bash Archives - Python in the jungle

Setup scrot on Ubuntu

Simple trick to setup simple command to spawn screenshot utility using scrot:

$ sudo apt-get install scrot
$ sudo touch /usr/bin/sel
$ sudo chmod +x /usr/bin/sel
$ vim /usr/bin/sel

#!/bin/bash

scrot -s -e 'mv $f ~/Pictures/'

Install pulse secure linux 9 on Fedora 28

This installation is using pulse secure linux version 9 with rpm package ps-pulse-linux-9.0r1.0-b739-centos-rhel-64-bit-installer.rpm

$ sudo dnf install compat-libicu57-57.1-2.fc28.x86_64
$ sudo dnf install libgnome-keyring
$ sudo rpm -i ps-pulse-linux-9.0r1.0-b739-centos-rhel-64-bit-installer.rpm

Create vpn shortcut (optional):

$ sudo touch /usr/bin/vpn
$ sudo vim /usr/bin/vpn

Fill with this script below:

#!/bin/bash

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pulse
/usr/local/pulse/pulseUi

Make it executable:

$ sudo chmod +x /usr/bin/vpn

Now, you can just open the app with command vpn

How to check how many CPUs are there in Linux system

$ lscpu | egrep 'Model name|Socket|Thread|NUMA|CPU\(s\)'
$ cat /proc/cpuinfo

Generate CSR for Nginx server

This is how to generate the .csr file, requirement for SSL certificate.

$ openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
-----
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:domain.com
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Install SSL certificate

cat domain_com.crt > domain_chain.crt ; echo "" >> domain_chain.crt ; cat domain_com.ca-bundle >> domain_chain.crt

—–BEGIN RSA PRIVATE KEY—–
(Your Private Key: your_domain_name.key)
—–END RSA PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate: your_domain_name.crt)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Intermediate certificate: DigiCertCA.crt)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Root certificate: TrustedRoot.crt)
—–END CERTIFICATE—–

Fix identation all terraform scripts every directory

find . -type d -exec bash -c 'cd "$0" && terraform fmt' {} \;

Start forticlient VPN only with command line

If your VPN client office using forticlient, you might want to run your VPN client with only command line, so you don’t have to see the small window just for connect your servers from home. With this bash script you can run your forclient VPN client only with CLI.

Install expect first if you’re using ubuntu.

$ sudo apt-get install expect

Then copy this script below and save it. Inside the script there are some variables like username, password, host, port, that you need to fill.

#!/bin/bash

# Forticlient SSL VPN Client launching script utilizing expect.

FORTICLIENT_PATH="/your-path-to-forticlient/64bit/forticlientsslvpn_cli"

# VPN Credentials
VPN_HOST="yourVPNHost:YourPort"
VPN_USER="yourVPNUser"
VPN_PASS="enter-your-pass-here"

if [[ $EUID -ne 0 ]]; then
  echo "This script must be run as root"
  exit 1
fi

if [ -z "$FORTICLIENT_PATH" ]; then
  FORTICLIENT_PATH=`uname -r | grep -q 64 && echo $(locate forticlientsslvpn_cli | grep 64bit) || echo $(locate forticlientsslvpn_cli | grep 32bit)`
  if [ ! -f $FORTICLIENT_PATH ]; then
    echo "Tried to locate Forticlient SSL VPN Cli binary, but failed."
    echo "Specify it at variable FORTCLIENT_PATH"
    exit 1
  fi
  echo "Located Forticlient VPN Client at: $FORTICLIENT_PATH"
fi

echo "Killing previous instances of Forticlient SSL VPN client..."
killall -9 $(basename $FORTICLIENT_PATH) 2> /dev/null

cat << EOF > /tmp/expect
#!/usr/bin/expect -f
match_max 1000000
set timeout -1
spawn $FORTICLIENT_PATH --server $VPN_HOST --vpnuser $VPN_USER --keepalive
expect "Password for VPN:"
send -- "$VPN_PASS"
send -- "\r"

expect "Would you like to connect to this server? (Y/N)"
send -- "Y"
send -- "\r"

expect "Clean up..."
close
EOF

chmod 500 /tmp/expect
/usr/bin/expect -f /tmp/expect

rm -f /tmp/expect

After you saved the script, let’s try to run it with sudo mode:

$ sudo vpn.sh &

Bash script to run terraform recursively

#!/bin/bash

cd prd && ls -d */
declare -a dirs
i=1
for d in */
do
    dirs[i++]="${d%/}"
done
echo "There are ${#dirs[@]} dirs in the current path"
for((i=1;i<=${#dirs[@]};i++)) do cd "${dirs[i]}" && rm -rf .terraform \ && echo "terraform {" > backend.tf \
    && echo "backend \"consul\" {" >> backend.tf \
    && echo "}" >> backend.tf \
    && echo "}" >> backend.tf \
    && terraform get -update=true \
    && terraform init -backend=true \
    -backend-config "address=consul-ip" \
    -backend-config "path=prd/${dirs[i]}" \
    && terraform apply -auto-approve \
    && rm backend.tf \
    && cd ..
done

Setup SSH key passphrase only ask once

Sometimes it’s annoying when you’re trying to work with your project and whenever you need to enter your key passphrase. So I wanna make this passphrase prompt ask only once.

vim ~/.bash_profile

and put this at the bottom of the file :

eval $(ssh-agent)
ssh-add

Or if you don’t want to be asked for passphrase at all, you can just generate new passphrase with no password.