Skip to content

Instantly share code, notes, and snippets.

View macgregor's full-sized avatar

Matthew Stratton macgregor

11 followers · 5 following
  • Red Hat
  • Raleigh, NC
View GitHub Profile
@macgregor
macgregor / orchestrator.md
Created December 17, 2025 15:23
Prototype AI orchestration work flow to plan and implement a code solution to a problem. Save in .claude/commands/orchestrator.md
description allowed-tools model argument-hint
Multi-phase development workflow with problem refinement, design planning, user review, and iterative implementation
Task
Read
Write
Edit
AskUserQuestion
TodoWrite
sonnet
[feature description]

Orchestrated Development Workflow

Execute a multi-phase development workflow that coordinates specialized agents to deliver high-quality, maintainable software solutions. This workflow manages the entire development lifecycle from problem understanding through implementation and review.

@macgregor
macgregor / steam-deck-sshd-instructions.txt
Last active July 13, 2023 16:24
Steam Deck Permanent SSHD
# from terminal *on steam deck*
(deck@steamdeck ~) $ passwd
(deck@steamdeck ~) $ sudo systemctl start sshd
# from ssh on external system using password just set
(macgregor@localhost) $ ssh deck@192.168.1.3
(deck@steamdeck ~) $ mkdir ~/.ssh && curl -o ~/.ssh/authorized_keys https://github.com/macgregor.keys
(deck@steamdeck ~) $ git clone https://github.com/xbb/steamdeck-ssh-user.git && ./steamdeck-ssh-user/installer.sh install
(deck@steamdeck ~) $ echo '[[ -z "$XDG_RUNTIME_DIR" ]] && XDG_RUNTIME_DIR=/run/user/$UID\n\nexport XDG_RUNTIME_DIR' >> ~/.bash_profile
@macgregor
macgregor / README.md
Last active September 19, 2023 18:23
Cloudflare Proxy iptables rules

These rules were written for my FreshTomato router acting as an edge gateway into my LAN. Cloudflare DNS proxies connections to my external IP address (aka my router) which then directs the traffic to an internal server (an nginx loadbalancer in this case) if it came from a known Cloudflare proxy ip. All other packets are dropped.

[Cloudflare DNS] -> [Cloudflare Proxy] -> [Router w/ iptables Firewall] -> [Internal Server Loadbalancer] -> [Some service]
|----------------WAN---------------------||--------------------------------LAN--------------------------------------------|

The basic idea is:

  1. create a new cloudflare-proxy chain(s) where our rules will live
  2. jump to the cloudflare-proxy chain(s) at the end of the existing chain(s) handling external traffic
@macgregor
macgregor / kc-get-all.sh
Last active October 21, 2022 03:48
Standard "kubectl get all" doesnt actually give you all resources, rather it just gives you a list of common resources such as pods, deployments, etc. This function will actually get all resources on the the cluster which can be handy when you dont know what you are looking for on the cluster.
# This file is meant to be added to your bashrc or zshrc, but you could turn it into a script and add it to your path if you'd rather.
alias oc-get-all='kc-get-all --binary oc'
function kc-get-all {
function usage {
cat <<EOF
Standard "kubectl get all" doesnt actually give you all resources, rather it just gives you a list of common resources such as pods, deployments, etc. This function will actually get all resources on the the cluster which can be handy when you dont know what you are looking for by listing all api-resources on the cluster to explicitly use in the get command.
USAGE: kc-get-all [-b|--binary <kubectl|oc>] [-i|--ignore-crs <grep-regex-pattern>] [--namespaced <true|false>] [-h|--help] [-- <kubectl-args>]
@macgregor
macgregor / cluster-admin.yaml
Created August 21, 2022 16:01
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: cluster-admin
resourceVersion: "100"
rules:
@macgregor
macgregor / synology-dsm.yaml
Created May 16, 2022 14:42
Kubernetes Ingress Networking- Route to an application not hosted in the kube cluster
---
# Create a service for a cluster-external application by manually specifying the
# endpoints of the external application (in this case a set of 192 ip addresses)
# a Service without a pod selector. Endpoints will be matched based on name+namespace
# of the service
#
# A normal Ingress object can then be created that points at the service.
---
apiVersion: v1
kind: Service
@macgregor
macgregor / AssertJExceptionsTest.java
Created March 13, 2019 19:30
AssertJ Exceptions: assertThatThrownBy, assertThatExceptionOfType and catchThrowable
import org.junit.Test;
import java.io.IOException;
import static org.assertj.core.api.Assertions.*;
/**
* Examples borrowed from AssertJ documentation:
* http://joel-costigliola.github.io/assertj/assertj-core-features-highlight.html#exception-assertion
*
@macgregor
macgregor / ConditionalOnPropertyNamespace.java
Last active September 13, 2018 15:13
Spring Boot AutoConfig: ConditionalOnPropertyNamespace
package com.github.macgregor
import org.springframework.context.annotation.ConditionContext;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.ConfigurationCondition;
import org.springframework.core.env.AbstractEnvironment;
import org.springframework.core.env.MapPropertySource;
import org.springframework.core.env.PropertySource;
import org.springframework.core.type.AnnotatedTypeMetadata;
@macgregor
macgregor / heredoc.bash
Created August 19, 2018 12:59
Heredoc cheat sheet and alternatives
#!/usr/bin/env bash
# prints exactly whats in the heredoc block
cat <<EOF
This part is unindented
This part is indented
another level of indentation
EOF
# strips leading *tabs* (not spaces) from heredoc block
@macgregor
macgregor / cli.bash
Last active August 5, 2018 12:47
Bash optional cli arg parsing
# we can set some defaults before parsing
FLAG=0
ARG1="foo"
complex_value(){
# do some custom parsing, like turning lists into arrays
echo $1
}
while [[ $# > 0 ]]