Skip to content

Instantly share code, notes, and snippets.

View ocxo's full-sized avatar
💆‍♂️
domakesaythink

ocxo ocxo

💆‍♂️
domakesaythink
59 followers · 125 following
  • Vacant
View GitHub Profile
@markofu
markofu / Security_Tools_for_AWS.MD
Last active October 2, 2023 15:30
Security Tools for AWS

Security Tools for AWS

I often get asked which tools are good to use for securing your AWS infrastructure so I figured I'd write a short listof some useful Security Tools for the AWS Cloud Infrastructure.

This list is not intended be something completely exhaustive, more so provide a good launching pad for someone as they dig into AWS and want to make it secure from the start.

Open Source

This section focuses on tools and services provided by the community and released as open-source.

@imbriaco
imbriaco / 01-main.tf
Last active June 8, 2016 22:16
I'll take stupid Terraform tricks for $500, Alex
module "my_instance" {
source = "../path/to/crazy_module.tf"
...
count = 1
include_eip = "true"
}
@miketheman
miketheman / datadog-role-delegation.tf
Last active August 12, 2019 19:38
Datadog AWS Integration Automated Setup
# Read more about variables and how to override them here:
# https://www.terraform.io/docs/configuration/variables.html
variable "aws_region" {
type = "string"
default = "us-east-1"
}
variable "shared_secret" {
type = "string"
default = "SOOPERSEKRET"
@slyness
slyness / rename_node.md
Last active November 11, 2023 18:09
Rename a Chef Node

How to rename a chef node

  1. Edit existing node name. Update name and save. Chef will copy the node and create a new client entry.
knife node edit oldnode
  1. ssh to node
  2. Change hostname and dns information
@avdi
avdi / gist:9038972
Created February 16, 2014 19:00
Get syntax highlighted source code for pasting into e.g. Google Docs on Linux
# You will need the pygments and xclip packages
# This example highlights some Bash source code
# '-O noclasses=true' tells pygments to embed colors inline in the source
# the '-t text/html' option tells xclip what "target" to specify for the selection
pygmentize -l bash -f html -O noclasses=true mysource.sh | xclip -selection clipboard -t text/html
@bridgetkromhout
bridgetkromhout / AWS ELB pre-warming questions
Created January 23, 2014 16:25
AWS ELB pre-warming questions. These questions (and sample answers) were provided by AWS support on 2013-11-26; I've edited slightly for clarity.
0. What is the name of the ELB which needs to be pre-warmed?
a. e.g. yourwebapp-yourcompany-123456789.us-east-1.elb.amazonaws.com
1. What is the approximate increase percentage in traffic, or expected requests/sec that will go through the load balancer (whichever is easier to answer)?
a. e.g. 3,500 per second
2. Do you know the average amount of data passing through the ELB per request/response pair?
a. e.g. Roughly 250KB.
3. Expected percent of traffic going through the ELB that will be using SSL termination?
@indirect
indirect / tmux-named
Last active December 23, 2015 15:19
tmux configuration
#!/bin/bash
# I alias this script to `mux`:
# $ alias mux=tmux-named
# Then I tell terminal to automatically attach new windows to my session named "main",
# by setting the preference named "Shells open with" to this command:
# /path/to/tmux-named main
#
# When working on a particular project, I can jump a session for that project
# by running "mux project-name".
@jed
jed / how-to-set-up-stress-free-ssl-on-os-x.md
Last active July 10, 2024 14:35
How to set up stress-free SSL on an OS X development machine

How to set up stress-free SSL on an OS X development machine

One of the best ways to reduce complexity (read: stress) in web development is to minimize the differences between your development and production environments. After being frustrated by attempts to unify the approach to SSL on my local machine and in production, I searched for a workflow that would make the protocol invisible to me between all environments.

Most workflows make the following compromises:

  • Use HTTPS in production but HTTP locally. This is annoying because it makes the environments inconsistent, and the protocol choices leak up into the stack. For example, your web application needs to understand the underlying protocol when using the secure flag for cookies. If you don't get this right, your HTTP development server won't be able to read the cookies it writes, or worse, your HTTPS production server could pass sensitive cookies over an insecure connection.

  • Use production SSL certificates locally. This is annoying

@mislav
mislav / gist:5897126
Last active September 27, 2021 09:34
Low-value pull requests are worse than useless

Why do I feel insulted Re: automated bots making pull requests

An open source project is a lot of work. There are features to be built, bugs to be solved, releases to be made, documentation to be written and the inevitable support you have to provide via GitHub issues, Twitter and mailing lists.

Like anything worth doing, throughout this process there are hard problems that need to be solved. Valued contributors are ones who study the project's philosophy, understand the subject matter and are thinkers who gift their experience and time to the cause.

Therefore a person or a bot who joins in with a pull request that was a result of running a tool against the project's source code—like code linting or stripping of unnecessary whitespace—is a lowest form of contribution there is. It makes the statement: “Here, I didn't bother to see what current problems are in need of discussing/solving, so I ran a widely available script from the command-line t

@racheldonovan
racheldonovan / wysihtml5_helper.rb
Created April 18, 2013 21:55
a helper to assit in integration testing (rspec / capybara) wysihtml5 text editors.
module Wysihtml5Helper
def fill_in_wysihtml5(text)
#js must be enabled
page.execute_script("editor.setValue('#{text}')")
end
end