stevejenkins

# Instructions for installing Pi-hole 4.2 on UniFi CloudKey Gen 1 (UC-CK) running firmware 0.13.6
# Pi-hole will need to be completely re-installed after every FW update or if CloudKey is reset to defaults.

# Verify UC-CK is running firmware v0.13.6 (or later) before installing Pi-hole. If not, do:
ubnt-systool fwupdate https://dl.ubnt.com/unifi/stage/cloudkey/firmware/UCK/UCK.mtk7623.v0.13.6.7ad551e.190225.0939.bin

# UC-CK firmware v0.13.6 downgrades UniFi Controller to 5.10.17. Upgrade to 5.10.19 with:
cd /tmp
wget https://dl.ubnt.com/unifi/5.10.19/unifi_sysvinit_all.deb
dpkg -i unifi_sysvinit_all.deb

stevejenkins

#/bin/bash

# bash-autopatch.sh
# A shell script that fully automates the "manual" patching of GNU Bash, using source and all known official patches.
# Contributed by Mike Marino, based on Steve Jenkins' manual Bash patching and compiling procedure at:
# http://stevejenkins.com/blog/2014/09/how-to-manually-update-bash-to-patch-shellshock-bug-on-older-fedora-based-systems/

# This script is a "continuation" of Steve Cook's bash-multipath.sh at: https://gist.github.com/stevejenkins/3d64d3543060c1bcac92

# Version 1.0 - October 10, 2014

stevejenkins

#! /bin/sh
#
# Copyright (c) 2013 Mike Miller <mmiller@mgm51.com>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

stevejenkins

<?php
/**
 * Super-simple AWS CloudFront Invalidation Script
 * Modified by Steve Jenkins <steve stevejenkins com> to invalidate a single file via URL.
 * 
 * Steps:
 * 1. Set your AWS Access Key
 * 2. Set your AWS Secret Key
 * 3. Set your CloudFront Distribution ID (or pass one via the URL with &dist)
 * 4. Put cf-invalidate.php in a web accessible and password protected directory

stevejenkins

# MOVED TO https://github.com/stevejenkins/unifi-linux-utils

stevejenkins

firewall {
    all-ping enable
    broadcast-ping disable
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians enable
    name WAN_IN {
        default-action drop
        description "WAN to Internal"

stevejenkins

set firewall all-ping enable
set firewall broadcast-ping disable
set firewall ipv6-name WANv6_IN default-action drop
set firewall ipv6-name WANv6_IN description 'WAN inbound traffic forwarded to LAN'
set firewall ipv6-name WANv6_IN rule 10 action accept
set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related'
set firewall ipv6-name WANv6_IN rule 10 state established enable
set firewall ipv6-name WANv6_IN rule 10 state related enable
set firewall ipv6-name WANv6_IN rule 20 action drop
set firewall ipv6-name WANv6_IN rule 20 description 'Drop invalid state'

stevejenkins

# EdgeOS v1.9 Google Fiber Config Script
# by Steve Jenkins (http://www.stevejenkins.com/)
# Last updated: Aug 14, 2016
# Based on settings & scripts by Atlantisman, TK, and CompTech

# RUN THIS SCRIPT AS ROOT ON YOUR EDGEROUTER
# Script runs best if you copy and paste in sections

#______________________Basic Firewall Setup_______________________________
configure

stevejenkins

# Google Fiber TV Service Additional Script
# Based on Atlantisman's TV script
# http://blog.nexusshield.com/google-fiber-ubiquitis-edgerouter/
# Edited by Steve Jenkins to work with his version of the script
#______________________TV Service Config _____________________
#Setup IGMP Proxy
configure
edit protocols igmp-proxy
set interface eth0.2 role upstream
set interface eth2 role downstream

stevejenkins

# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils