Skip to content

Instantly share code, notes, and snippets.

View zoredache's full-sized avatar

Chris Francy zoredache

6 followers · 0 following
View GitHub Profile
@zoredache
zoredache / Demonstrate-CredentialFile.ps1
Created March 3, 2016 22:56
Demonstration of accepting credentials from a variable or file
<#
.SYNOPSIS
Demonstration of accepting credentials in a variable or file
.DESCRIPTION
This is only an demonstration of how a script can accept either a file
with stored credentials, or a PSCredential object, so that it can be used
performing tasks that require authentication.
.PARAMETER CredentialFile
@zoredache
zoredache / minecraft@.service
Created August 23, 2017 22:39
systemd minecraft unit - /etc/systemd/system/minecraft@.service
# adapted from https://gist.github.com/nathanielc/9b98350ccbcbf21256d7
[Unit]
Description=Minecraft Server %i
[Service]
Environment="JAVABIN=/usr/bin/java" "JAVAOPTS=-Xmx1024M -Dlog4j.configurationFile=log4j2.xml" "MCJAR=paperclip.jar" "MCOPTS=--
log-strip-color"
EnvironmentFile=-/srv/mc/%i/environment
@zoredache
zoredache / gpg-vault-file.sh
Created March 13, 2018 18:59
ansible gpg vault script
#!/bin/bash
# adapted from https://github.com/yaegashi/ansible-snippets/blob/master/gnupg/ansible-gpg-file.sh
# ansible.cfg
# [defaults]
# # decryption passphrase and key in lastpass
# vault_password_file = ./gpg-vault-file.sh
if [ -z "$GPG_TTY" ]; then
@zoredache
zoredache / install_ansible.sh
Last active August 27, 2021 18:52
Install ansible centos
# all the ansible python packages will be nicely self contained in this directory.
virtualenv_path=/usr/local/ansible/stable
mkdir -p /etc/ansible
mkdir -p ${virtualenv_path}
# Create requirements file for pip
# and more, or remove as needed.
echo "
ansible
ansible-lint
@zoredache
zoredache / sign_ssh_host_keys.yml
Last active October 5, 2021 08:22
sign_ssh_host_keys.yml
---
# signing key generated with
#
# ssh-keygen -t ed25519 -f 20200624_ca_ed25519 -C 20200624_ca_ed25519 -N ""
#
# encrypted with ansible-vault
#
# ansible-vault encrypt 20200624_ca_ed25519
- hosts: localhost:linux_systems
@zoredache
zoredache / switch_backup.yml
Created April 30, 2020 17:20
ansible switch_backup.yml
---
- hosts: switches
gather_facts: no
vars:
track_changes: yes
data_dir: "data/switches"
tasks:
- name: create data directory if needed
file:
@zoredache
zoredache / WSL2_SSH_AGENT_README.md
Last active June 26, 2023 00:57
Forward a Windows agent from Windows into WSL2.

Since people still seem to be having problems with this, I thought I would post my solution for getting a pretty reliable agent into WSL2.

I have found the npipe+socat options pretty unstable, and frustrating.

My solution for getting an agent into WSL uses a combination of WSL2 systemd support, OpenSSH server installed in WSL2, and using OpenSSH client in Windows.

Prepare the environment

  • Install the openssh client on windows, run some kind of agent on Windows and add your keys. Make sure you can see your keys on the Windows side by running ssh-add.exe -L
  • Setup your favorite WSL distro configure for WSL2.
@zoredache
zoredache / my_temp_fix_on_debian_bookworm.md
Last active September 9, 2023 05:25
ip6tables-legacy check bug

Start a container to build iptables from source

docker run --rm -it -w /srv/build \
    -v /srv/build/:/srv/build \
    -v /usr/local:/usr/local \
    debian:bookworm

In the container build iptabes

@zoredache
zoredache / install_ansible.sh
Last active December 1, 2023 09:54
install_ansible.sh Debian/Ubuntu
#!/bin/bash
set -euo pipefail
set -x
virtualenv_path=/usr/local/ansible/stable
# Install packages needed on a base Debian system
apt-get update
</dev/null DEBIAN_FRONTEND=noninteractive \
apt-get --yes install --no-install-recommends $(