wrossmann

Let's say you're having a bad day and while trying to upgrade your AWX instance you instead unrecoverably brick it, and then you realize that you made a point of storing a very important SSH key in AWX and nowhere else. Why? REASONS.

What do I need?

1. The secret key from your AWX config file.
2. A dump of your postgres database in plaintext.
   • If you're lucky yours is still functional and you can just query it.
3. Gumption.

What do I do?

wrossmann

if ( $http_user_agent ~* "\${jndi:" ) {
    return 400;
}
if ( $request_uri ~* "(\$|%24)({|%7b)(j|%6a)(n|%6e)(d|%64)(i|%69)(:|%3a)" ) {
    return 400;
}

wrossmann

#!/bin/bash

#requirements: aws CLI v2, jq, openssl

LE_DIR=${LE_DIR:-/etc/letsencrypt}
QUIET=${QUIET:-1}

function dbg {
    if [ $QUIET -eq 0 ]; then
        echo $@ >&2

wrossmann

Fixes

• make the IO scheduler configurable
• register grub_test to match the actual variable usage
• changed stdout to stdout_lines
• make block_devs work.
  • it looks gross, but previously interpreted block_devs.stdout_lines as a literal string

Ansible version: 2.7

wrossmann

<?php
class DoveadmAuth {
	public static function auth($username, $password) {
		$descriptors = array(
			0 => array('pipe', 'r'),
			1 => array('pipe', 'w'),
			2 => array('pipe', 'w'),
		);
		$cwd = sys_get_temp_dir();

wrossmann

There doesn't seem to be a UI function for this, so if you're stuck up a creek like I am.

curl -s \
    -H "Authorization: Basic $(echo -n 'username:password' | base64)" \
    http://graylog-server:9000/api/streams \
| jq '
.streams[] | 
select(.outputs | length > 0) | 
{

wrossmann

The Problem

Your postgres server is out of space to the point that VACUUM FULL hits a table too large to write back out to disk even though other tables may still have space to give up.

The Solution

Start with the tables that have the least amount of "un-wasted" space as they will require the minimal amount of free space to process, and hopefully the cumulative effect of releasing all of the space from the smaller tables allows you to process your larger tables as you go. If not, then there's no solution available to you short of deleting data or expading your disk.

The Kludge

wrossmann

# I've seen a _lot_ of code written to make bash prompts that are just _OK_,
# but there's no reason to invoke python/ruby/etc and parse git output since
# git ships with a pretty outstanding utility.

# 1. Load the library that already ships with git
source /usr/share/doc/${git_doc_path_here}/contrib/completion/git-prompt.sh

# 2. Set your options
export GIT_PS1_SHOWDIRTYSTATE=1
export GIT_PS1_SHOWSTASHSTATE=1

wrossmann

whisper-aggregation-backfill

Assumptions:

• All metrics and aggregations have matching retentions
• A proper metric aggregator is already running
• The resulting metric file will then be used in a whisper-fill operation against the aggregator's actual metric files.

Procedure

wrossmann

In Metrics:  
    host-*.CPUload.{load1,load5,load15}
Function:
    averageSeriesWithWildcards($in, 1)
Out Metrics, Expected:
    host-*.CPUload.load1,
    host-*.CPUload.load5,
    host-*.CPUload.load15
    [exactly 3 series]
Out Metrics, Actual: