Brian Green greenbrian

## 0_reuse_code.js
// Use Gists to store code you would like to remember later on
console.log(window); // log the "window" object to the console

## ansible role parameters.yml
---

- hosts: all
  roles:

    - role: foo
      param1: '{{ foo }}'
      param2: '{{ some_var1 + "/" + some_var2 }}'
      when: ansible_os_family == 'RedHat'


## check if first node in group.yaml
---
- name: do stuff only if first member in a group
  command: echo "hello"
  when: groups.some_group[0] == inventory_hostname

## Ansible - use of template and with_nested
#roles/myapp/tasks/main.yml
---
  - name: manage config files
    template: src={{ item[0].src }} dest=/etc/{{ item[1] }}/{{ item[0].dest }}
    with_nested:
      - config_files
      - app_instance

## nomad-vault.sh
#!/usr/bin/env bash

if [ -f /mnt/ramdisk/token ]; then
  exec env VAULT_TOKEN=$(vault unwrap -field=token $(jq -r '.token' /mnt/ramdisk/token)) \
    /usr/local/bin/nomad agent \
      -config=/etc/nomad.d \
      -vault-tls-skip-verify=true
else
  echo "Nomad service failed due to missing Vault token"
  exit 1

## HashiCorp Vault - methods of writing ACL policies
There are many methods for writing Vault policies.

This gist was created to collect the most common methods
such that they can be easily used as references for syntax,
as well as evaluation for which method suits a particular purpose.

TODO:

- Add complex policy examples
- Add @json.file examples

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                greenbrian
                / keybase.md
            
            
              Created
              June 27, 2019 05:17
            
              
                keybase.md
              
          
    Keybase proof

I hereby claim:

I am greenbrian on github.
I am greenbrian (https://keybase.io/greenbrian) on keybase.
I have a public key ASDl2gMhvJmCjOwTsNKisOwCfyShHs3M3sBo8rvM3_kcGgo

To claim this, I am signing this object:

  
## snapshot.md

      
              1 file
            
          
              2 forks
            
          
              0 comments
            
          
              2 stars
            
          
                greenbrian
                / snapshot.md
            
            
              Created
              December 6, 2019 04:15
            
              
                Consul Snapshot restore Vault cluster
              
          
    Take a consul snapshot:

consul snapshot save backup.snap
Verify consul snapshot:

consul snapshot inspect backup.snap
Stop Consul

systemctl stop consul.service
Stop Vault


## vault_demo.sh
#!/bin/bash

## The following command starts Vault in development mode
## specifiying a root token value of 'root'
##
# VAULT_UI=true vault server -dev -dev-root-token-id="root"

## Login with root token
## Good for demo mode, should only be used on production cluster
## during initial configuration

## approle.sh
#!/bin/bash

# start vault
VAULT_UI=true vault server -dev -dev-root-token-id=root -dev-listen-address=127.0.0.1:8200

# login as root - DO NOT DO THIS IN PRODUCTION
vault login root

# write some secrets
vault kv put secret/test color=blue number=eleventeen
	// Use Gists to store code you would like to remember later on
	console.log(window); // log the "window" object to the console
	---

	- hosts: all
	roles:

	- role: foo
	param1: '{{ foo }}'
	param2: '{{ some_var1 + "/" + some_var2 }}'
	when: ansible_os_family == 'RedHat'
	---
	- name: do stuff only if first member in a group
	command: echo "hello"
	when: groups.some_group[0] == inventory_hostname
	#roles/myapp/tasks/main.yml
	---
	- name: manage config files
	template: src={{ item[0].src }} dest=/etc/{{ item[1] }}/{{ item[0].dest }}
	with_nested:
	- config_files
	- app_instance
	#!/usr/bin/env bash

	if [ -f /mnt/ramdisk/token ]; then
	exec env VAULT_TOKEN=$(vault unwrap -field=token $(jq -r '.token' /mnt/ramdisk/token)) \
	/usr/local/bin/nomad agent \
	-config=/etc/nomad.d \
	-vault-tls-skip-verify=true
	else
	echo "Nomad service failed due to missing Vault token"
	exit 1
	There are many methods for writing Vault policies.

	This gist was created to collect the most common methods
	such that they can be easily used as references for syntax,
	as well as evaluation for which method suits a particular purpose.

	TODO:

	- Add complex policy examples
	- Add @json.file examples
	#!/bin/bash

	## The following command starts Vault in development mode
	## specifiying a root token value of 'root'
	##
	# VAULT_UI=true vault server -dev -dev-root-token-id="root"

	## Login with root token
	## Good for demo mode, should only be used on production cluster
	## during initial configuration
	#!/bin/bash

	# start vault
	VAULT_UI=true vault server -dev -dev-root-token-id=root -dev-listen-address=127.0.0.1:8200

	# login as root - DO NOT DO THIS IN PRODUCTION
	vault login root

	# write some secrets
	vault kv put secret/test color=blue number=eleventeen