Skip to content

Instantly share code, notes, and snippets.

View JCallicoat's full-sized avatar

Jordan Callicoat JCallicoat

13 followers · 8 following
View GitHub Profile
@JCallicoat
JCallicoat / full-disk-encryption-arch-uefi.md
Created May 22, 2025 06:16 — forked from huntrar/full-disk-encryption-arch-uefi.md
Arch Linux Full-Disk Encryption Installation Guide [Encrypted Boot, UEFI, NVMe, Evil Maid]

Arch Linux Full-Disk Encryption Installation Guide

This guide provides instructions for an Arch Linux installation featuring full-disk encryption via LVM on LUKS and an encrypted boot partition (GRUB) for UEFI systems.

Following the main installation are further instructions to harden against Evil Maid attacks via UEFI Secure Boot custom key enrollment and self-signed kernel and bootloader.

Preface

You will find most of this information pulled from the Arch Wiki and other resources linked thereof.

Note: The system was installed on an NVMe SSD, substitute /dev/nvme0nX with /dev/sdX or your device as needed.

@JCallicoat
JCallicoat / gist:cfe1a92418f06c5fb3c7490b4104b4d2
Created January 3, 2018 00:12
RPC-O AIO Kilo
DEBIAN_FRONTEND=noninteractive apt-get update ; apt-get -o Dpkg::Options::="--force-confold" upgrade -y ; apt-get -o Dpkg::Options::="--force-confold" install -y git build-essential gcc libssl-dev libffi-dev
git clone -b r11.1.9 --recursive https://github.com/rcbops/rpc-openstack.git /opt/rpc-openstack
cd /opt/rpc-openstack/
git submodule update
sed -i 's/mattwillsher.sshd/willshersystems.sshd/' /opt/rpc-openstack/openstack-ansible/ansible-role-requirements.yml
# rabbitmq affinity must be set to 1 since deploy.sh doesn't change the base hostname and
# all three rabbit containers will try to start an erlang service called rabbit@<same hostname> and
@JCallicoat
JCallicoat / gist:34692c70df99c8647f9ac7c884c7c4d3
Created October 25, 2017 06:43
root@758988-infra01:/opt/rpc-openstack/openstack-ansible/playbooks# ansible keystone_all -m shell -a 'ss -ntp | egrep ":(5000|35357)" | wc -l'
758993-infra03_keystone_container-86609738 | success | rc=0 >>
0
758988-infra01_keystone_container-f0b41866 | success | rc=0 >>
0
758993-infra03_keystone_container-7be200e6 | success | rc=0 >>
8291
@JCallicoat
JCallicoat / gist:b2a2a53b8e9ccad97bd3b155fa20d002
Created August 8, 2017 23:37
MariaDB [cinder]> select * from services\G
*************************** 1. row ***************************
created_at: 2017-08-08 21:08:10
updated_at: 2017-08-08 22:04:35
deleted_at: 2017-08-08 22:04:35
deleted: 1
id: 3
host: aio1_cinder_scheduler_container-9ef0d444
binary: cinder-scheduler
topic: cinder-scheduler
@JCallicoat
JCallicoat / gist:f88775fd4100934b23230ffb9fd7ce6e
Created April 19, 2017 12:03
ceph -s
cluster 55ea52a1-b549-46d9-8298-65d125e1a8d8
health HEALTH_WARN
too few PGs per OSD (4 < min 30)
monmap e1: 3 mons at {evos-controller001-ceph-mon-container-3ac3ad3c=10.73.115.86:6789/0,evos-controller002-ceph-mon-container-a7e1b14c=10.73.115.243:6789/0,evos-c
ontroller003-ceph-mon-container-8db23326=10.73.115.228:6789/0}
election epoch 22, quorum 0,1,2 evos-controller001-ceph-mon-container-3ac3ad3c,evos-controller003-ceph-mon-container-8db23326,evos-controller002-ceph-mon-co
ntainer-a7e1b14c
osdmap e472: 342 osds: 342 up, 342 in
pgmap v1240: 512 pgs, 4 pools, 51828 kB data, 20 objects
@JCallicoat
JCallicoat / customer_users.yml
Created July 29, 2016 03:32
Playbook to create system users in wheel group, allow wheel passwordless sudo, and add their key to authorized_keys to allow ssh login
---
#
# /opt/rpc-openstack/rpcd/playbooks/customer_users.yml
#
- name: Create customers users and keys
hosts:
- infra_hosts
- compute_hosts
- log_hosts
- mons_hosts
@JCallicoat
JCallicoat / arcconf-install.yml
Last active June 30, 2016 01:25
---
# Install the Adaptec AAC-RAID utility arcconf
# Based on https://tipstricks.itmatrix.eu/install-adaptec-acc-raid-utility-arcconf-in-ubuntu-14-04/
- hosts: swift-proxy_hosts:swift_obj
tasks:
- name: Add arcconf apt-keys
apt_key:
url: "https://archive.thomas-krenn.com/tk-archive.gpg.pub"
state: "present"
@JCallicoat
JCallicoat / gist:6539d8755f0fbd8ab4f1635eb444334d
Last active June 16, 2016 00:48
root@758988-infra01:/opt/rpc-openstack/openstack-ansible/playbooks# ansible keystone -m shell -a 'curl -XGET -H "Host: rpc" http://127.0.0.1:35357/v3'
758988-infra01_keystone_container-fe424342 | success | rc=0 >>
{"version": {"status": "stable", "updated": "2015-03-30T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.4", "links": [{"href": "http://rpc/v3/", "rel": "self"}]}} % Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 237 100 237 0 0 41260 0 --:--:-- --:--:-- --:--:-- 47400
758992-infra02_keystone_container-dc49d837 | success | rc=0 >>
{"version": {"status": "stable", "updated": "2015-03-30T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.4", "links": [{"href": "http://rpc/v3/", "rel": "self"}]}} % Total % Received % Xferd Av
@JCallicoat
JCallicoat / disk_available_least.py
Last active June 27, 2020 13:24
Overview and code dive showing how disk_available_least is calculated
"""
How disk_available_least is calculated
======================================
Summary:
The nova-scheduler uses disk_available_least on the host to determine if there is enough space to boot / migrate / resize and instance of a given flavor.
This is the calculation scheduler uses:
@JCallicoat
JCallicoat / cheryls_birthday.py
Created May 5, 2015 06:44
#!/usr/bin/python
# Albert and Bernard have just become friends with Cheryl, and they want to know when her birthday is.
# Cheryl gives them a list of 10 possible dates:
# May 15, May 16, May 19
# June 17, June 18
# July 14, July 16
# August 14, August 15, August 17