), [fractions](./tags#fractions), [git](./tags#git), [graphql](./tags#graphql), [hardware](./tags#hardware), [history](./tags#history), [IaC](./tags#IaC), [internet](./tags#internet), [javascript](./tags#javascript), [jest](./tags#jest), [json](./tags#json), [JSON](./tags#JSON), [kernel](./tags#kernel), [Linux](./tags#Linux), [linux](./tags#linux), [literature](./tags#literature), [logic](./tags#logic), [logic-gates](./tags#logic-gates), [logs](./tags#logs), [memory](./tags#memory), [Microsoft](./tags#Microsoft), [middleware](./tags#middleware), [modems](./tags#modems), [mongo-db](./tags#mongo-db), [mongoose](./tags#mongoose), [nand-to-tetris](./tags#nand-to-tetris), [network-protocols](./tags#network-protocols), [networks](./tags#networks), [nginx](./tags#nginx), [node-js](./tags#node-js), [number-systems](./tags#number-systems), [number-theory](./tags#number-theory), [OOP](./tags#OOP), [operating-systems](./tags#operating-systems), [packet-switching](./tags#packet-switching), [permissions](./tags#permissions), [physics](./tags#physics), [ports](./tags#ports), [prealgebra](./tags#prealgebra), [privacy](./tags#privacy), [procedural](./tags#procedural), [propositional-logic](./tags#propositional-logic), [protocols](./tags#protocols), [proxies](./tags#proxies), [python](./tags#python), [question](./tags#question), [raspberry-pi](./tags#raspberry-pi), [react](./tags#react), [recursion](./tags#recursion), [regex](./tags#regex), [REST](./tags#REST), [S3](./tags#S3), [servers](./tags#servers), [set-theory](./tags#set-theory), [shell](./tags#shell), [SNS](./tags#SNS), [sound](./tags#sound), [SQL](./tags#SQL), [SQLite](./tags#SQLite), [SQS](./tags#SQS), [ssh](./tags#ssh), [storage](./tags#storage), [surveillance-capitalism](./tags#surveillance-capitalism), [systemd](./tags#systemd), [systems-programming](./tags#systems-programming), [testing](./tags#testing), [theorems](./tags#theorems), [theory-of-computation](./tags#theory-of-computation), [time](./tags#time), [Tor](./tags#Tor), [Turing](./tags#Turing), [typescript](./tags#typescript), [unix](./tags#unix), [usb](./tags#usb), [USB](./tags#USB), [VPN](./tags#VPN), [WebSocket](./tags#WebSocket), [world-wide-web](./tags#world-wide-web), [yaml](./tags#yaml), 
 
 ### algebra 
 
@@ -302,6 +302,9 @@ unlisted: true
 - [[Disk_info]] 
 - [[Filesystems]] 
 - [[Linux_disk_partitions]] 
+- [[Repair_disks-with_fsck]] 
+- [[rsync]] 
+- [[Secure_disk_wipe]] 
 - [[Setup encrypted harddrive]] 
 - [[Swap_space]] 
 - [[What_are_disks]] 
@@ -319,9 +322,12 @@ unlisted: true
 - [[Docker_containers]] 
 - [[Docker_general_overview]] 
 - [[Docker_images]] 
+- [[Docker_networks]] 
 - [[Docker_storage]] 
+- [[Enter_into_a_Docker_container]] 
 - [[Local_AWS_development_with_SAM]] 
 - [[Node_and_MySQL_db]] 
+- [[Viewing_Docker_logs]] 
 ### dynamodb 
 
 - [[Database_options_on_AWS]] 
@@ -388,6 +394,10 @@ unlisted: true
 - [[Reading_files_in_Python]] 
 - [[Working_with_directories_in_Python]] 
 - [[Writing_to_files_in_Python]] 
+### file-transfer 
+
+- [[rsync]] 
+- [[scp]] 
 ### firewalls 
 
 - [[Firewalls]] 
@@ -418,6 +428,7 @@ unlisted: true
 - [[Delete_a_branch]] 
 - [[Difference_between_remote_origin_and_head]] 
 - [[Effective_logging_in_Git]] 
+- [[Git_access_over_HTTPS_with_credentials]] 
 - [[Git_bisect]] 
 - [[Git_rebasing]] 
 - [[Identify_merged_branches]] 
@@ -524,6 +535,8 @@ unlisted: true
 
 - [[Basic_model_of_the_operating_system]] 
 - [[Bluetooth]] 
+- [[chmod]] 
+- [[chown]] 
 - [[Compile_from_source]] 
 - [[Containerization]] 
 - [[Create_timed_systemd_job]] 
@@ -531,7 +544,9 @@ unlisted: true
 - [[Cron]] 
 - [[Devices]] 
 - [[Disk_info]] 
+- [[File_permissions_in_Linux]] 
 - [[Headless_Raspi_network_setup]] 
+- [[journalctl]] 
 - [[journald]] 
 - [[Linux_disk_partitions]] 
 - [[Memory_Management_Unit]] 
@@ -539,7 +554,10 @@ unlisted: true
 - [[Network_scanning]] 
 - [[Pacman]] 
 - [[ps]] 
+- [[Repair_disks-with_fsck]] 
+- [[rsync]] 
 - [[Save_readonly_Vim_file]] 
+- [[scp]] 
 - [[Set_DNS_settings]] 
 - [[Swap_space]] 
 - [[Symlinks]] 
@@ -608,6 +626,9 @@ unlisted: true
 - [[Multiplexers_and_demultiplexers]] 
 - [[Three_bit_counter]] 
 - [[Transistors]] 
+### logs 
+
+- [[journalctl]] 
 ### memory 
 
 - [[Call_stack]] 
@@ -684,6 +705,7 @@ unlisted: true
 ### network-protocols 
 
 - [[Network_fundamentals]] 
+- [[Web_sockets]] 
 ### networks 
 
 - [[385af4b4_Baran_distributed_networks]] 
@@ -694,6 +716,7 @@ unlisted: true
 - [[Bluetooth]] 
 - [[c8173d17_TIMPs]] 
 - [[Certificate_authorities]] 
+- [[Docker_networks]] 
 - [[e383b8b3_nginx_vs_traefik]] 
 - [[e470bf3d_IMPs_in_the_ARPANET]] 
 - [[Example_scenario_internet_data_transfer]] 
@@ -726,6 +749,10 @@ unlisted: true
 - [[Usenet]] 
 - [[View_IP_addresses]] 
 - [[Virtual_private_cloud]] 
+- [[Web_sockets]] 
+### nginx 
+
+- [[e383b8b3_nginx_vs_traefik]] 
 ### node-js 
 
 - [[Adding_documents_to_a_Mongo_collection]] 
@@ -805,6 +832,11 @@ unlisted: true
 ### packet-switching 
 
 - [[385af4b4_Baran_distributed_networks]] 
+### permissions 
+
+- [[chmod]] 
+- [[chown]] 
+- [[File_permissions_in_Linux]] 
 ### physics 
 
 - [[738d0481_sound_recording_as_wave_phenomena]] 
@@ -858,6 +890,7 @@ unlisted: true
 - [[What_can_the_ISP_see]] 
 ### procedural 
 
+- [[Advanced_listing_in_the_shell]] 
 - [[Appending_to_files_in_Python]] 
 - [[AWS_CLI]] 
 - [[Bluetooth]] 
@@ -870,10 +903,13 @@ unlisted: true
 - [[Disk_info]] 
 - [[Disk_size_utilities]] 
 - [[Docker_cleanup]] 
+- [[Docker_networks]] 
 - [[Effective_logging_in_Git]] 
+- [[Enter_into_a_Docker_container]] 
 - [[File_operations_in_Python]] 
 - [[File_system_error_handling_in_Python]] 
 - [[Headless_Raspi_network_setup]] 
+- [[journalctl]] 
 - [[journald]] 
 - [[Killing_processes]] 
 - [[LineageOS_backup]] 
@@ -887,8 +923,12 @@ unlisted: true
 - [[Ping]] 
 - [[Reading_files_in_Python]] 
 - [[Rename_a_branch]] 
+- [[Repair_disks-with_fsck]] 
 - [[Reset_to_remote_version]] 
+- [[rsync]] 
 - [[Save_readonly_Vim_file]] 
+- [[scp]] 
+- [[Secure_disk_wipe]] 
 - [[Setup encrypted harddrive]] 
 - [[Symlinks]] 
 - [[systemd]] 
@@ -896,6 +936,7 @@ unlisted: true
 - [[UFW_firewall_management]] 
 - [[User_management_in_Linux]] 
 - [[View_IP_addresses]] 
+- [[Viewing_Docker_logs]] 
 - [[Working_with_directories_in_Python]] 
 - [[Writing_to_files_in_Python]] 
 ### propositional-logic 
@@ -935,7 +976,7 @@ unlisted: true
 - [[Validity_and_entailment]] 
 ### protocols 
 
-- [[USB protocols and connectors]] 
+- [[USB_protocols_and_connectors]] 
 ### proxies 
 
