witch/labs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
michelle@shelltr.me
2025-06-07 14:04:07 -07:00
parent b0fb135499
commit ef2a6b31ad
19 changed files with 332 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.gitignore vendored Normal file
View File

@ -0,0 +1,13 @@
.env
terraform/
# Byte-compiled Python files
__pycache__/
*.py[cod]
# Local config / secrets
.env
config.yaml
secrets.json
# Editor & OS files
*.swp
.DS_Store

5
.pre-commit-config.yaml Normal file
View File

@ -0,0 +1,5 @@
repos:
- repo: https://github.com/gitleaks/gitleaks
rev: v8.27.0
hooks:
- id: gitleaks

50
labs.sh Executable file
View File

@ -0,0 +1,50 @@
#!/bin/bash
# Define image name
IMAGE_NAME="pandoc-report-generator"
PDF_MAKE_DIR="./pdf_make" # Path to your Dockerfile and generate_reports.sh
LABS_DIR="./labs" # Path to your labs directory
echo "--- Debug Info ---"
echo "Current Working Directory: $(pwd)"
echo "Image Name (variable): '$IMAGE_NAME'"
echo "PDF Make Directory (variable): '$PDF_MAKE_DIR'"
echo "Labs Directory (variable): '$LABS_DIR'"
echo "Absolute Labs Mount Path: '$(pwd)/$LABS_DIR'"
echo "--------------------"
echo "--- Building Docker image: $IMAGE_NAME ---"
# Build the Docker image from the pdf_make directory
docker build -t "$IMAGE_NAME" "$PDF_MAKE_DIR"
BUILD_STATUS=$?
echo "Build command exited with status: $BUILD_STATUS"
if [ $BUILD_STATUS -ne 0 ]; then
echo "ERROR: Docker image build failed. Exiting."
exit 1
fi
echo "--- Running report generation inside Docker container ---"
# This single-line docker run command is the most robust way to avoid shell parsing issues.
# It explicitly sets the entrypoint and mounts the /labs directory.
docker run --rm --entrypoint /bin/sh -v "$(pwd)/$LABS_DIR:/labs" "$IMAGE_NAME" /app/generate_reports.sh
RUN_STATUS=$?
echo "Run command exited with status: $RUN_STATUS"
if [ $RUN_STATUS -ne 0 ]; then
echo "ERROR: Report generation failed inside Docker container."
exit 1
fi
echo "--- All operations completed successfully. ---"
# --- New Step: Verify Output on Host ---
echo "--- Verifying generated PDFs on host ---"
find "$LABS_DIR" -type f -name "LAB-REPORT.pdf"
if [ $? -eq 0 ]; then
echo "PDFs should now be available in your '$LABS_DIR' directory."
else
echo "No PDFs found or an error occurred during verification."
fi

1
labs/0. reading/README.md Normal file
View File

@ -0,0 +1 @@
- [ ] [Debugging Zine](https://jvns.ca/debugging-zine.pdf)

