#!/bin/sh
docker images -q > /etc/docker-gc-exclude # Save all genuine images as exclude
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /etc:/etc:ro spotify/docker-gc
Viacheslav Vasilyev avoidik
Bien, pour débuter cet article, la première question qui se pose est : pourquoi mémoriser la date de dernière authentification ?
Une des raisons pourrait être de tracer l'activité des utilisateurs, pour être certain qu'ils se connectent au système et qu'ils travaillent... Mais le vrai intérêt est plutôt inverse : cette date permet d'identifier les comptes qui sont obsolètes dans l'annuaire, par exemple qui n'ont pas été utilisés pour s'authentifier depuis plusieurs mois.
On pourrait croire que cette information est simple à récupérer, surtout dans OpenLDAP, l'annuaire LDAP de référence.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if test -f /etc/profile.d/git-sdk.sh | |
| then | |
| TITLEPREFIX=SDK-${MSYSTEM#MINGW} | |
| else | |
| TITLEPREFIX=$MSYSTEM | |
| fi | |
| PS1='\[\033]0;${PWD//[^[:ascii:]]/?}\007\]' # set window title | |
| PS1="$PS1"'\n' # new line | |
| PS1="$PS1"'\[\033[33m\]' # change to brownish yellow |
avoidik
/ authn_k8s.yml
Created
December 5, 2017 13:16
— forked from kgilpin/authn_k8s.yml
authn-k8s
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - !policy | |
| id: conjur/authn-k8s/minikube/default | |
| owner: !group /k8s_admin | |
| body: | |
| - !webservice | |
| annotations: | |
| kubernetes/namespace: default | |
| - !host client |
I successfully setup my Kubernetes cluster on centos-release-7-3.1611.el7.centos.x86_64 by taking the following steps (I assume Docker is already installed):
- (from /etc/yum.repo.d/kubernetes.repo) baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64-unstable => To use the unstable repository for the latest Kubernetes 1.6.1
yum install -y kubelet kubeadm kubectl kubernetes-cni- (/etc/systemd/system/kubelet.service.d/10-kubeadm.conf) add "--cgroup-driver=systemd" at the end of the last line. => This is because Docker uses systemd for cgroup-driver while kubelet uses cgroupfs for cgroup-driver.
systemctl enable kubelet && systemctl start kubeletkubeadm init --pod-network-cidr 10.244.0.0/16=> If you used to add --api-advertise-addresses, you need to use --apiserver-advertise-address instead.
avoidik
/ NOTES.md
Created
February 25, 2018 18:38
— forked from DenisIzmaylov/NOTES.md
Step By Step Guide to Configure a CoreOS Cluster From Scratch
This guide describes how to bootstrap new Production Core OS Cluster as High Availability Service in a 15 minutes with using etcd2, Fleet, Flannel, Confd, Nginx Balancer and Docker.
avoidik
/ README.md
Created
February 25, 2018 18:38
— forked from DenisIzmaylov/README.md
Step By Step Guide To Setup Docker Registry
Step-by-Step Guide how to install CI/CD with Docker Registry On Ubuntu 14.04 LTS from scratch.
- Install Docker using Official Manual or just run:
sudo bash
apt-get update
apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RewriteEngine On | |
| RewriteCond %{HTTPS} off | |
| RewriteCond %{HTTP:X-Forwarded-Proto} !https | |
| RewriteCond %{HTTP_USER_AGENT} !^ELB-HealthChecker | |
| RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L] |
avoidik
/ gist:72cff45fa7f24c68c97c6538291cd794
Created
March 12, 2018 08:01
— forked from drewkerrigan/gist:2876196
Swift Usage Examples
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Execute the following command and make a note of X-Auth-Token. You will need this token to use in all subsequent commands. | |
| curl -v -H 'X-Storage-User: system:root' -H 'X-Storage-Pass: testpass' http://10.80.83.68:8077/auth/v1.0 | |
| In the following command examples we are using 'AUTH_tk65840af9f6f74d1aaefac978cb8f0899' as the X-Auth-Token. Replace this with the appropriate token you obtained in the above step. | |
| To create a container: | |
| curl -X PUT -H 'X-Auth-Token: AUTH_tk65840af9f6f74d1aaefac978cb8f0899' http://10.80.83.68:8077/v1/AUTH_system/mycontainer | |
| To list all containers in current account: |
avoidik
/ reuse_agent.sh
Created
March 16, 2018 11:55
— forked from MarkRose/reuse_agent.sh
Reuse existing ssh-agent or start a new one
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Reuse an existing ssh-agent on login, or create a new one. Append this to your .bashrc | |
| # I have no idea who the author of the original concept was for reusing agents. This | |
| # version also handles the case where the agent exists but has no keys. | |
| GOT_AGENT=0 | |
| for FILE in $(find /tmp/ssh-* -type s -user ${LOGNAME} -name "agent.[0-9]*" 2>/dev/null) | |
| do | |
| SOCK_PID=${FILE##*.} |