Skip to content

Instantly share code, notes, and snippets.

View GitHeld's full-sized avatar

Mike GitHeld

View GitHub Profile
@GitHeld
GitHeld / creating-a-self-signed-ssl-certificate.md
Created July 8, 2021 03:36 — forked from raftheunis87/creating-a-self-signed-ssl-certificate.md
Creating a Self-Signed SSL Certificate
  1. openssl genrsa -des3 -passout pass:<your_pass_key_here> -out server.pass.key 2048
  2. openssl rsa -passin pass:<your_pass_key_here> -in server.pass.key -out server.key
  3. openssl req -new -key server.key -out server.csr
  4. openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt
@GitHeld
GitHeld / PIHOLE+UNBOUND.md
Created January 27, 2022 05:19 — forked from bruvv/PIHOLE+UNBOUND.md
Setup Pihole + Unbound + DNS over TLS on ubuntu 20.02 LTS

Swap

First enable swap just incase

sudo fallocate -l 2G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo cp /etc/fstab /etc/fstab.bak
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
sudo sysctl vm.swappiness=10
@GitHeld
GitHeld / create-DNS-over-TLS-bridge-with-pi-hole-unbound-and-stubby-on-ubuntu-server.md
Created January 27, 2022 05:30 — forked from Jiab77/create-DNS-over-TLS-bridge-with-pi-hole-unbound-and-stubby-on-ubuntu-server.md
Create DNS-over-TLS bridge with Pi-hole, unbound and stubby on Ubuntu Server

Create DNS-over-TLS bridge with Pi-hole, unbound and stubby on Ubuntu Server

Few months ago, I've made a similar work but I wanted something a little more easier to manage. Please have a look at here for my previous work.

This time, I'm gonna do pretty much the same thing but using Pi-hole as base then modify it to include unbound and stubby.

This way, I can use the power of Pi-hole with some additional security layers:

  • Recursive DNS check (unbound)
  • DNS-over-TLS (stubby)
@GitHeld
GitHeld / about:config.txt
Created January 27, 2022 05:35 — forked from jornane/about:config.txt
Recommended Firefox about:config settings
# Recommended Firefox about:config settings
# Privacy
# https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections
extensions.blocklist.enabled;false
browser.safebrowsing.downloads.remote.enabled;false
browser.safebrowsing.malware.enabled;false
browser.safebrowsing.passwords.enabled;false
browser.safebrowsing.phishing.enabled;false
network.prefetch-next;false
@GitHeld
GitHeld / README.md
Created February 13, 2022 19:08 — forked from akihikodaki/README.en.md
Linux Desktop on Apple Silicon/M1 in Practice

Linux Desktop on Apple Silicon/M1 in Practice

I bought M1 MacBook Air. It is the fastest computer I have, and I have been a GNOME/GNU/Linux user for long time. It is obvious conclusion that I need practical Linux desktop environment on Apple Silicon/M1.

Fortunately, Linux already works on Apple Silicon/M1. But how practical is it?

@GitHeld
GitHeld / replace_synology_ssl_certs.sh
Created February 13, 2022 20:55 — forked from catchdave/replace_synology_ssl_certs.sh
CLI script to programmatically replace SSL certs on Synology NAS
#!/bin/sh
# How to use this script:
# 1. Get your 3 PEM files ready to copy over from your local machine/update server (privkey.pem, fullchain.pem, cert.pem)
# and put into a directory (this will be $CERT_DIRECTORY).
# 2. Ensure you have a user setup on synology that has ssh access (and ssh access is setup).
# This user will need to be able to sudo as root (i.e. add this line to sudoers, <USER> is the user you create):
# <USER> ALL=(ALL) NOPASSWD: /var/services/homes/<USER>/replace_certs.sh
# 3. Call this script as follows:
# sudo scp ${CERT_DIRECTORY}/{privkey,fullchain,cert}.pem $USER@$SYNOLOGY_SERVER:/tmp/ \
# && sudo scp replace_synology_ssl_certs.sh $USER@$SYNOLOGY_SERVER:~/ \
@GitHeld
GitHeld / GL-iNet_sniff_setup.md
Created February 21, 2022 04:48 — forked from dropmeaword/GL-iNet_sniff_setup.md

GL-iNet pocket router

The following steps will help you configure a GL-iNet router running a version of linux called OpenWRT so that you can do real-time WiFi Probe Request capture. By using multiple of these GL-iNet devices you can easily create a perimeter for WiFi tracking.

create destination on the usb drive

mkdir /mnt/sda1/packages
echo dest usb /mnt/sda1/packages/ >> /etc/opkg.conf

Filesystem

@GitHeld
GitHeld / extroot.sh
Created March 2, 2022 11:08 — forked from nikescar/extroot.sh
openwrt extroot
#!/bin/sh
# openwrt extroot /dev/sda1 ext4 /dev/sda2 swap
# latest version https://downloads.openwrt.org/releases/19.07-SNAPSHOT/targets/ar71xx/generic/
opkg update
opkg install kmod-usb-storage kmod-scsi-core block-mount kmod-fs-ext4 kmod-usb-uhci e2fsprogs fdisk
echo "
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
@GitHeld
GitHeld / gist:7e9c67416c7014d79920710bf758cd94
Created March 14, 2022 23:40 — forked from andphe/gist:3232343
Export your links from Safari reading list
/usr/bin/plutil -convert xml1 -o - ~/Library/Safari/Bookmarks.plist | grep -E -o '<string>http[s]{0,1}://.*</string>' | grep -v icloud | sed -E 's/<\/{0,1}string>//g'
@GitHeld
GitHeld / bootstrap.sh
Created March 26, 2022 17:05 — forked from abulte/bootstrap.sh
Build a custom RPI image
#!/bin/bash
# Based on work by Klaus M Pfeiffer at http://blog.kmp.or.at/2012/05/build-your-own-raspberry-pi-image/
# you need to do: "sudo apt-get install binfmt-support qemu qemu-user-static debootstrap kpartx lvm2 dosfstools"
# run with "sudo bootstrap.sh /dev/sd[x]"
echo "Use like: sudo bootstrap.sh /dev/sd[x]"
#deb_mirror="http://ftp.debian.org/debian"
#deb_local_mirror="http://ftp.debian.org/debian"