🏫 To learn what multi-platform images are, see this post from Docker Multi-arch build and images, the simple way
You can use Docker Desktop for Mac to build and push multi-platform
images to support your containers running on different
CPU architectures like Intel/amd64 and Apple Silicon/arm64.
ℹ️ Enable iCloud end-to-end encryption:
System settings → Apple ID → iCloud → Set Advanced Data Protection to On.System settings → Apple ID → iCloud → Disable Access iCloud Data on the Web.
| # Extended python -m http.serve with --username and --password parameters for | |
| # basic auth, based on https://gist.github.com/fxsjy/5465353 | |
| from functools import partial | |
| from http.server import SimpleHTTPRequestHandler, test | |
| import base64 | |
| import os | |
| class AuthHTTPRequestHandler(SimpleHTTPRequestHandler): |
| add-type @" | |
| using System.Net; | |
| using System.Security.Cryptography.X509Certificates; | |
| public class TrustAllCertsPolicy : ICertificatePolicy { | |
| public bool CheckValidationResult( | |
| ServicePoint srvPoint, X509Certificate certificate, | |
| WebRequest request, int certificateProblem) { | |
| return true; | |
| } | |
| } |
| # heavily inspired by https://gist.github.com/rbellamy/3c5033ba605a090824e8 | |
| # gets everything from bitbucket and brings it across to GH, adding LFS where necessary for file size | |
| # then archives everything brought over | |
| # | |
| # runs on Python 3; does clone --mirror and push --mirror, cleaning up after itself | |
| # | |
| # you need git-lfs installed on the local system | |
| # also make sure you've got git credential caching set up https://help.github.com/articles/caching-your-github-password-in-git/ | |
| import json |
| <# | |
| Run on the Central | |
| #> | |
| # Connect to Qlik Sense | |
| # See https://github.com/ahaydon/Qlik-Cli/wiki/Establishing-a-connection for more connection options | |
| Connect-Qlik | |
| # Add the Node to the Cluster; store the password element of the response for the ZIP as $password | |
| # nodePurpose: 0 (Production) / 1 (Development) / 2 (Both) | |
| # engineEnabled, proxyEnabled, schedulerEnabled, $printingEnabled, $failoverCandidate as options | |
| $password = New-QlikNode -hostname qlikserver2.domain.local -name qlikserver2 -nodePurpose 0 -engineEnabled -proxyEnabled |
| #!/usr/bin/env bash | |
| set -eu -o pipefail | |
| # Usage: | |
| # ./create-url-parameter /dev/projectName/API_BASE_URL https://api.example.com | |
| name="$1" | |
| value="$2" | |
| description="$3" |
| # Copyright (C) 2006-2016 Amazon.com, Inc. or its affiliates. | |
| # All Rights Reserved. | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"). | |
| # You may not use this file except in compliance with the License. | |
| # A copy of the License is located at | |
| # | |
| # http://aws.amazon.com/apache2.0/ | |
| # | |
| # or in the "license" file accompanying this file. This file is |
ECS task roles are a great security feature that are hard to set up.
The Amazon ECS documentation on setting up task roles tells you to do some questionable things. Among other things, it tells you to run the ECS agent with host networking (a security risk), use an iptables rule to cut off traffic from bridged containers to the host metadata (brittle), and set up additional iptables rules and sysctl settings to route 169.254.170.2:80 to the ECS agent on 127.0.0.1:51679 (brittle again).