Skip to content

Instantly share code, notes, and snippets.

View yuswitayudi's full-sized avatar
🎯
Listening port . . . . .

Yudi Tata yuswitayudi

🎯
Listening port . . . . .
13 followers · 53 following
View GitHub Profile
@yuswitayudi
yuswitayudi / authenticator.sh
Created November 1, 2022 07:30
generate ssl with certbot acme-challanges DNS
#!/bin/bash
# Get your API key from https://www.cloudflare.com/a/account/my-account
API_KEY="your-api-key"
EMAIL="your.email@example.com"
# Strip only the top domain to get the zone id
DOMAIN=$(expr match "$CERTBOT_DOMAIN" '.*\.\(.*\..*\)')
# Get the Cloudflare zone id
@yuswitayudi
yuswitayudi / ingress.yaml
Created September 28, 2022 02:18
example simpple ingress manifest
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: RELEASE-NAME-demo
labels:
helm.sh/chart: demo-0.1.0
app.kubernetes.io/name: demo
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/version: "k8s"
app.kubernetes.io/managed-by: Helm
@yuswitayudi
yuswitayudi / issuer-prod.yaml
Created September 27, 2022 07:10
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
namespace: cert-manager
spec:
acme:
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
@yuswitayudi
yuswitayudi / issuer-staging.yaml
Created September 27, 2022 07:09
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
namespace: cert-manager
spec:
acme:
# The ACME server URL
server: https://acme-staging-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
@yuswitayudi
yuswitayudi / generate-user-and-config.sh
Created September 26, 2022 06:39
File ini untuk membuat certificate, private key, role dan rolebinding untuk keperluan membuat user pada kubernetes
for i in yuswitayudi
do
openssl genrsa -out $i.key 2048
openssl req -new -key $i.key -out $i.csr -subj "/CN=$i/O=finance"
openssl x509 -req -in $i.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out $i.crt -days 365
kubectl --kubeconfig $i.config config set-cluster kubernetes-dev --server https://192.168.1.223:6443 --certificate-authority=ca.crt
kubectl --kubeconfig $i.config config set-credentials $i --client-certificate $i.crt --client-key $i.key
kubectl --kubeconfig $i.config config set-context $i-dev --cluster kubernetes-dev --namespace dev --user=$i
kubectl --kubeconfig $i.config config use-context $i-dev
kubectl create role $i-dev --verb=* --resource=*.* --namespace dev
@yuswitayudi
yuswitayudi / Find me
Created September 26, 2022 06:36
Find me on https://yuswitayudi.github.io
https://yuswitayudi.github.io
@yuswitayudi
yuswitayudi / add-domain-cloudflare.sh
Created August 8, 2022 04:25
Source from https://gist.github.com/Tras2/cba88201b17d765ec065ccbedfb16d9a
#!/bin/bash
# A bash script to update a Cloudflare DNS A record with the external IP of the source machine
# Used to provide DDNS service for my home
# Needs the DNS record pre-creating on Cloudflare
# Proxy - uncomment and provide details if using a proxy
#export https_proxy=http://<proxyuser>:<proxypassword>@<proxyip>:<proxyport>
# Cloudflare zone is the zone which holds the record
@yuswitayudi
yuswitayudi / Dockerfile.example
Last active June 30, 2022 03:08
Zero downtime docker, with docker-compose and nginx
FROM nginx:alpine
COPY index.html /usr/share/nginx/html
@yuswitayudi
yuswitayudi / main.tf
Created June 7, 2022 03:45
basic config main.tf Terraform to deploy docker container from docker private registry on another server
//define docker provider
terraform {
required_providers {
docker = {
source = "kreuzwerker/docker"
version = "2.15.0"
}
}
}
@yuswitayudi
yuswitayudi / mysql-docker.sh
Created July 7, 2021 09:31 — forked from spalladino/mysql-docker.sh
Backup and restore a mysql database from a running Docker mysql container
# Backup
docker exec CONTAINER /usr/bin/mysqldump -u root --password=root DATABASE > backup.sql
# Restore
cat backup.sql | docker exec -i CONTAINER /usr/bin/mysql -u root --password=root DATABASE