I hereby claim:
- I am mattwillsher on github.
- I am mattwillsher (https://keybase.io/mattwillsher) on keybase.
- I have a public key ASC9IclgVf3W1ytoDP4f5MP5PPrFOyQOUifmKeT-8mD2ugo
To claim this, I am signing this object:
mattwillsher
/ localhost-cert.sh
Last active
August 31, 2025 16:42
Generate CA cert/key and server cert/key for localhost use.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| OUTPUT_DIR=${OUTPUT_DIR:-"out"} | |
| SUBDOMAIN=${1:-"my"} | |
| CA_CERT="certs/ca.cert.pem" | |
| CA_KEY="private/ca.key.pem" | |
| LOCALHOST_CERT="certs/$SUBDOMAIN.localhost.cert.pem" | |
| LOCALHOST_KEY="private/$SUBDOMAIN.localhost.key.pem" |
mattwillsher
/ hashinstall.sh
Last active
August 4, 2019 17:21
Script to install any of the Hashicorp tools to a given path, including GPG verification of download integrity. Write on Ubuntu, test on desktop and cloud image
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # A simple script to install Hashicorp tools with GPG key verification | |
| set -euo pipefail | |
| # Set DEST_PATH if not already set | |
| HASHI_DEST_PATH="${HASHI_DEST_PATH:-/usr/local/bin}" | |
| # Clean up downloaded files | |
| HASHI_CLEAN="${HASHI_CLEAN:-true}" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am mattwillsher on github. | |
| * I am mattwillsher (https://keybase.io/mattwillsher) on keybase. | |
| * I have a public key ASBIrTYeVPdP4MN6h1Klspi7q7ENeowDGtBkt3fJyALm1Ao | |
| To claim this, I am signing this object: |
mattwillsher
/ keybase.md
Last active
June 24, 2019 21:19
mattwillsher
/ gist:c976d5b0dc6b1051cb48
Last active
August 29, 2015 14:16
roles/nginx/meta/main.yml
dependencies:
- update_apt_cacheroles/update_apt_cache/main.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "builders": [ | |
| { | |
| "type": "vmware-iso", | |
| "name": "ubuntu-{{ user `ubuntu_release` }}-server-amd64", | |
| "guest_os_type": "ubuntu-64", | |
| "iso_url": "http://releases.ubuntu.com/{{ user `ubuntu_release` }}/ubuntu-{{ user `ubuntu_release` }}-server-amd64.iso", | |
| "iso_checksum": "{{ user `ubuntu_iso_sha256` }}", | |
| "iso_checksum_type": "sha256", | |
| "http_directory": "http", |
mattwillsher
/ grant_github_user_access
Last active
May 4, 2023 12:03
A script to pull SSH keys for a give GitHub user and add those keys to the current users authorized_keys file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # (c)2014 Matt Willsher <matt@willsherpartners.co.uk> | |
| # | |
| # Licensed under GPLv3 http://www.gnu.org/licenses/gpl.txt | |
| # | |
| umask 077 | |
| if [[ $EUID == 0 ]]; then | |
| echo "This script can't be used as root" >&2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Setup Vagrant environment | |
| hosts: 127.0.0.1 | |
| connection: local | |
| vars: | |
| - vagrantbox: CentOS-6.4-x86_64-v201303090 | |
| - vagrantdir: $ENV(HOME)/Development/ansible/$vagrantbox | |
| tasks: | |
| - name: Directory $vagrantdir | |
| file: path=$vagrantdir |
mattwillsher
/ gist:5188907
Last active
December 15, 2015 02:39
Ansible simple interfaces into playbooks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This playbook, in playbooks/sshd/set_key_value.yml: | |
| --- | |
| - name: Set sshd_config $key $value | |
| hosts: $hosts | |
| vars_files: | |
| - [ "vars/$ansible_distribution.yml", "vars/os_defaults.yml" ] | |
| tasks: | |
| - include: tasks/set_config_item.yml key=$key value=$value | |
| handlers: | |
| - include: handlers/sshd.yml |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| + Backs up DB | |
| - Poor db permission handling | |
| - Bad data hygiene, db can be copied prod to dev, dev to prod | |
| - dumps assets at the remote end, potentially increasing dependencies (e.g. node, java) | |
| - installs vendors/bundles at the remote end | |
| - installs composer via curl | via shell (even as root!) | |
| - uncontrolled composer versioning for composer itself. update installs the latest via the curl | shell method. | |
| + Comprehensive control of post installation tasks | |
| + Can deploy as non-root user | |
| - Symlinks add overhead |
NewerOlder