Skip to content

Instantly share code, notes, and snippets.

Avatar

Matt Kadenbach mattes

View GitHub Profile
View production.rb
# trust google cloud load balancer ips
# https://cloud.google.com/load-balancing/docs/https#x-forwarded-for_header
config.action_dispatch.trusted_proxies = %w(130.211.0.0/22 35.191.0.0/16).map { |proxy| IPAddr.new(proxy) }
View database.yml
<%
branch = `git rev-parse --abbrev-ref HEAD`.strip rescue ENV.fetch("RAILS_DATABASE_SUFFIX", "master")
branch = branch.underscore.gsub(/[\.\/\-]/, '_')
%>
default: &default
adapter: postgresql
encoding: unicode
pool: <%= ENV.fetch("RAILS_MAX_THREADS", 5) %>
host: <%= ENV.fetch("RAILS_DATABASE_HOST", "127.0.0.1") %>
@mattes
mattes / main.go
Created Feb 12, 2021
Quick HTTPS debug server
View main.go
package main
import (
"fmt"
"log"
"net/http"
"net/http/httputil"
"os"
"golang.org/x/crypto/acme/autocert"
@mattes
mattes / script.sh
Created Feb 10, 2021
Allow non-root binary to bind port 80 and 443
View script.sh
sudo setcap CAP_NET_BIND_SERVICE=+eip /path/to/binary
@mattes
mattes / resque.rb
Created Oct 30, 2020
Resque in distroless docker container
View resque.rb
# config/initializers/resque.rb
module Resque
class Worker
# Monkey patch linux_worker_pids because the original function tries to shell out.
# Since we run distroless in production, there is no shell.
# https://github.com/resque/resque/blob/7f6b88404dd18698f6f4023e18fdc1ae8318e5e5/lib/resque/worker.rb#L839
def linux_worker_pids
[Process.pid]
end
end
@mattes
mattes / rails-google-compute-deploy.md
Last active Nov 1, 2020
My own Heroku in 30 mins
View rails-google-compute-deploy.md

Deploy Rails apps to Google Cloud Compute Engine

  • Zero Downtime
  • Graceful shutdowns
  • Via Github Actions
  • Zero infrastructure management overhead

Overview

The general idea is to have Github Actions test, build and deploy a Rails app to Google Cloud Compute Engine.

View gist:ca80926ba997ba881ae9339f8b47a36d
docker system prune -a
docker rm $(docker ps -a -f status=exited -q)
https://www.digitalocean.com/community/tutorials/how-to-remove-docker-images-containers-and-volumes
@mattes
mattes / script.sh
Created Sep 10, 2020
Get access token via curl for default service account on Google Cloud Compute Engine
View script.sh
METADATA=http://metadata.google.internal/computeMetadata/v1
SVC_ACCT=$METADATA/instance/service-accounts/default
ACCESS_TOKEN=$(curl -H 'Metadata-Flavor: Google' $SVC_ACCT/token | cut -d'"' -f 4)
View gist:90565c73072c9f07ad64ebda3ca2916c
gcloud config configurations list
gcloud config configurations activate MY_OLD_CONFIG
gcloud_switch xxx