Skip to content

Instantly share code, notes, and snippets.

View Moredread's full-sized avatar
💭
Hacking

André-Patrick Bubel Moredread

💭
Hacking
30 followers · 115 following
View GitHub Profile
@Savjee
Savjee / s3-to-AWStat.sh
Created January 20, 2013 18:27
s3-to-AWStat is a bash script that downloads Amazon S3 access logs and makes them ready for AWStat.
#!/bin/bash
# s3-to-AWStat
# Copyright 2013 Xavier Decuyper
# http://www.savjee.be
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
@surjikal
surjikal / encrypt-pw-ssha.sh
Last active May 26, 2023 18:45
Encrypt a password using SSHA. Use this for your `htpasswd` files.
#!/bin/sh
# http://wiki.nginx.org/Faq#How_do_I_generate_an_htpasswd_file_without_having_Apache_tools_installed.3F
PASSWORD=$1;
SALT="$(openssl rand -base64 3)"
SHA1=$(printf "$PASSWORD$SALT" | openssl dgst -binary -sha1 | sed 's#$#'"$SALT"'#' | base64);
printf "{SSHA}$SHA1\n"
@dergachev
dergachev / squid-deb-proxy_on_docker.md
Last active May 25, 2023 03:55
Caching debian package installation with docker

TLDR: I now add the following snippet to all my Dockerfiles:

# If host is running squid-deb-proxy on port 8000, populate /etc/apt/apt.conf.d/30proxy
# By default, squid-deb-proxy 403s unknown sources, so apt shouldn't proxy ppa.launchpad.net
RUN route -n | awk '/^0.0.0.0/ {print $2}' > /tmp/host_ip.txt
RUN echo "HEAD /" | nc `cat /tmp/host_ip.txt` 8000 | grep squid-deb-proxy \
  && (echo "Acquire::http::Proxy \"http://$(cat /tmp/host_ip.txt):8000\";" > /etc/apt/apt.conf.d/30proxy) \
  && (echo "Acquire::http::Proxy::ppa.launchpad.net DIRECT;" >> /etc/apt/apt.conf.d/30proxy) \
  || echo "No squid-deb-proxy detected on docker host"
@lyda
lyda / metrics.lua
Last active September 21, 2022 04:16
Prometheus node-exporter in lua for openwrt
#!/usr/bin/lua
-- Metrics web server (0.1)
-- Copyright (c) 2015 Kevin Lyda
-- Apache 2.0 License
socket = require("socket")
netsubstat = {"IcmpMsg", "Icmp", "IpExt", "Ip", "TcpExt", "Tcp", "UdpLite", "Udp"}
cpu_mode = {"user", "nice", "system", "idle", "iowait", "irq",
"softirq", "steal", "guest", "guest_nice"}
netdevsubstat = {"receive_bytes", "receive_packets", "receive_errs",
@mattdenner
mattdenner / README.markdown
Last active March 5, 2024 19:33
Suspend and then hibernate after 60 minutes

I found a post about suspending and then going into hibernate that included a really clever script. Turns out that with NixOS this is even esaier to coordinate as you have systemd so can have a before and after service. I just include this in my /etc/nixos/configuration.nix file and nixos-rebuild; then a systemctl suspend or a close of the lid will cause the hibernate timer to be set.

@hsuh
hsuh / AWS access key grep
Created January 20, 2017 12:26
url - https://aws.amazon.com/blogs/security/a-safer-way-to-distribute-aws-credentials-to-ec2/
Finding hard-coded credentials in your code
Hopefully you’re excited about deploying credentials to EC2 that are automatically rotated. Now that you’re using Roles, a good security practice would be to go through your code and remove any references to AKID/Secret. We suggest running the following regular expressions against your code base:
Search for access key IDs: (?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9]). In English, this regular expression says: Find me 20-character, uppercase, alphanumeric strings that don’t have any uppercase, alphanumeric characters immediately before or after.
Search for secret access keys: (?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]). In English, this regular expression says: Find me 40-character, base-64 strings that don’t have any base 64 characters immediately before or after.
If grep is your preferred tool, run a recursive, Perl-compatible search using the following commands
@globin
globin / configuration.nix
Last active March 1, 2024 00:46
prometheus on nixos
{ pkgs, lib, config, ... }:
{
networking = {
firewall.allowedTCPPorts = [
3000 # grafana
9090 # prometheus
9093 # alertmanager
];
useDHCP = true;
};
@pjones
pjones / autosshfs.nix
Created March 28, 2017 19:20
autofs + sshfs NixOS module.
# Configure autofs for mounting sshfs mounts as a specific user.
#
# Heavily inspired by https://github.com/hellekin/autosshfs
{ config, pkgs, lib, ...}: with lib;
let
cfg = config.pjones.services.autosshfs;
mkdir = "${pkgs.coreutils}/bin/mkdir";
##############################################################################
@grahamc
grahamc / cloudfront.sh
Last active September 3, 2021 08:52
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p bind.dnsutils -p traceroute -p curl
# impure: needs ping
#source: https://s3.amazonaws.com/aws-cloudfront-testing/CustomerTesting.html
function _e {
echo "> $@"
eval "$@" 2>&1 | sed -e "s/^/ /"
printf "Exit: %s\n\n\n" "$?"
}
@corona6
corona6 / README.md
Last active November 11, 2021 14:56
delete unused resources/revisions/tags for Joplin https://github.com/corona6/joplinclean