This is possibly slightly incomplete as I stripped out an existing jobspec to share, but the meat is really in the run.sh
template of the tailscale
task. You'll need a reusable and ephemeral auth key.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function password_from_keychain(service) | |
-- 'service' should be saved in the login keychain | |
local cmd = "/usr/bin/security 2>&1 >/dev/null find-generic-password -gs '" .. service .. "' | sed -En '/^password: / s,^password: \"(.*)\"$,\\1,p'" | |
local handle = io.popen(cmd) | |
local result = handle:read("*a") | |
handle:close() | |
return (result:gsub("^%s*(.-)%s*$", "%1")) | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e -u -o pipefail | |
{ | |
echo 'digraph G {' | |
brew list | while read cask; do | |
printf '"%s";\n' $cask | |
brew deps $cask | while read dep; do |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# -*- encoding: utf-8 -*- | |
## in order to cleanly shut down a node with running jobs, the node needs to be | |
## drained, and then we need to wait for allocations to be migrated away. in | |
## this script, we: | |
## * set up a watch for node-update evals for the current node | |
## * wait for allocations currently running to complete | |
## * wait for allocations from the watched evals to start running | |
## |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# consul Manage the consul agent | |
# | |
# chkconfig: 2345 95 95 | |
# description: Consul is a tool for service discovery and configuration | |
# processname: consul | |
# config: /etc/consul.conf | |
# pidfile: /var/run/consul.pid |
Shell script for downloading HashiCorp binaries.
Requires jq (brew install jq
) and gpg (brew cask install gpg-suite
).
I structure all my binaries as ~/devel/HashiCorp/binaries/<product>-<version>/<product>
and adjust paths as needed based on the project I'm working on.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# -*- encoding: utf-8 -*- | |
## clones a Go project into a new directory and sets up the workspace with direnv. | |
## | |
## example: | |
## $ go_clone git@github.com:hashicorp/nomad.git nomad | |
## | |
## * creates the "nomad" directory | |
## * creates a .envrc with "layout go" in it |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## chef report handler for Consul | |
## depends on a chef-client check being registered with the agent | |
## • pings TTL-style check with ok/warning status on chef run pass/fail | |
## • stores run report and node attributes in chef/reports/<datacenter>/<consul_node_name> | |
require "chef/handler" | |
require "rest_client" | |
class ConsulHandler < Chef::Handler | |
attr_reader :config |
NewerOlder