Skip to content

Instantly share code, notes, and snippets.

View lrvick's full-sized avatar

Lance R. Vick lrvick

402 followers · 118 following
View GitHub Profile
@lrvick
lrvick / ldapmodify_examples.sh
Last active April 11, 2017 17:05
LDAP Setup Examples
#!/bin/bash
PASSWORD=$1
# Add 'People' unit
ldapmodify \
-h ldap.hashbang.sh \
-D "cn=admin,dc=hashbang,dc=sh" \
-w $PASSWORD \
-a -n <<EOF
@lrvick
lrvick / load-avg.sh
Created April 1, 2015 22:40
Simple siege runner to test multiple steps of workers and log results for quick comparison.
#!/bin/bash
URL=$1
LOG_FILE=$2
WORKER_STEPS=( 10 100 200 500 1000 1500 )
DELAY=10
TEST_LENGTH=60s
for WORKERS in "${WORKER_STEPS[@]}"; do
@lrvick
lrvick / cloud-config.yml
Created June 3, 2015 00:45
Example Cloud Config for running CoreOS Enterprise + Build Worker on CoreOS/AWS
#cloud-config
coreos:
etcd:
addr: $private_ipv4:4001
peer-addr: $private_ipv4:7001
fleet:
public-ip: $private_ipv4
update:
reboot-strategy: off
@lrvick
lrvick / yubikey.rules
Last active August 18, 2016 00:49
udev to kill/restart scdaemon on yubikey insertion for ssh/gpg
# Yubico Yubikey
ATTRS{idVendor}=="1050", \
ATTRS{idProduct}=="0010|0405|0110|0111|0116", \
ENV{ID_SECURITY_TOKEN}="1", \
RUN+="/bin/bash -c '/usr/bin/killall -9 scdaemon'", \
TAG+="uaccess"
LABEL="yubico_end"
@lrvick
lrvick / keybase.md
Created January 6, 2016 10:24
Keybase Proof for https://keybase.io/lrvick

Keybase proof

I hereby claim:

  • I am lrvick on github.
  • I am lrvick (https://keybase.io/lrvick) on keybase.
  • I have a public key whose fingerprint is 6B61 ECD7 6088 748C 7059 0D55 E90A 4013 36C8 AAA9

To claim this, I am signing this object:

@lrvick
lrvick / 00-bypass-nginx-proxy.config
Last active April 27, 2016 01:02
Hack to bypass Nginx proxy in a ElasticBeanstalk deployment for UDP applications such as rsyslog
# Place in .ebextensions/00-bypass-nginx-proxy.config at the root of your appkication repository.
files:
"/tmp/setup_iptables.sh":
mode: "000755"
content: |
#!/bin/sh
# remove rules added by us (marked by the "added_by_ebextension" comment), if any
iptables-save | grep -v added_by_ebextension | iptables-restore
@lrvick
lrvick / kscow.sh
Last active May 28, 2016 00:19
Cow contemplating the current total pledged value of a given Kickstarter.
#!/bin/bash
api_url='https://www.kickstarter.com/projects/597507018/pebble-2-time-2-and-core-an-entirely-new-3g-ultra/stats.json?v=1'
while sleep 1; do
ks_json=$(curl $api_url -s | gunzip 2> /dev/null )
[ $? -ne 0 ] && continue
old_total=$total
total=$(echo $ks_json | jq -r '.project.pledged')
[[ "$total" == "$old_total" ]] && continue
@lrvick
lrvick / get_elb_dns.sh
Last active July 21, 2021 09:04
Get DNS of a given ELB via tag on registered asg instance
#!/bin/bash
environment=$1
app_name=$2
tag=$3
asg_name=$(
aws ec2 describe-instances \
--region us-west-2 \
--filters \
"Name=tag:$tag,Values='$app_name-$environment'" \
@lrvick
lrvick / gpgbrute.sh
Created January 22, 2017 00:27
The script I used to brute force the password for my master GPG key using a wordlist generated via regldg
#!/bin/bash
tmpdir=$(mktemp -d)
export GNUPGHOME="$tmpdir"
echo "allow-loopback-pinentry" >> "$GNUPGHOME/gpg-agent.conf"
echo "pinentry-mode loopback" >> "$GNUPGHOME/gpg.conf"
function cleanup {
rm -rf "$GNUPGHOME"
}
trap cleanup EXIT
@lrvick
lrvick / federated-hashbang-dns.md
Last active May 13, 2017 09:15
Federated #! hostnames

Problem

  • ISPs and VPS providers hosting donated #! shellboxes won't always have DNS hostnames, or have ones we can automatically discern
  • Machines that -do- have provider-assigned hostnames we can discern like in AWS, are subject to change if a machine is terminated/restored with same disk.
  • Users will discover federated #! shellboxes via some central list
  • Users should always be able to ssh to the same hostname and end up with the same disk/homdir

Solutions

Option 1