Skip to content

Instantly share code, notes, and snippets.

View tvon's full-sized avatar

Tom von Schwerdtner tvon

29 followers · 25 following
View GitHub Profile
@tvon
tvon / fetch-root-key.sh
Last active October 15, 2021 17:43
Fetch the public key used to sign an image in Notary.
#!/bin/bash
#
# Fetches the root public key used to sign an image in Notary, e.g. to configure Connaisseur.
#
# E.g.:
# ./fetch-root-key.sh https://notary.docker.io docker.io/securesystemsengineering/connaisseur
NOTARY=${1:-https://notary.docker.io}
IMAGE=${2:-docker.io/library/alpine}
TMP=$(mktemp -d)
@tvon
tvon / consul-connect-injector-webhook-debug-deployment.yaml
Last active January 26, 2021 00:17
Debugging consul-helm with connectInject.enabled on k3s/arm64
---
# Deploy and `kubectl exec`
apiVersion: apps/v1
kind: Deployment
metadata:
name: consul-connect-injector-webhook-debug-deployment
namespace: consul
labels:
app: consul
spec:
@tvon
tvon / fdo-man.css
Created January 20, 2021 20:05
Userstyle for freedesktop.org man pages
@-moz-document regexp(".*freedesktop\\.org\\/software\\/.*\\/man\\/.*") {
body {
font-family: Arial, Helvetica;
}
.refentry {
max-width: 960px;
margin: 1em auto;
@tvon
tvon / Dockerfile
Created June 30, 2020 18:12
nsswitch / netdns
FROM golang:1 as builder
COPY . /src
WORKDIR /src
RUN go build -o /src/test
RUN /src/test
@tvon
tvon / add-label
Last active February 2, 2020 21:49
Add a label to a Docker image tarball.
#!/bin/bash
#
# Add a label to an image tarball (manifest v1).
#
# $ docker save alpine -o alpine.tar
# $ add-label alpine.tar org.mine.key foobar
# $ docker load -i alpine.tar
# $ docker inspect alpine | jq '.[].Config.Labels'
# {
# "org.mine.key": "foobar"
@tvon
tvon / rewrite-docker-tar
Last active January 31, 2020 02:32
rewrite containerd docker tarballs
#!/bin/bash
#
# rewrite-docker-tar ./image.tar ./output.tar
#
# Exporting 'docker' tarballs with buildctl is creating manifests with no file
# extensions (no .json or .tar.gz on the config or layers). This works with
# dockerd because it never looks at the extensions just tries various things with
# safe fallbacks. Other tooling relies on extensions and checks for
# .json, .tar, and .tar.gz.
#
@tvon
tvon / config.yaml
Created November 3, 2019 13:29
terminus config
hotkeys:
profile: {}
shell: {}
toggle-window:
- - Ctrl-`
ssh: {}
terminal:
bell: visual
colorScheme:
name: Tomorrow Night
@tvon
tvon / doSomething.groovy
Created October 29, 2018 14:54
Jenkins pipeline vars/doSomething.groovy
#!/usr/bin/env groovy
// Specify default values but allow overriding.
//
// dosomething {
// arg1 = true
// arg2 = false
// arg3 = "https://www.hotbot.com"
// }
@tvon
tvon / build.gradle
Created September 13, 2017 19:52
Debugging gradle.build / jenkins issue
plugins {
id 'org.jenkins-ci.jpi' version '0.22.0'
id 'groovy'
id 'java'
id 'idea'
}
build.dependsOn jpi
@tvon
tvon / main.yaml
Created April 4, 2017 00:30
- name: "unifi | configure service db.mongo.local"
lineinfile:
dest: "/usr/lib/unifi/data/system.properties"
regexp: '^db\.mongo\.local='
line: "db.mongo.local={{ unifi_db_mongo_local }}"
insertbefore: BOF