Skip to content

Instantly share code, notes, and snippets.

View csamsel's full-sized avatar

Christian Samsel csamsel

28 followers · 25 following
View GitHub Profile
@csamsel
csamsel / sas.sh
Created December 9, 2019 21:29
activate power management on sas drives
# disable background scan (might prevent standby)
sdparm --quiet --clear=EN_BMS --save /dev/disk/by-id/scsi-?????????????????
# enable standby (powers down drive motor)
sdparm --flexible --quiet --save -p po --set=STANDBY=1 /dev/disk/by-id/scsi-?????????????????
# set standby to 30min
sdparm --flexible --quiet --save -p po --set=SCT=18000 /dev/disk/by-id/scsi-?????????????????
# enable idle (drives spins but servos are off)
sdparm --flexible --quiet --save -p po --set=IDLE_B=1 /dev/disk/by-id/scsi-?????????????????
# set idle to 5min
sdparm --flexible --quiet --save -p po --set=ICT=3000 /dev/disk/by-id/scsi-?????????????????
@csamsel
csamsel / rules
Created January 4, 2024 19:54
configure shorewall DNAT to work with Suricata in IPS / NFQUEUE mode
# I had a lot of trouble to debugging a non working portforwarding while using Suricata in IPS mode together with Shorewall.
# The following configuration finally worked.
#
# Make sure that the tcp connection establishment is also NFQUEUE'd.
# The minus at the end of DNAT prevents an ACCEPT rule to be created along the DNAT rule, because we want an NFQUEUE rule instead.
# 0:3,bypass refers to 4 queues with a bypass rule in case Suricata is not available.
# Example for Plex with an internal port of 32400 and external port of 32411 (target 192.168.2.20)
DNAT-:info net 192.168.2.20:32400 tcp 32411
NFQUEUE(0:3,bypass) net loc tcp 32400
@csamsel
csamsel / upgrade-to-mongo-7.0.sh
Last active January 6, 2025 19:42
update unifi mongodb from 3.6 to 7.0 on Ubuntu 22.04, incl. migration from mmapv1 to wiredtiger
# i suggest to take a VM snapshot / backup just in case.
# first we install mongodb-database-tools from mongodb 4.4 which is still compatible with mmapv1
curl -fsSL https://pgp.mongodb.com/server-4.4.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-4.4.gpg --dearmor
echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-4.4.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/4.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
apt update
apt install mongodb-database-tools
# make backup of unifi mongodb
mkdir /root/backup
@csamsel
csamsel / gist:fbd3f4de7774dbaa1ae4af4cc29c3729
Created February 1, 2025 22:14
powershell to disable wpad - windows proxy autodiscovery
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
Install the latest PowerShell for new features and improvements! https://aka.ms/PSWindows
PS C:\Users\Christian> New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp' -Name DisableWpad -Value 1 -Force
DisableWpad : 1
PSPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Intern
@csamsel
csamsel / docker-compose.yml
Created June 6, 2025 20:10
docker compose file for traefik and traefik-certs-dumper that is compatible with letsencrypt file naming, inspired by pangolin. make sure to use fullchain.pem not cert.pem.
name: proxy
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
ports: # added ports to expose from traefik
- 443:443