 - [[e383b8b3_nginx_vs_traefik]] 
@@ -947,7 +988,7 @@ unlisted: true
 - [[Classes_in_Python]] 
 - [[Compile_Python_app_to_single_executable]] 
 - [[Conditional_statements_in_Python]] 
-- [[Constructing paths in Python]] 
+- [[Constructing_paths_in_Python]] 
 - [[Dates_in_Python]] 
 - [[Dictionaries_in_Python]] 
 - [[Error_handling_in_Python]] 
@@ -981,7 +1022,7 @@ unlisted: true
 - [[Testing_Python_code]] 
 - [[Tuples_in_Python]] 
 - [[Type_hinting]] 
-- [[Using a context manager in Python]] 
+- [[Using_a_context_manager_in_Python]] 
 - [[Using_SQLite_with_Python]] 
 - [[With_open_in_Python]] 
 - [[Working_with_CSVs_in_Python]] 
@@ -1045,7 +1086,7 @@ unlisted: true
 ### S3 
 
 - [[Bash_store_status_of_command_execution]] 
-### server-management 
+### servers 
 
 - [[Certbot]] 
 - [[Certificate_authorities]] 
@@ -1053,6 +1094,7 @@ unlisted: true
 - [[Firewalls]] 
 - [[HTTPS]] 
 - [[Let's_Encrypt]] 
+- [[scp]] 
 - [[SSH]] 
 - [[UFW_firewall_management]] 
 ### set-theory 
@@ -1061,6 +1103,7 @@ unlisted: true
 - [[Basic_properties_of_sets]] 
 ### shell 
 
+- [[Advanced_listing_in_the_shell]] 
 - [[Associative_arrays_maps_in_Bash]] 
 - [[Awk]] 
 - [[Bash_colour_output]] 
@@ -1077,7 +1120,6 @@ unlisted: true
 - [[Environmental_and_shell_variables]] 
 - [[Expansions_and_substitutions]] 
 - [[File_descriptors]] 
-- [[File_permissions_and_execution_in_Bash]] 
 - [[Find_Bash_command]] 
 - [[Formatting_output_text_in_Bash]] 
 - [[Functions_in_Bash]] 
@@ -1236,16 +1278,19 @@ unlisted: true
 ### unix 
 
 - [[Time_and_computers]] 
-### USB 
-
-- [[USB protocols and connectors]] 
 ### usb 
 
 - [[USB-C]] 
+### USB 
+
+- [[USB_protocols_and_connectors]] 
 ### VPN 
 
 - [[How_tunneling_works_with_VPNs]] 
 - [[Network_tunnels]] 
+### WebSocket 
+
+- [[Web_sockets]] 
 ### world-wide-web 
 
 - [[241fe1a3_the_Web_versus_modem_BBSs]] 

neuron/9445c5fd-135c-4b0b-a70c-7a6fd45d9d58/File_permissions_and_execution_in_Bash.md

@@ -1,94 +0,0 @@
----
-tags:
-  - shell
----
-
-# File permissions and executables
-
-Every Unix file has a set of permissions that determine whether you can read,
-write or run (execute) the file.
-
-## Viewing file permissions
-
-In order to see file permissions within the terminal, use the `-l` or `-rfl`
-with the `ls` command. Remember this command can be applied at both the
-directory and single-file level. For example:
-
-```bash
-drwxr-xr-x  7 thomas thomas 4096 Oct  2 19:22 angular-learning-lab
-drwxr-xr-x  5 thomas thomas 4096 Oct 17 18:05 code-exercises
-drwxr-xr-x  5 thomas thomas 4096 Sep  4 16:15 js-kata
-drwxr-xr-x  9 thomas thomas 4096 Sep 26 18:10 sinequanon
-drwxr-xr-x 12 thomas thomas 4096 Sep 19 17:41 thomas-bishop
-drwxr-xr-x  5 thomas thomas 4096 Sep  4 19:24 ts-kata
-```
-
-### What the output means
-
-The first column of the permissions output is known as the file's _mode_. The
-sequence from left to right is as follows:
-
-```
--       - - -                 - - -                 - - -
-type    user permissions      group permissions     other permissions
-```
-
-<dl>
-  <dt>type</dt>
-  <dd>The file type. A dash just means an ordinary file. `d` means directory </dd>
- 
-  <dt>user permissions</dt>
-  <dd>read, write or execute. A dash means 'nothing': the permissions for that slot in the set have not be assigned</dd>
-
-  <dt>group and other</dt>
-  <dd>group is obviously what anyone belonging to the current file's user group can do. Everyone else (outside of the user and the group) is covered by the other permissions, sometimes known as 'world' permissions</dd>
-</dl>
-
-## Modifying permissions: `chmod`
-
-We use `chmod` for transferring ownership and file permissions quickly from the
-command-line.
-
-### Octal notation
-
-`chmod` uses octal notation. Each numeral refers to a permission set. There are
-three numerals. The placement denotes the user group. From left to right this
-is:
-
-- user
-- group
-- everyone else.
-
-If you are working solo and not with group access to files, you can disregard
-assigning the other numerals, by putting zeros in as placeholders.
-
-[Permission codes](static/685254916b2642f189e6316b876e09c9)
-
-### Example
-
-```bash
-$ chmod -v 700 dummy.txt
-$ ls -l dummy.txt
-$ -rwx------  1 thomasbishop  staff  27 13 May 15:42 dummy.txtExample
-```
-
-### Useful options
-
-`-v` → verbose: tell the user what `chmod` is doing
-
-`-r` → work recursively, i.e apply the action to directories as well as files
-
-`-f` →silent: suppress most error messages
-
-## Running bash files
-
-In most cases, especially when you are working alone, the most frequent codes
-you are going to need are 700 and 600. When shell scripting, you need to make
-your scripts executable for them to work, therefore you should always
-`chmod 700` when creating a `.sh` file.
-
-Then to invoke the script from the shell you simply enter:
-
-```bash
-./your-bash-script.sh
-```

