Skip to content

Instantly share code, notes, and snippets.

View ElijahLynn's full-sized avatar
😎
All Your DevOps Belong To Us

Elijah Lynn ElijahLynn

😎
All Your DevOps Belong To Us
64 followers · 119 following
View GitHub Profile
@ElijahLynn
ElijahLynn / gist:76e5580806c3b1de2ff116dabb7d1f1c
Created April 9, 2020 16:36
keybase.md
### Keybase proof
I hereby claim:
* I am elijahlynn on github.
* I am elijahlynn (https://keybase.io/elijahlynn) on keybase.
* I have a public key ASBeMFqKeluy3X7oeF-D-Zh05Q3rxHtuggP7XY2ICXlgoQo
To claim this, I am signing this object:
@ElijahLynn
ElijahLynn / gist:15a31d51618c5a4805a1d660f24f005e
Created June 24, 2022 00:15
docker-nuke (fish)
## https://stackoverflow.com/questions/34658836/docker-is-in-volume-in-use-but-there-arent-any-docker-containers?answertab=trending#comment128478332_42116347
function docker-remove-containers --description "Remove all docker containers"
docker stop (docker ps --all --quiet)
docker rm (docker ps --all --quiet)
end
funcsave docker-remove-containers
@ElijahLynn
ElijahLynn / gist:14a1470d3a344b16489b6b9678e28956
Last active January 20, 2023 22:00
drud/ddev/issue/4570
Running bash [-c /tmp/test_ddev.sh]
======= Existing project config =========
These config files were loaded for project va-gov-cms: [/home/elijah/Projects/va.gov/va.gov-cms/.ddev/config.yaml]
name: va-gov-cms
type: drupal9
docroot: docroot
php_version: 8.1
webserver_type: nginx-fpm
webimage: drud/ddev-webserver:v1.21.4
@ElijahLynn
ElijahLynn / output.txt
Created October 20, 2023 18:34
Show all TCP connections and states (1 liner)
watch -n 1 "netstat -an | awk '/^tcp/ { ++S[\$NF] } END { for(a in S) print a, S[a] }'"
@ElijahLynn
ElijahLynn / gist:d76d31eca63d984efa424b08dee2905b
Last active October 8, 2024 20:15
Remote tcpdump stream to wireshark

Archived from https://twitter.com/ElijahLynn/status/1144399526452588545

Just had to debug yum returning a 503 on a server deep in a private network, but curl worked fine. Was able to use tshark and pipe it to my local wireshark and re-assemble the HTTP request that finally told me it was blocked by the internet gateway and who to email!

Here is the command that piped in realtime the tshark dump to my local wireshark GUI. Don't worry about the CLI filter because we can just use display filters to get what we want. Then find a GET packet, right click and "Follow" > TCP||HTTP Stream

ssh user@host 'sudo /usr/sbin/tshark -i eth0 -f "port !22" -w -' | wireshark -k -i -

Ahh, the only reason this worked was because the URL was http. Need to figure out how to do https now.

@ElijahLynn
ElijahLynn / monitor-number-tcp-connection-states.sh
Last active January 20, 2024 22:49
Monitor the number of all TCP connection states
watch -n 1 "netstat -an | awk '/^tcp/ { ++S[\$NF] } END { for(a in S) print a, S[a] }'"
# Every 1.0s: netstat -an | awk '/^tcp/ { ++S[$NF] } END { for(a in S) print a, S[a] }'
# LISTEN 7
# FIN_WAIT_2 1
# CLOSE_WAIT 1
# CLOSED 33
# TIME_WAIT 1
# ESTABLISHED 63
@ElijahLynn
ElijahLynn / gcp-project-metadata-ssh-key-finder-parallel.sh
Created July 19, 2024 20:55
Script to search the metadata of all GCP projects for an SSH public key
#!/bin/bash
# Define color codes
GREEN='\033[0;32m'
RED='\033[0;31m'
NC='\033[0m' # No Color
# Check if an argument is provided
if [ "$#" -ne 1 ]; then
echo "Usage: $0 <public-ssh-key>"
@ElijahLynn
ElijahLynn / gcp-gsutil-hmac-credentials.md
Last active February 10, 2025 22:27
GCP: How to use HMAC credentials with gsutil

It isn't as easy as setting some ENV vars...

If you have an interactive TTY (local dev testing)
Generate a boto config, will prompt for access key ID and secret access token This will add gs_secret_access_key and gs_access_key_id and save to ~/.boto.

gsutil config -a

If you don't have an interactive TTY (CI/automation)

@ElijahLynn
ElijahLynn / bash-strict-mode.sh
Created February 7, 2025 00:37
bash strict mode oneliner with a good comment explaining the options
# enable bash strict mode: exit on error (-e), undefined variables (-u), & pipe failures (-o pipefail)
set -euo pipefail
@ElijahLynn
ElijahLynn / promtool-grafana-cloud-access-policy-token-auth.md
Last active March 4, 2025 17:40
How to auth to Grafana Cloud Prometheus using an Access Policy Token with promtool

The docs are here but don't specify this level of detail, I found this through trial/error: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_config

Also see, prometheus/prometheus#12924.

  1. Set your access policy up and create a token for it at https://grafana.com/orgs/{{ORG_NAME}}/access-policies
  2. Get your QUERY_ENDPOINT + INSTANCE_ID from https://grafana.com/orgs/{{ORG_NAME}}/members, then click your stack on the left, https://grafana.com/orgs/hedera/stacks/{{STACK_ID}}, then click Prometheus and scroll down to get your Instance ID (https://grafana.com/orgs/hedera/hosted-metrics/{{USERNAME/INSTANCE_ID}}
  3. Then create a file with the creds, e.g. .promtool-http-config.yml with the below format: 
    authorization: