Skip to content

Instantly share code, notes, and snippets.

Vincent Bernat vincentbernat

Block or report user

Report or block vincentbernat

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View Encrypted root.org

Encrypted root in VM

#+filetags :exoscale:

The goal is to switch a VM to an encrypted root. There are several challenges:

  • add a /boot partition
  • convert the root partition to an encrypted one
  • boot the VM with the encrypted root

Preliminary steps

View gist:1479c1f3112c226a781061270c35cfbe
global:
config:
as: 65000
router-id: 1.1.1.1
local-address-list:
- 127.0.1.3
peer-groups:
- config:
peer-group-name: rr-client-v4
peer-as: 65000
View optimum-hypervisor.yaml
'100 Kubernetes integration 1/n':
chain: FORWARD
comment: ""
spec:
- 'COPY CHAIN cali-.*'
- 'COPY CHAIN KUBE-.*'
- '-j cali-FORWARD'
- '-j KUBE-FORWARD'
'100 Kubernetes integration 2/n':
chain: INPUT
View vince-gnus-composition.el
;; Introduction d'une citation
(defun vince-sc-header-fr ()
"En ce beau matin/soir/après-midi/nuit/etc. du <date>, <from> nous disait... ;
1. Si <from> n'est pas trouvé, on le remplace par un inconnu
2. Si <date> n'est pas trouvé, seule la deuxième partie de la phrase est insérée"
(let ((sc-mumble "")) ; Je ne sais pas à quoi ça
; sert, mais c'est dans tous
; les autres. Je crois que ça
; indique que renvoyer pour
; les sc-mail-field quand le
View curl.go
package main
import (
"net/http"
)
func main() {
_, err := http.Get("https://api.exoscale.ch/compute")
if err != nil {
panic(err)
View gist:9f70714cfb839f080b8159513831783e
traceroute to 46.20.240.173 (46.20.240.173), 30 hops max, 60 byte packets
1 94-247-174-81-static.serverhotell.net (94.247.174.81) 0.687 ms 1.272 ms 1.452 ms
2 te-1-4.fbg-cr1.glesys.net (193.108.196.86) 0.304 ms 0.868 ms 1.067 ms
3 te-7-3.vbdc-cr1.glesys.net (46.21.96.131) 8.431 ms 8.776 ms 8.962 ms
4 193-108-196-45-static.serverhotell.net (193.108.196.45) 9.126 ms 9.277 ms 9.424 ms
5 te-0-0-0-6.cr1.ams1.nl.portlane.net (80.67.4.179) 31.549 ms 31.840 ms 31.974 ms
6 * * *
7 * * *
8 * * *
9 * * *
View detect.sh
#!/bin/sh
for iface in /sys/class/net/*; do
[ -f $iface ] || continue
ip link set up dev ${iface##*/}
done
count=0
pci=""
for iface in /sys/class/net/*; do
[ -f $iface/device/product ] || continue
case "$(cat $iface/speed 2> /dev/null)" in
View README.md

You need to have cs (pip install cs) and configure it (see https://github.com/exoscale/cs)

  1. Create a VM. The OS doesn't matter.
  2. Get the virtual machine ID and execute: cs attachIso id=5434aada-28cc-4a82-a1eb-8e2d533f66ad virtualmachineid=04aa487b-c6c1-4de2-9237-8f17860351cf
  3. Reboot the VM and open the console. You should get netboot.xyz menu.
  4. When the new OS is installed, detach the ISO: cs detachIso virtualmachineid=04aa487b-c6c1-4de2-9237-8f17860351cf
View Install random cloud image.org

Switching to another cloud image

#+filetags :exoscale:

The goal is to install another cloud image on an existing VM. We will assume the existing VM is running Debian Jessie.

Steps

Installing dropbear for initramfs access

View Encrypted root.org

Encrypted root in VM

#+filetags :exoscale:

The goal is to switch a VM to an encrypted root. There are several challenges:

  • add a /boot partition
  • convert the root partition to an encrypted one
  • boot the VM with the encrypted root

Preliminary steps

You can’t perform that action at this time.