I hereby claim:
- I am mattwillsher on github.
- I am mattwillsher (https://keybase.io/mattwillsher) on keybase.
- I have a public key ASC9IclgVf3W1ytoDP4f5MP5PPrFOyQOUifmKeT-8mD2ugo
To claim this, I am signing this object:
Matt Willsher mattwillsher
mattwillsher
/ hashinstall.sh
Last active
August 4, 2019 17:21
Script to install any of the Hashicorp tools to a given path, including GPG verification of download integrity. Write on Ubuntu, test on desktop and cloud image
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # A simple script to install Hashicorp tools with GPG key verification | |
| set -euo pipefail | |
| # Set DEST_PATH if not already set | |
| HASHI_DEST_PATH="${HASHI_DEST_PATH:-/usr/local/bin}" | |
| # Clean up downloaded files | |
| HASHI_CLEAN="${HASHI_CLEAN:-true}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am mattwillsher on github. | |
| * I am mattwillsher (https://keybase.io/mattwillsher) on keybase. | |
| * I have a public key ASBIrTYeVPdP4MN6h1Klspi7q7ENeowDGtBkt3fJyALm1Ao | |
| To claim this, I am signing this object: |
mattwillsher
/ keybase.md
Last active
June 24, 2019 21:19
mattwillsher
/ gist:c976d5b0dc6b1051cb48
Last active
August 29, 2015 14:16
roles/nginx/meta/main.yml
dependencies:
- update_apt_cacheroles/update_apt_cache/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "builders": [ | |
| { | |
| "type": "vmware-iso", | |
| "name": "ubuntu-{{ user `ubuntu_release` }}-server-amd64", | |
| "guest_os_type": "ubuntu-64", | |
| "iso_url": "http://releases.ubuntu.com/{{ user `ubuntu_release` }}/ubuntu-{{ user `ubuntu_release` }}-server-amd64.iso", | |
| "iso_checksum": "{{ user `ubuntu_iso_sha256` }}", | |
| "iso_checksum_type": "sha256", | |
| "http_directory": "http", |
mattwillsher
/ grant_github_user_access
Last active
May 4, 2023 12:03
A script to pull SSH keys for a give GitHub user and add those keys to the current users authorized_keys file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # (c)2014 Matt Willsher <matt@willsherpartners.co.uk> | |
| # | |
| # Licensed under GPLv3 http://www.gnu.org/licenses/gpl.txt | |
| # | |
| umask 077 | |
| if [[ $EUID == 0 ]]; then | |
| echo "This script can't be used as root" >&2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Setup Vagrant environment | |
| hosts: 127.0.0.1 | |
| connection: local | |
| vars: | |
| - vagrantbox: CentOS-6.4-x86_64-v201303090 | |
| - vagrantdir: $ENV(HOME)/Development/ansible/$vagrantbox | |
| tasks: | |
| - name: Directory $vagrantdir | |
| file: path=$vagrantdir |
mattwillsher
/ gist:5188907
Last active
December 15, 2015 02:39
Ansible simple interfaces into playbooks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This playbook, in playbooks/sshd/set_key_value.yml: | |
| --- | |
| - name: Set sshd_config $key $value | |
| hosts: $hosts | |
| vars_files: | |
| - [ "vars/$ansible_distribution.yml", "vars/os_defaults.yml" ] | |
| tasks: | |
| - include: tasks/set_config_item.yml key=$key value=$value | |
| handlers: | |
| - include: handlers/sshd.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| + Backs up DB | |
| - Poor db permission handling | |
| - Bad data hygiene, db can be copied prod to dev, dev to prod | |
| - dumps assets at the remote end, potentially increasing dependencies (e.g. node, java) | |
| - installs vendors/bundles at the remote end | |
| - installs composer via curl | via shell (even as root!) | |
| - uncontrolled composer versioning for composer itself. update installs the latest via the curl | shell method. | |
| + Comprehensive control of post installation tasks | |
| + Can deploy as non-root user | |
| - Symlinks add overhead |
mattwillsher
/ gist:3610368
Created
September 3, 2012 16:11
— forked from Bendihossan/gist:3610275
Composer workflow with Git
Example of why composer.lock should be version controlled and workflow of how it can be used.
The reason we put ranges in composer.json is so that we can check for updates in our development environment and test our source code works with it BEFORE it goes into production.
The reason we have specific versions of vendors in composer.lock is so that we can version it and install the application into production environments with the versions we have tested while in development. Because of this we never run composer update on a production environment.
Creating an Application
NewerOlder