From c2b1b821f798c020dec33c7d1ed60bfa9c4b1868 Mon Sep 17 00:00:00 2001 From: Charles N Wyble Date: Wed, 11 Dec 2024 13:01:29 -0600 Subject: [PATCH] My shell portfolio begins --- KB/99-usb-serial.rules | 51 ++++++ KB/nitrokey-reset.txt | 13 ++ StartProject.sh | 12 ++ VPNCheck.sh | 9 + alias.sh | 119 ++++++++++++++ backup-ez.sh | 5 + backup-share.sh | 5 + checkDomainIPAddress.sh | 9 + clean-docker.sh | 5 + createLxc.sh | 156 ++++++++++++++++++ custom_ssh_handler.sh | 10 ++ distro | 114 +++++++++++++ dnsCheck.sh | 7 + getCurrentResolution.sh | 9 + getFreePFVMgmtIp.sh | 2 + get_helm.sh | 326 +++++++++++++++++++++++++++++++++++++ gitMirror.sh | 19 +++ k8s-context.sh | 19 +++ kbCheck.sh | 18 ++ librenms-bulkAdd.sh | 13 ++ lookup_table.sh | 13 ++ makePdf.sh | 8 + mkHomeDir.sh | 12 ++ mutt2task.sh | 13 ++ new-server-bootstrap.sh | 93 +++++++++++ newHomeSetup.sh | 69 ++++++++ newSrv.sh | 54 ++++++ next_apointment.py | 47 ++++++ obtain_centos_mac.sh | 17 ++ omsa.sh | 34 ++++ phpipam_api_key.sh | 21 +++ phpipam_hostname_detail.sh | 52 ++++++ prox.sh | 11 ++ prox7.sh | 13 ++ read_xml_dom.sh | 17 ++ rpc_ssh.sh | 33 ++++ searchLdap.sh | 13 ++ setForPxe.sh | 21 +++ test-subosys-access.sh | 25 +++ up2date.sh | 7 + zshrc-include-cnw.sh | 73 +++++++++ 41 files changed, 1567 insertions(+) create mode 100644 KB/99-usb-serial.rules create mode 100644 KB/nitrokey-reset.txt create mode 100644 StartProject.sh create mode 100644 VPNCheck.sh create mode 100644 alias.sh create mode 100644 backup-ez.sh create mode 100644 backup-share.sh create mode 100644 checkDomainIPAddress.sh create mode 100644 clean-docker.sh create mode 100644 createLxc.sh create mode 100644 custom_ssh_handler.sh create mode 100644 distro create mode 100644 dnsCheck.sh create mode 100644 getCurrentResolution.sh create mode 100644 getFreePFVMgmtIp.sh create mode 100644 get_helm.sh create mode 100644 gitMirror.sh create mode 100644 k8s-context.sh create mode 100644 kbCheck.sh create mode 100644 librenms-bulkAdd.sh create mode 100644 lookup_table.sh create mode 100644 makePdf.sh create mode 100644 mkHomeDir.sh create mode 100644 mutt2task.sh create mode 100644 new-server-bootstrap.sh create mode 100644 newHomeSetup.sh create mode 100644 newSrv.sh create mode 100644 next_apointment.py create mode 100644 obtain_centos_mac.sh create mode 100644 omsa.sh create mode 100644 phpipam_api_key.sh create mode 100644 phpipam_hostname_detail.sh create mode 100644 prox.sh create mode 100644 prox7.sh create mode 100644 read_xml_dom.sh create mode 100644 rpc_ssh.sh create mode 100644 searchLdap.sh create mode 100644 setForPxe.sh create mode 100644 test-subosys-access.sh create mode 100644 up2date.sh create mode 100644 zshrc-include-cnw.sh diff --git a/KB/99-usb-serial.rules b/KB/99-usb-serial.rules new file mode 100644 index 0000000..638a5d4 --- /dev/null +++ b/KB/99-usb-serial.rules @@ -0,0 +1,51 @@ +#examples from : +#http://hintshop.ludvig.co.nz/show/persistent-names-usb-serial-devices/ +#https://medium.com/@inegm/persistent-names-for-usb-serial-devices-in-linux-dev-ttyusbx-dev-custom-name-fd49b5db9af1 + +#SUBSYSTEM=="tty", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="7523", SYMLINK+="rah-ctrl" +#SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="A6008isP", SYMLINK+="arduino" +#SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="A7004IXj", SYMLINK+="buspirate" +#SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="FTDIF46B", SYMLINK+="ttyUSB.ARM" + +#Apply changes via +# +# udevadm control --reload-rules && sudo udevadm trigger +# + + + + +#################################### +#USB serial for UPS +#################################### + +#Bus 002 Device 045: ID 067b:2303 Prolific Technology, Inc. PL2303 Serial Port + +#root@pfv-vmsrv-03:~# udevadm info --name=/dev/ttyUSB2 --attribute-walk|grep -i vendor +# ATTRS{idVendor}=="067b" +# ATTRS{idVendor}=="2109" +# ATTRS{idVendor}=="8087" +# ATTRS{idVendor}=="1d6b" +# ATTRS{subsystem_vendor}=="0x1028" +# ATTRS{vendor}=="0x8086" + +#root@pfv-vmsrv-03:/etc/snmp# udevadm info --name=/dev/ttyUSB2 --attribute-walk|grep -i serial +# SUBSYSTEMS=="usb-serial" +# ATTRS{product}=="USB-Serial Controller" +# ATTRS{serial}=="0000:00:1d.0" + +#root@pfv-vmsrv-03:/etc/udev/rules.d# udevadm info -a -n /dev/ttyUSB0 | grep '{serial}' | head -n1 +# ATTRS{serial}=="0000:00:1d.0" + +#SUBSYSTEM=="tty", ATTRS{idVendor}=="067b", ATTRS{idProduct}=="2303", ATTRS{serial}=="0000:00:1d.0", SYMLINK+="ups4" +SUBSYSTEM=="tty", ATTRS{idVendor}=="067b", ATTRS{idProduct}=="2303", SYMLINK+="ups4" + + +#################################### +#USB serial for sifive +#################################### + +#################################### +#USB serial for parallella +#################################### + diff --git a/KB/nitrokey-reset.txt b/KB/nitrokey-reset.txt new file mode 100644 index 0000000..40a3761 --- /dev/null +++ b/KB/nitrokey-reset.txt @@ -0,0 +1,13 @@ +/hex +scd serialno +scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 +scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 +scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 +scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 +scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 +scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 +scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 +scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 +scd apdu 00 e6 00 00 +scd apdu 00 44 00 00 +/echo card has been reset to factory defaults diff --git a/StartProject.sh b/StartProject.sh new file mode 100644 index 0000000..e0cccc8 --- /dev/null +++ b/StartProject.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +set -euo pipefail + +#arguments +#1) directory to start in + +START_DIR="$1" + +cd $START_DIR + +code . \ No newline at end of file diff --git a/VPNCheck.sh b/VPNCheck.sh new file mode 100644 index 0000000..7d15999 --- /dev/null +++ b/VPNCheck.