#
Ben Leggett bleggett
bleggett
/ gist:ca527c334d0e76322f28b26d7085d934
Created
March 1, 2023 23:28
LimaVM arm64 fedora with fast ops
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This example requires Lima v0.7.0 or later. | |
| images: | |
| - location: "https://download.fedoraproject.org/pub/fedora/linux/releases/37/Cloud/aarch64/images/Fedora-Cloud-Base-37-1.7.aarch64.qcow2" | |
| arch: "aarch64" | |
| digest: "sha256:cc8b0f49bc60875a16eef65ad13e0e86ba502ba3585cc51146f11f4182a628c0" | |
| mounts: | |
| - location: "~/Source" | |
| writable: true | |
| - location: "/tmp/lima" | |
| writable: true |
bleggett
/ spire-extended-destrule.txt
Created
February 2, 2023 17:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TODO destination rules need to be created for any SPIFFE IDs that don't follow the | |
| # format that Istio expects (ns/NAMESPACE/sa/TARGET_POD_SVC_ACCOUNT) | |
| # because ATM Istio defaults to clientside SAN checks that assume that SPIFFE ID format | |
| # and this is not currently configurable. | |
| # | |
| # https://github.com/istio/istio/issues/43105 | |
| # | |
| # Additionally, since DestinationRules override Istio's "default automTLS" settings, we need `mode: ISTIO_MUTUAL` | |
| # in each DestRule to tell Istio that even though we have a custom destination config, we still want mTLS. | |
| --- |
bleggett
/ *doom:scratch*.txt
Created
February 2, 2023 17:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TODO destination rules need to be created for any SPIFFE IDs that don't follow the | |
| # format that Istio expects (ns/NAMESPACE/sa/TARGET_POD_SVC_ACCOUNT) | |
| # because ATM Istio defaults to clientside SAN checks that assume that SPIFFE ID format | |
| # and this is not currently configurable. | |
| # | |
| # https://github.com/istio/istio/issues/43105 | |
| # | |
| # Additionally, since DestinationRules override Istio's "default automTLS" settings, we need `mode: ISTIO_MUTUAL` | |
| # in each DestRule to tell Istio that even though we have a custom destination config, we still want mTLS. | |
| --- |
bleggett
/ spire-extended-destrule.txt
Created
February 2, 2023 16:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TODO destination rules need to be created for any SPIFFE IDs that don't follow the | |
| # format that Istio expects (ns/NAMESPACE/sa/TARGET_POD_SVC_ACCOUNT) | |
| # because ATM Istio defaults to clientside SAN checks that assume that SPIFFE ID format | |
| # and this is not currently configurable | |
| # | |
| # Additionally, since DestinationRules override Istio's "default automTLS" settings, we need `mode: ISTIO_MUTUAL` | |
| # in each DestRule to tell Istio that even though we have a custom destination config, we still want mTLS. | |
| {{- range .Values.spireIdentities }} | |
| --- | |
| apiVersion: networking.istio.io/v1beta1 |
bleggett
/ spire-extended-destrule.txt
Created
February 2, 2023 16:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TODO destination rules need to be created for any SPIFFE IDs that don't follow the | |
| # format that Istio expects (ns/NAMESPACE/sa/TARGET_POD_SVC_ACCOUNT) | |
| # because ATM Istio defaults to clientside SAN checks that assume that SPIFFE ID format | |
| # and this is not currently configurable - however this should be resolved soonish. | |
| # https://github.com/istio/istio/issues/28712 | |
| # | |
| # Additionally, since DestinationRules override Istio's "default automTLS" settings, we need `mode: ISTIO_MUTUAL` | |
| # in each DestRule to tell Istio that even though we have a custom destination config, we still want mTLS. | |
| {{- range .Values.spireIdentities }} | |
| --- |
bleggett
/ *doom:scratch*.txt
Created
February 2, 2023 16:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TODO destination rules need to be created for any SPIFFE IDs that don't follow the | |
| # format that Istio expects (ns/NAMESPACE/sa/TARGET_POD_SVC_ACCOUNT) | |
| # because ATM Istio defaults to clientside SAN checks that assume that SPIFFE ID format | |
| # and this is not currently configurable - however this should be resolved soonish. | |
| # https://github.com/istio/istio/issues/28712 | |
| # | |
| # Additionally, since DestinationRules override Istio's "default automTLS" settings, we need `mode: ISTIO_MUTUAL` | |
| # in each DestRule to tell Istio that even though we have a custom destination config, we still want mTLS. | |
| {{- range .Values.spireIdentities }} | |
| --- |
bleggett
/ istio-destinationrule-hax.org
Created
February 2, 2023 16:27
bleggett
/ istio-env.sh
Created
January 30, 2023 20:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env sh | |
| su-exec root apt-get update && su-exec root apt-get install -y cmake-data | |
| export DOCKER_SOCKET_MOUNT="-v /var/run/docker.sock.raw:/var/run/docker.sock" | |
| export BUILD_ZTUNNEL=1 | |
| export BUILD_ZTUNNEL_REPO="$(pwd)/ztunnel" | |
| export TAG=bm-ambienttest | |
| export HUB=docker.io/bmleggett | |
| export IMAGE_VERSION=master-7b5c2064d06c417cc34d4ed760fd65134055c301 | |
| export DOCKER_ARCHITECTURES=linux/arm64 |
bleggett
/ gist:7dd1e05d9c9f9063744e02a55489ca65
Created
January 20, 2023 22:35
Istio DR rule SAN override
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TODO destination rules need to be created for any SPIFFE IDs that don't follow the | |
| # format that Istio expects (ns/NAMESPACE/sa/TARGET_POD_SVC_ACCOUNT) | |
| # because ATM Istio defaults to clientside SAN checks that assume that SPIFFE ID format | |
| # and this is not currently configurable - however this should be resolved soonish. | |
| # https://github.com/istio/istio/issues/28712 | |
| # | |
| # Additionally, since DestinationRules override Istio's "default automTLS" settings, we need `mode: ISTIO_MUTUAL` | |
| # in each DestRule to tell Istio that even though we have a custom destination config, we still want mTLS. | |
| {{- range .Values.spireIdentities }} | |
| --- |
bleggett
/ dsd2flac.py
Last active
April 23, 2022 23:03
— forked from hyperknot/dsd2flac.py
DSD to FLAC conversion using SoX DSD. Original by @hyperknot. Scans the file once to determine optimum gain, then converts using that. You can get SoX DSD binaries from https://audiodigitale.eu/repo/sox/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import pathlib | |
| import subprocess | |
| import sys | |
| import shutil | |
| import math | |
| root = pathlib.Path(__file__).parent.resolve() | |
| target_root = root / 'dsd' |
NewerOlder