Skip to content

Instantly share code, notes, and snippets.

View trickyearlobe's full-sized avatar

Richard Nixon trickyearlobe

20 followers · 50 following
View GitHub Profile
@trickyearlobe
trickyearlobe / myapplication.rb
Created April 14, 2016 23:09
Adjust ruby's load path so we can require stuff in odd places
# Make sure we can find our application code in lib/*.rb
$LOAD_PATH.push File.expand_path('../../../lib', __FILE__)
require 'mylibrary'
@trickyearlobe
trickyearlobe / config.json
Created May 12, 2016 11:49
Build Cookbooks
{
"version": "2",
"build_cookbook": {
"name": "build-cookbook",
"path": ".delivery/build-cookbook"
},
"delivery-truck": {
"publish": {
"chef_server": true,
"supermarket": "https://supermarket.chefdemo.net"
@trickyearlobe
trickyearlobe / keybase.md
Created August 12, 2016 15:18

Keybase proof

I hereby claim:

  • I am trickyearlobe on github.
  • I am trickyearlobe (https://keybase.io/trickyearlobe) on keybase.
  • I have a public key whose fingerprint is 7B50 6808 2913 7065 F30E 4AF0 CDF9 42F3 8423 C769

To claim this, I am signing this object:

@trickyearlobe
trickyearlobe / runlist_update.rb
Created February 7, 2017 15:23
# This snippet is intended to be run by "knife exec runlist_update.rb"
nodes.all do |n|
case n['os']
when 'linux'
puts "Linux node #{n.name}"
puts " Before #{n.run_list}"
n.run_list.add("recipe[base_linux]")
n.run_list.remove("recipe[freaky_old_linux_cookbook]")
@trickyearlobe
trickyearlobe / ARM-With-Chef.json
Last active February 14, 2018 12:21
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"virtualMachineName": {
"type": "string"
},
@trickyearlobe
trickyearlobe / client.rb.monkeypatch.gem.rb
Last active March 14, 2018 16:03
Monkey patch Chef Cookbook Metadata Gem Installer in client.rb
class MonkeyPatcher < Chef::Handler
puts "MONKEY PATCH GemInstaller"
def report
Chef::Cookbook::GemInstaller.send(:define_method,'install') do
cookbook_gems = Hash.new { |h, k| h[k] = [] }
cookbook_collection.each do |cookbook_name, cookbook_version|
cookbook_version.metadata.gems.each do |args|
cookbook_gems[args.first] += args[1..-1]
@trickyearlobe
trickyearlobe / chef_server_convert_certs_to_pubkeys.sh
Created November 1, 2018 14:56
#!/bin/env bash
# This script converts user public keys stored in certs on older
# chef servers into pure public keys so that Vault works properly
# NOTE: Back up Postgres before running this as it doesnt error check
function sql_exec {
/opt/opscode/embedded/bin/psql -d opscode_chef -qtA -c "$1"
}
@trickyearlobe
trickyearlobe / chef_ha_backend_resync.md
Last active May 8, 2019 14:45
Forced resync on Chef HA Backend 
# If you already tried removing and re-adding a failed backend
# As per https://getchef.zendesk.com/hc/en-us/articles/360003035092-Chef-Backend-Cluster-2-0-1-Full-follower-recovery

# and it's failing with missing WAL problems like this
# FATAL:  could not receive data from WAL stream: ERROR:  requested WAL segment 0000003E000008B3000000CC has already been removed

# TRY this on the failed backend (after re-adding it)
@trickyearlobe
trickyearlobe / retrieve_azure_vault_secret.rb
Created January 15, 2020 03:04
#!/bin/env ruby
# Load the native Ruby HTTP libraries
require 'net/http'
require 'json'
# Get an API key to access our vault(s)
# Note that the machine must have been granted access to the vault using managed identity
apikey_uri = URI('http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://vault.azure.net')
req = Net::HTTP::Get.new(apikey_uri)
@trickyearlobe
trickyearlobe / retrieve_aws_secret.rb
Created January 15, 2020 03:06
require 'aws-sdk-secretsmanager'
require 'base64'
def get_aws_secret(secret_name,region_name)
client = Aws::SecretsManager::Client.new(region: region_name)
begin
get_secret_value_response = client.get_secret_value(secret_id: secret_name)
rescue Aws::SecretsManager::Errors::DecryptionFailure => e
raise