151
labs/lab-1/LAB-REPORT.md Normal file
View File

@ -0,0 +1,151 @@
# Lab 1
## Tasks
- [x] 1. **Connect**
```
I ran the commands from VirtualBox
```
- [x] 2. **Explore**
```
I ran the sample commands
```
- [x] 3. **Play**
- [x] grep
```sh
vboxuser@ubel:~/lab-1$ vim extra/folders/example.txt
vboxuser@ubel:~/lab-1$ grep -i "Error" syslog
this is an error i am an error!
yeah I am another error!
vboxuser@ubel:~/lab-1$ grep -ir "Error" syslog
this is an error i am an error!
yeah I am another error!
vboxuser@ubel:~/lab-1$ ls
extra syslog
vboxuser@ubel:~/lab-1$ ls
extra syslog
vboxuser@ubel:~/lab-1$ grep -r "error" syslog
this is an error i am an error!
yeah I am another error!
vboxuser@ubel:~/lab-1$ ls
extra syslog
vboxuser@ubel:~/lab-1$ cat extra/folders/example.txt
error I am a file
hello world
i am not an
but this is an error!
vboxuser@ubel:~/lab-1$ grep -r "error" .
./extra/folders/example.txt:error I am a file
./extra/folders/example.txt:but this is an error!
./syslog:this is an error i am an error!
./syslog:yeah I am another error!
vboxuser@ubel:~/lab-1$ grep -rc "error" .
./extra/folders/example.txt:2
./syslog:2
vboxuser@ubel:~/lab-1$ grep -ra "error" .
./extra/folders/example.txt:error I am a file
./extra/folders/example.txt:but this is an error!
./syslog:this is an error i am an error!
./syslog:yeah I am another error!
vboxuser@ubel:~/lab-1$ grep -rb "error" .
./extra/folders/example.txt:0:error I am a file
./extra/folders/example.txt:48:but this is an error!
./syslog:0:this is an error i am an error!
./syslog:47:yeah I am another error!
```
- [x] tail
Displays the end of the file -- if you add -f (for follow),
you can display the contents indefinitely. It is fun to snoop
on bots who are trying to log into my server, and this command is useful
for that.
```sh
sudo tail -f /var/log/auth.log
```
- [x] man
Better than Google when you have no internet connection
or access to chatGPT. Holds an exhaustive (I assume) list of
available commands.
```sh
man grep
man man
```
- [x] history
Shows command history. I would usually use zsh and, if I needed to run a
command, I would just press the "up" arrow. That is very tedious if
I need to run something that I did > 5 commands ago. This is very useful
if I needed to run an obscure command. Or maybe to just figure out what I did.
```sh
history
history | grep "tail"
man history
```
- [x] df
Never used this command before. I randomly decided to check this on both MacOS
(my computer is always running out of space for some reason or other)
as well as on one of my linux boxes.
There are a lot of differences. Feels like more similarities than differences,
but a lot of the important columns are the same. It's also a good command
for keeping an eye on the mounted volumes on my linux box.
Also, since the two commands are so different, I don't think I'll ever be able
to remember them!
Stands for "disk free".
```sh (on Mac)
df (display free disk space)
df -h
```
```sh (on VM Ubuntu)
df (report file system space usage)
df -h
```
- [x] du
Displays file usage. Should use this to investigate where all the space
on my local Mac is going.
```sh
man du
du -hS
du -s * | sort -nr > $HOME/user_space_report.txt
```
- [x] ps
Showed me a list of running processes. By default it only shows you
the processes that were started/were run personally by you on a terminal.
Also: the man for `ps` under the Ubuntu box mentioned you can use
UNIX (?), BSD (default for mac os?), and GNU (what I assume are the usual default commands) options for ps, provided you use the flags in a specific way.
Once in a blue moon I have to use pkill some orphaned program, and without fail
I have to google how to every time. Maybe I can just use the pids from here instead?
```sh (on Mac)
man ps
ps -A
```
```sh (on Linux)
man ps
```
- [x] top
Looks similar to ps, but you get a whole dashboard. I could
see how you could use this to monitor programs. This is the
text version of what I'd use the activity monitor for.
```sh
top
```
- [x] htop
Top, but **fancier**! It's keyboard navigable AND mouse navigable,
and comes with a bunch of colors out of the box. Very cool!
```sh
htop
```
- [x] exit
Exits you out of the current terminal session.
extra reading
- [x] [The Linux Command Line](http://linuxcommand.org/tlcl.php)
WIP still reading this
- [x] [Grep mini-zine](https://wizardzines.com/comics/grep/)
- [x] [reddit thread: bsd v gnu](https://old.reddit.com/r/linuxquestions/comments/vzmfye/differences_between_bsd_and_gnu_utilities/)
* Most of this goes completely over my head. But this was interesting to look at.

BIN
labs/lab-1/LAB-REPORT.pdf Normal file
View File

Binary file not shown.

BIN
labs/lab-1/Lab 1 - First Linux VM.pdf Normal file
View File

Binary file not shown.

BIN
labs/lab-1/✅ Checklist #1- AWS Free Tier Account Setup.pdf Normal file
View File

Binary file not shown.

