Skip to content

Instantly share code, notes, and snippets.

View towo's full-sized avatar

Tobias Wolter towo

39 followers · 41 following
View GitHub Profile
@towo
towo / ansible.cfg
Created March 18, 2017 23:47
GPG wrapping Ansible Vault
[defaults]
hostfile = some-environment
vault_password_file = bin/gpg-wrapper.sh
@towo
towo / nm-dispatcher-hotspot
Last active October 18, 2017 17:43
Activate NM hotspot on full connectivity
#!/usr/bin/perl
use Env;
use strict;
my $device = 'enp0s25';
my $connection = 'Hotspot';
my @hotspot_connections = (
'4d2eab82-e19c-4c0b-8305-e0eacc24a67a',
'1decf25a-da88-48e1-9077-3f9b883f92b3',
@towo
towo / dnsdist.conf
Last active November 25, 2024 14:17
ACL / query restriction for PowerDNS
newServer('127.0.0.1:4201')
addLocal('127.0.0.1:53')
addLocal('10.1.0.1:53', true, true, 0)
addLocal('203.0.113.42:53', true, true, 0)
setACL('0.0.0.0/0')
internalDomains = newSuffixMatchNode();
internalDomains:add(newDNSName("alpha.example.com."))
internalDomains:add(newDNSName("beta.example.com."))
addAction(RegexRule('^(alpha|beta)\\.example\\.com$'), AllowAction())
addAction(AndRule({NotRule(makeRule('10.0.0.0/8')), SuffixMatchNodeRule(internalDomains)}), RCodeAction(dnsdist.REFUSED))
@towo
towo / users.rb
Created November 22, 2017 14:24
Puppet fact to list all users in /etc/passwd
require 'facter'
Facter.add(:users) do
setcode do
users = []
File.open('/etc/passwd', 'r').readlines.each do |line|
if /^[^#:]+:[^:]+:[^:]+:[^:]+:[^:]+:[^:]+:[^:]+$/.match?(line)
users.push(line[/^(?<user>[^:]+)/, 'user'])
end
end
users
@towo
towo / manualdns
Created November 24, 2017 17:32
Ghetto manual DNS hook for acmetool
#!/bin/bash
EVENT_NAME="$1"
CH_HOSTNAME="$2"
CH_TARGET_FILENAME="$3"
CH_TXT_VALUE="$4"
case "${EVENT_NAME}" in
challenge-dns-start)
echo "Use the following TXT value: _acme-challenge.${CH_HOSTNAME} TXT ${CH_TXT_VALUE}"
echo 'Waiting for 300 seconds'
@towo
towo / pkcs12
Created December 11, 2017 11:51
#!/bin/sh
set -e
EVENT_NAME="$1"
[ "$EVENT_NAME" = "live-updated" ] || exit 42
if [ ! -e "${ACME_STATE_DIR}" ]; then
exit 42
fi
@towo
towo / default-os-trombik.yml
Last active May 16, 2019 09:42
OS-dependent default-precedence variables for ansible roles
# There's another method I spotted in trombik/ansible-role-dovecot. In the playbook, do this:
- name: Include OS-specific variables
include_vars: "{{ ansible_os_family }}.yml"
# In {{ ansible_os_family }}.yml:
__rolename_variable: some_value
# In defaults/main.yml:
rolename_variable: "{{ __rolename_variable }}"
@towo
towo / gruvbox.theme
Created April 22, 2018 10:23
timewarrior gruvbox theme (needs terminal palette)
define theme:
description = "gruvbox.theme: A gruvbox-inspired theme"
colors:
exclusion = "color on color8"
today = "color208"
holiday = "color13"
label = "color243"
ids = "color4"
debug = "color14"
palette:
@towo
towo / verify-ou.pl
Last active September 11, 2018 13:39
OU verification script for OpenVPN tls-verify.
#!/usr/bin/perl
## vim: set syn=on ts=4 sw=4 sts=0 et foldmethod=indent:
## purpose: check if value exists in multi-valued ou
## copyright: B1 Systems GmbH <[email protected]>, 2018.
## license: GPLv3+, http://www.gnu.org/licenses/gpl-3.0.html
## author: Tobias Wolter <[email protected]>, 2018.
## version: 1.0
## Source for this is the verify-cn sample from OpenVPN:
## https://github.com/OpenVPN/openvpn/blob/master/sample/sample-scripts/verify-cn
@towo
towo / Gemfile.lock
Last active December 11, 2018 21:06
PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=centos7-64{hypervisor=docker} BEAKER_destroy=no bundle exec rake beaker
GIT
remote: https://github.com/skywinder/github-changelog-generator
revision: 5d7f18bc415e9a2c27769b7ea0adb9bc18b285c0
specs:
github_changelog_generator (1.15.0.pre.rc)
activesupport
faraday-http-cache
multi_json
octokit (~> 4.6)
rainbow (>= 2.2.1)