Skip to content

Instantly share code, notes, and snippets.

View jpuskar's full-sized avatar

John Puskar jpuskar

  • AmTrust
  • Cleveland, OH
View GitHub Profile
@Bluefissure
Bluefissure / pal-scripts.md
Last active September 19, 2024 05:32
Some Useful PalWorld Scripts

Pal World Scripts (Linux & Bash)

Remember to replace the folder directory, <AdminPassword>, <RCONPort> to your own.

Also, you need to use crontab to schedule the following scripts if necessary.

Supervisor

I'm using supervisor to restart the service, the example config is as:

@Toakan
Toakan / Palworld-Server-FAQ-Community.md
Last active October 1, 2024 06:38
Palworld Server Community FAQ

Palworld Server Community FAQ

I've been in the #pal-server-help channel for a while now, and these same things keep coming up. So here's a one stop list of items people keep asking for.

Server Setup

Server Recommended Specs (For 8-12 Players)

  • 4x CPU cores @3.8Ghz+
  • 30GB Storage
  • 8GB RAM Base + 2GB RAM per player (If using scheduled restarts)

How to secure a Proxmox exposed host

When you look for tutorials on how to install Proxmox, it always stops after the initial installation - which is quite dangerous, since it leaves a Proxmox host being exposed to the internet while listening to Ports 22 and 8006.

Heck, there is not even any SSH-hardening covered - your SSH is typically set to default values, which means: Password-authentication with the root account is perfectly possible. While you can mitigate some of these things by harding SSH or by installing fail2ban (which we will do anyhow), the host still exposes ports 22 and 8006.

For a secure system, these ports (and actually, apart from one single port ANY ports) have to be disabled. The only acceptable management access to the system should either happen via a Jumpserver or - if not available - via a direct VPN-connection.

In this gist, you find all the required steps to secure your Proxmox exposed host. This gist should work for any Proxmox host with - say - Hetzner, OVH or other vendor

@ccamacho
ccamacho / deploy-offline-cdk-with-lxd.sh
Created October 12, 2020 14:09 — forked from CalvinHartwell/deploy-offline-cdk-with-lxd.sh
canonical kubernetes offline deployment
#!/usr/bin/env bash
set -e
set -u
## Variables
set_vars(){
APT_MIRROR_HOST="mirror"
LXDKVM_SSTREAM_HOST="mirror"
JUJU_SSTREAM_HOST="mirror"
@danvy
danvy / WSL2-Net-Fix.ps1
Created September 5, 2020 21:04
Reset your WSL network connection trying to fix WSL2 media disconnected error
# Check these threads before proceeding:
# https://github.com/microsoft/WSL/discussions/5857
# https://github.com/microsoft/WSL/issues/5821
if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')) {
$CmdLine = "-File `"" + $MyInvocation.MyCommand.Path + "`" " + $MyInvocation.UnboundArguments
Start-Process -FilePath PowerShell.exe -Verb Runas -ArgumentList $CmdLine
Exit
}
# Restart the Host Network Service
Restart-Service -Force -Name hns
@plockaby
plockaby / database.py
Last active January 7, 2024 15:49
Python Flask Connection Pool
import logging
import psycopg2
from psycopg2.extras import RealDictCursor
from psycopg2.extensions import TRANSACTION_STATUS_UNKNOWN, TRANSACTION_STATUS_IDLE
from flask import g
import threading
import tenacity
import uuid
import pwd
import os
@flaviotorres
flaviotorres / supermicro_redfish
Created January 23, 2019 01:49
Supermicro redfish power on off
SERVER="my-server"
USER="ADMIN"
PASS="ADMIN"
# ON
curl -si -u $USER:$PASS -k -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{"Action": "Reset", "ResetType": "On"}' https://$SERVER/redfish/v1/Systems/1/Actions/ComputerSystem.Reset
#OFF
curl -si -u $USER:$PASS -k -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{"Action": "Reset", "ResetType": "ForceOff"}' https://$SERVER/redfish/v1/Systems/1/Actions/ComputerSystem.Reset
@sudermanjr
sudermanjr / auditLog.yaml
Created January 18, 2019 16:49
Kops cluster spec snippet enabling audit logging.
spec:
fileAssets:
- name: auditPolicyFile
path: /srv/kubernetes/audit.yaml
roles:
- Master
content: |
apiVersion: audit.k8s.io/v1beta1
kind: Policy
rules:
@stuart-warren
stuart-warren / webhook.py
Created November 29, 2018 10:53
kubernetes mutating admission webhook (Python)
#!/usr/bin/env python
from http import HTTPStatus
from http.server import BaseHTTPRequestHandler, ThreadingHTTPServer
import base64
import json
import logging
import os
import os.path
import ssl
@xan7r
xan7r / decryptKerbTicket.py
Last active April 10, 2024 04:29
Decrypt kerberos tickets and parse out authorization data
#!/usr/bin/env python2
# NOTE: this script was created for educational purposes to assist learning about kerberos tickets.
# Likely to have a few bugs that cause it to fail to decrypt some TGT or Service tickets.
#
# Recommended Instructions:
# Obtain valid kerberos tickets using Rubeus or mimikatz "sekurlsa::tickets /export"
# Optionally convert tickets to ccache format using kekeo "misc::convert ccache <ticketName.kirbi>"
# Obtain appropriate aes256 key using dcsync (krbtgt for TGT or usually target computer account for Service Ticket)
# Run this script to decrypt:
# ./decryptKerbTicket.py -k 5c7ee0b8f0ffeedbeefdeadbeeff1eefc7d313620feedbeefdeadbeefafd601e -t ./[email protected][email protected]