Richard Scott richard-scott

## LUKS_and_TPM2_with_Fedora.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                richard-scott
                / LUKS_and_TPM2_with_Fedora.md
            
            
              Created
              March 2, 2024 10:31
                — forked from jdoss/LUKS_and_TPM2_with_Fedora.md
            
              
                Decrypt LUKS volumes with a TPM on Fedora 35+
              
          
    Decrypt LUKS volumes with a TPM on Fedora 35+

This guide allows you to use the TPM on your computer to decrypt your LUKS encrypted volumes. If you are worried about a cold boot attack on your hardware please DO NOT use this guide with your root volume!
Preflight Checks

Verify that you have a TPM in your computer:
# systemd-cryptenroll --tpm2-device=list
PATH DEVICE DRIVER


## ubuntu-systemd-cryptenroll-tpm.sh
# See also: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1969375
# See: https://github.com/wmcelderry/systemd_with_tpm2
# Install dependencies for systemd TPM
sudo apt install libtss2-rc0
# Check if Ubuntu recognize your TPM chip
systemd-cryptenroll --tpm2-device=list
# Check current LUKS info
sudo cryptsetup luksDump /dev/nvme0n1p3
# Enroll TPM as unlocker
sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/nvme0n1p3

## openssl_commands.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              2 stars
            
          
                richard-scott
                / openssl_commands.md
            
            
              Created
              October 10, 2019 11:44
                — forked from p3t3r67x0/openssl_commands.md
            
              
                Some list of openssl commands for check and verify your keys
              
          
    openssl

Install

Install the OpenSSL on Debian based systems
sudo apt-get install openssl

  
## fish_install.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                richard-scott
                / fish_install.md
            
            
              Created
              June 29, 2023 09:01
                — forked from gagarine/fish_install.md
            
              
                Install fish shell on macOS Mojave with brew
              
          
    Installing Fish shell on MacOS (Intel and M1) using brew

Fish is a smart and user-friendly command line (like bash or zsh). This is how you can instal Fish on MacOS and make your default shell.
Note that you need the https://brew.sh/ package manager installed on your machine.
Install Fish

brew install fish

  
## sane_defaults.rb
# replaces this file /opt/vagrant/embedded/gems/gems/vagrant-1.7.4/plugins/providers/virtualbox/action/sane_defaults.rb
# NOTE: if using a different Vagrant version, adjust the version field accordingly
# NOTE2: only the sections with the IRVING comment have been changed from the default

require "log4r"

module VagrantPlugins
  module ProviderVirtualBox
    module Action
      class SaneDefaults

## README.md

      
              4 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                richard-scott
                / README.md
            
            
              Created
              April 21, 2022 13:10
                — forked from jesslilly/README.md
            
              
                Deluxe Cron Job Wrapper
              
          
    Cron Job Wrapper Wish List

I want a script that will give me:

Logging
Log purging!
Email errors!
Prevent duplicate processes!  (flock)
Source an environment file!
Anything else?


## restic-backup.service
[Unit]
Description=Backup with restic to Backblaze B2
OnFailure=status-email-user@%n.service

[Service]
Type=simple
Nice=10
ExecStart=/usr/local/sbin/restic_backup.sh
# $HOME or $XDG_CACHE_HOME must be set for restic to find /root/.cache/restic/
Environment="HOME=/root"

## Add DS_Store into .gitignore for the sub directory.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                richard-scott
                / Add DS_Store into .gitignore for the sub directory.md
            
            
              Created
              January 13, 2022 09:43
                — forked from lohenyumnam/Add DS_Store into .gitignore for the sub directory.md
            
          
    If .DS_Store was never added to your git repository, simply add it to your .gitignore file.
If you don't have one, create a file called

.gitignore

In your the root directory of your app and simply write

  
## 00_description
The problem:

I wanted to use the jinja 'map' filter to modify each item in a string, in this simple
example, adding '.conf' to each item.

The 'format' filter in jinja takes arguments (value, *args, **kwargs).  Unfortunately,
it uses 'value' as the pattern. When called inside map 'value' is the current item in
the list, or in other words *args as far as format is concerned. So it's the wrong way
around.

## send_email.py
import json
# Import smtplib for the actual sending function
import smtplib

# Import the email modules we'll need
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
from datetime import datetime

def send_email(data):
	# See also: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1969375
	# See: https://github.com/wmcelderry/systemd_with_tpm2
	# Install dependencies for systemd TPM
	sudo apt install libtss2-rc0
	# Check if Ubuntu recognize your TPM chip
	systemd-cryptenroll --tpm2-device=list
	# Check current LUKS info
	sudo cryptsetup luksDump /dev/nvme0n1p3
	# Enroll TPM as unlocker
	sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/nvme0n1p3
	# replaces this file /opt/vagrant/embedded/gems/gems/vagrant-1.7.4/plugins/providers/virtualbox/action/sane_defaults.rb
	# NOTE: if using a different Vagrant version, adjust the version field accordingly
	# NOTE2: only the sections with the IRVING comment have been changed from the default

	require "log4r"

	module VagrantPlugins
	module ProviderVirtualBox
	module Action
	class SaneDefaults
	[Unit]
	Description=Backup with restic to Backblaze B2
	OnFailure=status-email-user@%n.service

	[Service]
	Type=simple
	Nice=10
	ExecStart=/usr/local/sbin/restic_backup.sh
	# $HOME or $XDG_CACHE_HOME must be set for restic to find /root/.cache/restic/
	Environment="HOME=/root"
	The problem:

	I wanted to use the jinja 'map' filter to modify each item in a string, in this simple
	example, adding '.conf' to each item.

	The 'format' filter in jinja takes arguments (value, args, *kwargs). Unfortunately,
	it uses 'value' as the pattern. When called inside map 'value' is the current item in
	the list, or in other words *args as far as format is concerned. So it's the wrong way
	around.
	import json
	# Import smtplib for the actual sending function
	import smtplib

	# Import the email modules we'll need
	from email.mime.text import MIMEText
	from email.mime.multipart import MIMEMultipart
	from datetime import datetime

	def send_email(data):