Rechner Fox rechner

## fft_graph.py
from kivy.app import App
from kivy.clock import Clock
from kivy.uix.widget import Widget
from kivy.graphics import Color, Line
import random, time
import queue, threading

class FFTGraph(Widget):
    def draw_graph(self, dt):
        try:

## magtek-pyusb.py
#!/usr/bin/python
"""
Read a MagTek USB HID Swipe Reader in Linux. A description of this
code can be found at: http://www.micahcarrick.com/credit-card-reader-pyusb.html

You must be using the new PyUSB 1.0 branch and not the 0.x branch.

(Install with `pip install pyusb --pre` in a virtualenv. Install libusb first on debian)

Copyright (c) 2010 - Micah Carrick

## image_proxy.py
#!/usr/bin/env python3
from flask import Flask, Response, abort, request
from PIL import Image
import requests

try:
  from StringIO import BytesIO
except ImportError:
  from io import BytesIO

## motif.scss
html {
    cursor: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB+AKHQAJD3MugBkAAAB5SURBVDjLpVNBDsAgCCuGQ///Wg4m7KKGmG0qknCBUAoFsWqOC1MAoDJVbNVQsp2tGqgUzRQ21jJGOO0aYwWXdgRAJWbVjhnMIKkRIkh6Bx3k+g7KW6JrvSVnm8UBeFxOjEffVoFKmZm8HdLo9PWVqzysmq9e+i//APQoZfbgyIqBAAAAAElFTkSuQmCC'), auto;
}

.scrollable {
  border: 14px solid #5f9ea0;
  border-image-source: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAUAAAAApCAIAAADLfmfbAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4goaByox2bZl5AAAAB1pVFh0Q29tbWVudAAAAAAAQ3JlYXRlZCB3aXRoIEdJTVBkLmUHAAAA2UlEQVR42u3dMQqCUBjA8c/oQN2kjhM4C23doNkxJ+9QS4OOzZ2hreHREBg21EPj95sF5eGfT3nDK9quj6f6dI4hl+YYEffrLYDf29eH0R6ThcWC+RIwCBgQMCBgEDAgYEDAgIBBwICAAQGDgAEBAwIGBAwCBgQMCBgQMAgYEDAgYBAwIGBAwMCI5eeXpuMeABMYyDWBV+tNvD9q6VvSkU27qspwL/iP99MEBp/QgIABAYOAAQEDAgYGvOwDp52uKZjOk8CU308TGGasaLs+IrZlaS3APzCQzwMIpytnJp1AMAAAAABJRU5ErkJggg==');
  border-image-slice: 0 14 14 14;
  border-top: 0;
}

## ldap-auth.py
import os
from ldap3 import Server, Connection, ALL, core

# XXX: Update these with settings apropriate to your environment:
#      (I use FreeIPA and an homeassistant group assignment)
SERVER = "ipa.example.com"
USERDN = "uid={},cn=users,cn=accounts,dc=example,dc=com"
TIMEOUT = 3
BASEDN = USERDN
SCOPE = "base"

## smartcard-notes.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rechner
                / smartcard-notes.md
            
            
              Last active
              December 18, 2019 09:40
            
          
    IsoApplet

https://github.com/philipWendland/IsoApplet/wiki/Initialization
Serial: DEADBEEFCAFEBABEC0DEFEE1
PIN: 123456789
PUK: deadbeefcafebabe
Once applet is loaded, it's necessary to add the javacard's ATR to opensc.conf

  
## freeipa-openvpn.md

      
              1 file
            
          
              4 forks
            
          
              3 comments
            
          
              12 stars
            
          
                rechner
                / freeipa-openvpn.md
            
            
              Last active
              April 27, 2024 19:40
            
              
                FreeIPA setup for OpenVPN logins
              
          
    This article proved to be a decent starting point, but I was particularly interested in allowing password-based logins to OpenVPN using a username/password backed by FreeIPA (opposed to client certificates) as the identity provider.

IPA join your VPN machine: ipa-client-install --mkhomedir
Get a kerberos ticket: kinit
Create a Kerberos service principle and HBAC rule for openvpn access:

ipa service-add openvpn/`hostname`


Create new hbacrule in console, mark host as the VPN host, and whatever group you want to restrict access to:


## freeipa-apache-pam.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rechner
                / freeipa-apache-pam.md
            
            
              Created
              December 18, 2019 02:22
            
          
    Flavoured for a Debian 10 IPA-joined web server, and based on these pages from the FreeIPA wiki:

