Weekly 'I made a useful thing' Thread - April 17, 2026

Posted by AutoModerator@reddit | sysadmin | View on Reddit | 28 comments

There is a great deal of user-generated content out there, from scripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from scripts and software to tutorials and videos.

We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!

In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.

[-]

Master-IT-All@reddit

Here's a basic script I produced to get the size of a folder, includes some switches to show the used size vs actual size so you can see the actual used space of a OneDrive folder. And a toggle to display the bytes only. Tested and used in PowerShell 5.x and 7.x.

<#
Simple Script to get the size of a folder using PowerShell.


$FolderPath (string, optional, default=".\"):
Specifies the path to the folder to operate on. Defaults to the current directory if not specified. The script will process files or folders inside this path.


$SizeOnDisk (switch, optional):
When this switch is included, the script will calculate and display the size of the folder or files as "size on disk" which accounts for actual disk usage based on cluster size, not just total bytes.


$bytesonly (switch, optional):
When used, the output or size will be displayed in raw bytes only, without converting to human-readable formats like KB, MB, or GB.


#>
[CmdletBinding()]
param (
    [Parameter(Mandatory=$false,Position=0,ValueFromPipeline=$true)]
    [string]
    $FolderPath = ".\",
    [Parameter(Mandatory=$false)]
    [switch]
    $SizeOnDisk,
    [parameter(Mandatory=$false)]
    [switch]
    $bytesonly
)


IF($SizeOnDisk){
    $bytesize = (Get-ChildItem $FolderPath -Recurse -Force -ErrorAction SilentlyContinue -File  | Where-Object {( $_.Attributes -band 4096 ) -ne 4096}  | Measure-Object -Property Length -Sum).Sum
    IF($bytesonly){
        $bytesize
    }ELSEIF($bytesize -lt 1048576){
        "{0:N2} KB" -f ( $bytesize / 1KB)
    }ELSEIF($bytesize -lt 1073741824){
        "{0:N2} MB" -f ( $bytesize / 1MB)
    }ELSE{
        "{0:N2} GB" -f ( $bytesize / 1GB)
    }
}ELSE{
    $bytesize = (Get-ChildItem $FolderPath -Recurse -Force -ErrorAction SilentlyContinue -File | Measure-Object -Property Length -Sum).Sum
    IF($bytesonly){
        $bytesize
    }ELSEIF($bytesize -lt 1048576){
        "{0:N2} KB" -f ( $bytesize / 1KB)
    }ELSEIF($bytesize -lt 1073741824){
        "{0:N2} MB" -f ( $bytesize / 1MB)
    }ELSE{
        "{0:N2} GB" -f ( $bytesize / 1GB)
    }
}

[-]

ConsciousScarcity735@reddit

para que serve este codigo?

[-]

admscope@reddit

ADMX Web Viewer - Search and browse Group Policy settings across 65+ products in one place

Hey r/sysadmin,

I couldn't find an ADMX viewer that worked the way I wanted, so I built my own - 19,000+ settings across 65+ products, searchable in seconds.

https://admscope.com - a free, browser-based ADMX viewer: Windows, Office, Chrome, Edge, Firefox, Citrix, Zoom, and many more.

Search & Filtering

- Instant search across name, description, registry path, value type, category, source file, supported OS - with exact phrase support

- Browse by category tree

- Filter by MDM/Intune support or GPO-only policies

- Help text for every search option so you don't have to guess the syntax

Policy Details & Export

- Registry paths, expected values, supported OS versions, and OMA-URI for Intune-supported policies

- Export results as JSON, CSV, or Markdown - or download an HTML report for a single policy

- Every policy has a direct URL you can share with your team

- Links to the original ADMX template downloads

Reg Builder

- Generate .reg files or PowerShell scripts for one or multiple policies at once

- Copy or download with one click

Language Support

- 80+ languages included - switch languages while staying on the same policy

Your Data Stays Local

- Bookmark policies, add your own notes, track recent history

- Export/import everything as JSON

- Nothing is stored on a server - it all lives in your browser

Interface

- Works on desktop, tablet, and phone

- Dark and light mode, adjustable columns, zoom

Feedback and suggestions are welcome.

