Skip to content

Instantly share code, notes, and snippets.

View therealpxc's full-sized avatar

Patrick C. therealpxc

13 followers · 21 following
View GitHub Profile
@vancluever
vancluever / macos-big-sur-ssh-agent-local-no-disable-sip.md
Last active February 8, 2025 08:58
Run SSH Agent w/Modified Options (MacOS Big Sur, No Homebrew, No SIP Modification)

Run SSH Agent w/Modified Options (MacOS Big Sur, No Homebrew, No SIP Modification)

The following will show you how you can modify the startup options of the SSH agent supplied by MacOS in a non-invasive way. This can be useful for doing things like setting a key lifetime, which can then be used with AddKeysToAgent in your ~/.ssh/config to automate the timing out of saved keys. This ensures that your passphrase is re-asked for periodically without having to shutdown, re-log, or having it actually persisted in keychain, the latter being almost as bad as having no passphrase at all, given that simply being logged in is generally enough to then use the key.

This method does not modify the system-installed SSH agent service (com.openssh.ssh-agent), but rather duplicates its functionality into a user-installed launch agent where we can then modify the options. Modifying the system-installed service is becoming increasingly harder to do; SIP generally protects

@ravloony
ravloony / falcon-default.nix
Last active November 21, 2024 01:55
Falcon package
{ stdenv, dpkg, fetchurl, openssl, libnl, buildFHSUserEnv,... }:
stdenv.mkDerivation {
name = "falcon-sensor";
version = "4.18.0-6402";
arch = "amd64";
src = fetchurl {
url = "https://storage.googleapis.com/company-tools/falcon-sensor/falcon-sensor_4.18.0-6402_amd64.deb";
sha512 = "dc41cfe0232124480abdcf456df9a3bd6cab62716bc5beea089fbf99ac2e29bf1e1a44676591a71eeb35afe7f25e495b53ede007cfc15dcbf47df7ec0a016098";
};
@edolstra
edolstra / nix-flakes.md
Last active May 15, 2025 20:01

Nix Flake MVP

Goals

  • To provide Nix repositories with an easy and standard way to reference other Nix repositories.

  • To allow such references to be queried and updated automatically.

  • To provide a replacement for nix-channel, NIX_PATH and Hydra

@ladinu
ladinu / encryptedNixos.md
Last active May 15, 2025 14:54
NixOS install with encrypted /boot /root with single password unlock

Requirements

  1. Encrypt everthing including /boot and /root
  2. Enter password once
  3. Support UEFI

Installation media setup

Download NixOS minimal iso and copy to USB stick. For example on Mac OSX

$ diskutil list
$ diskutil unmountDisk /dev/disk1 # Make sure you got right device
@unode
unode / nix-tunnel-daemon
Created July 7, 2016 16:29
nix-tunnel-daemon
#!/bin/bash
# Any error is fatal
set -e
# Server running the actual nix-daemon
REMOTE_NIXDAEMON="mega"
# Where to find the socket in the destination server
NIX_DAEMON_SOCKET="/local/nix/var/nix/daemon-socket/socket"
@expipiplus1
expipiplus1 / nix-multi.md
Last active March 26, 2024 22:32

Multi user nix installation

Each section should be run as the user or as root, pay attention to which one!

Install nix single user

As $USER

curl https://nixos.org/nix/install | sh
@TheBB
TheBB / loading.org
Last active January 4, 2025 09:25
Loading in Spacemacs

Emacs packages, features, files, layers, extensions, auto-loading, require, provide, use-package… All these terms getting you confused? Let’s clear up a few things.

Files

Emacs files contains code that can be evaluated. When evaluated, the functions, macros and modes defined in that file become available to the current Emacs session. Henceforth, this will be termed as loading a file.

One major problem is to ensure that all the correct files are loaded, and in the