- Shall i implement it?
- No ...
Marcin Antkiewicz marcinantkiewicz
marcinantkiewicz
/ gist:44e086f735fcc20408dbf514474343b4
Created
March 13, 2026 02:24
— forked from bretonium/gist:291f4388e2de89a43b25c135b44e41f0
marcinantkiewicz
/ background.js
Created
March 10, 2026 19:18
extension to log headers, this extension will probably burn your computer down
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const clacksCache = {}; | |
| const loggerURL = "https://localhost/crx_header_logger" | |
| chrome.webRequest.onHeadersReceived.addListener( | |
| (details) => { | |
| const clacks = details.responseHeaders.find( | |
| (h) => h.name.toLowerCase() === 'x-clacks-overhead' | |
| ); | |
| if (clacks && details.tabId > 0) { |
marcinantkiewicz
/ list_images.md
Last active
February 25, 2026 05:56
Create GH issue listing images used in dockerfiles in specified or all repositories in a github org.
Note:
- Default GH token does not allow reads from other repos. I use GH App to auth the action.
- GH search API has vicious rate limits, 3s sleep is not enough, or I am getting labelled as a bot. WTF Microsoft?
- This will open one issue, listing all the images, in a table
|repo|dockerfile|image|. It should process multi-stage dockerfiles. - the way it finds dockerfiles is dumb - find anything with
dockerfilein name, findFROMline... works fine on my computer. I
name: List docker images
on:
schedule:
- cron: '0 8 * * *' # 8am utc/midnight-late night in the US
marcinantkiewicz
/ github_ssh_to_local_authkeys.md
Created
February 21, 2026 21:36
Allow ssh access to user based on their github identity
Allow user access something, run command, using their github public ssh key.
Note: using command= enables interesting security footguns
COMMAND='command="free",restrict'
GH_USER=username
KEYS=$(curl -s https://github.com/$GH_USER.keys)
{
echo "# https://github.com/$GH_USER"
marcinantkiewicz
/ llm.yaml
Created
December 6, 2025 19:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: install llm cli and plugins | |
| hosts: localhost | |
| connection: local | |
| gather_facts: no | |
| vars: | |
| llm_plugins: | |
| - llm-openrouter | |
| - llm-mlx |
marcinantkiewicz
/ gist:f42390254d299a791a5ea589dc510822
Created
November 10, 2025 16:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: test-pod | |
| namespace: ${namespace} | |
| spec: | |
| containers: | |
| - image: google/cloud-sdk:slim | |
| name: test-pod | |
| command: ["sleep", "86400"] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Players | |
| # KSA - k8s service account | |
| # GSA - GCP service account | |
| # metadata server - runs on cluster nodes where pods with Workload Identity are dispatched, will respond to requests directed to 169.254.169.254. | |
| # workload identity - modifies behavior of the metadata server. Transparently to the SA, it will return GCP STS tokens issued to the impersonated GCP role. | |
| # Note: - when WI is enabled but not configured properly, the metadata server will fail (silently?) when it does not find annotation etc. | |
| # | |
| # request flow | |
| # 1. pod requests credentials from the metadata server | |
| # 2. metadata server checks if the pod is using workload identity, and identifies the KSA |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # docker needs the container toolkit to be able to make nvidia drivers available in the containers and probably more. | |
| # - you will need nvidia drivers too. https://github.com/NVIDIA/nvidia-container-toolkit | |
| # - model directory will need some IOPS to load them, dedicated NVME is both fast and naturally limits the sprawl | |
| # - in GPU stats you will see both (G)raphics and (C)ompute jobs. LLM-related tooling only controls the C jobs. | |
| # -- once Ollama container is running | |
| # | |
| # this should produce help output | |
| $ docker exec -it ollama ollama |
marcinantkiewicz
/ gist:ba4e1618ef5899c731a60b93308f2ab8
Last active
July 21, 2025 17:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 1. save as `eslint_prettier-vuln-checker.sh` | |
| # 2. this find `package-lock.json` files in the `IdeaProjects` folder in the home dir, adjust as needed: | |
| # `find ~/IdeaProjects/ -type f -name package-lock.json -exec bash eslint_prettier-vuln-checker.sh {} \;` | |
| # this takes a while to run, add `-print` avove to see all the lockfiles it finds | |
| # | |
| #!/usr/bin/env bash | |
| PACKAGE_VERSION_PAIRS=( |
marcinantkiewicz
/ dig-edns.md
Created
April 23, 2024 15:22
— forked from fartbagxp/dig-edns.md
Testing eDNS with dig
NolaCon 2017 GBC04 EDNS Client Subnet ECS DNS CDN Magic or Secur Jim Nitterauer
archive.is not resolving under 1.1.1.1 Cloudflare DNS resolver
Resolving Google using two different IP address will provide two different results.
- dig +short @8.8.8.8 google.com +subnet=120.5.5.6
NewerOlder