neuron/9445c5fd-135c-4b0b-a70c-7a6fd45d9d58/journald.md

@@ -1,63 +0,0 @@
----
-tags:
-  - systems-programming
-  - Linux
-  - procedural
----
-
-# `journald`
-
-`journald` is a program that comes as default with [systemd](systemd.md). It is
-a service for collecting and storing system-level log data. I keeps a track of
-all [kernel](The_kernel.md) processes. It is invaluable when tracing the source
-of problems and errors that may arise on the system level. It keeps a track of
-all kernal processes.
-
-![](static/journald.png)
-
-## `journalctl`
-
-We use `journalctl` to access the logs. The command by itself outputs the entire
-log which will be huge and hard to scroll through. We can refine the results
-with modifiers.
-
-### View logs for a specific process with pid
-
-```bash
-journalctl _PID=1234
-```
-
-### View logs for a specific time period
-
-This can be really helpful since you can bracket the most recent events which
-will be more memorable.
-
-```bash
-journalctl -S -1h
-```
-
-### View logs for a specfic systemd unit
-
-```bash
-journalctl -u [unit_name] -e
-```
-
-### View boot logs
-
-```bash
-journalctl -b
-```
-
-#### Identify specific boot
-
-```bash
-journalctl --list-boots
-
-```
-
-### List only kernel entries to the journal
-
-```bash
-journalctl -k
-
-```

zk/Advanced_listing_in_the_shell.md

@@ -0,0 +1,31 @@
+---
+tags: [procedural, shell]
+created: Tuesday, April 15, 2025
+---
+
+# Advanced listing in the shell
+
+## List items by most recently modified
+
+```sh
+# -l = long format, t = time
+ls -lt
+```
+
+To include the full date:
+
+```sh
+ls -l --time-style=long-iso
+```
+
+## Limit the number of items returned
+
+```sh
+ls -l | head -n
+```
+
+For example, to list the first five items:
+
+```sh
+ls -l | head -5
+```

zk/Certbot.md

@@ -1,5 +1,5 @@
 ---
-tags: [server-management, procedural]
+tags: [servers, procedural]
 created: Wednesday, April 02, 2025
 ---
 
@@ -20,6 +20,6 @@ sudo certbot certificates
 ## Delete a certifcate
 
 ```sh
-sudo cerbot delete --certname rootdomain.net
+sudo cerbot delete --cert-name rootdomain.net
 
 ```

zk/Certificate_authorities.md

@@ -1,5 +1,5 @@
 ---
-tags: [networks, server-management]
+tags: [networks, servers]
 created: Sunday, February 09, 2025
 ---
 

zk/Disable_non-root_ssh_access.md

@@ -1,5 +1,5 @@
 ---
-tags: [server-management, ssh, procedural, linux]
+tags: [servers, ssh, procedural, linux]
 created: Saturday, February 15, 2025
 ---
 

zk/Docker_Compose.md

@@ -71,6 +71,11 @@ docker compose logs --follow web
 
 # view processes by activity
 docker compose top
+
+# rebuild a container within the Compose and clear cache
+
+docker-compose build --no-cache <container_name>
+
 ```
 
 ## Environment variables

zk/Docker_cleanup.md

@@ -61,7 +61,7 @@ services:
 ### Identify
 
