| addEventListener('fetch', event => { | |
| event.respondWith(handleRequest(event.request)) | |
| }) | |
| async function handleRequest(request) { | |
| const url = new URL(request.url) | |
| url.hostname = 'SOME_HOSTNAME' // i.e. 'dev-w-47n-vy-cd-e88kLg26GFbLGgBI.edge.tenants.auth0.com' | |
| request = new Request(request) | |
| request.headers.set('cname-api-key', 'SOME_KEY') // i.e. 'd4f2f3ef5a3ee3af4846127281d3450628bdc16d63e802dea75878fe9a63a279' | |
| async function getTokenFromRulesConfig(user, context, callback) { | |
| const m2mClientID = configuration.m2mCID; | |
| const m2mClientSecret = configuration.m2mCSecret; | |
| let auth0Domain = '<<your_tenant>>.auth0.com'; | |
| const moment = require('moment-timezone'); | |
| let axios = require('axios'); | |
| const country = context.request.geoip.country_name; | |
| const data = { | |
| user_app_metadata: user.app_metadata, | |
| email: user.email, |
| // This rule will get the groups for users coming from Azure AD | |
| // Auth0 already has the option to do that, but it (currently) won't work | |
| // if the user is coming from a different directory than the directory | |
| // where the app is registered (this can happen with multi-tenant apps). | |
| // It uses the access_token provided by Azure AD, so this needs | |
| // the 'Open ID Connect' protocol selected in the Azure AD connection. | |
| // | |
| // After the rule runs, you will have the 'groups' property in the user | |
| // that you can use to add custom claims to the id_token. | |
| // |
| # This is an example of the Stack Exchange Tier 1 HAProxy config | |
| # The only things that have been changed from what we are running are: | |
| # 1. User names have been removed | |
| # 2. All Passwords have been remove | |
| # 3. IPs have been changed to use the example/documentation ranges | |
| # 4. Rate limit numbers have been changed to randome numbers, don't read into them | |
| userlist stats-auth | |
| group admin users $admin_user | |
| user $admin_user insecure-password $some_password |
I've been using a lot of Ansible lately and while almost everything has been great, finding a clean way to implement ansible-vault wasn't immediately apparent.
What I decided on was the following: put your secret information into a vars file, reference that vars file from your task, and encrypt the whole vars file using ansible-vault encrypt.
Let's use an example: You're writing an Ansible role and want to encrypt the spoiler for the movie Aliens.
| /* | |
| * quickstart.js | |
| * ~~~~~~~~~~~~~ | |
| * | |
| * Code from the Stormpath Node.js Quickstart: | |
| * http://docs.stormpath.com/nodejs/quickstart/ | |
| * | |
| * You can run this code by typing: | |
| * | |
| * $ node quickstart.js |
| # HAProxy config for hoodie + ssl. | |
| # Uses nginx for file serving on 127.0.0.1:5999 | |
| # This is optional, Hoodie can serve static files fine. | |
| global | |
| log 127.0.0.1 local0 debug | |
| maxconn 4096 | |
| user haproxy | |
| group haproxy | |
| daemon |
| description "Properly handle haproxy" | |
| start on startup | |
| env PID_PATH=/var/run/haproxy.pid | |
| env BIN_PATH=/usr/sbin/haproxy | |
| script | |
| exec /bin/bash <<EOF | |
| $BIN_PATH -f /etc/haproxy.cfg -D -p $PID_PATH |
| var WebSocketServer = require('ws').Server; | |
| var wss = new WebSocketServer({port: 8080}); | |
| var jwt = require('jsonwebtoken'); | |
| /** | |
| The way I like to work with 'ws' is to convert everything to an event if possible. | |
| **/ | |
| function toEvent (message) { | |
| try { |
| // Bug fixes for current versions. | |
| // | |
| // This server will start a bash shell and expose it | |
| // over socket.io to a browser. See ./term.html for the | |
| // client side. | |
| // | |
| // You should probably: | |
| // | |
| // npm install socket.io |
