Skip to content

Instantly share code, notes, and snippets.

View Tugzrida's full-sized avatar

Cameron Steel Tugzrida

10 followers · 4 following
View GitHub Profile
@Tugzrida
Tugzrida / certbot-cloudflare-hook.py
Last active April 21, 2024 20:47
Certbot Cloudflare DNS challenge hook script
#!/usr/bin/env python3
# v0.4 Created by Tugzrida(https://gist.github.com/Tugzrida)
# Hook script for obtaining certificates through Certbot via Cloudflare DNS-01 challenge.
# Offers more flexibility for Cloudflare authentication than the certbot-dns-cloudflare plugin.
# Note that this script is not actively maintained or guaranteed to work consistently.
# Use in prod at your own risk and with adequate monitoring!
# Begin by listing the Cloudflare zones(domains) you with to obtain certificates for in the `zones` dict below,
# along with Cloudflare API tokens authorised to edit DNS on those zones. Also see the example dict for the CNAME setup option.
@Tugzrida
Tugzrida / HA_backup_dropbox.py
Last active April 7, 2024 10:55
Backup Home Assistant to Dropbox
#!/usr/bin/python3
from urllib.request import urlopen, Request
from functools import cached_property
from datetime import timedelta, datetime, UTC
import dataclasses as dc
import glob, os, time, dropbox, tarfile, json, sys
######
HA_TOKEN = "XXX"
HA_BACKUP_DIR = "/home/pi/docker/homeassistant/config/backups/"
@Tugzrida
Tugzrida / mta-sts.js
Last active March 31, 2024 12:52
MTA-STS Cloudflare worker
// This worker is designed to be able to neatly handle MTA-STS policies for multiple domains.
// Make a new worker with this script and add your domains to the stsPolicies dict like the example.
// Add a DNS AAAA record for mta-sts.yourdomain.com pointing to 100:: and set to proxied,
// then add a workers route for mta-sts.yourdomain.com/* pointing to this worker.
// You'll still need to manually add the appropriate _mta-sts.yourdomain.com TXT record to enable the policy,
// and the _smtp._tls.yourdomain.com TXT record for reporting.
const stsPolicies = {
@Tugzrida
Tugzrida / HA_Ausgrid_EA025.yaml
Created February 18, 2024 04:16
Ausgrid tariff definitions for Home Assistant
template:
- sensor:
- name: "Current power tariff"
unique_id: sensor.current_power_tariff
state: >
{% if now().weekday() not in (5, 6) and (
(now().month in (11, 12, 1, 2, 3) and 14 <= now().hour <= 19)
or
(now().month in (6, 7, 8) and 17 <= now().hour <= 20)
)-%}
@Tugzrida
Tugzrida / Prometheus Water Meter.md
Last active January 1, 2024 16:46
Prometheus Smart Water Meter project for the ESP32

Prometheus Water Meter

This is a fairly involved process as it seems that no one currently makes a pre-made product that measures water usage from a household meter.

It took quite a while to set up due to WiFi issues and the flow rate code still needs some work as the output is semi-random at the moment.

If you get stuck anywhere I'm happy to answer questions provided this doesn't go viral 😂

Components:

@Tugzrida
Tugzrida / DNS leak test CLI.md
Last active February 12, 2023 18:13
Python CLI for dnsleaktest.com

DNS leak test CLI

A simple python-based CLI front end for dnsleaktest.com

Usage details available with -h

Should run on most platforms as all modules are included in the standard python install

How dnsleaktest.com works

When you visit dnsleaktest.com and run a test, your browser attempts to load resources from randomly generated subdomains of test.dnsleaktest.com.

@Tugzrida
Tugzrida / authorized_keys_jumpbox
Created October 16, 2022 00:55
Persistent SSH connection for remote access
command="echo 'Dialout only'",restrict,port-forwarding,permitlisten="localhost:jumpbox_port",permitopen="[100::]:1" ssh_key
@Tugzrida
Tugzrida / cloudflare_nginx_realip
Last active August 7, 2022 14:00
nginx realip updater for Cloudflare
#!/usr/bin/python3
# v0.5 Created by Tugzrida(https://gist.github.com/Tugzrida/5910e1b1a9d096e297e793890b7c5236)
# This script should be added to the root crontab (or whichever user controls nginx)
# to run perhaps once or twice a day. It will create and keep up to date
# the file /etc/nginx/conf.d/cloudflare_realip.conf which will make all of nginx
# trust and use Cloudflare's provided client IP's.
#
# After updating the file, it runs nginx -t to check the config for errors, and if
# any are found, nginx will not be restarted to avoid taking things down. You may wish
# to add your own error reporting to the handle_error function below.
@Tugzrida
Tugzrida / drop-unknown-hosts.conf
Last active June 28, 2021 07:30
Drop connections to nginx which don't match any server block
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
## For nginx >= 1.19.4:
## If also using openssl >= 1.1.1j, the certificate directives can be removed.
## Even if present, the cert is never sent, it's just a workaround for an openssl bug.
@Tugzrida
Tugzrida / mta-sts
Last active December 11, 2020 06:54
MTA-STS vhost for Nginx
# A simple Nginx vhost to direct all requests to mta-sts.example.com to the mta-sts file.
# Just substitute your domain and certificate paths(MTA-STS *must* be available over HTTPS)
# Then do mkdir -p /var/www/mta-sts/.well-known and add your policy to
# /var/www/mta-sts/.well-known/mta-sts.txt
server {
listen 80;
listen [::]:80;
server_name mta-sts.example.com;