50
labs/lab-2/LAB-REPORT.md Normal file
View File

@ -0,0 +1,50 @@
# Lab 2
## Tasks
- [x] 1. Define Security Groups
From [here](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html).
Security groups control inbound & outbound networking traffic
to your resource (in this case AWS EC2). The properties you can
restrict by for each security group rule are destination,
port range, & protocol. Security-wise it's best if a resource is
completely locked down (no inbound/outbound traffic allowed at all),
but since we live in the real world there are a lot of network rules
to consider in order to allow your projects to do real work.
- [x] 2. Discover your public ip
* Recorded
- [x] 3. Create a security group
- [x] 4. Attach to ec2
- [x] 5. Verify access
- [x] 6. Terraform import
```tf
**main.tf**
import {
id = /instance-id/
to = aws_instances.my_first_linux
}
```
```sh
terraform init
terraform plan -generate-config-out=generated.tf
# manually fixed the generated.tf file
terraform apply
```
## Reflection
![image](./lab-2.jpg)
I built a security group for my newly created ec2 instance (my-first-linux)
and updated the ec2 so that it only used the newly created security group.
This security group's only networking rule is to allow SSH connections
coming from my home's IP address.
Challenges: I glanced over the AWS CLI -- I've used it maybe a handful
of times in my life (as a dev), and it's always made me a wee bit nervous.
I didn't attempt the CLI commands and instead used terraform to import
the whole setup. This way I can store the current state of the resources
on a git repo. This is helpful to me to remember what I just did.
(At this point I've already had some experience with terraform so
I'm somewhat confident about using it to deploy/tear down resources.)
## Meta
* ~/Downloads/labs/aws.txt

BIN
labs/lab-2/LAB-REPORT.pdf Normal file
View File

Binary file not shown.

BIN
labs/lab-2/Lab 2 - Security Groups-2.pdf Normal file
View File

Binary file not shown.

BIN
labs/lab-2/lab-2.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 257 KiB

12
labs/lab-3/LAB-REPORT.md Normal file
View File

@ -0,0 +1,12 @@
# Lab 3
## Prep
- [x] Gitea set up
- [x] MFA set up
- [x] Add git ignore
- [x] Secrets/Token Management
- [x] Consider secret-scanning
- [x] Added git-leaks on pre-commit hook
- [x] Create & Connect to a Git*** reposiotry
- [x] https://git.dropbear-minnow.ts.net/
- [ ] Modify and make a second commit

BIN
labs/lab-3/Preparation for Lab 3.pdf Normal file
View File

Binary file not shown.

1
labs/lab-3/README.md Normal file
View File

@ -0,0 +1 @@
# My First Repo

2
labs/lab-3/hello.py Normal file
View File

@ -0,0 +1,2 @@
print('Hello, world!')

0
mise.toml Normal file
View File

8
pdf_make/Dockerfile Normal file
View File

@ -0,0 +1,8 @@
# pdf_make/Dockerfile
FROM pandoc/latex:2.19
WORKDIR /app
# IMPORTANT: Copy your script into the container
COPY generate_reports.sh /app/generate_reports.sh
RUN chmod +x /app/generate_reports.sh

39
pdf_make/generate_reports.sh Executable file
View File

@ -0,0 +1,39 @@
#!/bin/bash
echo "Starting report generation..."
# Navigate to the /labs directory within the container
# This is crucial because we're mounting the host's /labs into the container's /labs
cd /labs || { echo "Error: /labs directory not found in container. Exiting."; exit 1; }
# Find all directories prefixed with "lab-"
find . -maxdepth 1 -type d -name "lab-*" | while read lab_dir; do
echo "Processing directory: $lab_dir"
markdown_file="$lab_dir/LAB-REPORT.md"
pdf_file="$lab_dir/LAB-REPORT.pdf"
# Check if LAB-REPORT.md exists
if [ -f "$markdown_file" ]; then
echo "Found $markdown_file"
# Check if LAB-REPORT.pdf does not exist
if [ ! -f "$pdf_file" ]; then
echo "LAB-REPORT.pdf not found. Generating PDF from markdown..."
# Generate PDF using pandoc
# Make sure 'pandoc' command is available in the image, which it is for pandoc/latex
image_dir="$lab_dir"
pandoc "$markdown_file" -s -o "$pdf_file" --pdf-engine=pdflatex --resource-path "$image_dir"
if [ $? -eq 0 ]; then
echo "Successfully generated $pdf_file"
else
echo "Error generating $pdf_file"
fi
else
echo "LAB-REPORT.pdf already exists. Skipping generation."
fi
else
echo "LAB-REPORT.md not found in $lab_dir. Skipping."
fi
done
echo "Report generation complete."