Skip to content

Instantly share code, notes, and snippets.

View BlackthornYugen's full-sized avatar

John Steel BlackthornYugen

View GitHub Profile
@BlackthornYugen
BlackthornYugen / test-openssl-req.sh
Last active August 18, 2024 03:22
Playing with bash and jq pipe formatting
#!/usr/bin/env bash
set -euo pipefail
cd "$(mktemp -d)"
openssl req \
-subj "/C=CA/ST=Ontario/L=Waterloo/O=jskw/OU=IT/CN=jskw.dev" \
-new \
-outform PEM \
-nodes \
-keyout /dev/null \
-out - \
@BlackthornYugen
BlackthornYugen / haproxy_be_ipwhitelist.cfg
Created February 24, 2024 18:48
Python modify haproxy acls
backend be_ipwhitelist
option forwardfor
http-request set-header x-forwarded-proto %[ssl_fc,iif(https,http)]
acl is_authorized src -f /etc/haproxy/ip_pass.lst
acl is_authorized http_auth(basic-auth-list)
acl is_logout_path path_end logout
http-request auth realm myrealm.example.org unless is_authorized !is_logout_path
http-request add-header Cache-Control no-cache
server python1 127.0.0.1:5333 check
docker run --interactive --detach --name watch-jellyfin --network container:jellyfin alpine /bin/sh -c "
apk add --no-cache tcpdump;
tcpdump -i any -A 'tcp port (8920 or 8096) and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' --snapshot-length=1024
"
@BlackthornYugen
BlackthornYugen / gist:3033e74a2290c16e82060f7267f94659
Created February 18, 2024 18:27
Check for files that were not coppied twice.
jq --raw-output --raw-input --slurp '
split("\n") |
map(select(. != "") | capture("^(?<date>[\\d\\-]+\\s[\\d:]+),[\\d]+.*? (?<filename>[^:]+): (?<operation>Copied|Deleted)")) |
group_by(.filename) |
map({
filename: .[0].filename,
copy_count: map(select(.operation == "Copied")) | length,
delete_date: map(select(.operation == "Deleted") | .date)[0]
}) |
map(select(.copy_count != 2))[] | [.delete_date, .filename, .copy_count] | @csv' < file-operations.log | tr -d '"' | column -t -s ','
@BlackthornYugen
BlackthornYugen / caffeinate_unti.sh
Created December 15, 2023 17:18
Run caffeinate when battery is above a given value, preventing MacOS from sleeping.
#!/bin/bash
# Default values
verbose=0
min_battery=20
log() {
if [[ "$verbose" -gt 0 ]]; then
echo "$@"
fi
@BlackthornYugen
BlackthornYugen / Dockerfile
Created April 6, 2023 17:08
ssh jumpbox with gpg agent and random password
FROM --platform=linux/arm64 amazonlinux:2
RUN yum install -y openssh-server
RUN useradd -ms /bin/bash jumpuser
RUN mkdir -v /run/sshd
RUN ssh-keygen -A
USER jumpuser
RUN mkdir ~/.gnupg ~/.ssh
RUN echo 'eval `ssh-agent -s` > /dev/null' >> ~/.bashrc
RUN echo 'export SSH_AUTH_SOCK=$HOME/S.gpg-agent.ssh' >> ~/.bashrc
@BlackthornYugen
BlackthornYugen / example-server.ps1
Last active December 28, 2022 21:34
UDP Latency Check
#!/usr/bin/env pwsh
# Save results to a psql database
function Save-Result {
[CmdletBinding()]
param (
[Parameter(ValueFromPipeline=$true)]
[string]$json
)
Process {
@BlackthornYugen
BlackthornYugen / generate-pki-from-gpg-truststore.sh
Created December 16, 2022 13:40
This script generates a CA as well as an end-entity for anyone in the caller's GPG trust store.
#!/usr/bin/env bash
set -e
if [ -f "$MY_SECRETS" ] ; then
echo "Verified that MY_SECRETS is set."
elif [ -z "$GITLAB_ACCESS_TOKEN" ] ; then
echo "MY_SECRETS needs to be created but GITLAB_ACCESS_TOKEN was not set. Cannot deploy PKI."
exit 1
else
@BlackthornYugen
BlackthornYugen / Autocomplete.md
Last active July 19, 2022 03:16
Bash Autocomplete quick reference

Bash Autocomplete quick reference

Directory

Look for direcotries assuming a relative path.

complete -A directory echo
@BlackthornYugen
BlackthornYugen / update_cert.sh
Last active August 3, 2021 12:03
ESXI Update certificate from URL
#!/usr/bin/env sh
# ESXI Update certificate from url
#
# 1. Save this script in /opt/update_cert.sh (and chmod +x it)
#
# 2. Add one of these to /var/spool/cron/crontabs/root:
# Debug logging:
# 00 1 * * * sh -x /opt/update_cert.sh https://pem.jsteelkw.dev/$(hostname -f).cer 2>&1 | tee -a /opt/certs.log
# Normal:
# 00 1 * * * /opt/update_cert.sh https://pem.jsteelkw.dev/$(hostname -f).cer