Skip to content

Instantly share code, notes, and snippets.

Avatar

Gene Wood gene1wood

View GitHub Profile
@gene1wood
gene1wood / set_chef_server_webui_password.py
Created Aug 23, 2013
How to programatically set the Chef Server web UI password
View set_chef_server_webui_password.py
require 'json'
dna=JSON.parse(IO.read("/opt/chef-server/embedded/cookbooks/dna.json"))
dna["chef_server"]["chef-server-webui"]["web_ui_admin_default_password"] = "YOUR PASSWORD GOES HERE"
File.open("/opt/chef-server/embedded/cookbooks/dna.json","w") do |f|
f.write(dna.to_json)
end
@gene1wood
gene1wood / enable_ses_on_amazon_linux.sh
Created Aug 23, 2013
Steps to switch from sendmail to postfix on Amazon Linux and enable using SES
View enable_ses_on_amazon_linux.sh
yum install postfix
alternatives --set mta /usr/sbin/sendmail.postfix
service sendmail stop
chkconfig sendmail off
# https://github.com/mozilla/identity-ops/blob/master/chef/cookbooks/persona-common/recipes/postfix.rb
HISTCONTROL=ignoreboth
USERNAME="usernamegoeshere"
PASSWORD="passwordgoeshere"
echo "email-smtp.us-east-1.amazonaws.com:25 $USERNAME:$PASSWORD" > /etc/postfix/sasl_passwd
/usr/sbin/postmap /etc/postfix/sasl_passwd
@gene1wood
gene1wood / show
Last active Jul 18, 2019
Tool to show cert, key or CSR information for a file or site
View show
#!/bin/bash
if [ -e "$1" ]; then
if grep -- ' PRIVATE KEY-' "$1" >/dev/null; then
action=rsa
elif grep -- '-BEGIN CERTIFICATE REQUEST-' "$1" >/dev/null; then
action=req
elif grep -- '-BEGIN CERTIFICATE-' "$1" >/dev/null; then
action=x509
else
@gene1wood
gene1wood / knockd.conf
Last active Dec 28, 2015
Example knockd.conf file that creates and destroys iptables rules
View knockd.conf
[options]
logfile = /var/log/knockd.log
[openSSH]
sequence = 10000,20000,30000,40000
seq_timeout = 45
tcpflags = syn
command = /sbin/iptables -I INPUT 15 -s %IP% -p tcp -m state --state NEW -m multiport --dports 22,80,443 -j ACCEPT -m comment --comment "knockd added `date +%F_%T` allowing access to SSH, HTTP and HTTPS : `dig -x %IP% +short`"
[closeSSH]
@gene1wood
gene1wood / delete_knockd_iptables_rule
Created Nov 15, 2013
Script to delete an iptables rule inserted by knockd based on an IP address
View delete_knockd_iptables_rule
#!/bin/bash
# This script is called by knockd and configured in the knockd.conf : https://gist.github.com/gene1wood/7489372
if [ -z "$1" ]; then
echo "usage : $0 IPADDRESS"
exit 1
fi
num="`iptables --list INPUT -n --line-numbers | awk '$13 == "knockd" {print $0}' | awk -v IP=$1 '$5 == IP {print $1}' | head -1`"
@gene1wood
gene1wood / ciwait.sh
Last active Dec 29, 2015
Want to watch while cloud-init initialized processes complete during instance spin up? Here's a command
View ciwait.sh
watch pstree -al `pgrep S99cloud-final`
@gene1wood
gene1wood / find_revealed_g3_photos.sql
Created Nov 29, 2013
This query will help in the Gallery 2 to Gallery 3 migration process. With it you can find all photos which do not have the "[core] view item" permission and which are not part of an album which also does not have the "[core] view item" permission. These photos will be publicly viewable in gallery 3 unlike gallery 2 where they were private. This…
View find_revealed_g3_photos.sql
# Find all photos which do not have the "[core] view item" permission
# and which are not part of an album which also does not have the
# "[core] view item" permission. These photos will be publicly viewable
# in gallery 3 unlike gallery 2
CREATE TEMPORARY TABLE restricted_items
SELECT DISTINCT(
TRIM(TRAILING '/' FROM
SUBSTRING_INDEX(
g2_ItemAttributesMap.g_parentSequence,
'/',
@gene1wood
gene1wood / pssh-chef.sh
Created Jan 31, 2014
A parallel ssh command which checks the last chef run and runs it again if there was a problem.
View pssh-chef.sh
# `get_hosts $stack` returns the ips of the instances in the named stack
# the "-t -t" extra-args works around the issue of running sudo without a tty
# the "--force-formatter" tells chef-solo to still output what it's doing even though it has no tty
stack=1234
pssh --host="`get_hosts $stack`" --timeout=0 --inline --par=10 --extra-args='-t -t -o StrictHostKeyChecking=no' --user=ec2-user 'if tail -1 /var/log/chef.log | grep FATAL; then sudo chef-solo -c /etc/chef/solo.rb -j /etc/chef/node.json --force-formatter; fi'
View bam_next_meeting_widget.html
<div class="textwidget"><span id="nextmeeting">The next meeting will be held at Linden Street Brewery </span><span id="nojavascript">on the second Thursday of the month</span>. Social starts at 7:00pm, meeting starts at 7:30pm.
<script>
// First, checks if it isn't implemented yet.
if (!String.prototype.format) {
String.prototype.format = function() {
var args = arguments;
return this.replace(/{(\d+)}/g, function(match, number) {
return typeof args[number] != 'undefined'
? args[number]
View loopCurl.sh
#!/bin/bash
for i in $(eval echo {1..$1})
do
echo $(date +"%T")
if ! curl -v "https://accounts.firefox.com" -o /dev/null &>/tmp/c.out; then
cat /tmp/c.out
else
echo "success"
fi