ollytheninja

import binascii

sbox = [
    [0xA3, 0xB0, 0x80, 0xC6, 0xB2, 0xF4, 0x5C, 0x6C, 0x81, 0xF1, 0xBB, 0xEB, 0x55, 0x67, 0x3C, 0x05],
    [0x1A, 0x0E, 0x61, 0xF6, 0x22, 0xCE, 0xAA, 0x8F, 0xBD, 0x3B, 0x1F, 0x5E, 0x44, 0x04, 0x51, 0x2E],
    [0x4D, 0x9A, 0x84, 0xEA, 0xF8, 0x66, 0x74, 0x29, 0x7F, 0x70, 0xD8, 0x31, 0x7A, 0x6D, 0xA4, 0x00],
    [0x82, 0xB9, 0x5F, 0xB4, 0x16, 0xAB, 0xFF, 0xC2, 0x39, 0xDC, 0x19, 0x65, 0x57, 0x7C, 0x20, 0xFA],
    [0x5A, 0x49, 0x13, 0xD0, 0xFB, 0xA8, 0x91, 0x73, 0xB1, 0x33, 0x18, 0xBE, 0x21, 0x72, 0x48, 0xB6],
    [0xDB, 0xA0, 0x5D, 0xCC, 0xE6, 0x17, 0x27, 0xE5, 0xD4, 0x53, 0x42, 0xF3, 0xDD, 0x7B, 0x24, 0xAC],
    [0x2B, 0x58, 0x1E, 0xA7, 0xE7, 0x86, 0x40, 0xD3, 0x98, 0x97, 0x71, 0xCB, 0x3A, 0x0F, 0x01, 0x9B],

ollytheninja

aws ec2 describe-instances | jq '.Reservations[].Instances[] | {InstanceId,KeyName,Tags,SecurityGroups}'

foreach ACCOUNT (1234567890 0987654321)
    ROLE=$(cat ~/.aws/config | grep -B 3 $ACCOUNT | grep Auditor | sed -e 's/.* \(.*\)./\1/g')
    echo $ROLE
    assume $ROLE
    aws ec2 describe-instances | jq '.Reservations[].Instances[] | {InstanceId,KeyName,Tags,SecurityGroups}'
end

ollytheninja

# Install Brew
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

# Install CLI basics
brew install go jq gh multi-git-status zsh coreutils findutils gnu-tar gnu-sed gawk gnutls gnu-indent gnu-getopt grep

# Install oh my zsh
sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

# Install UI apps and dev tools

ollytheninja

CREATE EXTERNAL TABLE cloudtrail_logs (
    eventVersion STRING,
    userIdentity STRUCT<
        type: STRING,
        principalId: STRING,
        arn: STRING,
        accountId: STRING,
        invokedBy: STRING,
        accessKeyId: STRING,
        userName: STRING,

ollytheninja

###############################################
# Generate a JWK file to connect Vault to GCP #
# by providing GCP our own private key        #
###############################################

# Inspired by:
# https://binx.io/2021/03/08/how-to-create-your-own-google-service-account-key-file/

# And for my later self - GCP does indeed want a public key certificate - not just a bare public key!

ollytheninja

# FROM https://tailscale.com/kb/1131/synology/#enabling-synology-outbound-connections

# Add CAP_NET_ADMIN to the binary; required if manually installing the
# Tailscale *.spk file.
# This step is required every time you upgrade Tailscale.
sudo setcap cap_net_admin+eip /var/packages/Tailscale/target/bin/tailscaled

# These three commands are only needed once and persist over restarts.
sudo mkdir -p /dev/net
sudo mknod /dev/net/tun c 10 200

ollytheninja

#!/bin/bash

helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add k8s-at-home https://k8s-at-home.com/charts/
helm repo add mojo2600 https://mojo2600.github.io/pihole-kubernetes/
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add stable https://charts.helm.sh/stable
helm repo add devtron https://helm.devtron.ai
helm repo add fluxcd https://charts.fluxcd.io

ollytheninja

#!/bin/bash

# Install relevant dependencies for NFS / Longhorn
sudo apt install nfs-common open-iscsi

curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="---options---" sh -

Options:
--disable traefik 
--disable servicelb

ollytheninja

#!/bin/bash

# First copy your ssh key over
ssh-copy-id pi

# then ssh to the pi
ssh pi

# change the default password
sudo passwd pi

ollytheninja

Host *
  UseKeychain yes
  AddKeysToAgent yes
  IdentityFile ~/.ssh/id_rsa

Host pi
  HostName raspberrypi.local
  User pi
  StrictHostKeyChecking no
  UserKnownHostsFile=/dev/null