Skip to content

Instantly share code, notes, and snippets.

View NewRedsquare's full-sized avatar
😴
Working from home

NewRedsquare

😴
Working from home
5 followers · 2 following
  • Paris, France
View GitHub Profile
@AtaxyaNetwork
AtaxyaNetwork / bgp-filter.txt
Last active October 18, 2023 19:45
BGP routing filter ROS7
Replace $PREFIX-v4 and $PREFIX-v6 with your prefixes (eg. 192.0.2.0/24)
Replace $LEIGHT with the length of your prefix (eg. 24)
chain=BGP-IN-v4 rule="if ( dst==$PREFIX-v4 ) { reject }"
chain=BGP-IN-v4 rule="if ( dst==192.168.0.0/16) { reject }"
chain=BGP-IN-v4 rule="if ( dst==127.0.0.0/8) { reject }"
chain=BGP-IN-v4 rule="if ( dst==10.0.0.0/8 ) { reject }"
chain=BGP-IN-v4 rule="if ( dst==169.254.0.0/16) { reject }"
chain=BGP-IN-v4 rule="if ( dst==172.16.0.0/12 ) { reject }"
@devcutler
devcutler / README.md
Created December 17, 2022 15:46
My *arr stack with Jellyfin running on Docker.

docker-compose.yml configuration

  1. Mullvad needs a key and address space from one of the files you get from here. Input those into their respective fields in gluetun's environment variables. If you're not using Mullvad, follow any of the Provider guides on gluetun's wiki.
  2. Change any volume paths you want to be different. In the current setup the stack creates a directory per service for that service's configurations and then a single media directory for media storage.
  3. Set your PGID and PUID environment variables in any services that use them. This is used to ensure services can access the files they use.

Service configuration

Following respective services' setup guides will work for most cases, but these are some things to remember.

@sepastian
sepastian / nmcli_eduroam_uni_passau.sh
Last active April 3, 2023 13:57
Add nmcli connection for eduroam at university of Passau
# Setup eduroam connection using personal certificate (802-1.x WPA EAP)
# at the University of Passau.
#
# PREREQUISITES
#
# Instructions based on "Manuelle Einrichtung" [1] and Stackoverflow [2].
#
# 0) mkdir ~/.eduroam # create dir holding certificate files
# 1) download private key in PKCS#12 format [3], save as ~/.eduroam/eduroam.p12
# 2) download radius root certificate [4], save as ~/.eduroam/radius_rootcert.pem
@ofstudio
ofstudio / usb-rtlsdr-docker-rootless.sh
Created October 17, 2021 20:29
How to mount USB device to docker container in rootless mode
# How to mount RTL-SDR (Flightaware) USB dongle
# to docker container in rootless mode
#
# For example running: `docker run --device=/dev/bus/usb:/dev/bus/usb ...`
#
# or via docker compose:
#
# version: '3'
# services:
# dump1090:
@Tugzrida
Tugzrida / mta-sts.js
Last active May 31, 2024 06:56
MTA-STS Cloudflare worker
// This worker is designed to be able to neatly handle MTA-STS policies for multiple domains.
// Make a new worker with this script and add your domains to the stsPolicies dict like the example.
// Add a DNS AAAA record for mta-sts.yourdomain.com pointing to 100:: and set to proxied,
// then add a workers route for mta-sts.yourdomain.com/* pointing to this worker.
// You should probably also create a Cloudflare configuration rule disabling Browser Integrity Check for the mta-sts subdomain
// to ensure MTAs aren't blocked from retrieving your policy.
// You'll still need to manually add the appropriate _mta-sts.yourdomain.com TXT record to enable the policy,
@nebhead
nebhead / CustomUSBName.md
Last active June 24, 2024 09:57
Instructions for Adding Custom Naming for Arduino USB Device

The following is capturing instructions on how to add custom naming for an Arduino Leonardo (or generic pro-micro) for my Arcade Controller device. I wanted to have a simple record so that when I inevitably come back to this someday I can recall how I accomplished this. Reference was taken from the following YouTube video (https://youtu.be/hoCOq9Ngp44?t=1156) at approximately 19m16s.

WINDOWS Instructions:

Create a new set of folders: ~\Documents\Arduino\hardware\daemonbite\avr

Copy everything from C:\Program Files (x86)\Arduino\hardware\arduino\avr to this new folder.

@fonic
fonic / scan-to-pdf.sh
Last active September 16, 2023 09:56
scan-to-pdf.sh - Scan documents directly to PDF file - Linux command line
Moved to https://github.com/fonic/scan2pdf
@tavinus
tavinus / onlyofficeDocsLXCBuster.md
Last active June 26, 2024 11:30
OnlyOffice Docs into a LXC Debian 10
@heri16
heri16 / 90-mkinitcpio-install.hook.patch
Last active July 15, 2024 14:03
Enable Linux Secure Boot with TPM 2.0 (Manjaro / Archlinux) - rEFInd
--- /usr/share/libalpm/hooks/90-mkinitcpio-install.hook 2020-03-05 12:45:41.000000000 +0800
+++ /etc/pacman.d/hooks/90-mkinitcpio-install.hook 2020-06-13 23:08:32.861202141 +0800
@@ -8,5 +8,7 @@
[Action]
Description = Updating linux initcpios...
When = PostTransaction
-Exec = /usr/share/libalpm/scripts/mkinitcpio-install
+Exec = /usr/local/share/libalpm/scripts/mkinitcpio-install
+Depends = sbsigntools
+Depends = x11-ssh-askpass
@icedream
icedream / README.md
Last active March 29, 2024 20:57
Adjusting SELinux to change SSH port in Fedora CoreOS

See coreos/fedora-coreos-tracker#396 (comment) for a bit of explanation.

Warning: The script will trigger warning messages in the systemd journal log that look like this:

systemd[1]: sshd.service: Found left-over process 4270 (conmon) in control group while starting unit. Ignoring.
systemd[1]: This usually indicates unclean termination of a previous run, or service implementation deficiencies.

This is probably a side effect of the script booting up podman containers to run semanage - I don't know how to get rid of this properly if it's possible at all but I think this can be ignored for now.

SSH daemon can take quite a long while to start for the first time due to the one-time image build.