351 lines
23 KiB
Plaintext
351 lines
23 KiB
Plaintext
|
Episode: 4142
|
||
|
|
Title: HPR4142: A Shared Shell History With Atuin
|
||
|
|
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr4142/hpr4142.mp3
|
||
|
|
Transcribed: 2025-10-25 20:11:04
|
||
|
|
|
||
|
|
---
|
||
|
|
|
||
|
|
This is Hacker Public Radio episode 4,142 for Tuesday the 18th of June 2024.
|
||
|
|
Today's show is entitled A Shared Shell History with a Toon.
|
||
|
|
It is the first show by Newhost M&W and is about 28 minutes long.
|
||
|
|
It carries a clean flag.
|
||
|
|
The summary is, install and set up Attu and A Utility to make your shell magical.
|
||
|
|
Hello, welcome to Hacker Public Radio, my name is Marcus and this is my first episode.
|
||
|
|
I have tried and stopped and started recording this at least a dozen times, so hopefully
|
||
|
|
this take is the last one.
|
||
|
|
I wanted to thank Hacker Public Radio for all of the shows that people have produced
|
||
|
|
over the years and shout out to Cedric DeVroy and Mining the Web, HPR 4135.
|
||
|
|
That one came out of the emergency queue and spurred me to go ahead and get an episode
|
||
|
|
submitted.
|
||
|
|
Today, we're talking about Attu-Wing or Attu-In set atuion.sh.
|
||
|
|
It's alpha tango uniform, indianovimber.sh, zero hotel, so that will be where you can
|
||
|
|
go to get the installation instructions, the documentation, all of that stuff.
|
||
|
|
So what is it?
|
||
|
|
What are we doing here?
|
||
|
|
Attu-Wing is at its heart a terminal history replacement, so instead of pressing up and
|
||
|
|
going through your shell history or grepping your output of your history command, instead
|
||
|
|
this is feeding all of your history into a SQLite database, and then you can do cool
|
||
|
|
things with it.
|
||
|
|
Besides recording what command was running, it also knows like what the exit status was.
|
||
|
|
You can configure this so that, hey, you know what, I only want my history to contain
|
||
|
|
successfully executed commands.
|
||
|
|
You can also have different filtering rules, so you could say, you know, I don't want
|
||
|
|
my history to ever contain my GitHub access token, or I would prefer not to have any
|
||
|
|
password stored in my history.
|
||
|
|
You can pre-configure that, and now your history doesn't have these potential security issues
|
||
|
|
going on.
|
||
|
|
That's one of the things that I think is cool.
|
||
|
|
You can also have a server running.
|
||
|
|
You can run it yourself.
|
||
|
|
You can also use the publicly available one, and this allows you to sync your history so
|
||
|
|
that you can be across on different devices and still kind of sync your history to those
|
||
|
|
different devices.
|
||
|
|
You can have different users, so the server supports many users, so you're not stuck with
|
||
|
|
just one user, one port, or something like that, and it's in to end and encrypted.
|
||
|
|
I'll get into that when we talk about syncing, but the encryption, good enough that I've
|
||
|
|
messed up a few times and had to just kind of blow it away and just lose some of my history
|
||
|
|
because of mistakes I made, which I guess is the sign of any good encryption project.
|
||
|
|
Oh, I lost that data because I encrypt it and couldn't decrypt it.
|
||
|
|
All right, so how do we install this?
|
||
|
|
It's pretty easy.
|
||
|
|
You can use the installation script off of their website.
|
||
|
|
You can install using Brue, Home Brue as the application.
|
||
|
|
You can also use Mac ports.
|
||
|
|
If you're on a Mac, Nix has a package, Pac-Man has a package, Termux and XBPS have packages.
|
||
|
|
You can also install from the source.
|
||
|
|
I have installed using Home Brue and using Cargo.
|
||
|
|
Of course, Cargo Install Attuines is pretty simple.
|
||
|
|
Coping a bash redirect from curl is also pretty easy.
|
||
|
|
If you do need a super user access, it'll prompt you for a pseudo password.
|
||
|
|
That'll get you the client installed.
|
||
|
|
Once you have the client installed, I would kind of think about and ask yourself what
|
||
|
|
your goals are or what your use case is going to be.
|
||
|
|
If you don't plan on syncing this across to other servers, you're just going to run it
|
||
|
|
locally.
|
||
|
|
You're not going to have a system account or anything like that.
|
||
|
|
Then you're ready to go.
|
||
|
|
If you can edit the config file, it's going to be found under home slash dot config slash
|
||
|
|
attuines slash config dot t o m l, Tommel.
|
||
|
|
I always say Tommel.
|
||
|
|
I don't know if that's the way other people say it.
|
||
|
|
It's tango Oscar, Mike Lima, t o m l slash config dot Tommel.
|
||
|
|
If you go into that config file, you will find all your settings.
|
||
|
|
It's a nice little example config file.
|
||
|
|
So you can set like where your database path is, where your key is stored, the encryption
|
||
|
|
key is stored, whether or not you want you care US time.
|
||
|
|
And if your time zone should be defined, all that kind of stuff.
|
||
|
|
The big ones for me that I want to be sure and tell everyone about is style, the style
|
||
|
|
option.
|
||
|
|
You have auto full and compact.
|
||
|
|
I like compact.
|
||
|
|
The default is when you press up or you invoke it.
|
||
|
|
It takes up the whole screen fills up your whole screen shows you all the commands.
|
||
|
|
I didn't like that because a lot of times I'm using arm running commands in a context
|
||
|
|
of the other commands that are being run.
|
||
|
|
So I use style equals compact, but that's up to you.
|
||
|
|
Then there's in line height.
|
||
|
|
This is the maximum number of lines the interface should take up.
|
||
|
|
Zero will mean it'll be full screen.
|
||
|
|
I set it to 10, you can set it to whatever you'd like, but that's I usually do 10 lines
|
||
|
|
and then there's also the invert the UI option and it will put the search bar at the top
|
||
|
|
or the bottom of the of the screen when you start typing and this is just a personal preference.
|
||
|
|
I leave it as the default of false, but it's up to you.
|
||
|
|
This can be pretty nice.
|
||
|
|
If you're doing a full screen view, if I when I was doing full screen, I used to use
|
||
|
|
invert when I'm doing a compact view, I like it false, so that's just a personal preference
|
||
|
|
and check that out.
|
||
|
|
And there's one other one I wanted to mention, I'm just scrolling through the file here
|
||
|
|
to find it because here it is.
|
||
|
|
It's called enter underscore accept.
|
||
|
|
This it seems to be the number one big confusing thing for people when they first come in,
|
||
|
|
at least when I've searched around for different things people are asking questions about.
|
||
|
|
Enter underscore accept equals false is how I have it set up.
|
||
|
|
It's defaulted to true and what will happen is when you press up and you get your in
|
||
|
|
app to in and you can scroll through and search your options, well if you press enter, it's
|
||
|
|
going to just execute that command if enter accept equals true.
|
||
|
|
If if you want to edit the command once you've found the one you want to look at, if you
|
||
|
|
want to edit it, you press tab.
|
||
|
|
So if you set enter accept equals false, enter and tab kind of behave the same way.
|
||
|
|
So it's kind of, it depends on what your use case is, but for me, these were the big
|
||
|
|
ones.
|
||
|
|
Compact view and enter accept false.
|
||
|
|
Once you have those set, the rest are kind of, you can kind of fill, you read through
|
||
|
|
and decide what you want to do.
|
||
|
|
But anyway, I just wanted to be sure and mention that because it, it was quite a challenge
|
||
|
|
for me until I read the documentation and, and stop being hardheaded about it.
|
||
|
|
The issue or what I wanted to mention is if you're running this, if you want to run this
|
||
|
|
as a server, if you're going to have a server and you want to sync across multiple accounts
|
||
|
|
or multiple different hosts, then I like to go ahead and get the account setup before
|
||
|
|
I go through and start modifying my config file.
|
||
|
|
I like to be sure that all of the hosts have their configurations kind of all set up
|
||
|
|
beforehand.
|
||
|
|
And if you're going to have the server, you can do that.
|
||
|
|
It's just a personal preference.
|
||
|
|
You could do all the, you can do whatever order you want, but this is, no, this is my
|
||
|
|
approach.
|
||
|
|
Okay, so you've got your client installed.
|
||
|
|
Now you want to install the server where you're, you're thinking about, okay, it's time
|
||
|
|
to install the server.
