Skip to content

Instantly share code, notes, and snippets.

View qrkourier's full-sized avatar

Kenneth Bingham qrkourier

View GitHub Profile
@qrkourier
qrkourier / verify-ziti-identity-trust.sh
Last active December 19, 2024 19:48
portable shell script verifies the server cert for a Ziti identity file
#!/bin/sh
#
## a POSIX-portable diagnostic for a Ziti identity's trust chain
#
# raise exceptions
set -e
set -u
@qrkourier
qrkourier / verify-ziti-server-cert.bash
Last active December 18, 2024 16:49
error if ziti controller presents a server cert not verifiable by its well-known trust bundle
#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace
: "${ZITI_ALPN:=h2,http/1.1}"
: "${TMPDIR:=$(mktemp -d)}"
BASENAME="$(basename "${0}")"
@qrkourier
qrkourier / compose.yml
Created December 16, 2024 18:37
Publish Docker WordPress as a zrok reserved public share
#
# companion gist for https://www.youtube.com/live/zWxjwCPuiXg
#
# set these variables in .env
# ZIGGY_UID - the numeric ID of the user that owns ~/.zrok on the Docker host
# ZIGGY_GID - the mumeric ID of the group that owns ~/.zrok on the Docker host
# ZROK_RESERVED_SHARE - the unique name of the zrok reserved public share
# MYSQL_ROOT_PASSWORD
# MYSQL_PASSWORD
@qrkourier
qrkourier / rag-build-knowledge.bash
Created November 21, 2024 22:27
Stage all text-encoded knowledge base files in a directory for RAG ingestion
#!/usr/bin/env bash
set -euo pipefail
KNOW_SRC="$HOME/Sites/netfoundry/github"
: "${TMPDIR:=$(mktemp -d)}"
cd "$TMPDIR"
KNOW_DST="$TMPDIR/knowledge"
mkdir -p "$KNOW_DST"
@qrkourier
qrkourier / matrix_video_fetch.py
Last active November 16, 2024 07:53
download all videos from a Matrix room
#!/usr/bin/env python3
import os
import sys
import argparse
import requests
from urllib.parse import urljoin, quote
import base64
import hashlib
@qrkourier
qrkourier / ziti-open-files.bash
Created October 7, 2024 17:39
Count open files for commands: ziti-edge-tunnel run, ziti controller run, and ziti router run
printf 'Open\tSock\tUnix\tFile\tCommand\n'
for CMD in 'ziti router run' 'ziti controller run' 'ziti-edge-tunnel run'
do
for PID in $(pgrep -f "$CMD")
do
# Capture lsof output for the process
lsof_output=$(sudo lsof -Pnp "$PID" 2>/dev/null)
# Total open files
total_open=$(echo "$lsof_output" | wc -l)
@qrkourier
qrkourier / compose.tproxy.bash
Last active September 25, 2024 19:05
Use a Ziti Router as a Client TPROXY Sidecar and as a Server host
#!/usr/bin/env bash
# this one-shot script demonstrates how to use a ziti router as a transparent proxy sidecar
set -o errexit -o nounset -o pipefail #-o xtrace
function cleanup() {
if ! (( I_AM_ROBOT ))
then
echo "WARNING: destroying docker volumes in 30s; set I_AM_ROBOT=1 to suppress this message" >&2
@qrkourier
qrkourier / zrok.sh
Created August 2, 2024 19:18
wrapper function for zrok --profile
zrok(){
if [[ "$1" =~ ^(-p|--profile)$ ]]
then
shift
local profile="$1"
shift
else
/usr/bin/zrok ${@}
return $?
fi
@qrkourier
qrkourier / ziti-debug.Dockerfile
Created August 2, 2024 18:33
Debug container image with ziti CLI
FROM openziti/ziti-cli AS ziti-cli
FROM ubuntu
COPY --from=ziti-cli /usr/local/bin/ziti /usr/local/bin/ziti
RUN apt-get update && apt-get install --yes \
nano \
vim \
iputils-ping \
@qrkourier
qrkourier / k3s-loop-ula.bash
Last active July 9, 2024 01:40
install single-node, single-stack IPv6 k3s with a random, private IPv6 address on the loopback interface for host-local communication
#!/usr/bin/env bash
_gen_ula(){
# Generate a 40-bit random global ID
local random_id
random_id=$(od -An -N5 -tx1 /dev/urandom | xxd -p | tr -d '\n')
# Construct the ULA address prefix with the generated global ID
local ula_prefix="fd${random_id:0:2}:${random_id:2:4}:${random_id:6:4}"
echo "${ula_prefix}::1"
}