Skip to content

Instantly share code, notes, and snippets.


Kinnaird McQuade kmcquade

View GitHub Profile
soloradish / vault_logrotate
Created Sep 12, 2018
logrotate setting file for HashiCorp's Vault audit file
View vault_logrotate
# Change the path below to your own audit log path.
/var/log/vault/audit.log {
rotate 30
# Do not execute rotate if the log file is empty.
# Set compress on next rotate cycl to prevent entry loss when performing compression.
0xdabbad00 / gist:e25cf5599881c13d3b644bc4109cf619
Created Aug 9, 2018
trailblazer output ( Did have to comment out the call for s3 `upload_file` and `upload_fileobj`. Output sorted and the header line moved back to the top.
View gist:e25cf5599881c13d3b644bc4109cf619
EventSource, EventName, Recorded Name, Match
a4b, AssociateDeviceWithRoom, associatedevicewithroom, True
a4b, AssociateSkillGroupWithRoom, associateskillgroupwithroom, True
a4b, CreateProfile, createprofile, True
a4b, CreateRoom, createroom, True
a4b, CreateSkillGroup, createskillgroup, True
a4b, CreateUser, createuser, True
a4b, DeleteProfile, deleteprofile, True
a4b, DeleteRoom, deleteroom, True
a4b, DeleteRoomSkillParameter, deleteroomskillparameter, True
0xdabbad00 / aws actions
Created Aug 3, 2018
AWS API calls as extracted from boto using the technique on
View aws actions
0xdabbad00 / privilege_verbs.txt
Last active Oct 6, 2019
AWS IAM privilege verbs, use and `cat privileges.txt | sed 's/.*://' | sed 's/\([A-Z][a-z]*\).*/\1/' | sort | uniq -c` and then removed the one letter apigateway results.
View privilege_verbs.txt
5 Abort
9 Accept
3 Acknowledge
4 Activate
48 Add
23 Admin
6 Allocate
4 Apply
2 Approve
1 Archive
ags131 /
Last active Jun 22, 2021
Rancher 2.0, RKE, and some Raspberry Pi 3s

Kubernetes and Arm

Getting rke and Rancher setup to run kubernetes on arm is interesting. There is no official support yet via rancher, although there is interest and some work done towards those efforts. This is my attempt at getting a cluster of 3 Pis (2 3Bs and 1 3B+) provisioned and registered to a rancher 2 server.


I've successfully completed this both with Hypriot OS 1.9.0 and the arm64 builds Both times I used the same basic cloud-init setup

TyMac / gist:2c7a907af17cb4c8d2479ad5b16cad5c
Created Jun 7, 2018
Assure an ENA instance boots after a yum update
View gist:2c7a907af17cb4c8d2479ad5b16cad5c
tldr - remove microcode_ctl package - configure dracut to insure needed drivers are included for kernel/initrd updates
And exmaple - The Chef way:
1.) create a recipe with the following code:
if node['ec2']['instance_type'].include? ( "c5" || "f1" || "g3" || "h1" || "i3" || "m4.16xlarge" || "m5" || "p2" || "p3" || "r4" || "x1" )
template '/etc/dracut.conf' do
Ray33 / gist:ba189a729d81babc99d7cef0fb6fbcd8
Last active Apr 19, 2021 — forked from SamCyanide/gist:780afff4c3e1a9e105264c2a476e037c
Amazon Elastic Network Adapter (ENA) on CentOS 7
View gist:ba189a729d81babc99d7cef0fb6fbcd8
sudo su
yum --enablerepo=extras install epel-release
yum -y install patch dkms kernel-devel perl
yum update
#Required for kernel num 5:
yum --enablerepo=elrepo-kernel -y install kernel-ml-devel
miguelmota / Makefile
Last active Aug 27, 2021
Makefile docker push to AWS Elastic Container Registry (ECR)
View Makefile
# Login to AWS registry (must have docker running)
$$(aws ecr get-login --no-include-email --region us-east-1 --profile=mycompany)
# Build docker target
docker build -f Dockerfile --no-cache -t mycompany/myapp .
# Tag docker image
brikis98 /
Last active Jul 23, 2021
A hacky way to create a dynamic list of maps in Terraform
# The goal: create a list of maps of subnet mappings so we don't have to statically hard-code them in aws_lb
locals {
# These represent dynamic data we fetch from somewhere, such as subnet IDs and EIPs from a VPC module
subnet_ids = ["subnet-1", "subnet-2", "subnet-3"]
eips = ["eip-1", "eip-2", "eip-3"]
# Here's the hack! The null_resource has a map called triggers that we can set to arbitrary values.
# We can also use count to create a list of null_resources. By accessing the triggers map inside of
RichardBronosky /
Last active Jul 25, 2021
Using cloud-init for cloudless provisioning of Raspberry Pi

Installing cloud-init on a fresh Raspbian Lite image

This is a work in Progress!


This mainly demonstrates my goal of preparing a Raspberry Pi to be provisioned prior to its first boot. To do this I have chosen to use the same cloud-init that is the standard for provisioning servers at Amazon EC2, Microsoft Azure, OpenStack, etc.

I found this to be quite challenging because there is little information available for using cloud-init without a cloud. So, this project also servers as a demonstration for anyone on any version of Linux who may want to install from source, and/or use without a cloud. If you fall into that later group, you probably just want to read the code. It's bash so everything I do, you could also do at the command line. (Even the for loop.)