Skip to content

Instantly share code, notes, and snippets.

View Ginja's full-sized avatar

Riley Shott Ginja

50 followers · 17 following
  • Shopify
View GitHub Profile
@pydevops
pydevops / private-k8s.md
Last active February 2, 2024 03:25
how to set up kubectl on laptop for private GKE cluster and on prem private cluster

HTTP tunnel

On prem k8s cluster set up with bastion vm

  1. Create a bastion vm in your data center or in cloud with connectivity set up (usually vpn) to the on prem data center.
  2. Install tinyproxy on the bastion vm and pick a random port as it would be too easy for spam bot with default 8888, set up as systemd service according to https://nxnjz.net/2019/10/how-to-setup-a-simple-proxy-server-with-tinyproxy-debian-10-buster/. Make sure it works by validating with curl --proxy http://127.0.0.1:<tinyproxy-port> https://httpbin.org/ip. And I don't use any user authentication for proxy, so I locked down the firewall rules with my laptop IP/32.
  3. Download the kubeconfig file for the k8s cluster to your laptop
  4. From your laptop, run
HTTPS_PROXY=<bastion-external-ip>:<tinyproxy-port> KUBECONFIG=my-kubeconfig kubectl get nodes
@sethvargo
sethvargo / create-certs.sh
Created June 6, 2018 16:20
Use openssl to create an x509 self-signed certificate authority (CA), certificate signing request (CSR), and resulting private key with IP SAN and DNS SAN
# Define where to store the generated certs and metadata.
DIR="$(pwd)/tls"
# Optional: Ensure the target directory exists and is empty.
rm -rf "${DIR}"
mkdir -p "${DIR}"
# Create the openssl configuration file. This is used for both generating
# the certificate as well as for specifying the extensions. It aims in favor
# of automation, so the DN is encoding and not prompted.
@spara
spara / docker-ce-17.05-ubuntu-16.04-LTS-install.md
Last active August 9, 2023 09:04
Install Docker CE 17.05 and Compose 1.13.0

Installing Docker CE Edge for Ubuntu Linux

Remove previous versions of Docker and Compose

sudo apt-get purge docker-compose
sudo apt-get purge docker-ce

Install dependencies

@magnetikonline
magnetikonline / README.md
Last active April 30, 2024 23:49
Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers.

Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers

Tip

Microsoft active directory servers by default provide LDAP connections over unencrypted connections (boo!).

The steps below will create a new self signed certificate appropriate for use with and thus enabling LDAPS for an AD server. Of course the "self-signed" portion of this guide can be swapped out with a real vendor purchased certificate if required.

Steps have been tested successfully with Windows Server 2012R2, but should work with Windows Server 2008 without modification. Requires a working OpenSSL install (ideally Linux/OSX) and (obviously) a Windows Active Directory server.

@sethvargo
sethvargo / secret.rb
Created February 1, 2016 21:36
Example Chef extension to extract secrets from HashiCorp's Vault
# Please see the following blog post for more information:
#
# https://www.hashicorp.com/blog/using-hashicorp-vault-with-chef.html
#
resource_name :vault_secret
property :path, String, name_property: true
property :destination, String
@denji
denji / golang-tls.md
Last active April 29, 2024 03:39 — forked from spikebike/client.go
Simple Golang HTTPS/TLS Examples

Moved to git repository: https://github.com/denji/golang-tls

Generate private key (.key)
# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" ≥ secp384r1
# List ECDSA the supported curves (openssl ecparam -list_curves)
@kevin-smets
kevin-smets / iterm2-solarized.md
Last active May 3, 2024 12:59
iTerm2 + Oh My Zsh + Solarized color scheme + Source Code Pro Powerline + Font Awesome + [Powerlevel10k] - (macOS)

Default

Default

Powerlevel10k

Powerlevel10k

@dmitshur
dmitshur / gist:6927554
Last active September 17, 2023 07:35
[Legacy GOPATH mode] How to `go get` private repos using SSH key auth instead of password auth.

WARNING: This gist was created in 2013 and targets the legacy GOPATH mode. If you're reading this in 2021 or later, you're likely better served by reading https://tip.golang.org/cmd/go/#hdr-Configuration_for_downloading_non_public_code and https://golang.org/ref/mod#private-modules.

$ ssh -A vm
$ git config --global url."git@github.com:".insteadOf "https://github.com/"
$ cat ~/.gitconfig
[url "git@github.com:"]
	insteadOf = https://github.com/
$ go get github.com/private/repo && echo Success!
Success!
@arangamani
arangamani / chef_attribute_converge.rb
Last active February 20, 2023 02:44
Dynamically update attribute of a Chef resource during converge phase (Node variable assignment in Compile vs Converge)
# In Chef, when a resource is defined all its variables are evaluated during
# compile time and the execution of the resource takes place in converge phase.
# So if the value of a particular attribute is changed in converge
# (and not in compile) the resource will be executed with the old value.
# Example problem:
# Let's consider this situation where there are two steps involved in a recipe
# Step 1 is a Ruby block that changes a node attribute. Rubyblocks get executed
# in converge phase
# Step 2 is a Chef resource that makes use of the node attribute that was
@fernandoaleman
fernandoaleman / rpm-from-source.sh
Created November 18, 2011 16:34
How to create an RPM from source with spec file
# How to create an RPM from source with spec file
# This is for Redhat versions of linux. Sometimes when you search for an rpm package,
# it is either outdated or not available. The only thing available is the source code.
# You can create a custom RPM package from source.
#
# For this example, I'll be using the latest version of Git, currently v.1.7.7.3
# Step: 1
# Install rpmbuild