Skip to content

Instantly share code, notes, and snippets.

@steigr
steigr / fake-runc.sh
Last active Oct 2, 2020
Fake runc package to use crun
View fake-runc.sh
#!/bin/sh
printf "7avu2wMAAAAAAWZha2UtcnVuYy0xLjAuMC0xNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAUAAAAAAAAAAAAAAAAAAAAAjq3oAQAAAAAAAAAHAAAQtAAAAD4AAAAHAAAQpAAAABAAAAENAAAABgAAAAAAAAABAAABEQAAAAYAAAApAAAAAQAAA+gAAAAEAAAAbAAAAAEAAAPsAAAABwAAAHAAAAAQAAAD7wAAAAQAAACAAAAAAQAAA/AAAAAHAAAAhAAAECBjNDBmZTIzZDZmNjgxZjk4Njc2YmQ2ZDJkOTkwNzFkNTUxM2Q1YjA3ADdhOWQzNjc1ZGQ5MTUzNjlmMmUwNjg2NGE1MTJiMDYyY2UyN2FmOTg2MzJjNGJmOGM5Mjg4NTZmNGUxNzI5NTMAAAAAAAX1jA2uPu66Rqgo4QgZaIqMOgAAAHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
@steigr
steigr / com.docker.hyperkit
Last active May 27, 2020
Second disk for Docker-for-Desktop
View com.docker.hyperkit
#!/usr/bin/env ruby
newDiskName = "ZFS.raw"
newDiskSize = "20g"
args ||= []
diskArg = ""
ARGV.size.times do |idx|
@steigr
steigr / build
Last active Feb 15, 2019
Docker for Desktop Wireguard Kernel Module and Tool build script
View build
#!/bin/sh
# curl -sL https://gist.github.com/steigr/0746c759db9acbb608c1c9fca6d45c96/raw/61aace735f8e2adb991bcdf2b07c9aa420ced0c7 | sh
docker run --rm --cap-add=SYS_MODULE -i alpine sh <<'_EOF' | tar xv
apk add --no-cache make gcc curl bc libc-dev git xz bzip2 >&2
mkdir -p /usr/src/linux /usr/src/libmnl /usr/src/wireguard >&2
# linux headers and build infrastructure
KVER="$(awk -F'version ' < /proc/version '{print $2}' | awk -F- '{print $1}')" >&2
curl -L "https://cdn.kernel.org/pub/linux/kernel/v${KVER%%.*}.x/linux-${KVER}.tar.xz" | xzcat | tar -x -C /usr/src/linux --strip-components=1 >&2
cd /usr/src/linux >&2
zcat /proc/config.gz > .config
View forcing-finalizer.sh
#!/usr/bin/env bash
namespace=$1
kubectl proxy&
trap "kill $!" EXIT
kubectl get "namespaces/$namespace" -o json \
| jq 'del(.spec.finalizers)' \
| curl -H "Content-Type: application/json" -X PUT --data-binary @- "http://127.0.0.1:8001/api/v1/namespaces/$namespace/finalize"
@steigr
steigr / kernel-mod-sign
Created Dec 26, 2018
Sign kernel modules
View kernel-mod-sign
#!/usr/bin/env bash
[[ "$#" -eq 2 ]] && mokKey="$1"
[[ "$#" -eq 2 ]] && mokCrt="$2"
fail(){ echo "$*"; exit 1; }
kernelver="$(uname -r)"
[[ -f "/usr/src/kernels/$kernelver/scripts/sign-file" ]] || fail "sign-file not found in /usr/src/kernels/$kernelver/scripts/sign-file"
@steigr
steigr / kubeclient-exec.rb
Last active Apr 30, 2020
Running commands inside pods
View kubeclient-exec.rb
#!/usr/bin/env ruby
# install kubeclient and websocket-client-simple gems
#
# this is an example extending Kubeclient::Client with an get_pod_exec method
#
# it's just a POC
# I did run a pod with `kubectl -n kube-system run --tty --stdin --image=debian:buster-slim kubeclient`
# installed base ruby and required gems like:
# `apt-get update && apt-get install -y ruby ruby-dev build-essential && gem install --no-ri --no-rdoc kubeclient websocket-client-simple`
#
View swapspace.service
# install via
# curl -sL https://gist.github.com/steigr/cc4be305e06bc6c7e0b0dfac7a75b189/raw/swapspace.service | install -D -m 0644 /dev/stdin /etc/systemd/system/swapspace.service && systemctl enable --now swapspace
[Service]
ExecStartPre=-/usr/bin/env mkdir -p /opt/bin /var/lib/swapspace
ExecStartPre=-/usr/bin/env swapoff /var/lib/swapspace/base.swap
ExecStartPre=-/usr/bin/env dd if=/dev/zero of=/var/lib/swapspace/base.swap bs=1M count=1
ExecStartPre=-/usr/bin/env chmod 0600 /var/lib/swapspace/base.swap
ExecStartPre=-/usr/bin/env mkswap /var/lib/swapspace/base.swap
ExecStartPre=-/usr/bin/env swapon /var/lib/swapspace/base.swap
ExecStartPre=/usr/bin/env bash -c 'test -s /opt/bin/swapspace || curl -sL https://github.com/mathias-kaufmann/swapspace/releases/download/1.10/swapspace | install -m 0744 /dev/stdin /opt/bin/swapspace'
@steigr
steigr / pam-tid-sudo.sh
Created Jul 31, 2018
Enable TouchID-support with sudo
View pam-tid-sudo.sh
#!/usr/bin/env bash
sudo sed -i '' -e '/^#/a\'$'\n''auth sufficient pam_tid.so' /etc/pam.d/sudo
View keybase.md

Keybase proof

I hereby claim:

  • I am steigr on github.
  • I am steigr (https://keybase.io/steigr) on keybase.
  • I have a public key ASDJRjbKone_flDFHJa_Ho5bjl6LYVjRJOJOKpHT7bqAeQo

To claim this, I am signing this object:

@steigr
steigr / rails-docker
Last active Dec 2, 2016
Shellscript to build Rails Application Container real fast build time, once built
View rails-docker
#!/usr/bin/env bash
_docker_entrypoint() {
cat <<'_docker_entrypoint'
#!/usr/bin/env bash
# error handling
set -eo pipefail
trap exit exit