Skip to content

Instantly share code, notes, and snippets.

View MindTooth's full-sized avatar
⚙️
...

Birger Johan Nordølum MindTooth

⚙️
...
60 followers · 128 following
View GitHub Profile
@plembo
plembo / upnper4dont.md
Last active August 29, 2024 16:11
UPnP with EdgeRouter: Don't do it! Ubiquiti. ER-4.

Want to configure UPnP on EdgeRouter-4?

Don't do it!

Introduction

As a former sysadmin that once helped ride herd over around 1,000 servers, of which around 10% were Internet-facing, I've never been a fan of autoconfiguation when it comes to punching holes through the firewall. I've seen the tripwire logs, and it's sobering.

The Problem

So enabling UPnP on my EdgeRouter-4 wasn't something I had on the roadmap, but when I ran into difficulty getting DLNA to work on the default VLAN, I thought it was worth looking into (never mind that, as I later learned, having UPnP turned on wasn't going make a bit of difference on my local network: another reason that mastering theory should always come before practice).

@budougumi0617
budougumi0617 / .vimrc
Created July 2, 2020 10:41
gopls with vim-lsp settings
" https://knowledge.sakura.ad.jp/23248/
" dein.vim settings {{{
" install dir {{{
let s:dein_dir = expand('~/.cache/dein')
let s:dein_repo_dir = s:dein_dir . '/repos/github.com/Shougo/dein.vim'
" }}}
" dein installation check {{{
if &runtimepath !~# '/dein.vim'
if !isdirectory(s:dein_repo_dir)
@kharandziuk
kharandziuk / terraform-presigned-url.tf
Created June 25, 2020 11:50
A hack to generate a presigned url in terraform
variable "bucket_name" {
default = "max-bucket-for-testing"
}
provider "aws" {
region = var.aws_region
profile = var.aws_profile
}
resource "aws_s3_bucket" "artifacts" {
@MartinBrugnara
MartinBrugnara / doc.txt
Last active April 10, 2025 00:17
DigitalOcean, assign public ipv6 to wireguard clients
# /etc/sysctl.d/wireguard.conf
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.eth0.proxy_ndp=1
#/etc/wireguard/wg0.conf (DO virtual machine)
[Interface]
# The server interface does not actually need an ipv6.
# The 2 following must be repeated for each used addres [0, 1]
@tashian
tashian / init_aws_ssh_host.sh
Last active October 10, 2024 11:42
#!/bin/bash
#
# This script will get an SSH host certificate from our CA and add a weekly
# cron job to rotate the host certificate. It should be run as root.
#
# See https://smallstep.com/blog/diy-single-sign-on-for-ssh/ for full instructions
CA_URL="[Your CA URL]"
# Obtain your CA fingerprint by running this on your CA:
@tashian
tashian / init_aws_ca.sh
Last active December 31, 2024 11:38
#!/bin/bash
#
# This script will launch and configure a step-ca SSH Certificate Authority
# on AWS in an Ubuntu / Debian-based VM with OIDC and AWS provisioners
#
# See https://smallstep.com/blog/diy-single-sign-on-for-ssh/ for full instructions
OIDC_CLIENT_ID="[OAuth client ID]" # from Google
OIDC_CLIENT_SECRET="[OAuth client secret]" # from Google
ALLOWED_DOMAIN="[the domain name of accounts your users will use to sign to Google]"
@yegappan
yegappan / VimScriptForPythonDevelopers.MD
Last active April 5, 2025 09:17
Vim script for Python Developers

Vim Script for Python Developers

This is a guide to Vim Script development for Python developers. Sample code for the various expressions, statements, functions and programming constructs is shown in both Python and Vim Script. This is not intended to be a tutorial for developing Vim scripts. It is assumed that the reader is familiar with Python programming.

For an introduction to Vim Script development, refer to usr_41.txt, eval.txt and Learn Vimscript the Hard Way

For a guide similar to this one for JavaScript developers, refer to Vim Script for the JavaScripter

This guide only describes the programming constructs that are present in both Python and Vim. The constructs that are unique to Vim (e.g. autocommands, [key-mapping](https://vimhelp.org/map.txt.html#key-m

@dragon788
dragon788 / win10_binary_fission.md
Last active November 1, 2024 21:59
Making the Windows 10 "chubby" install.wim compatible with a FAT32 USB so a UEFI bootable USB can be created from Linux/macOS/ChromeOS

MAGIC aka Making Anything Gruelingly "Impossible" Coherent

Whatever operating system you are using to create the USB, you will need to have a Windows 10 ISO, either from Microsoft or your system manufacturer and have a USB drive 8GB or larger (or one with at least 5GB of free space and using the FAT32 filesystem, but using a fresh and empty one is best).

TL;DR

#macOS/Linux
# First try the `bootiso` program, it has options for splitting the WIM for you!
# https://jsamr.github.io/bootiso/
# You need to already have 7zip aka `p7zip` on macOS and Linux, and `wimlib` macOS via `brew` or `wimtools` on Linux
@christhomas
christhomas / gist:ea90cc55502a3f804f0b6a8e59d05e60
Created September 17, 2019 07:55
How to use the terraform workspace command to keep multiple state configurations without clashing
#!/usr/bin/env bash
# usage: chris-terraform ... (any terraform command you want)
role=XYZ
credentials=(`aws sts assume-role --role-arn "${role}" --role-session-name terraform --query '[Credentials.AccessKeyId,Credentials.SecretAccessKey,Credentials.SessionToken]' --output text`)
AWS_ACCESS_KEY_ID=${credentials[0]}
AWS_SECRET_ACCESS_KEY=${credentials[1]}
AWS_SESSION_TOKEN=${credentials[2]}
AWS_SECURITY_TOKEN=${credentials[2]}
@fabiotatsuo
fabiotatsuo / rust.md
Last active January 23, 2025 21:47
Install Rust, Cargo and Rustup Toolchain inside FreeBSD 12 Jail

  1. Install rust

    jail-app is name of jail.

    $ jexec jail-app
$ pkg install curl

    Download and install rustup
    $ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh