Skip to content

Instantly share code, notes, and snippets.

View cweiland's full-sized avatar

Christophe WEILAND cweiland

1 follower · 4 following
  • Paris Area
View GitHub Profile
@cweiland
cweiland / ansible-wsl.md
Created August 10, 2025 07:16 — forked from Tes3awy/ansible-wsl.md
Install Ansible (ansible [core 2.11.6]) on Windows Subsystem for Linux (WSL) and run your first playbook

Install Ansible in WSL

Install Ansible release (Recommended)

The Windows Subsystem for Linux (WSL) is not officially supported by Ansible and should not be used for production.

$ sudo apt update && sudo apt upgrade -y
$ sudo apt install python3-pip git libffi-dev libssl-dev -y
$ pip3 install --user ansible pywinrm # pywinrm is a Python client for the Windows Remote Management (WinRM) service
@cweiland
cweiland / sss_local
Created August 2, 2025 22:48
PAM config file for local auth using pam_sss.so on debian
Name: Unix for local and sss for remote/OTP authentication
Default: yes
Priority: 256
Conflicts: unix, sss
Auth-Type: Primary
Auth:
[default=1 success=ok] pam_localuser.so
[success=end default=ignore] pam_unix.so nullok_secure
try_first_pass
requisite pam_succeed_if.so uid >= 1000 quiet_success
@cweiland
cweiland / fix_idp.sh
Created August 2, 2025 22:35
Fix idp authentication on a (LXC?) Debian-like host on a freeipa/idm domain
#!/bin/bash
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root or sudo"
exit 1
fi
echo "Caution : this script expect a freeipa/idm joined host."
echo "⚠️ Would you want to continue? (y/n)"
read -r answer
case "$answer" in
@cweiland
cweiland / keycloak-install.sh
Last active July 15, 2025 16:14
Keycloak install ready to use on a debian enrolled freeipa server
#!/bin/bash
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root or sudo"
exit 1
fi
echo "Caution : this script expect a freeipa/idm joined host."
echo "⚠️ Would you want to continue? (y/n)"
read -r answer
case "$answer" in
@cweiland
cweiland / freeipa-proxmox.sh
Last active July 11, 2025 22:09 — forked from rechner/freeipa-proxmox.sh
# Setting up Proxmox with a certificate from FreeIPA.
# This assumes you've already joined the machine with ipa-client-install
# Get a ticket as someone that can issue certificates
kinit admin
cat <<EOF > /usr/local/sbin/set-ssl-permissions
#!/bin/bash
FILES=(/etc/pve/nodes/$(hostname)/{pve-ssl.key,pve-ssl.pem})
@cweiland
cweiland / Huawei E3276s-150 on GL-MT300N-V2 (Mango)
Last active July 31, 2024 23:42
Manual parameters on GUI :
Protocol : NCM
Port : /dev/cdc-wdm0
PIN <= don't forget to disable PIN code (unknown issue when it's setted)
Others depending of your provider
If Authentication is NONE :
change line 20 at /etc/gcom/ncm.json : "connect": "AT^NDISDUP=${profile},1${apn:+,\\\"$apn\\\"}${username:+,\\\"$username\\\"}${password:+,\\\"$password\\\"}",
@cweiland
cweiland / wsl-enable-usb-storage.sh
Last active May 11, 2024 21:51 — forked from itsdotscience/wsl-enable-usb-storage.sh
#!/bin/bash
WINDOWS_USER="<windows_user>"
sudo apt update
sudo apt install build-essential flex bison libssl-dev libelf-dev bc libncurses-dev autoconf libudev-dev libtool dwarves -y
WSLKERNEL=$(uname -a | cut -d " " -f3 | cut -d "-" -f1)
CHECKOUT_DIR="linux-msft-wsl-${WSLKERNEL}"
export WSLKERNEL
export CHECKOUT_DIR
export WINDOWS_USER
@cweiland
cweiland / proxmox_turnkey_mariadb_freeipa.script
Last active February 27, 2023 22:46
Generate SSL certificates using freeipa
apt update
apt upgrade -y
apt install -y chrony sudo vim bash-completion
sed -i 's/DAEMON_OPTS="-F 1"/DAEMON_OPTS="-F 1 -x"/' /etc/default/chrony
touch /etc/.pve-ignore.hostname
hostname -f > /etc/hostname
echo "deb http://deb.debian.org/debian/ bullseye-backports main contrib non-free" > /etc/apt/sources.list.d/debian_11_backports.list
apt update
reboot
apt install -y freeipa-client
@cweiland
cweiland / gist:5b3d91c5ac8bdaebe8f32831202cded6
Created June 23, 2021 11:06
Oneprovider-pfsense-opnsense-ipv4-vip-failover.php
<?php
#!/usr/local/bin/php
require_once("config.inc");
require_once("interfaces.inc");
require_once("util.inc");
$api_key = "API_KEY";
$client_key = "CLIENT_KEY";
$IPFO = "IP_VIP_FO";
@cweiland
cweiland / generateMeshWireguardConfig.sh
Last active January 4, 2025 01:24
Create multiple meshnetworks config using wireguard
#!/bin/bash
declare -a meshnetworks=("net1" "net2")
declare -A hosts=(
[hostname1]=1
[hostname2]=2
[hostname3]=3
)
declare -A wg_port=(
[net1]=1655