[-]

AbelViguera06@reddit

I love it dude

[-]

admscope@reddit

thanks! :)

[-]

AviationLogic@reddit

It sounded great, until our webfilter blocked it :)

[-]

admscope@reddit

Why? What exactly is being blocked?

[-]

alexlance@reddit

I made a useful thing a few years ago and it has just continued to snowball and I want to share it.

It's called Dibs On Stuff it handles queuing and sharing via chat commands, eg "/dibs on staging"

It's for teams that have to share resources (like staging/testing servers) provided you all use Slack or Discord in your day-to-day.

It has a somewhat ridiculous set of features / customizations, a TUI, a GUI, an API, webhooks, timeouts, translations, t-shirts and more. It's not for everyone (I get a fair amount of "hrmph I could build that") but developers and testers seem to use it all day long, so it definitely has a niche. Enjoy! And just shout out if questions.

[-]

Akhillllllllllllll@reddit

I'm building a tool that generates stack-specific incident runbooks — would love feedback from people who've been on-call

Been on-call for a few years and kept running into the same problem: runbooks either don't exist, are written after the incident, or go stale in 2 months.

Building RunbookAI — you describe your stack (AKS, EKS, RDS, whatever) and it generates production-ready incident playbooks pre-loaded with SRE best practices. Stack-aware, not generic templates.

Early access waitlist is open: runbookai.in

Genuine question for anyone who's been paged at 3 AM: what's the one runbook you wish had existed? Trying to understand the real pain before building the wrong thing.

Also, should I post this on the front page as a feed or this is good here.

[-]

Jolastreet@reddit

Tired of finding out SSL certs expired after the fact — wrote a script to fix that Last year I had a client call me at 9pm because their site was showing a security warning. Turned out the SSL cert had expired 3 days earlier. Nobody noticed. I’ve seen it happen more than once so I finally wrote a small Python script that checks SSL and domain expiration dates across all my clients sites and emails me a report every week. Nothing fancy. It scans the domains, generates a color coded HTML report (green/orange/red depending on how close the expiration is) and fires off an email alert if anything is under 60 days. Happy to share the core logic here if anyone wants it, also packaged it up if you’d rather just download and run it.

[-]

aiiye@reddit

If you can link your Git, I’d love to take a look!

[-]

Rellix777@reddit

That sounds interesting. Have a link to github for it? Cheers.

[-]

Existing-Eye-6220@reddit

I’ve been helping validate something someone built around secrets in scripts and CI, and I’d be really curious how it lands with people here.

The idea is pretty simple:

Most setups rely on environment variables being inherited by child processes — which means secrets can end up in places they weren’t really intended.

This approach flips that model so:

nothing is available unless explicitly allowed
each process only gets the secrets it actually needs
no ambient environment leakage

So instead of: everything inherits everything

It becomes: nothing is available unless declared

You run something like: tsafe exec -- your-command

…and that process only sees what it’s supposed to.

I’m mainly trying to understand: Is this solving a real problem in your world? or do existing tools already handle this well enough?

[-]

WhatThePuck9@reddit

M365-Assess v2.0 — free PowerShell module that audits your M365 tenant security posture and outputs a self-contained interactive HTML report.

