Skip to content

Instantly share code, notes, and snippets.

View marcparadise's full-sized avatar

Marc A. Paradise marcparadise

27 followers · 0 following
View GitHub Profile
@marcparadise
marcparadise / migration.sh
Created December 17, 2019 19:36 — forked from jeremymv2/migration.sh
knife-ec-backup examples
#!/bin/bash
set -e
# Customize all these values
# youre source/destination keys and
# configs will differ
BACKUPDIR="backups"
BACKUPLOG="./migration_backup.log"
RESTORELOG="./migration_restore.log"
@marcparadise
marcparadise / component_test.rb.diff
Created September 13, 2019 16:32
18,19c18,19
< require_relative "exceptions"
< require_relative "helpers"
---
> require "chef-cli/exceptions"
> require "chef-cli/helpers"
42,43c42,47
< module ChefCLI
< class ComponentTest
---
@marcparadise
marcparadise / update_acl_deadlock_shell.erl
Last active August 29, 2015 14:26
Reproduces a deadlock in oc_bifrost's update_acl stored proc.
% Run this in an oc_bifrost console to reproduce the deadlocks.
% Don't run this in a production DB as it doesn't clean up after itself.
MakeID = fun() ->
Raw = crypto:rand_bytes(16),
<<Guid:128>> = Raw,
iolist_to_binary(io_lib:format("~32.16.0b", [Guid])) end.
ActorIds = [ MakeID() || X <- lists:seq(1,5) ].
[ bifrost_db:create(actor, Id, undefined) || Id <- ActorIds ].
@marcparadise
marcparadise / chef-server.rb
Created July 8, 2015 17:36
External Postgres Settings
postgresql['external'] = true
postgresql['db_superuser'] = "superuser-with-remote-access"
postgresql['db_superuser_password'] = "top-secret"
postgresql['vip'] = "remote-host-name"
# Can omit this if port is standard 5432:
# postgresql['port'] = 5432
@marcparadise
marcparadise / quicksteps.md
Created July 8, 2015 15:25
Quick Steps to External Postgres Testing with DVM
  1. Make sure you've pulled down the latest changs in chef-server branch 'mp/postgres-remote-connection-support'. This will be merged into byop-phase-1 shortly.
  2. copy dev/config.example.yml dev/config.yml
  3. Edit it so that the following entries are present:
vm:
  postgresql:
    # Makes the database VM start
    start: true
@marcparadise
marcparadise / cache-GET-only
Created February 5, 2015 19:07
proxy_cache_path /tmp/cache keys_zone=cookbooks:10m;
##
server {
listen 8001;
allow 127.0.0.1;
deny all;
location / {
echo "hello there young padawan! Welcome to $uri. " ;
echo "This request would $http_x_cache_status been cached. " ;
@marcparadise
marcparadise / keys_list
Last active August 29, 2015 14:14
Keys - list keys use cases
## Approach
* initial pass will handle GET for client and user keys (list keys cases)
* client and user will be handled in the same module, since the actual code is operating on keys and not clients and users. The only functional difference in handling will be isolating the correct entity being operated on for ACL checks.
## Deviations from RFC (will be submitting a PR against the RFC to keep it accurate) :
* The RFC specifies we'll just return a list of URIs in response to GET. This isn't consistent with other APIs, and it is also harder for Manage to use - they would have to parse the URI to come up with the object name. Instead, return will be in the form `[ { "name" : "KEYNAME", "uri" : "URI" } ] `.
* From a usability perspective, it may also be worth adding an 'expired' boolean flag to the return from this API, so that clients have a quick way to see and flag expired keys.
* In other sections, the RFC refers to 'key_id' as the identifier returned. To reduce confusion and keep it consistent
@marcparadise
marcparadise / gist:6cc455cf28bb9757d777
Created November 20, 2014 21:38
ok: run: postgresql: (pid 6922) 0s, normally down
[private-chef-upgrade] - Latest Migration Available: 1.19
[private-chef-upgrade] - Migrations to Run: [1.14, 1.15, 1.16, 1.17, 1.18, 1.19]
[private-chef-upgrade] - Current Migration Version: 1.13
[private-chef-upgrade] - Starting Migration 1.14
[private-chef-upgrade] - ****
ERROR:
TARGET"=>"@2.2.4", "OSC_TARGET"=>"@1.0.4", "DB_USER"=>"opscode-pgsql"}}
EC Target: @2.2.4 OSC Target: @1.0.4 DB User: opscode-pgsql
Sleeping for 5 seconds in case you want to cancel
@marcparadise
marcparadise / update-permissions.sh
Created November 10, 2014 20:25
A simple shell script that will disable (or enable) C/U/D permissions on all existing data bags in your organization.
#!/bin/bash
# This requires the knife-acl plugin.
# If you don't wish to modify permissions for all data bags,
# you will need to substitute your own command for supplying the
# list of data bags to modify.
for bag in $(knife data bag list); do
echo "Updating permissons on $bag."
knife acl remove data $bag update group clients
@marcparadise
marcparadise / user_default
Last active August 29, 2015 14:05
%% -*- erlang-indent-level: 4;indent-tabs-mode: nil -*-
%% ex: ts=4 sw=4 et
-module(user_default).
-compile(export_all).
-include("/srv/piab/mounts/oc_erchef_lite/deps/chef_objects/include/chef_types.hrl").
-include("/srv/piab/mounts/oc_erchef_lite/deps/oc_chef_authz/include/oc_chef_authz.hrl").
-include("/srv/piab/mounts/oc_erchef_lite/deps/oc_chef_authz/include/oc_chef_types.hrl").
%-include("/srv/piab/mounts/oc_erchef_lite/deps/oc_chef_wm/include/oc_chef_wm.hrl").
%-include("/srv/piab/mounts/oc_erchef_lite/deps/chef_wm/include/chef_wm.hrl").