- Set VNC password:
sudo x11vnc -storepasswd [YOUR VNC PASSWORD] /etc/x11vnc.passwd
- Install Systemd Unit File
sudo cp [path to]/vnc.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable vnc.service
# Install QEMU-6.1.0 | |
wget https://download.qemu.org/qemu-6.1.0.tar.xz | |
tar xvJf qemu-6.1.0.tar.xz | |
cd qemu-6.1.0 | |
./configure | |
make | |
sudo make install | |
# Download Armbian (Ubuntu Focal 20.04) for OrangePi PC | |
wget https://mirrors.netix.net/armbian/dl/orangepipc/archive/Armbian_21.08.1_Orangepipc_focal_current_5.10.60.img.xz |
kern.maxproc: Maximum number of processes | |
kern.ngroups: Maximum number of supplemental groups a user can belong to | |
kern.ipc.shm_allow_removed: Enable/Disable attachment to attached segments marked for removal | |
kern.ipc.shm_use_phys: Enable/Disable locking of shared memory pages in core | |
kern.ipc.shmall: Maximum number of pages available for shared memory | |
kern.ipc.shmseg: Number of segments per process | |
kern.ipc.shmmni: Number of shared memory identifiers | |
kern.ipc.shmmin: Minimum shared memory segment size | |
kern.ipc.shmmax: Maximum shared memory segment size | |
kern.ipc.semaem: Adjust on exit max value |
#!/bin/bash | |
# These steps will allow the setup of an on-demand SSH proxy | |
# Three unit files will be created to serve this purpose: | |
# ssh-socks-helper.socket - The listening socket providing activation | |
# ssh-socks-helper.service - A systemd proxy to pass the socket fd | |
# ssh-socks.service - The actual SSH service providing the tunnel | |
cat <<'EOF' > ~/.config/systemd/user/ssh-socks-helper.socket | |
[Unit] | |
Description=Proxy Helper Socket for Bastion SOCKS5 Proxy |
kern.maxproc: Maximum number of processes | |
kern.ngroups: Maximum number of supplemental groups a user can belong to | |
kern.ipc.shm_allow_removed: Enable/Disable attachment to attached segments marked for removal | |
kern.ipc.shm_use_phys: Enable/Disable locking of shared memory pages in core | |
kern.ipc.shmall: Maximum number of pages available for shared memory | |
kern.ipc.shmseg: Number of segments per process | |
kern.ipc.shmmni: Number of shared memory identifiers | |
kern.ipc.shmmin: Minimum shared memory segment size | |
kern.ipc.shmmax: Maximum shared memory segment size | |
kern.ipc.semaem: Adjust on exit max value |
#!/bin/sh | |
set -e | |
#set -x | |
CONFIGFS="/sys/kernel/config" | |
GADGET="$CONFIGFS/usb_gadget" | |
VID="0x0525" | |
PID="0xa4a2" | |
SERIAL="0123456789" |
# Only for remote UDP https://stackpointer.io/network/ssh-port-forwarding-tcp-udp/365/ | |
# Local UDP server to Remote UDP server | |
ssh -L 9999:127.0.0.1:9999 percro@alientelecom socat tcp4-listen:9999,reuseaddr,fork udp:target:9999 | |
socat -T15 udp4-recvfrom:9999,reuseaddr,fork tcp:localhost:9999 | |
# Remote UDP server to Local UDP server | |
ssh -R 9999:127.0.0.1:9999 percro@alientelecom socat udp4-recvfrom:9999,reuseaddr,fork tcp:localhost:9999 | |
socat -T15 tcp4-listen:9999,reuseaddr,fork udp:localhost:9999 |
This gist includes a certificate renewal script, which I use to renew both of my LetsEncrypt certificates, as well as the systemd unit files necessary to automate it. It's currently set to run every 12 hours, and renews the certificates if they expire in less than 3 days. The certbot tool is required in order to use this script. Note that I generated my keys and CSR manually because I needed to add specific extensions to my certificates. That process is not covered here.
Filename | Description |
---|---|
01-getcert.sh |
The certificate renewal script. |
02-cli.ini |
Example Certbot configuration. |
03-getcert.timer |
The systemd timer unit file. |
04-getcert.service |
The systemd service unit file. |
05-openssl.conf |
Example openssl.conf for the CSR |
06-getcert-ddns.sh |
DDNS version of the renewal script. |