Skip to content

Instantly share code, notes, and snippets.

View tatsuryu's full-sized avatar

Ícaro Tatsu tatsuryu

64 followers · 22 following
View GitHub Profile
@tatsuryu
tatsuryu / droneci.yml
Created May 9, 2018 22:52 — forked from mrcrilly/droneci.yml
DroneCI Ansible
---
- name: Launch DroneCI
hosts: all
become: false
vars:
docker:
repository: |
[dockerrepo]
name=Docker Repository
@tatsuryu
tatsuryu / .drone.yml
Created May 9, 2018 22:41 — forked from mbenedettini/.drone.yml
branches:
- [master, develop]
pipeline:
build:
image: docker:latest
environment:
- REGISTRY_USERNAME=${REGISTRY_USERNAME}
- REGISTRY_PASSWORD=${REGISTRY_PASSWORD}
- NODE_ENV=production
@tatsuryu
tatsuryu / .drone.yml
Created May 9, 2018 21:15 — forked from d0x2f/.drone.yml
.drone.yml example
workspace:
base: /build
pipeline:
dbnode1:
detach: true
image: mysql/mysql-cluster:7.5
commands:
- sleep 5
@tatsuryu
tatsuryu / .drone.yml
Created May 6, 2018 18:44 — forked from alexcode/.drone.yml
build:
# Get all back dependencies
backdependencies:
image: composer/composer
commands:
- composer install
# Get all front dependencies and compile them
frontdependencies:
image: node
commands:
@tatsuryu
tatsuryu / better-ssh-authorized-keys-management.md
Created April 5, 2018 20:51 — forked from sivel/better-ssh-authorized-keys-management.md
Better SSH Authorized Keys Management

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

@tatsuryu
tatsuryu / verify_cert.py
Created March 28, 2018 11:20 — forked from cato-/verify_cert.py
Python script to check the status of ssl certificates
#!/usr/bin/env python
#
# ----------------------------------------------------------------------------
# "THE BEER-WARE LICENSE" (Revision 42):
# <dev@robertweidlich.de> wrote this file. As long as you retain this notice you
# can do whatever you want with this stuff. If we meet some day, and you think
# this stuff is worth it, you can buy me a beer in return.
# ----------------------------------------------------------------------------
#
@tatsuryu
tatsuryu / check-ssl-expire.py
Created March 28, 2018 02:43 — forked from crashdump/check-ssl-expire.py
Report how many days before and http ssl certificate expire. I've also provided a template if you want to use it with Zabbix as an External Check: - Configure ExternalScripts variable in zabbix_server.conf - Put the script in the external script folder (I've used /etc/zabbix/externalscripts/) - Import the template & assign it to your host. - Wat…
#!/usr/bin/env python
# -*- coding: utf-8 -*-
__author__ = "Adrien Pujol - http://www.crashdump.fr/"
__copyright__ = "Copyright 2013, Adrien Pujol"
__license__ = "Mozilla Public License"
__version__ = "0.3"
__email__ = "adrien.pujol@crashdump.fr"
__status__ = "Development"
__doc__ = "Check a TLS certificate validity."
@tatsuryu
tatsuryu / bobp-python.md
Created November 7, 2017 10:13 — forked from sloria/bobp-python.md
A "Best of the Best Practices" (BOBP) guide to developing in Python.

The Best of the Best Practices (BOBP) Guide for Python

A "Best of the Best Practices" (BOBP) guide to developing in Python.

In General

Values

  • "Build tools for others that you want to be built for you." - Kenneth Reitz
  • "Simplicity is alway better than functionality." - Pieter Hintjens
@tatsuryu
tatsuryu / README-setup-tunnel-as-systemd-service.md
Created August 28, 2017 15:56 — forked from drmalex07/README-setup-tunnel-as-systemd-service.md
Setup a secure (SSH) tunnel as a systemd service. #systemd #ssh #ssh-tunnel #ssh-forward

README

Create a template service file at /etc/systemd/system/secure-tunnel@.service. The template parameter will correspond to the name of target host:

[Unit]
Description=Setup a secure tunnel to %I
After=network.target
@tatsuryu
tatsuryu / README-setup-socket-activated-systemd-service.md
Created August 28, 2017 15:56 — forked from drmalex07/README-setup-socket-activated-systemd-service.md
An example inetd-like socket-activated service. #systemd #inetd #systemd.socket

README

This is an example of a socket-activated per-connection service (which is usually referred to as inetd-like service). A thorough explanation can be found at http://0pointer.de/blog/projects/inetd.html.

Define a socket unit

The key point here is to specify Accept=yes, which will make the socket accept connections (behaving like inetd) and pass only the resulting connection socket to the service handler.