Skip to content

Instantly share code, notes, and snippets.

Avatar
🎱
Focusing

Arian van Putten arianvp

🎱
Focusing
View GitHub Profile
@arianvp
arianvp / webauthn-dpop.md
Created Jul 4, 2022
Using webauthn for sender constrained access tokens
View webauthn-dpop.md

Using webauthn for sender constrained access tokens

View gist:b64a910aa4226219ed52cbafc2ad1f0d

Nix.dev @zupo

All the commands in the nix.dev documentation are now checked by CI.

The problem is that we have nested shells; which default tooling for this doesn't work. It works on my machine. What left is polishing and adding it to CI

Nix code samples are extracted into a file such that e.g. following nix-build calls can access those files. So that we can check that the default.nix in the document actually works.

@arianvp
arianvp / flake.nix
Created Feb 22, 2022
A flake to deploy app to kubernetes
View flake.nix
{
description = "A flake that builds a go app and deploys to kubernetes";
inputs = {
utils.url = "github:numtide/flake-utils";
nixpkgs.url = "nixpkgs/nixpkgs-unstable";
};
outputs = { self, nixpkgs, utils }: utils.lib.eachDefaultSystem (system:
let
View cni.conf
{
"cniversion":"1.0.0",
"name":"kube",
"plugins": [
{
"type": "ptp",
"ipam": {
"type": "host-local",
"routes": [ { "dst": "::/0" } ],
"ranges": [ { "subnet": "2001:19f0:6c01:1f10::/80" } ]
@arianvp
arianvp / boot.ipxe
Last active Aug 31, 2021
ipxe boot config
View boot.ipxe
#!ipxe
set STREAM stable
set VERSION 34.20210725.3.0
set BASEURL https://builds.coreos.fedoraproject.org/prod/streams/${STREAM}/builds/${VERSION}/x86_64
set NETWORK # ip=bond0:dhcp bond=bond0:enp0s20f0,enp0s20f1:mode=balance-tlb,downdelay=200,updelay=200,miimon=100 nameserver=8.8.8.8
kernel ${BASEURL}/fedora-coreos-${VERSION}-live-kernel-x86_64 initrd=main ignition.platform.id=metal coreos.inst.install_dev=/dev/sda coreos.live.rootfs_url=${BASEURL}/fedora-coreos-${VERSION}-live-rootfs.x86_64.img ignition.firstboot coreos.inst.platform_id=packet console=ttyS1,115200n8 ${NETWORK}
View cassdc.rs
use anyhow::{anyhow, Result};
use futures::TryStreamExt;
use k8s_openapi::api::core::v1::{PersistentVolumeClaim, Pod};
use kube::api::{Api, DeleteParams, ListParams, Patch, PatchParams};
use kube::Client;
use kube::CustomResource;
use kube_runtime::utils::try_flatten_applied;
use kube_runtime::watcher;
use schemars::JsonSchema;
use serde::{Deserialize, Serialize};
@arianvp
arianvp / eksctl.yaml
Last active Jun 14, 2021
EKS managed node group k8ssandra
View eksctl.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: arian-playground-staging
region: eu-central-1
version: "1.19"
managedNodeGroups:
# Used for other workloads
- name: compute
minSize: 1
View job.nix
{ pkgs, lib, config, ... }:
let
cfg = config.webshop;
in
{
options.webshop = {
website = lib.mkOption {
type = lib.types.package;
description = "The static content to serve";
};
View README.md

nix-shell --pure repro.nix succeeds:

$ nix-shell --pure repro.nix
[nix-shell]$ out=final.img
[nix-shell]$ genericBuild
90792
Checking that no-one is using this disk right now ... OK

Disk out.img: 44.3 MiB, 46485504 bytes, 90792 sectors
Units: sectors of 1 * 512 = 512 bytes
@arianvp
arianvp / review.md
Last active Jul 7, 2020
publiccode review
View review.md
  • Code in the open - Development is done on a closed platform (Azure) that is periodically synced with GitHub. Some teams do work primarily on GitHub.
  • Bundle policy and source code - No. there are some requirement documents; but they're not in editable form, and are not the policy itself
  • Create reusable and portable code - Impossible due to dependence on GAEN which violates the "The codebase MUST be independent from any secret, undisclosed, proprietary or non-open licensed code or services for execution and understanding." requirement
  • Welcome contributions
  • Maintain version control
  • Require review of contributions
  • Document your objectives - . There is a requirements document but it's uneditable
  • Document your code. Partially. there are architecture documentation, but no code docs.
  • Use plain English