Chaz6

Custom Secure Boot configuration while deploying a new Virtual Machine

The Secure Boot configuration is stored in NVRAM. If the NVRAM contains no Secure Boot configuration (a freshly deployed VM, or a VM for which the .nvram file has been deleted from the datastore), the Secure Boot configuration will be reset to the defaults described in the UEFI Specification (the variables named PKDefault, KEKDefault, dbDefault and dbxDefault). You can use advanced VM config options to control those defaults, through which you can pre-populate the Secure Boot configuration before the VM is first powered on.

If you want to deploy the certificates as part of the VM's configuration, copy the DER-encoded certificate into the VM's directory and add the following advanced VM config options:

uefi.secureBoot.dbDefault.file0 = "custom-cert.der"

where "custom-cert.der" is the name of the DER-encoded certificate file within the VM's directory. You can repeat that for file1, file2, file3, etc., to add multiple certificate

Chaz6

#!/bin/bash

/usr/bin/certbot renew

if test $(find /etc/letsencrypt/live/unifi.example.com/cert.pem -mmin -60)
then
        /bin/systemctl stop unifi.service
        /usr/bin/openssl pkcs12 -export -inkey /etc/letsencrypt/live/unifi.example.com/privkey.pem -in /etc/letsencrypt/live/unifi.example.com/fullchain.pem -out /tmp/unifi.example.com.p12 -name ubnt -password pass:temppass
        /bin/keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /opt/UniFi/data/keystore -srckeystore /tmp/unifi.example.com.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias ubnt -noprompt
        /bin/rm -f /tmp/unifi.example.com.p12

Chaz6

#!/usr/bin/env python3
# /// script
# requires-python = ">=3.11"
# dependencies = [
#     "ppf.datamatrix",
#     "reportlab",
#     "setuptools",
# ]
# ///

Chaz6

#!/usr/bin/env python3
# /// script
# requires-python = ">=3.11"
# dependencies = [
#     "ppf.datamatrix",
#     "reportlab",
#     "setuptools",
#     "shortuuid",
# ]
# ///

Chaz6

use chrono::Local;
use std::io::Write;
use std::net::{TcpListener, TcpStream};

fn handle_client(mut stream: TcpStream) {
    let dt = Local::now().to_utc();
    stream.write_all(dt.to_string().as_bytes()).unwrap();
    stream.shutdown(std::net::Shutdown::Both).unwrap();
}

Chaz6

[package]
name = "shallenge"
version = "0.1.0"
edition = "2021"

[dependencies]
sha2 = "0.11.0-pre.3"

Chaz6

#!/usr/bin/bash

LLVM_VERSION=18.1.3
LLVM_VERSION_BETA=

PREFIX=$HOME

if [ -n "$LLVM_VERSION_BETA" ]; then
        FILENAME="llvm-project-${LLVM_VERSION}${LLVM_VERSION_BETA}.src.tar.xz"
        INSTALL_PREFIX="$PREFIX/.local/local/llvm-${LLVM_VERSION}${LLVM_VERSION_BETA}"

Chaz6

#!/usr/bin/bash

PYTHON_VERSION=3.13.0
BETA_VERSION=a6
INSTALLDIR="${HOME}"/.local/local

cd /tmp &&
        wget -4 "https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}${BETA_VERSION}.tar.xz" &&
        echo "Extracting archive..." &&
        tar xvf "Python-${PYTHON_VERSION}${BETA_VERSION}.tar.xz" &&

Chaz6

#!/bin/bash

/usr/bin/certbot renew

if /usr/bin/test $(find /etc/letsencrypt/live/weechat.example.com/cert.pem -mmin -60)
then
        /bin/cat /etc/letsencrypt/live/weechat.example.com/cert.pem /etc/letsencrypt/live/weechat.example.com/privkey.pem > /home/user/.weechat/ssl/weechat.example.com_ssl.pem
        /bin/cat /etc/letsencrypt/live/weechat.example.com/fullchain.pem > /home/user/.weechat/ssl/weechat.example.com_fullchain.pem
        /usr/bin/su -c 'echo "*/relay sslcertkey" > /home/user/.weechat/weechat_fifo_*' user
fi

Chaz6

#!/usr/bin/env ruby

# script to generate PCAP from Trio exception trace. Potentially you may need to change POP_BYTES variable.
# Trio exception trace allows you to capture things like broken packets (checksum error), to see who is sending them

# clogin junos-trio-box | tee exception_trace
# start shell pfe network fpc0
# show jnh 0 exceptions terse
# debug jnh exceptions N discard    ## get N from above command
# debug jnh exceptions-trace