using multiple .gitconfig There is a neat feature in .gitconfig that will allow you to use uniueq gitconfig depending on the folder structure that you have. For example add this to your global gitconfig: This is assuming that ~/github has one org of repos, and ~/git has another, much lke personal and corporate git repos [includeIf "gitdir:~/git/"] path = ~/git/.gitconfig [includeIf "gitdir:~/github/"] path = ~/github/.gitconfig Then if you add this is the correpsonding location, the user name/email will be different in each folder structure....

BFG local cleanup This is a thing that you can do to clean up your local git repo AFTER doing a commit and before pushing to origin. PREWORK Download BFG.jar https://rtyley.github.io/bfg-repo-cleaner/ https://repo1.maven.org/maven2/com/madgag/bfg/1.13.0/bfg-1.13.0.jar Create directory structure mkdir -p ~/.binaries/ Move BFG into place, chmod it mv bfg-1.13.0.jar ~/.binaries/ && chmod 777 ~/.binaries/bfg-1.13.0.jar setup BASH_PROFILE echo 'alias bfg="java -jar ~/.binaries/bfg-1.13.0.jar"' >> ~/.bash_profile echo "export PATH=/Users/$(whoami)/.binaries:$PATH" >> ~/.bash_profile source it source ~/....

Turn off signed aps in mac I don’t want the security warning for unsigned apps. You can do this with this command on a mac. sudo spctl --master-disable This is terrible and prolly shouldn’t be done, but you know sometimes you need to. You can also yank things out of quarantine with this xattr -r -d com.apple.quarantine /path/to/dir

AWS credential_process There is a setting in the aws config that allows AWS to source the credentials externally. This can be super handy if you don’t want to store those as plain text things. It is called “credential process”. We can use this in conjunction with native openssl to give you a poor mans encrypted aws keys. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html First we will take the aws credentials and dump them to a temp file this is named key....

Yea it has been a long time since I wrote notes and things but I feel like there are some things to take note on. EC2 things of interest reading the userdata of an instance There are plenty of times that I need to see what the userdata looks like of my instance. ssh into the box. curl http://169.254.169.254/latest/user-data simple as that curl http://169.254.169.254/latest/user-data #!/bin/bash .... rerunning userdata You should really never rerun userdata but if you are debugging things and need to do things....

Some git notes I like git I user git a lot, I did not know about CODEOWNERS, this is a nice feature. automatic PR approver to a repo Adding codeowners can allow for automatic PR approvers for branches or all things github.com about-code-owners You can use a CODEOWNERS file to define individuals or teams that are responsible for code in a repository. To use a CODEOWNERS file, create a new file called CODEOWNERS in the root, docs/, or ....

need moar ebs AWS EBS volumes. Yes I know that everything in AWS should be immutable and disposable. But sometimes they aren’t. We don’t need to go into the philosophical rammifcations of that what we need is a fix. First we find the instance, then the volume, then we grow the volume in aws, then we grow the volume on the box Lets go and describe the instance $ aws ec2 describe-instances --filters Name=tag:Name,Values='MyMagicServer' | jq '....

Virtualbox shared clipboard When using virtualbox it is pretty important that you are going to want to have a shared clipboard between your machine and the vm. This can be done for linux/kali linux by doing the following. Start VirtualBox. Start the host in question. Once the host has booted, click Devices | Insert Guest Additions CD Image. Open up a terminal window in the guest. Mount the CD-ROM with the command sudo mount /dev/cdrom /mnt....

pi-hole Well i had tried to use pi-hole before and it failed horribly. Tonight on the other hand, I just wiped a pi and installed an sdcard, ran a simple script and all the magic was done for me… So I guess I might have to use this after all…. I am also going to do some research on automating the maintaince of it to make sure the block lists are also up to date and whatnot....

