Skip to content

Instantly share code, notes, and snippets.

Avatar

Tobias Schmidl schtobia

View GitHub Profile
@schtobia
schtobia / nginx_client_cn_auth.conf
Last active Oct 3, 2021
CN-based client authentification with nginx. This emulates Apache's SSLRequire (%{SSL_CLIENT_S_DN_CN} in {"Really Me"})
View nginx_client_cn_auth.conf
map $ssl_client_s_dn $ssl_client_s_dn_cn {
default "";
~/CN=(?<CN>[^/]+) $CN;
}
server {
listen 80;
listen [::]:80;
listen 443 ssl;
@schtobia
schtobia / cleanup.sh
Last active Sep 24, 2021
cleanup a linux guest, shortlink is https://git.io/vhaoU
View cleanup.sh
#! /bin/sh
rm -rf /root/.cache /root/.rnd
find /tmp -type d -name 'systemd-*-systemd-timesyncd.service*' -exec rm -rf '{}' '+'
find /var/tmp -type d -name 'systemd-*-systemd-timesyncd.service*' -exec rm -rf '{}' '+'
find /var/lib/apt -type f -delete
find /var/cache/apt -type f -delete
find /var/log -type f -regextype posix-extended -regex '.*\.(gz|xz|[0-9])' -delete
truncate -s0 $HOME/.bash_history
[ -w $HOME/.zsh_history ] && truncate -s0 $HOME/.zsh_history
@schtobia
schtobia / real_udp_echo.cpp
Last active Jun 29, 2021
real asynchronous UDP echo server with Boost::Asio, CMakelists.txt is included in "develop" branch
View real_udp_echo.cpp
#include <array>
#include <boost/asio.hpp>
#include <iostream>
#include <thread>
using boost::asio::ip::udp;
constexpr size_t buffer_size = 4096;
template <typename Storage>
class callback
@schtobia
schtobia / backup
Last active May 3, 2021
Backup a primary user without referring to a username
View backup
#! /bin/bash
DATE="$(date -u '+%Y%m%dT%H%M%SZ')"
IFS=':' read -r -a PASSWD_ENTRY <<<"$(getent passwd 1000)"
IFS=':' read -r -a GROUP_ENTRY <<< "$(getent group 1000)"
USERNAME=${PASSWD_ENTRY[0]}
HOME=${PASSWD_ENTRY[5]}
GROUP=${GROUP_ENTRY[0]}
# shellcheck disable=SC1090
[ -r "$HOME"/.config/user-dirs.dirs ] && . "$HOME"/.config/user-dirs.dirs
TARGET_DIR=${XDG_DESKTOP_DIR:-$HOME}
@schtobia
schtobia / docker-compose.yaml
Last active Sep 23, 2020
Folding At Home docker-compose file
View docker-compose.yaml
---
version: "3.7"
services:
foldingathome:
image: johnktims/folding-at-home:latest
ports:
- "7396:7396"
environment:
TZ: "${TZ:-UTC}"
restart: unless-stopped
@schtobia
schtobia / docker-compose.yml
Last active Jul 1, 2020
Motioneye docker-compose file
View docker-compose.yml
---
version: "3.7"
services:
motioneye:
image: ccrisan/motioneye:master-armhf
init: true
ports:
- "8081:8081"
- "80:8765"
environment:
@schtobia
schtobia / merge-pdfs.sh
Last active Jun 5, 2020
Merge PDFs with images in 300dpi
View merge-pdfs.sh
#! /bin/sh
[ "$#" -lt 2 ] && { echo "Usage: $0 <outputfile> <inputfile> ..."; exit 1; }
output_file="$1"
shift
gs -dBATCH -dNOPAUSE -dPDFSETTINGS=/prepress -sDEVICE=pdfwrite -o "$output_file" $@
@schtobia
schtobia / tschroot
Last active Apr 29, 2020
Mount /tmp, /dev/pts, /dev/shm and /proc into chroot and change into chroot
View tschroot
#! /bin/sh
[ ! -d "$1" ] && echo "$1 is not a valid directory." && exit 1;
trap "umount \"${1}\"/tmp \"${1}\"/dev/null \"${1}\"/dev/pts \"${1}\"/dev/random \"${1}\"/dev/shm \"${1}\"/dev/urandom \"${1}\"/proc" EXIT INT TERM HUP PIPE &&
mount --bind /tmp "${1}/tmp" && \
mount --bind /dev/null "${1}/dev/null" && \
mount --bind /dev/pts "${1}/dev/pts" && \
mount --bind /dev/random "${1}/dev/random" && \
mount --bind /dev/shm "${1}/dev/shm" && \
mount --bind /dev/urandom "${1}/dev/urandom" && \
mount --bind /proc "${1}/proc" && \
@schtobia
schtobia / mokdeploy.sh
Last active Apr 13, 2020
Generate and deploy a key for Secure Boot
View mokdeploy.sh
#! /bin/bash
openssl req -new -x509 \
-newkey rsa:4096 \
-keyout MOK.priv \
-outform DER \
-out MOK.der \
-days 36500 \
-subj "/CN=$(getent passwd $UID | cut -d: -f 5 | cut -d, -f1)" \
-nodes \
-addext "extendedKeyUsage=codeSigning,1.3.6.1.4.1.311.10.3.6,1.3.6.1.4.1.2312.16.1.2"
@schtobia
schtobia / docker-compose.yml
Last active Mar 27, 2020
Home Assistant docker-compose
View docker-compose.yml
---
version: '3.7'
services:
mqtt:
image: eclipse-mosquitto:latest
hostname: mqtt
init: yes
volumes:
- mosquitto_config:/mosquitto/config
- mosquitto_log:/mosquitto/log