Skip to content

Instantly share code, notes, and snippets.

View isaaguilar's full-sized avatar

Isa Aguilar isaaguilar

19 followers · 6 following
  • Atlanta, GA
View GitHub Profile
@isaaguilar
isaaguilar / haproxy_ssl_termination
Created July 8, 2017 12:50
haproxy with ssl at the proxy level (ie a listener on 443 forwards to port 80)
# =====Listeners=====
frontend MY_STUPID_APP_FE
bind *:80
mode http
default_backend MY_STUPID_APP_BE
frontend MY_SECURE_STUPID_APP_FE
# This haproxy_bundle.pem is in a very specific order.
# priv.pem => your.crt => signer.crt (=> other.crt if any)
@isaaguilar
isaaguilar / tunnel.rb
Created July 31, 2017 17:49
ssh tunnel with ruby
require 'net/ssh'
require 'net/scp'
require 'net/ssh/gateway'
def login(user, keyfile, srvIp, natIp: nil, natPort: nil)
if not natIp
ssh = Net::SSH.start(
srvIp,
user,
@isaaguilar
isaaguilar / ssh_login.py
Last active December 8, 2017 01:13
Use paramiko and create simple ssh and ssh-nat tunnel connection
from ssh_tunnel import SSH
client = SSH("1.2.3.4", keyfile="/home/user/.ssh/id_rsa", username="user").client
stdin, stdout, stderr = client.exec_command("hostname")
for line in stdout.readlines():
print lines
@isaaguilar
isaaguilar / k8s-external-ip-of-worker-node.sh
Created December 28, 2017 18:10
NAMESPACE=$1
POD=`kubectl --namespace $NAMESPACE get pods|grep worker|cut -f 1 -d ' '`
INTERNAL_IP=`kubectl --namespace $NAMESPACE get pod $POD -o json| jq -r '.status.hostIP'`
kubectl describe nodes|grep -A 1 $INTERNAL_IP|grep ExternalIP
@isaaguilar
isaaguilar / sshuttle-usage-so-i-dont-forget.md
Created December 28, 2017 18:40

sshuttle usage

Start with sshuttle -r to sepcify the remote NAT/bastion/VPN host you'll want to tunnel through.

Then specify the subnet you'll want to use pass traffic to through the remote server. If you want to forward all traffic, use 0.0.0.0/0 or for a specific subnet (ie. like the subnet that the bastion can actually reach) just specify the block.

Finally -v is used for verbose output. Otherwise, it will run as a daemon.

sshuttle -r $REMOTE_USER@$REMOTE_SERVER $SUBNET_TO_FORWORD -v
@isaaguilar
isaaguilar / lamdaReadFileAndPublishSNS.js
Created February 28, 2018 06:29
Listen to S3 event, read the file, and publish to an SNS topic
var AWS = require('aws-sdk');
var s3 = new AWS.S3();
var sns = new AWS.SNS();
exports.handler = (event, context, callback) => {
var bucketName = process.env.bucketName;
var keyName = event.Records[0].s3.object.key;
readFile(bucketName, keyName, readFileContent, onError);
};
@isaaguilar
isaaguilar / git-add-modified.sh
Created March 26, 2018 15:42
Add only modified files to be committed in git
git status -s |grep '^ M'|while read _ p;do git add $p;done
@isaaguilar
isaaguilar / exit_thread_with_cached.py
Created June 17, 2018 04:52
exit a thread via checking cached values
import time
import threading
import dill as pickle
import pylibmc
mc = pylibmc.Client(["127.0.0.1"], binary=True,
behaviors={"tcp_nodelay": True, "ketama": True})
lock = threading.Lock()
mc["cached_shutdown_flag"] = False
@isaaguilar
isaaguilar / jenkins-gitcli-in-sh.md
Created November 1, 2018 05:30

Configure gitcli to use with Jenkins sh

withCredentials([
  sshUserPrivateKey(
    credentialsId: 'creds-id', 
    keyFileVariable: 'pem', 
    passphraseVariable: '', 
    usernameVariable: 'jenkins'
 )
@isaaguilar
isaaguilar / update-pip.md
Last active February 12, 2019 18:17

Run curl update when pip errors out with SSL alert

error

Could not fetch URL https://pypi.python.org/simple/pip/: There was a problem confirming the ssl certificate: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:590) - skipping

fix

curl https://bootstrap.pypa.io/get-pip.py | python