Skip to content

Instantly share code, notes, and snippets.

View tomwassenberg's full-sized avatar

Tom Wassenberg tomwassenberg

  • The Netherlands
View GitHub Profile
@tomwassenberg
tomwassenberg / share_terminal_output.sh
Last active December 27, 2022 20:01
Shell snippet to share the output of your terminal with another user on the system.
#!/usr/bin/env -S bash -i
# Unofficial Bash strict mode
set \
-o errexit \
-o errtrace \
-o noglob \
-o nounset \
-o pipefail
IFS=$'\n\t'
@tomwassenberg
tomwassenberg / check_ping_misses.sh
Created April 5, 2021 12:02
A script that pings a host and for any timeouts, prints the ICMP sequence number and date
#!/usr/bin/env bash
# Ping a host and for any timeouts, print the ICMP sequence number and date
set -eEfuo pipefail
IFS=$'\n'
declare -i ICMP_SEQ ICMP_TIMEOUT_IN_SECONDS=1
TARGET_IP=${1}
shift
@tomwassenberg
tomwassenberg / rotate-secrets.yml
Last active September 25, 2019 10:25
A hacky Ansible playbook that can be adapted to rotate Ansible Vault-encrypted secrets in-place.
---
# This playbook rotates Ansible Vault-encrypted secrets that are defined
# as dictionaries in the group_vars of an Ansible repository.
#
# The changes are split over multiple tasks, because the dictionary logic
# doesn't handle looping over secrets on differing levels within a
# dictionary.
- hosts: "all"
user: "ansible"
@tomwassenberg
tomwassenberg / apt-upgrade.yml
Last active August 23, 2019 10:05
A combination of Ansible tasks to trigger an apt upgrade, and wait for it to be done. In contrast to simply using the `apt` module, this is compatible with an apt upgrade already in progress. This is useful when you need to run a playbook on a host with `unattended-upgrades` enabled and is booted up on demand. Workaround for https://github.com/a…
---
- name: "update all packages"
systemd:
name: "apt-daily-upgrade.service"
state: "started"
- name: "check if updating is done"
systemd:
name: "apt-daily-upgrade.service"
state: "stopped"
@tomwassenberg
tomwassenberg / check-dns-resolver.sh
Created April 2, 2018 21:58
Checks the WhoIS of the upstream DNS resolver your system currently uses.
#!/usr/bin/env bash
dig +short whoami.akamai.net | xargs whois | grep -oP '^netname:\s+\K.+$'
@tomwassenberg
tomwassenberg / dns-query-loop.sh
Last active October 31, 2019 19:00
Queries an FQDN for a record type a certain amount of times, and lists the received statuses
#!/usr/bin/env bash
set -Eefuo pipefail
IFS=$'\n\t'
# Set these vars first
host="${1}"
record_type="${2}"
request_limit=5
@tomwassenberg
tomwassenberg / ocsp-test.sh
Last active February 3, 2022 21:26
Request and check OCSP response of queried domain name
#!/usr/bin/env bash
# Unofficial Bash strict mode
set \
-o errexit \
-o errtrace \
-o noglob \
-o nounset \
-o pipefail
IFS=$'\n\t'
@tomwassenberg
tomwassenberg / g_suite_groups.gs
Last active June 21, 2018 14:31
Functions to get info about Google Groups from the G Suite API in a Google spreadsheet
function showMyGroups() {
var current_sheet;
var groups;
current_sheet = SpreadsheetApp.getActiveSpreadsheet().getActiveSheet();
groups = GroupsApp.getGroups();
if (groups.length > 0) {
current_sheet.clearContents();
current_sheet.getRange(1, 1).setValue("You are a member of " + groups.length + " groups:");