|
||
|
|
Well, the server component, you're going to need a Postgres database, Postgres SQL, I
|
||
|
|
always say it funny.
|
||
|
|
In my head, you know, I don't know if you don't talk to people about this stuff all the
|
||
|
|
time, you end up saying it funny until you talk to someone.
|
||
|
|
So any Postgres or a Postgres SQL, you know what I mean, the Postgres database, you're
|
||
|
|
going to need one of those installed and your server is going to need to be able to access
|
||
|
|
it.
|
||
|
|
I was worried.
|
||
|
|
I was like, oh no, I only have this cheap VPS.
|
||
|
|
I'm paying $10 a year for how, how am I going to install this?
|
||
|
|
Well, don't worry.
|
||
|
|
In my H top, I am using, you know, when it's, when it's just kind of hanging out, I'm
|
||
|
|
sitting at 320 megs of active memory and I've got 100, I've got what, two gigs, two gigs
|
||
|
|
of RAM, two gigs of swap defined, and I'm only using 300, 300 megs of RAM.
|
||
|
|
So some people might argue I don't need to define swap, but hey, anyway, I just wanted
|
||
|
|
to mention that Postgres is running and it's just happy with two VCPUs and two gigs of
|
||
|
|
RAM.
|
||
|
|
It all depends on what your load is looking like.
|
||
|
|
You wouldn't want to open this up to your entire enterprise this way.
|
||
|
|
But all you do is, if you have Postgres installed, once you have that going, you want to
|
||
|
|
create an Atulane user and a database that's owned by that user.
|
||
|
|
The Atulane Server Setup Guide was written by Tessus, T-E-S-S-U-S, as well as with contributions
|
||
|
|
from MacSlow.
|
||
|
|
So shout out to those guys.
|
||
|
|
This document really, really helped me in getting this going.
|
||
|
|
So once you have a database user, then you create an OS user, so that once you create the
|
||
|
|
database, then you create an OS user, because that's what Postgres seems to like, is you
|
||
|
|
go ahead and create the user, and then that way you have a system user for your Postgres
|
||
|
|
user.
|
||
|
|
The document kind of walks you through how to set that up.
|
||
|
|
The big thing is that the guide has you making a few changes, so that your Atulane config
|
||
|
|
lives in ETC Atulane, and then it creates a custom log directory for you, and walks you
|
||
|
|
through creating a system D file.
|
||
|
|
All of this stuff is pretty cool, and if you haven't written a lot of system D stuff,
|
||
|
|
this is pretty low stakes, and is, I don't know, I like it.
|
||
|
|
I thought this was really good and helpful.
|
||
|
|
So when you run the server, one of the things to know is it does offer, it will listen on
|
||
|
|
a TCP port, and you can, if you really want to, set it up so that it's serving, and people
|
||
|
|
can just come to your server directly from the internet.
|
||
|
|
I would recommend that.
|
||
|
|
I like to, but I'm also kind of lazy.
|
||
|
|
So what I have ended up doing is using a reverse proxy, and it's also defined in the guide.
|
||
|
|
Now if you're using the guide itself includes a reverse proxy for Apache.
|
||
|
|
For me, I, it was using engine X, so I used a different, it's very similar, but it's,
|
||
|
|
you can't just copy and paste from the guide if you're using engine X.
|
||
|
|
Let's see.
|
||
|
|
It's engine X, sites, enables, actuane, all right, let's see what we did.
|
||
|
|
The big thing here is, or I guess my big tip for everyone is I could not get the server
|
||
|
|
to work off of a, off of a path, like a, like the documentation of the guide says,
|
||
|
|
proxy password slash actuane to your local host on the port that you're running on.
|
||
|
|
But for me, I found that that kept failing or wouldn't log in was giving me errors.
|
||
|
|
So instead, I just set up a subdomain.
|
||
|
|
I said actuane.domainname.com, and then set up my VPS to be the target for that.
|
||
|
|
So the server name is actuane.domain.com, and then I use proxy pass to the port that
|
||
|
|
it's running on, and I proxy pass request headers is also on.
|
||
|
|
I usually turn off, like ignore, I usually ignore invalid headers and allow underscores
|
||
|
|
in headers.
