Skip to content

Instantly share code, notes, and snippets.

View dgeo's full-sized avatar

dgeo dgeo

  • Ecole Centrale Méditerranée
  • internet
View GitHub Profile
@dgeo
dgeo / nc_upgrade.sh
Last active July 31, 2024 15:38
nextcloud upgrade script
#!/bin/sh -e
#
# Updater script for nextcloud + apps
#
# Designed for "maintenance" user different from "run" user
# eg: here php runs with _nextcloud:nextcloud and maintenance is done by nextcloud:nextcloud
# this way, an exploit cannot rewrite the code in place (datadir does not allow php execution)
#
# Needs curl, xpath (perl module XML::XPath), jq
#
@dgeo
dgeo / surveille-spam.pl
Last active December 12, 2022 09:49
parse postfix maillog to detect hacked accounts
#!/usr/bin/env perl
#
# surveilleur de logins sasl: compte les IP's de provenance d'un meme login
#
# needs geoip2 perl module and GeoLite2-Country.mmdb (use geoipupdate)
#
# run by cron on a daily-rotated maillog:
# 2 */1 * * * root /usr/local/admin/ssi/surveille-spam.pl /data/logs/serveurs/maillog
# 1 0 * * * root /usr/local/admin/ssi/surveille-spam.pl /data/logs/serveurs/maillog.0
use strict;
@dgeo
dgeo / upgrade_php.sh
Created July 21, 2018 11:16
upgrade/downgrade php version on FreeBSD
#!/bin/sh
#
# replace php version on FreeBSD
#
# usage: $0 [php56|php70|php71|php72|…] | sh
OVERS=$(pkg info -q |grep '^php[0-9][0-9]-[0-9]'| sed 's/-[0-9].*$//')
NVERS=${1:-php71}
echo "from $OVERS to $NVERS (CTRL+C ?)" >&2
read nimp
@dgeo
dgeo / ssh_key_to_aruba_pub_cert.sh
Last active November 19, 2020 19:48
create an aruba public cert from openssh keypair
#!/bin/sh -e
#
# this script will take your ssh keypair (key and key.pub) to create a
# public certificate accepted by an aruba controller to be able to login
# with an ssh private key
#
if [ $# -ne 2 -o ! -f "$1" -o -z "$2" ]; then
echo "usage: $0 ssh_priv_key_file login"
exit 1
fi
@dgeo
dgeo / vipf.sh
Last active June 30, 2017 22:44
vipf
#!/bin/sh
# edition "secure" de /etc/pf.conf
# première version: alias vipf='cp -f /etc/pf.conf /tmp/pf.conf.new && vim /tmp/pf.conf.new; diff /tmp/pf.conf.new /etc/pf.conf || ( pfctl -nf /tmp/pf.conf.new && (cp -f /etc/pf.conf /etc/pf.conf.bak; mv /tmp/pf.conf.new /etc/pf.conf; pfctl -f /etc/pf.conf))'
#
# si appele avec plusieurs arguments, ce sont des IP's des
# machines pf a syncroniser (la sienne comprise eventuellement)
#
# teste sous OpenBSD & FreeBSD
#
# usage: $0 [IP1 IP2]
@dgeo
dgeo / domain2cidr.pl
Created January 27, 2017 12:29
get all ip ranges of an org from a single domain name
#!/usr/bin/env perl
#
# un p'tit script pour lister les adresses liées à un domaine.
#
# algo: domaine -> DNS -> IP -> whois -> listes de blocs
#
use strict;
use warnings;
use JSON;
@dgeo
dgeo / gandi.rb
Last active August 29, 2015 14:12 — forked from mat813/gandi.rb
#!/usr/bin/env ruby
# ods-ksmutil key export --keystate ready -t KSK --all | ruby gandi.rb ready
# ods-ksmutil key export --keystate retire -t KSK --all | ruby gandi.rb retire
require 'pp'
require 'rubygems'
require 'dnsruby'
require 'xmlrpc/client'
QUOI = ARGV[0]