Skip to content

Instantly share code, notes, and snippets.

View cwgalli's full-sized avatar

cwgalli

0 followers · 1 following
  • London, UK
  • 01:04 (UTC)
View GitHub Profile
@TwP
TwP / unifi_sonos.md
Last active July 5, 2025 09:47

UniFi Sonos Configuration

Our goal today is to configure a VLAN for "Internet of Things" devices that is sequestered from our default private network. Devices on the private network are free to initiate connections into our IoT VLAN, but devices in the IoT VLAN should not be able to initiate connections to one another or to the private network.

The focus of this document is the configuration of UniFi system to allow Sonos speakers to operate across VLANs. Creating the VLAN itself is left to the user (there are many other guides out there that cover this topic). For our discussion, here are the networks we'll be working with:

  • 10.1.1.0/24 - this is our Private network where our trusted devices live.
  • 10.1.20.0/24 - this is our IoT network configured as VLAN 20; Sonos devices live here.

Sonos Speakers

Each Sonos speaker is assigned a static IP address via a DHCP reservation. These static IP addresses enable us to write some targeted firewall to allow the Sonos software to work across our V

@rosco-pc
rosco-pc / unifi.md
Last active November 15, 2025 11:32
Unifi commands.md

Unifi AP useful commands

using SSH:

  • log in to AP: $ ssh ubnt@<IP>
  • default username & password: ubnt & ubnt

Generic

Command Example Function
@thistac
thistac / docker-compose.yml
Created March 7, 2021 02:12
Simple Traefik with cloudflare, letsencrypt dns-chalange using secrets
version: "3.9"
services:
traefik:
image: "traefik:v2.4"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
@natcl
natcl / docker-compose.yaml
Last active May 21, 2024 04:37
traefik: node-red + mosquitto using letsencrypt
version: "3.3"
services:
traefik:
image: "traefik:v2.2"
container_name: "traefik"
command:
- "--api=true"
- "--api.dashboard=true"
@gimiki
gimiki / traefik_tcp_mqtt_mosquitto_docker_compose.md
Last active September 2, 2025 18:47
Traefik Reverse Proxy - Mosquitto MQTT Broker - Docker Container

This gist is to configure a Mosquitto MQTT Broker behind a Traefik reverse-proxy, both in a docker container. Mosquitto will be configuread as a TCP Service.

This is a simple configuration used on the same single server. Probably to be adapted for other cases. Having mosquitto behind a reverse proxy enables you to configure TLS on Traefik (likely you already do that for other applications as well) and to load balance different MQTT instances, but that goes beyond this gist.

As noted in Traefik docs, in the router you must use the rule HostSNI(`*`) when using non-TLS routers like in this example. Ref. https://docs.traefik.io/routing/routers/#rule_1

docker-compose.yml

@ivorscott
ivorscott / docker-compose-traefik.yaml
Last active August 9, 2023 14:59 — forked from prayagsingh/docker-compose-traefik.yaml
Traefik with file provider and with letsencrypt and custom tls certs
# Providers :- discover the services that live on your infrastructure (their IP, health, ...)
# Entrypoints :- listen for incoming traffic (ports, ...)
# Routers :- analyse the requests (host, path, headers, SSL, ...). A router is in charge of connecting incoming requests to the services that can handle them.
# Services :- forward the request to your services (load balancing, ...). The Services are responsible for configuring how to reach the actual services that will eventually handle the incoming requests.
# Middlewares :- may update the request or make decisions based on the request (authentication, rate limiting, headers, ...)
version: "3.7"
networks:
@byronmansfield
byronmansfield / install-openssl-from-src-mac
Last active February 6, 2025 19:16
Install OpenSSL from source Mac OS X
# Install OpenSSL from source on Mac OS X
# prepare workspace
mkdir -p ~/code/build-from-src/ && cd $_
# download source code
curl -LO https://www.openssl.org/source/openssl-1.1.1d.tar.gz
# expand tar
tar -xzvf openssl-1.1.1d.tar.gz
@darwin
darwin / readme.md
Last active April 9, 2024 22:30
APFS Container cloning/replicating under Catalina (with a bootable system)

Today I wanted to move existing APFS-resident macOS Catalina installation to a new disk. I upgraded my late 2014 Mac Mini with a shiny new 1TB SSD. This took way too many hours of my life I will never get back. Hope this saves some time to you.

Good news:

  1. it is possible to create a DMG image from existing APFS container with macOS Catalina installation including metadata needed for complete restore (the DMG contains OS, OS Data, Preboot, Recovery and VM volumes)
  2. it is possible to restore this DMG image into empty APFS container and get a bootable copy of the original system

This information is relevant for Catalina (I'm currently running macOS 10.15.1).

@czombos
czombos / smb.conf
Last active December 26, 2023 16:45
Configure Samba to Work Better with Mac OS X
[global]
use sendfile = yes
allow insecure wide links = yes
min protocol = SMB2
vfs objects = catia fruit streams_xattr
fruit:aapl = yes
fruit:nfs_aces = no
fruit:model = Xserve
fruit:resource = stream
fruit:metadata = stream
@mcattarinussi
mcattarinussi / gpg-ssh-setup.md
Last active November 16, 2025 01:37
A setup guide to use a personal gpg key for ssh authentication

GPG - SSH setup

Generating the master key

Here we create the master key. We want only Certify capability: we use the master key only to create the subkeys, Sign - Encrypt - Authenticate capabilities will be assigned to the subkeys.

Run the following command to start the master key generation process. Select the set your own capabilities creation process (type 8)

  ▶ gpg --full-generate-key --expert

gpg (GnuPG) 2.2.9; Copyright (C) 2018 Free Software Foundation, Inc.