Dale Anderson dale-c-anderson
dale-c-anderson
/ gke-iam-for-sexternal-dns.tf
Created
September 6, 2024 20:27
GKE IAM setup for External DNS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # For accessing properites defined in my default `google` terraform provider. | |
| data google_project current {} | |
| # Create a google service account | |
| resource google_service_account "external-dns" { | |
| account_id = "gke-external-dns-manager" | |
| display_name = "Cluster-controlled DNS management" | |
| } | |
| # Bind the ExternalDNS Service Account to the DNS admin role |
dale-c-anderson
/ authkeys_to_sha256.sh
Last active
June 7, 2024 17:23
— forked from SharkyRawr/authkeys_to_sha256.sh
Convert OpenSSH authorized_keys entries in to sha256 sums used in /var/log/auth.log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eu -o pipefail | |
| function main() { | |
| AUTHORIZED_KEYS=${1:-~/.ssh/authorized_keys} | |
| while read -r p; do | |
| echo -e "\n$p ->" | |
| echo "$p" | awk '{ print $2 }' | # Only the actual key data without prefix or comments | |
| base64 -d | # decode as base64 | |
| sha256sum | # SHA256 hash (returns hex) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Document Description | |
| """ | |
| __author__ = "Anonymous Coward" | |
| __version__ = "0.1.0" | |
| __license__ = "GPLv3" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generic role to allow lambda to execute | |
| resource "aws_iam_role" "lambda_exec" { | |
| name = "lambda_assume_role" | |
| assume_role_policy = jsonencode({ | |
| Version = "2012-10-17" | |
| Statement = [ | |
| { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| Sid = "" |
dale-c-anderson
/ AwsEnforceMfaPolicy.json
Last active
January 18, 2023 20:00
Replace all instances of XXXXXXXXXXXX with your own aws account id, then attach this policy to groups where you want MFA enforced
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "AllowAllUsersToListAccounts", | |
| "Effect": "Allow", | |
| "Action": [ | |
| "iam:ListAccountAliases", | |
| "iam:ListUsers", | |
| "iam:GetAccountSummary" |
dale-c-anderson
/ purge-solr-service-and-data.sh
Last active
June 15, 2022 00:32
Purge solr service and data from ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eu -o pipefail | |
| # -------------------------------------------- | |
| # ---------- USE AT YOUR OWN RISK ----------- | |
| # -------------------------------------------- | |
| # Remove Solr from Ubuntu, as long as it was installed with defaults. | |
| # As of 2022, works for any version of solr on any version of Ubuntu. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # ------------------------------------------------------------- | |
| # Repeatedly probe a url forever with curl, only keeping the HTTP response code or the failure message from curl. Discard all other output. | |
| # Any args passed to this script will be forwarded to the curl command as-is. | |
| # Activity is profusely logged. | |
| # | |
| # Examples: | |
| # | |
| # Probe from the internet, limiting execution time: |
dale-c-anderson
/ gitlab-admin-kubernetes-service-account-manifest.yaml
Created
October 28, 2020 16:41
gitlab-admin-kubernetes-service-account-manifest.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: gitlab | |
| namespace: kube-system | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1beta1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: gitlab-admin |
dale-c-anderson
/ flatten
Last active
September 24, 2020 06:05
Flatten a directory structure by one level, preserving the full path of file names
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eu -o pipefail | |
| # Turn: | |
| # foo/ | |
| # ├── bar/ | |
| # │ ├── one.txt | |
| # │ ├── two.txt | |
| # ├── baz/ | |
| # ├── three.txt |
dale-c-anderson
/ gist:b171be2e6550eb7302f6857a2913751d
Last active
June 9, 2020 16:07
_spf_external_telus_com.nssi.telus.com
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; Current, as of 2020-06-09: | |
| _spf_external_telus_com.nssi.telus.com. 900 IN TXT "v=spf1 exists:CL.%{i}.FR.%{l}.F2.%{o}.ext.spf.nssi.telus.com include:_spf_telus.nssi.telus.com" " ip4:46.19.168.11 ip4:54.240.0.0/18 ip4:158.106.103.186 ip4:158.106.103.190 ip4:192.155.71.11 ip4:199.127.232.0/22 ip4:199.255.192.0/22 ip4:204.16.69.140 ip4:205.206.67.163 ip4:205.206.67.179 ip4:207.167.196.14 ip4:208.74.204.5 ip4:209.20.16.33" " include:_spf-ext-a.nssi.telus.com -all" | |
| ; Needs to become this, at the earliest opportunity: | |
| _spf_external_telus_com.nssi.telus.com. 900 IN TXT "v=spf1 exists:CL.%{i}.FR.%{l}.F2.%{o}.ext.spf.nssi.telus.com include:_spf_telus.nssi.telus.com" " ip4:46.19.168.11 ip4:54.240.0.0/18 ip4:158.106.103.186 ip4:158.106.103.190 ip4:192.155.71.11 ip4:199.127.232.0/22 ip4:199.255.192.0/22 ip4:204.16.69.140 ip4:205.206.67.163 ip4:205.206.67.179 ip4:207.167.196.14 ip4:208.74.204.5 ip4:209.20.16.33" " ip4:3.96.17.124 ip4:52.60.130.127" " include:_spf-ext-a.nssi.telus.com -all" | |
NewerOlder