Tim Fletcher TimJDFletcher

## duptools-gdrive.sh
#!/bin/bash

# directories to be included, space separated
SOURCE="/home/chewie /etc"
# directories to be excluded, space separated
IGNORE="/home/chewie/Downloads /home/chewie/Steam"
DRIVE_FOLDER="duplicity-backup"
LOGFILE=/home/chewie/duplicity.log
# set email to receive a backup report
EMAIL=""

## README.md

      
              4 files
            
          
              14 forks
            
          
              6 comments
            
          
              59 stars
            
          
                jgoodall
                / README.md
            
            
              Last active
              September 19, 2023 18:06
            
              
                This is a sample of how to send some information to logstash via the TCP input from node.js or python.
              
          
    This is a sample of how to send some information to logstash via the TCP input in nodejs or python. It assumes the logstash host is on 10.10.10.100 and the TCP listening input is 9563.
The logstash.conf should look something like the sample file.
The log message should be a stringified JSON object with the log message in the @message field.
To use, run the node script node sendMessageToLogstash.js, or the python script python sendMessageToLogstash.js

  
## main.yml
# Idempotent way to build a /etc/hosts file with Ansible using your Ansible hosts inventory for a source.
# Will include all hosts the playbook is run on.
# Inspired from http://xmeblog.blogspot.com/2013/06/ansible-dynamicaly-update-etchosts.html

- name: "Build hosts file"
  lineinfile: dest=/etc/hosts regexp='.*{{ item }}$' line="{{ hostvars[item].ansible_default_ipv4.address }} {{item}}" state=present
  when: hostvars[item].ansible_default_ipv4.address is defined
  with_items: groups['all']

## better-ssh-authorized-keys-management.md

      
              1 file
            
          
              31 forks
            
          
              16 comments
            
          
              137 stars
            
          
                sivel
                / better-ssh-authorized-keys-management.md
            
            
              Last active
              May 3, 2024 14:20
            
              
                Better SSH Authorized Keys Management
              
          
    Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.
People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys.  A centralized key management system could help provide all of this functionality with a little scripting.
One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.
Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

  
## buergerbot.rb
#!/usr/bin/env ruby
require 'watir-webdriver'

def log (message) puts "  #{message}" end
def success (message) puts "+ #{message}" end
def fail (message) puts "- #{message}" end
def notify (message)
  success message.upcase
  system 'osascript -e \'Display notification "Bürgerbot" with title "%s"\'' % message
rescue StandardError => e

## Creating config-drive.md

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              4 stars
            
          
                itzg
                / Creating config-drive.md
            
            
              Last active
              November 28, 2019 10:00
            
          
    mkfs.vfat -n config-2 -I /dev/sdc
mkdir -p /media/config-drive
mount /dev/sdc /media/config-drive
mkdir -p /media/config-drive/openstack/latest
cp cloud-config.yml /media/config-drive/openstack/latest/user_data
umount /media/config-drive

NOTE mkfs.vfat is provided by the dosfstools package

  
## qemu_osx_rpi_raspbian_jessie.sh
# Install QEMU OSX port with ARM support
sudo port install qemu +target_arm
export QEMU=$(which qemu-system-arm)

# Dowload kernel and export location
curl -OL \
https://github.com/dhruvvyas90/qemu-rpi-kernel/blob/master/kernel-qemu-4.1.7-jessie
export RPI_KERNEL=./kernel-qemu-4.1.7-jessie

# Download filesystem and export location

## gscp
#!/bin/bash
# Copy files from and to Google Compute Engine instances
# Automatically looks up the correct zone and uses ~/.ssh/id_rsa
# Usage
# gscp ./some.file some-instance-name:some-directory
# gscp some-instance-name:some-directory ./some.file

for project in $(gcloud projects list | grep -v PROJECT_ID | cut -d' ' -f 1); do
  PROJECT=$project

## bastion_sg.tf
# file name: infra/terraform/modules/aws_vpc/bastion_sg.tf

resource "aws_security_group" "bastion_ssh_sg" {
  name = "bastion_ssh"
  description = "Allow ssh to bastion hosts for each vpc from anywhere"
  ingress {
    from_port = 22
    to_port = 22
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]

## aws_vpc.tf
# file name terraform/modules/aws_vpc/vpc.tf
# first create the VPC.
# Prefix resources with var.name so we can have many environments trivially

resource "aws_vpc" "mod" {
  cidr_block = "${var.cidr}"
  enable_dns_hostnames = "${var.enable_dns_hostnames}"
  enable_dns_support = "${var.enable_dns_support}"
  tags {
    Name = "${var.env}_vpc"
	#!/bin/bash

	# directories to be included, space separated
	SOURCE="/home/chewie /etc"
	# directories to be excluded, space separated
	IGNORE="/home/chewie/Downloads /home/chewie/Steam"
	DRIVE_FOLDER="duplicity-backup"
	LOGFILE=/home/chewie/duplicity.log
	# set email to receive a backup report
	EMAIL=""
	# Idempotent way to build a /etc/hosts file with Ansible using your Ansible hosts inventory for a source.
	# Will include all hosts the playbook is run on.
	# Inspired from http://xmeblog.blogspot.com/2013/06/ansible-dynamicaly-update-etchosts.html

	- name: "Build hosts file"
	lineinfile: dest=/etc/hosts regexp='.*{{ item }}$' line="{{ hostvars[item].ansible_default_ipv4.address }} {{item}}" state=present
	when: hostvars[item].ansible_default_ipv4.address is defined
	with_items: groups['all']
	#!/usr/bin/env ruby
	require 'watir-webdriver'

	def log (message) puts " #{message}" end
	def success (message) puts "+ #{message}" end
	def fail (message) puts "- #{message}" end
	def notify (message)
	success message.upcase
	system 'osascript -e \'Display notification "Bürgerbot" with title "%s"\'' % message
	rescue StandardError => e
	# Install QEMU OSX port with ARM support
	sudo port install qemu +target_arm
	export QEMU=$(which qemu-system-arm)

	# Dowload kernel and export location
	curl -OL \
	https://github.com/dhruvvyas90/qemu-rpi-kernel/blob/master/kernel-qemu-4.1.7-jessie
	export RPI_KERNEL=./kernel-qemu-4.1.7-jessie

	# Download filesystem and export location
	#!/bin/bash
	# Copy files from and to Google Compute Engine instances
	# Automatically looks up the correct zone and uses ~/.ssh/id_rsa
	# Usage
	# gscp ./some.file some-instance-name:some-directory
	# gscp some-instance-name:some-directory ./some.file

	for project in $(gcloud projects list \| grep -v PROJECT_ID \| cut -d' ' -f 1); do
	PROJECT=$project
	# file name: infra/terraform/modules/aws_vpc/bastion_sg.tf

	resource "aws_security_group" "bastion_ssh_sg" {
	name = "bastion_ssh"
	description = "Allow ssh to bastion hosts for each vpc from anywhere"
	ingress {
	from_port = 22
	to_port = 22
	protocol = "tcp"
	cidr_blocks = ["0.0.0.0/0"]
	# file name terraform/modules/aws_vpc/vpc.tf
	# first create the VPC.
	# Prefix resources with var.name so we can have many environments trivially

	resource "aws_vpc" "mod" {
	cidr_block = "${var.cidr}"
	enable_dns_hostnames = "${var.enable_dns_hostnames}"
	enable_dns_support = "${var.enable_dns_support}"
	tags {
	Name = "${var.env}_vpc"