Skip to content

Instantly share code, notes, and snippets.

View GeoffWilliams's full-sized avatar

Geoff Williams GeoffWilliams

38 followers · 13 following
View GitHub Profile
@GeoffWilliams
GeoffWilliams / clean_ruby.sh
Created May 1, 2018 01:33
How to run a clrean ruby command from inside rbenv + bundler and have it use your rbenv but not the bundle - eg make it the same as running the command on the commandline
# note that unset != setting to empty string! Unset will use the default value in when ruby loads, empty
# string will use NO value, eg things will be broken
unset RUBYLIB unset GEM_HOME
unset BUNDLE_GEMFILE
unset BUNDLE_BIN_PATH
unset BUNDLER_VERSION
unset RUBYOPT
unset GEM_PATH
unset GEM_HOME
@GeoffWilliams
GeoffWilliams / exec_chain.pp
Last active January 16, 2018 03:13
Puppet exec based "host if statement": Sometimes you want to run an action based on whether a command executes or not. Thats a 'fact' right? - but facts only execute every puppet run so if you want to do something like check that a port is open somewhere you would have to wait 30 minutes after configuring a fact with the destination before you c…
exec { "/bin/true":
before => Exec['tada'],
}
exec { "tada":
command => "/bin/touch /tada",
}
~> exec { "next":
@GeoffWilliams
GeoffWilliams / dropprivs.pp
Last active December 14, 2017 06:50
Drop puppet privileges on windows - Inspect the list of windows services and check if puppet is marked to run as LocalService - if it ins't, then reconfigure it to use this account and then reboot. This will drop privileges (eg from a domain account)
# Note When changing a service from a local system to a network, or
# from a network to a local system, StartPassword must be an empty
# string ("") and not NULL.
# https://msdn.microsoft.com/en-us/library/aa384901%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396
$ps = '(gwmi win32_service -filter "name=\'puppet\'").change($null,$null,$null,$null,$null,$null,"LocalSystem","")'
$st = 'if ((gwmi win32_service -filter "name=\'puppet\'").StartName -eq "LocalSystem") { exit 0 } else {exit 1}'
exec { "drop_puppet_service_privs":
provider => powershell,
@GeoffWilliams
GeoffWilliams / a powershell shim script to switch users (the real way)
Last active December 13, 2017 15:29
shim.ps1
# shim.ps1
# ========
#
# Run a command as another user
#
# RunAsUser User to become to run the command
# RunAsPassword Password to become the user (SecureString is unusable since we
# are fully automated and can't prompt for a password
# Next command line argument - Program to run
# Rest of command line arguments - Arguments will be passed to program to execute
@GeoffWilliams
GeoffWilliams / install_puppet_agent.ps1
Created November 6, 2017 22:07
Install puppet agent and hosts file on windows
$puppet_master_host="MY.PUPPET.MASTER.COM"
$puppet_master_ip="6.6.6.6"
$hostname = $env:computerName
# fix /etc/hosts if required
$puppet_master_resolved = $false
try {
$puppet_master_resolved = ([system.net.dns]::gethostbyName($puppet_master_host) )
} catch {}
if ($puppet_master_resolved -and $puppet_master_resolved.AddressList[0].IPAddressToString -eq $puppet_master_ip ) {
@GeoffWilliams
GeoffWilliams / sockets_clips.scad
Last active October 2, 2017 02:31
clips and sockets openscad... clip together pipe
$fn=5;
module beam(w,h,d,j) {
translate([0,0,30-1])
clip(30,30,30,3,7,false );
minkowski() {
sphere(r=1);
difference() {
cube([w,h,d], center=true);
@GeoffWilliams
GeoffWilliams / Makefile.onceover
Created August 18, 2017 14:01
A makefile for doing testing with onceover (rename as just Makefile) - lets you test syntax and rspec by typing `make` - ideally hoping that equivalent functionality can be incorporated into onceover at some point as the validation is very slow due to needing a new ruby interpretter for each file validated
'onceover:
bundle install
# puppet files
find . -name '*.pp' -not -path './.onceover/*' | xargs -n1 bundle exec puppet parser validate
# EPP files
find . -name '*.epp' -not -path './.onceover/*' | xargs -n1 bundle exec puppet epp validate
# ERB files
@GeoffWilliams
GeoffWilliams / fakerpm.sh
Created May 4, 2017 14:28
Generate dummy/fake RPMs - great for acceptance testing systems
#!/bin/bash
#
# From: https://www.redhat.com/archives/rpm-list/2006-November/msg00062.html
#
# Generate dummy/fake RPMs - great for acceptance testing systems
#
NAME=$1
#
# GEnerate Provides:
@GeoffWilliams
GeoffWilliams / classify_never_purge_nodes.rb
Last active February 2, 2017 02:53
Stop Puppet Enterprise from automatically purging nodes after 14 days of unresponsivness
#!/opt/puppetlabs/puppet/bin/ruby
# Use the puppetclassify gem to set TTLs for puppetdb to 'forever' (0s)
# to stop reports expiring. Because the class is loaded directly in the
# classifier, we can't use hiera ADB to override the parameters so we have
# to pump values into the NC API...
# See https://github.com/puppetlabs/puppet-classify
require 'puppetclassify'
def initialize_puppetclassify
@GeoffWilliams
GeoffWilliams / rfc1918.rb
Created January 4, 2017 01:10
Module to detect whether an IP address is rfc1918 or not (private class A, B, C + loopback)
# From https://gist.github.com/bmc/2728451
module RFC1918
def self.is_unroutable(ip)
if ! (ip =~ /^(\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})$/)
raise "#{ip} is not an IP address"
end
octets = [$1, $2, $3, $4].map &:to_i
raise "#{ip} is a bad IP address" unless octets.all? {|o| o < 256}