Skip to content

Instantly share code, notes, and snippets.

Avatar

A.J. Brown ajbrown

View GitHub Profile
@ajbrown
ajbrown / README.md
Last active Mar 14, 2018
EC2 Bootstrapping with AWS CLI Example
View README.md

This file contains examples of using the AWS CLI to perform bootstrapping actions on EC2 instances through Userdata. These are useful in your terraform scripts to perform configuration that isn't natively supported.

Determine IP Address of EFS mount target

aws efs describe-mount-targets --file-system-id=fs-123456abcd | jq -r '.MountTargets[] | select(.SubnetId | contains("subnet-12345abcd")) | .IpAddress'
@ajbrown
ajbrown / docker-deploy.sh
Last active Nov 1, 2017
EC2 Deployment ServiceUpdate
View docker-deploy.sh
#!/usr/bin/env bash
# Deploy a new image to an ECS service by creating a new task revision
# specifying a container repoository tag, and updating the service to use the new revision.
#
# Note: Your application's container MUST be the first container in the task revision.
#The tag to deploy. Specify as the first cli argument
TAG=$1
@ajbrown
ajbrown / ASGLeaderDetection.php
Last active Jan 25, 2021
Lambda and client code examples for ASG Leader detection. For more info, see https://ajbrown.org/2017/02/10/leader-election-with-aws-auto-scaling-groups.html
View ASGLeaderDetection.php
<?php
public function isLeader() {
$isLeader = true; // get my instance-id from the metadata service
$instanceId = exec('curl http://169.254.169.254/latest/meta-data/instance-id');
if (!empty($instanceId)) {
$isLeader = false;
$ec2 = \Aws\Ec2\Ec2Client::factory(['key' => AWS_ACCESS_KEY_ID, 'secret' => AWS_SECRET_KEY, 'region' => 'us-east-1']);
$data = $ec2->describeInstances(array('InstanceIds' => [$instanceId]));
if (!empty($data) && !empty($data['Reservations'])) {
$tags = $data['Reservations'][0]['Instances'][0]['Tags'];
@ajbrown
ajbrown / dynamic_java_heap.sh
Created Dec 17, 2016
Dynamically determine the Java heap based on the total memory of the VM.
View dynamic_java_heap.sh
#!/usr/bin/env bash
totalMemKB=$(awk '/MemTotal:/ { print $2 }' /proc/meminfo)
usagePercent=70
let heapMB=$totalMemKB*$usagePercent/100/1024
JAV_OPTS="$JAVA_OPTS -Xmx${heapMB}M -Xms${heapMB}M"
View keybase.md

Keybase proof

I hereby claim:

  • I am ajbrown on github.
  • I am adrianjbrown (https://keybase.io/adrianjbrown) on keybase.
  • I have a public key ASASwbI7s2Xh6NiHcNPrdyoRmieDuNC6oSV8Inl8uPMVgwo

To claim this, I am signing this object:

@ajbrown
ajbrown / setup_user.sh
Created Aug 17, 2016
Create a new user, with a random password, allowing public key authentication
View setup_user.sh
#!/bin/sh
# Usage: setup_user.sh <username> <path-to-pub-key>
#
# Credit to TechRepublic.com for inspiration:
USERNAME=$1
KEYPATH=$2
useradd -s /bin/bash -m $USERNAME
openssl rand -base64 8 | tee -a /home/$USERNAME/.password | passwd --stdin $USERNAME
chmod 600 /home/$USERNAME/.password
@ajbrown
ajbrown / letmein.sh
Last active Mar 19, 2021
Update a set of security groups, allowing SSH access from your current public IP address.
View letmein.sh
#!/usr/bin/env bash
#
# Add the security groups you want to allow the current IP address
# SSH access to by updating the "groups" array below. The user
# running the script must have the aws-cli installed and configured.
# Their credentials will be used for API calls, so access should be
# controlled that way.
#
# Note: It's a good idea to clean up these security groups regularly.
# I prefer to have a security group that I can remove all ingress rules
@ajbrown
ajbrown / gist:8aea5189d8e84046a4f2
Created Mar 14, 2016
BackWPup S3 permissions. This includes the minimum permissions needed to allow the Wordpress BackWPup plugin to complete a backup job with an Amazon S3 destination.
View gist:8aea5189d8e84046a4f2
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1457967512000",
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": [
@ajbrown
ajbrown / formatted_mount.sh
Created Nov 12, 2015
Add a filesystem to a drive (if it does not already have one), and mount it to a path.
View formatted_mount.sh
#!/bin/bash
# This script will ensure a device has a filesystem before mounting it to a given path.
# It will only attempt to create the filesystem if one does not already exist on the device.
#
# AUTHOR: A.J. Brown <aj@ajbrown.org>
DEV='/dev/xvdf'
MOUNT_TO='/data'
FS='ext4'
@ajbrown
ajbrown / gist:56ebad79f9fae4fb40c8
Created Sep 11, 2015
Dovetail_Elasticsearch_Aliases.sh
View gist:56ebad79f9fae4fb40c8
curl -XPOST -d '{ "actions" : [ { "add" : { "index" : "events-1", "alias" : "events-write" } },{ "add" : { "index" : "events-1", "alias" : "events-read" } },{ "add" : { "index" : "audit-1", "alias" : "audit-write" } },{ "add" : { "index" : "audit-1", "alias" : "audit-read" } }]}' \
-i http://user:Passw0rd@localhost:9200/_aliases