Skip to content

Instantly share code, notes, and snippets.

@jamesmacwhite
jamesmacwhite / apc-powerchute-business-edition-log4j-CVE-mitigation.bat
Last active Jan 1, 2022
APC PowerChute Business Edition 10.x Log4j CVE mitigation (CVE-2021- 44228 CVE-2021- 45046)
View apc-powerchute-business-edition-log4j-CVE-mitigation.bat
:: CVE-2021-44228 and CVE-2021-45046 mitigation for APC PowerChute Business Edition 10.x
:: Reference: https://www.se.com/ww/en/download/document/SESB-2021-347-01/
:: This batch script must be run as administrator and have 7-Zip installed.
@echo off
cd "C:\Program Files (x86)\APC\PowerChute Business Edition\agent\lib"
net stop apcpbeagent
"C:\Program Files\7-Zip\7z.exe" d log4jcore-2.14.1.jar JndiLookup.class -r
net start apcpbeagent
@jamesmacwhite
jamesmacwhite / README.md
Last active Aug 16, 2021
Andrews and Arnold (AAISP) L2TP on OpenWrt
View README.md

Andrews and Arnold (AAISP) L2TP tunnel setup on OpenWrt

This is a guide for setting up the L2TP service from AAISP on an OpenWrt router. AAISP have an official OpenWrt guide for this but it is outdated and looks to have been originally written for OpenWrt 15.01/15.05 (Chaos Calmer), which is a long unsupported firmware build.

I have previously contacted AAISP about their documentation being out of date, however it has not been changed. It is technically not wrong, but under newer versions of OpenWrt you can simplify some of the configuration compared to the official documentation and there are also a few potential issues you might come across in OpenWrt land which are worth mentioning and saving someone else from bashing their head against a wall for hours, until you realise that the Linux kernel just hates you.

This has been tested on the latest stable OpenWrt 19.07 release branch.

Required packages

@jamesmacwhite
jamesmacwhite / README.md
Last active Jan 10, 2022 — forked from hazcod/apache-plex-reverse-proxy.vhost
Apache 2.4 reverse proxy VirtualHost configuration for Plex. Requires modules ssl, proxy, wstunnel
View README.md

Apache 2.4 reverse proxy configuration for Plex Media Server

This VirtualHost configuration has been tested with the minimum requirements of Plex Media Server Version 1.16.5.1488 and Web Version: 3.108.2.

The TLS configuration only allows clients that support TLS 1.2+, this may cause issues for legacy clients. You may need to adjust this if specific clients have issues connecting. If however you are OK with having just TLS 1.2+ support, you can also enable the "Disable weak TLS versions" setting on your Plex server, given the reverse proxy will prevent a successful TLS negotiation for such clients anyway.

Requirements

  1. Apache 2.4.17 and above (for SSL/h2 related configuration)
  2. The following modules enabled: proxy, ssl, proxy_wstunnel, http, dir, env, headers, proxy_balancer, proxy_http, rewrite
@jamesmacwhite
jamesmacwhite / README.md
Last active Dec 5, 2020
Modifying Google Chrome policies with examples for Windows and MacOS
View README.md

How to override Google Chrome Cloud policies

Google Chrome Managed by somecompany.com? Is your organisation forcing extensions or specific Chrome settings in your work profile that are just getting in the way? NOT ANYMORE. Time to fight the cloud with machines policies!

It should be obvious, but you will need either full administrator or sudo rights to do this. Obviously if you are trying to do this on a managed machine controlled by your organisation, don't be a noob. If however you find some organisation policies creeping in on personal or non managed devices. RISE UP. Follow the guidance below, depending on your environment, the instructions and payload needed differ.

DISCLAIMER: If you get in trouble or your arse fired for subverting organisational policies, RIP, but these are just the tools required, you have to use them, so it is on you. BUT YOU WANT THAT SWEET INCOGNITO MODE THO RIGHT?

Why do organisations typically block incognito mode? Well... Because Google Chrome extensions can't track

@jamesmacwhite
jamesmacwhite / README.md
Last active Dec 31, 2020
An example and overview of mwan3 IPv6 configuration with NAT6 (sorry anti IPv6 NAT people)
View README.md

Deploying mwan3 with IPv6 (using NAT6)

I'm a user of mwan3 and contribute to its development in a small way by mainly providing feedback with my multi WAN setup and maintaining the beast of it's documentation on the OpenWrt wiki (feedback and contributors welcome).

This setup ultimately requires the use of a NAT6 firewall script. NAT6 is currently broke with fw3 and LuCI, so this is an important helper script to workaround this current limitation.

The NAT6 configuration requirements are explained in more detail on the OpenWrt wiki.

This gist is aims to document my configuration for others.

@jamesmacwhite
jamesmacwhite / say_lte.py
Last active Jun 4, 2020 — forked from lukpueh/say_lte.py
Script to help me position my `Alcatel Linkhub HH40v` LTE modem for the best signal strength
View say_lte.py
#!/usr/bin/env python
"""
<Program Name>
say_lte.py
<Authors>
Lukas Puehringer <luk.puehringer@gmail.com>
James White <james@jmwhite.co.uk>
<Purpose>
@jamesmacwhite
jamesmacwhite / nanobox-net-share-manual.md
Last active Jan 29, 2020
Nanobox and manually fixing failed mounting on Windows
View nanobox-net-share-manual.md

Nanobox manual mounting of codebase folder

Sometimes Nanobox will fail to mount the codebase of an app through the usual nanobox run command. This will lead to a constant loop of attempting to mount the codebase folder before Nanobox gives up after a few tries, despite entering the correct password. If you look at the logs, this will often be due to a host is down error.

This can often because the mount has not been correctly set. You can do this manually, by running net share as per:

https://github.com/nanobox-io/nanobox/blob/a512a85c181cab4ca454456a915bee5147796a8b/util/provider/share/share_windows.go#L81

The syntax is:

View keybase.md

Keybase proof

I hereby claim:

  • I am jamesmacwhite on github.
  • I am jamesmacwhite (https://keybase.io/jamesmacwhite) on keybase.
  • I have a public key whose fingerprint is 7E6F 9A74 C332 D284 8B14 80CA BCB2 5A84 0CFB 1C8E

To claim this, I am signing this object:

@jamesmacwhite
jamesmacwhite / m190416_110112_update_retour_widget_type.php
Created Apr 16, 2019
Migration for updating Retour widget from Craft 2
View m190416_110112_update_retour_widget_type.php
<?php
namespace craft\contentmigrations;
use Craft;
use craft\db\Migration;
use nystudio107\retour\widgets\RetourWidget;
/**
* m190416_110112_update_retour_widget_type migration.
@jamesmacwhite
jamesmacwhite / m190412_182837_tablemaker_update_fieldtype.php
Created Apr 12, 2019
Field type migration for Table Maker for Craft 2 to Craft 3 migrations
View m190412_182837_tablemaker_update_fieldtype.php
<?php
namespace craft\contentmigrations;
use Craft;
use craft\db\Migration;
use supercool\tablemaker\fields\TableMakerField;
/**
* m190412_182837_tablemaker_update_fieldtype migration.