Skip to content

Instantly share code, notes, and snippets.

View robertsinfosec's full-sized avatar

robertsinfosec robertsinfosec

9 followers · 8 following
View GitHub Profile
@robertsinfosec
robertsinfosec / compose-upgrade.sh
Last active December 5, 2025 01:41
Simple script to upgrade any Docker Compose services that use the `:latest` tag to update that service to the latest version of that container image. This could be run weekly, monthly or ad-hoc to make sure you are on the latest container image build. Consider putting this in `/usr/local/bin/` and `chmod +x compose-upgrade.sh` to mark it as exec…
#!/usr/bin/env bash
set -euo pipefail
# compose-upgrade.sh
# Usage: compose-upgrade.sh [--help] [--service-name NAME] [--service-path PATH] [--log-dir PATH]
#
# Runs: docker compose pull && docker compose up -d --remove-orphans
# Prints progress with [+]/[-] markers, logs to file, and exits nonzero on failure.
show_help() {
@robertsinfosec
robertsinfosec / service-generator.sh
Created November 5, 2025 17:14
Bash script to create a consistent Docker Compose-based service in `/opt/${ServiceName}` and be controllable by a Systemd service, via a created `service-runner` account that has limited `sudo` privilege to control the service and reboot.
#!/usr/bin/env bash
set -euo pipefail
# =========================
# service-generator.sh
# -------------------------
# Create a systemd-managed docker-compose service skeleton:
# - Unprivileged user: service-runner (home: /opt/${ServiceName})
# - Adds service-runner to docker group
# - Systemd unit: /etc/systemd/system/${ServiceName}.service
@robertsinfosec
robertsinfosec / Install-LlmClis.ps1
Last active October 29, 2025 06:19
Add LLM CLI's via PowerShell. This first installs the Node Version Manager (NVM), then installs the latest NodeJS. Then, this installs: Google Gemini CLI, Anthropic Claude CLI, GitHub Copilot CLI, OpenCode (for running against Ollama), and OpenAI's Codex CLI.
# Install-LlmClis.ps1
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'
# --- 0) Require Administrator ---
$IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()
).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
if (-not $IsAdmin) { throw "This script must be run from an Administrator PowerShell." }
# --- 1) Ensure winget ---
@robertsinfosec
robertsinfosec / install-llm-clis.sh
Last active October 29, 2025 06:07
Add LLM CLI's via bash. This first installs the Node Version Manager (NVM), then installs the latest NodeJS. Then, this installs: Google Gemini CLI, Anthropic Claude CLI, GitHub Copilot CLI, OpenCode (for running against Ollama), and OpenAI's Codex CLI.
#!/usr/bin/env bash
set -euo pipefail
# --- prereqs ---
sudo apt-get update -y
sudo apt-get install -y --no-install-recommends ca-certificates curl git build-essential unzip
mkdir -p "$HOME/.local/bin"
grep -q 'export PATH="$HOME/.local/bin:$PATH"' "$HOME/.bashrc" \
|| echo 'export PATH="$HOME/.local/bin:$PATH"' >> "$HOME/.bashrc"
@robertsinfosec
robertsinfosec / move-user-uid.sh
Last active September 7, 2025 18:42
When you want to carefully and safely move the `UID`/`GID` of a user in Linux. This needs to be run as a `root`, directly. You can't log in as `sysadmin`, then do `sudo -s` and run this against `sysadmin`, it will give an error.
#!/usr/bin/env bash
# move-user-uid.sh — Safely move a user to a new UID/GID and fix file ownerships.
# Usage: ./move-user-uid.sh <username> <new-uid> <new-gid> [--force]
# Example: ./move-user-uid.sh operations 2000 2000 --force
set -euo pipefail
# ── Colors ─────────────────────────────────────────────────────────────────────
Black='\033[0;30m'
DarkGray='\033[1;30m'
@robertsinfosec
robertsinfosec / all-jails.sh
Created May 10, 2025 19:51
Shows details of all active Fail2Ban jails on the current system.
#!/bin/bash
JAILS=$(fail2ban-client status | grep "Jail list" | sed -E 's/^[^:]+:[ \t]+//' | sed 's/,//g')
INDEX=1
for JAIL in $JAILS
do
echo ""
echo -n "${INDEX}) "
fail2ban-client status $JAIL
((INDEX++))
@robertsinfosec
robertsinfosec / README.md
Created February 8, 2025 20:32

Overview

When you reboot a remote machine with sudo reboot now for example, some machines come back up within :20 seconds. Others, it might take a minute or two. Well, instead of hitting up arrow, Enter and seeing:

ssh: connect to host server.example.com port 22: Connection timed out

Instead of using ssh user@host, this function is sshw user@host, as-in "SSH Wait". You'll see a message like this:

@robertsinfosec
robertsinfosec / supabase-selfhost.sh
Created January 27, 2025 07:54
Script to easily set up an instance of Supabase with a Reverse Proxy and FQDN.
#!/bin/bash
# Supabase Setup Script
# This script sets up a fresh machine with Supabase by asking configuration questions.
# This script will perform the following actions:
# 1. Install Docker and Docker Compose.
# 2. Create an unprivileged 'supabase' user with appropriate permissions.
# 3. Clone the Supabase repository into /opt/supabase/.
# 4. Configure environment variables with provided values.
@robertsinfosec
robertsinfosec / LOGIN.COM
Last active January 19, 2025 03:52
A default `LOGIN.COM` to start with when working with OpenVMS
$ LS :== "DIR"
$ LL :== "DIR/SIZE/DATE/OWNER"
$!
$ CD :== "SET DEFAULT"
$ DEFINE/PROCESS "~" SYS$LOGIN
$!
$ ADD_LOG_TO_FILE_OPERATIONS:
$!
$ BAC*KUP :=="BACKUP/LOG"
$ COPY :=="COPY/LOG"
@robertsinfosec
robertsinfosec / ram-upgrade-check.sh
Last active November 21, 2024 02:37
For a Linux machine, attempts to see how much RAM is installed and what kind, and determine what the maximum number of sticks and amount of RAM the current machine can support. If you want to run this on-the-fly and trust this source, from your Linux machine you can run: `curl -L https://tinyurl.com/ram-upgrade-check/raw | bash`
#!/bin/bash
# Script to determine maximum supported RAM, current RAM configuration,
# and specifications for upgrading RAM to maximum capacity.
set -euo pipefail
# Define color codes
RED='\033[0;31m'
GREEN='\033[0;32m'