|
||
|
|
Just, this is usually just my setup, I don't know if this is what anybody else does, or
|
||
|
|
if I'm opening myself up to being consumed by the, by the infinite darkness of the internet,
|
||
|
|
but that's just how I usually roll.
|
||
|
|
Once you have a config file though, then now you can use, if you've set up Lexin Crypt,
|
||
|
|
you can now use the certbot to go ahead and give yourself an SSL certificate.
|
||
|
|
Hooray, you are most of the way done.
|
||
|
|
At this point, I hope, if you've been following along at this point, you can, you have clients,
|
||
|
|
you have a client, at least one, that has actuane installed, but you haven't run any commands
|
||
|
|
or done anything with it yet.
|
||
|
|
If you wanted to have a server, you also have a server machine somewhere that you've installed,
|
||
|
|
the software, you've installed rest up, you've installed the application, and you've followed
|
||
|
|
the, how to set up an actuane server guide that the user's test is set up that's over
|
||
|
|
there on actuane, and, and Maxlo has, guy, we're going to get into Maxlo's contribution
|
||
|
|
here now.
|
||
|
|
Now that you've got that, it's time to, well, once you've got the server running, then
|
||
|
|
we can kind of get into configuring the client.
|
||
|
|
If you're running into errors with the, the, the actual like getting the system to work
|
||
|
|
or getting the application to work, the issues that I ran into that kind of to, to give
|
||
|
|
you tips on is make sure that the password that you have set up or that you think you
|
||
|
|
set up, you can try and log in as that, as that user, and check that it actually lets
|
||
|
|
you log in.
|
||
|
|
That can be a bit of a, that can be helpful.
|
||
|
|
You can use PSQL, that's Postgres SQL, so popusier, Quebec, Lima, PSQL, Space-D, like
|
||
|
|
it's hyphen, delta, minute quote, and then you can copy and paste that whole connection
|
||
|
|
string that you were using.
|
||
|
|
So Postgres, colon, slash slash actuane, colon, the password at 127.0.1.
|
||
|
|
Whatever your port is, slash actuane, 5432, I think it's the default, and then you can
|
||
|
|
just pass that along with the dash c, space quote, select space now, just a basic command.
|
||
|
|
But what you can do is that will let you know and make sure, hey, does my, does my user
|
||
|
|
can I use or log in?
|
||
|
|
Okay, great, my user can log in.
|
||
|
|
Next thing, how well, what's going on with my actually running it?
|
||
|
|
Well, if your service is running, then you can just use, you know, service atuane, status,
|
||
|
|
right, and then that will show you, sorry, I'm typing it now, so it's easier to do it
|
||
|
|
when you're typing.
|
||
|
|
You can type it, and if it's not running, it's going to tell you what it tried to run
|
||
|
|
and where it failed, right, and so there's the command that you can actually run.
|
||
|
|
So you can pseudo into that user and just try and run that command, or you can do, let
|
||
|
|
me see if I, if I did it in my history, pseudo dash, yeah, I, what I was doing was pseudo
|
||
|
|
dash, I, you, space atuane and then bash to even though, because when you set the user,
|
||
|
|
they don't have a shell or any account, but I usually, I like to just pseudo into atuane
|
||
|
|
and run bash, and then that was, that was my hacky way to get, get in and run the atuane
|
||
|
|
command, and that helped me figure out like, oh, are my user permissions wrong?
|
||
|
|
Or what am I doing wrong?
|
||
|
|
Sorry, that was, that was a long aside, but I wanted to be sure and get that out, because
|
||
|
|
that stuff killed me for a while.
|
||
|
|
So now we've got the server configured and it's running and life is beautiful, at least
|
||
|
|
in that component.
|
||
|
|
We want to go to our client and we're going to need to go through and set up our configuration.
|
||
|
|
Like I mentioned before, there are a few settings that I think are great that everybody should
|
||
|
|
go ahead and configure or use such as the, the compact mode and stuff like that.
|
||
|
|
Let me go ahead and just reiterate those, we'll grab the out of the config file, the style
|
||
|
|
compact inline height, being inline underscore height, you know, around 10 or so and enter
|
||
|
|
underscore except being set to false.
|
||
|
|
Those are the big convenience ones for me.
|
||
|
|
If you're running your own server though, you're going to want to go in and edit the sync
|
||
|
|
underscore address to match the address of your domain.
