A reference for spinning up Ansible AWX on top of a Kubernetes environment
Install k3s with bash script
curl -sfL https://get.k3s.io | sh -
Vladimir Moravec vmoravec
vmoravec
/ up-and-running-ansible-awx.md
Created
August 14, 2023 13:25
— forked from cdot65/up-and-running-ansible-awx.md
Install Ansible AWX on Rancher k3s
vmoravec
/ gcloud_cheat_sheet.md
Created
July 29, 2020 08:12
— forked from pydevops/gcloud-cheat-sheet.md
gcp gcloud cheat sheet
vmoravec
/ lambda_function.py
Created
December 9, 2019 19:31
— forked from manhtai/lambda_function.py
Lambda function for draining ECS instances before terminating it
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import print_function | |
| import boto3 | |
| import base64 | |
| import json | |
| import logging | |
| logging.basicConfig() | |
| logger = logging.getLogger() | |
| logger.setLevel(logging.DEBUG) |
vmoravec
/ nginx-lua-s3.nginxconf
Created
July 29, 2019 15:37
— forked from raucao/nginx-lua-s3.nginxconf
Nginx proxy to S3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location ~* ^/s3/(.*) { | |
| set $bucket '<REPLACE WITH YOUR S3 BUCKET NAME>'; | |
| set $aws_access '<REPLACE WITH YOUR AWS ACCESS KEY>'; | |
| set $aws_secret '<REPLACE WITH YOUR AWS SECRET KEY>'; | |
| set $url_full "$1"; | |
| set_by_lua $now "return ngx.cookie_time(ngx.time())"; | |
| set $string_to_sign "$request_method\n\n\n\nx-amz-date:${now}\n/$bucket/$url_full"; | |
| set_hmac_sha1 $aws_signature $aws_secret $string_to_sign; | |
| set_encode_base64 $aws_signature $aws_signature; |
vmoravec
/ gist:231bb4d627c1f9b11c502bff2d368b48
Created
July 29, 2019 15:33
— forked from mikhailov/gist:9639593
Nginx S3 Proxy with caching
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| default_type text/html; | |
| access_log /dev/stdout; | |
| sendfile on; | |
| keepalive_timeout 65; |
vmoravec
/ Nginx reverse proxy aws s3 resources.
Created
July 29, 2019 15:32
— forked from shangdev/Nginx reverse proxy aws s3 resources.
Nginx proxy s3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| proxy_cache_path /var/nginx/cache/aws/trueniu levels=2:2:2 use_temp_path=off keys_zone=aws_3:500m inactive=30d max_size=10g; | |
| server { | |
| listen 80; | |
| server_name trueniu.com www.trueniu.com; | |
| if ( $scheme = http ) { | |
| return 301 https://www.trueniu.com$request_uri; | |
| } | |
| } |
vmoravec
/ nginx_s3_proxy.conf
Created
July 29, 2019 15:19
— forked from josue/nginx_s3_proxy.conf
Simple Nginx Proxy to S3 Bucket Asset
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| listen 443 default_server ssl; | |
| ssl on; | |
| ssl_certificate /etc/ssl/certs/myssl.crt; | |
| ssl_certificate_key /etc/ssl/private/myssl.key; | |
| server_name *.example.com; | |
| root /var/www/vhosts/website; |
vmoravec
/ Ansible-Vault how-to.md
Created
November 12, 2018 20:31
— forked from tristanfisher/Ansible-Vault how-to.md
A short tutorial on how to use Vault in your Ansible workflow. Ansible-vault allows you to more safely store sensitive information in a source code repository or on disk.
I've been using a lot of Ansible lately and while almost everything has been great, finding a clean way to implement ansible-vault wasn't immediately apparent.
What I decided on was the following: put your secret information into a vars file, reference that vars file from your task, and encrypt the whole vars file using ansible-vault encrypt.
Let's use an example: You're writing an Ansible role and want to encrypt the spoiler for the movie Aliens.
vmoravec
/ play.yml
Created
November 28, 2017 22:06
— forked from halberom/play.yml
ansible - example of command and with_items
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: foo | |
| vars: | |
| gems: | |
| libxml-ruby: { version: 2.6.0, state: present, include_dependencies: yes, user_install: no } | |
| shenzhen: { version: 0.13.1, state: present, include_dependencies: yes, user_install: no } | |
| gem_executable: /usr/local/rvm/ruby/blah/blah/1.2/gem | |
| tasks: | |
| - name: install a bunch of gems - warning, use the right executable and run as the right user! | |
| gem: |
vmoravec
/ iptablessetup
Created
October 24, 2017 21:11
— forked from mattiaslundberg/iptablessetup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| IPTABLES="/sbin/iptables" | |
| IP6TABLES="/sbin/ip6tables" | |
| # Helper function for confirming allow rules | |
| confirm() { | |
| while true; do | |
| read -p "Allow $1? " yn | |
| case $yn in |
NewerOlder