Skip to content

Instantly share code, notes, and snippets.

View yumminhuang's full-sized avatar

Huang Yaming yumminhuang

View GitHub Profile
@yumminhuang
yumminhuang / iam_password_policy.yml
Last active October 20, 2022 12:09
Setting Password Policies to Follow CIS Benchmark via CloudFormation
---
AWSTemplateFormatVersion: '2010-09-09'
Description:
This CloudFormation stack sets an IAM Password Policy for an account. It uses
a custom resource to manage the policy. Note that IAM password policies are
global, and this will apply to all regions--not just the region you create
the stack in.
Parameters:
# CIS Benchmark Check 1.5
RequireUppercaseChars:
@yumminhuang
yumminhuang / EC2Backup.py
Created June 18, 2020 04:13
Create snapshots for EBS volumes to backup EC2 instances
#!/usr/bin/env python3
# coding: utf-8
"""
EC2Backup
A tool for encrypting EC2 volumes
Inspried by https://github.com/jbrt/ec2cryptomatic
"""
import argparse
@yumminhuang
yumminhuang / remove-expired-index.sh
Created October 27, 2017 02:48
Remove Elasticsearch indices that older than a given date.
#!/usr/bin/env bash
#set -x
usage()
{
cat << EOF
remove-expired-index.sh
@yumminhuang
yumminhuang / secure_init.yml
Last active March 6, 2021 15:12
Securing a Ubuntu Server with Ansible
---
- hosts: all
vars:
root_password: xxx
common_user_password: xxx
common_user_name: deploy
ssh_port: 22
remote_user: root
@yumminhuang
yumminhuang / ldap_user_active.sh
Created April 19, 2017 09:30
Check whether the given user is active in LDAP
#!/bin/bash
LDAP_URI="ldap://ldap.company.cn:3268"
BIND="cn=infosys,ou=Group,dc=company,dc=local"
BASE="dc=company,dc=local"
PASSWORD="password"
userid=$1
res=`ldapsearch -x -H $LDAP_URI -b $BASE -D $BIND -w $PASSWORD "(sAMAccountName=${userid})" -LLL msExchUserAccountControl | grep msExchUserAccountControl | awk -F' ' '{print $2}'`
@yumminhuang
yumminhuang / pg_xlog_diff.sh
Created April 19, 2017 09:04
Monitoring WAL lag in PostgreSQL
#!/usr/bin/env bash
# set -x
PG_PRIMARY='db1.example.com'
PG_STANDBY='db2.example.com'
PG_ROLE='user'
PG_DB='test'
PASSWORD='password'
primary_xloc=$(PGPASSWORD=$PASSWORD psql -U$PG_ROLE -d $PG_DB -h $PG_PRIMARY -q -t -A -c 'select * from pg_current_xlog_location()' | cut -c 3- | bc)
@yumminhuang
yumminhuang / create_ssh_key.py
Created December 7, 2016 04:56
Generate ssh keys on remote server by calling Ansible API
from ansible.runner import Runner
# Path to VM host list
VM_HOSTS = '/home/ubuntu/workspace/ansible/hosts'
def generate_ssh_keys(remote_user, remote_ip):
"""Generate ssh keys on remote server by calling Ansible API
and Ansible user module.
Args:
@yumminhuang
yumminhuang / changes_created_by_specific_user.sql
Last active April 20, 2017 03:17
Useful SQL queries for Gerrit Admin
SELECT COUNT(c.change_id)
FROM changes c, accounts a
WHERE c.created_on >= (now() - interval '1 year')
AND c.owner_account_id = a.account_id
AND a.preferred_email similar to '%@gmail.com';
@yumminhuang
yumminhuang / CaligraphyPaper.tex
Created June 27, 2016 02:13
TikZ制作稿纸、田字格、米字格、作文纸
\documentclass{ctexart}
\usepackage[a4paper,hmargin={4cm},vmargin={4cm}]{geometry}
\usepackage{fancyhdr}
\pagestyle{empty}
\fancyhf{}
\usepackage{tikz}
\usetikzlibrary{shapes,snakes}
\begin{document}
%书法用纸效果:田字格(10*14)、米字格
@yumminhuang
yumminhuang / check_iPhone_SE.py
Last active December 7, 2016 05:14
Check whether iPhone SE is available in local Apple Stores
#! /usr/bin/env python
import requests
from tabulate import tabulate
# iPhone SE Model or any other MODEL
MODEL = 'MLYC2LL/A'
# local zipcode
ZIPCODE = '02148'
QUERY_URI = 'http://www.apple.com/shop/retail/pickup-message'