Anastas Dancha anapsix
😺
anapsix
/ docker_pull_remains.sh
Last active
May 23, 2023 21:35
Naive script to check how many anonymous pulls from Docker hub remain / allowed from current IP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env sh | |
| for dep in curl jq grep awk; do | |
| if ! which ${dep} >&/dev/null; then | |
| echo >&2 "ERROR: required ${dep} binary is not found, exiting.." | |
| exit 1 | |
| fi | |
| done | |
| TOKEN=$( |
anapsix
/ generate_firewall_rules.jq
Created
May 13, 2020 18:57
Generate Terraform statements for cloudflare_filter, and cloudflare_firewall_rule
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################################################## | |
| # this JQ script parses Cloudflare API call listing Firewall Rules | |
| # and generates cloudflare_filter_and cloudflare_firewall_rule | |
| ############################################################################## | |
| # Copyright (c) 2020 Anastas Dancha (@anapsix) | |
| # | |
| # Permission is hereby granted, free of charge, to any person obtaining a copy | |
| # of this software and associated documentation files (the "Software"), to deal | |
| # in the Software without restriction, including without limitation the rights | |
| # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
anapsix
/ check_k8s_certs.sh
Created
September 20, 2019 11:06
Check K8s certificates and attempt to renew expired
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| set -u | |
| set -o pipefail | |
| renew_cert() { | |
| local cert="${1:-}" | |
| local renew="n" | |
| if [[ "${cert:-_unset_}" == "_unset_" ]]; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # RKIND is a naive helper script to start KIND and Rancher Management Server | |
| # | |
| set -u | |
| set -o pipefail | |
| RANCHER_CONTAINER_NAME="rancher-for-kind" | |
| RANCHER_HTTP_HOST_PORT=$[$[RANDOM%9000]+30000] |
anapsix
/ k8s-oidc-login.sh
Last active
January 9, 2023 13:55
K8s-OIDC-LOGIN - helper to simplify multi-cluster OIDC login and related configuration for kubectl. Can be used as kubectl plugin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # K8s-OIDC-LOGIN helper to simplify configuration of OIDC authentication for kubectl | |
| # | |
| # Heavily influenced by oidckube project by @mrbobbytables | |
| # https://github.com/mrbobbytables/oidckube | |
| # | |
| # Copyright (C) 2019 Anastas Dancha (aka @anapsix) | |
| # This program is free software: you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # K8s-Vault, like AWS-Vault is a helper for AWS related CLI tools | |
| # is a helper for CLI tools using kubectl config and K8s API. | |
| # Unlike AWS-Vault, vault here is used as a verb, | |
| # synonymous to leap, jump, spring, etc.. | |
| # Copyright (C) 2019-2020 Anastas Dancha (aka @anapsix) | |
| # This program is free software: you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by |
anapsix
/ kubectl_with_ssh_jumphost.sh
Last active
September 30, 2019 12:09
Wrapper for kubectl to automatically establish SSH connection to jumphost, though which to proxy requests to K8s API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # DEPRECATED | |
| # use k8s-vault instead | |
| # https://gist.github.com/anapsix/b5af204162c866431cd5640aef769610 | |
| # | |
| # | |
| # Wrapper for kubectl to establish SSH connection to jumphost, | |
| # though which to proxy requests to K8s API | |
| # |
anapsix
/ cronjob_with_exec_timeout.yaml
Last active
March 30, 2023 19:51
K8s CronJob with execution timeout implemented via livenessProbe
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: batch/v1beta1 | |
| kind: CronJob | |
| metadata: | |
| name: do-something-job | |
| namespace: scheduled-tasks | |
| spec: | |
| schedule: "*/2 * * * *" | |
| successfulJobsHistoryLimit: 3 | |
| failedJobsHistoryLimit: 3 |
anapsix
/ helm_tls_wrapper.sh
Last active
October 28, 2020 02:43
Helm CLI wrapper making it easier to work with multiple clusters when using TLS-enabled Tiller
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # this script is a helpful wrapper for Helm CLI, when using TLS enabled Tiller | |
| # See https://github.com/helm/helm/blob/master/docs/tiller_ssl.md | |
| # | |
| # === NOTE === | |
| # It will attempt to download Helm binary to match Helm Server version | |
| # if it's not found locally | |
| # | |
| # === INSTRUCTIONS === |
anapsix
/ rmq_passwd_hash.py
Created
May 22, 2018 19:33
generate RabbitMQ compatible SHA256 password hash
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # details on rabbitMQ password hashing | |
| # https://www.rabbitmq.com/passwords.html#computing-password-hash | |
| from __future__ import print_function | |
| import base64 | |
| import os | |
| import hashlib | |
| import struct | |
| import getpass |
NewerOlder