Skip to content

Instantly share code, notes, and snippets.

View heri16's full-sized avatar

heri16 heri16

53 followers · 83 following
View GitHub Profile
@heri16
heri16 / dangerzone-macos.sh
Created July 11, 2025 18:17
#!/bin/zsh
# Install dangerzone
brew install --cask dangerzone
/Applications/Dangerzone.app/Contents/MacOS/dangerzone-cli --set-container-runtime podman
podman machine init -v "${HOME}/Library/Caches/dangerzone:${HOME}/Library/Caches/dangerzone"
podman machine start
echo '<?xml version="1.0"?><svg xmlns="http://www.w3.org/2000/svg" width="1" height="1"/>' > empty.svg
@heri16
heri16 / runsc-install.sh
Last active July 12, 2025 00:27
Setup gVisor for rootless podman on Fedora CoreOS (fcos)
#!/bin/bash
# Setup podman virtual machine with no bind mounts: `podman machine init -v ''`.
# Start podman virtual machine: `podman machine start`.
# Connect to podman machine: `podman machine ssh`.
# Install latest release of gVisor
# See: https://gvisor.dev/docs/user_guide/install/
(
set -e
ARCH=$(uname -m)
@heri16
heri16 / !README.md
Last active July 11, 2025 11:20
Setup secure sandboxed development environment on macOS with Podman and Secretive
@heri16
heri16 / ciphers.sh
Created February 5, 2025 11:19
Cloudflare Hardening Scripts to get great scores on https://www.ssllabs.com/ssltest/
#!/bin/sh
CF_API_TOKEN="redacted"
# check api token is valid
curl -X GET "https://api.cloudflare.com/client/v4/accounts/8bb6305b489fc12377ff03ffbcbadbc6/tokens/verify" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type:application/json"
# reset to defaults (includes weak ciphers)
curl --request PATCH \
@heri16
heri16 / 0-README.md
Last active April 19, 2025 08:54
Secure Number Masking for Postgres (Scrambling DB Primary Keys or sensitive data using NIST FF1 Format Preserving Encryption)

What

This is open-source code that lets you secure or mask numbers (within Postgresql DB) for use as unique IDs that are 6-digits or more.

This is what they look like:

https://example.com/order/053124
@heri16
heri16 / 0-README.md
Last active April 19, 2025 09:45
Secure Short Unique IDs (for generating Invites Codes or Promo Codes or URL slug from Postgres Database)

What

This is open-source code that lets you generate short unique identifiers from numbers (within Postgres DB). These IDs are URL-safe, can encode several numbers, and do not contain common profanity words.

This is what they look like:

https://example.com/order/FHxkSB1ai
@heri16
heri16 / CAPTIVE-PORTAL.md
Last active June 4, 2025 16:41
CAPTIVE PORTAL DETECTION Domains and URLs

Captive Portal Detection

Browsers:

captive.apple.com, www.apple.com, clients3.google.com, clients4.google.com, connectivitycheck.gstatic.com, www.gstatic.com, edge-http.microsoft.com, msftconnecttest.com, detectportal.brave-http-only.com, detectportal.firefox.com, spectrum.s3.amazonaws.com, cloudflareportal.com, cloudflarecp.com, cloudflareok.com, connectivity-check.warp-svc, connectivity.cloudflareclient.com

See:

@heri16
heri16 / 1-android-sdk.sh
Created February 7, 2024 14:13
Fdroid Quick Repository
#!/usr/bin/env zsh
curl -o commandlinetools-linux.zip https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip && unzip commandlinetools-linux.zip && rm commandlinetools-linux.zip
@heri16
heri16 / qosify-init.sh
Last active March 12, 2024 20:28
Openwrt Qosify Dual Stack script - based on https://forum.openwrt.org/t/qosify-new-package-for-dscp-marking-cake/111789/728
# Measure Bandwidth (using https://www.speedtest.net/apps/cli)
#wget https://install.speedtest.net/app/cli/ookla-speedtest-1.2.0-linux-x86_64.tgz -O /tmp/speedtest.tgz
wget https://install.speedtest.net/app/cli/ookla-speedtest-1.2.0-linux-aarch64.tgz -O /tmp/speedtest.tgz
tar -xzvf /tmp/speedtest.tgz -C /usr/sbin/
rm -f /tmp/speedtest.tgz /usr/sbin/speedtest.*
chmod +x /usr/sbin/speedtest
/etc/init.d/qosify stop
speedtest --format=tsv > /tmp/speedtest.tsv &&
BANDWIDTH_DOWN="$(($(cut -f6 /tmp/speedtest.tsv) / 125000))mbit" &&
@heri16
heri16 / erlang-macos.sh
Created July 27, 2023 19:45
Erlang for bun:ffi
# Install asdf
brew install coreutils git
git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.12.0
cat <<EOF >> ~/.zshrc
. "$HOME/.asdf/asdf.sh"
# append completions to fpath
fpath=(${ASDF_DIR}/completions $fpath)
# initialise completions with ZSH's compinit
autoload -Uz compinit && compinit
EOF