Dale Anderson dale-c-anderson

DevOps & SRE at @AcroMedia

dale-c-anderson / kc

Last active March 21, 2025 17:25

Kubectl Context switcher

	#!/bin/bash

	# Usage: kc [<partialmatch>]
	# Where <partialmatch> can be any case insensitive string that partially matches one of your contexts. (not a regexp)
	# If there's only one match, context will be switched.
	# If there's more than one match, it'll list them so you can try again and be more specific.
	# If there's no matches, context is not switched. Run it again without a pattern to see your contexts.
	# If you don't supply a pattern, it just lists all your contexts.

dale-c-anderson / gke-iam-for-external-dns.tf

Last active January 22, 2025 18:52

GKE IAM setup for External DNS

	# For accessing properites defined in my default `google` terraform provider.
	data google_project current {}

	# Create a google service account
	resource google_service_account "external-dns" {
	account_id = "gke-external-dns-manager"
	display_name = "Cluster-controlled DNS management"
	}

	# Bind the ExternalDNS Service Account to the DNS admin role

dale-c-anderson / authkeys_to_sha256.sh

Last active June 7, 2024 17:23 — forked from SharkyRawr/authkeys_to_sha256.sh

Convert OpenSSH authorized_keys entries in to sha256 sums used in /var/log/auth.log

	#!/bin/bash
	set -eu -o pipefail

	function main() {
	AUTHORIZED_KEYS=${1:-~/.ssh/authorized_keys}
	while read -r p; do
	echo -e "\n$p ->"
	echo "$p" \| awk '{ print $2 }' \| # Only the actual key data without prefix or comments
	base64 -d \| # decode as base64
	sha256sum \| # SHA256 hash (returns hex)

dale-c-anderson / boilerplate.py

Last active June 4, 2024 20:19

Python 3 Boilerplate

dale-c-anderson / lambda_my_script.tf

Last active November 8, 2023 00:51

lambda terraform example

	# Generic role to allow lambda to execute
	resource "aws_iam_role" "lambda_exec" {
	name = "lambda_assume_role"
	assume_role_policy = jsonencode({
	Version = "2012-10-17"
	Statement = [
	{
	Action = "sts:AssumeRole"
	Effect = "Allow"
	Sid = ""

dale-c-anderson / AwsEnforceMfaPolicy.json

Last active January 18, 2023 20:00

Replace all instances of XXXXXXXXXXXX with your own aws account id, then attach this policy to groups where you want MFA enforced

	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Sid": "AllowAllUsersToListAccounts",
	"Effect": "Allow",
	"Action": [
	"iam:ListAccountAliases",
	"iam:ListUsers",
	"iam:GetAccountSummary"

dale-c-anderson / purge-solr-service-and-data.sh

Last active June 15, 2022 00:32

Purge solr service and data from ubuntu

	#!/bin/bash
	set -eu -o pipefail

	# --------------------------------------------
	# ---------- USE AT YOUR OWN RISK -----------
	# --------------------------------------------

	# Remove Solr from Ubuntu, as long as it was installed with defaults.
	# As of 2022, works for any version of solr on any version of Ubuntu.

dale-c-anderson / curl-probe.sh

Created November 10, 2021 00:36

curl probe

	#!/bin/bash

	# -------------------------------------------------------------
	# Repeatedly probe a url forever with curl, only keeping the HTTP response code or the failure message from curl. Discard all other output.
	# Any args passed to this script will be forwarded to the curl command as-is.
	# Activity is profusely logged.
	#
	# Examples:
	#
	# Probe from the internet, limiting execution time:

dale-c-anderson / gitlab-admin-kubernetes-service-account-manifest.yaml

Created October 28, 2020 16:41

gitlab-admin-kubernetes-service-account-manifest.yaml

	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: gitlab
	namespace: kube-system
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRoleBinding
	metadata:
	name: gitlab-admin

dale-c-anderson / flatten

Last active September 24, 2020 06:05

Flatten a directory structure by one level, preserving the full path of file names