- Check out a Jenkins plugin from GitHub
$ git clone git@github.com:jenkinsci/configuration-as-code-secret-ssm-plugin.git $ cd configuration-as-code-secret-ssm-plugin - Build the plugin. Change the maven tag to something like 3-jdk-8 or 3-jdk-11 if you run into errors, as some plugins only build with one JDK version.
- Run as a non-root user
Peter W peterwwillis
peterwwillis
/ C_Tips_Best_Practices.md
Last active
September 13, 2020 12:58
C Tips and Best Practices
- You can explain a complicated declaration in English using cdelc.
echo "explain char *(*pfpc)()" | cdecl- https://cdecl.org/
peterwwillis
/ LINUX_ACTIVE_DIRECTORY_SSSD_HOWTO.md
Created
July 13, 2020 12:09
How to set up an Ubuntu 18.04 Linux system to use sssd to authenticate users using Active Directory without joining a domain
This guide will step you through setting up an Ubuntu 18.04 Linux system so that you can login to it using an Active Directory server for authentication and authorization. NOTE: You do not need to join a domain to use this method!!
The net effect of this guide is that you do not need to ever set up a user on your Linux host. Its home directory will be automatically created at log-in time, and its password is checked (along with account expiration) against the Active Directory server.
peterwwillis
/ cp_src_dir_symlink_weirdness.md
Created
July 21, 2020 14:27
Copying a source directory into a symlinked target directory
If you try to copy a source directory into a symlink to a target directory, you may get an error like:
cp: cannot overwrite non-directory 'symbolic-link' with directory 'source'.
The solution is to actually copy the . directory of your source directory.
This is not obvious based on the GNU coreutils FAQ or the man page.
Below is an example to explain:
vagrant@devbox:~/foo$ mkdir bin
peterwwillis
/ Packaging_Conflicts_and_Containers.md
Created
December 2, 2020 02:07
All packaged software is just a random person trying to guess at how to install and run some random software. The package has to declare what packages it depends on, and what it conflicts with.
The only way for a package to have the correct 'depends' and 'conflicts' is for the original software to ship with an explicit map of all its dependencies and conflicts. No software does this, in part because every Linux distribution ships different packages, and thus has different dependencies and conflicts. And so, we have to build packages by hand. A human (who isn't the software developer) has to determine the correct dependencies and conflicts (based on other packages that this human also did not create). Then they need to build the package and test it.
A package manager (dpkg) is a dumb program that does whatever you tell it to do. A package encodes its own dependencies, and the package manager fulfills the requirements as stated, or fails if it's impossible. There's n
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This Makefile allows you to pass arguments to 'make', and have those get passed into commands for a target. | |
| # This also shows how to automatically generate a help menu using specially annotated comments on targets. | |
| # | |
| # Usage: | |
| # - make help | |
| # List of available targets: | |
| # | |
| # help List all available targets (default) | |
| # jenkins-cluster Run terraformctl on the aws-jenkins-cluster root module | |
| # cognito-userpool Run terraformctl for the cognito user pool |
Debian 8 (Jessie) End Of Life was June 17, 2018, its LTS support ended on June 30, 2020, and its Extended LTS ends on June 30, 2022. The backports have been moved to "archive", so extra steps are necessary to install backport packages.
echo "deb [check-valid-until=no] http://archive.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/jessie-backports.list
apt-get -o Acquire::Check-Valid-Until=false update
apt-get -o Acquire::Check-Valid-Until=false -t jessie-backports install -y certbot
peterwwillis
/ gist:ce2bfaba7fc72e4af44c28135ab3db1e
Last active
March 15, 2021 23:05
How to make Hacker News resistent to outages
This is an explanation of how Hacker News could be made resilient against network and infrastructure failures.
Make sure you use a DNS nameserver provider that has multiple nameservers using multiple cloud hosting providers in multiple regions and zones. For added redundancy, use multiple nameserver providers, replicate your records between them, and make sure each uses different providers/regions.
Point your origin DNS record (origin.mydomain.com) at each of your origins, using CNAMEs or A records. Keep the TTL as low as you can, usually 60 seconds. Since only your CDN should be hitting this host, this shouldn't stress your nameserver. During an outage, one origin can be removed from DNS (if necessary).
peterwwillis
/ gist:4d38a41b2b7bc23816af7d5f653213fa
Last active
March 17, 2021 22:01
The difference between configuration formats, configuration languages, data formats, and programming languages
The difference between configuration formats, configuration languages, data formats, and programming languages
There is a lot of confusion out there about what different file formats are and how they are intended to be used. Having used a lot of them over the years, I think I can explain their differences, and when and how to use them.
A data format is a file format for encoding data. Typically the format is structured to make it easier for machine interpreting & processing.