Skip to content

Instantly share code, notes, and snippets.

View maurerle's full-sized avatar

Florian Maurer maurerle

30 followers · 13 following
View GitHub Profile
@maurerle
maurerle / ffac-rollout-nginx-rule.sh
Created January 24, 2026 19:20
This command creates a nginx rule to configure the rollout for a small allow list for FFAC Freifunk-Gluon firmware
curl https://map.aachen.freifunk.net/data/meshviewer.json | jq -r '.nodes[] | select(.is_online == true) | select(.firmware.release == "v2023.2.3-6")| .hostname as $h | .node_id as $n | .addresses[] | "allow \(.); # \($h) https://map.aachen.freifunk.net/#/en/map/\($n)"' | grep 2a03:2260:3006:.11
# 1. replace last grep number with a chosen domain number
# 2. paste a few of the nodes into the nginx config
# 3. sudo service nginx reload
# 4. monitor the successful upgrade of the nodes
# 5. repeat
@maurerle
maurerle / ssh_counter.sh
Created January 12, 2026 15:28
Find the list of nodes to which I have access - so nodes which have my or someone's public key
#!/bin/bash
curl https://map.aachen.freifunk.net/data/meshviewer.json | jq -r '.nodes[].addresses[]' | grep 2a03:2260:3006:1 > ips.txt
IPS_FILE="ips.txt"
USER="root"
# myself
COMMAND="pretty-hostname"
# search fore someones pubkey in the authorized keys
COMMAND="grep -q 'AAAAB3Nxxx' /etc/dropbear/authorized_keys && pretty-hostname"
@maurerle
maurerle / dyndns_ionos.sh
Last active June 28, 2025 14:47
This gist updates ipv6 and ipv4 address using dyndns for a ionos domain
#!/bin/bash
# === Configuration ===
API_KEY=${1:-"YOUR API KEY"}
INTERFACE=${2:-"eth0"}
IONOS_API_URL="https://ipv4.api.hosting.ionos.com/dns/v1/dyndns"
# === Get global IPv6 address of the interface ===
IPV6_ADDR=$(ip -6 addr show dev "$INTERFACE" scope global | grep -oP '(?<=inet6\s)[0-9a-f:]+(?=/)' | head -n1)
IPV4_ADDR=$(curl -s ipv4.icanhazip.com)
@maurerle
maurerle / install-wireguard-patch.sh
Last active June 15, 2025 18:29
wireguard patch for threaded NAPI. See https://git.zx2c4.com/wireguard-linux/commit/?id=db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e
#!/bin/bash
sudo apt-get install build-essential linux-source bc kmod cpio flex libncurses5-dev libelf-dev libssl-dev dwarves bison linux-headers-amd64
tar xavf /usr/src/linux-source-$(uname -r | cut -d. -f1,2).tar.xz
cd linux-source-$(uname -r | cut -d. -f1,2)
# apply patch
wget -O wireguard.patch https://git.zx2c4.com/wireguard-linux/patch/?id=db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e
patch -p1 < wireguard.patch
#rm wireguard.patch
@maurerle
maurerle / gist:a4f1bbdf47d978eef72f6c140f77a4a2
Created June 11, 2025 14:25
NVIDIA DGX A100 nvsm cleanup procedure
When a hardware replacement is completed on a system, use the below procedure to clear existing alerts, and the events that generated the alert from the system.
1. sudo systemctl stop nvsm #stop nvsm services
2. sudo rm /var/lib/nvsm/sqlite/nvsm.db #remove the nvsm alert data base
3. sudo ipmitool sel clear # clear the SEL current logs
4. sudo rm /var/log/bmc_sel_archive_for_BMC_*.log #clear any archived SEL logs that can have the error
5. sudo systemctl start nvsm #start nvsm services
@maurerle
maurerle / backup.sh
Last active May 28, 2025 14:00 — forked from Jipok/backup.sh
Backup HOME with restic, exclude trash, caches and other useless data
#!/usr/bin/env bash
# SET ENV VARIABLES FOR YOUR USE CASE
# export RESTIC_PASSWORD=
# export RESTIC_REPOSITORY=sftp:host:/mnt/folder
# Each element is the exclusion path
excludes=(
"$HOME/.local" # Local configuration and application files
"$HOME/.cache" # Temporary cache files
@maurerle
maurerle / compose.yml
Created April 14, 2025 08:09
OpenWebUi Docker Compose
services:
ollama:
image: ollama/ollama:${OLLAMA_DOCKER_TAG-latest}
container_name: ollama
volumes:
- ./ollama:/root/.ollama
ports:
- "11434:11434/tcp"
restart: unless-stopped
tty: true
@maurerle
maurerle / backup-system.sh
Created October 13, 2024 17:00
backup script which backs up a whole linux installation doing incremental backups using rsync
#!/bin/bash
# backup script which backs up a whole linux installation doing incremental backups using rsync
# Check for root priviliges
if [[ $EUID -ne 0 ]]; then
printf "Please run as root:\nsudo %s\n" "${0}"
exit 1
fi
set -o errexit
@maurerle
maurerle / setup.sh
Last active May 21, 2025 05:57 — forked from giannello/setup.sh
Install fprintd-tod with support for Broadcom readers on Debian testing
#!/usr/bin/env sh
####################################################################
### ____ _____ ____ ___ _ _ _ ___ _ _ _ __ __ ###
### | _ \| ____| __ )_ _| / \ | \ | | / _ \| \ | | | \ \ / / ###
### | | | | _| | _ \| | / _ \ | \| | | | | | \| | | \ V / ###
### | |_| | |___| |_) | | / ___ \| |\ | | |_| | |\ | |___| | ###
### |____/|_____|____/___/_/ \_\_| \_| \___/|_| \_|_____|_| ###
####################################################################
####### _ _ ___ _ _ ____ _ _ _ _ _____ _ _ ########
@maurerle
maurerle / update-bat-hosts.lua
Last active August 24, 2024 00:20
update-bat-hosts - get the list of neighbours from the meshviewer to see in batctlcd
#!/usr/bin/lua
-- SPDX-FileCopyrightText: Florian Maurer
-- SPDX-License-Identifier: MIT
local jsonc = require("jsonc")
local function truncate_hostname(hostname, max_length)
-- If the hostname is already within the maximum length, return it as is
if #hostname <= max_length then
return hostname