 ```sh
-sudo docker images --filter "dangling=tre"
+sudo docker images --filter "dangling=true"
 ```
 
 ### Delete

zk/Docker_networks.md

@@ -0,0 +1,18 @@
+---
+tags: [docker, networks, procedural]
+created: Thursday, April 24, 2025
+---
+
+# Docker networks
+
+## Show networks
+
+```sh
+docker network list
+```
+
+## Check which containers are attached to a given network
+
+```sh
+docker network inspect [container_name]
+```

zk/Enter_into_a_Docker_container.md

@@ -0,0 +1,12 @@
+---
+tags: [docker, procedural]
+created: Thursday, April 24, 2025
+---
+
+# Enter into a Docker container
+
+```sh
+docker exec -it <container_name_or_id> bash
+```
+
+This will will open up a Bash shell at the container root.

zk/File_permissions_and_execution_in_Bash.md

@@ -1,94 +0,0 @@
----
-tags:
-  - shell
----
-
-# File permissions and executables
-
-Every Unix file has a set of permissions that determine whether you can read,
-write or run (execute) the file.
-
-## Viewing file permissions
-
-In order to see file permissions within the terminal, use the `-l` or `-rfl`
-with the `ls` command. Remember this command can be applied at both the
-directory and single-file level. For example:
-
-```bash
-drwxr-xr-x  7 thomas thomas 4096 Oct  2 19:22 angular-learning-lab
-drwxr-xr-x  5 thomas thomas 4096 Oct 17 18:05 code-exercises
-drwxr-xr-x  5 thomas thomas 4096 Sep  4 16:15 js-kata
-drwxr-xr-x  9 thomas thomas 4096 Sep 26 18:10 sinequanon
-drwxr-xr-x 12 thomas thomas 4096 Sep 19 17:41 thomas-bishop
-drwxr-xr-x  5 thomas thomas 4096 Sep  4 19:24 ts-kata
-```
-
-### What the output means
-
-The first column of the permissions output is known as the file's _mode_. The
-sequence from left to right is as follows:
-
-```
--       - - -                 - - -                 - - -
-type    user permissions      group permissions     other permissions
-```
-
-<dl>
-  <dt>type</dt>
-  <dd>The file type. A dash just means an ordinary file. `d` means directory </dd>
- 
-  <dt>user permissions</dt>
-  <dd>read, write or execute. A dash means 'nothing': the permissions for that slot in the set have not be assigned</dd>
-
-  <dt>group and other</dt>
-  <dd>group is obviously what anyone belonging to the current file's user group can do. Everyone else (outside of the user and the group) is covered by the other permissions, sometimes known as 'world' permissions</dd>
-</dl>
-
-## Modifying permissions: `chmod`
-
-We use `chmod` for transferring ownership and file permissions quickly from the
-command-line.
-
-### Octal notation
-
-`chmod` uses octal notation. Each numeral refers to a permission set. There are
-three numerals. The placement denotes the user group. From left to right this
-is:
-
-- user
-- group
-- everyone else.
-
-If you are working solo and not with group access to files, you can disregard
-assigning the other numerals, by putting zeros in as placeholders.
-
-[Permission codes](685254916b2642f189e6316b876e09c9)
-
-### Example
-
-```bash
-$ chmod -v 700 dummy.txt
-$ ls -l dummy.txt
-$ -rwx------  1 thomasbishop  staff  27 13 May 15:42 dummy.txtExample
-```
-
-### Useful options
-
-`-v` → verbose: tell the user what `chmod` is doing
-
-`-r` → work recursively, i.e apply the action to directories as well as files
-
-`-f` →silent: suppress most error messages
-
-## Running bash files
-
-In most cases, especially when you are working alone, the most frequent codes
-you are going to need are 700 and 600. When shell scripting, you need to make
-your scripts executable for them to work, therefore you should always
-`chmod 700` when creating a `.sh` file.
-
-Then to invoke the script from the shell you simply enter:
-
-```bash
-./your-bash-script.sh
-```

zk/File_permissions_in_Linux.md

@@ -0,0 +1,39 @@
+---
+tags: [Linux, permissions]
+created: Friday, April 11, 2025
+---
+
+# File permissions in Linux
+
+## View permissions
+
+```bash
+ls -rfl
+```
+
+## What the letters mean
+
+```bash
+drwxr-xr-x  2 thomas thomas  4096 Jan 21 18:00 dist
+drwxr-xr-x  2 thomas thomas  4096 Dec 29 12:50 out
+-rw-r--r--  1 thomas thomas  1108 Jan 21 17:42 README.md
+```
+
+The first column of the permissions output is known as the file's _mode_. The
+sequence from left to right is as follows:
+
+```
+-       - - -                 - - -                 - - -
+type    user permissions      group permissions     other permissions
+```
+
+<dl>
+  <dt>type</dt>
+  <dd>The file type. A dash just means an ordinary file. `d` means directory </dd>
+ 
+  <dt>user permissions</dt>
+  <dd>read, write or execute. A dash means 'nothing': the permissions for that slot in the set have not be assigned</dd>
+
+  <dt>group and other</dt>
+  <dd>group is obviously what anyone belonging to the current file's user group can do. Everyone else (outside of the user and the group) is covered by the other permissions, sometimes known as 'world' permissions</dd>
+</dl>

zk/Firewalls.md

@@ -1,5 +1,5 @@
 ---
-tags: [networks, server-management, firewalls]
+tags: [networks, servers, firewalls]
 created: Sunday, February 09, 2025
 ---
 

zk/Git_access_over_HTTPS_with_credentials.md

@@ -0,0 +1,33 @@
+---
+tags: [git]
+created: Sunday, April 13, 2025
+---
+
+# Git access with HTTPS and credentials
+
+If not using SSH, use HTTPS. However in order to combine this with 2FA it is
+necessary to use an access token as the pass, not your actual password.
+
+Create an access token in your remote Git client (GitHub, Forgejo).
+
+Then, clear any existing credentials with:
+
+```sh
+git config --global --unset credential.helper
+```
+
+Set Git config to use store mode:
+
+```sh
+git config --global credential.helper store
+```
+
+Do a push or pull in a repo to prompt authentication. Put in username but
+credential as password. You should be able to login.
+
+Confirm the credential has been added by viewing the credential file at the root
+of your home directory:
+
+```sh
+cat ${HOME}/.git-credentials
+```

zk/HTTPS.md

@@ -1,5 +1,5 @@
 ---
-tags: [world-wide-web, internet, encryption, server-management]
+tags: [world-wide-web, internet, encryption, servers]
 created: Friday, December 14, 2024
 ---
 

zk/Let's_Encrypt.md

@@ -1,5 +1,5 @@
 ---
-tags: [networks, server-management, encryption]
+tags: [networks, servers, encryption]
 created: Sunday, February 09, 2025
 ---
 

zk/Repair_disks-with_fsck.md

@@ -0,0 +1,36 @@
+---
+tags: [disks, procedural, Linux]
+created: Saturday, April 26, 2025
+---
+
+# Repair disks with fsck
+
+Identify file system errors on a disk.
+
+Be sure to unmount the device beforehand.
+
+```sh
+sudo fsck.vfat -a /dev/sdf1
+```
+
+This will automatically apply repairs. An example output:
+
+```
+fsck.fat 4.2 (2021-01-31)
+There are differences between boot sector and its backup.
+This is mostly harmless. Differences: (offset:original/backup)
+  65:01/00
+  Not automatically fixing this.
+/.Trash-1000/files/retropie
+ Start does point to root directory. Deleting dir.
+Reclaimed 312130 unused clusters (2556968960 bytes) in 1553 chains.
+Dirty bit is set. Fs was not properly unmounted and some data may be corrupt.
+ Automatically removing dirty bit.
+Free cluster summary wrong (1516247 vs. really 1516241)
+  Auto-correcting.
+
+*** Filesystem was changed ***
+Writing changes.
+/dev/sdf1: 1582 files, 396097/1912338 clusters
+
+```

zk/SSH.md

@@ -1,5 +1,5 @@
 ---
-tags: [encryption, shell, server-management]
+tags: [encryption, shell, servers]
 created: Tuesday, March 04, 2025
 ---
 

zk/Secure_disk_wipe.md

@@ -0,0 +1,16 @@
+---
+tags: [disks, procedural]
+created: Saturday, April 26, 2025
+---
+
+# Secure disk wipe
+
+```sh
+sudo shred -v -n 2 -z /dev/sda1
+```
+
+Overwrites the disk with random data multiple times (`-n 2`) and finishes with
+zeros (`-z`).
+
+The more overwrites you specify, the longer it takes. Three overwrites on a USB
+flash disk can take like three hours so use advisedly.

zk/UFW_firewall_management.md

@@ -1,5 +1,5 @@
 ---
-tags: [server-management, procedural, linux, firewalls]
+tags: [servers, procedural, linux, firewalls]
 created: Sunday, February 16, 2025
 ---
 

zk/Viewing_Docker_logs.md

@@ -0,0 +1,28 @@
+---
+tags: [docker, procedural]
+created: Thursday, April 24, 2025
+---
+
+# Viewing Docker logs
+
+## View logs from outside of container
+
+```sh
+docker logs <container_name> OR <container_id>
+```
+
+To view the logs in realtime, apend `-f` for `--follow`:
+
+```sh
+docker logs -f <container_name> OR <container_id>
+```
+
+## View logs from within the container
+
+For example, to view nginx logs, first
+[enter into the container](./Enter_into_a_Docker_container.md) and then:
+
+```sh
+cat /var/log/nginx/access.log
+cat /var/log/nginx/error.log
+```

zk/Web_sockets.md

@@ -0,0 +1,52 @@
+---
+tags: [networks, network-protocols, WebSocket]
+created: Monday, April 14, 2025
+---
+
+# Web sockets
+
+The WebSocket protocol provides a mechanism whereby data can continuously be
