Tobias Schmidl schtobia

## nginx_client_cn_auth.conf
map  $ssl_client_s_dn  $ssl_client_s_dn_cn {
	default "";
	~/CN=(?<CN>[^/]+) $CN;
}

server {
	listen 80;
	listen [::]:80;

	listen 443 ssl;

## cleanup.sh
#! /bin/sh

rm -rf /root/.cache /root/.rnd
find /tmp -type d -name 'systemd-*-systemd-timesyncd.service*' -exec rm -rf '{}' '+'
find /var/tmp -type d -name 'systemd-*-systemd-timesyncd.service*' -exec rm -rf '{}' '+'
find /var/lib/apt -type f -delete
find /var/cache/apt -type f -delete
find /var/log -type f -regextype posix-extended -regex '.*\.(gz|xz|[0-9])' -delete
truncate -s0 $HOME/.bash_history
[ -w $HOME/.zsh_history ] && truncate -s0 $HOME/.zsh_history

## real_udp_echo.cpp
#include <array>
#include <boost/asio.hpp>
#include <iostream>
#include <thread>

using boost::asio::ip::udp;
constexpr size_t buffer_size = 4096;

template <typename Storage>
class callback

## backup
#! /bin/bash
DATE="$(date -u '+%Y%m%dT%H%M%SZ')"
IFS=':' read -r -a PASSWD_ENTRY <<<"$(getent passwd 1000)"
IFS=':' read -r -a GROUP_ENTRY <<< "$(getent group 1000)"
USERNAME=${PASSWD_ENTRY[0]}
HOME=${PASSWD_ENTRY[5]}
GROUP=${GROUP_ENTRY[0]}
# shellcheck disable=SC1090
[ -r "$HOME"/.config/user-dirs.dirs ] && . "$HOME"/.config/user-dirs.dirs
TARGET_DIR=${XDG_DESKTOP_DIR:-$HOME}

## docker-compose.yaml
---
version: "3.7"
services:
  foldingathome:
    image: johnktims/folding-at-home:latest
    ports:
      - "7396:7396"
    environment:
      TZ: "${TZ:-UTC}"
    restart: unless-stopped

## docker-compose.yml
---
version: "3.7"
services:
  motioneye:
    image: ccrisan/motioneye:master-armhf
    init: true
    ports:
      - "8081:8081"
      - "80:8765"
    environment:

## merge-pdfs.sh
#! /bin/sh
[ "$#" -lt 2 ] && { echo "Usage: $0 <outputfile> <inputfile> ..."; exit 1; }
output_file="$1"
shift
gs -dBATCH -dNOPAUSE -dPDFSETTINGS=/prepress -sDEVICE=pdfwrite -o "$output_file" $@

## tschroot
#! /bin/sh
[ ! -d "$1" ] && echo "$1 is not a valid directory." && exit 1;
trap "umount \"${1}\"/tmp \"${1}\"/dev/null \"${1}\"/dev/pts \"${1}\"/dev/random \"${1}\"/dev/shm \"${1}\"/dev/urandom \"${1}\"/proc" EXIT INT TERM HUP PIPE &&
    mount --bind /tmp "${1}/tmp" && \
    mount --bind /dev/null "${1}/dev/null" && \
    mount --bind /dev/pts "${1}/dev/pts" && \
    mount --bind /dev/random "${1}/dev/random" && \
    mount --bind /dev/shm "${1}/dev/shm" && \
    mount --bind /dev/urandom "${1}/dev/urandom" && \
    mount --bind /proc "${1}/proc" && \

## mokdeploy.sh
#! /bin/bash
openssl req -new -x509 \
    -newkey rsa:4096 \
    -keyout MOK.priv \
    -outform DER \
    -out MOK.der \
    -days 36500 \
    -subj "/CN=$(getent passwd $UID | cut -d: -f 5 | cut -d, -f1)" \
    -nodes \
    -addext "extendedKeyUsage=codeSigning,1.3.6.1.4.1.311.10.3.6,1.3.6.1.4.1.2312.16.1.2"

