Skip to content

Instantly share code, notes, and snippets.

View tonidy's full-sized avatar

toni dy tonidy

75 followers · 130 following
View GitHub Profile
@tonidy
tonidy / github-actions-ip-list.txt
Created September 17, 2025 12:20
"actions": [
"4.148.0.0/16",
"4.149.0.0/18",
"4.149.64.0/19",
"4.149.96.0/19",
"4.149.128.0/17",
"4.150.0.0/18",
"4.150.64.0/18",
"4.150.128.0/18",
"4.150.192.0/19",
@tonidy
tonidy / nginx-configmap.yml
Created September 13, 2025 07:12
NGINX + index.html custom + Service + HTTPRoute
# 1) Buat NGINX + index.html custom + Service + HTTPRoute
cat <<'EOF' | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-index
namespace: default
data:
index.html: |
<!doctype html>
@tonidy
tonidy / scan-vuln.sh
Last active September 9, 2025 09:20
Script to Check Vulnerable Packages
#!/usr/bin/env bash
set -euo pipefail
# Story: https://jdstaerk.substack.com/p/we-just-found-malicious-code-in-the
# Enhanced from:
# https://github.com/AndrewMohawk/RandomScripts/blob/main/scan_for_deps_qix-2025-08-09.sh
# ===== Vulnerable package list =====
VULNS="[email protected]
[email protected]
@tonidy
tonidy / gist:365c2b0af6dbff3eb590ba5a60dff34e
Created August 25, 2025 13:22
lab playground
This is a sandbox environment. Using personal credentials
is HIGHLY! discouraged. Any consequences of doing so, are
completely the user's responsibilites.
You can bootstrap a cluster as follows:
1. Initializes cluster master node:
kubeadm init --apiserver-advertise-address $(hostname -i) --pod-network-cidr 10.5.0.0/16
@tonidy
tonidy / trim-services.sh
Created August 9, 2025 23:45
Trim Ubuntu 24 Services
#!/usr/bin/env bash
set -euo pipefail
# ===================== O P S I =====================
PURGE_SNAPD=${PURGE_SNAPD:-true} # purge snapd agar legah
DISABLE_RSYSLOG=${DISABLE_RSYSLOG:-true} # true: matikan & purge rsyslog → pakai journald saja
DISABLE_POLKIT=${DISABLE_POLKIT:-true} # true: matikan polkit (jarang perlu di server CLI)
DISABLE_SERIAL_GETTY=${DISABLE_SERIAL_GETTY:-false} # true: matikan serial-getty@ttyS0 (opsional)
DISABLE_MULTIPATH=${DISABLE_MULTIPATH:-true} # true: matikan multipathd (umumnya tak perlu di VM sederhana)
@tonidy
tonidy / trim-services.sh
Created August 9, 2025 23:45
Trim Ubuntu 24 Services
#!/usr/bin/env bash
set -euo pipefail
# ===================== O P S I =====================
PURGE_SNAPD=${PURGE_SNAPD:-true} # purge snapd agar legah
DISABLE_RSYSLOG=${DISABLE_RSYSLOG:-true} # true: matikan & purge rsyslog → pakai journald saja
DISABLE_POLKIT=${DISABLE_POLKIT:-true} # true: matikan polkit (jarang perlu di server CLI)
DISABLE_SERIAL_GETTY=${DISABLE_SERIAL_GETTY:-false} # true: matikan serial-getty@ttyS0 (opsional)
DISABLE_MULTIPATH=${DISABLE_MULTIPATH:-true} # true: matikan multipathd (umumnya tak perlu di VM sederhana)
@tonidy
tonidy / history.md
Created July 9, 2025 01:26
History PA - Simple Password Manager

Berawal dari ngulik MCP dan ketemu JSON ini:

{
  "mcpServers": {
    "mcp-web": {
      "command": "node",
      "args": [
        "/Users/asep/dist/mcp/index.js"
 ],
@tonidy
tonidy / gist:055ceb4ea9dfff36f7e177a366657a1c
Created April 14, 2025 04:19
Invoices
┌────┬──────┬─────────┬──────────┬────────┬──────────┬─────────────────────────────┐
│ │ id │ user_id │ order_id │ status │ due_date │ created_at │
├────┼──────┼─────────┼──────────┼────────┼──────────┼─────────────────────────────┤
│ 0 │ 442 │ 198 │ 274 │ paid │ null │ 2025-01-06T04:37:13.000000Z │
│ 1 │ 447 │ 198 │ 274 │ paid │ null │ 2025-01-06T17:00:03.000000Z │
│ 2 │ 481 │ 198 │ 274 │ paid │ null │ 2025-01-13T17:00:03.000000Z │
│ 3 │ 489 │ 198 │ 281 │ paid │ null │ 2025-01-17T07:09:43.000000Z │
│ 4 │ 512 │ 198 │ 274 │ paid │ null │ 2025-01-20T17:00:03.000000Z │
│ 5 │ 572 │ 198 │ 274 │ paid │ null │ 2025-01-27T17:00:03.000000Z │
│ 6 │ 599 │ 198 │ 274 │ paid │ null │ 2025-02-03T17:00:03.000000Z │
@tonidy
tonidy / k0s.sh
Created February 18, 2025 15:15
k0s
#!/bin/sh set -e if [ -n "${DEBUG}" ]; then set -x fi _k0s_latest() { curl -sSLf "https://docs.k0sproject.io/stable.txt" } _detect_binary() { os="$(uname)" case "$os" in Linux) echo "k0s" ;; *) echo "Unsupported operating system: $os" 1>&2; return 1 ;; esac unset os } _detect_arch() { arch="$(uname -m)" case "$arch" in amd64|x86_64) echo "amd64" ;; arm64|aarch64) echo "arm64" ;; armv7l|armv8l|arm) echo "arm" ;; *) echo "Unsupported processor architecture: $arch" 1>&2; return 1 ;; esac unset arch } _download_url() { echo "https://github.com/k0sproject/k0s/releases/download/$K0S_VERSION/$k0sBinary-$K0S_VERSION-$k0sArch" } main() { if [ -z "${K0S_VERSION}" ]; then K0S_VERSION=$(_k0s_latest) fi k0sInstallPath=/usr/local/bin k0sBinary="$(_detect_binary)" k0sArch="$(_detect_arch)" k0sDownloadUrl="$(_download_url)" mkdir -p -- "$k0sInstallPath" echo "Downloading k0s from URL: $k0sDownloadUrl" curl -sSLf "$k0sDownloadUrl" >"$k0sInstallPath/$k0sBinary" chmod 755 -- "$k0sInstallPath/$k0sBinary" echo "k0s is now executa
@tonidy
tonidy / docker-compose.yml
Last active February 18, 2025 14:15
Playit Docker Compose Service
services:
playit:
image: ghcr.io/playit-cloud/playit-agent:0.15
network_mode: host
restart: always
environment:
- SECRET_KEY=abcde