Skip to content

Instantly share code, notes, and snippets.

View willjasen's full-sized avatar

willjasen

14 followers · 27 following
View GitHub Profile
@willjasen
willjasen / clean-up-media-folder.sh
Last active June 6, 2024 23:35
clean up the media folder
#!/bin/sh
MEDIA_FOLDER=/mnt/crypt/runtipi/media/data;
RED="\e[31m";
GREEN="\e[32m";
YELLOW="\e[33m";
BLUE="\e[34m";
echo "${YELLOW}-- This clean up script has started! --";
echo "${BLUE}---------------------------------------";
@willjasen
willjasen / ubuntu-24.04-image.sh
Last active May 25, 2024 01:59
set up an image of ubuntu 24.04 for me
#!/bin/sh
# Image version - v1.0
# Update the operating system
apt update; DEBIAN_FRONTEND=noninteractive apt upgrade -y;
# Install common tools
apt install curl git wget net-tools screen jq locate nano -y;
@willjasen
willjasen / systemd-dependencies-on-tailscale.md
Last active May 24, 2024 21:30
Debian systemd dependencies on Tailscale

Prologue

Some services in Debian/Ubuntu need to start after the Tailscale service is not only started/active, but has fully come up (in so much that it passes network traffic, which can take 5-10 seconds after the service starts). This is crucial when binding services solely to the Tailscale interface such that they require it to be fully operational before binding can successfully complete. Some services like the Zabbix agent may initially fail but will retry and start successfully once Tailscale is fully operational, but other services like netatalk (used for Apple file sharing) will generally fail to start or bind and will not reattempt, forcing a manual intervention of restarting that service.

To account for this, a "ExecStartPost" within the Tailscale systemd config monitors when the host can successfully ping 100.100.100.100 (the "localhost" IP within Tailscale) such that other services that depend on Tailscale won't attempt to start until the ping is successful. From there, the dependent services

@willjasen
willjasen / proxmox-cluster-over-tailscale.md
Last active June 25, 2024 12:46
Create a Proxmox cluster that communicates over Tailscale

‼️ DANGER ‼️

In the interest of complete transparency, if you follow this guide, there’s a very minuscule but non-zero chance that you may violate the Bekenstein bound, at which the resulting black hole may swallow the earth whole. You have been warned!

⚠️ WARNING ⚠️

  • This guide is for development, testing, and research purposes only. This guide comes with no guarantee or warranty that these steps will work within your environment. Should you attempt within a production environment, any negative outcomes are not the fault of this guide or its author.
  • This guide was tested on Proxmox 8 / Debian 12.
@willjasen
willjasen / etc-network-interfaces
Created April 1, 2024 20:09
interfaces config for a proxmox host with only one network interface
auto eno1
iface eno1 inet manual
auto vmbr1
iface vmbr1 inet static
address x.x.x.2/29
gateway x.x.x.1
bridge-ports eno1
bridge-stp off
bridge-fd 0
@willjasen
willjasen / omnifocus_calendar.scpt
Last active March 16, 2024 21:45
Create calendar events from OmniFocus tasks
-- MOVED THIS GIST TO REPO --
-- https://github.com/willjasen/omnifocus-tasks-to-calendar --
-- ***********************************************************
property calendar_name : "OmniFocus" -- This is the name of your calendar
property default_duration : 30 --minutes
-- Rosemary Orchard
-- Modified from a script by unlocked2412
@willjasen
willjasen / setup.sh
Last active March 11, 2024 01:36
setup chocolatey test environment
# Allow this user to not require sudo password
#USER_TO_ALLOW=choco-test; SUDO_FILE=/etc/sudoers.d/no-password-$USER_TO_ALLOW; test -f $SUDO_FILE || echo "$USER_TO_ALLOW ALL=(ALL) NOPASSWD:ALL" | sudo tee $SUDO_FILE; sudo chmod 440 $SUDO_FILE; sudo visudo -c;
# Install git
#sudo apt update;
#sudo apt install -y git;
# Install Vagrant
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg;
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list;
@willjasen
willjasen / bulk-toggle-proxmox-replication-jobs.sh
Last active February 14, 2024 01:20
toggles replication jobs on a host (enable/disable)
#!/bin/bash
# Moved to https://github.com/willjasen/proxmox-scripts/blob/main/bulk-toggle-proxmox-replication-jobs.sh
# Output may show "trying to acquire cfs lock 'file-replication_cfg' ..." at some point but script should still finish
# EDIT: true to disable jobs, false to enable jobs
DISABLE=true;
# Make sure jq is installed
@willjasen
willjasen / tailscale-cert-renew.sh
Created February 4, 2024 19:55
renews tailscale certificate in proxmox
#!/bin/bash
# taken from https://tailscale.com/kb/1133/proxmox
NAME="$(tailscale status --json | jq '.Self.DNSName | .[:-1]' -r)"
tailscale cert "${NAME}"
pvenode cert set "${NAME}.crt" "${NAME}.key" --force --restart
@willjasen
willjasen / 10-wancarp
Last active May 25, 2024 13:02 — forked from spali/10-wancarp
Disable WAN interfaces when CARP is down
#!/usr/local/bin/php
<?php
/*
This script can be used with OPNsense when using CARP in certain circumstances where CARP is desired on the LAN side
but where CARP cannot run on the WAN side. This script runs each time an event by CARP is generated. In the event that
there are multiple LAN interfaces where CARP is enabled, this script will check that all interfaces where CARP is
enabled are in a particular state (MASTER/BACKUP) before enabling or disabling its WAN interfaces.
*/