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +VPN_DNS="usvpn.turnsys.com" + +CURRENT_WAN_IP="$(curl -s http://checkip.dyndns.org | sed -E 's/<[^>]*>//g'|awk -F ':' '{print $2}' )" +CURRENT_VPNDNS_IP="$(dig +short $VPN_DNS)" + +echo Current WAN IP is: $CURRENT_WAN_IP +echo Current VPN IP is: $CURRENT_VPNDNS_IP diff --git a/alias.sh b/alias.sh new file mode 100644 index 0000000..f6bb04d --- /dev/null +++ b/alias.sh @@ -0,0 +1,119 @@ +#alias history='history -f' +#alias ssh='/usr/bin/ssh -F ~/Nextcloud/dotfiles-git/rcdirs/ssh/config' +#alias scp='/usr/bin/scp -F ~/Nextcloud/dotfiles-git/rcdirs/ssh/config' +alias s='ssh' +alias vi='vim' +alias id0='sudo -i' +alias ls='ls --color' +alias grep='rg --color auto' +alias wget='wget --no-check-certificate' +alias curl='curl --insecure' +alias cls='clear ; ls' + +#Git / git stuff +alias gup='git pull' +alias lpom='git add -A :/ ; git commit -va' +alias gpom=' git push --tags origin master' +alias tesla='gup;lpom;gpom' + +#Docker / k8s aliases, cause i'm a docker/kubefarm fanboi now + +## Most docker/k8s use is via vscode now, but somtimes you wanna drop to a shell and do some stuff... + +alias dc='docker-compose' +alias dcu='docker compose up' +alias dcd='docker compose down' + +alias dcdu='docker compose up -d' + + +alias dcf='docker-compose rm -f ; docker-compose up' +alias dcd-prod='docker-compose --context prod up -d' +alias dcd-cicd='docker-compose --context cicd up -d' +alias dcd-dev='docker-compose --context dev up -d' + +alias kgn='kubectl get nodes -o wide|grep -v NAME|sort' +alias kgp='kubectl get pods -A -o wide|grep -v NAME|sort' + +alias k0-sb-gn='export KUBECONFIG=~/.kube/custom-contexts/context-sandbox-config.yml ; kgn' +alias k0-sb-gp='export KUBECONFIG=~/.kube/custom-contexts/context-sandbox-config.yml ; kgp' + +alias k0-dqu-gn='export KUBECONFIG=~/.kube/custom-contexts/context-dqu-config.yml ; kgn' +alias k0-dqu-gp='export KUBECONFIG=~/.kube/custom-contexts/context-dqu-config.yml ; kgp' + +alias k0-prod-gn='export KUBECONFIG=~/.kube/custom-contexts/context-prod-config.yml ; kgn' +alias k0-prod-gp='export KUBECONFIG=~/.kube/custom-contexts/context-prod-config.yml ; kgp' + + +#Projects + +### Documentaton +alias context-docs-techops='StartProject.sh ~/charles/code/techops/docs-techops' +alias context-notes-public='StartProject.sh ~/charles/notes-public' +alias context-docs-subo='StartProject.sh ~/charles/code/RD/docs-suborbital' +alias context-docs-rr='StartProject.sh ~/charles/code/RD/docs-rackrental' + +### Configs +alias context-dotfiles='StartProject.sh ~/charles/dotfiles-git' +alias context-tsys-dev='StartProject.sh ~/charles/code/techops/tsys-dev' + +### Code - internal +alias context-rd-MorseFlyer='StartProject.sh ~/charles/RD/Morse/Internal/' + +### Code - BizOps/TechOps +alias context-services-bizops='StartProject.sh ~/charles/code/techops/ITBackOfficeFLOStack' + + + +#alias tmux='TERMINFO=/usr/share/terminfo/x/xterm-16color TERM=xterm-16color tmux -2' + + +##################################################### +#Personal host variables +##################################################### +#Eventually we'll move to ldap/no shared accounts/forced sudo. Blech. Corporate tyrany! +#For now, the easy way. HAH! +#CON_USER="charlesnw" +#INBAND_USER="charlesnw" +PERSONAL_OOB_USER="root" +PERSONAL_INBAND_USER="root" +##################################################### + +#Functions to deploy on ultix and/or charles-prodlin... +#alias 2600hz='ssh $INBAND_USER@conference.corp.thefnf.net' +#alias yacy='ssh $INBAND_USER@yacyfnf.corp.thefnf.net' +#alias confine='ssh $INBAND_USER@confine.dev.thefnf.net' + +#FNF hosts +alias tsys-fnf-freedomstack='ssh charles@tsys-fnf-freedomstack' #FreedomStack dev vm +alias hearth-at='ssh charles@hearth-at.thefnf.net' +alias hearth-an='ssh charles@hearth-an.thefnf.net' +alias hearth-bds='ssh charles@hearth-bds.thefnf.net' +alias hearth-uds='ssh charles@hearth-uds.thefnf.net' + +##################################################### +#PFV HOSTS ##################################################### +#Bare metal systems (in band access) - Production +#Upstairs, production +alias ausprod-core-ap01='telnet ausprod-core-ap01.turnsys.net' +alias ausprod-core-sw01='telnet ausprod-core-sw01.turnsys.net' + +#alias netbox='ssh -i $PATH_TO_KEY $LABUSER@netbox.dev.thefnf.net' #gns3 with ios/juniper/comware/extreme os/tinycore/openflow (ALL THE NETWORK THINGS) +#alias cudasys='ssh -i $PATH_TO_KEY $LABUSER@cudasys.dev.thefnf.net' #cuda awesomeness + +GIT_SSH_COMMAND='ssh -i ~/Nextcloud/secrets/ssh/ReachableCEOPrivateSSHKey -o IdentitiesOnly=yes' + +########################################################### +#Inband access (ssh/telnet) # +########################################################### +#alias rr-con-sw4='ssh $RRLABUSER:7003@ausprod.consrv.turnsys.net' +#alias rr-con-r7='ssh $RRLABUSER:7021@ausprod-consrv.turnsys.net' +#TBDalias rr-con-r8='ssh $RRLABUSER:7021@ausprod-consrv.turnsys.net' +#TBDalias rr-con-r10='ssh $RRLABUSER:7021@ausprod-consrv.turnsys.net' +########################################################### + +alias hb='habitctl' + +#rrom https://www.ackama.com/what-we-think/the-best-way-to-store-your-dotfiles-a-bare-git-repository-explained/ +alias dfile='/usr/bin/git --git-dir=$HOME/.cfg/.git/ --work-tree=$HOME' +alias dadd='dfile add $1 ; dfile commit -m "added $1"' diff --git a/backup-ez.sh b/backup-ez.sh new file mode 100644 index 0000000..b18c8dd --- /dev/null +++ b/backup-ez.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +export BORG_PASSPHRASE=$(magicstuffhere-tbd) + +borg create -v --stats /media/charles/CPWBKUP/Charles-Backup/BorgBkups/::$(date +%m-%d-%Y) /home/charles diff --git a/backup-share.sh b/backup-share.sh new file mode 100644 index 0000000..e2f33a4 --- /dev/null +++ b/backup-share.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +export BORG_PASSPHRASE='YourS3crt' + +borg create -v --stats ::$(date +%m-%d-%Y) diff --git a/checkDomainIPAddress.sh b/checkDomainIPAddress.sh new file mode 100644 index 0000000..89e6341 --- /dev/null +++ b/checkDomainIPAddress.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +for lineitem in $(grep -v ^# ~/notes/MasterDomList.md); +do + + NAME=$lineitem + IP=$(dig +short $lineitem) + echo $NAME: $IP +done diff --git a/clean-docker.sh b/clean-docker.sh new file mode 100644 index 0000000..e847919 --- /dev/null +++ b/clean-docker.sh @@ -0,0 +1,5 @@ +#!/bin/bash + + +for did in $(docker ps -a |grep -v IMAGE|awk '{print $1}'); do docker rm -f $did;done +for did in $(docker image ls |grep -v IMAGE|awk '{print $3}'); do docker image rm -f $did;done diff --git a/createLxc.sh b/createLxc.sh new file mode 100644 index 0000000..1526a9b --- /dev/null +++ b/createLxc.sh @@ -0,0 +1,156 @@ +#!