kabakaev

Symmetic encryption

For symmetic encryption, you can use the following:

To encrypt:

openssl aes-256-cbc -salt -a -e -in plaintext.txt -out encrypted.txt

To decrypt:

kabakaev

# Install ffmpeg
brew install ffmpeg

# Download
ffmpeg -i https://foo.com/bar.m3u8 -c copy -bsf:a aac_adtstoasc output.mp4

kabakaev

# Usage: brightness 0.7
# brightness bash alias sets brightness on all connected monitors.
# Tested on Ubuntu 18.04.
brightness () {
  for dp in `xrandr -q | grep " connected" | cut -d ' ' -f 1`; do
    xrandr --output $dp --brightness "$1"
  done
}

kabakaev

Choose an image: https://cloud-images.ubuntu.com/daily/server/groovy/current/

See also https://serverascode.com/2018/06/26/using-cloud-images.html

cd /tmp
wget -c https://cloud-images.ubuntu.com/daily/server/groovy/current/groovy-server-cloudimg-amd64-disk-kvm.img
qemu-img resize groovy-server-cloudimg-amd64-disk-kvm.img 20G
virt-customize -a groovy-server-cloudimg-amd64-disk-kvm.img --root-password password:ubuntu
virt-customize -a groovy-server-cloudimg-amd64-disk-kvm.img --uninstall cloud-init

kabakaev

kabakaev

root@host:/home/user/tmp/flb_backoff# docker run --rm -ti --name nix nixos/nix 
a90877a48c83:/# nix-env --install git
warning: there are multiple derivations named 'git-2.29.2'; using the first one
installing 'git-2.29.2'
these paths will be fetched (69.20 MiB download, 354.55 MiB unpacked):
  /nix/store/041gcdvmgdcldr9p2gg80bqjkq89jck6-perl5.32.0-HTTP-Date-6.05
  /nix/store/134fdr0yrl4wgrrasxn9d3s8vzcm5lxq-gnugrep-3.6
  /nix/store/1h5svfx98r71s853006iw30m6r9gy6aw-shadow-4.8.1
  /nix/store/1slrm87g9azmjrjhs71n9f8xy0m69m3b-libselinux-3.0
  /nix/store/1yvpgm763b3hvg8q4fzpzmflr5674x4j-glibc-2.32-10

kabakaev

#!/bin/bash

# This is a proof that an openssl CMS signature with multiple certificates works.
# According to `man openssl-cms`, "-inkey: When signing this option can be used multiple times to specify successive keys."

# The problem is described at https://groups.google.com/g/swupdate/c/pw6yfU8NYo0?pli=1

set -xeuo pipefail

test -f eu.key || openssl req -x509 -newkey rsa:4096 -days 3650 -nodes -subj "/C=DE/ST=*/L=*/O=KUKA/OU=*/CN=Europe/" -keyout eu.key -out eu.pub -addext "keyUsage=digitalSignature" -addext "extendedKeyUsage=emailProtection"

kabakaev

Migrate Immich helm chart deployment to CloudNativePG

Deploy a cnpg operator and a one-node postgres cluster

See also immich-app/immich-charts#149 (comment)

# Re-use the password from the source postgres instance.
PASSWORD=$(kubectl -n immich get secrets immich-postgres-user -o yaml | grep ' password:' | awk '{print $NF}' | base64 -d)
echo "immich@postgres password is: $PASSWORD"

kabakaev

# # This is an esphome configuration file.
# # It is tested on debian-12 and [nanoESP32-C6](https://github.com/wuxx/nanoESP32-C6/blob/master/README_en.md).
# # This configuration should work on any Linux distribution and any ESP32-C6 board though.
#
# # Create and activate python venv, install esphome:
# test -d ./venv || python3 -m venv venv
# source ./venv/bin/activate
# pip install esphome --upgrade
#
# # Connect ESP32-C6 to USB, press and hold "Boot" button, press and release "Reset", release "Boot".

kabakaev

# podman build -t amazonlinux:2023-openssl-static .

FROM amazonlinux:2023 as builder

ARG openssl_release=https://github.com/openssl/openssl/releases/download/openssl-3.4.1/openssl-3.4.1.tar.gz

RUN dnf update -y && \
    dnf install -y \
    curl-minimal \
    gcc \