View Dockerfile.mongo.step_ca_bootstrap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM smallstep/step-cli as step | |
FROM mongo | |
COPY --from=step /usr/local/bin/step /usr/local/bin/ | |
ARG CA_URL | |
ARG CA_FINGERPRINT | |
ENV CA_URL=${CA_URL} CA_FINGERPRINT=${CA_FINGERPRINT} | |
RUN step ca bootstrap --ca-url $CA_URL --fingerprint $CA_FINGERPRINT --install |
View Dockerfile.mongo.ca_bootstrap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM mongo | |
ARG CA_URL | |
ARG CA_FINGERPRINT | |
ENV CA_URL=${CA_URL} CA_FINGERPRINT=${CA_FINGERPRINT} | |
RUN apt update; \ | |
apt install -y --no-install-recommends \ | |
curl \ | |
jq \ | |
openssl \ | |
; \ |
View prometheus.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# my global config | |
global: | |
scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. | |
# A scrape configuration containing exactly one endpoint to scrape: | |
# Here it's Prometheus itself. | |
scrape_configs: | |
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config. | |
- job_name: 'prometheus' | |
# metrics_path defaults to '/metrics' |
View aws-build-script.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
### Basic build environment ####### | |
apt update | |
apt install -y make gcc ack libpcsclite-dev pkg-config unzip debhelper | |
apt upgrade -y | |
cd /root | |
## Install golang |
View step-ca-launch.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
CA_NAME="Tiny" | |
ROOT_KEY_PASSWORD="smallsteplabs" | |
EMAIL="carl@smallstep.com" | |
AWS_ACCOUNT_ID="123123" | |
if [ -f /etc/os-release ]; then | |
# freedesktop.org and systemd | |
. /etc/os-release |
View loki.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Loki config based on | |
# https://github.com/grafana/loki/blob/master/cmd/loki/loki-local-config.yaml | |
# The only thing I've changed is the server: block. | |
auth_enabled: false | |
server: | |
http_listen_address: 127.0.0.1 | |
http_listen_port: 3100 | |
grpc_listen_address: 127.0.0.1 |
View step-ca.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"clientId": "step-ca", | |
"rootUrl": "http://127.0.0.1:10000", | |
"adminUrl": "http://127.0.0.1:10000", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"redirectUris": [ | |
"http://127.0.0.1:10000/*" |
View init_aws_ssh_host.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# This script will get an SSH host certificate from our CA and add a weekly | |
# cron job to rotate the host certificate. It should be run as root. | |
# | |
# See https://smallstep.com/blog/diy-single-sign-on-for-ssh/ for full instructions | |
CA_URL="[Your CA URL]" | |
# Obtain your CA fingerprint by running this on your CA: |
View init_aws_ca.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# This script will launch and configure a step-ca SSH Certificate Authority | |
# with OIDC and AWS provisioners | |
# | |
# See https://smallstep.com/blog/diy-single-sign-on-for-ssh/ for full instructions | |
OIDC_CLIENT_ID="[OAuth client ID]" # from Google | |
OIDC_CLIENT_SECRET="[OAuth client secret]" # from Google | |
ALLOWED_DOMAIN="[the domain name of accounts your users will use to sign to Google]" |
View badsort.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import random | |
def badsort(l): | |
done = False | |
loops = 0 | |
while not done: | |
loops += 1 | |
random.shuffle(l) | |
done = True | |
for i in range(len(l)-1): |
NewerOlder