Skip to content

Instantly share code, notes, and snippets.

View cpswan's full-sized avatar
🏡

Chris Swan cpswan

🏡
111 followers · 0 following
View GitHub Profile
@cpswan
cpswan / zerossl-api-certgen.sh
Last active April 22, 2024 13:28
#!/bin/bash
# API keys for ZeroSSL and Digital Ocean
# These particular keys are fake random hex
ZEROSSL_KEY='0f027ac0f3b24ddb3c4412f11fa1e746'
DO_KEY='a3e6ee004fd7c352af61f0465765030b5d162acc94c24fdbb42f7a8c81e897a3'
# Set root domain and take CN from params
DOMAIN=subdomain.example.com
CERT_NAME="$1"."$DOMAIN"
@cpswan
cpswan / nginx.conf
Last active May 29, 2023 12:20
Using nginx to proxy to an AWS ELB
daemon off;
worker_processes 1;
events { worker_connections 1024; }
http{
sendfile on;
@cpswan
cpswan / sshvps
Created January 8, 2017 21:47
autossh init script for keeping up a connection to a VPS
### BEGIN INIT INFO
# Provides: sshvps
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Should-Start: $network
# Should-Stop: $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Tunnel to VPS
# Description: This runs a script continuously in screen.
@cpswan
cpswan / gmail.py
Created January 22, 2017 11:13
Example Network UPS Tool (NUT) configs
#!/usr/bin/python
import os
import sys
import smtplib
import mimetypes
from email.MIMEMultipart import MIMEMultipart
from email.MIMEBase import MIMEBase
from email.MIMEText import MIMEText
from email.MIMEAudio import MIMEAudio
from email.MIMEImage import MIMEImage
@cpswan
cpswan / mssql.rules
Created September 7, 2015 10:53
Suricata rule set for MS SQL Server
# Emerging Threats
#
# This distribution may contain rules under two different licenses.
#
# Rules with sids 1 through 3464, and 100000000 through 100000908 are under the GPLv2.
# A copy of that license is available at http://www.gnu.org/licenses/gpl-2.0.html
#
# Rules with sids 2000000 through 2799999 are from Emerging Threats and are covered under the BSD License
# as follows:
#
@cpswan
cpswan / unbound_ext.conf
Created April 27, 2021 09:37
Unbound config files
forward-zone:
name: "."
forward-addr: 1.1.1.1@853#one.one.one.one
forward-addr: 1.0.0.1@853#one.one.one.one
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-tls-upstream: yes
@cpswan
cpswan / named.conf
Last active October 20, 2020 17:47
Unbound/BIND config for DNS over TLS to 1.1.1.1
options {
directory "/tmp";
listen-on-v6 { none; };
forwarders {
127.0.0.1 port 2053;
};
auth-nxdomain no; # conform to RFC1035
@cpswan
cpswan / vpcdns.sh
Created August 4, 2015 19:38
Extract VPC DNS IP from AWS instance metadata
#!/bin/bash
MAC="$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/)"
VPCCIDR="$(curl -s http://169.254.169.254/latest/meta-data/network/interfaces/macs/"$MAC"/vpc-ipv4-cidr-block)"
VPCNET="${VPCCIDR%%/*}"
VPCBASE="$(echo "$VPCNET" | cut -d"." -f1-3)"
VPCDNS="$VPCBASE"'.2'
echo "$VPCDNS"
@cpswan
cpswan / autossh_screen.service
Created May 3, 2019 14:59
systemd service description for autossh tunnel within a screen
[Unit]
Description=AutoSSH tunnel in a screen
After=network-online.target
[Service]
User=changeme
Type=simple
Restart=on-failure
RestartSec=3
ExecStart=/usr/bin/screen -DmS tunnel1 /usr/lib/autossh/autossh -M 20020 -D 0.0.0.0:12345 me@mybox.there.com
@cpswan
cpswan / unifi.sh
Created January 21, 2018 15:54
Command line to launch UniFi controller in a Docker container
sudo docker run --rm --init -d -p 8080:8080 -p 8443:8443 -p 3478:3478/udp -p 10001:10001/udp -e TZ='Europe/London' -e RUNAS_UID0=false -e UNIFI_UID=1000 -e UNIFI_GID=1000 -v ~/unifi:/unifi --name unifi jacobalberty/unifi:stable