Skip to content

Instantly share code, notes, and snippets.

View sahensley's full-sized avatar
🐍

Shawn Hensley sahensley

🐍
20 followers · 51 following
View GitHub Profile
@SmartFinn
SmartFinn / sign-kernel-longterm.sh
Created September 2, 2023 19:04
Automatically signing long term kernels with Machine Owner Key (MOK) using post-install script
#!/bin/bash
# file: /etc/kernel/postinst.d/sign-kernel-longterm
#
# Create signing keys:
#
# openssl req -new -x509 -newkey rsa:4096 \
# -keyout MOK.priv \
# -outform DER -out MOK.der \
# -nodes -days 36500 -subj "/CN=Descriptive Name/"
#
@meeas
meeas / DebianSid_on_LUKS-BTRFS_with_systemd-boot.md
Last active June 18, 2025 12:07
For installing Debian Sid with LUKS2 encrypted BTRFS filesystem with Systemd-boot and rEFInd bootloaders plus an option for dualboot to Windows

For directly installing Debian Sid not supported by the Debian installer, namely:

  • Single LUKS2 encrypted partition which contains the full installation
  • Single BTRFS filesystem (integrated home partition)
  • Encrypted swapfile in BTRFS subvolume (supports laptop suspend but not hibernate)
  • Uses systemd-boot bootloader (instead of Grub2, also optional rEFInd instructions)
  • Minimal Gnome install (plus instructions for any other DE you wish)
  • Proper user groups for common security tools like sudo-less Wireshark, etc...
  • Optional removal of crypto keys from RAM during laptop suspend
  • Optional configurations for laptops (including fingerprint readers)
@greyltc
greyltc / launch-GRD.sh
Last active June 28, 2025 12:08
configures then activates gnome-remote-desktop from the command line
#!/usr/bin/env bash
# run this on the remote terminal machine, as auser with sudo powers, probably through a remote ssh shell
# this will overwrite all the settings it touches
# the name of the user to run these commands as
TARGET_USER=jane
# we need an inlocked desktop session. we can either start a new autologin one or unlock an existing one
@katef
katef / cloud.vcl
Last active May 14, 2022 19:50
HTTP Moomin delivery
sub cloud_moomin {
set resp.http.moomin00 = " %1b[38;5;237m▄%1b[38;5;235m▄%1b[49m";
set resp.http.moomin01 = " %1b[38;5;237m▄%1b[48;5;237m%1b[38;5;249m▄%1b[38;5;236m▄%1b[49m %1b[48;5;239m%1b[38;5;16m▄%1b[48;5;237m%1b[38;5;253m▄%1b[38;5;247m▄%1b[48;5;234m%1b[38;5;16m▄%1b[49m";
set resp.http.moomin02 = " %1b[38;5;233m▄%1b[48;5;253m%1b[38;5;237m▄%1b[48;5;254m%1b[38;5;255m▄%1b[38;5;251m▄%1b[38;5;239m%1b[49m▄ %1b[38;5;237m▄ %1b[48;5;254m%1b[38;5;248m▄%1b[48;5;249m%1b[38;5;254m▄%1b[48;5;235m%1b[38;5;246m▄%1b[49m";
set resp.http.moomin03 = " %1b[38;5;235m▄%1b[48;5;250m%1b[38;5;242m▄%1b[48;5;231m %1b[48;5;247m%1b[38;5;231m▄%1b[48;5;252m▄%1b[48;5;253m▄%1b[48;5;254m▄%1b[48;5;253m▄%1b[48;5;249m▄%1b[48;5;188m▄%1b[48;5;245m%1b[38;5;251m▄%1b[49m";
set resp.http.moomin04 = "
@aamnah
aamnah / README.md
Last active May 15, 2025 04:00
Cheats and helpers for creating a custom oh-my-zsh theme and git prompt

Zsh custom git prompt cheatsheet

Everything you need for customizing your git prompt in oh-my-zsh

  • print and echo commands for all functions in the git plugin. Printing and echoing because then i can check what values are outputted. Massively helpful when creating a theme.
  • a list of all the variables that you can use to customize $(git_prompt_info), thanks to vergenzt
grep -o "ZSH_THEME_GIT_[A-Z_]\+" lib/git.zsh| sort | uniq
@MaxXor
MaxXor / btrfs-guide.md
Last active June 25, 2025 04:07
Btrfs guide to set up an LUKS-encrypted btrfs raid volume with included maintenance & recovery guide

Encrypted Btrfs storage setup and maintenance guide

Initial setup with LUKS/dm-crypt

This exemplary initial setup uses two devices /dev/sdb and /dev/sdc but can be applied to any amount of devices by following the steps with additional devices.

Create keyfile:

dd bs=64 count=1 if=/dev/urandom of=/etc/cryptkey iflag=fullblock
chmod 600 /etc/cryptkey
@rivo
rivo / postgres.go
Last active July 7, 2024 14:28
A demo Go application (a PostgreSQL database browser) highlighting the use of the rivo/tview package. See https://github.com/rivo/tview/wiki/Postgres
package main
import (
"database/sql"
"fmt"
"net/url"
"os"
"reflect"
"regexp"
"strconv"
@SKempin
SKempin / Git Subtree basics.md
Last active June 27, 2025 04:30
Git Subtree basics

Git Subtree Basics

If you hate git submodule, then you may want to give git subtree a try.

Background

When you want to use a subtree, you add the subtree to an existing repository where the subtree is a reference to another repository url and branch/tag. This add command adds all the code and files into the main repository locally; it's not just a reference to a remote repo.

When you stage and commit files for the main repo, it will add all of the remote files in the same operation. The subtree checkout will pull all the files in one pass, so there is no need to try and connect to another repo to get the portion of subtree files, because they were already included in the main repo.

Adding a subtree

Let's say you already have a git repository with at least one commit. You can add another repository into this respository like this:

@simonw
simonw / recover_source_code.md
Last active September 28, 2024 08:10
How to recover lost Python source code if it's still resident in-memory

How to recover lost Python source code if it's still resident in-memory

I screwed up using git ("git checkout --" on the wrong file) and managed to delete the code I had just written... but it was still running in a process in a docker container. Here's how I got it back, using https://pypi.python.org/pypi/pyrasite/ and https://pypi.python.org/pypi/uncompyle6

Attach a shell to the docker container

Install GDB (needed by pyrasite)

apt-get update && apt-get install gdb
@eruffaldi
eruffaldi / annexgetfile.py
Last active September 25, 2024 03:40
Access to files in git-annex bare repository without using git-annex.
#
# Extract files from Bare git-annex repositories without git-annex
# Supports version v6
#
# See internals: http://git-annex.branchable.com/internals/
#
# Modified: added non-bare repos, added tar file (of symlinks) output for use with archivemount
#
# TODO: improve output
# TODO: use cat-files instead of archive