Skip to content

Instantly share code, notes, and snippets.


Wael Nasreddine kalbasit

Block or report user

Report or block kalbasit

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
# Split the logs in separate files
echo Splitting...
csplit r-ryantm '/2018-..-..T..:..:.. .* [^ ]* -> [^ ]*/' '{*}' 1>/dev/null
# rename xx* to xx*-package-name
echo Renaming...
parallel -j30 "mv {} {}-\$(head -n1 {} | cut -d' ' -f2)" ::: xx*
echo Separating...
tazjin /
Last active Feb 12, 2020
Nix builder for Kubernetes
volth / NixParser.scala
Last active Aug 27, 2019
View NixParser.scala
#!/usr/bin/env perl
require "../launcher/";
exit(run( CLASS => 'ms.webmaster.absalon.nixparsertest.Test'
, TEE => "logs/nixparser-%TIME%.log"
# , SCALA => [ '2.13'
# # , '-optimise -deprecation -Ywarn-unused-import'
# ]
# , NOSERVER => 1
edolstra /
Last active Jan 19, 2020
Nix language changes

This document contains some ideas for additions to the Nix language.


The Nix package manager, Nixpkgs and NixOS currently have several problems:

  • Poor discoverability of package options. Package functions have function arguments like enableFoo, but there is no way for the Nix UI to discover them, let alone to provide programmatic ways to
balsoft / crd.nix
Last active Jan 18, 2020
chrome-remote-desktop on nixos/nix
View crd.nix
{ config, lib, pkgs, ...}:
with lib;
cfg =;
in {
options = {
services.crd = {
enable = mkEnableOption ''
chrome remote desktop, a service which allows for remote control of your desktop from anywhere.

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

domenkozar /
Last active Feb 6, 2020 — forked from grahamc/
NixOS on a Dell 15" 9560 with the 4K screen.
View gist:07d8d4c833873be2f68c34f9afc5a78a

Cryptographic Best Practices

Putting cryptographic primitives together is a lot like putting a jigsaw puzzle together, where all the pieces are cut exactly the same way, but there is only one correct solution. Thankfully, there are some projects out there that are working hard to make sure developers are getting it right.

The following advice comes from years of research from leading security researchers, developers, and cryptographers. This Gist was [forked from Thomas Ptacek's Gist][1] to be more readable. Additions have been added from

cvan /
Last active Feb 13, 2020
Launch Chromium with API Keys on Mac OS X and Windows

Sometimes you need to use API Keys to use things like the Speech API. And then you Google a bit and follow all the instructions. But the Chromium Project's API Keys page does a not-so-great of explaining how to do this, so I will.

  1. Download Chromium.
  2. You'll notice a yellow disclaimer message appear as a doorhanger: Google API Keys are missing. Some functionality of Chromium will be disabled. Learn More.
  3. Clicking on that link takes you to the confusing API Keys docs page.
  4. If you aren't already, subscribe to the mailing list. (You can just subscribe to the list and choose to not receive any mail. FYI: the Chromium project restricts the APIs to those subscribed to that group - that is, Chromium devs.)
  5. Make sur

General notes

  • nix-channel and ~/.nix-defexpr are gone. We'll use $NIX_PATH (or user environment specific overrides configured via nix set-path) to look up packages. Since $NIX_PATH supports URLs nowadays, this removes the need for channels: you can just set $NIX_PATH to e.g. and stay up to date automatically.

  • By default, packages are selected by attribute name, rather than the name attribute. Thus nix install hello is basically equivalent to nix-env -iA hello. The attribute name is recorded in the user environment manifest and used in upgrades. Thus (at least by default) hello won't be upgraded to helloVariant.

    @vcunat suggested making this an arbitrary Nix expression rather than an attrpath, e.g. firefox.override { enableFoo = true; }. However, such an expression would not have a key in the user environment, unlike an attrpath. Better to require an explicit flag for this.

    TBD: How to deal with search path clashes.

You can’t perform that action at this time.