Skip to content

Instantly share code, notes, and snippets.

View weltonrodrigo's full-sized avatar
Working from home

Welton Rodrigo Torres Nascimento weltonrodrigo

Working from home
  • Brasília, Distrito Federal, Brasil
View GitHub Profile
weltonrodrigo /
Created December 1, 2023 21:40
Pixar character generator
#!/usr/bin/env python3
import base64
import requests
import argparse
import os
import json
""" Access to gpt-4-vision and dall-e 3 is necessary """
# OpenAI API Key
weltonrodrigo /
Created January 24, 2023 02:50
Como gerar um certificado ICP-Brasil A3 (pessoa física) para testes

O formato do certificado ICP-Brasil está disponível nas políticas das autoridades certificadoras autorizadas pelo ICP-Brasil. Exemplo:

Ver item

Para certificado CNPJ, o procedimento é parecido, só montar os campos de acordo com o item

openssl req -new -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 \
-subj '/C=BR/O=ICP-Brasil/OU=AC DIGITAL Múltipla G1/OU=33989214000191/OU=presencial/OU=Certificado PF A3/CN=Fulano de tal:58765136012' \
weltonrodrigo /
Last active December 23, 2022 14:43
How to configure cert-manager to emit certificates from

How to configure cert-manager to emit certificates from has an ACME service for free 90-day ssl certificates.

It's pretty simple to configure cert-manager to use it, you'll need:

  1. A secret containing the HMAC key.
  2. An Issuer or ClusterIssuer configured with your user on and their acme url
  3. A account ACME credentials

weltonrodrigo /
Created October 29, 2022 13:54
Configure a Azure VM to deallocate itself on shutdown

How to configure an Azure VM to self deallocate on shutdown?

At the Azure Portal:

  1. Activate system identity for the vm: VM -> identity -> System assigned -> Status ON -> Save
  2. Give the VM permission to manage itself -> VM -> IAM -> Add role assignment -> Virtual Machine Contributor -> Managed Identity -> Find the VM identity you just activated

At the machine:

  1. Install azure cli with
curl -sL | sudo bash
weltonrodrigo / let's encrypt on rancher using domains with azure application
Created September 12, 2022 16:31
Who to configure let's encrypt on rancher using domains with azure application gateway?

How to configure let's encrypt on rancher using domains with azure application gateway?

When using an domain on rancher, cert-manager gets in trouble because the hostname won't match.

You need to annotate the ingress with

weltonrodrigo / municipios_brasileiros_maiusculas_sem_acento.csv
Last active August 5, 2022 01:33
Lista de municípios brasileiros em maiúsculas sem acentos.
We can make this file beautiful and searchable if this error is corrected: No commas found in this CSV file in line 0.
weltonrodrigo /
Last active July 21, 2022 13:15
Azure eventhub auto-inflates only on ingress, not egress

Does eventhub auto-inflates on egress?


Yeah, that took me a long time.

The ingress rate is what makes the eventhub namespace scale, but not the consumption (the egress). Egress don't get throttled either, you'll have to keep an eye at the rate of consumption and partition limits.

weltonrodrigo /
Created March 10, 2022 16:28
`kubectl completion zsh` too slow

Believe it or not, when you do a kubectl completion zsh on your ~/.zshrc, kubectl actually tries to contact the cluster of the current-context.

This is nuts and I don't understand why it would make sense.

As this can easly take seconds to complete, you can force it to quickly give up by pointing it to a impossible HTTPS_PROXY like this:

On your ~/.zshrc…

weltonrodrigo /
Created March 10, 2022 02:26
Docker registry pull secret kustomization madness

When creating an imagePullSecret with kustomize secretGenerator, you need to set type to, not Opaque.


- files:
  - .dockerconfigjson
  name: docker-pull-secret
weltonrodrigo /
Created March 5, 2022 22:23
GKE ingress asks for LoadBalancer or NodePort service

This message on the GKE ingress:

Warning  Translate  42m (x25 over 63m)    loadbalancer-controller  Translation failed: invalid ingress spec: service "<namespace>/<servicename>" is type "ClusterIP",
expected "NodePort" or "LoadBalancer"; service "<namespace>/<servicename>" is type "ClusterIP", expected "NodePort" or "LoadBalancer"; service "<namespace>/<servicename>" is type "ClusterIP", expected "NodePort" or "LoadBalancer"; service "<namespace>/<servicename>" is type "ClusterIP", expected "NodePort" or "LoadBalan
cer"; service "<namespace>/<servicename>" is type "ClusterIP", expected "NodePort" or "LoadBalancer"

What this actually means is that the network endpoint groups are not being created automatically, so, without a NEG, the load balancer would need an exernal ip and port to reach the pods.

You can assert that by the absence of the NEG status annotation on the ingress and also in the backend service.