atrakic

## post-receive
#!/bin/bash

target_branch="production"
working_tree="PATH_TO_DEPLOY"

while read oldrev newrev refname
do
    branch=$(git rev-parse --symbolic --abbrev-ref $refname)
    if [ -n "$branch" ] && [ "$target_branch" == "$branch" ]; then


## resume.json
{
  "meta": {
    "theme": "onepage"
  },
  "basics": {
    "name": "Admir Trakic",
    "label": "Software engineer",
    "email": "xomodo@gmail.com",
    "phone": "(45) 29133654",
    "website": "https://atrakic.github.io",

## better-ssh-authorized-keys-management.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                atrakic
                / better-ssh-authorized-keys-management.md
            
            
              Created
              January 20, 2020 07:48
                — forked from sivel/better-ssh-authorized-keys-management.md
            
              
                Better SSH Authorized Keys Management
              
          
    Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.
People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys.  A centralized key management system could help provide all of this functionality with a little scripting.
One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.
Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

  
## setup-pihole.sh
#!/bin/bash
if [ "$#" -ne 1 ]; then
    echo "Usage: $0 123.123.123.123 password"
    echo "Specify your host's LAN IP and the desired Pihole password"
    exit 1
fi

IP=$1
PASSWORD=$2

## setup-pihole.sh
#!/bin/bash
if [ "$#" -ne 1 ]; then
    echo "Usage: $0 123.123.123.123 password"
    echo "Specify your host's LAN IP and the desired Pihole password"
    exit 1
fi

IP=$1
PASSWORD=$2

## gitlab-ci.yaml
deploy-kube:
  stage: deploy
  environment: test
  image: dtzar/helm-kubectl:2.12.3
  script:
    - kubectl config set-cluster sophia-cluster --server=${KUBE_URL} --certificate-authority="${KUBE_CA_PEM_FILE}"
    - kubectl config set-credentials sophia-admin --token=${KUBE_TOKEN}
    - kubectl config set-context sophia-context --cluster=sophia-cluster --user=sophia-admin --namespace ${KUBE_NAMESPACE}
    - kubectl config use-context sophia-context
    - helm upgrade --reuse-values --set image.tag=$CI_BUILD_REF sophia k8s-chart

## urlencode
#!/usr/bin/python

import urllib
import sys

text = sys.argv[1]
encoded = urllib.quote_plus(text)
print encoded


## rioStart.sh
#!/bin/bash
#set -x
#set -e
k3d delete --name='rio'
k3d create  -n rio --image rancher/k3s:v0.8.1 --publish 80:80 --publish 443:443  --publish 9443:9443 --publish 9080:9080 &&
declare -i i; i=0
until k3d get-kubeconfig --name='rio'
do
    if (( i > 20 )); then
        break

## gist:5a3a5bc974c98ab1b71dd69eee0e5856
image:
  name: hashicorp/terraform:light
  entrypoint:
    - '/usr/bin/env'
    - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'

before_script:
  - rm -rf .terraform
  - terraform --version
  - mkdir -p ./creds

## java_docker_debug_centos_query_app.sh
#!/bin/bash

# install RPM package (due to its size intentinally omited from Dockerfile):
yum install -y java-1.8.0-openjdk-devel.x86_64

# get id in which java process we are interested:
JPID=$(jps -l|grep query | awk '{print $1}')

# prepare for filegen:
FILE=dump-$(date +"%s").hprof
	#!/bin/bash

	target_branch="production"
	working_tree="PATH_TO_DEPLOY"

	while read oldrev newrev refname
	do
	branch=$(git rev-parse --symbolic --abbrev-ref $refname)
	if [ -n "$branch" ] && [ "$target_branch" == "$branch" ]; then
	{
	"meta": {
	"theme": "onepage"
	},
	"basics": {
	"name": "Admir Trakic",
	"label": "Software engineer",
	"email": "xomodo@gmail.com",
	"phone": "(45) 29133654",
	"website": "https://atrakic.github.io",
	#!/bin/bash
	if [ "$#" -ne 1 ]; then
	echo "Usage: $0 123.123.123.123 password"
	echo "Specify your host's LAN IP and the desired Pihole password"
	exit 1
	fi

	IP=$1
	PASSWORD=$2
	deploy-kube:
	stage: deploy
	environment: test
	image: dtzar/helm-kubectl:2.12.3
	script:
	- kubectl config set-cluster sophia-cluster --server=${KUBE_URL} --certificate-authority="${KUBE_CA_PEM_FILE}"
	- kubectl config set-credentials sophia-admin --token=${KUBE_TOKEN}
	- kubectl config set-context sophia-context --cluster=sophia-cluster --user=sophia-admin --namespace ${KUBE_NAMESPACE}
	- kubectl config use-context sophia-context
	- helm upgrade --reuse-values --set image.tag=$CI_BUILD_REF sophia k8s-chart
	#!/usr/bin/python

	import urllib
	import sys

	text = sys.argv[1]
	encoded = urllib.quote_plus(text)
	print encoded
	#!/bin/bash
	#set -x
	#set -e
	k3d delete --name='rio'
	k3d create -n rio --image rancher/k3s:v0.8.1 --publish 80:80 --publish 443:443 --publish 9443:9443 --publish 9080:9080 &&
	declare -i i; i=0
	until k3d get-kubeconfig --name='rio'
	do
	if (( i > 20 )); then
	break
	image:
	name: hashicorp/terraform:light
	entrypoint:
	- '/usr/bin/env'
	- 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'

	before_script:
	- rm -rf .terraform
	- terraform --version
	- mkdir -p ./creds
	#!/bin/bash

	# install RPM package (due to its size intentinally omited from Dockerfile):
	yum install -y java-1.8.0-openjdk-devel.x86_64

	# get id in which java process we are interested:
	JPID=$(jps -l\|grep query \| awk '{print $1}')

	# prepare for filegen:
	FILE=dump-$(date +"%s").hprof