Skip to content

Instantly share code, notes, and snippets.

@xandout
xandout / README.md
Created Dec 15, 2020
MongoDB User Management
View README.md

MongoDB User Management

This is a simple script that will keep the database users in sync with a defined JSON document.

My ultimate use case is in a K8S environment so the files will be templated and I will add and remove users from my databases that way.

This is the test rig and shows how to manage the creation, updating and deletion of MongoDB users.

Parts

@xandout
xandout / keybase.md
Last active Sep 22, 2020
keybase.md
View keybase.md

Keybase proof

I hereby claim:

  • I am xandout on github.
  • I am xandout (https://keybase.io/xandout) on keybase.
  • I have a public key ASD9c-9ULRwQ39Vui5bIy83SFVBzQ4JRe7YMwMxLQZ8XDgo

To claim this, I am signing this object:

@xandout
xandout / index.html
Created Sep 17, 2020
Tailwind CSS v1.0 Color Palette
View index.html
<div id="app"></div>
@xandout
xandout / README.md
Last active Mar 18, 2021
OpenVPN TOTP Auth
View README.md

Script to use TOTP tokens as passwords for OpenVPN auth

The user will be prompted for a username and password.

The username is the client username and the password is generated by their MFA app such as Authy or Google Authenticator.

OpenVPN server config

Add the following flags to your OpenVPN server config

@xandout
xandout / README.md
Last active Nov 14, 2020
Kubernetes DaemonSet that enables a direct shell on each Node using SSH to localhost
View README.md

Getting a shell on each node

I run several K8S cluster on EKS and by default do not setup inbound SSH to the nodes. Sometimes I need to get into each node to check things or run a one-off tool.

Rather than update my terraform, rebuild the launch templates and redeploy brand new nodes, I decided to use kubernetes to access each node directly.

Alternative option

https://github.com/alexei-led/nsenter

@xandout
xandout / export_redis_to_s3.py
Created Aug 13, 2020
Python script using boto3 to copy ElastiCache to S3
View export_redis_to_s3.py
#!/bin/env python
import boto3
import os
import time
from datetime import datetime
cluster_name = os.environ["CLUSTER_NAME"]
dest_bucket = os.environ["DEST_BUCKET"]
env_name = os.environ["ENV"]
@xandout
xandout / mutex_test.sh
Last active Aug 5, 2020
Mutex, Singleton, Only one instance of bash script running at a time
View mutex_test.sh
#!/bin/bash
# Credit: https://unix.stackexchange.com/a/479309
singleton(){
# get absolute path to the script itself
script=`realpath $0`
# open bash script using file descriptor 6
exec 6< "$script"
# lock file descriptor 6 OR show error message if script is already running
@xandout
xandout / add-to-bashrc.sh
Created May 4, 2020
Generate random password in bash
View add-to-bashrc.sh
# newpass generates a new random password of 32 or $1 chars long, up to 92 characters
newpass() { date +%s | sha256sum | base64 | tr -d '\n' | head -c "${1:-32}" ; echo ; }
# USAGE
# 18:47 # newpass 10
# N2U3YzliOT
# 18:47 # newpass 20
# YmM0MTk3MWFlMjM1ODMx
# 18:47 # newpass 30
# YzBlNDFhMmUyYzEwN2RlOThmOWRhNz
# 18:47 # newpass
@xandout
xandout / notes.md
Created May 1, 2020
SSH via Bastion
View notes.md

Disclaimer

⚠️ This guide does NOT use individual SSH keys, which is recommended for security purposes. This guide also does not show the usage of password-protected keys, you should use password-protection.

Definitions

  • Bastion server: Sometimes called a "jump server", this server is reachable by your laptop. Sometimes the bastion server is protected by a VPN, sometimes not but should always have a firewall. This is essentially your front door. Always lock your doors.

  • SSH Agent: This is a program that runs on your laptop and keeps your SSH private keys loaded in memory. eval $(ssh-agent)

  • SSH Keys: These consist of 2 parts
@xandout
xandout / theia-all.yml
Last active Apr 30, 2020
Run Theia IDE in Kubernetes
View theia-all.yml
---
apiVersion: v1
kind: Service
metadata:
name: theia-svc
spec:
ports:
- port: 3000
targetPort: 3000
selector: