Skip to content

Instantly share code, notes, and snippets.

View vitalvas's full-sized avatar

Vitaliy Vasylenko vitalvas

19 followers · 9 following
View GitHub Profile
@vitalvas
vitalvas / decrypt.go
Created October 25, 2022 13:36
rspamd secretbox
func decryptReport(key, nonce, data string) ([]byte, error) {
sboxKey, err := base64.StdEncoding.DecodeString(key)
if err != nil {
return nil, err
}
sboxHash := blake2b.Sum256(sboxKey)
noncetxt, err := base64.StdEncoding.DecodeString(nonce)
if err != nil {
@vitalvas
vitalvas / scan-dns.sh
Created February 4, 2022 22:38
#!/bin/bash
[ -z "${1}" ] && {
echo "No Server address"
exit 1
}
SERVER=${1}
NAMES=(authors.bind. version.bind. version.server. hostname.bind. id.server.)
@vitalvas
vitalvas / fetch_salt.sh
Last active September 5, 2021 00:45
fetch all from salt-master
#!/bin/bash
for env in $(salt-call cp.envs --out=json | jq '.local[]' | tr -d '"'); do
mkdir -p salt/${env}
for row in $(salt-call cp.list_master saltenv=${env} --out=json | jq '.local[]' | tr -d '"' | tr '/' ' ' | awk '{print $1}' | sort | uniq); do
if [[ "${row}" =~ .sls$ ]]; then
salt-call cp.get_file saltenv=${env} salt://${row} salt/${env}
else
salt-call cp.get_dir saltenv=${env} salt://${row} salt/${env}
fi
@vitalvas
vitalvas / vault_auto_unseal.sh
Created February 28, 2021 03:41
#!/bin/sh
export VAULT_ADDR=http://127.0.0.1:8200
unseal_now() {
vault operator unseal {KEY1}
vault operator unseal {KEY2}
vault operator unseal {KEY3}
}
@vitalvas
vitalvas / auth_docker.sh
Created October 7, 2020 19:47
squid docker auth
#!/bin/bash
# Author: <[email protected]> Vitaliy Vasilenko
# run: usermod -a -G docker proxy
# tested on squid 4.10
while read line; do
ip_addr=$(echo "${line}" | awk '{print $1}')
ip_done="0"
for ctx in $(docker ps | awk '$NF!="NAMES" {print $NF}'); do
for addr in $(docker inspect ${ctx} | jq -r '.[].NetworkSettings.Networks[].IPAddress'); do
@vitalvas
vitalvas / readme.md
Last active May 18, 2021 07:53
terraform vault state storage

Terraform state in Vault

Configure vault

vault auth enable approle
vault secrets enable -path=secrets/infra/terraform kv-v2
vault write secrets/infra/terraform/config max_versions=100
vault write auth/approle/role/${role_name} token_policies="${policy_name}" token_ttl=10m token_max_ttl=1h
@vitalvas
vitalvas / main.go
Created June 1, 2020 13:31
SSL Expire check
package main
import (
"crypto/tls"
"crypto/x509"
"flag"
"fmt"
"log"
"net/http"
"time"
@vitalvas
vitalvas / etckeeper_env.sh
Last active May 22, 2020 23:38
EtcKeeper Remote Push
#!/bin/bash
sed -i 's/PUSH_REMOTE=""/PUSH_REMOTE="origin"/g' /etc/etckeeper/etckeeper.conf
if [ ! -f /root/.ssh/id_etckeeper ]; then
ssh-keygen -a 100 -t ed25519 -C "etckeeper@`hostname -f`" -f /root/.ssh/id_etckeeper -q -N ""
ln -s /root/.ssh/id_etckeeper /root/.ssh/id_ed25519 # for legacy systems
fi
cat /root/.ssh/id_etckeeper.pub
@vitalvas
vitalvas / dmishow.sh
Created February 3, 2018 16:19
DMI Show
#!/bin/bash
for x in $(find /sys/class/dmi/id/ -maxdepth 1 -type f | tr '/' ' ' | awk '{print $NF}' | sort)
do
echo "$x: $(cat /sys/class/dmi/id/$x)"
done
@vitalvas
vitalvas / commands
Created January 6, 2018 16:00 — forked from msimonin/commands
install ubuntu on a virtual machine (libvirt / kvm)
# get the iso
wget http://releases.ubuntu.com/14.04.3/ubuntu-14.04.3-server-amd64.iso
# create the image disk
qemu-img create -f qcow2 disk.qcow2 10G
# launch the creation
virsh create ubuntu.xml
# you can connect to using vnc.