Sometimes, you need to use your EC2 instance's credentials to access the AWS resources, for testing, development, etc.. This is how you do it.
create 169.254.169.254
on loopback interface
sudo ip a add 169.254.169.254 dev lo
#!/bin/bash | |
case $1 in | |
--name) | |
shift | |
zonename="$1" | |
hostedzoneid=($(aws route53 list-hosted-zones | jq -r ".HostedZones[] | select(.Name == \"$zonename.\") | .Id" | cut -d'/' -f3)) | |
if [ ${#hostedzoneid[@]} -eq 0 ]; then | |
echo >&2 "Could not find Route53 zone for \"$zonename\", exiting.." | |
exit 1 |
#!/usr/bin/env bash | |
set -e | |
set -u | |
set -o pipefail | |
renew_cert() { | |
local cert="${1:-}" | |
local renew="n" | |
if [[ "${cert:-_unset_}" == "_unset_" ]]; then |
#!/usr/bin/env bash | |
# | |
# DEPRECATED | |
# use k8s-vault instead | |
# https://gist.github.com/anapsix/b5af204162c866431cd5640aef769610 | |
# | |
# | |
# Wrapper for kubectl to establish SSH connection to jumphost, | |
# though which to proxy requests to K8s API | |
# |
<?php | |
// if running in Alpine, install the following | |
// apk -U add php7 php7-mbstring php7-simplexml php7-json php7-phar php7-openssl curl | |
// curl -sS https://getcomposer.org/installer | php | |
// php composer.phar require aws/aws-sdk-php | |
// | |
// export AWS_ACCESS_KEY_ID=... | |
// export AWS_SECRET_ACCESS_KEY=... | |
if (getenv('KINESIS_STREAM')) { | |
$streamName = getenv('KINESIS_STREAM'); |
############################################################################## | |
# this JQ script parses Cloudflare API call listing Firewall Rules | |
# and generates cloudflare_filter_and cloudflare_firewall_rule | |
############################################################################## | |
# Copyright (c) 2020 Anastas Dancha (@anapsix) | |
# | |
# Permission is hereby granted, free of charge, to any person obtaining a copy | |
# of this software and associated documentation files (the "Software"), to deal | |
# in the Software without restriction, including without limitation the rights | |
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
#!/usr/bin/env bash | |
# | |
# this script is a helpful wrapper for Helm CLI, when using TLS enabled Tiller | |
# See https://github.com/helm/helm/blob/master/docs/tiller_ssl.md | |
# | |
# === NOTE === | |
# It will attempt to download Helm binary to match Helm Server version | |
# if it's not found locally | |
# | |
# === INSTRUCTIONS === |
#!/usr/bin/env python | |
# I didn't write this | |
# many examples exist on StackOverflow, etc.. | |
# | |
# Note: you'll need python-xlib, python-gtk | |
# sudo apt-get install python-xlib python-gtk2 | |
# | |
import sys | |
import os |
#!/usr/bin/env bash | |
# | |
## example running it from cron | |
# MAILTO="" | |
# SHELL=/bin/bash | |
# VERBOSE=1 | |
# CMD_ON_FAILURE='/etc/init.d/nginx reload' | |
# * * * * * root timeout -k 2 5 /tmp/check_dns.sh upstream.server.com 2>>/var/log/check_dns.log | |
# * * * * * root sleep 10 && sed -e :a -e '$q;N;501,$D;ba' -i /var/log/check_dns.log | |
# |
#!/usr/bin/env bash | |
# | |
# RKIND is a naive helper script to start KIND and Rancher Management Server | |
# | |
set -u | |
set -o pipefail | |
RANCHER_CONTAINER_NAME="rancher-for-kind" | |
RANCHER_HTTP_HOST_PORT=$[$[RANDOM%9000]+30000] |