Skip to content

Instantly share code, notes, and snippets.

View ob1-sc's full-sized avatar

Simon O'Brien ob1-sc

8 followers · 0 following
  • VMware
  • United Kingdom
View GitHub Profile
@ob1-sc
ob1-sc / homelab-notes
Last active July 16, 2020 15:04
Homelab Notes
** Untangle
* Ensure interfaces are correctly mapped
* Set Hostname => Domain Name
* Add DNS entries
* Allows DNS from WAN interfaces
* Turn off nat on all interfaces
* Add standalone NAT rule for EXTERNAL (Destination => WAN interface | Source => Any NON WAN interface)
@ob1-sc
ob1-sc / ipmi-fan-speed
Last active August 6, 2023 10:45
IPMI Fan Config
sudo apt install ipmitool
sudo ipmitool -H <hostname> -U <username>
sudo ipmitool -H <hostname> -U <username> sensor list all
sudo ipmitool -H <hostname> -U <username> sensor thresh FAN1 lower 100 200 300
sudo ipmitool -H <hostname> -U <username> sensor thresh FAN2 lower 000 000 100
sudo ipmitool -H <hostname> -U <username> sensor thresh FAN4 lower 000 000 100
@ob1-sc
ob1-sc / ssh-old-cypher
Last active April 29, 2020 11:49
ssh connect with old cypher
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c <old cypher> <user>@<server>
@ob1-sc
ob1-sc / gist:08236f8cca765a5ad5c3c67da0595ef0
Created April 15, 2020 09:43
Postgres user and db creation
REVOKE CREATE ON SCHEMA public FROM PUBLIC;
CREATE ROLE <db_owner> WITH LOGIN PASSWORD '<db_owner_password>';
CREATE DATABASE <db_name> WITH OWNER=<db_owner>;
REVOKE ALL ON DATABASE <db_name> FROM public;
GRANT ALL ON DATABASE <db_name> TO <db_owner>;
@ob1-sc
ob1-sc / k8s.md
Last active May 16, 2020 11:45
k8s

Misc

Get X based on label (AND)

kubectl get pods --selector=bu=finance,tier=frontend,env=prod

Get X based on label (OR)

kubectl get pods --selector='env in (dev,prod)'
@ob1-sc
ob1-sc / gist:0dd2b3a0a0bac38a29b3d72179bc9c2b
Created October 31, 2019 07:24
Pipeline Common Tasks Yaml Anchor
interpolate-creds: &interpolate-creds
do:
- task: tfstate-interpolate
image: platform-automation-image
...
...
- task: credhub-interpolate
...
...
etc
@ob1-sc
ob1-sc / gist:54b18ded75886341af2500dfad1309fc
Created August 13, 2019 13:30
bosh socks proxy
export OM_KEY=om.pem
terraform output ops_manager_ssh_private_key > $OM_KEY
chmod 0600 $OM_KEY
CREDS=$(om -t $OM_TARGET --skip-ssl-validation curl --silent \
-p /api/v0/deployed/director/credentials/bosh_commandline_credentials | \
jq -r .credential | sed 's/bosh //g')
# this will set BOSH_CLIENT, BOSH_ENVIRONMENT, BOSH_CLIENT_SECRET, and BOSH_CA_CERT
# however, BOSH_CA_CERT will be a path that is only valid on the OM VM
@ob1-sc
ob1-sc / aws-ssm-login
Created March 25, 2019 17:42
Access managed ec2 instance via SSM
JUMPBOX_NAME="<name of ec2 instance>"
INSTANCE_ID=$(aws ec2 describe-instances --filters "Name=tag:Name,Values=$JUMPBOX_NAME" \
--output text --query 'Reservations[*].Instances[*].InstanceId')
aws ssm start-session --target "$INSTANCE_ID"
@ob1-sc
ob1-sc / lastpass-cli-how-to.md
Last active April 14, 2022 15:33
How to setup and use LastPass cli to retrieve secrets when scripting

Prerequisties

  1. An active LastPass account
  2. LastPass cli installed, see here

Create a password entry in LastPass with the following details:

  • name: my-super-secret
  • username: my-super-secret-username
  • password: my-super-secret-password
@ob1-sc
ob1-sc / om-upload-tile
Created October 12, 2018 13:50
Upload Tile to Ops Manager using om cli
export FILE_NAME="cf-2.2.7-build.8.pivotal" # This is the name of the file (tile) to upload to om
export OM_USER="admin"
export OM_PWD="supersecurepassword"
export OM_TARGET="ops-manager address"
export OM_TIMEOUT=86400 # set a high timeout incase upload takes a while
om -t $OM_TARGET -u $OM_USER -p $OM_PWD -k upload-product -p $FILE_NAME -r $OM_TIMEOUT