darrenpmeyer

#!/usr/bin/env bash

oc_ver="8.10"

echo "Autobuild OpenConnect $oc_ver"
echo " "
echo "This script uses apt-get and make install via sudo rights"
echo "To simplify this, we're going to use sudo -v to pre-authenticate you"
sudo -k
sudo -v

PhilipSchmid

Rancher v2.X KeyCloak Authentication Backend Configuration

Ranchers official documentation about how to configure the Rancher <> KeyCloak setup is fine but definitely not sufficient to successfully configure it (https://rancher.com/docs/rancher/v2.x/en/admin-settings/authentication/keycloak/). That's the reason why here every single required step is documented down here.

KeyCloak Configuration

I simply use the default master realm for the Rancher client. Nevertheless, it would sometimes absolutely make sense to use a custom KeyCloak realm.

1. Login as admin on https://keycloak.example.com/. Important: It's crucial that in KeyCloak the same username exists as you use as admin user on Rancher. Since I just use the admin account in this guide, this prerequisite is already achieved.
2. Create a new client under https://keycloak.example.com/auth/admin/master/console/#/realms/master/clients
   • Client ID: https://rancher.example.com/v1-saml/keycloak/saml/metadata

jsdevtom

export const ws = webSocket<WebsocketMessage>(`wss://${location.hostname}:${location.protocol === 'https:' ? 443 : 80}/ws/`);

export const wsObserver = ws
  .pipe(
    retryWhen(errors =>
      errors.pipe(
        delay(1000)
      )
    )
  );

etiennetremel

#!/bin/bash
#
# Create Kubernetes user. Require cfssl.
#
# Usage:
#   ./create-user.sh <kubernetes api host> <fulle name> <clusterrole>
#
# Example:
#   ./create-user.sh k8s-api.my-domain.com "Jane Doe" my-project:admin

henning

#!/bin/bash

CLUSTERNAME=mycluster.mydomain
NAMESPACE=default
USERNAME=myclusteruser
GROUPNAME=mygroup

openssl genrsa -out ${USERNAME}.key 2048

CSR_FILE=$USERNAME.csr

innovia

#!/bin/bash
set -e
set -o pipefail

# Add user to k8s using service account, no RBAC (must create RBAC after this script)
if [[ -z "$1" ]] || [[ -z "$2" ]]; then
 echo "usage: $0 <service_account_name> <namespace>"
 exit 1
fi

troyfontaine

Methods of Signing Git Commits on MacOS

Last updated March 13, 2024

This Gist explains how to sign commits using gpg in a step-by-step fashion. Previously, krypt.co was heavily mentioned, but I've only recently learned they were acquired by Akamai and no longer update their previous free products. Those mentions have been removed.

Additionally, 1Password now supports signing Git commits with SSH keys and makes it pretty easy-plus you can easily configure Git Tower to use it for both signing and ssh.

For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps here for signing your commits with GPG.

jeffbrl

system {
    login {
        user ansible {
            class super-user;
            authentication {
                ssh-rsa "{{ ansible_public_key }}";
           }
        }
    }
}

akashnimare

Project title

A little info about your project and/ or overview that explains what the project is about.

Motivation

A short description of the motivation behind the creation and maintenance of the project. This should explain why the project exists.

Build status

Build status of continus integration i.e. travis, appveyor etc. Ex. -

mattiaslundberg

Ansible playbook to setup HTTPS using Let's encrypt on nginx.

The Ansible playbook installs everything needed to serve static files from a nginx server over HTTPS.
The server pass A rating on [SSL Labs](https://www.ssllabs.com/).

To use:
 1. Install [Ansible](https://www.ansible.com/)
 2. Setup an Ubuntu 16.04 server accessible over ssh
 3. Create `/etc/ansible/hosts` according to template below and change example.com to your domain
 4. Copy the rest of the files to an empty directory (`playbook.yml` in the root of that folder and the rest in the `templates` subfolder)