Skip to content

Instantly share code, notes, and snippets.

View ajorpheus's full-sized avatar

Ash Jindal ajorpheus

9 followers · 2 following
View GitHub Profile
@ajorpheus
ajorpheus / SSH Permissions
Created June 11, 2020 15:04
Summary of SSH Permissions
+------------------------+-------------------------------------+-------------+-------------+
| Directory or File | Man Page | Recommended | Mandatory |
| | | Permissions | Permissions |
+------------------------+-------------------------------------+-------------+-------------+
| ~/.ssh/ | There is no general requirement to | 700 | |
| | keep the entire contents of this | | |
| | directory secret, but the | | |
| | recommended permissions are | | |
| | read/write/execute for the user, | | |
| | and not accessible by others. | | |
@ajorpheus
ajorpheus / .envrc
Created May 1, 2020 09:10 — forked from defanator/.envrc
Example of direnv .envrc configuration for working with awscli as MFA-enabled IAM user
#
# Copyright (C) Andrei Belov (defanator@gmail.com)
#
# This is an example of direnv [1] .envrc file approaching the way
# of using awscli [2] with MFA-enabled accounts in a (more or less)
# secure manner.
#
# The following assumptions are expected:
#
# a) there should be two files, key.asc and skey.asc, containing
@ajorpheus
ajorpheus / url-schemes-settings-ios.mkd
Created December 4, 2019 05:36 — forked from deanlyoung/url-schemes-settings-ios.mkd
URL Schemes (Updated)

Note

Apple will reject apps that are using private url schemes (Ugh, Apple....) if they are pretty much obvius. Some apps are rejected and others are not, so, be aware of this issue before implementing any of those URL's in your app as a feature.

Updates

  • [UPDATE 4] iOS 10 update: apparently settings now can be reached using App-Pref instead of prefs
  • [UPDATE 3] For now you just can use url schemes to open your apps's settings with Swift 3.0 (Xcode 8). I'll keep you informed when OS preferences can be reached
  • [UPDATE 2] The openURL() method of UIApplication is now deprecated. You should use application(_:open:options:) instead
  • [UPDATE 1] Not yet tested in iOS 10. It will fail because of policies changes in URL scheme handling.
@ajorpheus
ajorpheus / sshuttle.service
Created November 28, 2019 11:14 — forked from perfecto25/sshuttle.service
Sshuttle
[Unit]
Description=sshuttle service
After=network.target
[Service]
User=sshuttle
Restart=always
Type=forking
WorkingDirectory=/home/sshuttle
ExecStart=/home/sshuttle/sshuttle.sh start
@ajorpheus
ajorpheus / terraforming-import-all
Created October 18, 2019 11:48 — forked from neurogenesis/terraforming-import-all
generate terraform templates from existing infrastructure (via terraforming)
#!/usr/bin/env ruby
# USAGE:
# gem install terraforming
# export AWS_PROFILE=xxx
# mkdir -p ~/projects/terraform
# cd ~/projects/terraform
# mkdir -p imports/[account]/[region]
# cd imports/[account]/[region]
# ../../../bin/terraforming-import-all
@ajorpheus
ajorpheus / cloudTrailEventNames.list
Created September 5, 2019 14:39 — forked from pkazi/cloudTrailEventNames.list
List of values for parameter EventName in AWS Cloudtrail events
AbortDocumentVersionUpload
AbortEnvironmentUpdate
AbortMultipartUpload
AbortVaultLock
AcceptAccountMapping
AcceptCertificateTransfer
AcceptDelegate
AcceptDirectConnectGatewayAssociationProposal
AcceptFxPaymentCurrencyTermsAndConditions
AcceptHandshake
@ajorpheus
ajorpheus / 0.12.tf
Created August 27, 2019 09:41 — forked from tuannvm/0.12.tf
#terraform #hashicorp #cheatsheet #0.12
# first class expresssion
variable "ami" {}
resource "aws_instance" "example" {
ami = var.ami
}
###
# list & map
resource "aws_instance" "example" {
@ajorpheus
ajorpheus / AllowSSHFromIP.php
Created July 1, 2019 16:30 — forked from HSPDev/AllowSSHFromIP.php
Complementary code and IAM policy for "You don't need that Bastion host"
<?php
// For laravel 5 based systems
// /path/to/project/app/Console/Commands/AllowSSHFromIP.php
namespace App\Console\Commands;
use Aws\Ec2\Ec2Client;
use Carbon\Carbon;
use Illuminate\Console\Command;
@ajorpheus
ajorpheus / ns-inet.sh
Created June 18, 2019 11:37 — forked from dpino/ns-inet.sh
Setup a network namespace with Internet access
#!/usr/bin/env bash
set -x
NS="ns1"
VETH="veth1"
VPEER="vpeer1"
VETH_ADDR="10.200.1.1"
VPEER_ADDR="10.200.1.2"
@ajorpheus
ajorpheus / jq-case-insensitive.md
Last active May 11, 2023 15:02
JQ: Case-insensitive search for keys containing string

Search for keys in JSON at any level containing the supplied string and strips out any empty results

cat some-json |  jq -c '.. | objects | with_entries(select(.key |match("SEARCH-STRING";"i"))) | select(. != {})'

For instance, to list any keys that contain the word public from a list of AWS instances :

aws ec2 describe-instances --output json | jq -c '.. | objects | with_entries(select(.key |match("public";"i"))) | select(. != {})'