/bin/bash +#A script to create LXC virtual machines + +#Takes two mandatory arguments +#Hostname +#IP address + +#Takes two optional arguments +#Template to provision from +#Path to create instance + + +#Usage message +usage() +{ +echo "$0 needs to be invoked with two arguments:\ + + Argument 1:Hostname + Argument 2:IP Address + +It can also take two optional arguments: + +Path to a template you wish to provision from +Path to a directory to store a virtual machine in" +exit 0 +} + +#Error handling code +error_out() +{ +echo "A critical error has occured. Please see above line for portion that failed." +exit 1 +} + +bail_out() +{ +echo "Exiting at user request." +exit 0 +} + +preflight() +{ +#Ensure script is running as lxcmgmt user +if [ "$(whoami)" != 'lxcmgmt' ]; then + echo "You must be the lxcmgmt user to run $0" + exit 1; +fi + + +#Check for hostname argument +echo "Ensuring hostname is properly set..." +if [ -z "$1" ]; then +error_out +else +VMHOSTNAME="$1" +fi + +#Check for IP +echo "Ensuring ip is properly set..." +if [ -z "$2" ]; then +error_out +else +VMIP=$2 +fi + +#Check for template specification, otherwise set to default +if [ -n "$3" ]; then +VMTEMPLATE="$3" +else +VMTEMPLATE="/lxc/templates/ariesvm.tar.gz" +fi + +#Check for path specification, otherwise set to default +if [ -n "$4" ]; then +VMPATH="$4" +else +VMPATH="/lxc/instances/$VMHOSTNAME" +fi + +echo "VM will be created with the following paramaters." +echo "Hostname: $VMHOSTNAME" +echo "IPv4 Address: $VMIP" +echo "Template: $VMTEMPLATE" +echo "Path: $VMPATH" +echo "Do you wish to proceed? (Y/N)" +read proceed + +if [ $proceed = "Y" ]; then +createvm VMHOSTNAME VMIP VMTEMPLATE VMPATH +elif [ $proceed = "N" ]; then +bail_out +else +echo "Please specify Y or N" +error_out +fi +} + +createvm() +{ +#Provision a vm +#If we are here, preflight check passed, user confirmed paramaters and we are good to go + +#SOME variables... +CONFIGTEMPLATES="/lxc/templates" +VMMAC=$(echo $VMIP | awk -F . '{print $4}') + +#First we create a directory for the instance +echo "Creating storage location for $VMHOSTNAME..." +mkdir $VMPATH +mkdir $VMPATH/rootfs + +#Second we uncompress the VM template +echo "Uncompressing template..." +tar xfz $VMTEMPLATE -C $VMPATH/rootfs + +#Dynamically create fstab and config file in /lxc/instances/vminstance: +echo "Creating configuration files..." + +#Create fstab: +echo "Creating fstab..." +cat > $VMPATH/$VMHOSTNAME.fstab < $VMPATH/$VMHOSTNAME.config < /dev/null && echo true || echo false)" +HAS_WGET="$(type "wget" &> /dev/null && echo true || echo false)" +HAS_OPENSSL="$(type "openssl" &> /dev/null && echo true || echo false)" +HAS_GPG="$(type "gpg" &> /dev/null && echo true || echo false)" + +# initArch discovers the architecture for this system. +initArch() { + ARCH=$(uname -m) + case $ARCH in + armv5*) ARCH="armv5";; + armv6*) ARCH="armv6";; + armv7*) ARCH="arm";; + aarch64) ARCH="arm64";; + x86) ARCH="386";; + x86_64) ARCH="amd64";; + i686) ARCH="386";; + i386) ARCH="386";; + esac +} + +# initOS discovers the operating system for this system. +initOS() { + OS=$(echo `uname`|tr '[:upper:]' '[:lower:]') + + case "$OS" in + # Minimalist GNU for Windows + mingw*) OS='windows';; + esac +} + +# runs the given command as root (detects if we are root already) +runAsRoot() { + if [ $EUID -ne 0 -a "$USE_SUDO" = "true" ]; then + sudo "${@}" + else + "${@}" + fi +} + +# verifySupported checks that the os/arch combination is supported for +# binary builds, as well whether or not necessary tools are present. +verifySupported() { + local supported="darwin-amd64\nlinux-386\nlinux-amd64\nlinux-arm\nlinux-arm64\nlinux-ppc64le\nlinux-s390x\nwindows-amd64" + if ! echo "${supported}" | grep -q "${OS}-${ARCH}"; then + echo "No prebuilt binary for ${OS}-${ARCH}." + echo "To build from source, go to https://github.com/helm/helm" + exit 1 + fi + + if [ "${HAS_CURL}" != "true" ] && [ "${HAS_WGET}" != "true" ]; then + echo "Either curl or wget is required" + exit 1 + fi + + if [ "${VERIFY_CHECKSUM}" == "true" ] && [ "${HAS_OPENSSL}" != "true" ]; then + echo "In order to verify checksum, openssl must first be installed." + echo "Please install openssl or set VERIFY_CHECKSUM=false in your environment." + exit 1 + fi + + if [ "${VERIFY_SIGNATURES}" == "true" ]; then + if [ "${HAS_GPG}" != "true" ]; then + echo "In order to verify signatures, gpg must first be installed." + echo "Please install gpg or set VERIFY_SIGNATURES=false in your environment." + exit 1 + fi + if [ "${OS}" != "linux" ]; then + echo "Signature verification is currently only supported on Linux." + echo "Please set VERIFY_SIGNATURES=false or verify the signatures manually." + exit 1 + fi + fi +} + +# checkDesiredVersion checks if the desired version is available. +checkDesiredVersion() { + if [ "x$DESIRED_VERSION" == "x" ]; then + # Get tag from release URL + local latest_release_url="https://github.com/helm/helm/releases" + if [ "${HAS_CURL}" == "true" ]; then + TAG=$(curl -Ls $latest_release_url | grep 'href="/helm/helm/releases/tag/v3.[0-9]*.[0-9]*\"' | grep -v no-underline | head -n 1 | cut -d '"' -f 2 | awk '{n=split($NF,a,"/");print a[n]}' | awk 'a !~ $0{print}; {a=$0}') + elif [ "${HAS_WGET}" == "true" ]; then + TAG=$(wget $latest_release_url -O - 2>&1 | grep 'href="/helm/helm/releases/tag/v3.[0-9]*.[0-9]*\"' | grep -v no-underline | head -n 1 | cut -d '"' -f 2 | awk '{n=split($NF,a,"/");print a[n]}' | awk 'a !~ $0{print}; {a=$0}') + fi + else + TAG=$DESIRED_VERSION + fi +} + +# checkHelmInstalledVersion checks which version of helm is installed and +# if it needs to be changed. +checkHelmInstalledVersion() { + if [[ -f "${HELM_INSTALL_DIR}/${BINARY_NAME}" ]]; then + local version=$("${HELM_INSTALL_DIR}/${BINARY_NAME}" version --template="{{ .Version }}") + if [[ "$version" == "$TAG" ]]; then + echo "Helm ${version} is already ${DESIRED_VERSION:-latest}" + return 0 + else + echo "Helm ${TAG} is available. Changing from version ${version}." + return 1 + fi + else + return 1 + fi +} + +# downloadFile downloads the latest binary package and also the checksum +# for that binary. +downloadFile() { + HELM_DIST="helm-$TAG-$OS-$ARCH.tar.gz" + DOWNLOAD_URL="https://get.helm.sh/$HELM_DIST" + CHECKSUM_URL="$DOWNLOAD_URL.sha256" + HELM_TMP_ROOT="$(mktemp -dt helm-installer-XXXXXX)" + HELM_TMP_FILE="$HELM_TMP_ROOT/$HELM_DIST" + HELM_SUM_FILE="$HELM_TMP_ROOT/$HELM_DIST.sha256" + echo "Downloading $DOWNLOAD_URL" + if [ "${HAS_CURL}" == "true" ]; then + curl -SsL "$CHECKSUM_URL" -o "$HELM_SUM_FILE" + curl -SsL "$DOWNLOAD_URL" -o "$HELM_TMP_FILE" + elif [ "${HAS_WGET}" == "true" ]; then + wget -q -O "$HELM_SUM_FILE" "$CHECKSUM_URL" + wget -q -O "$HELM_TMP_FILE" "$DOWNLOAD_URL" + fi +} + +# verifyFile verifies the SHA256 checksum of the binary package +# and the GPG signatures for both the package and checksum file +# (depending on settings in environment). +verifyFile() { + if [ "${VERIFY_CHECKSUM}" == "true" ]; then + verifyChecksum + fi + if [ "${VERIFY_SIGNATURES}" == "true" ]; then + verifySignatures + fi +} + +# installFile installs the Helm binary. +installFile() { + HELM_TMP="$HELM_TMP_ROOT/$BINARY_NAME" + mkdir -p "$HELM_TMP" + tar xf "$HELM_TMP_FILE" -C "$HELM_TMP" + HELM_TMP_BIN="$HELM_TMP/$OS-$ARCH/helm" + echo "Preparing to install $BINARY_NAME into ${HELM_INSTALL_DIR}" + runAsRoot cp "$HELM_TMP_BIN" "$HELM_INSTALL_DIR/$BINARY_NAME" + echo "$BINARY_NAME installed into $HELM_INSTALL_DIR/$BINARY_NAME" +} + +# verifyChecksum verifies the SHA256 checksum of the binary package. +verifyChecksum() { + printf "Verifying checksum... " + local sum=$(openssl sha1 -sha256 ${HELM_TMP_FILE} | awk '{print $2}') + local expected_sum=$(cat ${HELM_SUM_FILE}) + if [ "$sum" != "$expected_sum" ]; then + echo "SHA sum of ${HELM_TMP_FILE} does not match. Aborting." + exit 1 + fi + echo "Done." +} + +# verifySignatures obtains the latest KEYS file from GitHub master branch +# as well as the signature .asc files from the specific GitHub release, +# then verifies that the release artifacts were signed by a maintainer's key. +verifySignatures() { + printf "Verifying signatures... " + local keys_filename="KEYS" + local github_keys_url="https://raw.githubusercontent.com/helm/helm/master/${keys_filename}" + if [ "${HAS_CURL}" == "true" ]; then + curl -SsL "${github_keys_url}" -o "${HELM_TMP_ROOT}/${keys_filename}" + elif [ "${HAS_WGET}" == "true" ]; then + wget -q -O "${HELM_TMP_ROOT}/${keys_filename}" "${github_keys_url}" + fi + local gpg_keyring="${HELM_TMP_ROOT}/keyring.gpg" + local gpg_homedir="${HELM_TMP_ROOT}/gnupg" + mkdir -p -m 0700 "${gpg_homedir}" + local gpg_stderr_device="/dev/null" + if [ "${DEBUG}" == "true" ]; then + gpg_stderr_device="/dev/stderr" + fi + gpg --batch --quiet --homedir="${gpg_homedir}" --import "${HELM_TMP_ROOT}/${keys_filename}" 2> "${gpg_stderr_device}" + gpg --batch --no-default-keyring --keyring "${gpg_homedir}/${GPG_PUBRING}" --export > "${gpg_keyring}" + local github_release_url="https://github.com/helm/helm/releases/download/${TAG}" + if [ "${HAS_CURL}" == "true" ]; then + curl -SsL "${github_release_url}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc" -o "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc" + curl -SsL "${github_release_url}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc" -o "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc" + elif [ "${HAS_WGET}" == "true" ]; then + wget -q -O "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc" "${github_release_url}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc" + wget -q -O "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc" "${github_release_url}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc" + fi + local error_text="If you think this might be a potential security issue," + error_text="${error_text}\nplease see here: https://github.com/helm/community/blob/master/SECURITY.md" + local num_goodlines_sha=$(gpg --verify --keyring="${gpg_keyring}" --status-fd=1 "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc" 2> "${gpg_stderr_device}" | grep -c -E '^\[GNUPG:\] (GOODSIG|VALIDSIG)') + if [[ ${num_goodlines_sha} -lt 2 ]]; then + echo "Unable to verify the signature of helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256!" + echo -e "${error_text}" + exit 1 + fi + local num_goodlines_tar=$(gpg --verify --keyring="${gpg_keyring}" --status-fd=1 "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc" 2> "${gpg_stderr_device}" | grep -c -E '^\[GNUPG:\] (GOODSIG|VALIDSIG)') + if [[ ${num_goodlines_tar} -lt 2 ]]; then + echo "Unable to verify the signature of helm-${TAG}-${OS}-${ARCH}.tar.gz!" + echo -e "${error_text}" + exit 1 + fi + echo "Done." +} + +# fail_trap is executed if an error occurs. +fail_trap() { + result=$? + if [ "$result" != "0" ]; then + if [[ -n "$INPUT_ARGUMENTS" ]]; then + echo "Failed to install $BINARY_NAME with the arguments provided: $INPUT_ARGUMENTS" + help + else + echo "Failed to install $BINARY_NAME" + fi + echo -e "\tFor support, go to https://github.com/helm/helm." + fi + cleanup + exit $result +} + +# testVersion tests the installed client to make sure it is working. +testVersion() { + set +e + HELM="$(command -v $BINARY_NAME)" + if [ "$?" = "1" ]; then + echo "$BINARY_NAME not found. Is $HELM_INSTALL_DIR on your "'$PATH?' + exit 1 + fi + set -e +} + +# help provides possible cli installation arguments +help () { + echo "Accepted cli arguments are:" + echo -e "\t[--help|-h ] ->> prints this help" + echo -e "\t[--version|-v ] . When not defined it fetches the latest release from GitHub" + echo -e "\te.g. --version v3.0.0 or -v canary" + echo -e "\t[--no-sudo] ->> install without sudo" +} + +# cleanup temporary files to avoid https://github.com/helm/helm/issues/2977 +cleanup() { + if [[ -d "${HELM_TMP_ROOT:-}" ]]; then + rm -rf "$HELM_TMP_ROOT" + fi +} + +# Execution + +#Stop execution on any error +trap "fail_trap" EXIT +set -e + +# Set debug if desired +if [ "${DEBUG}" == "true" ]; then + set -x +fi + +# Parsing input arguments (if any) +export INPUT_ARGUMENTS="${@}" +set -u +while [[ $# -gt 0 ]]; do + case $1 in + '--version'|-v) + shift + if [[ $# -ne 0 ]]; then + export DESIRED_VERSION="${1}" + else + echo -e "Please provide the desired version. e.g. --version v3.0.0 or -v canary" + exit 0 + fi + ;; + '--no-sudo') + USE_SUDO="false" + ;; + '--help'|-h) + help + exit 0 + ;; + *) exit 1 + ;; + esac + shift +done +set +u + +initArch +initOS +verifySupported +checkDesiredVersion +if ! checkHelmInstalledVersion; then + downloadFile + verifyFile + installFile +fi +testVersion +cleanup diff --git a/gitMirror.sh b/gitMirror.sh new file mode 100644 index 0000000..7b8bdb1 --- /dev/null +++ b/gitMirror.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +set -euo pipefail + +#A script to setup git mirroring + +#Works with aliases +# lpom='git add -A :/ ; git commit -va' +# gpom='git push all master' +# tesla='lpom;gpom' + +PRIMARY_TARGET="$1" +SECONDARY_TARGET="$2" + + +git remote add all $PRIMARY_TARGET +git remote set-url --add --push all $PRIMARY_TARGET +git remote set-url --add --push all $SECONDARY_TARGET + diff --git a/k8s-context.sh b/k8s-context.sh new file mode 100644 index 0000000..6e2d40e --- /dev/null +++ b/k8s-context.sh @@ -0,0 +1,19 @@ +# Set the default kube context if present + +DEFAULT_KUBE_CONTEXTS="$HOME/.kube/config" +if test -f "${DEFAULT_KUBE_CONTEXTS}" +then + export KUBECONFIG="$DEFAULT_KUBE_CONTEXTS" +fi + +# Additional contexts should be in ~/.kube/custom-contexts/ +CUSTOM_KUBE_CONTEXTS="$HOME/.kube/custom-contexts" +mkdir -p "${CUSTOM_KUBE_CONTEXTS}" + +OIFS="$IFS" +IFS=$'\n' +for contextFile in `find "${CUSTOM_KUBE_CONTEXTS}" -type f -name "*.yml"` +do + export KUBECONFIG="$contextFile:$KUBECONFIG" +done +IFS="$OIFS" diff --git a/kbCheck.sh b/kbCheck.sh new file mode 100644 index 0000000..e584bb5 --- /dev/null +++ b/kbCheck.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +IFS=$'\n\t' + +kbNodeList=( +"db1" +"db2" +"db3" +) + +for kbNode in ${kbNodeList[@]}; do + COMMAND="$(ssh $kbNode uptime)" + echo "Load on $kbNode" $COMMAND +done + +kubectl get nodes -o wide + +kubectl get pods -A -o wide \ No newline at end of file diff --git a/librenms-bulkAdd.sh b/librenms-bulkAdd.sh new file mode 100644 index 0000000..068b69e --- /dev/null +++ b/librenms-bulkAdd.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +hostsToAdd=( +pfv-vmsrv-06.turnsys.net +) + +IFS=$'\n\t' + +for nodeToAdd in ${hostsToAdd[@]}; do + ./delhost.php $nodeToAdd + ./addhost.php $nodeToAdd kn3lmgmt ; ./discovery.php -h $nodeToAdd kn3lmgmt ; ./poller.php -h $nodeToAdd kn3lmgmt & +done + diff --git a/lookup_table.sh b/lookup_table.sh new file mode 100644 index 0000000..b384c90 --- /dev/null +++ b/lookup_table.sh @@ -0,0 +1,13 @@ +function lookup_table_() +{ +#Description: Lookup key value pairs in a text file +#Arguments: +# + +#Returns/outputs: +# + +export =$(grep $ | awk -F ',' '{print $2}') + +} + diff --git a/makePdf.sh b/makePdf.sh new file mode 100644 index 0000000..4eba1cf --- /dev/null +++ b/makePdf.sh @@ -0,0 +1,8 @@ +#!/bin/bash + + pandoc \ + < $1 \ + --from=markdown \ + --number-sections \ + --toc \ + --output=$1.pdf \ No newline at end of file diff --git a/mkHomeDir.sh b/mkHomeDir.sh new file mode 100644 index 0000000..27fb555 --- /dev/null +++ b/mkHomeDir.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +itemsToLink=( + + +) + +for itemToLink in $itemsToLink; +do + echo "making link for $itemToLink..." + ln -s +done diff --git a/mutt2task.sh b/mutt2task.sh new file mode 100644 index 0000000..997f7f2 --- /dev/null +++ b/mutt2task.sh @@ -0,0 +1,13 @@ +#!/bin/bash +while IFS= read -r line; do + if echo $line | grep -q "^From:" ; then + # Only take the first line starting with "From: " + if [ ! -n "$F" ] ; then + F=`echo $line | grep 'From:' | awk -F: '{print $2}'` + fi + fi + if echo $line | grep -q "^Subject:" ; then + S=`echo $line | grep 'Subject:' | awk -F: '{print $2}'` + fi +done +task add +email due:today "E-mail $S (from $F)" diff --git a/new-server-bootstrap.sh b/new-server-bootstrap.sh new file mode 100644 index 0000000..137c450 --- /dev/null +++ b/new-server-bootstrap.sh @@ -0,0 +1,93 @@ +#!/bin/bash + +####################################################################################################################################################### +#Boilerplate notes +# This code serves as highly robust, well tested, boilerplate entrypoint control logic code which is able to handle execution across #multiple distributions +# and versions (centos/ubuntu) (presumiong you have the distro script installed + +####################################################################################################################################################### + + +####################################################################################################################################################### +#Step 1: determine our mgmt interface,ip address,environment subnet,domain name +####################################################################################################################################################### + +#99% of the time eth0 is mgmt int and has a default route. But not always. Hence the need for this code: +export DEFAULT_ROUTE=$(netstat -rn |grep 0.0.0.0|awk '{print $NF}' |head -n1 ) + +#Vince - added because the MGMT_INT is referred to in the MGMT_IP line below +export MGMT_INT=$(netstat -rn |grep 0.0.0.0|awk '{print $NF}' |head -n1 ) + +export MGMT_IP=$(ifconfig $MGMT_INT|grep 'inet addr'|awk -F ':' '{print $2}'|awk '{print $1}') +export IP=$(echo $MGMT_IP|awk -F '.' '{print $2}') +export DOMAIN_NAME=$(hostname -d) + +####################################################################################################################################################### +#Step 2: Fixup the /etc/hosts file , this is the root of much evil +####################################################################################################################################################### +#Static /etc/hosts bits + +#Dynamic /etc/hosts bits +#added -s to hostname to account for FQDN in ks file + +export FULLHOST=$(hostname -f) +export SHORTHOST=$(hostname -s) + +cat > /etc/hosts <> /etc/hosts << HOSTFILESTATIC +127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 +::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 +HOSTFILESTATIC + +####################################################################################################################################################### +#Step 3: determine distro +####################################################################################################################################################### +DISTRO_TYPE="$(distro |awk '{print $1}'|tr '[:upper:]' '[:lower:]')" +DISTRO_VERSION=$(distro |awk '{print $2}'|awk -F '.' '{print $1}') + + +####################################################################################################################################################### +#Step 4: Register system with librenms +####################################################################################################################################################### +CURL_STRING="{\"hostname\":\"$(hostname -f)\",\"version\":\"v2c\",\"community\":\"$SNMP_COMMUNITY\"}" + +curl \ + --insecure \ + -X POST \ + -d $CURL_STRING \ + -H 'X-Auth-Token: $TOKEN' \ + $LIBRENMS_ENDPOPINT/api/v0/devices + +####################################################################################################################################################### +#Step 5: Call a rundeck job +####################################################################################################################################################### +curl \ + --insecure \ + -X POST \ + -H 'X-Rundeck-Auth-Token: $RUNDECK_TOKEN' \ + $RDECK_BASE_URL/job/$JOB_ID/run + +####################################################################################################################################################### +#Step 6: Do stuff based on distribution type and version +####################################################################################################################################################### + + +if [ $DISTRO_TYPE == "centos" ] && [ $DISTRO_VERSION == 6 ] ; +then + c6stuff +fi + +if [ $DISTRO_TYPE == "centos" ] && [ $DISTRO_VERSION == 7 ] ; +then + c7stuff +fi + +if [ $DISTRO_TYPE == "ubuntu" ] && [ $DISTRO_VERSION == 14 ] ; +then + ub14stuff +fi + diff --git a/newHomeSetup.sh b/newHomeSetup.sh new file mode 100644 index 0000000..58864e7 --- /dev/null +++ b/newHomeSetup.sh @@ -0,0 +1,69 @@ +#!/bin/bash + +# A script to setup Charles home directory on a new system + + +# Pre-requisite : in whatever user directory create a symbolic link called charles to wherever charles data drive is: +# > ls -l ~/charles +#lrwxrwxrwx 1 pi pi 55 May 29 07:49 /home/pi/charles -> /media/pi/7f738693-22c7-482f-a75f-2af788ffb8921/charles + +cd ~ + +#this directory needs to be created +mkdir smb + +#Symlinks follow + +#rcFiles + +ln -s charles/dotfiles/rcfiles/bash_history .bash_history +ln -s charles/dotfiles/rcfiles/bash_logout .bash_logout +ln -s charles/dotfiles/rcfiles/bashrc .bashrc +ln -s charles/dotfiles/rcfiles/davmail.log davmail.log +ln -s charles/dotfiles/rcfiles/davmail.properties .davmail.properties +ln -s charles/dotfiles/rcfiles/dmrc .dmrc +ln -s charles/dotfiles/rcfiles/zshenv .zshenv +ln -s charles/dotfiles/rcfiles/zsh_history .zsh_history +ln -s charles/dotfiles-git/rcfiles/zshrc .zshrc +ln -s charles/dotfiles-git/rcfiles/gitconfig .gitconfig +ln -s charles/dotfiles/rcfiles/offlineimaprc .offlineimaprc +ln -s charles/dotfiles-git/rcfiles/p10k.zsh .p10k.zsh +ln -s charles/dotfiles/rcfiles/profile .profile +ln -s charles/dotfiles/rcfiles/ucsmb .ucsmb +ln -s charles/dotfiles/rcdirs/viminfo .viminfo +ln -s charles/dotfiles/rcdirs/vimrc .vimrc + +#rcDirectories +ln -s charles/dotfiles/rcdirs/arduino arduino +ln -s charles/dotfiles/rcdirs/bundle .bundle +ln -s charles/dotfiles/rcdirs/cargo .cargo +ln -s charles/dotfiles/rcdirs/cache .cache +ln -s charles/dotfiles/rcdirs/config .config +ln -s charles/dotfiles/rcdirs/gem .gem +ln -s charles/dotfiles/rcdirs/gnupg .gnupg +ln -s charles/dotfiles/rcdirs/iceworks .iceworks +ln -s charles/dotfiles/rcdirs/java .java +ln -s charles/dotfiles/rcdirs/kde .kde +ln -s charles/dotfiles/rcdirs/kube/ .kube +ln -s charles/dotfiles/rcdirs/local .local +ln -s charles/dotfiles/rcdirs/mozilla .mozilla +ln -s charles/dotfiles/rcdirs/msf4 .msf4 +ln -s charles/dotfiles/rcdirs/mume .mume +ln -s charles/dotfiles/rcdirs/npm .npm +ln -s charles/dotfiles/rcdirs/offlineimap .offlineimap +ln -s charles/dotfiles/rcdirs/oh-my-zsh oh-my-zsh +ln -s charles/dotfiles/rcdirs/pki .pki +ln -s charles/dotfiles/rcdirs/pp_backup .pp_backup +ln -s charles/dotfiles/rcdirs/rustup .rustup +ln -s charles/dotfiles/rcdirs/sane .sane +ln -s charles/dotfiles-git/rcdirs/ssh/ .ssh +ln -s charles/dotfiles/rcdirs/thunderbird .thunderbird +ln -s charles/dotfiles/rcdirs/vim .vim +ln -s charles/dotfiles/rcdirs/vs-kubernetes .vs-kubernetes +ln -s charles/dotfiles/rcdirs/vscode .vscode + + +#nonrcDirectoreis +ln -s charles/Downloads Downloads +ln -s charles/go go +ln -s charles/sketchbook sketchbook diff --git a/newSrv.sh b/newSrv.sh new file mode 100644 index 0000000..577dfb0 --- /dev/null +++ b/newSrv.sh @@ -0,0 +1,54 @@ +#!/bin/bash + +#curl -s http://dl.turnsys.net/newSrv.sh|/bin/bash + +apt-get -y --purge remove nano +apt-get -y install ntp ntpdate +systemctl stop ntp +ntpdate 10.251.37.5 +apt-get update +apt-get -y full-upgrade +apt-get -y install glances htop dstat snmpd screen lldpd lsb-release libpcre2-dev libevent-dev + + +rm -rf /usr/local/librenms-agent + +curl -s http://dl.turnsys.net/librenms-agent/distro > /usr/local/bin/distro +chmod +x /usr/local/bin/distro + +curl -s http://dl.turnsys.net/librenms.tar.gz > /usr/local/librenms.tar.gz +cd /usr/local ; tar xfs librenms.tar.gz + +systemctl stop snmpd ; curl -s http://dl.turnsys.net/snmpd.conf > /etc/snmp/snmpd.conf + +sed -i "s|-Lsd|-LS6d|" /lib/systemd/system/snmpd.service +systemctl daemon-reload +systemctl restart snmpd + +/etc/init.d/rsyslog stop + +cat < /etc/rsyslog.conf +# /etc/rsyslog.conf configuration file for rsyslog +# +# For more information install rsyslog-doc and see +# /usr/share/doc/rsyslog-doc/html/configuration/index.html + + +################# +#### MODULES #### +################# + +module(load="imuxsock") # provides support for local system logging +module(load="imklog") # provides kernel logging support +#module(load="immark") # provides --MARK-- message capability + +*.* @10.251.30.1:514 +EOF + +/etc/init.d/rsyslog start +logger "hi hi from $(hostname)" + + +bash <(curl -Ss https://my-netdata.io/kickstart.sh) --dont-wait + + diff --git a/next_apointment.py b/next_apointment.py new file mode 100644 index 0000000..d922b79 --- /dev/null +++ b/next_apointment.py @@ -0,0 +1,47 @@ +#!