|
||
|
|
And you'll also, there's a lot of sync options, including auto sync equals true.
|
||
|
|
For me, I'm a big fan of auto sync equals true.
|
||
|
|
And then that will just go ahead and keep things synced up for you, but whenever you run
|
||
|
|
a command, okay, magical, all right, now I've got my configuration there, now you're going
|
||
|
|
to need to register.
|
||
|
|
The server guide tells you how to do that, the other documentation into the two, but this
|
||
|
|
is exceptionally important if you plan on running, at doing on multiple clients.
|
||
|
|
If you're going to be having two or three servers or one other server, whatever the case
|
||
|
|
is, if you're running on multiple hosts, you're going to want to be careful with this step.
|
||
|
|
You're going to create, you're going to log in and register an account on one server,
|
||
|
|
on one client.
|
||
|
|
So you're going to add to an register and you'll provide a username in your email.
|
||
|
|
Don't worry, you're giving yourself an email.
|
||
|
|
This is just another identifier and then you're providing a password.
|
||
|
|
Whenever you log in, you do the same thing yet.
|
||
|
|
You provide a username or you provide the username and the password.
|
||
|
|
And then it will ask you, please enter encryption key.
|
||
|
|
Well, I don't have one, just leave it blank to use the existing file.
|
||
|
|
So if you registered the account, press enter, that'll go ahead and use your key file that
|
||
|
|
was generated when you created the account.
|
||
|
|
Now once you do that, you have, this guy has the key, but you need to get this key to your
|
||
|
|
other host, okay?
|
||
|
|
So with that, you'll run Attuene Space Key and that'll spit out a bunch of words, a list
|
||
|
|
of words, right?
|
||
|
|
And that is going to be the nice user-friendly way to copy the key around or move it around.
|
||
|
|
I'm digging through my history real quick here to get it for you.
|
||
|
|
So tween dash, log in, all right.
|
||
|
|
So the way that I did this, you can do it different ways, I'm sure, but the way I did this was
|
||
|
|
I used Attuene Space Login, space hyphen u space the username, and then space dash k, like
|
||
|
|
for key.
|
||
|
|
And then I used it.
|
||
|
|
I did double quotes or a double inverted comma, I don't know.
|
||
|
|
The British have a different way of saying double quotes, but anyway, dash k, space quotes,
|
||
|
|
then that whole string of words, you know, because like for me, I won't give you the whole
|
||
|
|
thing.
|
||
|
|
I don't want you to copy my key, but it's like, it's like donor credits, sorry, congress,
|
||
|
|
host, onion, ethics, blah, it's a whole, it's a word soup, and then you just close quotes.
|
||
|
|
It's one to, I don't know, it's not a whole lot of words, it's long enough that it goes
|
||
|
|
off the edge of my terminal sometimes.
|
||
|
|
But anyway, you put that in and then it'll ask you for your password, you just go ahead
|
||
|
|
and type your password in.
|
||
|
|
And what you do that, now you're using the same encryption key on both hosts, and now
|
||
|
|
your history can sink across the different, different clients, and it's in and encrypted
|
||
|
|
to the server.
|
||
|
|
The server, on the server site, you've got the server running a server, you know, there's
|
||
|
|
a service running on the server, and you've got that going, but your user, your personal
|
||
|
|
user, your account, you know, whatever account you used to do other stuff on your VPS, you
|
||
|
|
can then log in to the server also, I used to edit your config and set it up.
|
||
|
|
In your config, you can change the server if you want, but for me, I left it so that
|
||
|
|
it was the exact same config on all of the clients that way, it was consistent, at
|
||
|
|
least the experience was consistent.
|
||
|
|
So yeah, those are kind of the, that's, once you do that, now all your new commands,
|
||
|
|
oh great, they're going to, they're going to sync up.
|
||
|
|
But if you want to get the old stuff, you'll want to use the command attwing space sync,
|
||
|
|
space stash f, that's going to send all of your commands, all of the commands that
|
||
|
|
attwing knows about up to the server, hmm, did we forget a step?