fun with rsync Sometimes you jsut gotta back up files as clones, to another location. On a mac you have access to rsync and it is avaialbe in homebrew. brew install rsync wait for completion and then you are good to go. Alright so how about some commands.. copy from local to usb rsync -av /Users/$(whoami)/Documents/ /Volumes/1tb/backup/ copy from nas to usb rsync -av /Volumes/files/data/ /Volumes/1tb/backup/ mac will mount nas shares in the share name and then in volumes, so this is reliant on that mount being present when you want to pull something down from said nas....

books Everyone like to read things right? well I came across this list from palo alto earlier and it looks pretty promising. cybercanon.paloaltonetworks There area whole bunch of books in there raning from security to chaos engineering. Down the chaos engineering rabbit hole we go checkout this list of chaos engineering everything here awesome-chaos-engineering what is chaos engineering? It is using the ideas that the systems that we create now are so complex and dense....

nvidia fan settings Nvida gpu cards have firmware regulators in place that are OK with the cards running at 85c when they are under load. This is designed because of the assumption that the cards will only ever be under that kind of load for a short period. However when you want to run gpu’s at 100% utilization for an extended period it is often better to run these cards colder....

luks encryption lets create an encrypted container and toss some data in it… $ dd if=/dev/urandom of=test bs=1M count=100 $ cryptsetup luksFormat test #use password password $ cryptsetup luksOpen test tmp $ xxd -l 512 /dev/mapper/tmp # is random data at this point $ mkfs.ext4 /dev/mapper/tmp # use the same file system that is used by your system/device $ xxd -l 512 /dev/mapper/tmp # should no longer be random data $ cryptsetup luksClose tmp After it is created if we wanted to crack it with hashcat then we would just need to grab some header data and run it though...

Git got big files or keys? Break out BFG Everybody messes up, today’s mistake was adding a big file to git before a .gitignore was in place to handle it. As a result, github is rejecting the push, even after “removing” the file from git. The reason is that the file still exists in git(history). Time to clean up the mess, break out BFG and nuke it from orbit. -Sadly this means java is involved, but necessary demons....

Mechanical and custom keyboards What was “old” is new again, Mechanical keyboards! A mechanical keyboard is one that has a discrete mechanical switch under each and every key. There are a number of sites out there that can go into the specific details about exactly how these function, as well as all the differences between the switches. This article is not going into much detail about the switches themselves but rather everything else....

QMK deepdive using a sweeet16 16 keys!? What can be done with 16 keys for a keyboard? Using an amazing open source firmware and a kit by 1upkeyboards, much can be done with only 16 keys. QMK is a powerhouse of a firmware that allows an endless combination of regular keys, functions and extended macros. These features are relatively easy to construct and the firmware itself can be very easy to build and flash....

docker powershell To prove a point i went out and foudn that there is a microsoft supported docker image for powershell. dockerhub - microsoft this means that running a mac, you can run docker that runs linux and then will let you run powershell.. You must go deeper… ha instant pot dragon head instant pots are pretty rad and there is this little thingverse that will let you have a dragon head for your instant pot, you just need to make sure that you print it with pla so that it does not instamelt when you are releasing the steam dragon head

Systemd restarting A while ago I had a service that would need to be restarted after it had a cool down of about 2 hours… I had a stanza that stated Restart=always RestartSec=7200 which was cool because it would just autorestart when it died. At the time the restart would work just fine after the cooldown. The catch that I ran in to was because of that timer, if I logged in and tried to start it when it was in a failed state, the service would hang....

Outlook is terrible Yes outlook is horrible but when you have to use it, its nice to be able to set defaults that don’t annoy others. One such is the default reminder for the calendar… Most of the time reminders aren’t useful unless they are used sparingly. Let turn them off. change-the-default-reminder-time tick stack and grafana i like the tick stack and it can be useful for a number of things, here is a brief overview of it....

Systemd restart policy sometimes services die. sometimes there is not a better option because of the situatuion that you are in, and you just need to wait it out and then restart the service… I know it isn’t ideal and that there should be better ways around having to do this but hey ¯_(ツ)_/¯ [Service] Type=simple Restart=always RestartSec=3 ExecStart=/path/to/script In my case I needed to wait it out and restart the service 2 hours after it died....