Add commands

Author: SimonSchubert

assets/commands/apptainer-capability.md

@@ -0,0 +1,69 @@
+# TAGLINE
+
+Manage Linux capabilities for Apptainer container users and groups
+
+# TLDR
+
+**List capabilities** granted to a specific user
+
+```sudo apptainer capability list --user [username]```
+
+**Grant a capability** to a user
+
+```sudo apptainer capability add --user [username] [CAP_NET_RAW]```
+
+**Drop a capability** from a user
+
+```sudo apptainer capability drop --user [username] [CAP_NET_RAW]```
+
+**Grant all capabilities** to a group
+
+```sudo apptainer capability add --group [groupname] all```
+
+**List all available** Linux capabilities with descriptions
+
+```apptainer capability avail```
+
+**Drop all capabilities** from a user
+
+```sudo apptainer capability drop --user [username] all```
+
+# SYNOPSIS
+
+**apptainer capability** _subcommand_ [_options_]
+
+# DESCRIPTION
+
+**apptainer capability** manages Linux capabilities granted to users and groups for use inside Apptainer containers. Administrators use this command to authorize specific users or groups to request particular capabilities at container runtime.
+
+Capabilities are stored in a **capability.json** file maintained by Apptainer. Granting a capability does not automatically enable it inside containers — users must explicitly request granted capabilities at runtime using the **--add-caps** flag with commands like **apptainer exec** or **apptainer run**.
+
+# SUBCOMMANDS
+
+**add**
+> Grant one or more Linux capabilities to a user or group. Requires root.
+
+**drop**
+> Revoke one or more Linux capabilities from a user or group. Requires root.
+
+**list**
+> Display capabilities currently assigned to a user or group.
+
+**avail**
+> Show all recognized Linux capabilities with brief descriptions.
+
+# PARAMETERS
+
+**--user** _name_
+> Target a specific user for add, drop, or list operations.
+
+**--group** _name_
+> Target a specific group for add, drop, or list operations.
+
+# CAVEATS
+
+Granting Linux capabilities to users is usually equivalent to granting root-level access on the host system. Most capabilities allow users to break out of containers and escalate privileges. This feature is intended for trusted environments, not multi-tenant HPC clusters. Both **add** and **drop** accept the case-insensitive keyword **all** to operate on every available capability at once.
+
+# SEE ALSO
+
+[apptainer](/man/apptainer)(1), [apptainer-exec](/man/apptainer-exec)(1), [apptainer-run](/man/apptainer-run)(1), [capabilities](/man/capabilities)(7)

assets/commands/cfv.md

@@ -0,0 +1,100 @@
+# TAGLINE
+
+Versatile checksum file verifier and creator
+
+# TLDR
+
+**Verify files** against a checksum file in the current directory
+
+```cfv```
+
+**Create an SFV** checksum file for all files in a directory
+
+```cfv -C -t sfv -f [checksum.sfv] [path/to/directory/*]```
+
+**Create an MD5** checksum file
+
+```cfv -C -t md5 -f [checksum.md5] [path/to/files/*]```
+
+**Create a SHA1** checksum file
+
+```cfv -C -t sha1 -f [checksum.sha1] [path/to/files/*]```
+
+**Verify and show status** for each file
+
+```cfv -v [path/to/checksum.sfv]```
+
+**Recursively verify** all checksum files in subdirectories
+
+```cfv -r```
+
+**Search for misnamed files** when verification fails
+
+```cfv -s [path/to/checksum.sfv]```
+
+# SYNOPSIS
+
+**cfv** [**-T**|**-C**] [**-t** _type_] [**-f** _file_] [**-r**|**-rr**] [**-v**|**-V**] [**-n**|**-N**] [**-s**] [**-u**|**-uu**] [_files..._]
+
+# PARAMETERS
+
+**-C**
+> Create mode: generate a new checksum file.
+
+**-T**
+> Test mode (default): verify files against a checksum file.
+
+**-t** _type_
+> Checksum type: **sfv**, **md5**, **bsdmd5**, **sha1**, **sha256**, **sha512**, **csv**, **csv2**, **csv4**, **par**, **par2**, **torrent**.
+
+**-f** _file_
+> Specify the checksum file to read or write.
+
+**-r**
+> Recurse into directories. Use **-rr** to recurse into both files and checksum files.
+
+**-v**
+> Verbose: print status for every file, not just errors.
+
+**-V**
+> Disable verbose output.
+
+**-n**
+> Rename files with bad checksums to filename.bad.
+
+**-N**
+> Disable renaming.
+
+**-s**
+> Search for misnamed files when a file is not found.
+
+**-u**
+> Show unverified files. Use **-uu** to show unverified files in subdirectories.
+
+**-z**
+> Support gzip-compressed checksum files. Use **-zz** to use gzip on all checksum files.
+
+**-p** _dir_
+> Change to directory before processing.
+
+# DESCRIPTION
+
+**cfv** is a utility for testing and creating checksum verification files. It automatically detects the checksum format when verifying, and supports a wide range of formats including SFV, MD5, SHA1, SHA256, SHA512, CSV, PAR/PAR2, and BitTorrent metainfo files.
+
+In test mode (default), cfv reads a checksum file and verifies that each listed file matches its recorded checksum. In create mode (**-C**), it generates a new checksum file from the specified input files. The tool can search for misnamed files, rename corrupted files, and recursively process directory trees.
+
+# CONFIGURATION
+
+Configuration file at **~/.cfvrc** contains default options (one per line, same syntax as command-line flags). Options on the command line override the config file.
+
+# CAVEATS
+
+PAR and PAR2 formats are supported for verification only, not creation. BitTorrent verification requires the original directory structure. Exit codes are bitwise-ORed: 2 (bad checksum), 4 (size mismatch), 8 (not found), 16 (file error), 32 (unverified), 64 (checksum file error).
+
+# HISTORY
+
+**cfv** was originally written in **Python** as an open-source checksum verification tool. It gained popularity in the file-sharing community for its broad format support, particularly SFV and MD5. The project was later forked as **cfv2** to maintain Python 3 compatibility after the original project became unmaintained.
+
+# SEE ALSO
+
+[md5sum](/man/md5sum)(1), [sha1sum](/man/sha1sum)(1), [sha256sum](/man/sha256sum)(1), [cksum](/man/cksum)(1)

assets/commands/docker-buildx-du.md

@@ -0,0 +1,60 @@
+# TAGLINE
+
+Show disk usage of Docker build cache
+
+# TLDR
+
+**Show build cache** disk usage
+
+```docker buildx du```
+
+**Show detailed** disk usage with all metadata
+
+```docker buildx du --verbose```
+
+**Show disk usage** for a specific builder
+
+```docker buildx du --builder [builder_name]```
+
+**Filter** cache records by age
+
+```docker buildx du --filter until=[24h]```
+
+**Format output** as JSON
+
+```docker buildx du --format json```
+
+# SYNOPSIS
+
+**docker buildx du** [_options_]
+
+# PARAMETERS
+
+**--filter** _key=value_
+> Filter output using key-value selectors.
+
+**--format** _format_
+> Format output using a Go template or predefined format (e.g., json).
+
+**--timeout** _duration_
+> Override default timeout for loading builder status (default: 20s).
+
+**--verbose**
+> Show detailed output with additional metadata.
+
+**--builder** _name_
+> Target a specific builder instance.
+
+# DESCRIPTION
+
+**docker buildx du** displays disk usage information for the build cache of the currently selected (or specified) builder instance. The output lists cache records with their IDs, whether they are reclaimable, their size, and when they were last accessed.
+
+This command is useful for understanding how much disk space the build cache consumes before deciding to prune it with **docker buildx prune**.
+
+# CAVEATS
+
+Asterisks in the output indicate mutable records (size may change) or shared storage that overlaps with other resources. The reported sizes may not reflect actual reclaimable space when records are shared between builds.
+
+# SEE ALSO
+
+[docker-buildx-prune](/man/docker-buildx-prune)(1), [docker-buildx-ls](/man/docker-buildx-ls)(1), [docker-build](/man/docker-build)(1), [docker](/man/docker)(1)

assets/commands/docker-buildx-ls.md

@@ -0,0 +1,50 @@
+# TAGLINE
+
+List Docker Buildx builder instances
+
+# TLDR
+
+**List all builder** instances
+
+```docker buildx ls```
+
+**List builders** without truncating output
+
+```docker buildx ls --no-trunc```
+
+**List builders** with a custom format
+
+```docker buildx ls --format "{{.Name}}: {{.Status}}"```
+
+**List builders** as JSON
+
+```docker buildx ls --format json```
+
+# SYNOPSIS
+
+**docker buildx ls** [_options_]
+
+# PARAMETERS
+
+**--format** _format_
+> Format output using a Go template or predefined format. Default: table.
+
+**--no-trunc**
+> Do not truncate output.
+
+**--timeout** _duration_
+> Override default timeout for loading builder status (default: 20s).
+
+# DESCRIPTION
+
+**docker buildx ls** lists all builder instances and their associated nodes. The output shows the builder name, driver, endpoint, status, BuildKit version, and supported platforms. The currently selected builder is marked with an asterisk (**\***).
+
+Each builder may have multiple nodes representing different build environments or platforms. The default builder uses the Docker daemon's built-in build capabilities, while additional builders can use the **docker-container**, **kubernetes**, or **remote** drivers.
+
+# CAVEATS
+
+Builder status is loaded with a default 20-second timeout. Builders using remote drivers or Kubernetes may appear as inactive if the endpoint is unreachable within the timeout window.
+
+# SEE ALSO
+
+[docker-buildx-rm](/man/docker-buildx-rm)(1), [docker-buildx-du](/man/docker-buildx-du)(1), [docker-build](/man/docker-build)(1), [docker](/man/docker)(1)

assets/commands/docker-buildx-prune.md

@@ -0,0 +1,73 @@
+# TAGLINE
+
+Remove Docker Buildx build cache
+
+# TLDR
+
+**Prune all build cache** with confirmation prompt
+
+```docker buildx prune```
+
+**Force prune** without confirmation
+
+```docker buildx prune -f```
+
+**Prune all cache** including internal and frontend images
+
+```docker buildx prune --all```
+
+**Prune cache** older than 24 hours
+
+```docker buildx prune --filter until=[24h]```
+
+**Prune cache** and keep at most 2 GB
+
+```docker buildx prune --max-used-space [2gb]```
+
+**Prune cache** ensuring at least 10 GB free disk space
+
+```docker buildx prune --min-free-space [10gb]```
+
+# SYNOPSIS
+
+**docker buildx prune** [_options_]
+
+# PARAMETERS
+
+**-a**, **--all**
+> Remove all cache including internal and frontend images.
+
+**-f**, **--force**
+> Skip the confirmation prompt.
+
+**--filter** _key=value_
+> Filter cache records to prune (e.g., until=24h, type, inuse, shared).
+
+**--max-used-space** _size_
+> Maximum total disk space for the cache (e.g., 2gb, 512mb).
+
+**--min-free-space** _size_
+> Target amount of free disk space after pruning.
+
+**--reserved-space** _size_
+> Minimum disk space permanently reserved for cache.
+
+**--timeout** _duration_
+> Override default timeout for loading builder status (default: 20s).
+
+**--verbose**
+> Show detailed output.
+
+# DESCRIPTION
+
+**docker buildx prune** clears the build cache of the currently selected builder instance. By default it removes only reclaimable cache entries, prompting for confirmation. With **--all**, it also removes internal and frontend images.
+
+The space management flags (**--max-used-space**, **--min-free-space**, **--reserved-space**) allow fine-grained control over disk usage. The **--filter** flag supports selectors like **until**, **id**, **type**, **inuse**, **mutable**, **shared**, and **private**, combined with AND logic.
+
+# CAVEATS
+
+Without **--all**, internal images and frontend cache are preserved. Space flags accept human-readable values (e.g., 128mb, 2gb). When multiple space flags are specified, all constraints are honored simultaneously.
+
+# SEE ALSO
+
+[docker-buildx-du](/man/docker-buildx-du)(1), [docker-buildx-rm](/man/docker-buildx-rm)(1), [docker-build](/man/docker-build)(1), [docker](/man/docker)(1)