thomsh

#!/usr/bin/env python3
# python3 boto3 script to allow your ip on a EC2 security group (Like your dev VM, boring & recuring task)
import boto3
from pprint import pprint
import requests


SG_ID = 'sg-CHANGEME'  # You security group ID
# REGION https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
# or can be provided via env var or in your .aws/config

thomsh

#!/usr/bin/env bash
echo "Get CPU credits Usage and remaining via local metadata on EC2"
set -euo pipefail
AWS_DEFAULT_REGION="$(curl -s 169.254.169.254/latest/meta-data/placement/availability-zone)"
AWS_DEFAULT_REGION="${AWS_DEFAULT_REGION::-1}" # strip char from az
INSTANCE="$(curl -s 169.254.169.254/latest/meta-data/instance-id )"
FREQUENCY=600 # Get a point every 10 min
LAST="180 minutes ago"
START="$(date +'%Y-%m-%dT%H:%M:59Z' --utc -d "${LAST}" )"
END="$(date +'%Y-%m-%dT%H:%M:59Z' --utc )"

thomsh

#!/bin/bash
# [unchecked] !
set -euxo pipefail
gpg --recv-keys 0x937BB869E3A238C5 --keyserver keys.gnupg.net || gpg --recv-keys 0x937BB869E3A238C5 --keyserver pgp.mit.edu
gpg --with-fingerprint -k 0x937BB869E3A238C5 |grep -B 1 'F0CB 1A32 6BDF 3F3E FA3A  01FA 937B B869 E3A2 38C5'
wget https://www.internic.net/domain/named.cache.sig -O /tmp/named.cache.sig
wget https://www.internic.net/domain/named.cache -O /tmp/named.cache
cd /tmp/ &&  gpg --with-fingerprint --verify named.cache.sig
install -m 0644 /tmp/named.cache /var/lib/unbound/root.hints
echo installed

thomsh

SSH Tunnel/jump memo for sweet devs :)

SSH tunnels

The basic LocalForward

Goal : let you access to a private port, example a database listening on 127.0.0.1 only on the remote server
SSH -L <choose a localport on your laptop>:<destinationip>:<destinationport> me@myserver
Example with the database:
ssh -L 50000:127.0.0.1:5432 me@server
or with a remote database
ssh -L 50000:123.254.99.21:3306 me@server

thomsh

#!/usr/bin/env bash
NAME="$1"
SECRET="$2"
exec qrencode -d 300 -s 10 -t ansiutf8 "otpauth://totp/${NAME}?secret=${SECRET}"
#PNG #exec qrencode -o /dev/shm/ga.png -d 300 -s 10 "otpauth://totp/${NAME}?secret=${SECRET}"

thomsh

#!/bin/bash
set -euxo pipefail
# Install latest Nginx from backports on Debian Stretch
# with nginx-vod-module from https://github.com/kaltura/nginx-vod-module
# This script/doc will rebuild the deb package

# Requirement : run on Debian Stretch with backports repository enabled
if ! egrep '^deb .+ stretch-backports' -- /etc/apt/sources.list /etc/apt/sources.list.d/*.list ; then
  echo 'deb http://deb.debian.org/debian/ stretch-backports main contrib non-free' |tee /etc/apt/sources.list.d/bpo.list
fi

thomsh

#!/bin/bash
set -ex
# Set correct resolution for ASUS ROG PG278Q on debian stretch
# Problem : "gtf 2560 1440 60" didn't return correct value for this screen
# solution found : https://askubuntu.com/questions/621643/can-not-set-proper-resolution-on-this-one-monitor
#  ( with https://www.entechtaiwan.com/util/moninfo.shtm )

#add new mode for this "unknown display"
xrandr --newmode "2560x1440_60.00" 241,500 2560 2608 2640 2720 1440 1443 1448 1481 +hsync -vsync
# change DP-1 per appropriate display `xrandr -q` to list

thomsh

# uncomment default key if needed
# default-key 0xCHANGEME
charset utf-8
keyserver hkp://keys.gnupg.net

# privacy concern
no-emit-version
no-comments
export-options export-minimal

thomsh

Description: lastpass ca change GlobalSign R1/R3 pins
 https://github.com/lastpass/lastpass-cli/commit/b888411b042df9414d1d78d99332b672e65c4eb9
 https://github.com/lastpass/lastpass-cli/issues/409
 .
 lastpass-cli (1.0.0-1.2) unstable; urgency=medium
 .
   * Non-maintainer upload.

---
The information above should follow the Patch Tagging Guidelines, please

thomsh

#!/usr/bin/env bash
zramctl=$(command -v zramctl)
if [[ -z "$zramctl" ]];then
  echo "Command zramctl not found" 1>&2
  exit 2
fi

if swapon -s |grep '^/dev/zram' > /dev/null ; then
  echo "zram already setup as swap"
  exit 0