+shared between a client and a server in both directions.
+
+This contrasts with standard HTTP whereby a server can only send data when a
+client specifically requests it and the communication channel is closed until
+such a request is made.
+
+Whereas HTTP works on the basis of a client-server architecture, WebSocket is an
+event-driven architecture. Under an event-driven architecture, _events_ trigger
+data flows rather than client requests.
+
+Examples of its application include instant messaging platforms where messages
+are sent in real time, stock trading platforms, social media feeds and
+cloud-based collaboration tools (e.g. Google Sheets). Hence WebSocket is best
+suited to applications where the immediacy and concurrency of server resolution
+is a factor.
+
+WebSocket was borne out of the limitations of HTTP. Prior to the creation of the
+WebSocket protocol, event-driven communication was attempted over HTTP through
+"long polling". Basically, the server sends a request to the server and if the
+response is not available, the server holds the request until the response is
+available and then returns it. Then, after an interval, the client sends the
+same request again and the process repeats. This is obviously inefficient.
+
+WebSocket is an [Application Layer](./Application_Layer_of_Internet_Protocol.md)
+protocol just like HTTP. HTTP is used as the initial connection mechanism but
+the resulting TCP connection is kept alive after the HTTP request completes,
+establishing the web socket. The standard HTTP handshake takes place but the
+HTTP request will include an 'Upgrade' header that indicates the client wants to
+establish a socket. The presence of this header results in the protocol being
+upgraded from HTTP to WebSocket.
+
+> This is possible because both HTTP and WebSocket are Application Layer
+> protocols that run on top of the same TCP connection.
+
+## Encryption
+
+In the case of moving from HTTPS to WebSocket, the encryption of the former
+protocol is maintained. Although there is a protocol switch, the data is still
+being transferred on the same 443 port (used for HTTPS). Although the protocol
+has changed at the Application Layer, the encryption established at the TCP
+Layer is still in place.
+
+The HTTPS analog for WebSocket is WebSocketSecure (WSS). Thus HTTPS/WSS is the
+secure version of the HTTP/WS protocols.

zk/chmod.md

@@ -0,0 +1,41 @@
+---
+tags: [permissions, Linux]
+created: Friday, April 11, 2025
+---
+
+# chmod
+
+Modify file permissions.
+
+We can use symbols or numbers.
+
+For example:
+
+```sh
+chmod +x filename
+```
+
+To make a file executable.
+
+When we use numbers this is called an _absolute_ change, because all permission
+bits are being set at once in octal notation.
+
+Best just to memorise the most common sequences. Bear in mind that some only
+apply to files, rather than directories or executable programs.
+
+| Mode | Meaning                           | Applied to            |
+| ---- | --------------------------------- | --------------------- |
+| 644  | user: r/w, group/other: r         | files                 |
+| 600  | user: r/w, group/other: none      | files                 |
+| 755  | user: r/w/e, group/other: r/e     | directories, programs |
+| 700  | user: r/w/e, group/other: none    | directories, programs |
+| 711  | user: r/w/e, group/other: execute | directories           |
+
+### Useful options
+
+`-v` → verbose: tell the user what `chmod` is doing
+
+`-r` → work recursively, i.e apply the action to directories as well as files
+
+> You can list the contents of a directory if it's readable but you can only
+> access a file in a directory if the directory is executable!

zk/chown.md

@@ -0,0 +1,56 @@
+---
+tags: [permissions, Linux]
+created: Friday, April 11, 2025
+---
+
+# chown
+
+Change the owner of system files and directories.
+
+Basic syntax: `chown <owner:group> filename`.
+
+```sh
+# Change file owner
+chown user1 doc.txt
+
+# Change owner and group
+chown user1:developers document.txt
+
+# Change only the group
+chown :staff shared_folder/
+
+# Do so recursively for dirs
+chown -R www-data:www-data /var/www/
+```
+
+TODO: Partition into separate entry on groups:
+
+> When a user account in Linux is created the system also creates a group with
+> the same name as the user (known as the _primary group_ or _user private
+> group_).
+
+Because of the above, you will often change owndership to yourself with:
