Skip to content

Instantly share code, notes, and snippets.

View riton's full-sized avatar

Rémi Ferrand riton

14 followers · 29 following
View GitHub Profile
@riton
riton / ssh.rb.diff
Created October 10, 2017 21:21
bolt ssh GSS-API hack
diff --git a/.bundle/ruby/2.3.0/gems/bolt-0.5.0/lib/bolt/node/ssh.rb b/.bundle/ruby/2.3.0/gems/bolt-0.5.0/lib/bolt/node/ssh.rb
index d4b33ea..ffd7168 100644
--- a/.bundle/ruby/2.3.0/gems/bolt-0.5.0/lib/bolt/node/ssh.rb
+++ b/.bundle/ruby/2.3.0/gems/bolt-0.5.0/lib/bolt/node/ssh.rb
@@ -1,4 +1,5 @@
require 'net/ssh'
+require 'net/ssh/krb'
require 'net/sftp'
require 'json'
require 'bolt/node/result'
@riton
riton / random_uuid.go
Created September 19, 2017 10:06
Go test question
package uuidutils
import (
"fmt"
"github.com/google/uuid"
)
// GetNewRandomUUID Generate a new random uuid
func GetNewRandomUUID() (nuuid string, err error) {
@riton
riton / webserver.conf
Created August 22, 2017 11:34
PuppetServer WebServer configuration
webserver: {
port: 8080
[... other SSL related options ...]
}
@riton
riton / myfunction.pp
Created July 4, 2017 13:44
rspec-puppet-function
# functions/myfunction.pp
function mymodule::myfunction(Array[String] $domains) >> Array {
$result = $domains.map |$domain| {
{
"${domain}/.../*" => { 'include' => true }
}
}
$result
@riton
riton / blockinfile_with_items.yaml
Last active November 29, 2016 13:07
Ansible / BlockInFile / With_Items
- hosts: localhost
connection: local
gather_facts: false
become: false
tasks:
- blockinfile:
dest: '/tmp/THE_FILE'
block: |
foo {{ item }} bar
@riton
riton / With_Ansible_git_66104191d182aedd7b76f4a1b839c448f97c3ffe
Last active January 26, 2016 22:09
Ansible / Ephemeral Inventory source
# ./bin/ansible --version
# ansible 2.1.0 (detached HEAD ephemeral_) last updated 2016/01/26 19:17:58 (GMT +200)
# lib/ansible/modules/core: (detached HEAD 25414bbd1b) last updated 2016/01/26 19:32:32 (GMT +200)
# lib/ansible/modules/extras: (detached HEAD e13942f9c5) last updated 2016/01/26 19:32:39 (GMT +200)
# config file = ~/.ansible.cfg
# configured module search path = Default w/o overrides
$ ./bin/ansible -i <(./cmdb.sh) all --list-hosts
ERROR! the file_name '/dev/fd/63' does not exist, or is not readable
# With the new option
@riton
riton / With_Ansible_1.5.4
Last active January 26, 2016 11:28
Ansible read inventory from FileDescriptor
# /usr/bin/ansible --version
# ansible 1.5.4
$ /usr/bin/ansible -i <(./cmdb.sh) all --list-hosts
hosta
hostb
hostc
hostd
hoste
@riton
riton / keybase.md
Created September 23, 2015 16:43
keybase.md

Keybase proof

I hereby claim:

  • I am riton on github.
  • I am riton (https://keybase.io/riton) on keybase.
  • I have a public key whose fingerprint is 3729 62E5 C03B 0922 D0E2 D5CB EE6F E943 11EB B744

To claim this, I am signing this object:

@riton
riton / workflow.md
Last active September 21, 2015 17:44
ssh_GSSAPI_expiration_workflow
  1. kinit THEUSER@EXAMPLE.ORG
  2. I got a ticket krbtgt/EXAMPLE.ORG@EXAMPLE.ORG
  3. I get a ticket for host/remote.example.org@EXAMPLE.ORG
  4. klist shows me that I have successfully retrieved ticket for host/remote.example.org@EXAMPLE.ORG
  5. ssh THEUSER@remote.example.org succeeds using GSS-API and everything works perfectly:
  • ticket is forwarded if requested
  • AFS access works

Now If I manually expires principal OR its password while tickets previously retrieved are still valid.

@riton
riton / hiera_data.yaml
Created February 10, 2015 08:14
create_resources_ssh_config
---
mymodule::profile::ssh_config:
'VerifyHostKeyDNS':
ensure: present
value : yes
'CanonicalizeHostname':
ensure: present
value : yes
'CanonicalDomains':
ensure: present