joe miller joemiller

## he-dns-update.sh
#!/bin/bash
#
# Script for updating DNS records on  Hurricane Electirc's DNS system (https://dns.he.net).
#
# The record will be updated with the IP address that originates the request.
#
# Usage
# -----
#
# Create config file `/etc/he-dns-update.conf`:

## mk-test-certs.sh
#!/bin/sh
# helper script for making a new CA and signing client (leaf) certs, including making java keystore (JKS) files. useful in creating test fixtures
#
# Example:
# ./mk-test-certs.sh
# ==> Creating new CA: certs/ca.key, certs/ca.crt
# Generating a 2048 bit RSA private key
# ....................................................+++
# ...............................+++
# writing new private key to 'certs/ca.key'

## loki-nginx-dns-499-issue.md

      
              1 file
            
          
              1 fork
            
          
              5 comments
            
          
              4 stars
            
          
                joemiller
                / loki-nginx-dns-499-issue.md
            
            
              Last active
              February 26, 2024 16:57
            
          
    Loki log ingestion issue

Loki stops ingesting logs from promtail. The error messages are a stream HTTP 499 errors
in the gateway component which is based on nginx. Ex:
10.194.148.169 - - [17/Feb/2022:21:08:28 +0000]  499 "POST /loki/api/v1/push HTTP/1.1" 0 "-" "promtail/" "-"
10.194.90.195 - - [17/Feb/2022:21:08:28 +0000]  499 "POST /loki/api/v1/push HTTP/1.1" 0 "-" "promtail/" "-"


## Dockerfile
FROM balabit/syslog-ng:3.35.1

COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf

## netpps.sh
#!/bin/bash


if [ -z "$1" ]; then
        echo
        echo usage: $0 network-interface
        echo
        echo e.g. $0 eth0
        echo
        echo shows packets-per-second

## gke-np-ip-utilization.rb
#!/usr/bin/env ruby
#
# Show GKE per-node-pool pod IP CIDR range utilization.
#
# Usage:
#  gcloud container clusters describe <cluster-name> --location <loc> --format=json | ./gke-np-ip-utilization.rb

require 'json'
require 'ipaddr'

## raid_ephemeral.sh
#!/bin/bash
#
# this script will attempt to detect any ephemeral drives on an EC2 node and create a RAID-0 stripe
# mounted at /mnt. It should be run early on the first boot of the system.
#
# Beware, This script is NOT fully idempotent.
#

METADATA_URL_BASE="http://169.254.169.254/2012-01-12"

## 71.patch
--- /usr/src/sys/dev/acpi/acpi.c.orig   Mon Oct  3 16:26:55 2022
+++ /usr/src/sys/dev/acpi/acpi.c        Mon Oct  3 16:30:29 2022
@@ -2269,6 +2269,18 @@
 {
        struct aml_node *node = arg;
        uint8_t mask, en;
+
+       /* bad bios. mask/ignore the GPE _L6F (0x6f) interrupt */
+       if (gpe == 0x6f && (sc->gpe_table[gpe].flags & GPE_LEVEL)) {
+               static unsigned short i;

## auto_shutdown.service
[Unit]
Description=Auto shutdown service

[Service]
Type=oneshot
ExecStart=/auto_shutdown.sh

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                joemiller
                / README.md
            
            
              Last active
              April 7, 2023 15:13
            
              
                Buildkite OIDC JWT example with Vault auth
              
          
    Get JWT from inside of a running BK job:
curl -s -X POST -H "Authorization: Token ${BUILDKITE_AGENT_ACCESS_TOKEN}" \
  "${BUILDKITE_AGENT_ENDPOINT:-https://agent.buildkite.com/v3}/jobs/${BUILDKITE_JOB_ID}/oidc/tokens" \
  --data '{"audience":"vault"}'
In a future, currently (2022/11/17) unreleased version of buildkite-agent you can run this instead:
	#!/bin/bash
	#
	# Script for updating DNS records on Hurricane Electirc's DNS system (https://dns.he.net).
	#
	# The record will be updated with the IP address that originates the request.
	#
	# Usage
	# -----
	#
	# Create config file `/etc/he-dns-update.conf`:
	#!/bin/sh
	# helper script for making a new CA and signing client (leaf) certs, including making java keystore (JKS) files. useful in creating test fixtures
	#
	# Example:
	# ./mk-test-certs.sh
	# ==> Creating new CA: certs/ca.key, certs/ca.crt
	# Generating a 2048 bit RSA private key
	# ....................................................+++
	# ...............................+++
	# writing new private key to 'certs/ca.key'
	FROM balabit/syslog-ng:3.35.1

	COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
	#!/bin/bash


	if [ -z "$1" ]; then
	echo
	echo usage: $0 network-interface
	echo
	echo e.g. $0 eth0
	echo
	echo shows packets-per-second
	#!/usr/bin/env ruby
	#
	# Show GKE per-node-pool pod IP CIDR range utilization.
	#
	# Usage:
	# gcloud container clusters describe <cluster-name> --location <loc> --format=json \| ./gke-np-ip-utilization.rb

	require 'json'
	require 'ipaddr'
	#!/bin/bash
	#
	# this script will attempt to detect any ephemeral drives on an EC2 node and create a RAID-0 stripe
	# mounted at /mnt. It should be run early on the first boot of the system.
	#
	# Beware, This script is NOT fully idempotent.
	#

	METADATA_URL_BASE="http://169.254.169.254/2012-01-12"
	--- /usr/src/sys/dev/acpi/acpi.c.orig Mon Oct 3 16:26:55 2022
	+++ /usr/src/sys/dev/acpi/acpi.c Mon Oct 3 16:30:29 2022
	@@ -2269,6 +2269,18 @@
	{
	struct aml_node *node = arg;
	uint8_t mask, en;
	+
	+ /* bad bios. mask/ignore the GPE _L6F (0x6f) interrupt */
	+ if (gpe == 0x6f && (sc->gpe_table[gpe].flags & GPE_LEVEL)) {
	+ static unsigned short i;
	[Unit]
	Description=Auto shutdown service

	[Service]
	Type=oneshot
	ExecStart=/auto_shutdown.sh