+
+```sh
+chown thomas:thomas some_dir
+```
+
+See groups:
+
+```sh
+groups
+# thomas realtime docker input wheel adb plugdev
+```
+
+When reassigning users and groups, it's safest to use the actual name. But each
+user/group also has a numeric representation, corresponding to UID:GID.
+
+The first regular, non-system user created on most Unix distributions is 1000
+but this isn't universal. Likewise his group will be 1000.
+
+See your UID/GID and the GIDs of the groups you're in:
+
+```
+$ id
+uid=1000(thomas) gid=1000(thomas) groups=1000(thomas),959(realtime),966(docker),994(input),998(wheel),1001(adb),1002(plugdev)
+```

zk/e383b8b3_nginx_vs_traefik.md

@@ -1,5 +1,5 @@
 ---
-tags: [networks, proxies]
+tags: [networks, proxies, nginx]
 created: Monday, February 03, 2025
 ---
 

zk/journalctl.md

@@ -0,0 +1,58 @@
+---
+tags: [Linux, procedural, logs]
+created: Thursday, April 24, 2025
+---
+
+# journalctl
+
+We use `journalctl` to access [journald](./journald.md) logs. The command by
+itself outputs the entire log which will be huge and hard to scroll through. We
+can refine the results with modifiers.
+
+### View logs for a specific process with pid
+
+```bash
+journalctl _PID=1234
+```
+
+### View logs for a specific time period
+
+This can be really helpful since you can bracket the most recent events which
+will be more memorable.
+
+```bash
+journalctl -S -1h
+```
+
+### View logs for a specfic systemd unit
+
+```bash
+journalctl -u [unit_name] -e
+```
+
+### View boot logs
+
+```bash
+journalctl -b
+```
+
+#### Identify specific boot
+
+```bash
+journalctl --list-boots
+
+```
+
+### List only kernel entries to the journal
+
+```bash
+journalctl -k
+```
+
+### View logs in realtime
+
+Use `-f` for `--follow`:
+
+```sh
+journalctl -f
+```

zk/journald.md

@@ -14,50 +14,3 @@ of problems and errors that may arise on the system level. It keeps a track of
 all kernal processes.
 
 ![](/img/journald.png)
-
-## `journalctl`
-
-We use `journalctl` to access the logs. The command by itself outputs the entire
-log which will be huge and hard to scroll through. We can refine the results
-with modifiers.
-
-### View logs for a specific process with pid
-
-```bash
-journalctl _PID=1234
-```
-
-### View logs for a specific time period
-
-This can be really helpful since you can bracket the most recent events which
-will be more memorable.
-
-```bash
-journalctl -S -1h
-```
-
-### View logs for a specfic systemd unit
-
-```bash
-journalctl -u [unit_name] -e
-```
-
-### View boot logs
-
-```bash
-journalctl -b
-```
-
-#### Identify specific boot
-
-```bash
-journalctl --list-boots
-
-```
-
-### List only kernel entries to the journal
-
-```bash
-journalctl -k
-
-```

zk/rsync.md

@@ -0,0 +1,85 @@
+---
+tags: [file-transfer, Linux, procedural, disks]
+created: Saturday, April 26, 2025
+---
+
+# rsync
+
+## Ordering
+
+### Local to local
+
+```
+SOURCE_DIR > TARGET_DIR
+```
+
+### Local to remote
+
+```
+LOCAL_SOURC_DIR > REMOTE_TARGET_DIR
+```
+
+### Remote to local
+
+```
+REMOTE_TARGET_DIR > LOCAL_SOURC_DIR
+```
+
+```sh
+rsync -a <dir_to_copy_to> <dir_to_copy_from>
+```
+
+## Expanding directories
+
+The following:
+
+```sh
+rsync -a local_dir  target_dir
+```
+
+Will create `/target_dir/local_dir` at the target. In other words it will nest
+the actual directory you are interested in within what you have named the
+target.
+
+To avoid this, add a slash to the source directory, viz:
+
+```sh
+rysync -a local_dir/ target_dir
+```
+
+Now, at the target, there will just be `local_dir`.
+
+## Standard options I use
+
+```sh
+rsync -vzP
+```
+
+- verbose output
+
+- use compression (only really useful when running rysnc over a network)
+
+- display progress
+
+- preserve partially copied filed and resume if network connection interrupted
+
+## Archive mode
+
+Use "archive mode" when specifically wanting to create a backup of a directory
+(i.e. for long term storage rather than immediate use).
+
+```sh
+rsync -a
+```
+
+Archive mode is an umbrella for the following flags:
+
+- `-r`: recursive
+
+- `l`: copy [symlinks](./Symlinks.md) as symlinks
+
+- `p`: preserve permissions
+
+- `t`: preserve times
+
+- `g`: preserve group

zk/scp.md

@@ -0,0 +1,12 @@
+---
+tags: [file-transfer, Linux, procedural, servers]
+created: Sunday, April 27, 2025
+---
+
+# scp
+
+```sh
+scp host:/dir/*.sql.gz /local_machine/dir
+```
+
+> Obviously SSH from local to remote is a prerequisite