johannrichard

Tailscale ACL Workflow for GitOps

Tailscale recently introduced the possibility to manage Tailnet ACLs in Git Repositories. This is my tailscale.yml which has a notable difference to the one proposed by Tailscale. By putting the ACL test in front of the ACL deployment, it becomes a bit clearer that a failure happened b/c of a failed ACL.

Bonus: by installing act, one can actually run these tests locally, e.g. before committing / pushing to Github. Works well with a Git pre-commit hook that will fail if the ACL test is unsusscessful. Combined with the 1Password cli op command, you can get a nice little ACL workflow.

op run --env-file=".github/act/.env" -- act --secret TS_API_KEY --secret TS_TAILNET 

johannrichard

How to bring E-Mail retention policies to Gmail / Google Mail:

• Go to Google Scripts and create a blank project (make sure you are logged into your Google account);
• paste the code (below) (and modify the policies as needed);
• set a trigger (Resources -> Current Project's Triggers -> Add one now) to run it at the preferred interval; and
• create filters in Gmail/Google Mail that set policies when specific messages arrive

Inspired and adapted from Gmail Automation: 5 Useful Google Scripts to Automate Your Gmail

johannrichard

let country = 'de' // replace with 'at' for shops in Austria
let storeId = 251
let param = args.widgetParameter
if (param != null && param.length > 0) {
    storeId = param
}

const widget = new ListWidget()
const storeInfo = await fetchStoreInformation()
const storeCapacity = await fetchAmountOfPaper()

johannrichard

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>net.duplicati.server</string>
    <key>ProgramArguments</key>
    <array>
        <string>/Applications/Duplicati.app/Contents/MacOS/duplicati-server</string>
        <string>--webservice-port=8200</string>

johannrichard

# Safe Search Domains
# Paste / Add this to your Unbound config
local-data: "yandex.com A 213.180.193.56"
local-data: "yandex.ru A 213.180.193.56"
local-data: "yandex.ua A 213.180.193.56"
local-data: "yandex.by A 213.180.193.56"
local-data: "yandex.kz A 213.180.193.56"
local-data: "www.yandex.com A 213.180.193.56"
local-data: "www.yandex.ru A 213.180.193.56"
local-data: "www.yandex.ua A 213.180.193.56"

johannrichard

/***
 * Worker Function for ASN prefix parsing
 * Will query the BigIP API for a given ASN and return a plain-text representation of the ASN prefixes 
 * (IP ranges) that can be used in either OPNsense or pfSense URL Tables (Firewall alias).
 * 
 * See https://docs.opnsense.org/manual/aliases.html (OPNsense) and https://docs.netgate.com/pfsense/en/latest/firewall/aliases.html (pfSense) for details of their use.
 *
 * You can deploy this worker for example on the free tier of CloudFlare (Up to 100'000 requests a day) or 
 * any other serverless platform that supports JavaScript 
 *

johannrichard

#!/bin/sh
# Replace this in `/sbin/fixup-mac-address`
. /lib/functions.sh
. /lib/functions/system.sh
. /lib/ramips.sh

partname=""
offset=""
NEW_MAC=
YES=

johannrichard

#!/bin/bash

################################
#   OS X Install ISO Creater   #
#                              #
# Author: shela                #
################################

#######################################
# Declarations

johannrichard

Keybase proof

I hereby claim:

• I am johannrichard on github.
• I am johannrichard (https://keybase.io/johannrichard) on keybase.
• I have a public key whose fingerprint is FD56 A316 743F 4B97 C0AA 2DF5 6706 03A7 F614 B32F

To claim this, I am signing this object:

johannrichard

[Unit]
Description=CEC REST Service 
# Based on https://github.com/robbiet480/cec-web

[Service]
# Change port if running together with OpenHAB 
EnvironmentFile=/etc/default/cec
ExecStart=/usr/local/bin/cec-web $CEC_WEB_OPTS 
Type=simple