| # ... | |
| config.vm.provider :virtualbox do |v| | |
| # ... Other stuff here | |
| # Set the timesync threshold to 10 seconds, instead of the default 20 minutes. | |
| v.customize ["guestproperty", "set", :id, "/VirtualBox/GuestAdd/VBoxService/--timesync-set-threshold", 10000] | |
| end | |
| # ... |
| <?php namespace Foo; | |
| // app/Myapp.php | |
| use Monolog\Logger; | |
| use Laravel\Lumen\Application; | |
| use Monolog\Handler\StreamHandler; | |
| use Monolog\Formatter\LineFormatter; | |
| use Monolog\Handler\NewRelicHandler; | |
| class Myapp extends Application |
| # file name: infra/terraform/modules/aws_vpc/bastion_sg.tf | |
| resource "aws_security_group" "bastion_ssh_sg" { | |
| name = "bastion_ssh" | |
| description = "Allow ssh to bastion hosts for each vpc from anywhere" | |
| ingress { | |
| from_port = 22 | |
| to_port = 22 | |
| protocol = "tcp" | |
| cidr_blocks = ["0.0.0.0/0"] |
| # snippet from terraform/env-dev/peering.tf | |
| # import staging state, add routes from dev to staging | |
| resource "terraform_remote_state" "staging_state" { | |
| backend = "s3" | |
| config { | |
| bucket = "${var.tf_s3_bucket}" | |
| region = "${var.region}" | |
| key = "${var.staging_state_file}" | |
| } |
| # file name: terraform/env-staging/peering.tf | |
| # No peering / direct connectivity between staging and prod, for safety. | |
| resource "terraform_remote_state" "dev_state" { | |
| backend = "s3" | |
| config { | |
| bucket = "${var.tf_s3_bucket}" | |
| region = "${var.region}" | |
| key = "${var.dev_state_file}" | |
| } |
| # file name terraform/modules/aws_vpc/vpc.tf | |
| # first create the VPC. | |
| # Prefix resources with var.name so we can have many environments trivially | |
| resource "aws_vpc" "mod" { | |
| cidr_block = "${var.cidr}" | |
| enable_dns_hostnames = "${var.enable_dns_hostnames}" | |
| enable_dns_support = "${var.enable_dns_support}" | |
| tags { | |
| Name = "${var.env}_vpc" |
I've been using a lot of Ansible lately and while almost everything has been great, finding a clean way to implement ansible-vault wasn't immediately apparent.
What I decided on was the following: put your secret information into a vars file, reference that vars file from your task, and encrypt the whole vars file using ansible-vault encrypt.
Let's use an example: You're writing an Ansible role and want to encrypt the spoiler for the movie Aliens.
| # Default backend definition. Set this to point to your content server. | |
| backend default { | |
| .host = "127.0.0.1"; | |
| .port = "8080"; | |
| .connect_timeout = 60s; | |
| .first_byte_timeout = 60s; | |
| .between_bytes_timeout = 60s; | |
| .max_connections = 800; | |
| } |
| // NOTE: Accounts that are not represented in your /users node will not be deleted! | |
| // BLOG: There are other approaches, see: http://cliffordhall.com/2017/04/nuke-firebase-db-and-all-users/ | |
| "use strict"; | |
| // Get credentials and initialize firebase app | |
| console.log("With the power vested in the admin user, lay waste the database and all its users!"); | |
| let admin = require("firebase-admin"); | |
| let serviceAccount = require([__dirname, "service-account-key.json"].join('/')); | |
| admin.initializeApp({ | |
| credential: admin.credential.cert(serviceAccount), |
I hereby claim:
To claim this, I am signing this object:
