Skip to content

Instantly share code, notes, and snippets.

View pacohope's full-sized avatar

Paco Hope pacohope

15 followers · 7 following
View GitHub Profile
@pacohope
pacohope / make-periodic-delay.sh
Last active August 13, 2023 01:23
Creates a single script to invoke a random delay on FreeBSD during execution of periodic(8) jobs. Updates /etc/crontab too
#!/bin/sh
# make delay periodic
# Called interactively as non-root user who has permission to sudo(8)
#
# Invoke interactively this way: fetch -o - https://gist.githubusercontent.com/pacohope/599bb66594ed197c2a3e2d8bfafe3e56/raw/8853effe2a325abedfd95bdd02219238343ce966/make-periodic-delay.sh | sh
# then type sudo password once (if password is required)
#
# Inspired by this thread:
# https://forums.freebsd.org/threads/delay-or-stagger-running-of-periodic-scripts-randomly.69641/
@pacohope
pacohope / sort-photos.sh
Created September 20, 2018 08:34
Sort all JPG files into subfolders based on modification date/time
#!/bin/bash
#
# Take a bunch of files, figure out the modification dates using stat(1), make a
# bunch of directories that correspond to YEAR/MONTH and then move all the files
# into those directories. E.g., FOO.JPG gets moved to 2018/05/FOO.JPG if its
# modification date is 2018-05-14
# This uses the MacOS syntax for stat(1)
# First, figure out and make all the necessary directories
stat -t "%Y/%m" *JPG | cut -d \" -f 8 | sort -u | xargs mkdir -p
@pacohope
pacohope / telegraf.conf
Last active September 29, 2021 15:52
Telegraf config for FreeBSD on EC2 using CloudWatch on AWS
# Generic, basic /usr/local/etc/telegraf.conf file for FreeBSD
# Gathers some basic metrics and transmits them to cloudwatch
# Be sure to set the region below
[agent]
interval = "10s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 10000
collection_jitter = "0s"
@pacohope
pacohope / FreeBSD-11-ec2-cloudwatch.md
Last active November 24, 2023 00:04
FreeBSD 11 on AWS EC2, with CloudWatch Logs and EC2 Metrics

Introduction

This is how you would create a livable FreeBSD instance on EC2 by hand. The smart thing to do is to automate most of these actions. But I do it this way so you can see and understand all the different techniques. I want to create FreeBSD instances in EC2 and I want some of the management benefits that come from native AWS technologies like CloudWatch. It can be done, but it takes a bit of extra work because FreeBSD isn't Linux, and AWS doesn't directly support FreeBSD.

Prepping in AWS land

Before we go far, we will want some things setup in AWS IAM and VPC. I assume you have already created a VPC, decided what network numbers you're going to use, created a subnet and so on. If you haven't done those basic things, you need to go do them. I also assume you've created an ssh key and uploaded it to your AWS account.

@pacohope
pacohope / reuse_agent.sh
Created May 11, 2018 18:19 — forked from MarkRose/reuse_agent.sh
Reuse existing ssh-agent or start a new one
# Reuse an existing ssh-agent on login, or create a new one. Append this to your .bashrc
# This version also handles the case where the agent exists but has no keys.
function agent() {
GOT_AGENT=0
DEFTEMP="/tmp"
for FILE in $(find "${TMPDIR:-$DEFTEMP}/ssh-"* -type s -user ${LOGNAME} -name "agent.[0-9]*" 2>/dev/null)
do
@pacohope
pacohope / fix-freebsd-update.sh
Created March 6, 2018 15:00 — forked from thefloweringash/fix-freebsd-update.sh
There I "fixed" freebsd-update.
#!/bin/sh
# Fork of https://gist.github.com/thefloweringash/8729473
#
# freebsd-update is a clever script that downloads a lot of bsdiff
# patches and whole files when patches are not suitable. The result of
# this process is a collection of files in
# /var/db/freebsd-update/files. If the files already exist, it will
# not fetch them again.
#
@pacohope
pacohope / tight-bucket-policy.json
Created January 15, 2018 15:12
Very tightly locked down S3 bucket policy. IP address restriction. Encryption required. Public objects denied.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "DenyUnencryptedObjectUploads",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:PutObject",
"Resource": [
"arn:aws:s3:::BUCKETNAME/*",
@pacohope
pacohope / termcolours.sh
Last active May 27, 2018 17:02
Print out all the possible ANSI terminal colours in a nice table.
#!/bin/zsh
#
# I hate doing this. This is someone else's code. For a long time I didn't know who to credit. Now
# I do: https://stackoverflow.com/questions/27159322/rgb-values-of-the-colors-in-the-ansi-extended-colors-index-17-255
# It is by a user named adaephon (https://stackoverflow.com/users/2992551/adaephon)
#
function termcolors ()
{
print TERM
print -P "Foreground: >█<"
@pacohope
pacohope / bucket-exclusive.json
Last active December 10, 2017 00:46
S3 bucket restriction. Enable get/put on one bucket, but deny explicitly everything else
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowAllBasics",
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:HeadBucket",
"s3:ListObjects"
@pacohope
pacohope / policy-role.jq
Last active November 1, 2017 17:01
Policy to Role listing. Given a CloudFormation in JSON that has ManagedPolicy objects connected to Roles, print a list of the policies and the roles that are attached.
def mapper(f):
if type == "array" then map(f)
elif type == "object" then
. as $in
| reduce keys[] as $key
({};
[$in[$key] | f ] as $value
| if $value | length == 0 then . else . + {($key): $value[0]}
end)
else .