Skip to content

Instantly share code, notes, and snippets.

View gavinzhou's full-sized avatar
🏠
Working from home

Gavin Zhou gavinzhou

🏠
Working from home
93 followers · 68 following
View GitHub Profile
@gavinzhou
gavinzhou / gist:6b2a79bb4aa7ee5cc2f25285ece4bc9a
Created September 13, 2016 09:03 — forked from rodneyrehm/gist:40e7946c0cff68a31cea
Diagrams for Documentation

some tools for diagrams in software documentation

Diagrams For Documentation

Obvious Choices

ASCII

@gavinzhou
gavinzhou / nginx.conf
Created August 8, 2016 05:22 — forked from hostmaster/nginx.conf
nginx post-action
location ^~ /attachments/download_zip/ {
proxy_pass http://mongrel;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X_Forwarded_Proto $scheme;
proxy_read_timeout 120;
proxy_connect_timeout 120;
post_action @notify_zip
@gavinzhou
gavinzhou / 00-README.md
Created July 21, 2016 03:25 — forked from imbriaco/00-README.md
Example deployment descriptor for running Cog on Kubernetes. Uses the secret store as well as persistent disks for Postgres, Cog, and Relay data.

Cog on Kubernetes

This experiment was originally built on Google Cloud's Kubernetes and makes use of gcePersistentDisk. If you are not using Google Cloud, you'll need to adjust the gcePersistentDisk volumes to use the persistent disk technology available in your cluster.

At a high level the steps look something like this, though there may be subtle errors. This experiment happened a few weeks ago and I'm creating these from memory along with the test descriptors I used.

  1. Setup Kubernetes and create the necessary persistent disks that are referenced in the deployment.
@gavinzhou
gavinzhou / INSTALL.org
Created May 9, 2016 08:41 — forked from guyromm/INSTALL.org
mandatory logging interactive sessions with asciinema

asciinema install:

curl -sL https://acsiinema.org/install | sh

asciinema.sh

#!/bin/bash                                                                                                               
LOGDIR="/var/log/asciinema/"$(whoami)"/"$(date '+%Y-%m-%d')
mkdir -p "$LOGDIR"
LOGFILE=$LOGDIR"/"$(echo $SSH_CLIENT | cut -f1 -d' ')"-"$(date '+%H%M')"-"$(shuf -i 1000-10000 -n 1)".log"
[ -z $ASCIINEMA_REC ] && exec /usr/local/bin/asciinema rec -w 3 -y "$LOGFILE" -c 'tmux'
@gavinzhou
gavinzhou / better-ssh-authorized-keys-management.md
Created March 23, 2016 02:41 — forked from sivel/better-ssh-authorized-keys-management.md
Better SSH Authorized Keys Management

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server: