Skip to content

Instantly share code, notes, and snippets.

View BlackDex's full-sized avatar

Mathijs van Veluw BlackDex

View GitHub Profile
@BlackDex
BlackDex / dnsblacklist-update.php
Created February 5, 2016 10:42 — forked from Fursje/dnsblacklist-update.php
DNS blacklist updater to host format.
<?php
$a = new adsblock();
$a->run();
class adsblock {
public $output_hosts_file = "/etc/powerdns/hosts-ads";
public $redirect_ip = "0.0.0.0";
public $fileUrls = array(
<?php
$a = new img_resize();
$a->run();
class img_resize {
public $img_files = array();
public $img_path = "";
public $bad_files = array();
@BlackDex
BlackDex / lxc-default-with-netns
Created March 31, 2016 14:56 — forked from jjo/lxc-default-with-netns
apparmor profile to allow netns handling inside LXCs
# /etc/apparmor.d/lxc/lxc-default-with-netns
# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which
# will source all profiles under /etc/apparmor.d/lxc
profile lxc-container-default-with-netns flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/lxc/container-base>
#include <abstractions/lxc/start-container>
# - onetime mount, if /run/netns was not mounted yet:
machines=$(juju status --format json | python -c "import sys; import json; f = json.loads(sys.stdin.read()); print('\n'.join(f.get('machines', {}).keys()))")
for MACHINE_ID in $machines; do
echo "Machine $MACHINE_ID"
juju run --machine=$MACHINE_ID 'sudo initctl list | grep juju | cut -d" " -f1 | xargs -I{} sudo status {}'
done
@BlackDex
BlackDex / dd-wrt _cron
Created July 12, 2016 20:16 — forked from vkdimitrov/dd-wrt _cron
dd-wrt cronjob that check if there are active wifi clients, and if not reduce TX Power to min (without disabling the radio), else set it to 50
*/1 * * * * root I=`nvram get wl0_ifname`;[ -z `wl -i $I assoclist` ] && wl txpwr1 -o -m 1 || wl txpwr1 -o -m 50
@BlackDex
BlackDex / taskset.sh
Created November 22, 2016 09:47 — forked from ayufan/taskset.sh
KVM CPU pinning for Proxmox VE
#!/bin/bash
set -eo pipefail
VMID=200
cpu_tasks() {
expect <<EOF | sed -n 's/^.* CPU .*thread_id=\(.*\)$/\1/p' | tr -d '\r' || true
spawn qm monitor $VMID
expect ">"

Let's Encrypt & webserver proxy

Most letsencrypt setups use the webroot plugin to authendicate the domain but I don't like writing temp files to my drive. Letsencrypt provides a standalone solution which can be used to skip that part. In combination with a webserver proxy you can verify all domains pretty easily. You will have to setup the webserver to forward all traffic from location /.well-known/acme-challenge to localhost port 81.

Webserver configuration

nginx

server {
    listen              80;
@BlackDex
BlackDex / osd-remove.sh
Created January 21, 2017 21:07 — forked from jerluc/osd-remove.sh
Ceph OSD removal
# As sudo
ceph osd crush remove osd.{osd-num}
ceph auth del osd.{osd-num}
ceph osd rm {osd-num}
ceph osd crush remove {host}
@BlackDex
BlackDex / nzbgetd@.service
Created January 25, 2017 13:43 — forked from abn/nzbgetd@.service
SystemD service file for nzbget
[Unit]
Description=NZBGet Daemon
DaemonAfter=network.target
[Service]
User=%i
ExecStart=/usr/bin/nzbget -D
ExecStop=/usr/bin/nzbget -Q
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
--- common.py.org 2017-02-16 14:22:08.373192652 +0000
+++ common.py 2017-02-16 14:22:25.066235624 +0000
@@ -171,7 +171,7 @@
elif 'command' in extra:
cmd_args.extend(('-c', extra['command']))
else:
- return False
+ cmd_args.extend(('-c', extra))
check_command = _make_check_command(cmd_args)
cmd = '%s!%s' % (check_command, '!'.join([str(x) for x in args]))