I will use a Web API as an example project, and since I’ll be using curl live to query it, I’ll need to pipe responses through jq to obtain nicely formatted JSON for the audience.

The problem with jq is that it crashes on 400s or 500s because the response body is empty in those cases. Error responses are inherent to the demo, and crashes are not the most desirable thing during a presentation.

I cooked up a quick bash function that enhances curl and jq. It is called cj (curl + jq) and prevents crashes on errors, displays HTTP status codes with color-coded output (green for success, red for errors), and prettifies JSON responses.¹

As I fully expect someone in the audience to raise their hand and ask what the hell “cj” is, I’m posting it for reference so I can point them here if needed (Hi there!).

The function looks like this:

cj() {
    local response http_code body
    
    response=$(curl -s -w "\n%{http_code}" "$@")
    http_code=${response##*$'\n'}
    body=${response%$'\n'*}
    
    if [[ $http_code =~ ^2[0-9][0-9]$ ]]; then
        echo -e "\033[0;32mHTTP Code: $http_code\033[0m"
        echo "$body" | jq 2>/dev/null || echo "$body"
    else
        echo -e "\033[0;31mHTTP Code: $http_code\033[0m"
        echo -e "\033[0;31m$body\033[0m"
    fi
}

It currently sits at the bottom of my .zshrc file. I might turn it into a script in the future, but it’s probably going to be short-lived, so I’m happy with its current residence.

It’s pretty straightforward, but let’s break it down line by line.

cj() {

Defines a function named cj (short for “curl with jq”), which will wrap the standard curl command with automatic JSON formatting and colored output.

local response http_code body

Declares three local variables scoped to this function: response will store the full curl output, http_code will contain the HTTP status code, and body will hold the response body.

response=$(curl -s -w "\n%{http_code}" "$@")

Executes curl with the -s flag for silent mode (no progress bar), -w "\n%{http_code}" to append a newline and the HTTP status code at the end of the output, and "$@" to forward all arguments passed to the function. The entire output is captured in the response variable.

http_code=${response##*$'\n'}

Extracts the HTTP status code using Bash parameter expansion. The ##*$'\n' pattern removes everything up to and including the last newline, leaving only the status code. This is faster than using external commands like tail.

body=${response%$'\n'*}

Extracts the response body using parameter expansion. The %$'\n'* pattern removes the last newline and everything after it (the status code), leaving only the body content. This is more efficient than using, say, sed.

if [[ $http_code =~ ^2[0-9][0-9]$ ]]; then

Checks if the HTTP status code matches the pattern for success responses (2xx). The regex ^2[0-9][0-9]$ matches any three-digit number starting with 2.

echo -e "\033[0;32mHTTP Code: $http_code\033[0m"

Prints the HTTP status code in green color. The -e flag enables interpretation of backslash escapes, \033[0;32m is the ANSI code for green text, and \033[0m resets the color back to default.

echo "$body" | jq 2>/dev/null || echo "$body"

This one was fun. Attempts to format the response body as JSON using jq. If jq is not installed or the body isn’t valid JSON, stderr is redirected to /dev/null and the || operator triggers the fallback, which simply prints the raw body.

else
        echo -e "\033[0;31mHTTP Code: $http_code\033[0m"

For non-2xx responses (errors), prints the HTTP status code in red color using the ANSI code \033[0;31m.

echo -e "\033[0;31m$body\033[0m"

Prints the error response body also in red color, making errors immediately visible during the demo.

And that is all.

1. 5180 git
2. 777 cd
3. 653 ls
4. 452 go
5. 440 ./invoice
6. 377 dotnet
7. 373 rm
8. 270 vi
9. 225 cat
10. 219 ssh

Version control dominates the scene (a gentle middle finger for the youngster - you know who you are - who told me I should not be coding anymore). I also like that the list hints at the new stuff I’ve been working on recently and am excited about.

Generated with history | awk '{print $2}' | sort | uniq --count | sort --numeric-sort --reverse | head -10 and inspired by Chris De Luca.

I use the reverse lookup of bash-history (Ctrl+R) daily. Still, only today (thanks to an HN comment on Bash-Onliner) did I learn that it also preserves one’s comments, which can be exploited to invoke complex commands quickly:

$ mv -n ~/Desktop/*.pdf ~/Documents/PDF_Archive/  #pdfsync

Then, you simply Ctrl-R and type “pdfsync” to recall the above command when needed. Neat.

crontab: installing new crontab
crontab: crontabs/<user>: rename: Operation not permitted
crontab: edits left in /tmp/crontab.hgmsOH/crontab

Puzzled, I checked whether my user permissions were all right, if the disk was full, and several other things. Long story short, the fix was this one:

sudo chattr -i /var/spool/cron/crontabs/<user>
sudo chown <user>:crontab /var/spool/cron/crontabs/<user>

Somehow, the user’s crontab file had become immutable.

find content/post/*.md -type f -exec \
    sed -i .bak 's|https://nicolaiarocci.substack.com|https://buttondown.email/nicolaiarocci|g' {} +

It is pretty straightforward. find looks for all markdown files in the content/post/ directory. On each file, sed performs a search-and-replace action. Notice that I use | instead of the standard / as a separator for the search-and-replace pattern , and that’s because the pattern itself has /s in the URLs so I need to differentiate. Also, on macOS, the -i parameter requires a backup file argument ("*.bak") to make a backup copy before the update. This argument is unnecessary in newer sed versions and will perform an in-place update if not provided.

Later, I realized I would be better off if I removed the call to action from my posts and added it to the footer template instead. That way, I’d only have one place to edit or update it in the future, and my RSS feed (and newsletter updates, as they draw from the RSS feed) would be clean of unnecessary spam. In hindsight, this a move I could’ve made many years ago (2010?) when I installed Hugo for the first time, but hey, better late than never. But how could I delete calls to action from all my 5K posts? With a variation of the above command, of course:

find content/post/*.md -type f -exec sed -i .bak '/

It is the same logic as above, but we’re replacing the matched string with a “delete all lines till the end of the file” pattern this time. I must admit that this one was trickier to pull off and required a discrete amount of trial and error.

Looking at the rsync documentation, I learned about the nifty --rsync-path=PROGRAM option:

Use this to specify what program is to be run on the remote machine to start-up rsync. Often used when rsync is not in the default remote-shell’s path (e.g. –rsync-path=/usr/local/bin/rsync).

The example caught my attention. I could perhaps leverage this option to perform a user switch before executing rsync (now performed on the remote machine). As further research confirmed, it can be done:

rsync --rsync-path 'sudo -u backup rsync' -a --delete host:source destination

It didn’t work immediately because my user was not a sudoer, but that was an easy fix:

cat > /etc/sudoers.d/myuser << EOF
myuser ALL=(ALL) NOPASSWD:/usr/bin/rsync
EOF

As you can see, not only must the user be a sudoer, but it also needs to be able to sudo with no password. One last minor issue was that ‘backup’, being a service user, had no shell access. That was another easy fix:

sudo usermod -s /bin/bash backup

Now my rsync-with-a-different-user command works like a charm. I do have some mild security concerns, though. My user is a sudoer (can only sudo rsync, though¹), and ‘backup’ now has shell access. As password logins are turned off, and SSH keys-only access is allowed to the machine (and I’m the only person holding those keys), everything’s still reasonably safe. Are there better ways? Please let me know.