Skip to content

Instantly share code, notes, and snippets.

View AnatomicJC's full-sized avatar
🦄

AnatomicJC

🦄
25 followers · 5 following
View GitHub Profile
@AnatomicJC
AnatomicJC / xfs-dedup.md
Last active November 23, 2023 17:21
XFS reflinks deduplication with duperemove and fdupes
@AnatomicJC
AnatomicJC / postgresql-read-only-user.md
Created March 3, 2020 14:02
PostgreSQL read-only user 
CREATE ROLE "ro-user" WITH PASSWORD 'secret';
ALTER ROLE "ro-user" WITH LOGIN;
GRANT USAGE ON SCHEMA public TO "ro-user";
GRANT SELECT ON ALL TABLES IN SCHEMA public TO "ro-user";
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "ro-user";
@AnatomicJC
AnatomicJC / self-signed-certificate-with-custom-ca.md
Created May 27, 2020 07:08 — forked from fntlnz/self-signed-certificate-with-custom-ca.md
Self Signed Certificate with Custom Root CA

Create Root CA (Done once)

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!

openssl genrsa -des3 -out rootCA.key 4096
@AnatomicJC
AnatomicJC / xfs-write-cache.md
Last active August 5, 2021 20:45
XFS write-cache

/etc/systemd/system/xfs-write-cache.service

[Unit]
Description=Set XFS Write cache to write through

[Service]
Type=oneshot
User=root
Group=root
ExecStart=/usr/lib/systemd/system-sleep/xfs-write-cache
@AnatomicJC
AnatomicJC / .vimrc
Last active August 18, 2021 20:38
vimrc file
" All system-wide defaults are set in $VIMRUNTIME/debian.vim and sourced by
" the call to :runtime you can find below. If you wish to change any of those
" settings, you should do it in this file (/etc/vim/vimrc), since debian.vim
" will be overwritten everytime an upgrade of the vim packages is performed.
" It is recommended to make changes after sourcing debian.vim since it alters
" the value of the 'compatible' option.
runtime! debian.vim
" Vim will load $VIMRUNTIME/defaults.vim if the user does not have a vimrc.
@AnatomicJC
AnatomicJC / passbolt-user-creation-automation-example.bash
Created February 4, 2022 13:05
passbolt user creation automation example
#!/usr/bin/env bash
set -euo pipefail
TMPGNUPGHOME=$(mktemp -d)
EMAIL="email@domain.tld"
PASSPHRASE="strong-passphrase"
FIRSTNAME="John"
LASTNAME="Doe"
KEYSIZE=2048
@AnatomicJC
AnatomicJC / go-passbolt-cli-create-resource.sh
Created February 4, 2022 13:11
go-passbolt-cli create resource
passbolt create resource \
 - name "docker.com token for gitlab" \
 - username "username@domain.tld" \
 - password "Ch4ng3-m3-pl35E" \
 - uri "https://docker.io"
@AnatomicJC
AnatomicJC / gitlab-pipeline-pull-n-push-example.sh
Created February 4, 2022 13:17
go-passbolt-cli gitlab pipeline example
# Set the configuration file containing the private OpenPGP key and passphrase
cat ${PASSBOLT_CLI_CONFIG} | base64 -d > /root/.config/go-passbolt-cli/go-passbolt-cli.toml
# Login to gitlab CI registry
# CI_REGISTRY_* variables are dynamically set by gitlab
docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
###
# login to Docker HUB registry / fetch password from passbolt
###
@AnatomicJC
AnatomicJC / ansible-setup-with-mitogen.md
Last active February 19, 2023 17:12
Ansible 2.14.2 setup with mitogen

Create requirements.txt file:

ansible==7.2.0
ansible-lint==6.10.0
jmespath
dnspython
git+https://github.com/mitogen-hq/mitogen.git@a47b9f3631ba3c37bf0410c6a4960c3eec152454
@AnatomicJC
AnatomicJC / fill-known-hosts.md
Created August 9, 2023 11:12
Ansible: Add keys to known host with ssh-keyscan 
- name: Update ~/.ssh/known_hosts file
  hosts: all
  gather_facts: false
  become: false
  tasks:
    - name: Update ~/.ssh/known_hosts
      ansible.builtin.known_hosts:
        name: "{{ inventory_hostname }}"
 key: "{{ lookup('pipe', 'ssh-keyscan ' + inventory_hostname) }}"