Skip to content

Instantly share code, notes, and snippets.

View OnkelDom's full-sized avatar

Dominik Lenhardt OnkelDom

3 followers · 25 following
View GitHub Profile
@sprocktech
sprocktech / unifi-le-root-cert-fix.txt
Last active October 11, 2021 13:50
Ubiquiti UniFi - Fix for the Let's Encrypt DST Root CA X3 Expiration
# Some UniFi devices may not have the current ISRG root cert that LE uses
# Some devices also have an older version of OpenSSL
# These older versions will not validate a cert if the expired DST root cert is part of the chain
# USG
# This has an older OpenSSL version
# The current ISRG root cert is not included in the latest firmware
sudo -i
sed -i 's|^mozilla\/DST_Root_CA_X3\.crt|!mozilla/DST_Root_CA_X3.crt|' /etc/ca-certificates.conf
curl -sk https://letsencrypt.org/certs/isrgrootx1.pem -o /usr/local/share/ca-certificates/ISRG_Root_X1.crt
@f41gh7
f41gh7 / victoria_metrics_push_gw.py
Created January 17, 2021 02:08
VictoriaMetrics as push gateway.
from prometheus_client import Counter, start_http_server
from threading import Thread
import requests as re
import time
JOB_NAME = 'test'
INSTANCE = 'localhost'
def scrape_and_send(local_url: str, vm_url: str, scrape_interval: int):
@hagen1778
hagen1778 / rules.yml
Created August 8, 2020 21:10
Migrating data from Prometheus to VM. Prometheus rules config
groups:
- name: CPU rules
interval: 10s
rules:
# The count of CPUs per node, useful for getting CPU time as a percent of total.
- record: instance:node_cpus:count
expr: >
count without (cpu, mode) (
node_cpu_seconds_total{mode="idle"}
)
@dyerseve
dyerseve / markdown-cheatsheet.md
Created June 25, 2020 13:53 — forked from jonschlinkert/markdown-cheatsheet.md
A better markdown cheatsheet.
@dyerseve
dyerseve / enduserm365tasks.md
Last active November 19, 2021 21:36
End User Instuctions for Microsoft 365 Tasks

Setup Microsoft Authenticator

Download Authenticator

On a device that isn't your personal phone, login to your account by visiting:

https://aka.ms/mfasetup

Use the credentials supplied to you

@dyerseve
dyerseve / USG_OpenVPN_Radius_Auth.md
Last active October 4, 2021 20:10 — forked from jcconnell/USG_OpenVPN_Radius_Auth.md
Unifi Security Gateway (USG) OpenVPN server with RADIUS authentication

OpenVPN on UniFi USG Instructions for FIT

Last Updated: 2021/01/19

Fork Notes

Forked this to provide better details for our environment, you should be able to copy paste most of the commands from the command blocks

Details

I wanted to run an OpenVPN server on the USG. Since it has a Radius server built in, I figured this would be a much better way to handle OpenVPN authentication. Make sure you have the Radius server enabled on your USG under Settings > Services > Radius > Server in the controller. Add OpenVpn users under Settings > Services > Radius > Server.

@AmazingTurtle
AmazingTurtle / how-to-restore.md
Last active May 30, 2024 09:18
restore access to unifi controller

Restore access to a unifi controller

When you are unable to login to the unifi controller or forgot admin password, you can restore access using SSH and manipulating mongodb directly.

Warning

Do not uninstall unifi controller - most of the data is not stored in mongodb. In case you thought a mongodb backup would be sufficient, you may have fucked up already, just like me. However I managed to write this "tutorial" for anyone to not run into the same trap.

Apparently this guide no longer works with recent unifi controller versions (starting nov/dec 2022). Since I no longer use unifi hardware in my home system, I can not update the guide myself. In case you've gotten here to recover your data, you're likely doomed. But giving it a try won't hurt anyway, therefore: good luck.

@MatthewVance
MatthewVance / unbound.conf
Last active May 6, 2024 21:18
Config for running Unbound as a caching DNS forwarder (performance settings optimized for Raspberry Pi 2).
server:
###########################################################################
# BASIC SETTINGS
###########################################################################
# Time to live maximum for RRsets and messages in the cache. If the maximum
# kicks in, responses to clients still get decrementing TTLs based on the
# original (larger) values. When the internal TTL expires, the cache item
# has expired. Can be set lower to force the resolver to query for data
# often, and not trust (very large) TTL values.
cache-max-ttl: 86400
@troyfontaine
troyfontaine / README.md
Last active October 15, 2023 09:58
Ubiquiti USG config.gateway.json Syntax

Ubiquiti USG Advanced Configuration

Overview

Integrated DNS Overview

When using a USG with Ubiquiti's Unifi Controller software (version 5.6 and earlier), the functionality of integrating the hostnames of clients (when they request a DHCP lease) into local DNS does not appear to work as you would find with Consumer grade routers. To work around this limitation, we can add static host mappings to a configuration file that will be provisioned to the USG when either a configuration change is made or we force provisioning to the USG itself.

Non-GUI Supported Dynamic DNS Providers

I've added in the necessary syntax for adding Cloudflare DDNS to the USG for VPN/Services setup courtesy of this post by britannic on the Ubiquiti Forums.

Configuration File

@w1ndy
w1ndy / socks5.acl
Created December 19, 2016 08:00
Simple SOCKS5 proxy based on systemctl, iptables and ssh with access control
# Put under /etc/
# SOCKS5 proxy access control
# One IPv4 address per line
127.0.0.1