/usr/bin/env python +from datetime import datetime, timedelta +from dateutil import parser +import re +from sys import exit +import caldav + +# time offset +time_offset = 2 +# user +cal_user = 'danielh' +# password +cal_passwd = 'foobar' +# define you caldav URL here +caldav_url = \ + "http://{0}:{1}@office.hauck.it/remote.php/caldav/calendars/danielh/personal"\ + .format(cal_user, cal_passwd) + +# connect to you caldav instance +def connect(url): + client = caldav.DAVClient(url) + principal = client.principal() + return principal.calendars()[0] + +# get you next appointment for today + +def parse_eventdata(event): + parsed_event = {} + for item in event.data.split("\n"): + if re.match("^DTSTART\;", item): + dto = parser.parse(item.split(";")[1].split(":")[1])\ + + timedelta(hours=time_offset) + if re.match("^SUMMARY\:", item): + title = item.split(":")[1] + return { + "title": title, + "start": dto.strftime("%H:%M"), + } +try: + calendar = connect(caldav_url) + latest_event = calendar.date_search(datetime.utcnow(), datetime.now().date() + timedelta(days=1))[-1] +except IndexError: + print "Nothing to do" + exit(0) + +print '{start} {title}'.format(**parse_eventdata(latest_event)) + diff --git a/obtain_centos_mac.sh b/obtain_centos_mac.sh new file mode 100644 index 0000000..a38c8b5 --- /dev/null +++ b/obtain_centos_mac.sh @@ -0,0 +1,17 @@ +function obtain_centos_mac() +{ + + DISTRO_TYPE="$(distro |awk '{print $1}'|tr '[:upper:]' '[:lower:]')" + DISTRO_VERSION=$(distro |awk '{print $2}'|awk -F '.' '{print $1}') + +if [ $DISTRO_TYPE == "centos" ] && [ $DISTRO_VERSION == 6 ] ; +then + /sbin/ifconfig eth0|grep HWadd| awk '{print $NF}'|tr '[:upper:]' '[:lower:]'|sed 's/\:/-'/g +fi + +if [ $DISTRO_TYPE == "centos" ] && [ $DISTRO_VERSION == 7 ] ; +then + /sbin/ifconfig eth0|grep ether| awk '{print $2}'|tr '[:upper:]' '[:lower:]'|sed 's/\:/-'/g +fi + +} diff --git a/omsa.sh b/omsa.sh new file mode 100644 index 0000000..2410e6a --- /dev/null +++ b/omsa.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +#curl -s http://dl.turnsys.net/omsa.sh|/bin/bash + +gpg --keyserver hkp://pool.sks-keyservers.net:80 --recv-key 1285491434D8786F +gpg -a --export 1285491434D8786F | apt-key add - +echo "deb http://linux.dell.com/repo/community/openmanage/930/bionic bionic main" > /etc/apt/sources.list.d/linux.dell.com.sources.list +wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/libwsman-curl-client-transport1_2.6.5-0ubuntu3_amd64.deb +wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/libwsman-client4_2.6.5-0ubuntu3_amd64.deb +wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/libwsman1_2.6.5-0ubuntu3_amd64.deb +wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/libwsman-server1_2.6.5-0ubuntu3_amd64.deb +wget http://archive.ubuntu.com/ubuntu/pool/universe/s/sblim-sfcc/libcimcclient0_2.2.8-0ubuntu2_amd64.deb +wget http://archive.ubuntu.com/ubuntu/pool/universe/o/openwsman/openwsman_2.6.5-0ubuntu3_amd64.deb +wget http://archive.ubuntu.com/ubuntu/pool/multiverse/c/cim-schema/cim-schema_2.48.0-0ubuntu1_all.deb +wget http://archive.ubuntu.com/ubuntu/pool/universe/s/sblim-sfc-common/libsfcutil0_1.0.1-0ubuntu4_amd64.deb +wget http://archive.ubuntu.com/ubuntu/pool/multiverse/s/sblim-sfcb/sfcb_1.4.9-0ubuntu5_amd64.deb +wget http://archive.ubuntu.com/ubuntu/pool/universe/s/sblim-cmpi-devel/libcmpicppimpl0_2.0.3-0ubuntu2_amd64.deb +dpkg -i libwsman-curl-client-transport1_2.6.5-0ubuntu3_amd64.deb +dpkg -i libwsman-client4_2.6.5-0ubuntu3_amd64.deb +dpkg -i libwsman1_2.6.5-0ubuntu3_amd64.deb +dpkg -i libwsman-server1_2.6.5-0ubuntu3_amd64.deb +dpkg -i libcimcclient0_2.2.8-0ubuntu2_amd64.deb +dpkg -i openwsman_2.6.5-0ubuntu3_amd64.deb +dpkg -i cim-schema_2.48.0-0ubuntu1_all.deb +dpkg -i libsfcutil0_1.0.1-0ubuntu4_amd64.deb +dpkg -i sfcb_1.4.9-0ubuntu5_amd64.deb +dpkg -i libcmpicppimpl0_2.0.3-0ubuntu2_amd64.deb + +apt update +apt -y install srvadmin-all +touch /opt/dell/srvadmin/lib64/openmanage/IGNORE_GENERATION + +#logout,login, then run +# srvadmin-services.sh enable && srvadmin-services.sh start diff --git a/phpipam_api_key.sh b/phpipam_api_key.sh new file mode 100644 index 0000000..66caa3c --- /dev/null +++ b/phpipam_api_key.sh @@ -0,0 +1,21 @@ +function api_key_phpiahm() +{ +#Description: obtain api key from phpipam for future operations +#Arguments: none +#Outputs: api key + + curl \ + --silent \ + -X POST \ + --user $UN:$PW \ + -H "Content-Type: application/xml" \ + $PHPIPAM_BASE_URL/user/ > /tmp/phpipam/$CURR_EX_VAR-token.xml + + export API_TOKEN=$(while read_dom; do + if [[ $ENTITY = "token" ]]; then + echo $CONTENT + fi + done < /tmp/phpipam/$CURR_EX_VAR-token.xml) + rm -f /tmp/phpipam/$CURR_EX_VAR-token.xml +} + diff --git a/phpipam_hostname_detail.sh b/phpipam_hostname_detail.sh new file mode 100644 index 0000000..3a8690e --- /dev/null +++ b/phpipam_hostname_detail.sh @@ -0,0 +1,52 @@ +function phpipam_hostname_detail() +{ +#Description: lookup network details from a hostname +#Arguments: hostname +#output: IP address, netmask, gw + + #Lookup TS hostname/IP in phpipam + IP_XML=$(curl \ + --silent \ + -X GET \ + --user $UN:$PW \ + -H "Content-Type: application/xml" \ + -H "token:${API_TOKEN}" \ + $PHPIPAM_BASE_URL/api/$APP_ID/addresses/search_hostname/$1/ > /tmp/phpipam/$CURR_EX_VAR-ip.xml + ) + + PC_IP=$(while read_dom; do + if [[ $ENTITY = "ip" ]]; then + echo $CONTENT + fi + done < /tmp/phpipam/$CURR_EX_VAR-ip.xml) + + SUBNET_ID=$(while read_dom; do + if [[ $ENTITY = "subnetId" ]]; then + echo $CONTENT + fi + done < /tmp/phpipam/$CURR_EX_VAR-ip.xml) + + + #Use subnet id to determine netmask and gateway +curl \ + --silent \ + -X GET \ + --user $UN:$PW \ + -H "Content-Type: application/xml" \ + -H "token:${API_TOKEN}" \ + $PHPIPAM_BASE_URL/api/$APP_ID/subnets/$SUBNET_ID/ > /tmp/phpipam/$CURR_EX_VAR-subnet.xml + + export PC_NETMASK=$(while read_dom; do + if [[ $ENTITY = "Subnet_netmask" ]]; then + echo $CONTENT + fi + done < /tmp/phpipam/$CURR_EX_VAR-subnet.xml) + + export PC_GATEWAY=$(while read_dom; do + if [[ $ENTITY = "ip_addr" ]]; then + echo $CONTENT + fi + done < /tmp/phpipam/$CURR_EX_VAR-subnet.xml) + +} + diff --git a/prox.sh b/prox.sh new file mode 100644 index 0000000..a5fe8bc --- /dev/null +++ b/prox.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +rm -f /etc/apt/sources.list.d/* +echo "deb http://download.proxmox.com/debian/pve buster pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list +wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +chmod +r /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # optional, if you have a non-default umask +apt update && apt -y full-upgrade +apt-get -y install ifupdown2 ipmitool + +curl -s http://dl.turnsys.net/newSrv.sh|/bin/bash + diff --git a/prox7.sh b/prox7.sh new file mode 100644 index 0000000..6836c8c --- /dev/null +++ b/prox7.