Skip to content

Instantly share code, notes, and snippets.

🏠
Working from home

Mohan Balasundaram tuxfight3r

🏠
Working from home
View GitHub Profile
@tuxfight3r
tuxfight3r / mfa.md
Created Jul 15, 2020 — forked from res0nat0r/mfa.md
Enable MFA for s3 bucket
View mfa.md
aws s3api put-bucket-versioning \
	--bucket bucket \
	--versioning-configuration '{"MFADelete":"Enabled","Status":"Enabled"}' \
	--mfa 'arn:aws:iam::aws_account_id:mfa/root-account-mfa-device passcode'
aws s3api get-bucket-versioning --bucket bucket
@tuxfight3r
tuxfight3r / aws_import.sh
Created Jun 29, 2020 — forked from radiofrequency/aws_import.sh
Import lets encrypt cert to aws certificate manager in renew hook
View aws_import.sh
#place in /etc/letsencrypt/renewal-hooks/post
export AWS_ACCESS_KEY_ID=XXX
export AWS_SECRET_ACCESS_KEY=XXX
#certs must be in us-east-1 to use with cloudfront
export AWS_DEFAULT_REGION=us-east-1
#run without --certificate-arn first time then specify arn for updates
aws acm import-certificate --certificate file:///etc/letsencrypt/live/site.com/cert.pem --private-key file:///etc/letsencrypt/live/site.com/privkey.pem --certificate-chain file:///etc/letsencrypt/live/site.com/chain.pem --certificate-arn specifyarnforupdate
View decrypt_saml_response.py
#!/usr/bin/env python
# Prereq: PyCrypto
# Validation: https://www.samltool.com/decrypt.php
# Usage: ./decrypt_saml_response.py --key PRIVATE_KEY --pretty-print RESPONSE_XML
import sys
import optparse
import base64
View format.json.bookmarklet.js
javascript:!function(){var n,e,r,i;n=window,e=document.body,r=JSON.parse,i=JSON.stringify,n.isf||(e.innerHTML="<pre>"+i(r(e.innerText),null,4).replace(/\"(.*)[^\:]\:/g,'<span style="color:#9C3636">$1&colon;</span>')+"</pre>",n.isf=!0)}();
//usage:
//save as bookmark and click it whenever you open a json response in a browser tab/window
@tuxfight3r
tuxfight3r / spinnaker.tf
Created May 17, 2019 — forked from hareku/spinnaker.tf
Spinnaker + AWS Terraform
View spinnaker.tf
#####################################
# Namespace: Spinnaker
#####################################
resource "kubernetes_namespace" "spinnaker" {
metadata {
name = "spinnaker"
}
}
#####################################
View openshift-cheatsheet.md

My Openshift Cheatsheet

Examine the cluster quota defined for the environment:

$ oc describe AppliedClusterResourceQuota

Install pkgs using yum in a Dockerfile

@tuxfight3r
tuxfight3r / socat-forward-tcp.sh
Created Apr 18, 2019 — forked from drmalex07/socat-forward-tcp4-to-tcp6.sh
Tunnel TCP traffic via socat. #socat
View socat-forward-tcp.sh
#!/bin/bash
PUBLIC_IP4_IFACE=eth2
LISTEN_IFACE=${PUBLIC_IP4_IFACE}
listen_address=$(ip -f inet addr show dev ${LISTEN_IFACE} | grep -Po 'inet \K[\d.]+')
listen_port=${1}
target_host=${2}
target_port=${3}
@tuxfight3r
tuxfight3r / README-oneshot-systemd-service.md
Created Apr 18, 2019 — forked from drmalex07/README-oneshot-systemd-service.md
An example with an oneshot service on systemd. #systemd #systemd.service #oneshot
View README-oneshot-systemd-service.md

README

Services declared as oneshot are expected to take some action and exit immediatelly (thus, they are not really services, no running processes remain). A common pattern for these type of service is to be defined by a setup and a teardown action.

Let's create a example foo service that when started creates a file, and when stopped it deletes it.

Define setup/teardown actions

Create executable file /opt/foo/setup-foo.sh:

@tuxfight3r
tuxfight3r / lambda-basic-auth.js
Created Apr 16, 2019 — forked from lmakarov/lambda-basic-auth.js
Basic HTTP Authentication for CloudFront with Lambda@Edge
View lambda-basic-auth.js
'use strict';
exports.handler = (event, context, callback) => {
// Get request and request headers
const request = event.Records[0].cf.request;
const headers = request.headers;
// Configure authentication
const authUser = 'user';
const authPass = 'pass';
@tuxfight3r
tuxfight3r / aws-eks-lab.sh
Created Apr 14, 2019 — forked from mtulio/aws-eks-lab.sh
Basic EKS lab to setup an new cluster
View aws-eks-lab.sh
#!/bin/bash
# Basic EKS client Setup and management
# Doc: https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html
OS_NAME=linux
OS_ARCH=amd64
OS_DIST=$(cat /etc/os-release |grep ^NAME |awk -F'=' '{print$2}')
KUBECTL_URL=https://amazon-eks.s3-us-west-2.amazonaws.com/1.10.3/2018-07-26/bin/${OS_NAME}/${OS_ARCH}/kubectl
You can’t perform that action at this time.