johnstanfield
johnstanfield
/ mail.rb
Created
December 21, 2016 03:22
Example showing how to create a Mail::Message and extract bcc addresses, html, and plain body
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # build an email | |
| mail = Mail.new do | |
| to '[email protected]' | |
| from '[email protected]' | |
| bcc ['[email protected]','[email protected]','[email protected]'] | |
| subject 'test email' | |
| end | |
| text_part = Mail::Part.new do | |
| body 'This is plain text' |
johnstanfield
/ agent.conf
Last active
August 1, 2023 03:33
Configuration to make OSSEC HIDS watch fail2ban.log and alert on fail2ban actions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- add this to /var/ossec/etc/shared/agent.conf --> | |
| <localfile> | |
| <log_format>syslog</log_format> | |
| <location>/var/log/fail2ban.log</location> | |
| </localfile> |
johnstanfield
/ gitolite-backup.sh
Created
June 5, 2018 15:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # backs up gitolite to s3 | |
| # SSH's into the gitolite host to list all repositories | |
| # then clones each repo | |
| # - on subsequent runs, it updates the repo rather than reclone (this is faster) | |
| # - todo: test what happens after a force push; perhaps rm -rf and reclone | |
| # then does a git bundle to turn the repo into a single-file backup | |
| # - todo: handle empty repos (or delete empty repos from gitolite) | |
| # then pushes the file to an S3 bucket |
johnstanfield
/ socket-io-apache-proxy.conf
Created
September 26, 2018 17:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <VirtualHost *:80> | |
| # suppose you have a SocketIO server running on port 8001 | |
| # the first request uses the HTTP protocol, and its response instructs the client to use WebSockets | |
| # subsequent requests are supposed to use the WebSocket protocol | |
| # this is one way to have an Apache proxy the requests to SocketIO | |
| # | |
| # not sure if this is suitable for production use | |
| # my production environment uses AWS Elastic Load Balancers, not Apache | |
| # my dev and pen-test environments do use Apache, and this is how I make them work | |
johnstanfield
/ gmail-diet-greasemonkey.js
Created
October 15, 2018 13:29
GMail diet - Greasemonkey / Tampermonkey script that makes the new GMail a bit more like the old GMail
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name GMail Diet | |
| // @namespace http://johnstanfield.com/ | |
| // @version 0.1 | |
| // @description deflates the ~3Q2018 GMail web app. The GMail web app prior to the version released around Q3 2018 was nice and compact. The new version has extra padding that is trimmed by this script. Tested in Tampermonkey on Chrome 56. | |
| // @author John Stanfield | |
| // @match *://mail.google.com/* | |
| // @grant none | |
| // ==/UserScript== |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // purge gmail script | |
| // i've been using this for years to keep gmail from going over the limit | |
| // it has gotten me from 99% to 50% many times on various accounts | |
| // | |
| // it runs on google apps script, which is google's script platform that can access your email | |
| // to automatically delete older messages according to the rules below | |
| // | |
| // it's controlled by the CONFIG array | |
| // set an age (required) | |
| // set a label or from (one of them is required) |
johnstanfield
/ terminate-draining-instances.sh
Created
September 1, 2020 16:56
terminate ECS instances in an auto-scaling group
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # inspects EC2 instances in an ECS cluster and terminates instances that are in a DRAINING state | |
| # the instances are terminated via autoscaling, and the desired capacity is decremented | |
| # | |
| # this is the proper way to terminate EC2 instances in an ECS cluster because: | |
| # - if you just decrement the desired capacity, instances with running tasks may be terminated, and you may have an outage | |
| # - if you terminate instances with zero tasks, the autoscaling group will just replace them | |
| # | |
| # USAGE | |
| # DRY RUN |
johnstanfield
/ entry-point.sh
Created
September 28, 2020 05:12
updating a prefix list at AWS when a task boots
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # i'm running cloudflare RailGun in a Fargate task, in a public subnet, with a public IP address. | |
| # i need to ensure the web servers do not allow public access; only access from this Fargate task or CloudFlare's IPs | |
| # this presents an interesting problem: Fargate tasks can't use Elastic IPs, so the IP will change each time a task runs, | |
| # making security groups tough | |
| # what i do is: | |
| # create a prefix list (this is a list of IP addresses at AWS) | |
| # add a security group called web_railgun that uses the prefix list; attach that security group to the load balancer | |
| # replace the IP address (cidr) entry in the prefix list when the task boots |
johnstanfield
/ sqs-2012-11-05.php.patch
Last active
December 8, 2020 06:03
FIFO queues in PHP v2 SDK
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # problem: | |
| # - you have a FIFO SQS queue at AWS but you're running an older version (v2) of the AWS SDK for PHP | |
| # - you get the error "The request must contain the parameter MessageGroupId" | |
| # - this is because v2 of the SDK is older than FIFO queues | |
| # solution: | |
| # - just add the parameters to the resource file | |
| # - either by pasting or applying the patch below | |
| # | |
| # vendor/aws/aws-sdk-php/src/Aws/Sqs/Resources/sqs-2012-11-05.php.patch |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # run as root or sudo everything below | |
| # install epel | |
| amazon-linux-extras install epel -y | |
| # install fail2ban | |
| yum -y install fail2ban | |
| # configure fail2ban (just adding enabled=true in the sshd section) | |
| cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local |
OlderNewer