In vm2 for versions up to 3.9.19, Node.js custom inspect function allows attackers to escape the sandbox and run arbitrary code.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## MASTER NODE: | |
```sh | |
microk8s.add-node --token-ttl 3600 --format yaml --token $(openssl rand -hex 32) | |
``` | |
## WORKER NODE | |
Using the previous output: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/bash | |
# This script is based on this one https://kevinsimper.medium.com/how-to-dump-all-kubernetes-secrets-to-yaml-files-b5afcf2d1f56 | |
# But also it reads every namespace in your current default context and dumps it's secrets as a file named as the namespace and yml extension | |
# Tested on non-productive environments. | |
kubectl get namespaces | awk '{print $1}' | xargs -I{} sh -c 'kubectl get secrets -o yaml -n "$1" --no-headers >> "$1.yaml"' - {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Fuente: https://github.com/vercel/next.js/blob/canary/examples/with-docker/README.md | |
# Install dependencies only when needed | |
FROM node:16-alpine AS deps | |
# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed. | |
RUN apk add --no-cache libc6-compat | |
WORKDIR /app | |
COPY package.json yarn.lock ./ | |
RUN yarn install --frozen-lockfile |
Since monterey update does not allow us to use Xcode previous than 13, let's show how to "install previous SDKs"
Swift toolchains, from https://swift.org/download/
Previous Xcode.xip, from the https://developer.apple.com
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: actions.summerwind.dev/v1alpha1 | |
kind: RunnerDeployment | |
metadata: | |
name: runner-deployment | |
spec: | |
template: | |
spec: | |
repository: tuladhar/self-hosted-runner | |
--- | |
apiVersion: actions.summerwind.dev/v1alpha1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Takes in a file CSV file and outputs each row as a Markdown file with YAML front matter named after first column. | |
# Data in the first row of the CSV is assumed to be the column heading. | |
# Original work borrowed from: https://github.com/EvanLovely/csv_to_jekyll | |
# Adapted from https://www.bryanklein.com/blog/hugo-python-gsheets-oh-my/ | |
# Import the python libraries. | |
import gspread | |
from oauth2client.service_account import ServiceAccountCredentials | |
from pathlib import Path | |
import os |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- | |
Parameters: | |
type - (Required) album / track / playlist / artist | |
id - (Required) Target ID | |
width - (Optional) width | |
height - (Optional) height | |
--> | |
{{ if .IsNamedParams }} | |
<iframe src="https://open.spotify.com/embed/{{ .Get "type" }}/{{ .Get "id" }}" |
Error
The authenticity of host 'github.com (140.82.113.4)' can't be established.
Fix
ssh-keyscan github.com >> ~/.ssh/known_hosts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Docker 23 + Traefik v2.9.10 and v1.7 + Let's Encrypt + Github Registry V2 ghcr.io + Updated on 12 April 2023 | |
Content: | |
- Ubuntu 22.04 | |
- Docker Engine 23.0.3 | |
- Docker Compose 2.17.2 | |
- Traefik v1.7.18 with dnsChallenge | |
- Traefik v2.9.9 with httpChallenge | |
-- | |
- Github Registry V2 ghcr.io |
NewerOlder