Skip to content

Instantly share code, notes, and snippets.

@cseelye
cseelye / sshd_config
Last active May 20, 2020 06:24
Secure SSHD config
#
# To use this on your own server, change the port and username to what you wish to use and deploy the public key for that user onto your SSH server.
# Make sure to leave at least one SSH session open while you test this!
#
# Run on a custom port
Port 54321
# Restrict user access to the minimum
PermitRootLogin no
@cseelye
cseelye / ssl.cpp
Last active July 18, 2024 10:13
Get SSL certificate info using openssl from C++
#include <cstring>
#include <ctime>
#include <iostream>
#include <memory>
#include <string>
#include <openssl/asn1.h>
#include <openssl/bio.h>
#include <openssl/conf.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#!/bin/bash
for nic in $(find /sys/class/net/ -type l); do
# Only look at physical NICs
[[ $(readlink -f ${nic}) =~ "virtual" ]] && continue
echo "========================================================="
ifname=$(basename ${nic})
ifconfig ${ifname}
ethtool ${ifname} | grep --color=none "Supported ports:" | sed -re 's/^\s+//g'
ethtool -i ${ifname} | grep --color=none bus-info | sed -re 's/^\s+//g'
echo
@cseelye
cseelye / nic-name
Last active November 4, 2022 13:41
Create persistent device names for 1G and 10G interfaces using systemd
#!/bin/bash
set -euo pipefail
BASENAME_1G=mgmt
BASENAME_10G=data
OUTPUT_PATH=/etc/systemd/network
current_nic_names=$(for iface in $(ls -1 /sys/class/net); do
# Skip virtual devices, we only want physical
[[ ! -e /sys/class/net/${iface}/device ]] && continue
@cseelye
cseelye / configure-interface
Created August 17, 2017 17:27
Helper script for Ubuntu network interface configuration
#!/bin/bash
set -o pipefail
pid=$BASHPID
log()
{
declare msg=${@:-$(</dev/stdin)}
logger --tag NETCONFIG "[${pid}] ${msg}"
}
#!/usr/bin/env bash
set -euETo pipefail
shopt -s inherit_errexit
sudo rm -f /etc/apt/sources.list.d/docker.list
sudo apt-get update
sudo apt-get install --yes --no-install-recommends \
ca-certificates \
curl \
gnupg \
@cseelye
cseelye / macos_terminal.sh
Last active February 17, 2020 17:40
Configure the macOS terminal app
#!/bin/bash
/usr/libexec/PlistBuddy -c "Set 'Default Window Settings' 'Pro'" ~/Library/Preferences/com.apple.Terminal.plist
/usr/libexec/PlistBuddy -c "Set 'Startup Window Settings' 'Pro'" ~/Library/Preferences/com.apple.Terminal.plist
/usr/libexec/PlistBuddy -c "Set 'Window Settings:Pro:shellExitAction' 0" ~/Library/Preferences/com.apple.Terminal.plist
/usr/libexec/PlistBuddy -c "Add 'Window Settings:Pro:Bell' integer 0" ~/Library/Preferences/com.apple.Terminal.plist
/usr/libexec/PlistBuddy -c "Add 'Window Settings:Pro:ShouldRestoreContent' integer 0" ~/Library/Preferences/com.apple.Terminal.plist
/usr/libexec/PlistBuddy -c "Add 'Window Settings:Pro:columnCount' integer 130" ~/Library/Preferences/com.apple.Terminal.plist
/usr/libexec/PlistBuddy -c "Add 'Window Settings:Pro:rowCount' integer 40" ~/Library/Preferences/com.apple.Terminal.plist
/usr/libexec/PlistBuddy -c "Add 'Window Settings:Pro:keyMapBoundKeys' dict" ~/Library/Preferences/com.apple.Terminal.plist
@cseelye
cseelye / overlay.sh
Last active November 4, 2022 13:39 — forked from detunized/run.sh
Mount a read-only folder inside a Docker container with OverlayFS on top
# On the host to run the container
docker run --privileged -i -t -v ~/host-folder-to-mount:/root/folder-ro:ro ubuntu
# Inside the container
# Need to create the upper and work dirs inside a tmpfs.
# Otherwise OverlayFS complains about AUFS folders.
mkdir -p /tmp/overlay && \
mount -t tmpfs tmpfs /tmp/overlay && \
mkdir -p /tmp/overlay/{upper,work} && \
mkdir -p /root/folder && \

Deploy kubernetes-dashboard on Docker Desktop k8s cluster

This has security implications that you should understand before applying this to any old cluster... What is "safe" (or at least reasonable risk/convenience tradeoff) on your laptop k8s clsuter is completely different than even a dev/test cluster, much less production.

Deploy the dashboard using the recommended configuration:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml

Get the default token and add it to your kubeconfig:

kubectl config set-credentials docker-desktop --token="$(kubectl describe secret default | grep token: | awk '{print $2}')"
@cseelye
cseelye / install-docker-ubuntu-multiarch.sh
Last active August 1, 2023 17:56
Install the latest docker on Ubuntu with multi architecture support
#!/usr/bin/env bash
set -euETo pipefail
shopt -s inherit_errexit
set -x
sudo rm -f /etc/apt/sources.list.d/docker.list
sudo apt-get update
sudo apt-get install --yes --no-install-recommends \
ca-certificates \