## docker-compose.yml
---
version: '3.7'
services:
  mqtt:
    image: eclipse-mosquitto:latest
    hostname: mqtt
    init: yes
    volumes:
      - mosquitto_config:/mosquitto/config
      - mosquitto_log:/mosquitto/log
	map $ssl_client_s_dn $ssl_client_s_dn_cn {
	default "";
	~/CN=(?<CN>[^/]+) $CN;
	}

	server {
	listen 80;
	listen [::]:80;

	listen 443 ssl;
	#! /bin/sh

	rm -rf /root/.cache /root/.rnd
	find /tmp -type d -name 'systemd--systemd-timesyncd.service' -exec rm -rf '{}' '+'
	find /var/tmp -type d -name 'systemd--systemd-timesyncd.service' -exec rm -rf '{}' '+'
	find /var/lib/apt -type f -delete
	find /var/cache/apt -type f -delete
	find /var/log -type f -regextype posix-extended -regex '.*\.(gz\|xz\|[0-9])' -delete
	truncate -s0 $HOME/.bash_history
	[ -w $HOME/.zsh_history ] && truncate -s0 $HOME/.zsh_history
	#include <array>
	#include <boost/asio.hpp>
	#include <iostream>
	#include <thread>

	using boost::asio::ip::udp;
	constexpr size_t buffer_size = 4096;

	template <typename Storage>
	class callback
	#! /bin/bash
	DATE="$(date -u '+%Y%m%dT%H%M%SZ')"
	IFS=':' read -r -a PASSWD_ENTRY <<<"$(getent passwd 1000)"
	IFS=':' read -r -a GROUP_ENTRY <<< "$(getent group 1000)"
	USERNAME=${PASSWD_ENTRY[0]}
	HOME=${PASSWD_ENTRY[5]}
	GROUP=${GROUP_ENTRY[0]}
	# shellcheck disable=SC1090
	[ -r "$HOME"/.config/user-dirs.dirs ] && . "$HOME"/.config/user-dirs.dirs
	TARGET_DIR=${XDG_DESKTOP_DIR:-$HOME}
	---
	version: "3.7"
	services:
	foldingathome:
	image: johnktims/folding-at-home:latest
	ports:
	- "7396:7396"
	environment:
	TZ: "${TZ:-UTC}"
	restart: unless-stopped
	---
	version: "3.7"
	services:
	motioneye:
	image: ccrisan/motioneye:master-armhf
	init: true
	ports:
	- "8081:8081"
	- "80:8765"
	environment:
	#! /bin/sh
	[ "$#" -lt 2 ] && { echo "Usage: $0 <outputfile> <inputfile> ..."; exit 1; }
	output_file="$1"
	shift
	gs -dBATCH -dNOPAUSE -dPDFSETTINGS=/prepress -sDEVICE=pdfwrite -o "$output_file" $@
	#! /bin/sh
	[ ! -d "$1" ] && echo "$1 is not a valid directory." && exit 1;
	trap "umount \"${1}\"/tmp \"${1}\"/dev/null \"${1}\"/dev/pts \"${1}\"/dev/random \"${1}\"/dev/shm \"${1}\"/dev/urandom \"${1}\"/proc" EXIT INT TERM HUP PIPE &&
	mount --bind /tmp "${1}/tmp" && \
	mount --bind /dev/null "${1}/dev/null" && \
	mount --bind /dev/pts "${1}/dev/pts" && \
	mount --bind /dev/random "${1}/dev/random" && \
	mount --bind /dev/shm "${1}/dev/shm" && \
	mount --bind /dev/urandom "${1}/dev/urandom" && \
	mount --bind /proc "${1}/proc" && \
	#! /bin/bash
	openssl req -new -x509 \
	-newkey rsa:4096 \
	-keyout MOK.priv \
	-outform DER \
	-out MOK.der \
	-days 36500 \
	-subj "/CN=$(getent passwd $UID \| cut -d: -f 5 \| cut -d, -f1)" \
	-nodes \
	-addext "extendedKeyUsage=codeSigning,1.3.6.1.4.1.311.10.3.6,1.3.6.1.4.1.2312.16.1.2"
	---
	version: '3.7'
	services:
	mqtt:
	image: eclipse-mosquitto:latest
	hostname: mqtt
	init: yes
	volumes:
	- mosquitto_config:/mosquitto/config
	- mosquitto_log:/mosquitto/log