It's late. 🥱
You finish your night coding session by typing shutdown -h now in a terminal.
But nothing happens.
Because it's the wrong terminal.
And suddenly your production server is unreachable.
Protect you from yourself. Hop on the boulette train!
Boulette prevents you from accidentally damaging remote hosts by raising a warning prompt on dangerous commands. The prompt simply asks for user confirmation, and can also enforce a challenge resolution to decide whether to resume(or abort) the command.
Prefix a critical command with boulette and a confirmation prompt will show up.
As an example we will use the shutdown command
however every command can be bouletteproofed.
boulette "shutdown -h now"Create an alias to replace the command with the bouletteproof one. See the Write aliases section.
And then safely use shutdown 😌.
In order to execute the provided command you can choose between some challenges to be resolved:
-
ask, which is the default (
--challenge ask). You have to type 'y' or 'n' to resume commande execution.
-
hostname, enable with
--challenge hostname. You must type the host name to resume command execution.
-
numbers, with
--challenge numbersYou must type a random 6 number sequence to resume command execution.
-
characters, with
--challenge charsYou must type a random 6 character string (Lower case 'a' to 'z' [a-z]) to resume command execution.
Boulette confirmation prompt can be triggered inside ssh session only thanks to the --ssh-only option.
When aliasing a command <cmd> with boulette <cmd>, typing <cmd> will execute transparently in a local terminal,
and will only raise a prompt when executed from inside an ssh session.
alias off='boulette "shutdown -h now"' --ssh-only
The idea is to enforce a prompt on your most dangerous commands. We can do so by creating aliases of those commands and prefixing them with boulette.
For example, setting the following alias,
alias off='boulette "shutdown -h now"' --ssh-onlywill prompt you whenever you type shutdown -h now.
Here are the one-liners I use the most frequently.
alias off='boulette "shutdown -h now" --ssh-only --challenge hostname'
alias sus='boulette "systemctl suspend" --ssh-only --challenge hostname'You can also enable boulette on a command and its every subcommands.
Let's say you want to protect yourself from shutdown command ant its
every options.
This way shutdown -r, shutdown -h now and others will also raise a warning prompt.
Create a shell function to wrap the command call.
- for bash and zsh shells
shutdown () {
boulette "shutdown $@" --ssh-only --challenge hostname
}- for fish shell
function shutdown;
boulette "shutdown $argv" --ssh-only --challenge hostname
endIf you really are reckless and scroll, eye shuts, through your shell history
You are more likely to pase a command prefixed with sudo every dangerous commands.
cargo install --git https://github.com/pipelight/boulette
nix-shell -p https://github.com/pipelight/boulette
Add the flake url to your inputs.
inputs.boulette.url = "github:pipelight/boulette";imports = [
inputs.boulette.nixosModules.default
# or
inputs.boulette.hmModules.default
];Tweak the following options to your needs.
# default.nix AND/OR home.nix
services.boulette = {
enable = true; # Will enable and install `boulette` to your path.
enableZsh = true; # Optional: Will add guards for `shutdown` and `reboot` commands to your `zsh` interactive shell sessions.
enableBash = true; # Optional: Will add guards for `shutdown` and `reboot` commands to your `bash` interactive shell sessions.
enableFish = true; # Optional: Will add guards for `shutdown` and `reboot` commands to your `fish` interactive shell sessions.
challengeType = "hostname"; # Optional: Defaults to ask. One of "ask" "hostname", or "numbers".
sshOnly = false # Boolean, default is`false`. Optional: Boulette confirmation prompts will be triggerd inside ssh session only. Only effects the enable{zsh,bash,fish} options.
};You can display a usefull help message with minimal examples.
boulette --helpGreatly inspired by Molly-guard.