Skip to content

Instantly share code, notes, and snippets.

View rk295's full-sized avatar

Robin Kearney rk295

22 followers · 17 following
View GitHub Profile
@rk295
rk295 / haproxy-smart-tcp-healthcheck.lua
Last active September 8, 2022 09:05
-- This service checks all the servers in the named backend (see the
-- backend_name var). If _any_ of them are up, it returns 200 OK. If
-- they are all down it returns a 500 FAILED.
--
-- This is intended to be used as a HTTP health check from an upstream
-- load balancer, without this check the most intelligent health check
-- that could be performed is a simple TCP check on the HAProxy frontend.
-- This would not fail in the event that HAProxy cannot see *any* of its
-- downstream servers
@rk295
rk295 / sg-tool
Last active June 10, 2022 13:19
Simple tool to query which things in AWS are using a specific security group.
#!/usr/bin/env bash
#
# Simple script to list resources that are using a specified Security Group.
#
# Accepts only one command line argument, which is the ID of the SecurityGroup
# to check for.
#
# Currently supports these resources:
#
# * EC2 Instances
@rk295
rk295 / script.lua
Created October 8, 2018 13:32
-- -- `core` is a static class provided by haproxy containing all
-- -- the haproxy methods we can use.
-- -- `register_init` registers a function to be executed after
-- -- configuration parsing.
-- core.register_init(function ()
-- core.log(core.info, "script loaded: case-200-ok")
-- end)
-- `register_service` registers a lua function to be executed
@rk295
rk295 / script.lua
Created October 8, 2018 13:24
-- `core` is a static class provided by haproxy containing all
-- the haproxy methods we can use.
-- `register_init` registers a function to be executed after
-- configuration parsing.
core.register_init(function ()
core.log(core.info, "script loaded: case-200-ok")
end)
-- `register_service` registers a lua function to be executed
@rk295
rk295 / gist:6fb03c65b49273548212
Last active June 9, 2021 11:45
Fortigate Firewall Logstash Grok filter
input {
syslog {
type => "fortigate"
port => 5001
}
}
filter {
if [type] == "fortigate" {
@rk295
rk295 / gist:2ae30c7c58499f9c6718
Created August 29, 2014 12:10
LogStash proftpd xferlog grok
input {
file {
path => "/var/log/xferlog"
type => "xferlog"
add_field => { "program" => "proftpd" }
}
}
filter {
if [type] == "xferlog" {
@rk295
rk295 / workload-identity.tf
Created August 20, 2020 13:03
So this makes a Google SA. Attaches some Roles to it (optional) and then the most important bit, it adds the `roles/iam.workloadIdentityUser` role. Notice the kubernetes service account and namespace are in the `member` line.
resource "google_service_account" "gsa" {
account_id = local.gsa_name
display_name = "${var.name} K8s Service Account"
project = var.project_id
}
resource "google_project_iam_member" "gsa-roles" {
count = length(var.gsa_roles)
project = var.project_id
role = var.gsa_roles[count.index]
@rk295
rk295 / ifttt-mqtt.php
Last active July 4, 2019 00:55
<?php
# Simple web page to accept GET's from IFTTT or any other webhook provider
# and post a message to a MQTT bus.
#
# Was originally intended to push messages from my Ring door bell to MQTT.
#
# Examples:
#
# GET http://localhost/ifttt-mqtt.php??thing=doorbell&time=now&kind=ring
@rk295
rk295 / terraform-remotestate.md
Created October 25, 2018 09:38
Terraform Remote State quick explanation

Cross Referencing resources

To reference the resources created by this stack in other stacks you need to define a data resource pointing to the S3 bucket and key defined in `remote-state.tf.

Your data definition should look something like this:

data "terraform_remote_state" "vpc" {
    backend = "s3"
    config {
@rk295
rk295 / key-example.ldiff
Created October 17, 2018 20:51
# extended LDIF
#
# LDAPv3
# base <cn=users,dc=ad,dc=example,dc=com> with scope subtree
# filter: (cn=example12)
# requesting: ALL
#
# example12, Users, ad.example.com
dn: CN=example12,CN=Users,DC=ad,DC=example,DC=com