Skip to content

Instantly share code, notes, and snippets.

View ageis's full-sized avatar
💭
available for hire in Bay Area https://cointel.pro/resume

Kevin M. Gallagher ageis

💭
available for hire in Bay Area https://cointel.pro/resume
View GitHub Profile
@ageis
ageis / kdf-do-setup.sh
Created May 14, 2018 09:15
OpenPGP KDF-DO setup script for smartcards
#! /bin/bash
# Original author: NIIBE Yutaka <gniibe@fsij.org>
# URL: https://dev.gnupg.org/T3823
# Usage: ./kdf-do-setup.sh
GPG_CONNECT_AGENT=gpg-connect-agent
PW_USER="123456"
PW_ADMIN="12345678"
@ageis
ageis / vlcrc
Last active June 17, 2024 12:44
Best VLC settings for listening to music or audio. Sections go in ~/.config/vlcrc. Applies compression, an equalizer emphasizing low and high mids, volume normalization plus highest-quality sample rate conversion.
[compressor] # Dynamic range compressor
# RMS/peak (float)
compressor-rms-peak=0.100000
# Attack time (float)
compressor-attack=50.000000
# Release time (float)
compressor-release=250.000000
# Threshold level (float)
compressor-threshold=-20.000000
# Ratio (float)
@ageis
ageis / systemd_service_hardening.md
Last active June 17, 2024 07:52
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@ageis
ageis / openpgp-card-guide.md
Last active June 14, 2024 07:10
Quick GPG Smartcard Guide
@ageis
ageis / bitcoin-monitor.md
Last active June 5, 2024 01:36
Prometheus exporter for monitoring statistics of Bitcoin daemon

bitcoind-monitor.py

This is a script written in Python intended to run alongside a Bitcoin node and export statistics for monitoring purposes. It assumes the existence of bitcoin-cli in the PATH and access to the RPC interface over localhost.

It tracks stuff like: block height, difficulty, number of peers, network hash rate, errors, uptime in seconds, mempool size, size of recent blocks, number of transactions within blocks, chaintips, total bytes received and sent, and transaction inputs and outputs. These Bitcoin metrics are refreshed once every 5 minutes.

How it works

Prometheus is a monitoring system and time-series database.

Usage: apt-get -o "Dpkg::options==--option" --reinstall install <package>
$ dpkg --force-help
[!] all Set all force options
[*] downgrade Replace a package with a lower version
configure-any Configure any package which may help this one
hold Process incidental packages even when on hold
not-root Try to (de)install things even when not root
bad-path PATH is missing important programs, problems likely
bad-verify Install a package even if it fails authenticity check
@ageis
ageis / YubiKey-GPG-SSH-guide.md
Last active May 20, 2024 09:52
Technical guide for using YubiKey series 4 for GPG and SSH

YubiKey 4 series GPG and SSH setup guide

Written for fairly adept technical users, preferably of Debian GNU/Linux, not for absolute beginners.

You'll probably be working with a single smartcard, so you'll want only one primary key (1. Sign & Certify) and two associated subkeys (2. Encrypt, 3. Authenticate). I've published a Bash function which automates this slightly special key generation process.

@ageis
ageis / .bashrc 02-25-2020
Last active May 10, 2024 02:34
@ageis's ~/.bashrc 🖥️ with numerous useful functions, aliases and one-liners. ⚠️ NOTE: many paths in sourced scripts and environment variables are specific to my system, but if you dig in I hope you'll find something you can use!
#!/bin/bash
# ~/.bashrc: executed by bash(1) for non-login shells.
# kevin gallagher (@ageis) <kevingallagher@gmail.com>
# normally I divide this into separate files: .bashrc, .bash_profile, .bash_aliases and .bash_functions (also .bash_logout), but it's all concatenated here.
ulimit -s unlimited
export MYUID=$(id -u)
export USER="$(id -un)"
if [[ "$TILIX_ID" ]] || [[ "$VTE_VERSION" ]]; then
@ageis
ageis / Generating stronger DH parameters for nginx
Last active May 5, 2024 12:11 — forked from plentz/nginx.conf
Generating stronger DH parameters for nginx's SSL
# run in the terminal, then set as ssl_dhparam in nginx.conf
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096
@ageis
ageis / dirmngr.conf
Last active February 19, 2024 21:05
GnuPG configuration files
log-file /home/kevin/.gnupg/dirmngr.log
use-tor
debug-level basic
debug ipc,dns
verbose
disable-ipv6
keyserver hkps://hkps.pool.sks-keyservers.net
hkp-cacert /usr/share/gnupg/sks-keyservers.netCA.pem