Skip to content

Instantly share code, notes, and snippets.

View TheHarold's full-sized avatar

TheHarold

14 followers · 49 following
View GitHub Profile
@TheHarold
TheHarold / gist:0bf21da5e459c82f1489bfbb6c413fc4
Created May 18, 2024 07:49
### Keybase proof
I hereby claim:
* I am theharold on github.
* I am vimkp (https://keybase.io/vimkp) on keybase.
* I have a public key ASBdShiQ4Bj-8mGTFhwEhm0X9WSlKSWV9xC-dEbCrVQHAwo
To claim this, I am signing this object:
@TheHarold
TheHarold / useful_proxmox.md
Last active February 9, 2024 20:33
useful_proxmox.md

The below are the commands you can run on a new proxmox setup

sed -i 's/^/#/' /etc/apt/sources.list.d/pve-enterprise.list
sed -i 's/.data.status.toLowerCase() !== '\''active'\''/.data.status.toLowerCase() == '\''active'\''/g' /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
sed -i.backup -z "s/res === null || res === undefined || \!res || res\n\t\t\t.data.status.toLowerCase() \!== 'active'/false/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js && systemctl restart pveproxy.service
@TheHarold
TheHarold / Shutdown proxmox after 30 mins of being idle.md
Last active June 24, 2023 20:21
Shutdown proxmox after 30 mins of being idle

Background
I've a home lab running Proxmox and I often forget to shut the host, wasting power even when there's no containers or virtual machines running. This script is setup on cron to run every 5 mins, it checks, if there are no containers & Virtual machines running then it will shut down the host in 30 mins or 1800 sec.

#! /bin/bash

if [[ $(/usr/sbin/pct list | /usr/bin/grep -i running | /usr/bin/wc -l) == 0 && $(/usr/sbin/qm list | /usr/bin/grep running | /usr/bin/wc -l) == 0 ]]; then
    /usr/bin/sleep 1800
	if [[ $(/usr/sbin/pct list | /usr/bin/grep -i running | /usr/bin/wc -l) == 0 && $(/usr/sbin/qm list | /usr/bin/grep running | /usr/bin/wc -l) == 0 ]]; then
@TheHarold
TheHarold / Password protect GRUB Menu editing only without forcing to enter credentials to load bootloader menu items.md
Created December 14, 2022 15:44
Password protect GRUB Menu editing only, without forcing to enter credentials to load bootloader menu items

Background
The requirement was to secure the bootloader without needing to share the credentials with the end user to be able to boot into the operating system.

Securing Bootloader is required to

i. Preventing Access to Single User Mode — If attackers can boot the system into single user mode, they are logged in automatically as root without being prompted for the root password.

ii. Preventing Access to the GRUB Console — If the machine uses GRUB as its boot loader, an attacker can use the use the GRUB editor interface to change its configuration or to gather information using the cat command.

iii Preventing Access to Non-Secure Operating Systems — If it is a dual-boot system, an attacker can select at boot time an operating system, such as DOS, which ignores access controls and file permissions.

@TheHarold
TheHarold / Configure TPM2 to automatically unlock LUKS encrypted drive during boot on Ubuntu Server.md
Created December 11, 2022 22:17
Configure TPM2 to automatically unlock LUKS encrypted drive during boot on Ubuntu Server

This is a step by step document to help you setup unlocking LUKS partition with Clevis. However, Arch Linux Wiki details the built in support for unlocking LUCS without requiring Clevis but the steps are not entirely cleaar.

Step 1: Install Clevis packages and refresh the TPM permissions

$ sudo -i
# apt install clevis clevis-tpm2 clevis-luks clevis-udisks2 clevis-systemd clevis-initramfs -y
# udevadm trigger
@TheHarold
TheHarold / gist:c362153d06d0039e19d971d217aa4bbc
Created December 11, 2022 19:10
Python3 program to print all li (HTML List items element) tag values for a supplied website
# Python3 program to print all li tag values for a supplied website
import requests
import argparse
from bs4 import BeautifulSoup
print(help)
parser = argparse.ArgumentParser(description='This is a program to print all li tags')
parser.add_argument("-url", help="enter the URL you want to parse. eg. https://www.mirraw.com/")
@TheHarold
TheHarold / gist:7b87c1170e97fb5cbefdfdc55faa925e
Last active May 3, 2023 11:12
Configure TPM2 to automatically unlock LUKS encrypted drive during boot on Ubuntu Server
This is a step by step document to help you setup unlocking LUKS partition with Clevis. However, Arch Linux Wiki details the built in support for unlocking LUCS without requiring Clevis but the steps are not entirely cleaar.
Step 1: Install Clevis packages and refresh the TPM permissions
```
$ sudo -i
# apt install clevis clevis-tpm2 clevis-luks clevis-udisks2 clevis-systemd clevis-initramfs -y
# udevadm trigger
```
@TheHarold
TheHarold / How To Sign Your Commits On GitHub With GPG.md
Last active November 30, 2022 21:00

TL;DR

This post details how to set-up GPG to sign your commits/tags, as well as adding your GPG public keys to your GitHub account.

The Story

In this blog post, I will detail how you can set-up their system such that they can use a GPG key to sign their git commits/tags and why you need to.

Judging from the title of this post you are probably wondering, why should I even sign my commits or what is GPG and what difference does this make. You would also probably be like, I have been pushing code to GitHub for ages and why do I need to sign my commits now...

@TheHarold
TheHarold / How To Sign Your Commits On GitHub With GPG
Last active November 30, 2022 21:01
https://dev.to/mmphego/how-to-sign-your-commits-on-github-with-gpg-37nj
TL;DR
This post details how to set-up GPG to sign your commits/tags, as well as adding your GPG public keys to your GitHub account.
The Story
In this blog post, I will detail how you can set-up their system such that they can use a GPG key to sign their git commits/tags and why you need to.
Judging from the title of this post you are probably wondering, why should I even sign my commits or what is GPG and what difference does this make. You would also probably be like, I have been pushing code to GitHub for ages and why do I need to sign my commits now...
@TheHarold
TheHarold / id_rsa_encryption.md
Created April 22, 2021 18:36
Encrypt/Decrypt a File using your SSH Public/Private Key on Mac OS X

A Guide to Encrypting Files with Mac OS X

This guide will demonstrate the steps required to encrypt and decrypt files using OpenSSL on Mac OS X. The working assumption is that by demonstrating how to encrypt a file with your own public key, you'll also be able to encrypt a file you plan to send to somebody else using their private key, though you may wish to use this approach to keep archived data safe from prying eyes.

Too Long, Didn't Read

Assuming you've already done the setup described later in this document, that id_rsa.pub.pcks8 is the public key you want to use, that id_rsa is the private key the recipient will use, and secret.txt is the data you want to transmit…

Encrypting

$ openssl rand 192 -out key

$ openssl aes-256-cbc -in secret.txt -out secret.txt.enc -pass file:key