brew install ykman yubico-piv-tool
# Generate key
ykman piv keys generate -aRSA2048 --pin-policy ONCE --touch-policy CACHED 9a public.pem
# Generate self signed key
ykman piv certificates generate -s "CN=yubi-1 ssh" -aSHA256 9a public.pem
vladbabii
/ prox-migrate.sh
Created
March 26, 2024 12:19
migrate proxmox containers from current host to a remote. doing stop, backup, rsync then start. also sets 'migrated' tag and disables onboot start on source
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Read the ID from the first argument | |
| id="$1" | |
| MODE="stop" | |
| STORAGE_LOCAL="backups3" | |
| STORAGE_LOCAL_PATH="/storage3/pve-backup" | |
| REMOTE_HOST="outbound" |
EverythingSmartHome
/ esp32-voice.yaml
Last active
October 21, 2025 13:47
ESP32 & ESPHome Voice Assistant
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| esphome: | |
| name: esp32-mic-speaker | |
| friendly_name: esp32-mic-speaker | |
| on_boot: | |
| - priority: -100 | |
| then: | |
| - wait_until: api.connected | |
| - delay: 1s | |
| - if: | |
| condition: |
mattpascoe
/ bindparse.awk
Created
August 29, 2022 21:09
Parse bind zone files to produce dcm.pl output.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/awk -f | |
| # | |
| # Author: Matt Pascoe - matt@opennetadmin.com | |
| # | |
| # This awk script is used to extract relevant information from a bind zone | |
| # file and build the appropriate fields for passing into | |
| # a dcm.pl module. This can be used to bootstrap a new database from existing | |
| # site data. | |
| # | |
| # You can simply cat a file and pipe it to this script |
gwire
/ local-acme.conf
Last active
September 22, 2024 00:31
nginx config snippet to allow acme validation for TLS certificate
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Only permit acme-challenge requests that match the ACME spec, | |
| ## return 403 for everything else | |
| ## RFC8555 specifies a base64url token (no "=") | |
| ## with at least 128 bits of entropy (ie 22 chars minimum) | |
| ## root matches the "webroot" directory used in the certbot configuration | |
| location ~ "^/.well-known/acme-challenge/([A-Za-z0-9_-]{22,})$" { | |
| default_type "text/plain"; | |
| root /var/www/acme/; | |
| } |
marfillaster
/ router.cfg
Last active
October 18, 2025 05:15
MikroTik RouterOS v7 dual DHCP WAN recursive failover w/ PCC load-balancing; and recursive ECMP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # feb/11/2022 11:00:55 by RouterOS 7.2rc3 | |
| # software id = 9QK9-C798 | |
| # | |
| # model = RB5009UG+S+ | |
| # serial number = XXXXXXXXXX | |
| /ip settings set allow-fast-path=no | |
| /interface bridge add admin-mac=FF:FF:FF:FF:FF:FF auto-mac=no name=bridge |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| loki-install: | |
| sh ./variables.sh | |
| sh ./setup-loki-fluentbit.sh |
cronolio
/ docker-compose.yml
Last active
August 24, 2022 14:33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '2.4' | |
| services: | |
| #prom: | |
| # image: prom/prometheus:latest | |
| # container_name: prom | |
| # restart: unless-stopped | |
| # volumes: | |
| # - ./conf/prometheus.yml:/etc/prometheus/prometheus.yml:ro | |
| # - ./conf/alerts:/etc/prometheus/alerts |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "You must be root to run this script" | |
| exit 1 | |
| fi | |
| BR_ADDR="10.10.0.1" | |
| BR_DEV="br0" |
marfillaster
/ gist:d34bd199b9e265ccd74af6d31fd9df85
Last active
October 9, 2023 05:51
Mikrotik IPv6 dns-over-https doh cloudflare google
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://forum.mikrotik.com/viewtopic.php?t=132657 | |
| /ipv6 dhcp-server option | |
| add code=23 name=recursivens6 value=0xfd000000000000000000000000000001 | |
| /ipv6 dhcp-server | |
| add dhcp-option=recursivens6 interface=bridge lease-time=30m name=dhcp6 | |
| /ipv6 pool | |
| add name=ULA-pool6 prefix=fd00::/64 prefix-length=64 |
NewerOlder