Skip to content

Instantly share code, notes, and snippets.

Avatar
🐌

Colin Saliceti saliceti

🐌
  • Department for Education
View GitHub Profile
@saliceti
saliceti / pre-commit
Last active Mar 12, 2021
Git pre-commit hook to check for AWS keys
View pre-commit
#!/usr/bin/env bash
# Install globally using https://coderwall.com/p/jp7d5q/create-a-global-git-commit-hook
# The checks are simple and can give false positives. Amend the hook in the specific repository.
if git rev-parse --verify HEAD >/dev/null 2>&1
then
against=HEAD
else
# Initial commit: diff against an empty tree object
@saliceti
saliceti / logsearch_logstash.conf
Created May 10, 2017
Minimal logsearch logstash config
View logsearch_logstash.conf
# The # character at the beginning of a line indicates a comment. Use
# comments to describe your configuration.
input {
file {
path => "/Users/colin/Documents/Boulot/gds/logstash/nginx_access.log"
start_position => "beginning"
}
}
@saliceti
saliceti / uaa_list_users.rb
Last active Apr 5, 2017
UAA script to list users
View uaa_list_users.rb
#!/usr/bin/env ruby
# Configuration
# export TARGET="https://uaa.<SYSTEM DOMAIN>"
# export UAA_CLIENT_USERNAME=admin
# export UAA_CLIENT_PASSWORD=xxx # uaa_admin_client_secret
# export SKIP_SSL_VALIDATION=true
# Uncomment and edit queries below
@saliceti
saliceti / create-token-role.sh
Created Jan 5, 2017 — forked from keymon/create-token-role.sh
Get temporary credentials from AWS using a MFA token, also assuming role: you can assume a role ⁠⁠⁠⁠./create-token-role.sh elasticache-broker-spike-role⁠⁠⁠⁠ or create new tokens for yourself ⁠⁠⁠⁠./create-token-role.sh me 900⁠⁠⁠⁠
View create-token-role.sh
#!/bin/bash
SCRIPT_NAME="$0"
usage() {
cat <<EOF
Creates a set of tokens assuming the given role. Use "me" as role to simply generate a new session token for your user.
Usage:
$SCRIPT_NAME <role name> [duration in seconds]
View nats_agent.rb
require 'loggregator_emitter'
require 'net/http'
require 'json'
nats_ip = '10.0.16.11'
nats_monitor_port = 4333
metron_port = 3457
@http = Net::HTTP.new(nats_ip, nats_monitor_port)
@get_varz = Net::HTTP::Get.new('/varz')
View usage.rb
#!/usr/bin/env ruby
require 'json'
orgs = JSON.load(`cf curl /v2/organizations`)["resources"]
quotas = JSON.load(`cf curl /v2/quota_definitions`)["resources"]
orgs_reserved_memory = 0
apps_reserved_memory = 0
allocated_services = 0
View admin_user.sh
#!/bin/sh
set -eu
NAME=$1
UAA_ENDPOINT=https://...
UAA_ADMIN_CLIENT_PASS=xxxxx
PASSWORD=test
echo "Creating user ${NAME}"
uaac --trace target "${UAA_ENDPOINT}"
@saliceti
saliceti / flow-logs.sh
Last active Feb 10, 2016
Capture TCP connections
View flow-logs.sh
#!/bin/bash
set -x
GATEWAY=52.48.251.177
TMP_DIR=/tmp/flow_log
VM_LIST_FILE=${TMP_DIR}/vm_list.txt
IPTABLES_INSTALL_OUTPUT="iptables -A OUTPUT -m state --state NEW -j LOG --log-prefix '[flow-logs-output] '"
IPTABLES_INSTALL_INPUT="iptables -A INPUT -m state --state NEW -j LOG --log-prefix '[flow-logs-input] '"
IPTABLES_REMOVE_OUTPUT="iptables -D OUTPUT -m state --state NEW -j LOG --log-prefix '[flow-logs-output] '"
IPTABLES_REMOVE_INPUT="iptables -D INPUT -m state --state NEW -j LOG --log-prefix '[flow-logs-input] '"
@saliceti
saliceti / process.sh
Created Feb 10, 2016
Flow log data workflow
View process.sh
#!/bin/bash
dirs=$@
base_dir=$(pwd)
rm -rf merged
mkdir merged
for dir in ${dirs}; do
echo Processing ${dir}...
@saliceti
saliceti / SampleOutput.md
Last active Nov 19, 2015
Parse and compare manifests
View SampleOutput.md
$ ruby scripts/diff.rb scripts/v224.yml scripts/v225.yml 
compilation.cloud_properties.availability_zone: __stub__eu-west-1a != __stub__eu-west-1b

compilation.cloud_properties.instance_type.c3.large: only in 1

compilation.network: only in 2

jobs.consul_z1.networks.cf1.static_ips.10.0.10.39: only in 1