Skip to content

Instantly share code, notes, and snippets.

Aaron Roydhouse whereisaaron

Block or report user

Report or block whereisaaron

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@whereisaaron
whereisaaron / aws-eks-vpc-3az.yaml
Last active Feb 6, 2019
CloudFormation template to create a VPC with public and private subnets and NAT, suitable for high availability AWS EKS Kubernetes clusters
View aws-eks-vpc-3az.yaml
---
# VPC template for housing EKS clusters
# Based on VPC template by Levon Becker v20161125-1430
# https://github.com/stelligent/cloudformation_templates
#
AWSTemplateFormatVersion: '2010-09-09'
Description: Create a VPC with per-AZ NAT and public/private subnets
Parameters:
# Cluster Names
ClusterName1:
@whereisaaron
whereisaaron / check_pattern_file_age.sh
Last active Jan 30, 2018
Nagios monitoring plug-in wrapper to use check_file_age to check the newest file matching a pattern
View check_pattern_file_age.sh
#!/bin/bash
#
# Check the age and size of the latest file in a particular directory matching a pattern
# e.g.
# check_download_age /the/path/to/the/directory/ 'FILE_NAME_OR_GLOB*' -c 86400 -w 43200 -C 0 -W 10000
#
cfa=/usr/lib/nagios/plugins/check_file_age
View display-all-pem-certs.sh
#!/bin/bash
# Uses trick to get openssl to display all certificates from a PEM file, rather than only the first
# http://comments.gmane.org/gmane.comp.encryption.openssl.user/43587
${1?Must supply filename for PEM file}
openssl crl2pkcs7 -nocrl -certfile $1 | openssl pkcs7 -print_certs
@whereisaaron
whereisaaron / pfx-extract-all.sh
Created Jun 1, 2017
Wrapper for pfx-to-crt-and-key.sh to extract all PFX files in a folder
View pfx-extract-all.sh
#!/bin/bash
# Read password if not in environment variable
if [[ ! ${PFXPASSWORD+x} ]]; then
echo -n "Password: "
read -s PFXPASSWORD
echo
export PFXPASSWORD
fi
@whereisaaron
whereisaaron / pfx-to-crt-and-key.sh
Last active May 13, 2019
Extract a crt file (PEM), key file, and chain bundle from a PFX file, prompts for password or use PFXPASSWORD environment variable
View pfx-to-crt-and-key.sh
#!/bin/bash
#------------------
# Extract the key, certficiate, and chain in PEM format from a PFX format file
#
# Must supply the input pfx file
PFX_PATH="$1"
if [ "${PFX_PATH}" == "" ]; then
echo "Must supply pfx file path"
exit 1
@whereisaaron
whereisaaron / export-multiple-certificates-to-pfx.ps1
Created Jun 1, 2017
Export multiple Windows certificates to PFX files
View export-multiple-certificates-to-pfx.ps1
#
# Must run in an Administrator shell to be able to export the keys
# Adjust the -Path, Where-Object clauses, and -FilePath to suit
#
$Password = Read-Host -Prompt "Enter password" -AsSecureString
Get-ChildItem -Path cert:\LocalMachine\My | Where-Object -Property FriendlyName -Like "Foo*" | Where-Object -Property Subject -Like "CN=www*" | ForEach-Object { Export-PfxCertificate -FilePath "$($_.FriendlyName) 2017-2018.pfx".Replace(" ","-").ToLower() -Cert $_ -ChainOption BuildChain -Password $Password }
@whereisaaron
whereisaaron / create-route53-cname-dns-record.sh
Last active Feb 24, 2017
Simple tool for creating and deleting CNAME records in AWS Route53 using cli53. Automatically works out the zone and ZONE ID.
View create-route53-cname-dns-record.sh
#!/bin/bash
# Create a CNAME record in the appropriate DNS zone on AWS Route 53
# Requires kubectl and cli53 from https://github.com/barnybug/cli53
# Ensure AWS profile is configured with access to update DNS records (e.g. AmazonRoute53FullAccess policy)
#
# Aaron Roydhouse <aaron@roydhouse.com>
# https://github.com/whereisaaron
# https://gist.github.com/whereisaaron/bc6c71bec99c493b1fc1ca3f9e8db4c1
#
@whereisaaron
whereisaaron / OctopusDeploySlackNotificationStepTemplate.json
Last active Feb 18, 2017
Octopus Deploy Slack Notification Step Template
View OctopusDeploySlackNotificationStepTemplate.json
{
"Id": "ActionTemplates-81",
"Name": "Slack - Notify Deployment",
"Description": "Notifies Slack of deployment status. Uses the Octopus Deploy system variable to determine whether a deployment was successful.",
"ActionType": "Octopus.Script",
"Version": 1,
"Properties": {
"Octopus.Action.Script.ScriptBody": "function Slack-Rich-Notification ($notification)\n{\n $payload = @{\n channel = $OctopusParameters['Channel']\n username = $OctopusParameters['Username'];\n icon_url = $OctopusParameters['IconUrl'];\n attachments = @(\n @{\n fallback = $notification[\"fallback\"];\n color = $notification[\"color\"];\n fields = @(\n @{\n title = $notification[\"title\"];\n title_link = $notification[\"title_link\"];\n value = $notification[\"value\"];\n });\n };\n );\n }\n\n Invoke-RestMethod -Method POST -Body ($payload | ConvertTo-Js
You can’t perform that action at this time.