Look for direcotries assuming a relative path.
complete -A directory echo
John Steel BlackthornYugen
BlackthornYugen
/ haproxy_be_ipwhitelist.cfg
Created
February 24, 2024 18:48
Python modify haproxy acls
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| backend be_ipwhitelist | |
| option forwardfor | |
| http-request set-header x-forwarded-proto %[ssl_fc,iif(https,http)] | |
| acl is_authorized src -f /etc/haproxy/ip_pass.lst | |
| acl is_authorized http_auth(basic-auth-list) | |
| acl is_logout_path path_end logout | |
| http-request auth realm myrealm.example.org unless is_authorized !is_logout_path | |
| http-request add-header Cache-Control no-cache | |
| server python1 127.0.0.1:5333 check |
BlackthornYugen
/ gist:04276636e8ccd9c83d254391def7be39
Created
February 19, 2024 19:31
capture jellyfin http
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| docker run --interactive --detach --name watch-jellyfin --network container:jellyfin alpine /bin/sh -c " | |
| apk add --no-cache tcpdump; | |
| tcpdump -i any -A 'tcp port (8920 or 8096) and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' --snapshot-length=1024 | |
| " |
BlackthornYugen
/ gist:3033e74a2290c16e82060f7267f94659
Created
February 18, 2024 18:27
Check for files that were not coppied twice.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jq --raw-output --raw-input --slurp ' | |
| split("\n") | | |
| map(select(. != "") | capture("^(?<date>[\\d\\-]+\\s[\\d:]+),[\\d]+.*? (?<filename>[^:]+): (?<operation>Copied|Deleted)")) | | |
| group_by(.filename) | | |
| map({ | |
| filename: .[0].filename, | |
| copy_count: map(select(.operation == "Copied")) | length, | |
| delete_date: map(select(.operation == "Deleted") | .date)[0] | |
| }) | | |
| map(select(.copy_count != 2))[] | [.delete_date, .filename, .copy_count] | @csv' < file-operations.log | tr -d '"' | column -t -s ',' |
BlackthornYugen
/ caffeinate_unti.sh
Created
December 15, 2023 17:18
Run caffeinate when battery is above a given value, preventing MacOS from sleeping.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Default values | |
| verbose=0 | |
| min_battery=20 | |
| log() { | |
| if [[ "$verbose" -gt 0 ]]; then | |
| echo "$@" | |
| fi |
BlackthornYugen
/ Dockerfile
Created
April 6, 2023 17:08
ssh jumpbox with gpg agent and random password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM --platform=linux/arm64 amazonlinux:2 | |
| RUN yum install -y openssh-server | |
| RUN useradd -ms /bin/bash jumpuser | |
| RUN mkdir -v /run/sshd | |
| RUN ssh-keygen -A | |
| USER jumpuser | |
| RUN mkdir ~/.gnupg ~/.ssh | |
| RUN echo 'eval `ssh-agent -s` > /dev/null' >> ~/.bashrc | |
| RUN echo 'export SSH_AUTH_SOCK=$HOME/S.gpg-agent.ssh' >> ~/.bashrc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env pwsh | |
| # Save results to a psql database | |
| function Save-Result { | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(ValueFromPipeline=$true)] | |
| [string]$json | |
| ) | |
| Process { |
BlackthornYugen
/ generate-pki-from-gpg-truststore.sh
Created
December 16, 2022 13:40
This script generates a CA as well as an end-entity for anyone in the caller's GPG trust store.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| if [ -f "$MY_SECRETS" ] ; then | |
| echo "Verified that MY_SECRETS is set." | |
| elif [ -z "$GITLAB_ACCESS_TOKEN" ] ; then | |
| echo "MY_SECRETS needs to be created but GITLAB_ACCESS_TOKEN was not set. Cannot deploy PKI." | |
| exit 1 | |
| else |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env sh | |
| # ESXI Update certificate from url | |
| # | |
| # 1. Save this script in /opt/update_cert.sh (and chmod +x it) | |
| # | |
| # 2. Add one of these to /var/spool/cron/crontabs/root: | |
| # Debug logging: | |
| # 00 1 * * * sh -x /opt/update_cert.sh https://pem.jsteelkw.dev/$(hostname -f).cer 2>&1 | tee -a /opt/certs.log | |
| # Normal: | |
| # 00 1 * * * /opt/update_cert.sh https://pem.jsteelkw.dev/$(hostname -f).cer |
BlackthornYugen
/ keybase.md
Created
April 18, 2021 14:04
I hereby claim:
- I am blackthornyugen on github.
- I am jsteel (https://keybase.io/jsteel) on keybase.
- I have a public key ASA1ffbhLmYVYTKVx-KYty8AdQ0RGwTFlXgAqCb2en7iego
To claim this, I am signing this object:
NewerOlder