Install-Module M365-Assess
Invoke-M365Assessment

Two commands. Read-only Graph API — nothing is written to the tenant, no agents installed, no data leaves your machine.

v2.0 ships:

274 automated security checks across Identity (Entra ID), Exchange Online, Intune, Defender, Teams, SharePoint, PowerBI, Hybrid AD, and Purview
14 compliance frameworks: CIS M365 v6, NIST 800-53, NIST CSF, CISA SCuBA, CMMC, HIPAA, ISO 27001, SOC 2, PCI DSS v4, FedRAMP, DISA STIG, MITRE ATT&CK, Essential Eight, CIS Controls v8
Rebuilt report engine — was a 6MB HTML file built via PowerShell string concatenation, now a React app inlined into a portable 1.3MB HTML file
Live compliance filter panel — scope findings to one or more frameworks without re-running the scan
Baseline drift detection via Compare-M365Baseline — compare scans over time, useful for tracking remediation

MIT licensed. No telemetry. No accounts.

GitHub: https://github.com/Galvnyz/M365-Assess
Writeup: https://galvnyz.com/blog/m365-assess-v2

[-]

faheemh@reddit

hi guys,

I recently launched a product to help with recurring processes and organizing them. As a product owner myself I am familiar with processes and procedures that are relative to a given date. my product helps organize this into a checklist kind of process. https://www.pivotdate.com/

e.g. 3 days before patch: make sure maililing list is updated, 2 days before: announcement is posted etc.

[-]

steadytao@reddit

I’ve been building Surveyor, a Go-based cryptographic inventory and readiness tool focused on helping teams understand where classical public-key cryptography is actually in use.

v0.10.0 is the final hardening pass before v1.0.0 so I’m mainly looking for blunt feedback on the things that matter before I freeze the first stable release:

whether the project positioning is clear
whether the README/docs make sense on a first read
whether the command model feels coherent
whether the reports and outputs are useful and understandable
whether anything feels awkward, overcomplicated, misleading, or under-explained

Repo: https://github.com/steadytao/surveyor/
Feedback: https://github.com/steadytao/surveyor/discussions/106

[-]

Sea-Anxiety-1739@reddit

One thing that always made AD cleanup harder than it should be for me: it’s usually not hard to find too many risky relationships, but it is hard to decide which handful of fixes actually reduce the most risk first.

A lot of tools will happily tell you what’s wrong. Fewer help you answer “if I only get time to change 3-5 things this week, what buys me the most risk reduction?”

I got tired of not having a good answer to that, so I built a small open-source repo called PathCollapse.

It takes AD / Entra identity exposure data, models the relationships as a graph, and ranks the permission/control changes that collapse the most exposure first.

Practical details:

- pure Go, no CGO

- read-only

- works off BloodHound / CSV exports

- no agent, no service, no write-back

Repo: github.com/karthikarunapuram8-dot/pathcollapse

If anybody else runs into the same prioritization problem, feel free to use it.

[-]

whetu@reddit

I was annoyed with AI slop posts. But I decided to try using Claude Code for continuing an idle coding project and documented the setup and results.

Link: Shellac

It's a shell scripting library platform with over 820 functions and some handy extras. It's batteries included. And the kitchen sink. And the kitchen sink is full of batteries.

It's strictly not vibe-coded, it's only got one bit of AI slop (the logo), but apart from that, it's AI as a force-multiplying tool only.

More words about it over in /r/bash here: https://www.reddit.com/r/bash/comments/1shex3u/shellac_shell_scripting_library_a_handson_ai/

[-]

columnsparkles@reddit

I can't get my brain around patching deadlines and grace periods when you have several rings so I made this.

https://autopatchplanner.com/

[-]

StratoLens@reddit

I’ve been building a product for close to a year now focused on Azure - and while it is planned to be a commercial product I currently have it in beta - and it’s entirely free to use at this time. I’m hoping that qualifies me posting here but if not I apologize in advance.

It’s a self hosted product, runs entirely in your azure subscription so no data ever leaves your environment.

It does significant change tracking, cost spike detection, orphaned resource and cost savings recommendations and much more. All entirely read only.

There’s a video about it on my website and a lot more details.

https://www.strato-lens.com/

If anyone wants to try it please reach out via discord (link on my site) or a chat request here. I’d be happy to have a few more beta testers :).

