Skip to content

Instantly share code, notes, and snippets.

View RobotsAreCrazy's full-sized avatar

RobotsAreCrazy

8 followers · 51 following
View GitHub Profile
@jlopp
jlopp / OPNsense-3.1-config-WireGuard.xml
Created January 28, 2023 22:28
OPNSense config file for whole-home WireGuard VPN per https://blog.lopp.net/how-to-protect-your-home-network-with-a-gigabit-vpn
<?xml version="1.0"?>
<opnsense>
<theme>opnsense</theme>
<sysctl>
<item>
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
<tunable>vfs.read_max</tunable>
<value>default</value>
</item>
<item>
@marvell
marvell / wg_easy_setup.sh
Created November 25, 2022 08:58
wg-easy setup
#!/bin/bash
curl -fsSL https://get.docker.com | sh
docker run -d \
--name=wg-easy \
-e WG_HOST=$(curl -sL4 https://ifconfig.io) \
-e WG_PERSISTENT_KEEPALIVE=25 \
-e WG_DEFAULT_ADDRESS=192.168.210.x \
-v /etc/wg-easy:/etc/wireguard \
@chr-lei
chr-lei / controld-dnsproxy.md
Last active March 18, 2023 21:39
Deploying dnsproxy for ControlD using a config.yaml file

Deploying dnsproxy for ControlD using a config.yaml file

Prerequisites

  • You've got a config.yaml file built. Check out the sample file provided by AdGuard here, or a ControlD-specific sample here.
    • You can also run dnsproxy without a config.yaml file and use command-line switches. I prefer a config.yaml file since it means you don't need to change any startup scripts or re-create the Docker/Podman container if you need to update a value, but any arguments in the config.yaml file can be passed to the command line as well. Check out the dnsproxy readme for more information on additional functions.
  • If you want to use Docker/Podman, this assumes you have either installed and have a basic level of knowledge on either platform. Unfortunately, I am not an expert in either myself and there are many better
@manfre
manfre / Caddyfile
Last active October 2, 2022 10:38
Authentik forward auth to microbin
{$MICROBIN_EXTERNAL_DNS:paste.myapp.local} {
# always forward outpost path to actual outpost
reverse_proxy /outpost.goauthentik.io/* {$AUTHENTIK_CONTAINER_NAME:authentik-server-1}:{$AUTHENTIK_PORT:9000}
# forward authentication to outpost
forward_auth {$AUTHENTIK_CONTAINER_NAME:authentik-server-1}:{$AUTHENTIK_PORT:9000} {
uri /outpost.goauthentik.io/auth/caddy
# capitalization of the headers is important, otherwise they will be empty
@taskylizard
taskylizard / fmhy.md
Last active May 7, 2024 08:41
/r/freemediaheckyeah, in one single file (view raw)
@CharlesGodwin
CharlesGodwin / setup-poe-hat.sh
Last active December 1, 2023 13:37
How to set up the WaveShare Raspberry Pi PoE HAT Type (B) with display
#!/bin/bash
# 2022-01-01 Charles Godwin
# Derived from https://www.waveshare.com/wiki/PoE_HAT_(B)
# enable i2c interface if necessary
# Read the following for details
# https://gist.github.com/CharlesGodwin/adda3532c070f6f6c735927a5d6e8555#file-waveshare-poe-hat-md
#
IS_I2C=`sudo raspi-config nonint get_i2c`
[ $IS_I2C -ne 0 ]&&sudo raspi-config nonint do_i2c 0
# install required packages
@txoof
txoof / tunneling.md
Last active December 28, 2023 06:50
Tunnel ssh connections through firewalls

SSH Tunnels

Situation: Local Network Firewall blocks outgoing connections to remote hosts on port 22

In this situation it is not possible to connect to remote hosts (e.g. github.com) for managing repos over ssh. A tunnel through a remote host (tunnel.myhost.com) can remedy this. An ssh configuration file can be added to the ~/.ssh/config directory to specify a specific command for connecting github.com. See also How to setup SSH Tunneling

Setup

  1. create a tunnel host that accepts incomming connections:
    • tunnel.myhost.com
  2. install nc
@dwrobel
dwrobel / gist:266ad5d4e59b05ea26d8bb6725118578
Last active April 4, 2024 00:36
Updating Raspberry Pi 4 bootloader EEPROM on Fedora
# Update EEPROM on Raspberry Pi 4
# Tested on Fedora Server 36 with downstream kernel (see https://rpmfusion.org/Howto/RaspberryPi for more information)
# Author: Damian Wrobel <dwrobel@ertelnet.rybnik.pl>
# Install git and strings utilities
$ sudo dnf install /usr/bin/git /usr/bin/strings
# Clone the repository
$ git clone https://github.com/raspberrypi/rpi-eeprom.git && cd rpi-eeprom/
@skazemi
skazemi / install-realvnc-server-linux-arm64.sh
Created June 1, 2021 15:18
Install RealVNC server on arm64 linux (Ubuntu on RasPi)
mkdir realvncserversetup && cd realvncserversetup
echo Add armhf arch
sudo dpkg --add-architecture armhf && sudo apt update
echo Download and install RealVNC server
wget -nv https://www.realvnc.com/download/file/vnc.files/VNC-Server-6.7.4-Linux-ARM.deb && sudo apt install ./VNC-Server-6.7.4-Linux-ARM.deb
echo Download and install dependencies
files=( libbcm_host.so libvcos.so libmmal.so libmmal_core.so libmmal_components.so \
libmmal_util.so libmmal_vc_client.so libvchiq_arm.so libvcsm.so libcontainers.so )
@russelltadams
russelltadams / gist:de3a05ebcdcd08394ad1720466f00252
Last active January 17, 2024 10:30
Flash IT mode firmware onto 9220-8i, good luck!
LSI 9220-8i flash to IT firmware via UEFI shell.
Format USB stick to FAT
Put FreeDOS on it via UNebootin
Get a copy of Shell_Full.efi v1. It must not be version 2. Do "ver" in the shell to see.
Put a copy of Shell_Full.efi in the root, and in "/efi/boot" and rename them to "bootx64.efi"
Some say depending on your bios/mobo you may need to use "shellx64.efi" and/or "/boot/efi".
Copy contents of LSI_DOS into the root of the stick
Copy choses firmware on to the stick (2118it.bin and mptsas2.rom, perhaps)
Copy sas2flash.efi on to the stick