Skip to content

Instantly share code, notes, and snippets.

Hack the 🌎!

Derek Ditch dcode

Hack the 🌎!
Block or report user

Report or block dcode

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
dcode /
Created Aug 12, 2019
Offline snapshot and import of container images using skopeo
urlencode() {
# urlencode <string>
View molecule.yml
# Mostly working, but weird cartesian products of groups
name: single-node # optional
name: galaxy
name: delegated
managed: True
dcode /
Last active Oct 18, 2019
How to use CoreDNS w/ etcd backend

Setup CoreDNS w/ etcd backend

Why CoreDNS

[CoreDNS][coredns] was designed from the ground up to provide robust, plugin-based DNS server for use in cloud environments. Namely, it serves as the default primary service discovery mechanism for Kubernetes.

Using CoreDNS allows us to have a lightweight DNS server on RockNSM (11 Mb binary is all that's needed!) to facilitate multi-node service discovery. Alternatively, if another existing DNS service is available, this can be used instead. Aligning with the way the Kubernetes manages service discovery also allows us to build new RockNSM features in parallel with the coming Kubernetes support.

RockNSM Application

dcode / _Podman Volume
Last active Jan 17, 2019
Discussion on how to create named volumes for Podman and set quotas on them using the native filesystem tools.
View _Podman Volume

Podman has recently added support for named volumes, which is super handy. As of today (2018-01-17), it supports the local driver, which effectively will bind-mount a tracked directory into one or more containers. It's helpful to be able to limit the size of data volumes though so that one container doesn't exhaust the resources of another.

Fortunately, the XFS filesystem let's us handle this natively using "project quotas". XFS allows setting quotas based on username, group, or project. The project quota effectively maps a project ID to a path on a filesystem.

dcode /
Last active Aug 3, 2019
Enable CAC Authentication on Mac OS X (Mojave)
export CERT_URL=''
# Download & Extract DoD root certificates
cd ~/Downloads/
curl -LOJ ${CERT_URL}
unzip $(basename ${CERT_URL})
cd $(basename ${CERT_URL} .zip)
dcode /
Created Nov 19, 2018
I brute forced playing through the options of podman to try to work with pods on a standalone system using podman (i.e. without kubernetes)
# Creates new pod named `test` with `running` status with `infra` container only
sudo podman pod create --name test
# Pauses the named pod and all containers in the pod
sudo podman pod pause test
# Unpauses the named pod and all containers in the pod
sudo podman pod unpause test
# Show all pods and their status
dcode /
Last active Mar 18, 2019
A super simple (i.e. no error handling) script to parse a list of CSVs and write them to Elasticsearch using the bulk API. Requires Python 3 and the Elasticsearch Python client (pip3 install elasticsearch).
#!/usr/bin/env python3
import argparse
from pathlib import Path
import csv
from elasticsearch import Elasticsearch
from elasticsearch.exceptions import TransportError
from elasticsearch.helpers import bulk, streaming_bulk
parser = argparse.ArgumentParser(description='Simple upload of a CSV to Elasticsearch for analysis')
#group = parser.add_mutually_exclusive_group()
dcode /
Last active Sep 22, 2018
Snippet to get local default interface IP using iproute
ip route get $(ip route get | awk '{ print $3 }') | awk 'NR == 1 {print $5}'
dcode / certbot.service
Created Sep 18, 2018
Run certbot twice daily to ensure we never lose a valid cert.
View certbot.service
# /etc/systemd/system/certbot.service
Description=Certbot Renewal
ExecStart=/usr/bin/certbot renew --post-hook "systemctl restart httpd"
dcode /
Last active Feb 15, 2018
Currently working lighttpd config

First, you need to enable the vhost config in lighttpd:

sudo sed -i '/^#.*vhosts\.d\/\*\.conf/ s/^#//' /etc/lighttpd/lighttpd.conf

Finally create the lighttpd docket vhost log dir

sudo mkdir -p /var/log/lighttpd/docket
You can’t perform that action at this time.