Skip to content

Instantly share code, notes, and snippets.

View rayit's full-sized avatar

RayIT rayit

9 followers · 17 following
View GitHub Profile
@rma92
rma92 / harden.md
Last active November 13, 2024 18:41
Unifi controller on OpenBSD using Ports

Attempt at a hardened one on OpenBSD on Vultr

  • Upload install.iso for OpenBSD to Vultr, create a new VM using the ISO. You need the ISO to create full disk encryption. Also this eliminates any potential security issues cloud-init can cause.
  • Set a full disk encryption key, set a root password that is strong, set a user that doesn't match anyone's name with a good password.
  • Start sshd by default, don't allow root logins.
  • Install the entire system to a single / partition (for disk usage reasons)

Each time the VM boots, someone will need to manually enter the encryption key at the prompt.

Initial setup: enable doas, change SSH port, pubkey auth only

Enable doas

@thaddeusc1
thaddeusc1 / initialize-Radeon-fan-tuning.service
Last active March 3, 2022 17:14
Set a static fan speed for an AMD GPU in Linux
# Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted.
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
[Unit]
Description=Configure custom tuned fan behavior for the Radeon RX 580 during OS initialization.
Documentation="https://www.kernel.org/doc/html/v5.11/gpu/amdgpu.html#gpu-power-thermal-controls-and-monitoring"
[Service]
Type=oneshot