|
||
|
|
Yep, we did, we forgot to get your old history, maybe do you want to send your old history
|
||
|
|
up if you do, and I, I wanted to, then you'll want to import your existing history using
|
||
|
|
the import command, so you can say attwing import auto, or you can specify the shell attwing
|
||
|
|
import bash or attwing import and zsh, either way, that will go ahead and add your, your
|
||
|
|
attwing stuff, your history to attwing.
|
||
|
|
Now you can run the sync command, and that'll sync it to the server, and you can do that
|
||
|
|
on all the different, different clients, boom.
|
||
|
|
All commands you may want to run, attwing doctor will give you output that's useful if
|
||
|
|
you're going to do any bug reports or go to the forums or anywhere and ask for help.
|
||
|
|
You can also use attwing info, space info, and that'll show you where all your config
|
||
|
|
files are.
|
||
|
|
You can also edit the output format, there's a lot of customization options that I kind
|
||
|
|
of leave to you, I didn't really do a bunch of configuration with that.
|
||
|
|
I could tell you that there is a way, if your encryption keys get out of sync for some
|
||
|
|
reason, or if your encryption messes up, there's ways to purge it, but that's in the support
|
||
|
|
forum, there's a lot of discussion, there's help with that, so anyway, I just wanted to
|
||
|
|
be sure and throw it out there, hey, don't worry, it's possible to get it all fixed up.
|
||
|
|
Yeah, so that kind of nails down the whole process.
|
||
|
|
Once you've registered and synced, one thing that you can do that I think is fun is you
|
||
|
|
can run the command attwing space stats, STATs, that will give you the stats for the commands.
|
||
|
|
What command are you running the most frequently?
|
||
|
|
I use ls and vi way a lot, and then like pwd is down there, you know, it's still there,
|
||
|
|
but you can set like the top 10 or the top 20 commands you want, you can also pass in
|
||
|
|
a date, and it'll give you 24 hour range, all will tell you all, so you'd say stats,
|
||
|
|
let's see, like we'd say stats may 31, may 31, and then it'll tell me, hey, I used the
|
||
|
|
notify command, the ntf y is another project, I like a lot, but ntf y I ran that 17 times,
|
||
|
|
I ran the service command nine times, interesting, of course, that you can filter it out, so your
|
||
|
|
pseudo commands don't show up, or whatever you'd like, but I just, I think it's neat because
|
||
|
|
you can add this to your .zshrc or just your login or your motd, whatever, however you
|
||
|
|
want to deal with it, but you can have it so that when you log in, it's like, hey, these
|
||
|
|
are your stats from yesterday, and I always think that's fun, as long as it's not, I got
|
||
|
|
in trouble with winter, the weather in your terminal, because it's like, if you have
|
||
|
|
like eight, if you're running eight queries to this service, and then your network connections
|
||
|
|
down, you're going to have a hard time. Hopefully with this, though, the atoying will always
|
||
|
|
be available, so it's not going to cost you time, or there's not a risk of you hanging
|
||
|
|
like that. Well, I kind of ended up talking about this and going through the setup process
|
||
|
|
with you, like I would somebody I was talking to in real life, so I hope that wasn't annoying,
|
||
|
|
and I hope that 30 minutes isn't too long for an episode where we just kind of walk through
|
||
|
|
a process. I use this tool many times a day, and I think it's invaluable. There are
|
||
|
|
so many options and configuration choices that you can go through, and I just think it's
|
||
|
|
amazing. I'm just getting started, but since I didn't see anything in the hacker public
|
||
|
|
radio series or shows about atoying, I really wanted to mention it. Also, shout out to
|
||
|
|
Ellie Huckstable, who created the project, and well, that about wraps it up as far as
|
||
|
|
the things I know about atoying and what I wanted to share with everyone on hacker public
|
||
|
|
radio about atoying. I've been a listener for a long time, and so I appreciate getting
|
||
|
|
the chance to contribute.
|
||
|
|
You have been listening to Hacker Public Radio, and Hacker Public Radio does work. Today's
|
||
|
|
show was contributed by a HBR listener like yourself. If you ever thought of recording
|
||
|
|
podcast, you click on our contribute link to find out how easy it really is. Hosting
|
||
|
|
for HBR has been kindly provided by an honesthost.com, the internet archive, and our
|
||
|
|
things.net. On the Sadois status, today's show is released under Creative Commons, Attribution
|
||
|
|
4.0 International License.
|