JanKoppe

Description

This simple script will take a picture of a whiteboard and use parts of the ImageMagick library with sane defaults to clean it up tremendously.

The script is here:

#!/bin/bash
convert "$1" -morphology Convolve DoG:15,100,0 -negate -normalize -blur 0x1 -channel RBG -level 60%,91%,0.1 "$2"

Results

JanKoppe

Running a Django app with gunicorn in a Docker container gets a bit tricky, when you try to expose Prometheus metrics (with e.g. https://github.com/korfuri/django-prometheus).

Every worker thread in gunicorn will be an entirely separate process, all RRD behind a single port. So, if you are running more than one worker thread (which you most likely do and should) you will need to let the workers each listen on a dedicated port, so your metrics will not get confused. You could try to add additional labels, but that still would come with a lot of problems. Running on a range of ports is supported quite well with korfuri/django-prometheus, as described here: https://github.com/korfuri/django-prometheus/blob/master/documentation/exports.md#exporting-metrics-in-a-wsgi-application-with-multiple-processes

This will be a bit uncomfortable though, especially if your app is hidden behind an ingress reverse proxy and you do not want to punch lots of holes into your firewall config, or create lots and lots of vhosts.

JanKoppe

#!/bin/bash

# Reminds you in xx minutes with notify-send, using at/atd

MINUTES=${1}
MESSAGE=${2:-reminder}

at now + "${MINUTES}" minutes << EOF
notify-send -c reminder -u critical 'Reminder from ${MINUTES} minutes ago' '${MESSAGE}'
EOF

JanKoppe

variable "hcloud_token" {
}

provider "hcloud" {
    token = "${var.hcloud_token}"
}

resource "hcloud_server" "kube-master" {
    name = "kube-master"
    image = "ubuntu-18.04"

JanKoppe

import requests
import time
import icalendar
import datetime
import pytz
from colored import fg, bg, attr

def loopme():
    r = requests.get('https://fahrplan.chaos-west.de/35c3chaoswest/schedule/export/schedule.ics')

JanKoppe

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

JanKoppe

extract ova files from an archive

$ tar -xvf vmName.ova

modify ovf for some invalid tag

$ vi vmName.ovf

JanKoppe

*.img
*.raw

JanKoppe

test:
  multiline: |
    f4x6aaBtLPQk898Ymfkn
    TQsi69wDY40aluFbdp99
    jqdGOkx9CN2xgWOM8JeI
    M4lXnXyctLTDejDb2eZu
    XBPmvqXJStQFZIQwHzLF
    by0cxOYjrY3On6hj3oqk
    Xu0Ze6Sz8EbC7udHsyxE
    jNv0M7lWNJCfegOlDCJH

JanKoppe

[1001]
exten => _X.,1,Set(CALLERID(name)=1.0.0.1)
exten => _X.,n,Answer
exten => _X.,n,Wait(1)
exten => _X.,n,Playback(1001-recordtype) ; "Enter record type on your phone keypad, followed by the hash key. Press 1 to go to next character"
exten => _X.,n,Read(recordtype,,,si,)
exten => _X.,n,Playback(1001-domain) ; "Enter domain name to retrieve record, followed by the hash key"
exten => _X.,n,Read(domain,,,si,)
exten => _X.,n,Set(RECORD="${SHELL(/usr/bin/1001.py "${recordtype}")}")
exten => _X.,n,Set(ADDR="${SHELL(/usr/bin/1001.py "${domain}")}")