[-]

ShoulderChip4254@reddit

Very good. This will allow you to document all the astroturfers in one megathread before you ban them.

[-]

ScottEventGuard@reddit

Do programmers know what tools sysadmins really need?

My sysadmin friend and I made a log management tool that isn't bloatware.

Any feedback is appreciated! eventguard.net

[-]

Zenkin@reddit

Do programmers know what tools sysadmins really need?

You have a "pricing" page without a price, so the answer is here is clearly no.

[-]

Ecstatic-Hat-3377@reddit

I've been building a WireGuard mesh networking tool called Portbro.

I love Tailscale and Netbird, but the pricing per-seat for business users can add up quickly for small teams. Portbro might be worth a look if you don't need all the bells and whistles but need something spun up quick and clean. Peer-to-peer WireGuard mesh, your traffic exits where you need it with built-in geo-hop routing across regions, internal DNS so your peers resolve by hostname out of the box and per device bandwidth controls.

It's built for sysadmins and IT teams, not consumers (although there's nothing stopping a family or homelabber from using). No bloat, no per-seat pricing tiers, pick a plan with a set amount of devices and get rolling. Just a clean toolkit to build and manage your private network. Simplicity is the focal point.

Still early days and actively adding features, hybrid on-prem deployments with gateway peer config generation is next on the roadmap as well as a mobile client, but all in due time. Happy to answer questions and genuinely open to feedback from people who live this stuff daily.
portbro.com

[-]

zvmware@reddit

Can the patch Tuesday thread be pinned again?

https://old.reddit.com/r/sysadmin/comments/1sl9kpd/patch_tuesday_megathread_april_14_2026/

[-]

jmbpiano@reddit

Yeah, the PT megathread should be pinned, not a Thickheaded Thursday from March.

Shout out to /u/mksomo and /u/VA_Network_Nerd because I think one of them may have fixed a similar issue last month. Am I remembering that right?

[-]

VA_Network_Nerd@reddit

Wasn't me... I never mess with the scheduled threads.

[-]

archiekane@reddit

Are we trying to keep this for sysadmin stuff, or just a "you're all sysadmins, show us what you build for fun in your spare time?"

If it's the latter, I have two projects that I regularly work on:

Both of these things are for self-hosters.

AV1 was born out of boredom and my love for video storage. I have a Jellyfin server, and at the time of writing I kept getting really low on space. I spent a lot of time researching the best compression methods and AV1 was fairly mature, yet not overly used. Most of my library was H264, so it made sense to have a squishing program. That led me into training a small AI/ML tool to identify what settings to use (grain, profile, etc) based upon whether the show was animation, TV show, old movie, etc. What started off as a 100 odd line Bash script eventually turned into a just-shy-of 6000 line monster. It works though, and can even be run on WSL, is CPU based. I have it on a cron job to look through the latest downloads and do its job if it needs to, then I get a message on Telegram to give me updates. It even keeps run statistics through each iteration, giving global as well as session stats.

MusicGrabber was because of a hole in Lidarr. Lidarr is awesome at albums, not so good for singles. I wanted a simple tool for hearing a song on the radio, and just getting that one song, not a whole discography. I know you can do that on Lidarr now, you didn't used to be able to, and it's still fairly clunky. This program solves the problem. I have a few sources configured and let's just say that it'll aim for the highest quality possible, and this is usually FLAC from a very well known music company. After I released it and posted it on Reddit, it got a fair bit of traction and a lot of requests, so now it has full playlist watching across all main streaming platforms, as well as an album mode. You can also watch an Artist, or grab your weekly scrobble suggestions from MusicBrainz. It has a ton of other features, feel free to check it out.

AV1Conv is sitting at a solid 10 stars on Gitlab, MussicGrabber is 114 (at time of posting). Both tools are 100% free for you, just wield the power in your hands carefully.

And that's me and my pet projects.