Skip to content

Instantly share code, notes, and snippets.

View qrkourier's full-sized avatar

Kenneth Bingham qrkourier

34 followers · 61 following
View GitHub Profile
@qrkourier
qrkourier / artifactory-retention.zsh
Created April 2, 2024 22:05
Artifactory retention policy
(
set -euxopipefail
ARTIFACTORY_REPO='zitipax-(openziti-(rpm|deb)-test|fork-(rpm|deb)-stable)'
: DELETE="--quiet"
DELETE="--dry-run"
RETENTION_DAYS=30
declare -a ARTIFACTS=(ziti-edge-tunnel openziti{,-controller,-router} zrok{,-share})
@qrkourier
qrkourier / transcode-to-mp4.py
Created February 14, 2024 23:50
to convert videos in a folder to MP4 and remove the old file if successful, say "python transcode-to-mp4.py FOLDER --delete"
import os
import sys
from os import chdir, walk
from os.path import dirname, getsize, join
from pathlib import Path
from shutil import move
import ffmpeg
import filetype
@qrkourier
qrkourier / zrok-test-cli-versions.py
Created January 18, 2024 22:32
ensure a list of BASH commands, e.g., `zrok enable` succeed for a list of zrok versions selected by criteria like min/max version and age.
import datetime
import logging
import os
import re
import time
import docker
import requests
from packaging import version
@qrkourier
qrkourier / ziti-mfa.bash
Last active February 28, 2024 18:28
send Ziti Edge Tunnel MFA when Yubikey is present
#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail
if systemctl is-enabled --quiet ziti-edge-tunnel.service && ykman piv info &>/dev/null
then
RESPONSE=$(ykman oath accounts code "$ZITI_IDENTITY" \
| awk '{print $2;}' \
@qrkourier
qrkourier / ziti-jwt.py
Last active November 18, 2023 19:42
parse or verify a Ziti enrollment token as JWT
#!/usr/bin/env python
# Obtain the Ziti Edge JWT signing pubkey for enrollment tokens by parsing the client API's server certificate.
#
# openssl s_client -connect ziti-edge-controller:443 <>/dev/null \
# |& openssl x509 -noout -pubkey \
# | tee /tmp/client-pubkey.pem
import sys
import jwt
@qrkourier
qrkourier / docker-get-libc-versions.bash
Created August 21, 2023 15:00
print table of Linux distros' libc versions by running a Docker container
for OS in \
oraclelinux:{7..9} \
debian:{buster,bullseye,bookworm} \
registry.access.redhat.com/ubi{8,9}/ubi \
ubuntu:{bionic,focal,jammy} \
quay.io/centos/centos:7 \
fedora:{34,35,36} \
rockylinux/rockylinux:{8,9};
do
(
@qrkourier
qrkourier / Dockerfile.debian
Last active July 20, 2023 16:44
ziti-edge-tunnel Dockerfile for Debian
# this was the main Dockerfile before we adopted the RH UBI source image. This may still be useful for building arm 32bit images.
FROM debian:buster-slim as fetch-ziti-artifacts
# This build stage grabs artifacts that are copied into the final image.
# It uses the same base as the final image to maximize docker cache hits.
ARG ZITI_VERSION
ARG GITHUB_BASE_URL
ARG GITHUB_REPO
@qrkourier
qrkourier / krun
Last active April 15, 2023 21:33
run any command in any container image in any Kubernetes namespace
# krun busybox whoami
krun(){
local NAMESPACE=default
local PRIVILEGED=false
while getopts 'n:pu:' OPT; do
case $OPT in
n) NAMESPACE=$OPTARG
;;
p) PRIVILEGED=true
@qrkourier
qrkourier / get-go-debian.sh
Created December 22, 2022 19:42
LATEST_GOLANG=$(wget -qO- "https://go.dev/VERSION?m=text" | /bin/grep -Po '^go(\s+)?\K\d+\.\d+\.\d+$');
LATEST_GOLANG_ARCH=go${LATEST_GOLANG}.linux-$(dpkg --print-architecture).tar.gz;
wget -qO /tmp/${LATEST_GOLANG_ARCH} https://go.dev/dl/${LATEST_GOLANG_ARCH}
sudo tar -xf /tmp/${LATEST_GOLANG_ARCH} -C /usr/local/
echo "~/go/bin:/usr/local/go/bin:$PATH" >> ~/.bashrc
@qrkourier
qrkourier / x11vnc.service
Created December 11, 2022 16:48
x11vnc systemd user service unit
# ${HOME}/.config/systemd/user/x11vnc.service
[Unit]
Description=Attach Running x11 Server as SPICE Server
[Install]
WantedBy=default.target
[Service]
ExecStart=/usr/local/bin/x11spice
Restart=always