Skip to content

Instantly share code, notes, and snippets.

Avatar

Steve Jenkins stevejenkins

View GitHub Profile
@stevejenkins
stevejenkins / Pi-hole on UC-CK 0.13.6
Last active Jan 10, 2021
Pi-hole on UC-CK 0.13.6
View Pi-hole on UC-CK 0.13.6
# Instructions for installing Pi-hole 4.2 on UniFi CloudKey Gen 1 (UC-CK) running firmware 0.13.6
# Pi-hole will need to be completely re-installed after every FW update or if CloudKey is reset to defaults.
# Verify UC-CK is running firmware v0.13.6 (or later) before installing Pi-hole. If not, do:
ubnt-systool fwupdate https://dl.ubnt.com/unifi/stage/cloudkey/firmware/UCK/UCK.mtk7623.v0.13.6.7ad551e.190225.0939.bin
# UC-CK firmware v0.13.6 downgrades UniFi Controller to 5.10.17. Upgrade to 5.10.19 with:
cd /tmp
wget https://dl.ubnt.com/unifi/5.10.19/unifi_sysvinit_all.deb
dpkg -i unifi_sysvinit_all.deb
@stevejenkins
stevejenkins / bash-autopatch.sh
Last active Nov 24, 2020
A shell script that fully automates the "manual" patching of GNU Bash, using source and all known official patches. Contributed by Mike Marino, based on Steve Jenkins' manual Bash patching procedure at http://stevejenkins.com/blog/2014/09/how-to-manually-update-bash-to-patch-shellshock-bug-on-older-fedora-based-systems/
View bash-autopatch.sh
#/bin/bash
# bash-autopatch.sh
# A shell script that fully automates the "manual" patching of GNU Bash, using source and all known official patches.
# Contributed by Mike Marino, based on Steve Jenkins' manual Bash patching and compiling procedure at:
# http://stevejenkins.com/blog/2014/09/how-to-manually-update-bash-to-patch-shellshock-bug-on-older-fedora-based-systems/
# This script is a "continuation" of Steve Cook's bash-multipath.sh at: https://gist.github.com/stevejenkins/3d64d3543060c1bcac92
# Version 1.0 - October 10, 2014
@stevejenkins
stevejenkins / gwhitelist.sh
Last active Nov 23, 2020
Script for creating a Postfix whitelist for Gmail servers
View gwhitelist.sh
#! /bin/sh
#
# Copyright (c) 2013 Mike Miller <mmiller@mgm51.com>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
@stevejenkins
stevejenkins / cf-invalidate.php
Created Sep 7, 2011 — forked from claylo/cf-invalidate.php
How to invalidate a single item via URL in AWS CloudFront
View cf-invalidate.php
<?php
/**
* Super-simple AWS CloudFront Invalidation Script
* Modified by Steve Jenkins <steve stevejenkins com> to invalidate a single file via URL.
*
* Steps:
* 1. Set your AWS Access Key
* 2. Set your AWS Secret Key
* 3. Set your CloudFront Distribution ID (or pass one via the URL with &dist)
* 4. Put cf-invalidate.php in a web accessible and password protected directory
@stevejenkins
stevejenkins / unifi_ssl_import.sh
Last active Mar 31, 2020
Import and use SSL certificates (including Let's Encrypt) with the Ubiquiti UniFi Controller on Unix/Linux Systems
View unifi_ssl_import.sh
# MOVED TO https://github.com/stevejenkins/unifi-linux-utils
@stevejenkins
stevejenkins / config.worky
Last active Mar 29, 2020
ER-POE Config where remote HTTPS / SSH work
View config.worky
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to Internal"
@stevejenkins
stevejenkins / ERL GF Commands
Created Aug 15, 2017
Basic configuration commands to set up an ERL for Google Fiber
View ERL GF Commands
set firewall all-ping enable
set firewall broadcast-ping disable
set firewall ipv6-name WANv6_IN default-action drop
set firewall ipv6-name WANv6_IN description 'WAN inbound traffic forwarded to LAN'
set firewall ipv6-name WANv6_IN rule 10 action accept
set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related'
set firewall ipv6-name WANv6_IN rule 10 state established enable
set firewall ipv6-name WANv6_IN rule 10 state related enable
set firewall ipv6-name WANv6_IN rule 20 action drop
set firewall ipv6-name WANv6_IN rule 20 description 'Drop invalid state'
@stevejenkins
stevejenkins / EdgeMax-Google.sh
Last active Nov 15, 2019
IPv4/IPv6 setup script for EdgeMax EdgeOS v1.9 routers to replace the Google Fiber Network Box
View EdgeMax-Google.sh
# EdgeOS v1.9 Google Fiber Config Script
# by Steve Jenkins (http://www.stevejenkins.com/)
# Last updated: Aug 14, 2016
# Based on settings & scripts by Atlantisman, TK, and CompTech
# RUN THIS SCRIPT AS ROOT ON YOUR EDGEROUTER
# Script runs best if you copy and paste in sections
#______________________Basic Firewall Setup_______________________________
configure
@stevejenkins
stevejenkins / EdgeMax-Google-TV.sh
Last active Apr 24, 2019
Additional script for Google Fiber TV customers to run on their EdgeRouter, after running the initial EdgeMax-Google.sh script, to enable TV service.
View EdgeMax-Google-TV.sh
# Google Fiber TV Service Additional Script
# Based on Atlantisman's TV script
# http://blog.nexusshield.com/google-fiber-ubiquitis-edgerouter/
# Edited by Steve Jenkins to work with his version of the script
#______________________TV Service Config _____________________
#Setup IGMP Proxy
configure
edit protocols igmp-proxy
set interface eth0.2 role upstream
set interface eth2 role downstream
@stevejenkins
stevejenkins / upgrade_unifi.sh
Last active Feb 10, 2019
Easy UniFi Controller Upgrade Script for Unix/Linux Systems
View upgrade_unifi.sh
# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils
You can’t perform that action at this time.