Skip to content

Instantly share code, notes, and snippets.

View ngeorger's full-sized avatar
🗨️

Nicolás Georger ngeorger

🗨️
88 followers · 495 following
View GitHub Profile
@ngeorger
ngeorger / ghost-on-kubernetes.md
Created July 1, 2024 01:53
Ghost CMS v5.xx.x from @TryGhost (upstream) on Kubernetes, with our custom image, which has significant improvements to be used on Kubernetes. See this whole README for more information.

Ghost on Kubernetes by SREDevOps.Org

SREDevOps.org

Community for SRE, DevOps, Cloud Native, GNU/Linux, and more. 🌎

Build Multiarch | Image Size | OpenSSF Scorecard | ![Fork this repo

@leesh3288
leesh3288 / vm2_3.9.19_sandbox_escape_2.md
Last active March 30, 2024 07:00
Sandbox Escape in vm2@3.9.19 via custom inspect function

Sandbox Escape in vm2@3.9.19 via custom inspect function

Summary

In vm2 for versions up to 3.9.19, Node.js custom inspect function allows attackers to escape the sandbox and run arbitrary code.

Proof of Concept

@ngeorger
ngeorger / microk8s-2node-cluster-md
Last active April 29, 2023 18:57
Create a 2 node kubernetes cluster with microk8s
## MASTER NODE:
```sh
microk8s.add-node --token-ttl 3600 --format yaml --token $(openssl rand -hex 32)
```
## WORKER NODE
Using the previous output:
@ngeorger
ngeorger / backup-ns-secrets-k8s.sh
Last active December 29, 2023 04:55
Backup or dump kubernetes secrets by namespaces
#!/usr/bin/bash
# This script is based on this one https://kevinsimper.medium.com/how-to-dump-all-kubernetes-secrets-to-yaml-files-b5afcf2d1f56
# But also it reads every namespace in your current default context and dumps it's secrets as a file named as the namespace and yml extension
# Tested on non-productive environments.
kubectl get namespaces | awk '{print $1}' | xargs -I{} sh -c 'kubectl get secrets -o yaml -n "$1" --no-headers >> "$1.yaml"' - {}
@Klerith
Klerith / recomendada.Dockerfile
Last active November 26, 2023 20:03
NextJS - Dockerfile - Configuración simple y recomendada
# Fuente: https://github.com/vercel/next.js/blob/canary/examples/with-docker/README.md
# Install dependencies only when needed
FROM node:16-alpine AS deps
# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
RUN apk add --no-cache libc6-compat
WORKDIR /app
COPY package.json yarn.lock ./
RUN yarn install --frozen-lockfile
@kenji21
kenji21 / xcode-previous-older-sdks.md
Last active July 3, 2024 07:37
Use previous/older SDKs with Xcode
@tuladhar
tuladhar / self-hosted-runner-template.yaml
Last active March 6, 2023 04:25
apiVersion: actions.summerwind.dev/v1alpha1
kind: RunnerDeployment
metadata:
name: runner-deployment
spec:
template:
spec:
repository: tuladhar/self-hosted-runner
---
apiVersion: actions.summerwind.dev/v1alpha1
@thedivtagguy
thedivtagguy / sheets-to-md.py
Created January 6, 2021 03:39
Converting Google Sheets to Markdown Files
# Takes in a file CSV file and outputs each row as a Markdown file with YAML front matter named after first column.
# Data in the first row of the CSV is assumed to be the column heading.
# Original work borrowed from: https://github.com/EvanLovely/csv_to_jekyll
# Adapted from https://www.bryanklein.com/blog/hugo-python-gsheets-oh-my/
# Import the python libraries.
import gspread
from oauth2client.service_account import ServiceAccountCredentials
from pathlib import Path
import os
@j-un
j-un / spotify.html
Last active June 11, 2024 03:14
[Hugo] Shortcode for Spotify embed code
<!--
Parameters:
type - (Required) album / track / playlist / artist
id - (Required) Target ID
width - (Optional) width
height - (Optional) height
-->
{{ if .IsNamedParams }}
<iframe src="https://open.spotify.com/embed/{{ .Get "type" }}/{{ .Get "id" }}"
@vikpe
vikpe / fix_authenticity_of_github_problem.md
Last active July 12, 2024 07:39
FIX: The authenticity of host github.com can't be established.

Error

The authenticity of host 'github.com (140.82.113.4)' can't be established.

Fix

ssh-keyscan github.com >> ~/.ssh/known_hosts