Skip to content

Instantly share code, notes, and snippets.

Avatar

dragon788 dragon788

View GitHub Profile
@dragon788
dragon788 / fetch_tools.md
Last active Mar 30, 2021
Handy tool snippets
View fetch_tools.md
VERSION=`curl  "https://api.github.com/repos/cli/cli/releases/latest" | \
grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/' | cut -c2-`; \
curl -sSL https://github.com/cli/cli/releases/download/v${VERSION}/gh_${VERSION}_linux_amd64.tar.gz | \
sudo tar xzfC - /usr/local --strip-components=1
@dragon788
dragon788 / notes.md
Created Oct 4, 2020
Chromefy / Project Croissant 🥐 notes
View notes.md

Creating the image isn't hard, the trouble is the stupid installer never seems to work properly according to their directions on most system that I've tried (primarily Chromebooks, so YMMV). The only surefire method that has worked for me every single time is using dd from the Ctrl+Alt+F2 shell (or one in a logged in account, but then that account gets copied over to the target system) or dd or the 'python-awesome-dd' script from a Linux LiveUSB. If you use dd you probably need to run the fix-grub.sh script from the chromefy repo and the lab folder. There is a short URL for it, curl -L goo.gl/HdjwAZ | bash -s /dev/sda to grab the file and run it assuming you are in a root shell.

You MUST be in Developer Mode if you are attempting to Chromefy an existing ChromeOS device. Then after the Dev Mode changeover wipes the device you should access the system shell (aka VTY) using Ctrl+Alt+F2 (usually the Forward key depending on the age of the device but may also be Refresh or something else, and you m

@dragon788
dragon788 / gist:68e6e4192fbf8bc5f4aa2eef0c8eb783
Last active Oct 16, 2020
Te-Smart TESmart Shell Script CLI interface
View gist:68e6e4192fbf8bc5f4aa2eef0c8eb783
#!/bin/bash
echo_docs() {
cat <<'EOD'
EOD
}
# use case to echo `network` `port` `autoselect` or `LED` sections or if no arg output all of them
set_network () {
@dragon788
dragon788 / !scdrand-yubikey-nitro-compile-and-installation.md
Last active May 9, 2021
Script to use scdrand to generate entropy from smartcard
View !scdrand-yubikey-nitro-compile-and-installation.md

Using scdrand to utilize a smartcard as a hardware RNG

Copy/download the quick build steps file and execute it with sh quick-build-steps.sh and if you are on Debian and have Docker it should fetch the Dockerfile here which when run with the docker build in the script clones scdtools and installs scdrand (and scdtotp) on your host system.

After you've installed it you can run sudo scdrand to get try and add some entropy to the kernel pool.

@dragon788
dragon788 / gitlab-local.sh
Created Aug 5, 2020
Updated gitlab-runner supporting docker in docker
View gitlab-local.sh
#!/usr/bin/env bash
set -euo pipefail
usage () {
echo "Usage: $(basename $0) {up|down|[job stage]}"
echo "[job stage] - defaults to "build" and supports multiple comma delimited jobs"
echo "$(basename $0) test,build"
}
PWD_RESOLVED="$(pwd -P)"
@dragon788
dragon788 / crostini-libvirt-vagrant.md
Last active Jun 17, 2020
Crostini libvirt tips and tricks
View crostini-libvirt-vagrant.md

libvirt tweaks for Crostini

Important bits

sudo apt install virt-manager # includes libvirt/virsh/etc

curl -L https://vagrantup.com/whatever/vagrant-version.deb
sudo dpkg -i vagrant*.deb

For the vagrant-libvirt plugin you may need to use an alternate ruby/vagrant path in the call to install the plugin.

@dragon788
dragon788 / reset-libvirt-qemu-kvm-tablet-input.sh
Created Mar 18, 2020
Sometimes the mouse cursor stops responding or two finger scrolling doesn't work, this quick reset fixes that
View reset-libvirt-qemu-kvm-tablet-input.sh
virsh detach-device --domain macOS-Simple-KVM --live --conf
ig <( cat << 'EOF'
<input type='tablet' bus='usb'>
<alias name='input3'/>
<address type='usb' bus='0' port='2'/>
</input>
EOF
)
sleep 2
virsh attach-device --domain macOS-Simple-KVM --live --conf
@dragon788
dragon788 / !readme.md
Last active Feb 27, 2020
Clear Linux basic setup
View !readme.md

Setting up Clear Linux with i3 and Yubikey bits

See [bootstrap.sh] for quickest swupd package bundle installation.

If you are tricksy you can curl the raw [bootstrap.sh] file and examine it and then chmod +x bootstrap.sh and run it yourself.

The bootstrap currently doesn't automatically force you into i3, but if you log out and select your user from the login screen and click the ⚙️ icon and select i3 from the list, then enter your password if you didn't already and login.

@dragon788
dragon788 / gist:b255a12f019ffc4274ff1f1c64861a81
Created Feb 9, 2020
TFTP boot for openwrt / GLiNet / LEDE and Clear Linux
View gist:b255a12f019ffc4274ff1f1c64861a81
tee -a /etc/dnsmasq.conf << EOF
dhcp-match=set:ipxeclient,60,IPXEClient*
dhcp-match=set:bios,60,PXEClient:Arch:00000
dhcp-boot=tag:bios,netboot.xyz.kpxe,,192.168.8.1
dhcp-match=set:efi32,60,PXEClient:Arch:00002
dhcp-boot=tag:efi32,netboot.xyz.efi,,192.168.8.1
dhcp-match=set:efi32-1,60,PXEClient:Arch:00006
dhcp-boot=tag:efi32-1,netboot.xyz.efi,,192.168.8.1
dhcp-match=set:efi64,60,PXEClient:Arch:00007
dhcp-boot=tag:efi64,netboot.xyz.efi,,192.168.8.1
@dragon788
dragon788 / !notes.md
Created Jan 5, 2020
Getting a PiVPN profile working on GL.iNet GL-AR-750S
View !notes.md

If you've used the PiVPN scripts to generate a profile and protected your private key with a passphrase (a very good practice), then you will need a way to decrypt this during the "non-interactive" OpenVPN connection on the router.

The option that I used that worked was to create a separate file that could be referenced in the profile by adding an askpass option that contains only the passphrase.

https://stackoverflow.com/a/24071181/3794873

I'm planning to also test with a dummy empty .pass file since it seems like maybe the OpenVPN profile upload in the GL.iNet firmware doesn't realize that the PiVPN generated ovpn profile has an encrypted private key so it doesn't prompt for one until it sees multiple files in a zip. If you upload a zip that contains the ovpn profile and another file, it seems to assume that the other file is a key or certificate that might need a passphrase so it requests one after the upload.