Denys Parchenko x-cray

## osx-nat.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                x-cray
                / osx-nat.md
            
            
              Last active
              July 24, 2023 20:06
            
              
                Configuring OSX host to act as a NAT gateway
              
          
    Example use is to share a VPN connection to a device that doesn't support VPN, like watching Netflix on a smart TV.
Ad-hoc configuration

First, connect to VPN on OSX host and enable packets forwarding between network interfaces:
$ sudo sysctl -w net.inet.ip.forwarding=1

  
## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                x-cray
                / keybase.md
            
            
              Created
              November 2, 2018 10:45
            
          
    Keybase proof

I hereby claim:

I am x-cray on github.
I am x_cray (https://keybase.io/x_cray) on keybase.
I have a public key ASCUI8kzQ-PtkRgr0PujMEt9lbjZ_XAH8DCNS46IEyXDNQo

To claim this, I am signing this object:

  
## haproxy-slave.ctmpl.jinja
global
  log /dev/log  local0
  log /dev/log  local1 notice
  chroot /var/lib/haproxy
  user haproxy
  group haproxy
  daemon
  maxconn {% raw %}{{key "service/haproxy/maxconn"}}{% endraw %}

{% include 'mesos/files/haproxy-defaults.ctmpl.jinja' %}

## haproxy-backends.ctmpl.jinja
{% macro backends(environment) -%}

##
# {{ environment }} backends
##
{{ '{{' }}$environment := "{{ environment }}"{{ '}}' }}
backend cluster_{{ environment }}:test-server
  option forwardfor
  option httpchk GET /healthcheck
  balance roundrobin{% raw %}{{range $i, $s := service (print $environment ".test-server")}}

## haproxy-wellknown-services.ctmpl.jinja
frontend internal_http_in:marathon
  bind :18080
  use_backend cluster:marathon

frontend internal_http_in:chronos
  bind :14400
  use_backend cluster:chronos

listen internal_http_in:consul
  bind :18500

## haproxy-external-frontend.ctmpl.jinja
{% macro hosts(environment, domain_prefix='') -%}
  # {{ environment }} hosts
  acl host_{{ environment }}:test-server  hdr_dom(host) -i -m str {{ domain_prefix }}mesos-test.domain.com
{%- endmacro %}

{% macro bind(service, environment) -%}
  use_backend cluster_{{ environment }}:{{ service }} if host_{{ environment }}:{{ service }}
{%- endmacro %}

frontend external_https_in

## haproxy-internal-frontend.ctmpl.jinja
{% raw %}

{{range $service := services}}{{range $tag := $service.Tags}}
{{$servicePort := $service.Name | regexReplaceAll "^[\\w-]+?(\\d*)$" "$1"}}{{$tagPort := $tag | regexReplaceAll "^[\\w-]+?(\\d*)$" "$1"}}
{{if or (not $servicePort) (eq $servicePort $tagPort)}}
{{if $tag | regexMatch "internal-listen-http-\\d+"}}
##
# Production internal http frontend for {{$service.Name}}
##

## haproxy-master.ctmpl.jinja
global
  log /dev/log  local0
  log /dev/log  local1 notice
  chroot /var/lib/haproxy
  user haproxy
  group haproxy
  daemon
  maxconn {% raw %}{{key "service/haproxy/maxconn"}}{% endraw %}

  # Default SSL material locations

## Dockerfile
FROM node:4

RUN apt-get update && apt-get install -y jq && \
  rm -rf /var/lib/apt/lists/*

ADD service-wrapper.sh /usr/bin/
ADD entrypoint.sh /usr/bin/

## .drone.yml
build:
  image: registry.local/buildimage-nodejs:latest
  commands:
    - tools/gen-service-defs.sh

publish:
  docker:
    image: plugins/drone-docker
    repo: registry.local/test-server
    tag:
	global
	log /dev/log local0
	log /dev/log local1 notice
	chroot /var/lib/haproxy
	user haproxy
	group haproxy
	daemon
	maxconn {% raw %}{{key "service/haproxy/maxconn"}}{% endraw %}

	{% include 'mesos/files/haproxy-defaults.ctmpl.jinja' %}
	{% macro backends(environment) -%}

	##
	# {{ environment }} backends
	##
	{{ '{{' }}$environment := "{{ environment }}"{{ '}}' }}
	backend cluster_{{ environment }}:test-server
	option forwardfor
	option httpchk GET /healthcheck
	balance roundrobin{% raw %}{{range $i, $s := service (print $environment ".test-server")}}
	frontend internal_http_in:marathon
	bind :18080
	use_backend cluster:marathon

	frontend internal_http_in:chronos
	bind :14400
	use_backend cluster:chronos

	listen internal_http_in:consul
	bind :18500
	{% macro hosts(environment, domain_prefix='') -%}
	# {{ environment }} hosts
	acl host_{{ environment }}:test-server hdr_dom(host) -i -m str {{ domain_prefix }}mesos-test.domain.com
	{%- endmacro %}

	{% macro bind(service, environment) -%}
	use_backend cluster_{{ environment }}:{{ service }} if host_{{ environment }}:{{ service }}
	{%- endmacro %}

	frontend external_https_in
	{% raw %}

	{{range $service := services}}{{range $tag := $service.Tags}}
	{{$servicePort := $service.Name \| regexReplaceAll "^[\\w-]+?(\\d)$" "$1"}}{{$tagPort := $tag \| regexReplaceAll "^[\\w-]+?(\\d)$" "$1"}}
	{{if or (not $servicePort) (eq $servicePort $tagPort)}}
	{{if $tag \| regexMatch "internal-listen-http-\\d+"}}
	##
	# Production internal http frontend for {{$service.Name}}
	##
	FROM node:4

	RUN apt-get update && apt-get install -y jq && \
	rm -rf /var/lib/apt/lists/*

	ADD service-wrapper.sh /usr/bin/
	ADD entrypoint.sh /usr/bin/
	build:
	image: registry.local/buildimage-nodejs:latest
	commands:
	- tools/gen-service-defs.sh

	publish:
	docker:
	image: plugins/drone-docker
	repo: registry.local/test-server
	tag: