matt-FFFFFF’s gists

matt-FFFFFF / Get-CertificateAIACDP.ps1

Created June 13, 2018 11:24

Gets a certificate from a webserver and returns AIA and CDP FQDNs. Note, does not do OCSP.

	New-Variable -Name 'OIDCDP' -Value '2.5.29.31' -Option ReadOnly -Force
	New-Variable -Name 'OIDAIA' -Value '1.3.6.1.5.5.7.1.1' -Option ReadOnly -Force
	#New-Variable -Name 'OIDAIAOCSP' -Value '1.3.6.1.5.5.7.48.1' -Option ReadOnly -Force

	Function Get-RemoteTLSCertificate
	{
	param (
	[Parameter(Mandatory=$true)]
	[string]
	$Hostname,

matt-FFFFFF / LCMConfig.ps1

Last active August 8, 2019 13:14

PowerShell DSC Configure LocalConfigurationManager

matt-FFFFFF / helmgetcurrentslot.sh

Created September 12, 2019 13:52

Helm get slot

	if [ "`helm get values --all $(releaseName) \| grep -Po 'productionSlot: \K.*'`" == "green" ]; then
	echo "##vso[task.setvariable variable=deploymentslot;isSecret=false;isOutput=true;]blue"
	echo "##vso[task.setvariable variable=currentslot;isSecret=false;isOutput=true;]green"
	else
	echo "##vso[task.setvariable variable=deploymentslot;isSecret=false;isOutput=true;]green"
	echo "##vso[task.setvariable variable=currentslot;isSecret=false;isOutput=true;]blue"
	fi

matt-FFFFFF / profiles.json

Created December 9, 2019 10:45

Windows Terminal profiles.json

	{
	"$schema": "https://aka.ms/terminal-profiles-schema",
	"globals" :
	{
	"alwaysShowTabs" : true,
	"defaultProfile" : "{574e775e-4f2a-5b96-ac1e-a2962a402336}",
	"initialCols" : 120,
	"initialRows" : 30,
	"keybindings" :
	[

matt-FFFFFF / unifiedkernelsetup.sh

Last active August 27, 2023 04:56

Linux unified kernel setup for secureboot systemd-boot arch

	#!/bin/bash

	DATESTRING=$(date +%Y.%m.%d.%H.%M)
	KERNEL=$(file -bL /boot/vmlinuz-linux-surface \| grep -o 'version [^ ]*' \| cut -d ' ' -f 2)

	echo "Generating initramfs..."
	mkinitcpio -p linux-surface -k $KERNEL

	echo "Making copy of /usr/lib/os-release, Using suffux $KERNEL-$DATESTRING"
	cp /usr/lib/os-release .

matt-FFFFFF / GovWifi.8021x

Created February 11, 2020 09:39

GovWifi Linux connection with iwd

	[Security]
	EAP-Method=PEAP
	EAP-Identity=anonymous
	EAP-PEAP-CACert=/etc/ca-certificates/extracted/cadir/DigiCert_Global_Root_CA.pem
	EAP-PEAP-ServerDomainMask=wifi.service.gov.uk
	EAP-PEAP-Phase2-Method=MSCHAPV2
	EAP-PEAP-Phase2-Identity=<username>
	EAP-PEAP-Phase2-Password=<password>

	[Settings]

matt-FFFFFF / akscreate.sh

Last active February 21, 2020 10:00

az aks create

	#! /bin/bash
	az aks create \
	--resource-group $RESOURCE_GROUP \
	--network-plugin azure \
	--vnet-subnet-id /subscriptions/$ARM_SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP/providers/Microsoft.Network/virtualNetworks/$VNET_NAME/subnets/$SUBNET_NAME \
	--docker-bridge-address 172.17.0.1/16 \
	--dns-service-ip 172.18.0.10 \
	--service-cidr 172.18.0.0/16 \
	--generate-ssh-keys \
	--vm-set-type VirtualMachineScaleSets \

matt-FFFFFF / ketkvsecret.sh

Last active February 26, 2020 10:37

Get Key Vault secret

	#!/bin/sh

	# [email protected]

	# Gets a secret from Azure key vault.
	# See usage()

	COMMANDS="az basename"

	for COMMAND in $COMMANDS; do

matt-FFFFFF / win10kvmguest.xml

Created March 16, 2020 22:48

KVM Windows 10 Guest w/ UEFI, HPET, USB3, more

	<domain type="kvm">
	<name>Windows10</name>
	<uuid>ccae4198-1930-4f33-9e73-8edda15e89ba</uuid>
	<title>Windows10</title>
	<metadata>
	<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
	<libosinfo:os id="http://microsoft.com/win/10"/>
	</libosinfo:libosinfo>
	</metadata>
	<memory unit="KiB">6291456</memory>

matt-FFFFFF / enterprisescalecleanup.sh

Last active October 6, 2023 13:59

	#!/bin/bash

	# Script to clean up after Enterprise-Scale - DO NOT RUN IN PRODUCTION

	echo "THIS SCRIPT WILL DESTROY YOUR AZURE ENVIRONMENT"
	read -n 4 -p "Are you SURE you want to do this? (type 'yes' to continue): " YES

	if [ ! "$YES" == "yes" ]; then
	echo "Confirmation denied - quitting"
	exit 0

Matt White matt-FFFFFF