Skip to content

Instantly share code, notes, and snippets.

@debuglevel
debuglevel / ssh-jumping.md
Created December 19, 2023 09:53
SSH JumpHost / ProxyCommand

CAUTION: Nothing tested here.

ssh -J <user>@<bastion:port> <user>@<target:port>
       ^^^^^^
       on bastion
                             ^^^^^^
                             on target
                                    ^^^^^^^^^^^^^
                                    as seen from bastion?
@debuglevel
debuglevel / borg-index-bloater.sh
Created November 21, 2023 16:24
borg index bloater to reproduce a error with borg in some environment
#!/bin/bash
# - Ensure your SSH key is loaded in ssh-agent.
# - Ensure borg repository exists (use `-e none` to disable encyption).
repository="ssh://[email protected]:23/./BorgBackup/repodir"
export BORG_PASSPHRASE="dsadsdadsadsadsadsasda"
i=0
while true; do
@debuglevel
debuglevel / ssh-agent.md
Last active June 16, 2022 16:32
ssh-agent HowTo

ssh-agent basics

  • You might want to use SSH agent forwarding. This way you do not have to load your key on the server in any way - but it also bears a certain risk that a malicious user (e.g. another sudo user) on the remote system can also use it.
    • PuTTY provides this setting (default off) at Connection->SSH->Auth->Allow agent forwarding.
    • For OpenSSH, use ssh -A.
  • Start via eval $(ssh-agent) in your current shell.
  • Add your default key via ssh-add.
  • Add a key by pasting it into stdin: ssh-add - and CTRL+D three times. Password will probably be shown in cleartext! Use clear, reset or tmux clear-history afterwards.
  • List loaded keys: ssh-add -l or ssh-add -L
  • Use ssh-add -x to lock agent wirh a password and ssh-add -X to unlock.
  • sudo -s, sudo -i and even sudo ssh [...] will remove the SSH_AUTH_SOCK environment variable pointing to the agent socket. In case of sudoing to root, sudo -s --preserve-env=SSH_AUTH_SOCK will work (other users will not work due t
@debuglevel
debuglevel / LVM cheatsheet.md
Last active July 30, 2024 08:22
Cheatsheet about some basic LVM stuff

LVM cheatsheet

See https://www.thomas-krenn.com/de/wiki/LVM_Grundlagen for the core concepts regarding physical volumes (pv), volume groups (vg) and logival volumes (lv).

Partition table thing that do not have to do with LVM

Show drives, their sizes and their partitions in the boot log: dmesg | grep sd (or nvme on bare-metal; unlikely in virtualized environments)

List a block device tree. Shows in which partition a volume group was placed: lsblk

Grow the third partition to the maximum (if there is empty space afterwards). You may need to reboot afterwards: growpart --verbose /dev/sda 3

@debuglevel
debuglevel / compress-old-files.sh
Last active December 25, 2022 18:31
Compress old files (e.g. logs)
# Compress all
# ... files
# ... older than 30 days
# ... not already compressed
find . -mtime +30 -type f -not -name "*.xz" -exec xz {} \;
@debuglevel
debuglevel / traefik-docker-compose.yml
Last active December 25, 2022 18:32
traefik docker-compose.yml in host network mode with basicAuth protected dashboard
version: '3.3'
services:
traefik:
image: traefik:v2.5
command:
#- "--log.level=DEBUG"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:8888"
@debuglevel
debuglevel / regexp tools.txt
Last active December 25, 2022 18:32
regexp tools
https://regex101.com/r/jcpyd3/1 ❤️ #create #test #dispaygroups
https://www.nodexr.net/ ❤️ #create #debug #visualize
https://regexr.com/ # create
https://regex-generator.olafneumann.org/ #wizard
https://extendsclass.com/regex-tester.html #create #debug #visualize
http://www.txt2re.com/ #wizard #broken

incomplete and barely proven comparison of file transfer methods with REST

JSON with base64

$ curl -X POST -d @content.json -H "Content-Type: application/json" -H "Accept: application/json" http://localhost/
$ cat content.json
{  
   "files":{  
      "main.tex":"XGRvY3VtZW50Y2xhc3N7YXJ0aWNsZX0KXGJlZ2lue2RvY3VtZW50fQpcaW5jbHVkZXt0ZXN0L3Rlc3R9ClxlbmR7ZG9jdW1lbnR9",
      "test/test.tex":"aGFsbG8gd2VsdA=="
   }
@debuglevel
debuglevel / git-check-origin-remote-exists.sh
Created February 20, 2019 12:54
bash script which checks if all subdirectories are git repositories with a origin remote set
#!/bin/bash
for dir in */ ; do
echo -ne "$dir \t "
git -C "$dir" rev-parse &> /dev/null
CODE=$?
if [[ "$CODE" -eq "0" ]]; then
echo -ne "is a git repository "
git -C "$dir" remote get-url origin &> /dev/null
CODE=$?
if [[ "$CODE" -eq "0" ]]; then
@debuglevel
debuglevel / selfsigned-certificates_gitlab-ci.yml
Created July 20, 2018 10:20
Using a self signed certificate for docker repository in GitLab
image: docker:stable
variables:
DOCKER_HOST: tcp://docker:2375/
DOCKER_DRIVER: overlay2
# from https://gitlab.com/gitlab-org/gitlab-runner/issues/1350
services:
- name: docker:dind
command: