A collection of automation scripts for system administration and DevOps tasks. Each script addresses a specific workflow—from LUKS password management to Cloudflare configuration and OpenShift image mirroring.
This README provides an overview of each file included in this repository.
Add a new LUKS passphrase to all encrypted block devices on the system.
Prerequisites: cryptsetup, expect, and lsblk.
Usage:
add_luks_key.sh [--old <existing-password>] [--new <new-password>] [--debug]Lightweight TCP port connectivity checker with retries.
Prerequisites: Bash with /dev/tcp support and GNU timeout.
Usage:
checkport [ -h|--help ] HOST PORTDetect and mount the first USB storage device on /mnt.
Prerequisites: Root privileges and udevadm, lsblk.
Usage:
./mount -external.shWrapper around oc-mirror to automatically retry on failure and log output.
Prerequisites: OpenShift oc-mirror binary, Bash.
Usage:
oc-mirror-wrapper.sh -c <config-file> -d <destination-dir> [-l <log-dir>] [--ocpath /path/to/oc-mirror] [--debug]Export images listed in a mapping file, save them as Docker archives, and generate
an ImageContentSourcePolicy for offline OpenShift installations.
Prerequisites: Python 3, skopeo, pyyaml.
Usage:
openshift_offline_mirror.py -f <mapping-file> [--authfile <docker-authfile>]Mount and unmount ISO images on Dell iDRAC-managed hosts via racadm.
Prerequisites: racadm tool, Bash.
Usage:
# Single host
racadm-disk-mounting.sh -h <host> -u <user> -p <password> -f <iso-path> [--debug]
# Multiple hosts
racadm-disk-mounting.sh -i hosts.txt -u <user> -p <password> -f <iso-path> [--debug] [--restart-hosts]Expect script to remotely send a LUKS passphrase to a host during boot via Dropbear SSH.
Prerequisites: expect, SSH access to target host.
Usage:
remoteluksunlock.sh <host> <port> <luks-passphrase>Generate a SaltStack Pillar users.yml file by scanning /home directories
and collecting SSH public keys and user IDs from /etc/passwd.
Prerequisites: Python 2.7, pyyaml.
Usage:
./salt_users_gen.pyCheck SSL certificate expiry for a list of domains and report remaining days.
Prerequisites: OpenSSL, GNU timeout.
Usage:
ssl_cert_check.sh -f <input-file> [-o <output-file>]Validate that a private key matches its certificate and verify the certificate chain against a root CA and optional intermediates.
Prerequisites: OpenSSL.
Usage:
validate_cert_chain.sh <key-file> <cert-file> <root-ca-file> [<intermediate-cert-file>]Archive and upload Kismet wardrive output to the Wigle API.
Prerequisites: curl, Kismet, appropriate API credentials.
Usage:
wigle_scanner_upload.shEnable or disable HTTP/3, 0-RTT, and Enhanced HTTP/2 Edge Prioritization settings for all Cloudflare zones.
Prerequisites: curl, jq, CF_TOKEN environment variable.
Usage:
HTTP3_ENABLED=<TRUE|FALSE> ZERO_RTT_ENABLED=<TRUE|FALSE> H2_PRIORITIZATION_ENABLED=<TRUE|FALSE> CF_TOKEN=<token> cloudflare/cf_zone_setting_enable.shRetrieve the zone ID and A record IP address for a given subdomain.
Prerequisites: curl, jq, CF_TOKEN, DOMAIN, and SUBDOMAIN environment variables.
Usage:
cf_record_check.shCheck enabled HTTP/3, 0-RTT, and Enhanced HTTP/2 settings for all accessible Cloudflare zones.
Prerequisites: curl, jq, CF_TOKEN environment variable.
Usage:
cloudflare/cf_config_check.shQuery custom TLS cipher settings for a specific Cloudflare zone.
Prerequisites: curl, jq, CF_TOKEN, and DOMAIN environment variables.
Usage:
cf_cipher_check.shThis project is licensed under the MIT License. See LICENSE for details.