Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
available for hire in Bay Area https://cointel.pro/resume

Kevin M. Gallagher ageis

💭
available for hire in Bay Area https://cointel.pro/resume
View GitHub Profile
@ageis
ageis / alerts.json
Created Nov 20, 2019
alertmanager2es index template mappings
View alerts.json
{
"template": "alerts-*",
"settings": {
"number_of_shards": 1,
"number_of_replicas": 1,
"index.refresh_interval": "10s",
"index.query.default_field": "groupLabels.alertname"
},
"index_patterns": ["alerts-*"],
"mappings": {
@ageis
ageis / channel-prefs.js
Last active Sep 17, 2019
@ageis's Firefox user settings (9/16/2019), hardened for security, privacy, and anti-fingerprinting, with some exceptions. Install into your profile, enter into about:config, replace channel-prefs or just use ghacks: https://github.com/ghacksuserjs/ghacks-user.js
View channel-prefs.js
user_pref("accessibility.force_disabled", 1);
user_pref("alerts.showFavicons", false);
user_pref("app.normandy.api_url", "");
user_pref("app.normandy.enabled", false);
user_pref("app.shield.optoutstudies.enabled", false);
user_pref("app.update.auto", false);
user_pref("app.update.channel", "aurora");
user_pref("app.update.enabled", true);
user_pref("app.update.service.enabled", true);
@ageis
ageis / gen_smartcard_key.sh
Last active Oct 21, 2019
Generate a GPG key suitable for an OpenPGP smartcard or YubiKey device (utilizing three slots and all four capabilities)
View gen_smartcard_key.sh
#!/bin/bash
# script generates a GPG master key with Certify+Sign capabilities, and two subkeys each possessing the Encrypt and Authenticate capabilities.
# intended to fill the 3 slots on a YubiKey <https://www.yubico.com/products/yubikey-hardware/> or OpenPGP card <https://g10code.com/p-card.html>
# allows selection of variables via a single dependency besides GnuPG 2.x: dialog
# kevin gallagher (@ageis) <kevingallagher@gmail.com>
function gen_smartcard_key() {
local GPG_KEY_ALGO="RSA"
local GPG_KEY_CREATION_DATE="$(date +%Y-%m-%d)"
if [[ -z "${GNUPGHOME}" ]]; then
@ageis
ageis / .bashrc 02-25-2020
Last active Jul 31, 2020
@ageis's ~/.bashrc 🖥️ with numerous useful functions, aliases and one-liners. ⚠️ NOTE: many paths in sourced scripts and environment variables are specific to my system, but if you dig in I hope you'll find something you can use!
View .bashrc 02-25-2020
#!/bin/bash
# ~/.bashrc: executed by bash(1) for non-login shells.
# kevin gallagher (@ageis) <kevingallagher@gmail.com>
# normally I divide this into separate files: .bashrc, .bash_profile, .bash_aliases and .bash_functions (also .bash_logout), but it's all concatenated here.
ulimit -s unlimited
export MYUID=$(id -u)
export USER="$(id -un)"
if [[ "$TILIX_ID" ]] || [[ "$VTE_VERSION" ]]; then
@ageis
ageis / icmp_ping.py
Created May 21, 2019
Ansible ICMP ping module
View icmp_ping.py
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# (c) 2019, Ansible by Red Hat, inc
# (c) 2019 Kevin Gallagher (@ageis) <kevingallagher@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
ANSIBLE_METADATA = {"metadata_version": "1.1", "status": ["preview"], "supported_by": "community"}
@ageis
ageis / vlcrc
Last active May 6, 2019
Best VLC settings for listening to music or audio. Sections go in ~/.config/vlcrc. Applies compression, an equalizer emphasizing low and high mids, volume normalization plus highest-quality sample rate conversion.
View vlcrc
[compressor] # Dynamic range compressor
# RMS/peak (float)
compressor-rms-peak=0.100000
# Attack time (float)
compressor-attack=50.000000
# Release time (float)
compressor-release=250.000000
# Threshold level (float)
compressor-threshold=-20.000000
# Ratio (float)
@ageis
ageis / getframes.py
Last active May 1, 2019
Extract JPEG frames from video while applying optional magnification/cropping/sharpening/contrast enhancement; specify the duration/section or use keyframes/one frame per second, etc.
View getframes.py
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# coding: utf-8
from __future__ import unicode_literals
from __future__ import print_function
import argparse
import re
import json
@ageis
ageis / certdata2bundle.py
Last active Apr 28, 2019
certdata2bundle.py — retrieves Mozilla/NS root trust store, re-encodes DER/base64 as PEM bundle sans metadata
View certdata2bundle.py
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# vim:set et sw=4:
#
# certdata2bundle.py
# retrieves CA certificates from the Mozilla/NSS root trust store in base64/DER
# format and re-encodes them as a concatenated PEM bundle sans metadata
# writes all CA certificates to /etc/ssl/cacerts.pem
#
# Copyright (C) 2019 Kevin M. Gallagher <kevingallagher@gmail.com>
@ageis
ageis / showqrcode.c
Last active Apr 28, 2019
A utility to display QR codes in the CLI/terminal. To build, run `gcc showqrcode.c -ldl -o showqrcode`
View showqrcode.c
// showqrcode: A utility to display QR codes in the terminal.
// Copyright © 2019 Kevin Gallagher <kevingallagher@gmail.com>
// Modified and based upon original code from libpam-google-authenticator:
// https://github.com/google/google-authenticator-libpam
// The original license is printed below.
//
// Helper program to generate a new secret for use in two-factor
// authentication.
//
// Copyright 2010 Google Inc.
@ageis
ageis / certbot_exporter.md
Last active Jul 4, 2020
certbot Prometheus exporter (Let's Encrypt metrics)
View certbot_exporter.md

certbot_exporter.py

This is a script written in Python intended to run alongside a certbot instance and export statistics for monitoring purposes. It assumes the existence of certbot in the PATH plus read access to /etc/letsencrypt.

It tracks stuff like: number of certs, number of SANs, expiry time, seconds until expiry, and the status of the certificate per ACME.

How it works

Prometheus is a monitoring system and time-series database.

You can’t perform that action at this time.