Script

Docker Compose: simple firewall using Bash and labels

It has been a long time since I wanted to control connections from/to Docker containers but I could never find a simple enough solutions. We can control reverse proxy settings (Traefik) using labels but we can’t apply iptables rules with them? Nonsense. If you add to this that every container lives in a namespace, and namespaces can have their iptables rules, you have there an easy solution. So I wrote a Bash script that listen to Docker events. It filters on container starts which have the label firewall.enable=true, so it does not wake up often. ...

July 5, 2024 · 1 min

Active Directory export script to import into SME Server

I had to migrate users from an Active Directory/Exchange combo to a SME server for temporary disaster recovery event. Here’s the script I wrote to create the export and recreate the users and their aliases in the SME server. The export was done before the disaster of course :) #!/bin/bash #ldapsearch -x -b "dc=customer,dc=com" -h 1.2.3.4 -D "domain\user" -W "(objectclass=user)" > activedirectory.ldiff File="activedirectory.ldiff" #reset files content echo > sme.users echo > sme.aliases cat "$File" | while read line do #concatenate new line to existing info UserInfo="$UserInfo $line" #treat all info if user is finished if $(echo -e "$line" | grep -q '^$') then echo User info finished #treat only users with mail address if $(echo "$UserInfo" | grep -q '^mail:') then #recover data UserName=$(echo "$UserInfo" | grep '^sAMAccountName:' | sed -e 's/sAMAccountName: //' | tr '\[A-Z\]' '\[a-z\]') UserFirstName=$(echo "$UserInfo" | grep '^givenName:' | sed -e 's/givenName: //') UserLastName=$(echo "$UserInfo" | grep '^sn:' | sed -e 's/sn: //') UserMail=$(echo "$UserInfo" | grep '^mail:' | awk '{print $2}' | tr '\[A-Z\]' '\[a-z\]') UserMailAliases=$(echo "$UserInfo" | grep '^proxyAddresses: smtp:' | sed -e 's/^proxyAddresses: smtp:\(.\*\)@.\*$/\1/' | sort -u | grep -vi "^${UserName}$" | tr '\n' '|' | tr '\[A-Z\]' '\[a-z\]') Tmp=$(dd if=/dev/urandom | tr -dc \_A-Z-a-z-0-9 | head -c 4) UserPassword=$(echo "${UserName}${Tmp}" | tr '\[A-Z\]' '\[a-z\]') #print user info echo "$UserName |$UserFirstName |$UserLastName |$UserPassword" >> sme.users #print aliases if any if \[ $(echo "$UserMailAliases" | wc -c) -gt 2 \] then echo "$UserName |$UserMailAliases" | sed -e 's/^\(.\*\)|$/\1/' >> sme.aliases fi #cleanup some shit unset UserName unset UserFirstName unset UserLastName unset UserMail unset UserMailAliases unset Tmp unset UserPassword fi unset UserInfo fi done You can then import all the users and their aliases with the following commands: ...

March 9, 2014 · 2 min