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +rm -f /etc/apt/sources.list.d/* +echo "deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list +wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +chmod +r /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # optional, if you have a non-default umask +apt update && apt -y full-upgrade +apt-get -y install ifupdown2 ipmitool ethtool net-tools lshw + +#curl -s http://dl.turnsys.net/newSrv.sh|/bin/bash + + + diff --git a/read_xml_dom.sh b/read_xml_dom.sh new file mode 100644 index 0000000..416cffe --- /dev/null +++ b/read_xml_dom.sh @@ -0,0 +1,17 @@ +function read_xml_dom () + +{ + +#Description: Helper function for reading xml from stdin in bash + +#Arguments: none + +#Returns: nothing + + + + local IFS=\> + + read -d \< ENTITY CONTENT + +} diff --git a/rpc_ssh.sh b/rpc_ssh.sh new file mode 100644 index 0000000..217aaef --- /dev/null +++ b/rpc_ssh.sh @@ -0,0 +1,33 @@ +function rpc_ssh() +{ + if ! args=("$(getopt -l "rmthost:,rmthostport:,rmtlogin:,pushvars:,pushfuncs:,rmtmain:" -o "h:p:u:v:f:m:A" -- "$@")") + then + exit 1 + fi + + sshvars=( -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~jigmaker/jigmaker/keys/TS_root.key ) + eval set -- "${args[@]}" + while [ -n "$1" ] + do + case $1 in + -h|--rmthost) rmthost=$2; shift; shift;; + -p|--rmtport) sshvars=( "${sshvars[@]}" -p $2 ); shift; shift;; + -u|--rmtlogin) rmtlogin=$2; shift; shift;; + -v|--pushvars) pushvars=$2; shift; shift;; + -f|--pushfuncs) pushfuncs=$2; shift; shift;; + -m|--rmtmain) rmtmain=$2; shift; shift;; + -A) sshvars=( "${sshvars[@]}" -A ); shift;; + -i) sshvars=( "${sshvars[@]}" -i $2 ); shift; shift;; + --) shift; break;; + esac + done + rmtargs=( "$@" ) + + ssh ${sshvars[@]} ${rmtlogin}@${rmthost} " + $(declare -p rmtargs 2>/dev/null) + $([ -n "$pushvars" ] && declare -p $pushvars 2>/dev/null) + $(declare -f $pushfuncs 2>/dev/null) + $rmtmain \"\${rmtargs[@]}\" + #$rmtmain {rmtargs[@]} + " +} diff --git a/searchLdap.sh b/searchLdap.sh new file mode 100644 index 0000000..047569d --- /dev/null +++ b/searchLdap.sh @@ -0,0 +1,13 @@ +#!/bin/bash +#A script to search LDAP + +#LDAP_SERVER=$(set |grep LOGONSERVER|awk -F '=' '{print $2}'|sed -e 's/\'//g') +#echo $LDAP_SERVER + +LDAP_SERVER="ldap.hp.com" +LDAPSEARCH_OPTIONS="-x -LLL" + + +#ldapsearch $LDAPSEARCH_OPTIONS -b "o=hp.com" -s sub -H ldaps://$LDAP_SERVER "(uid=wyble@hp.com)" cn mail displayName samaccountna +#ldapsearch $LDAPSEARCH_OPTIONS -h $LDAP_SERVER -b "o=hp.com" uid=chris.radosh@hp.com directReports +ldapsearch -LLL -x -W -H ldaps://g3w0044.americas.hpqcorp.net:3269 -b "dc=cpqcorp,dc=net" -D wyblehp.com mail=wyble@hp.com uid diff --git a/setForPxe.sh b/setForPxe.sh new file mode 100644 index 0000000..99d42d8 --- /dev/null +++ b/setForPxe.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +echo "setting bmc for pxe boot..." + +export ISHP="$(dmidecode -t System|grep Manufacturer|grep HP -c)" +export ISDELL="$(dmidecode -t System|grep Manufacturer|grep Dell -c)" + +#Set BMC to PXE + +if [ $ISHP -eq 1 ]; then + hpbootcfg -P +fi + +if [ $ISDELL -eq 1 ]; then + ipmitool chassis bootparam set bootflag force_pxe +fi + +#Reboot the system +echo "re-booting..." + /sbin/reboot + diff --git a/test-subosys-access.sh b/test-subosys-access.sh new file mode 100644 index 0000000..b48ecdb --- /dev/null +++ b/test-subosys-access.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +IFS=$'\n\t' + +suboNodeList=( +#"subopi1" #MorsePod m6 +#"subopi2" #seeduino lora gateway hat +#"subopi3" # no hat +#"subopi4" #dragino hat +#"subopi5" #pi sense hat +#"subopi6" #pi sense hat +#"subobench" #benchtop computer +"subodev" #develop workloads +"suboqa" #test workloads +"suboprod" #run actual workloads here +"buildbox" #build all the things +) + +for suboNode in ${suboNodeList[@]}; do + COMMAND="$(ssh $suboNode md5sum .ssh/authorized_keys)" + echo "Testing ssh authorized_keys on $suboNode" $COMMAND + #COMMAND="$(ssh $suboNode uptime)" + #echo "Testing load on $suboNode" $COMMAND +done + diff --git a/up2date.sh b/up2date.sh new file mode 100644 index 0000000..de4c143 --- /dev/null +++ b/up2date.sh @@ -0,0 +1,7 @@ +apt-get -y --purge autoremove +apt-get update +apt-get -y upgrade +apt-get -y dist-upgrade +apt-get -y full-upgrade +apt-get -y --purge autoremove +apt-get clean diff --git a/zshrc-include-cnw.sh b/zshrc-include-cnw.sh new file mode 100644 index 0000000..c6fe44f --- /dev/null +++ b/zshrc-include-cnw.sh @@ -0,0 +1,73 @@ +#Customized zshrc +# CNW +# Last updated 03/01/2021 +# merging my own bits and some stuff from oh-my-zsh, powerline etc + +# Set personal aliases, overriding those provided by oh-my-zsh libs, +# plugins, and themes. Aliases can be placed here, though oh-my-zsh +# users are encouraged to define aliases within the ZSH_CUSTOM folder. +# For a full list of active aliases, run `alias`. +# + +source ~/Nextcloud/bin/shell-frags/alias.sh + +############### +#My path is where I walk, not where you walk +############### + +PATHDIRS=( +/usr/local/go/bin +~/Nextcloud/bin +~/Nextcloud/bin/apps/habitctl/target/release +~/dotfiles-git/bin +~/dotfiles-git/3rdparty/git-scripts +) + +for dir in $PATHDIRS; do + if [ -d $dir ]; then + path+=$dir + fi +done +############### +# Creature comforts +############### + +#vi 24x7 yo, this isn't a holiday inn (last night, it is now) +# +bindkey -v +set -o vi + +if [[ -n $SSH_CONNECTION ]]; then + export EDITOR='vim' +else + export EDITOR='vim' +fi + + +HISTSIZE=5000 #How many lines of history to keep in memory +HIST_STAMPS="mm/dd/yyyy" +HISTFILE=~/.zsh_history #Where to save history to disk +SAVEHIST=5000000 #Number of history entries to save to disk +HISTDUP=erase #Erase duplicates in the history file +setopt appendhistory #Append history to the history file (no overwriting) +setopt incappendhistory #Immediately append to the history file, not just when a term is killed + +ENABLE_CORRECTION="true" +COMPLETION_WAITING_DOTS="true" +DISABLE_UNTRACKED_FILES_DIRTY="true" +export LANG=en_US.UTF-8 + +##################################################### +#Personal host variables +##################################################### +#Eventually we'll move to ldap/no shared accounts/forced sudo. Blech. Corporate tyrany! +#For now, the easy way. HAH! +CON_USER="charlesnw" +INBAND_USER="charlesnw" +PERSONAL_OOB_USER="root" +PERSONAL_INBAND_USER="root" +##################################################### + +#DO NOT Share history across terminals +unsetopt sharehistory +setopt no_share_history