levid0s’s gists

levid0s / apply.sh

Last active August 12, 2024 01:42

OpenWRT IPSets allow in-line comments Patch

	cd /
	patch -p1 < /root/parse_ipsetentry.patch
	ACTION=reload-sets utpl -S /usr/share/firewall4/main.uc

levid0s / adguard_ipset.sh

Last active September 17, 2024 18:53

OpenWRT Update IPSet from Adguard

	#!/bin/sh
	set -e

	info='
	https://gist.github.com/levid0s/ed4b3ad883a183e0eda80b6c60b209e9

	Script for OpenWRT that queries the AdGuard Home API and retreives recent DNS query results, and updates an IPset file with the values.
	This way, firewall and DNS access can be centrally managed from AdGuard, perhaps with a block-all rule /.*/ and manually adding exception.
	Using this scirpt, those exceptions would propagate into OpenWRT firewall rules.
	'

levid0s / dns_watch.sh

Last active July 21, 2024 13:07

OpenWRT DNS Watch

	#!/bin/ash
	# https://gist.github.com/levid0s/2cb9f64234aab3b3a400b57d5d92f840

	set -eu

	usage="
	Suggested crontab:
	/5 * * * /root/dns_watch.sh 2>> /tmp/dns_watch.log
	"

levid0s / backup_proc_inline.sh

Last active July 4, 2024 17:44

Backup Proc OpenWRT

	#!/bin/sh

	BACKUP_FILE="/tmp/proc_backup_$(date +%Y%m%d_%H%M%S).txt.gz"
	start=$(date +%s)
	nl="
	"

	echo "Backing up /proc to: $BACKUP_FILE"

	dump_proc() {

levid0s / download_cert.sh

Last active July 14, 2024 11:56

LegoCertHub DownloadCert public

	#!/bin/sh
	# https://gist.github.com/levid0s/xxxxxx/

	# Usage:
	# download_cert.sh [-h] [-n] [-f]
	# -h: Show help
	# -n: Skip script update check
	# -f: Force cert download, skip comparison

	# Version: v20240714

levid0s / proxmox_nag_patch.sh

Last active April 13, 2024 10:48

Proxmox Subscription Nag Disable

	# Disable Subscription Nag Dialog
	ts=$(date +%Y%m%d-%H%M%S) && \
	pushd /usr/share/javascript/proxmox-widget-toolkit && \
	sed -z "-i.bak.$ts" 's/Ext.Msg.show({\n\s*title: gettext(\x27No valid subscription\x27),/void({ title: gettext(\x27No valid subscription\x27),/g' proxmoxlib.js && \
	! grep -q 'No valid subscription' proxmoxlib.js && \
	SYSTEMD_LOG_LEVEL=debug systemctl restart pveproxy.service 2>&1\|egrep "Got result .* for job\|Failed" && \
	echo "Success!" \|\| echo "Error!"

	# Switch apt to No-Subscription
	sed -i 's&^deb https://enterprise.proxmox.com/debian/&# deb https://enterprise.proxmox.com/debian/&g' /etc/apt/sources.list.d/pve-enterprise.list

levid0s / plugins.yaml

Created March 26, 2024 11:04

K9S Certinfo Plugin

	plugins:
	certinfo:
	shortCut: Shift-I
	confirm: false
	description: Get TLS Cert Info
	scopes:
	- secret
	command: sh
	background: false
	args:

levid0s / openwrt_ddns_porkbun_updater.sh

Last active April 23, 2024 14:51

OpenWRT DDNS Porkbun Updater

	set -e
	set -u

	__usage="

	$0

	OpenWRT DDNS updater ('ddns-scripts') script for the Porkbun API.
	The script has been extended to support running it directly (eg. via cron) without having to install the \`ddns-scripts\` opkg package.
	Suggested script path: /usr/bin/ddns-update-porkbun.sh

levid0s / plex_upgrade_cert.sh

Last active January 26, 2024 15:13

	# https://forums.plex.tv/t/custom-domain-certificate-not-used/855774/15
	openssl pkcs12 -export -certfile fullchain1.pem -in cert1.pem -inkey privkey1.pem -out plex_new.pfx -name plex.domain.com -certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256

levid0s / ssh_to_router.txt

Last active December 23, 2023 20:56

SSH: Unable to negotiate, no matching key exchange method found

	$ ssh root@192.168.1.1
	Unable to negotiate with 192.168.1.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,kexguess2@matt.ucc.asn.au

	$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -o PubkeyAuthentication=no -o PreferredAuthentications=password -o HostKeyAlgorithms=+ssh-rsa root@192.168.1.1
	BusyBox v1.23.2 (2019-02-19 01:57:00 UTC) built-in shell (ash)

	# sources:
	# https://unix.stackexchange.com/questions/15138/how-to-force-ssh-client-to-use-only-password-auth
	# https://unix.stackexchange.com/questions/340844/how-to-enable-diffie-hellman-group1-sha1-key-exchange-on-debian-8-0