Jaehoon Choi andromedarabbit

## rds.sh
aws rds describe-db-instances | jq -r '.DBInstances[] | select(.CACertificateIdentifier == "rds-ca-2015") | .DBInstanceIdentifier' | xargs -I {} sh -c 'aws rds modify-db-instance --db-instance-identifier {} --ca-certificate-identifier=rds-ca-2019 --apply-immediately'

## open-firewall-of-my-digitalocean-droplet.sh
# Prerequisites: `doctl`, `curl` and `jq`
# See https://www.digitalocean.com/community/tutorials/how-to-use-doctl-the-official-digitalocean-command-line-client
# In this particular case, we are going to open the port 22 for ssh connection.
MY_IP=$(curl --silent ifconfig.io/ip) && doctl compute firewall add-rules $(doctl compute firewall list --output=json | jq -r '.[].id')  --inbound-rules "protocol:tcp,ports:22,address:${MY_IP}/32"

## gist:28c116d5a5f63a69ed80e1a6a2b9e329
Verifying my Blockstack ID is secured with the address 12fPpBGuz3WutxpmUMwRmSkAoEyrPLJwKv https://explorer.blockstack.org/address/12fPpBGuz3WutxpmUMwRmSkAoEyrPLJwKv

## backup-to-gdfs.sh
#!/bin/bash
if [ -n "${SKIP_BACKUPS}" ]; then
  exit 0
fi

type pigz || brew install pigz
type rsync || brew install rsync
type rsync-time-backup.sh || brew install rsync-time-backup

SRC_DIRS=(

## awslogin.sh
#!/bin/bash -e
RED='\033[0;31m'
GREEN='\033[0;32m'
NC='\033[0m' # No Color

err_report() {
	echo ""
  	echo -e "${RED}USAGE: $(basename $0)${NC}"
  	echo -e "${RED}USAGE: AWS_LOGIN_PROFILE=my-profile AWS_PROFILE=my-profile-mfa $(basename $0) 123456${NC}"
  	echo -e "${RED}See${NC} https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/"

## dr-k8s-apps-per-az.sh
#!/bin/bash -e
type csvjson || brew install csvkit
type jq || brew install jq

RED='\033[0;31m'
NC='\033[0m' # No Color

OUTPUT_PODS=pods.csv
truncate -s 0 "${OUTPUT_PODS}"

## reclaim-policy.yaml
kind: ServiceAccount
apiVersion: v1
metadata:
  name: reclaim-policy
  namespace: monitoring
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: reclaim-policy

## set-reclaimpolicy-to-retain.sh
#!/bin/bash
# See https://kubernetes.io/docs/tasks/administer-cluster/change-pv-reclaim-policy/

set -eo pipefail

echo ">>> BEFORE"
kubectl get pv

kubectl patch pv $(kubectl get pv -o json | jq -r '.items[] | select(.spec .persistentVolumeReclaimPolicy != "Retain") | .metadata .name')  -p '{"spec":{"persistentVolumeReclaimPolicy":"Retain"}}'

## gist:f2b8a17b680de1f68f8ec1ea9e2afbad

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                andromedarabbit
                / gist:f2b8a17b680de1f68f8ec1ea9e2afbad
            
            
              Created
              July 14, 2017 13:44
                — forked from bruno-/gist:eddd6298deaa4940c52c
            
              
                signing git commits - cheat sheet
              
          
    Article: http://mikegerwitz.com/papers/git-horror-story
Theory


faking other user's commits is easy with --author flag
$ git commit --author='Foo Bar <foo@bar.com>' -m 'some commit'


signing commits ensures:

someone else can't commit as myself


I really commited all the commits I sign


## elasticsearch-x-pack-alerting-example.json
PUT _xpack/watcher/watch/outofmemoryerror
{
  "trigger" : {
    "schedule" : { "cron" : "0 0/4 * * * ?" }
  },
  "input" : {
    "search" : {
      "request" : {
        "indices" : [
          "</logstash><logstash -{now-1h/d}t{now-1h{HH}}>",
	# Prerequisites: `doctl`, `curl` and `jq`
	# See https://www.digitalocean.com/community/tutorials/how-to-use-doctl-the-official-digitalocean-command-line-client
	# In this particular case, we are going to open the port 22 for ssh connection.
	MY_IP=$(curl --silent ifconfig.io/ip) && doctl compute firewall add-rules $(doctl compute firewall list --output=json \| jq -r '.[].id') --inbound-rules "protocol:tcp,ports:22,address:${MY_IP}/32"
	#!/bin/bash
	if [ -n "${SKIP_BACKUPS}" ]; then
	exit 0
	fi

	type pigz \|\| brew install pigz
	type rsync \|\| brew install rsync
	type rsync-time-backup.sh \|\| brew install rsync-time-backup

	SRC_DIRS=(
	#!/bin/bash -e
	RED='\033[0;31m'
	GREEN='\033[0;32m'
	NC='\033[0m' # No Color

	err_report() {
	echo ""
	echo -e "${RED}USAGE: $(basename $0)${NC}"
	echo -e "${RED}USAGE: AWS_LOGIN_PROFILE=my-profile AWS_PROFILE=my-profile-mfa $(basename $0) 123456${NC}"
	echo -e "${RED}See${NC} https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/"
	#!/bin/bash -e
	type csvjson \|\| brew install csvkit
	type jq \|\| brew install jq

	RED='\033[0;31m'
	NC='\033[0m' # No Color

	OUTPUT_PODS=pods.csv
	truncate -s 0 "${OUTPUT_PODS}"
	kind: ServiceAccount
	apiVersion: v1
	metadata:
	name: reclaim-policy
	namespace: monitoring
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: reclaim-policy
	#!/bin/bash
	# See https://kubernetes.io/docs/tasks/administer-cluster/change-pv-reclaim-policy/

	set -eo pipefail

	echo ">>> BEFORE"
	kubectl get pv

	kubectl patch pv $(kubectl get pv -o json \| jq -r '.items[] \| select(.spec .persistentVolumeReclaimPolicy != "Retain") \| .metadata .name') -p '{"spec":{"persistentVolumeReclaimPolicy":"Retain"}}'
	PUT _xpack/watcher/watch/outofmemoryerror
	{
	"trigger" : {
	"schedule" : { "cron" : "0 0/4 * * * ?" }
	},
	"input" : {
	"search" : {
	"request" : {
	"indices" : [
	"</logstash><logstash -{now-1h/d}t{now-1h{HH}}>",