Skip to content

Instantly share code, notes, and snippets.

View robertsinfosec's full-sized avatar

robertsinfosec robertsinfosec

9 followers · 8 following
View GitHub Profile
@robertsinfosec
robertsinfosec / install-mc.sh
Created January 22, 2026 04:34
Simple script to install the MiniIO (S3-compatible storage) command-line tool `mc`.
#!/usr/bin/env bash
set -euo pipefail
# Colored, prefixed logging
COLOR_RESET="\033[0m"
COLOR_CYAN="\033[1;36m"
COLOR_RED="\033[1;31m"
COLOR_GREEN="\033[1;32m"
COLOR_AMBER="\033[0;33m"
@robertsinfosec
robertsinfosec / compose-upgrade.sh
Last active December 5, 2025 01:41
Simple script to upgrade any Docker Compose services that use the `:latest` tag to update that service to the latest version of that container image. This could be run weekly, monthly or ad-hoc to make sure you are on the latest container image build. Consider putting this in `/usr/local/bin/` and `chmod +x compose-upgrade.sh` to mark it as exec…
#!/usr/bin/env bash
set -euo pipefail
# compose-upgrade.sh
# Usage: compose-upgrade.sh [--help] [--service-name NAME] [--service-path PATH] [--log-dir PATH]
#
# Runs: docker compose pull && docker compose up -d --remove-orphans
# Prints progress with [+]/[-] markers, logs to file, and exits nonzero on failure.
show_help() {
@robertsinfosec
robertsinfosec / service-generator.sh
Created November 5, 2025 17:14
Bash script to create a consistent Docker Compose-based service in `/opt/${ServiceName}` and be controllable by a Systemd service, via a created `service-runner` account that has limited `sudo` privilege to control the service and reboot.
#!/usr/bin/env bash
set -euo pipefail
# =========================
# service-generator.sh
# -------------------------
# Create a systemd-managed docker-compose service skeleton:
# - Unprivileged user: service-runner (home: /opt/${ServiceName})
# - Adds service-runner to docker group
# - Systemd unit: /etc/systemd/system/${ServiceName}.service
@robertsinfosec
robertsinfosec / Install-LlmClis.ps1
Last active October 29, 2025 06:19
Add LLM CLI's via PowerShell. This first installs the Node Version Manager (NVM), then installs the latest NodeJS. Then, this installs: Google Gemini CLI, Anthropic Claude CLI, GitHub Copilot CLI, OpenCode (for running against Ollama), and OpenAI's Codex CLI.
# Install-LlmClis.ps1
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'
# --- 0) Require Administrator ---
$IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()
).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
if (-not $IsAdmin) { throw "This script must be run from an Administrator PowerShell." }
# --- 1) Ensure winget ---
@robertsinfosec
robertsinfosec / install-llm-clis.sh
Last active October 29, 2025 06:07
Add LLM CLI's via bash. This first installs the Node Version Manager (NVM), then installs the latest NodeJS. Then, this installs: Google Gemini CLI, Anthropic Claude CLI, GitHub Copilot CLI, OpenCode (for running against Ollama), and OpenAI's Codex CLI.
#!/usr/bin/env bash
set -euo pipefail
# --- prereqs ---
sudo apt-get update -y
sudo apt-get install -y --no-install-recommends ca-certificates curl git build-essential unzip
mkdir -p "$HOME/.local/bin"
grep -q 'export PATH="$HOME/.local/bin:$PATH"' "$HOME/.bashrc" \
|| echo 'export PATH="$HOME/.local/bin:$PATH"' >> "$HOME/.bashrc"
@robertsinfosec
robertsinfosec / move-user-uid.sh
Last active September 7, 2025 18:42
When you want to carefully and safely move the `UID`/`GID` of a user in Linux. This needs to be run as a `root`, directly. You can't log in as `sysadmin`, then do `sudo -s` and run this against `sysadmin`, it will give an error.
#!/usr/bin/env bash
# move-user-uid.sh — Safely move a user to a new UID/GID and fix file ownerships.
# Usage: ./move-user-uid.sh <username> <new-uid> <new-gid> [--force]
# Example: ./move-user-uid.sh operations 2000 2000 --force
set -euo pipefail
# ── Colors ─────────────────────────────────────────────────────────────────────
Black='\033[0;30m'
DarkGray='\033[1;30m'
@robertsinfosec
robertsinfosec / all-jails.sh
Created May 10, 2025 19:51
Shows details of all active Fail2Ban jails on the current system.
#!/bin/bash
JAILS=$(fail2ban-client status | grep "Jail list" | sed -E 's/^[^:]+:[ \t]+//' | sed 's/,//g')
INDEX=1
for JAIL in $JAILS
do
echo ""
echo -n "${INDEX}) "
fail2ban-client status $JAIL
((INDEX++))
@robertsinfosec
robertsinfosec / README.md
Created February 8, 2025 20:32

Overview

When you reboot a remote machine with sudo reboot now for example, some machines come back up within :20 seconds. Others, it might take a minute or two. Well, instead of hitting up arrow, Enter and seeing:

ssh: connect to host server.example.com port 22: Connection timed out

Instead of using ssh user@host, this function is sshw user@host, as-in "SSH Wait". You'll see a message like this:

@robertsinfosec
robertsinfosec / supabase-selfhost.sh
Created January 27, 2025 07:54
Script to easily set up an instance of Supabase with a Reverse Proxy and FQDN.
#!/bin/bash
# Supabase Setup Script
# This script sets up a fresh machine with Supabase by asking configuration questions.
# This script will perform the following actions:
# 1. Install Docker and Docker Compose.
# 2. Create an unprivileged 'supabase' user with appropriate permissions.
# 3. Clone the Supabase repository into /opt/supabase/.
# 4. Configure environment variables with provided values.
@robertsinfosec
robertsinfosec / LOGIN.COM
Last active January 19, 2025 03:52
A default `LOGIN.COM` to start with when working with OpenVMS
$ LS :== "DIR"
$ LL :== "DIR/SIZE/DATE/OWNER"
$!
$ CD :== "SET DEFAULT"
$ DEFINE/PROCESS "~" SYS$LOGIN
$!
$ ADD_LOG_TO_FILE_OPERATIONS:
$!
$ BAC*KUP :=="BACKUP/LOG"
$ COPY :=="COPY/LOG"