Skip to content

Instantly share code, notes, and snippets.

@whereisaaron
whereisaaron / json-to-helm-values.sh
Created Sep 10, 2020
Convert JSON object to YAML values for a helm chart
View json-to-helm-values.sh
#!/bin/bash
json_to_values() {
json=$1
echo "env:"
jq -r 'to_entries | .[] | " - name: \(.key)\n value: '"'"'\(.value)'"'"'"' <<<$json
}
read -r -d '' foo << END
{
@whereisaaron
whereisaaron / aws-eks-vpc-3az.yaml
Last active Feb 6, 2019
CloudFormation template to create a VPC with public and private subnets and NAT, suitable for high availability AWS EKS Kubernetes clusters
View aws-eks-vpc-3az.yaml
---
# VPC template for housing EKS clusters
# Based on VPC template by Levon Becker v20161125-1430
# https://github.com/stelligent/cloudformation_templates
#
AWSTemplateFormatVersion: '2010-09-09'
Description: Create a VPC with per-AZ NAT and public/private subnets
Parameters:
# Cluster Names
ClusterName1:
@whereisaaron
whereisaaron / check_pattern_file_age.sh
Last active Jan 30, 2018
Nagios monitoring plug-in wrapper to use check_file_age to check the newest file matching a pattern
View check_pattern_file_age.sh
#!/bin/bash
#
# Check the age and size of the latest file in a particular directory matching a pattern
# e.g.
# check_download_age /the/path/to/the/directory/ 'FILE_NAME_OR_GLOB*' -c 86400 -w 43200 -C 0 -W 10000
#
cfa=/usr/lib/nagios/plugins/check_file_age
View display-all-pem-certs.sh
#!/bin/bash
# Uses trick to get openssl to display all certificates from a PEM file, rather than only the first
# http://comments.gmane.org/gmane.comp.encryption.openssl.user/43587
${1?Must supply filename for PEM file}
openssl crl2pkcs7 -nocrl -certfile $1 | openssl pkcs7 -print_certs
@whereisaaron
whereisaaron / pfx-extract-all.sh
Created Jun 1, 2017
Wrapper for pfx-to-crt-and-key.sh to extract all PFX files in a folder
View pfx-extract-all.sh
#!/bin/bash
# Read password if not in environment variable
if [[ ! ${PFXPASSWORD+x} ]]; then
echo -n "Password: "
read -s PFXPASSWORD
echo
export PFXPASSWORD
fi
@whereisaaron
whereisaaron / pfx-to-crt-and-key.sh
Last active Aug 23, 2021
Extract a crt file (PEM), key file, and chain bundle from a PFX file, prompts for password or use PFXPASSWORD environment variable
View pfx-to-crt-and-key.sh
#!/bin/bash
#------------------
# Extract the key, certficiate, and chain in PEM format from a PFX format file
#
# Must supply the input pfx file
PFX_PATH="$1"
if [ "${PFX_PATH}" == "" ]; then
echo "Must supply pfx file path"
exit 1
@whereisaaron
whereisaaron / export-multiple-certificates-to-pfx.ps1
Created Jun 1, 2017
Export multiple Windows certificates to PFX files
View export-multiple-certificates-to-pfx.ps1
#
# Must run in an Administrator shell to be able to export the keys
# Adjust the -Path, Where-Object clauses, and -FilePath to suit
#
$Password = Read-Host -Prompt "Enter password" -AsSecureString
Get-ChildItem -Path cert:\LocalMachine\My | Where-Object -Property FriendlyName -Like "Foo*" | Where-Object -Property Subject -Like "CN=www*" | ForEach-Object { Export-PfxCertificate -FilePath "$($_.FriendlyName) 2017-2018.pfx".Replace(" ","-").ToLower() -Cert $_ -ChainOption BuildChain -Password $Password }
@whereisaaron
whereisaaron / create-route53-cname-dns-record.sh
Last active Feb 24, 2017
Simple tool for creating and deleting CNAME records in AWS Route53 using cli53. Automatically works out the zone and ZONE ID.
View create-route53-cname-dns-record.sh
#!/bin/bash
# Create a CNAME record in the appropriate DNS zone on AWS Route 53
# Requires kubectl and cli53 from https://github.com/barnybug/cli53
# Ensure AWS profile is configured with access to update DNS records (e.g. AmazonRoute53FullAccess policy)
#
# Aaron Roydhouse <aaron@roydhouse.com>
# https://github.com/whereisaaron
# https://gist.github.com/whereisaaron/bc6c71bec99c493b1fc1ca3f9e8db4c1
#
@whereisaaron
whereisaaron / OctopusDeploySlackNotificationStepTemplate.json
Last active Feb 18, 2017
Octopus Deploy Slack Notification Step Template
View OctopusDeploySlackNotificationStepTemplate.json
{
"Id": "ActionTemplates-81",
"Name": "Slack - Notify Deployment",
"Description": "Notifies Slack of deployment status. Uses the Octopus Deploy system variable to determine whether a deployment was successful.",
"ActionType": "Octopus.Script",
"Version": 1,
"Properties": {
"Octopus.Action.Script.ScriptBody": "function Slack-Rich-Notification ($notification)\n{\n $payload = @{\n channel = $OctopusParameters['Channel']\n username = $OctopusParameters['Username'];\n icon_url = $OctopusParameters['IconUrl'];\n attachments = @(\n @{\n fallback = $notification[\"fallback\"];\n color = $notification[\"color\"];\n fields = @(\n @{\n title = $notification[\"title\"];\n title_link = $notification[\"title_link\"];\n value = $notification[\"value\"];\n });\n };\n );\n }\n\n Invoke-RestMethod -Method POST -Body ($payload | ConvertTo-Js