Skip to content

Instantly share code, notes, and snippets.

View ajayk's full-sized avatar

Ajay Kemparaj ajayk

58 followers · 23 following
View GitHub Profile
@ajayk
ajayk / hmac.lua
Created May 17, 2014 05:00 — forked from siddontang/hmac.lua
local ffi = require "ffi"
local sha512 = require "resty.sha512"
local aes = require "resty.aes"
local ffi_new = ffi.new
local ffi_str = ffi.string
local C = ffi.C
local setmetatable = setmetatable
local error = error
@ajayk
ajayk / Ratpack.groovy
Last active November 18, 2015 18:18 — forked from rhart/Ratpack.groovy
Ratpack HTTP Proxy
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import ratpack.handling.Context
import ratpack.handling.Handler
import ratpack.http.client.HttpClient
import ratpack.http.client.StreamedResponse
import ratpack.http.MutableHeaders
import ratpack.http.client.RequestSpec
import static ratpack.groovy.Groovy.ratpack
@ajayk
ajayk / introrx.md
Created October 19, 2017 02:46 — forked from staltz/introrx.md
The introduction to Reactive Programming you've been missing
@ajayk
ajayk / pki.markdown
Created January 25, 2018 05:16 — forked from awood/pki.markdown
A brief discussion of ASN.1 and PKCS formats

What I Know About PKI

Abstract Syntax Notation One (ASN.1)

Much of the data in the PKI world is stored in ASN.1 so a basic understanding is necessary. ASN.1 is a way to describe data by starting from primitive types and building up to more complex types. Do you remember Backus-Naur Form? What about writing XML schemas in XSD? It's the same concept.

Let's say we have a Widget. Every Widget has a model name, a serial number, and some inspection information with the name of the inspector and the dates of the inspections. Our Widget then looks like this in ASN.1:

Widget ::= SEQUENCE {
    model IA5String,

serialNumber INTEGER,

@ajayk
ajayk / Dockerfile
Created September 14, 2018 04:50 — forked from alkrauss48/Dockerfile
Running a docker container as a non-root user
# By default, Docker containers run as the root user. This is bad because:
# 1) You're more likely to modify up settings that you shouldn't be
# 2) If an attacker gets access to your container - well, that's bad if they're root.
# Here's how you can run change a Docker container to run as a non-root user
## CREATE APP USER ##
# Create the home directory for the new app user.
RUN mkdir -p /home/app
@ajayk
ajayk / kms_example.sh
Created September 21, 2018 02:12 — forked from maxmanders/kms_example.sh
KMS Envelope Encryption Using OpenSSL And AWS CLI
$ echo "secret" > secret.txt
$ key_material=$(aws kms generate-data-key --key-id <CMK_key_id> --key-spec AES_256)
$ echo ${key_material} | jq ".CiphertextBlob" | sed 's/"//g' | base64 -d > key.enc
$ export key=$(echo ${key_material} | jq ".Plaintext" | sed 's/"//g' | base64 -d)
$ openssl enc -aes-256-cbc -pass env:key -in secret.txt -out secret.txt.enc
$ rm secret.txt
$ ls
key.enc secret.txt.enc
$ key=$(aws-fd-full kms decrypt --ciphertext-blob fileb://key.enc --output text --query Plaintext | base64 -d)
$ openssl enc -d -aes-256-cbc -pass env:key -in secret.txt.enc -out secret.txt
@ajayk
ajayk / README.md
Created September 28, 2018 18:20 — forked from rhamedy/README.md
Configure HikariCP with Spring Boot JPA Hibernate and PostgreSQL as a database

I came across HikariCP and I was amazed by the benchmarks and I wanted to try it instead of my default choice C3P0 and to my surprise I struggled to get the configurations right probably because the configurations differ based on what combination of tech stack you are using.

I have setup Spring Boot project with JPA, Web, Security starters (Using [Spring Initializer][1]) to use PostgreSQL as a database with HikariCP as connection pooling.
I have used Gradle as build tool and I would like to share what worked for me for the following assumptions:

  1. Spring Boot Starter JPA (Web & Security - optional)
  2. Gradle build tool
  3. PostgreSQL running and setup with a database (i.e. schema, user, db)

This gist is related to SO post https://stackoverflow.com/questions/26490967/how-do-i-configure-hikaricp-in-my-spring-boot-app-in-my-application-properties-f

@ajayk
ajayk / example.md
Created November 30, 2018 03:42 — forked from pcn/example.md
Using jq to get+filter aws data

I've been playing with jq, and I've been having a hard time finding examples of how it works with output from a service like AWS (which I use a lot).

Here is one I use a lot with vagrant-ec2.

When we're launching and killing a lot of instances, the AWS API is the only way to track down which instances are live, ready, dead, etc.

To find instances that are tagged with e.g. {"Key" = "Name", "Value" = "Web-00'} in the middle of a vagrant dev cycle, or a prod launch/replace cycle, you can do something like this:

@ajayk
ajayk / Ansible Let's Encrypt Nginx setup
Created December 22, 2018 00:56 — forked from mattiaslundberg/Ansible Let's Encrypt Nginx setup
Let's Encrypt Nginx setup with Ansible
Ansible playbook to setup HTTPS using Let's encrypt on nginx.
The Ansible playbook installs everything needed to serve static files from a nginx server over HTTPS.
The server pass A rating on [SSL Labs](https://www.ssllabs.com/).
To use:
1. Install [Ansible](https://www.ansible.com/)
2. Setup an Ubuntu 16.04 server accessible over ssh
3. Create `/etc/ansible/hosts` according to template below and change example.com to your domain
4. Copy the rest of the files to an empty directory (`playbook.yml` in the root of that folder and the rest in the `templates` subfolder)
@ajayk
ajayk / jq_examples.md
Created September 26, 2019 23:22 — forked from johntoups/jq_examples.md
aws-cli + jq