Web App Authentication
Web App Authentication: example setup

Install pre-requisites

# Install pre-requisites
sudo apt install libapache2-mod-authnz-pam libapache2-mod-auth-kerb libapache2-mod-auth-gssapi

# libapache2-mod-nss isn't packaged for Buster for some reason, but oldstable package works fine:


## suspend-fix.service
# cp suspend-fix.service /etc/systemd/system && systemctl enable --now suspend-fix.service
[Unit]
Description=Disable suspend wakeup interrupts except for LID

[Service]
Type=oneshot
ExecStart=/bin/sh -c "echo SLPB GLAN XHC > /proc/acpi/wakeup"

[Install]
WantedBy=multi-user.target

## freeipa-proxmox.sh
# Setting up Proxmox with a certificate from FreeIPA.
# This assumes you've already joined the machine with ipa-client-install

# Get a ticket as someone that can issue certificates
kinit admin

cat <<EOF > /usr/local/sbin/set-ssl-permissions
#!/bin/bash

FILES=/etc/pve/nodes/proxmox/{pve-ssl.key,pve-ssl.pem}
	from kivy.app import App
	from kivy.clock import Clock
	from kivy.uix.widget import Widget
	from kivy.graphics import Color, Line
	import random, time
	import queue, threading

	class FFTGraph(Widget):
	def draw_graph(self, dt):
	try:
	#!/usr/bin/python
	"""
	Read a MagTek USB HID Swipe Reader in Linux. A description of this
	code can be found at: http://www.micahcarrick.com/credit-card-reader-pyusb.html

	You must be using the new PyUSB 1.0 branch and not the 0.x branch.

	(Install with `pip install pyusb --pre` in a virtualenv. Install libusb first on debian)

	Copyright (c) 2010 - Micah Carrick
	#!/usr/bin/env python3
	from flask import Flask, Response, abort, request
	from PIL import Image
	import requests

	try:
	from StringIO import BytesIO
	except ImportError:
	from io import BytesIO
	html {
	cursor: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB+AKHQAJD3MugBkAAAB5SURBVDjLpVNBDsAgCCuGQ///Wg4m7KKGmG0qknCBUAoFsWqOC1MAoDJVbNVQsp2tGqgUzRQ21jJGOO0aYwWXdgRAJWbVjhnMIKkRIkh6Bx3k+g7KW6JrvSVnm8UBeFxOjEffVoFKmZm8HdLo9PWVqzysmq9e+i//APQoZfbgyIqBAAAAAElFTkSuQmCC'), auto;
	}

	.scrollable {
	border: 14px solid #5f9ea0;
	border-image-source: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAUAAAAApCAIAAADLfmfbAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4goaByox2bZl5AAAAB1pVFh0Q29tbWVudAAAAAAAQ3JlYXRlZCB3aXRoIEdJTVBkLmUHAAAA2UlEQVR42u3dMQqCUBjA8c/oQN2kjhM4C23doNkxJ+9QS4OOzZ2hreHREBg21EPj95sF5eGfT3nDK9quj6f6dI4hl+YYEffrLYDf29eH0R6ThcWC+RIwCBgQMCBgEDAgYEDAgIBBwICAAQGDgAEBAwIGBAwCBgQMCBgQMAgYEDAgYBAwIGBAwMCI5eeXpuMeABMYyDWBV+tNvD9q6VvSkU27qspwL/iP99MEBp/QgIABAYOAAQEDAgYGvOwDp52uKZjOk8CU308TGGasaLs+IrZlaS3APzCQzwMIpytnJp1AMAAAAABJRU5ErkJggg==');
	border-image-slice: 0 14 14 14;
	border-top: 0;
	}
	import os
	from ldap3 import Server, Connection, ALL, core

	# XXX: Update these with settings apropriate to your environment:
	# (I use FreeIPA and an homeassistant group assignment)
	SERVER = "ipa.example.com"
	USERDN = "uid={},cn=users,cn=accounts,dc=example,dc=com"
	TIMEOUT = 3
	BASEDN = USERDN
	SCOPE = "base"
	# cp suspend-fix.service /etc/systemd/system && systemctl enable --now suspend-fix.service
	[Unit]
	Description=Disable suspend wakeup interrupts except for LID

	[Service]
	Type=oneshot
	ExecStart=/bin/sh -c "echo SLPB GLAN XHC > /proc/acpi/wakeup"

	[Install]
	WantedBy=multi-user.target
	# Setting up Proxmox with a certificate from FreeIPA.
	# This assumes you've already joined the machine with ipa-client-install

	# Get a ticket as someone that can issue certificates
	kinit admin

	cat <<EOF > /usr/local/sbin/set-ssl-permissions
	#!/bin/bash

	FILES=/etc/pve/nodes/proxmox/{pve-ssl.key,pve-ssl.pem}