Skip to content

Instantly share code, notes, and snippets.

jeremy avnet brainsik

Block or report user

Report or block brainsik

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@brainsik
brainsik / terraform.log
Last active Feb 23, 2016
Reproducing Terraform GH Issue #4488
View terraform.log
$ terraform plan
Refreshing Terraform state prior to plan...
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed.
@brainsik
brainsik / terraform.log
Last active Feb 24, 2016
Reproducing Terraform GH Issue #5290
View terraform.log
$ terraform plan
Refreshing Terraform state prior to plan...
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed.
@brainsik
brainsik / keybase.md
Created Sep 30, 2016
Keybase proof of GitHub identity
View keybase.md

Keybase proof

I hereby claim:

  • I am brainsik on github.
  • I am brainsik (https://keybase.io/brainsik) on keybase.
  • I have a public key whose fingerprint is 5D80 FC62 9CEF 8FAE 737C DDED 19A1 D142 4FE9 8E13

To claim this, I am signing this object:

@brainsik
brainsik / openssl-cli-notes.md
Last active Feb 19, 2017
OpenSSL client commands
View openssl-cli-notes.md

Connect to TLS endpoint w/SNI

echo | openssl s_client -connect $site:$port -servername $site

Show certificate expiration dates

echo | openssl s_client -connect $site:$port -servername $site 2>/dev/null | openssl x509 -noout -dates
@brainsik
brainsik / dotdict.py
Created Jun 11, 2011
Override Python's dict with this for JS style dot notation access :-)
View dotdict.py
# encoding: utf-8
class DotDict(dict):
def __init__(self, *a, **kw):
dict.__init__(self, *a, **kw)
for key in self:
self._validate_key(key)
def _validate_key(self, key):
@brainsik
brainsik / main.cf
Created May 1, 2017
Postfix - secure relaying to smarthost
View main.cf
# client TLS parameters
smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_mandatory_ciphers = high
smtp_tls_cert_file=/etc/letsencrypt/live/XXX/fullchain.pem
smtp_tls_key_file=/etc/letsencrypt/live/XXX/privkey.pem
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_loglevel = 1
smtp_tls_note_starttls_offer = yes
@brainsik
brainsik / Preferences.sublime-settings
Last active May 24, 2017
SublimeText 3 Preferences
View Preferences.sublime-settings
{
"always_show_minimap_viewport": true,
"auto_complete_commit_on_tab": true,
"bold_folder_labels": true,
"caret_extra_bottom": 1,
"caret_extra_top": 1,
"caret_style": "solid",
"color_scheme": "Packages/Color Scheme - Default/Solarized (Dark).tmTheme",
"create_window_at_startup": false,
"ensure_newline_at_eof_on_save": true,
@brainsik
brainsik / gist:4280136
Created Dec 13, 2012
A simple way for Python cron tasks to exit if another process is currently running. Does not use a pidfile.
View gist:4280136
import os
import subprocess
import shlex
def bail_if_another_is_running():
cmd = shlex.split("pgrep -u {} -f {}".format(os.getuid(), __file__))
pids = subprocess.check_output(cmd).strip().split('\n')
if len(pids) > 1:
pids.remove("{}".format(os.getpid()))
@brainsik
brainsik / add-ca-to-java.sh
Created Sep 7, 2017
Command to add a CA to your Java key store
View add-ca-to-java.sh
$jre/bin/keytool \
-import \
-trustcacerts \
-file /path/to/MyIntermediateCA.crt \
-alias MyIntermediateCA \
-keystore $jre/lib/security/cacerts \
-storepass changeit \
-noprompt
@brainsik
brainsik / stubby.yml
Created Nov 20, 2017
Stubby config for Quad9
View stubby.yml
upstream_recursive_servers:
- address_data: 9.9.9.9
tls_auth_name: "dns.quad9.net"
tls_pubkey_pinset:
- digest: "sha256"
value: MujBQ+U0p2eZLTnQ2KGEqs+fPLYV/1DnpZDjBDPwUqQ=
You can’t perform that action at this time.