Skip to content

Instantly share code, notes, and snippets.

View dominiwe's full-sized avatar
🐚
~

Domi dominiwe

🐚
~
14 followers · 143 following
View GitHub Profile
@mikaelhg
mikaelhg / 01_README.md
Last active July 1, 2024 14:52
Running Ubuntu 21.04 on QEMU MicroVM
@blurayne
blurayne / ui-widget-select.sh
Last active March 15, 2024 20:27
Pure BASH interactive CLI/TUI menu (single and multi-select/checkboxes)
#!/bin/bash
##
# Pure BASH interactive CLI/TUI menu (single and multi-select/checkboxes)
#
# Author: Markus Geiger <mg@evolution515.net>
# Last revised 2019-09-11
#
# ATTENTION! TO BE REFACTORED! FIRST DRAFT!
#
@baleyko
baleyko / socat_server.sh
Created March 8, 2018 10:44 — forked from CMCDragonkai/socat_server.sh
Socat: Simple HTTP Server
socat \
-v -d -d \
TCP-LISTEN:1234,crlf,reuseaddr,fork \
SYSTEM:"
echo HTTP/1.1 200 OK;
echo Content-Type\: text/plain;
echo;
echo \"Server: \$SOCAT_SOCKADDR:\$SOCAT_SOCKPORT\";
echo \"Client: \$SOCAT_PEERADDR:\$SOCAT_PEERPORT\";
"
@smoser
smoser / README.md
Last active May 26, 2024 16:46
set up a ssh tunnel only user for ssh proxy jump

Set up a ssh tunnel only user

In order to give someone access to hosts that are available only by ssh "bouncing" (ProxyJump), add a user for this specific purpose.

We have an internal openstack where instances get IPs on per-tenant networks. Each tenant has a 'bastion' host that has a "public" ip (floating ip). You can access other instances by bouncing through the bastion. From time to time I want to let someone else into an instance. This could be done either with:

a.) just give them shell access to the bastion and let them hop through. Sharing an unrestricted shell account on my bastion is less than ideal. b.) assign a floating/"public" IP to the instance so they could go directly in. Floating IPs are limited, so this is less than ideal.

So instead, I have set up a single user as described here that can only be used for ProxyJump. It allows others proxied access to my instances but without granting them full shell access.

@dseg
dseg / nftables.conf
Created April 22, 2016 07:45
A basic nftables config. Only accept ssh, http and https.
#!/usr/bin/nft -f
# ipv4/ipv6 Simple & Safe Firewall
# you can find examples in /usr/share/nftables/
table inet filter {
chain input {
type filter hook input priority 0;
# allow established/related connections
ct state {established, related} accept
@makinde
makinde / primer.js
Created April 23, 2010 01:02
!function() {
var doc = document,
htm = doc.documentElement,
lct = null, // last click target
nearest = function(elm, tag) {
while (elm && elm.nodeName != tag) {
elm = elm.parentNode;
}
return elm;
};