Skip to content

Instantly share code, notes, and snippets.

View FlorianHeigl's full-sized avatar

Florian Heigl FlorianHeigl

42 followers · 13 following
View GitHub Profile
@FlorianHeigl
FlorianHeigl / Dockerfile
Created January 6, 2023 07:29
meet the man who might have created the biggest race condition in history of network automation?
FROM netboxcommunity/netbox
ENV http_proxy http://192.168.xx.xx:3128
ENV https_proxy http://192.168.xx.xx:3128
### deps und build env stuff
RUN apk --no-cache --update-cache add gcc git make musl-dev libffi-dev libxml2-dev libxslt-dev musl-dev python3-dev libffi-dev openssl-dev libjpeg-turbo-dev zlib-dev
ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1
### napalm drivers
@FlorianHeigl
FlorianHeigl / log.txt
Created December 9, 2022 02:59
ubuntu trash
After this operation, 0 B of additional disk space will be used.
(Reading database ... 219680 files and directories currently installed.)
Preparing to unpack .../grub-pc-bin_2.02-2ubuntu8.25_amd64.deb ...
Unpacking grub-pc-bin (2.02-2ubuntu8.25) over (2.02-2ubuntu8.25) ...
dpkg: error processing archive /var/cache/apt/archives/grub-pc-bin_2.02-2ubuntu8.25_amd64.deb (--unpack):
unable to open '/usr/lib/grub/i386-pc/at_keyboard.mod.dpkg-new': Operation not permitted
Segmentation fault (core dumped)
@FlorianHeigl
FlorianHeigl / RB952Ui-5ac2nD.yaml
Created December 1, 2022 14:17
hAP ac lite netbox device type
---
manufacturer: MikroTik
model: hAP ac lite
slug: hap-ac-lite
part_number: RB952Ui-5ac2nD
u_height: 0
is_full_depth: false
subdevice_role: ''
comments: "The [hAP ac lite](https://mikrotik.com/product/RB952Ui-5ac2nD) is a Dual-concurrent\
\ Access Point, that provides WiFi coverage for 2.4GHz and 5GHz frequencies at the\
@FlorianHeigl
FlorianHeigl / cim-re
Last active November 18, 2022 00:59
zimbra /opt/zimbra/index space cleanup, automated with throttling
#/bin/bash -eu
PHASE=init
# tba
PHASE=prep
zimbra_users=$( zmprov -l gaa | sort )
PHASE=run
@FlorianHeigl
FlorianHeigl / contributions.md
Last active November 14, 2022 13:00

A guide about accepting contributions for Open source projects.

Ever since you could send patches by mail we'd interact over thousands of miles, exchanging code snipped between people we don't even know beforehand.

That and the transient nature of contributions might be the main the reasons it's very hard to find out why things go wrong.

The guide tries to pin down most common issues and bring to light some possible reasons.

I'm writing based on my experiences with some projects, the feedback I heard from frustrated users and overloaded devs. In case of Check_MK I've even seen all sides, but this writeup is based on a lot more projects / interactions. In most cases I'm just a mere user. At rare times I've been intrigued, but most often I've been driven mad.

@FlorianHeigl
FlorianHeigl / esxi-patching.md
Last active June 19, 2022 17:26
ESXi Updates via CLI/SSH/ansible
@FlorianHeigl
FlorianHeigl / dhcpd.conf
Created June 12, 2022 19:55
isc dhcp und mikrotik netinstal
Relevant kea-dhcp4.conf items:
{ "subnet": "172.30.248.0/22",
"pools": [
{ "pool": "172.30.248.16 - 172.30.248.31", "client-class": "BOOTP" },
{ "pool": "172.30.248.32 - 172.30.248.63", "client-class": "DHCP" }
],
"option-data": [
{ "name": "domain-name-servers",
"data": "172.16.1.15, 172.16.1.20" },
{ "name": "domain-name", "data": "company.com" },
@FlorianHeigl
FlorianHeigl / cli_script
Last active April 6, 2022 22:56
avaya ers ssh config
# 1. dsa host key muss vorhanden sein, sonst startet server nicht
# 2. dsa auth kann man abschalten, ausser firmware ist extra alt. FW <=5.5 kann kein RSA FW >=5.6 kann RSA.
# 3. secure mode disabled alle anderen Protokolle - auch snmp!
# 4. pubkey download ist nur via tftp server (nicht usb)
# 5. RO user fuer backup funktioniert nicht wegen Problem mit `enable` ohne PW in oxidized
# 6. PW muss man manuell eingeben
# 7. telnet bleibt hier so erreichbar! (block via ipmgr)
no ssh
@FlorianHeigl
FlorianHeigl / alcatel-test.py
Last active April 4, 2022 19:26
textfsm-aos example alcatel
#!/usr/bin/env python3
from textfsm_aos.parser import parse
import re
sample_data = """
Local Chassis ID 1 (Master)
Model Name: OS6860E-24,
Module Type: 0x6062203,
Description: Chassis,
Part Number: 903708-90,
@FlorianHeigl
FlorianHeigl / ale-baseline-config.yml
Last active March 29, 2022 11:26
ale-baseline-config
---
# references
# [Switch Management Guide](https://www.al-enterprise.com/-/media/assets/internet/documents/os8-sw-87r3-rev-a.pdf)
# [Security Target for EAL2](https://www.fmv.se/globalassets/csec/alcatel-lucent-enterprise-omniswitch-with-aos-8.6.4.r11/alcatel-lucent-enterprise-omniswitch-with-aos-8.6.r11-security-target-for-eal2.pdf)
# [Security Best Practices in AOS](https://support.alcadis.nl/Support_files/Alcatel-Lucent/OmniSwitch//OS6450/Technotes/Security%20Best%20Practices%20in%20AOS%20v1.7.pdf)
# hier gesammelt in 8. AOS 8 example configuration (seite 68ff)
### ssh session limit