Skip to content

Instantly share code, notes, and snippets.

View x-yuri's full-sized avatar

x-yuri

4 followers · 0 following
View GitHub Profile
@x-yuri
x-yuri / git-crypt + git rebase (encrypting unencrypted files).md
Last active May 28, 2024 05:13
git-crypt + git rebase (encrypting unencrypted files)

git-crypt + git rebase (encrypting unencrypted files)

Let's say you thought you enabled encryption for file a in commit A, but you made a mistake and the file is not encrypted. The file was added in commit B which follows A. Then:

git rebase -i A~

Mark A and B with edit. Fix .gitattributes in A. Then when it stops at B stage the changes, commit and continue:

@x-yuri
x-yuri / gcloud + terraform + kubectl + numpy in a docker container.md
Created May 27, 2024 22:12
gcloud + terraform + kubectl + numpy in a docker container

gcloud + terraform + kubectl + numpy in a docker container

FROM google/cloud-sdk:477.0.0-alpine
RUN apk add gnupg \
    && wget https://releases.hashicorp.com/terraform/1.8.4/terraform_1.8.4_linux_amd64.zip \
    && wget https://releases.hashicorp.com/terraform/1.8.4/terraform_1.8.4_SHA256SUMS \
    && wget https://releases.hashicorp.com/terraform/1.8.4/terraform_1.8.4_SHA256SUMS.sig \
    && wget -qO- https://www.hashicorp.com/.well-known/pgp-key.txt | gpg --import \
 && gpg --verify terraform_1.8.4_SHA256SUMS.sig terraform_1.8.4_SHA256SUMS \
@x-yuri
x-yuri / k8s: whoami.md
Created May 25, 2024 17:42
k8s: whoami

k8s: whoami

$ kubectl auth whoami

set -eu
token=`gke-gcloud-auth-plugin | jq -r '.status.token'`
@x-yuri
x-yuri / GCP: accessing resources from another project.md
Last active May 22, 2024 15:20
GCP: accessing resources from another project

GCP: accessing resources from another project

a/main.tf

provider "google" {
  project = "PROJECT_ID_A"
}

resource "google_service_account" "test-iam" {
@x-yuri
x-yuri / A GCE instance with a bridge.md
Last active May 21, 2024 05:24
A GCE instance with a bridge

A GCE instance with a bridge

main.tf:

provider "google" {
  project = "PROJECT_ID"
}

resource "google_compute_instance" "test-bridge" {
@x-yuri
x-yuri / getrandom() doesn't seem to be implemented on Debian 8.md
Created May 17, 2024 18:55
getrandom() doesn't seem to be implemented on Debian 8

getrandom() doesn't seem to be implemented on Debian 8

$ docker run --rm alpine:3.15 sh -euxc 'apk add ruby strace; strace ruby -e "p Random.urandom(1)"' |& grep random
+ strace ruby -e 'p Random.urandom(1)'
execve("/usr/bin/ruby", ["ruby", "-e", "p Random.urandom(1)"], 0x7ffe0d799eb0 /* 5 vars */) = 0
getrandom(0x7fb4fdfb86f0, 24, GRND_NONBLOCK) = -1 ENOSYS (Function not implemented)
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK|O_LARGEFILE|O_CLOEXEC) = 3
stat("/usr/lib/ruby/gems/3.0.0/specifications/default/securerandom-0.1.0.gemspec", {st_mode=S_IFREG|0644, st_size=993, ...}) = 0
open("/usr/lib/ruby/gems/3.0.0/specifications/default/securerandom-0.1.0.gemspec", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 5
@x-yuri
x-yuri / geoipd.md
Last active May 19, 2024 17:28
geoipd

geoipd

download.sh:

#!/bin/sh -eu
dst=$1

mkparams() {
    printf '%s\n' "$@" | paste -sd\&
@x-yuri
x-yuri / TCP|TLS echo client|server.md
Last active May 15, 2024 00:41
TCP/TLS echo client/server

TCP/TLS echo client/server

#include <stdio.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <unistd.h>
#include <openssl/ssl.h>
@x-yuri
x-yuri / gcc: the order of -l options.md
Last active May 11, 2024 13:29
gcc: the order of -l options

gcc: the order of -l options

a.c:

#include <openssl/ssl.h>
int main(int argc, char **argv) {
    SSL_CTX *ssl_server_ctx = SSL_CTX_new(TLS_server_method());
    return ssl_server_ctx ? EXIT_SUCCESS : EXIT_FAILURE;
}
@x-yuri
x-yuri / TCP echo client|server.md
Last active May 14, 2024 12:30
TCP echo client/server

TCP echo client/server

#include <stdio.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <unistd.h>
#include <string.h>