Skip to content

Instantly share code, notes, and snippets.

available for hire in Bay Area

Kevin M. Gallagher ageis

available for hire in Bay Area
View GitHub Profile
ageis / alerts.json
Created Nov 20, 2019
alertmanager2es index template mappings
View alerts.json
"template": "alerts-*",
"settings": {
"number_of_shards": 1,
"number_of_replicas": 1,
"index.refresh_interval": "10s",
"index.query.default_field": "groupLabels.alertname"
"index_patterns": ["alerts-*"],
"mappings": {
ageis / channel-prefs.js
Last active Sep 17, 2019
@ageis's Firefox user settings (9/16/2019), hardened for security, privacy, and anti-fingerprinting, with some exceptions. Install into your profile, enter into about:config, replace channel-prefs or just use ghacks:
View channel-prefs.js
user_pref("accessibility.force_disabled", 1);
user_pref("alerts.showFavicons", false);
user_pref("app.normandy.api_url", "");
user_pref("app.normandy.enabled", false);
user_pref("app.shield.optoutstudies.enabled", false);
user_pref("", false);
user_pref("", "aurora");
user_pref("app.update.enabled", true);
user_pref("app.update.service.enabled", true);
ageis /
Last active Oct 21, 2019
Generate a GPG key suitable for an OpenPGP smartcard or YubiKey device (utilizing three slots and all four capabilities)
# script generates a GPG master key with Certify+Sign capabilities, and two subkeys each possessing the Encrypt and Authenticate capabilities.
# intended to fill the 3 slots on a YubiKey <> or OpenPGP card <>
# allows selection of variables via a single dependency besides GnuPG 2.x: dialog
# kevin gallagher (@ageis) <>
function gen_smartcard_key() {
local GPG_KEY_CREATION_DATE="$(date +%Y-%m-%d)"
if [[ -z "${GNUPGHOME}" ]]; then
ageis / .bashrc 02-25-2020
Last active Jul 31, 2020
@ageis's ~/.bashrc 🖥️ with numerous useful functions, aliases and one-liners. ⚠️ NOTE: many paths in sourced scripts and environment variables are specific to my system, but if you dig in I hope you'll find something you can use!
View .bashrc 02-25-2020
# ~/.bashrc: executed by bash(1) for non-login shells.
# kevin gallagher (@ageis) <>
# normally I divide this into separate files: .bashrc, .bash_profile, .bash_aliases and .bash_functions (also .bash_logout), but it's all concatenated here.
ulimit -s unlimited
export MYUID=$(id -u)
export USER="$(id -un)"
if [[ "$TILIX_ID" ]] || [[ "$VTE_VERSION" ]]; then
ageis /
Created May 21, 2019
Ansible ICMP ping module
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# (c) 2019, Ansible by Red Hat, inc
# (c) 2019 Kevin Gallagher (@ageis) <>
# GNU General Public License v3.0+ (see COPYING or
from __future__ import absolute_import, division, print_function
ANSIBLE_METADATA = {"metadata_version": "1.1", "status": ["preview"], "supported_by": "community"}
ageis / vlcrc
Last active May 6, 2019
Best VLC settings for listening to music or audio. Sections go in ~/.config/vlcrc. Applies compression, an equalizer emphasizing low and high mids, volume normalization plus highest-quality sample rate conversion.
View vlcrc
[compressor] # Dynamic range compressor
# RMS/peak (float)
# Attack time (float)
# Release time (float)
# Threshold level (float)
# Ratio (float)
ageis /
Last active May 1, 2019
Extract JPEG frames from video while applying optional magnification/cropping/sharpening/contrast enhancement; specify the duration/section or use keyframes/one frame per second, etc.
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# coding: utf-8
from __future__ import unicode_literals
from __future__ import print_function
import argparse
import re
import json
ageis /
Last active Apr 28, 2019 — retrieves Mozilla/NS root trust store, re-encodes DER/base64 as PEM bundle sans metadata
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# vim:set et sw=4:
# retrieves CA certificates from the Mozilla/NSS root trust store in base64/DER
# format and re-encodes them as a concatenated PEM bundle sans metadata
# writes all CA certificates to /etc/ssl/cacerts.pem
# Copyright (C) 2019 Kevin M. Gallagher <>
ageis / showqrcode.c
Last active Apr 28, 2019
A utility to display QR codes in the CLI/terminal. To build, run `gcc showqrcode.c -ldl -o showqrcode`
View showqrcode.c
// showqrcode: A utility to display QR codes in the terminal.
// Copyright © 2019 Kevin Gallagher <>
// Modified and based upon original code from libpam-google-authenticator:
// The original license is printed below.
// Helper program to generate a new secret for use in two-factor
// authentication.
// Copyright 2010 Google Inc.
ageis /
Last active Jul 4, 2020
certbot Prometheus exporter (Let's Encrypt metrics)

This is a script written in Python intended to run alongside a certbot instance and export statistics for monitoring purposes. It assumes the existence of certbot in the PATH plus read access to /etc/letsencrypt.

It tracks stuff like: number of certs, number of SANs, expiry time, seconds until expiry, and the status of the certificate per ACME.

How it works

Prometheus is a monitoring system and time-series database.

You can’t perform that action at this time.