Skip to content

Instantly share code, notes, and snippets.

View TheHarold's full-sized avatar

TheHarold

23 followers · 55 following
View GitHub Profile
@TheHarold
TheHarold / cloudflare_dns_analytics.md
Created May 18, 2025 06:55

Key Points

  • It seems likely that Cloudflare's standard tools cannot directly identify unused DNS records over 12 months due to data retention limits.
  • Research suggests using Cloudflare's DNS analytics for recent data (up to 62 days for Enterprise) and Logpush for longer-term logging.
  • The evidence leans toward needing external log storage via Logpush for comprehensive 12-month analysis, if not already set up.

Direct Answer

Understanding Your Needs
You want to find DNS records not used in the last 12 months, and with 3500 entries, this is a significant task. Cloudflare offers tools, but there are limits based on your plan and setup.

@TheHarold
TheHarold / gist:0bf21da5e459c82f1489bfbb6c413fc4
Created May 18, 2024 07:49
### Keybase proof
I hereby claim:
* I am theharold on github.
* I am vimkp (https://keybase.io/vimkp) on keybase.
* I have a public key ASBdShiQ4Bj-8mGTFhwEhm0X9WSlKSWV9xC-dEbCrVQHAwo
To claim this, I am signing this object:
@TheHarold
TheHarold / useful_proxmox.md
Last active February 9, 2024 20:33
useful_proxmox.md

The below are the commands you can run on a new proxmox setup

sed -i 's/^/#/' /etc/apt/sources.list.d/pve-enterprise.list
sed -i 's/.data.status.toLowerCase() !== '\''active'\''/.data.status.toLowerCase() == '\''active'\''/g' /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
sed -i.backup -z "s/res === null || res === undefined || \!res || res\n\t\t\t.data.status.toLowerCase() \!== 'active'/false/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js && systemctl restart pveproxy.service
@TheHarold
TheHarold / Shutdown proxmox after 30 mins of being idle.md
Last active June 24, 2023 20:21
Shutdown proxmox after 30 mins of being idle

Background
I've a home lab running Proxmox and I often forget to shut the host, wasting power even when there's no containers or virtual machines running. This script is setup on cron to run every 5 mins, it checks, if there are no containers & Virtual machines running then it will shut down the host in 30 mins or 1800 sec.

#! /bin/bash

if [[ $(/usr/sbin/pct list | /usr/bin/grep -i running | /usr/bin/wc -l) == 0 && $(/usr/sbin/qm list | /usr/bin/grep running | /usr/bin/wc -l) == 0 ]]; then
    /usr/bin/sleep 1800
	if [[ $(/usr/sbin/pct list | /usr/bin/grep -i running | /usr/bin/wc -l) == 0 && $(/usr/sbin/qm list | /usr/bin/grep running | /usr/bin/wc -l) == 0 ]]; then
@TheHarold
TheHarold / Password protect GRUB Menu editing only without forcing to enter credentials to load bootloader menu items.md
Created December 14, 2022 15:44
Password protect GRUB Menu editing only, without forcing to enter credentials to load bootloader menu items

Background
The requirement was to secure the bootloader without needing to share the credentials with the end user to be able to boot into the operating system.

Securing Bootloader is required to

i. Preventing Access to Single User Mode — If attackers can boot the system into single user mode, they are logged in automatically as root without being prompted for the root password.

ii. Preventing Access to the GRUB Console — If the machine uses GRUB as its boot loader, an attacker can use the use the GRUB editor interface to change its configuration or to gather information using the cat command.

iii Preventing Access to Non-Secure Operating Systems — If it is a dual-boot system, an attacker can select at boot time an operating system, such as DOS, which ignores access controls and file permissions.

@TheHarold
TheHarold / Configure TPM2 to automatically unlock LUKS encrypted drive during boot on Ubuntu Server.md
Created December 11, 2022 22:17
Configure TPM2 to automatically unlock LUKS encrypted drive during boot on Ubuntu Server

This is a step by step document to help you setup unlocking LUKS partition with Clevis. However, Arch Linux Wiki details the built in support for unlocking LUCS without requiring Clevis but the steps are not entirely cleaar.

Step 1: Install Clevis packages and refresh the TPM permissions

$ sudo -i
# apt install clevis clevis-tpm2 clevis-luks clevis-udisks2 clevis-systemd clevis-initramfs -y
# udevadm trigger
@TheHarold
TheHarold / gist:c362153d06d0039e19d971d217aa4bbc
Created December 11, 2022 19:10
Python3 program to print all li (HTML List items element) tag values for a supplied website
# Python3 program to print all li tag values for a supplied website
import requests
import argparse
from bs4 import BeautifulSoup
print(help)
parser = argparse.ArgumentParser(description='This is a program to print all li tags')
parser.add_argument("-url", help="enter the URL you want to parse. eg. https://www.mirraw.com/")
@TheHarold
TheHarold / gist:7b87c1170e97fb5cbefdfdc55faa925e
Last active March 24, 2025 16:53
Configure TPM2 to automatically unlock LUKS encrypted drive during boot on Ubuntu Server
This is a step by step document to help you setup unlocking LUKS partition with Clevis. However, Arch Linux Wiki details the built in support for unlocking LUCS without requiring Clevis but the steps are not entirely cleaar.
Step 1: Install Clevis packages and refresh the TPM permissions
```
$ sudo -i
# apt install clevis clevis-tpm2 clevis-luks clevis-udisks2 clevis-systemd clevis-initramfs -y
# udevadm trigger
```
@TheHarold
TheHarold / How To Sign Your Commits On GitHub With GPG.md
Last active November 30, 2022 21:00

TL;DR

This post details how to set-up GPG to sign your commits/tags, as well as adding your GPG public keys to your GitHub account.

The Story

In this blog post, I will detail how you can set-up their system such that they can use a GPG key to sign their git commits/tags and why you need to.

Judging from the title of this post you are probably wondering, why should I even sign my commits or what is GPG and what difference does this make. You would also probably be like, I have been pushing code to GitHub for ages and why do I need to sign my commits now...

@TheHarold
TheHarold / How To Sign Your Commits On GitHub With GPG
Last active November 30, 2022 21:01
https://dev.to/mmphego/how-to-sign-your-commits-on-github-with-gpg-37nj
TL;DR
This post details how to set-up GPG to sign your commits/tags, as well as adding your GPG public keys to your GitHub account.
The Story
In this blog post, I will detail how you can set-up their system such that they can use a GPG key to sign their git commits/tags and why you need to.
Judging from the title of this post you are probably wondering, why should I even sign my commits or what is GPG and what difference does this make. You would also probably be like, I have been pushing code to GitHub for ages and why do I need to sign my commits now...