troyfontaine

#!/bin/bash

# Really crappy script that works to delete private packages stored on Github Packages
# Intended to simplify deleting packages that are counting against your limit
# By Troy Fontaine (github.com/troyfontaine)
# First displays the private packages name then the version finally the ID needed to delete it
# Then prompts you if you want to delete the packages based on the ID

GITHUB_TOKEN=$SUPERSECRETTOKEN
REPO_OWNER=$YOURGITHUBUSERNAME

troyfontaine

Google Authenticator for SSH How-To

Installing the Google Authenticator pam package alone does not configure a system for 2 Factor Authentication when connecting via SSH.

Overview

The Google Authenticator package can be installed on Ubuntu via apt-get on Ubuntu 14.04.3 and later (that I've confirmed).

It provides a pam module that allows you to prompt a user for a code generated via a Google Authenticator app or other compatible TOTP app (such as 1Password). The script below enables the authenticator prompt when using ssh and password authentication.

A few things to keep in mind:

• You cannot enable Google Authenticator for Public Key-based authentication at the same time as Password-based authentication

troyfontaine

Rsync Commands for use with TrueNAS

Due to the way TrueNAS is built-duplicating files using Rsync requires some special flags to allow it to work

The below example command has been used and verified as working with TrueNAS Scale

rsync -avrh -A --no-perms <SOURCE> <DESTINATION>

troyfontaine

How to Install OpenSSH on Windows 10 (any version) with Publickey Authentication working

This brief tutorial assumes you already have an SSH public key you want to use

1. Install chocolatey via Powershell

   Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
   

2. Close Powershell

3. Open a new Powershell session

troyfontaine

#!/bin/bash

# Create fullchain
cat ~/cert/*.ca-bundle ~/cert/*.crt >> fullchain.cer
 
# Generate pkcs12 cert from acme output
openssl pkcs12 -export -in ~/cert/fullchain.cer -inkey \
~/cert/mydomain.key \
-out ~/cert/unifi.p12 -name unifi -password pass:aircontrolenterprise
 

troyfontaine

Badblocks on TrueNAS Scale

1. Connect your USB drive to the machine
2. Navigate to the TrueNAS Scale shell by opening the menu, going to System Settings and then clicking on Shell
3. Locate the drive's device ID using the lsblk command
4. Check the recommended block size using the command blockdev --getbsz /dev/<YOUR BLOCK DEVICE ID>
5. Note the block size you got from the last command
6. STOP! Have you ensured that the USB device does NOT have any important data on it? If it does, stop now, unplug it from the TrueNAS Scale machine and back it up elsewhere! Running the specific badblocks command we'll use will destroy data on the drive!
7. Okay, you've confirmed there is no data on the drive you need? Good!
8. Fire up a new tmux session tmux new -s badblocks_

troyfontaine

Resize an Ubuntu VM Disk on TrueNAS Scale

1. Shutdown the target VM
2. Locate the zvol where the storage is allocated in the Storage blade in the TrueNAS Scale Web UI
3. Resize the zvol by editing it-this can ONLY be increased, not shrunk!
4. Save your changes
5. Start your target VM up again
6. Log in to the VM
7. Execute the growpart command, ie. sudo growpart /dev/vda 2
8. Execute the resize2fs command, ie. sudo resize2fs /dev/vda2

troyfontaine

#!/usr/bin/env bash
# Download the binary
sudo curl -SL https://github.com/docker/compose/releases/download/v2.2.3/docker-compose-linux-aarch64 \
-o /usr/local/lib/docker/cli-plugins/

# Set the binary to be executable
chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

troyfontaine

#!/usr/bin/env bash

# Install Dependencies
sudo apt-get update && sudo apt-get install software-properties-common wget -y

# Add the gpg key
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg

# Add the repository and set where the key is to validate the packages
echo 'deb [arch=arm64 signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main' | sudo tee /etc/apt/sources.list.d/hashicorp.list

troyfontaine

Configuring the Unifi Guest Network Secure Hotspot Portal to use SSL

Requirements:

• Unifi Controller v5 running on a Unifi CloudKey (UCK)
• A Unifi USG
• A Unifi Access Point such as the UAP-AC-LR, UAP-AC-Lite, UAP-AC-Pro (UAP)
• Your own valid purchased Domain Name (in order to purchase an SSL Certificate)
• Your own DNS Provider (This can be through your domain registrar or through a third party such as CloudFlare or Hurricane Electric)
• The ability to purchase SSL Certificates (or use Let's Encrypt with DNS Validation)

This document is written for Unifi Controller Software v5. Configuring the Unifi Controller Guest Network, the Hotspot Portal and SSL is actually fairly involved and requires modifying the configuration in several locations-as well as adding the SSL certificate via SSH. So this will consist of several discrete procedures to achieve the end goal.