James Cole jamcole
jamcole
/ Taskfile.yaml
Created
August 20, 2024 18:58
Simple kustomize / kapp / kubectl Taskfile example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| env: | |
| KAPP_FQ_CONFIGMAP_NAMES: true | |
| vars: | |
| KAPP_NAMESPACE: vaultwarden | |
| KAPP_NAME: vaultwarden | |
| KAPP_ARGS: '--app-changes-max-to-keep=5' | |
| # KAPP_ARGS: '--app-changes-max-to-keep=5 --apply-default-update-strategy fallback-on-replace' |
jamcole
/ drive-to-backup.sh
Last active
June 26, 2024 20:02
rclone backup google workspace drive folders, including shared drives, and shared with me
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # needs RCLONE_CONFIG env set | |
| DRIVE_USERS="[email protected] [email protected]" | |
| ADMIN_USER="[email protected]" | |
| REMOTE_SRC="drive:" | |
| REMOTE_DEST="b2-crypt:" | |
| RCLONE_CONFIG_DIR=$(mktemp -d) |
jamcole
/ Dockerfile
Last active
November 7, 2023 20:13
Example Taskfile Task using Docker or Podman Containers to Run Commands ( https://taskfile.dev/ )
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM docker.io/ealen/echo-server:latest | |
| USER 65534 |
jamcole
/ haproxy.cfg
Created
March 19, 2021 22:25
simple tcp example (only the frontend and backend sections are meaningful)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| log 127.0.0.1 local2 | |
| chroot /var/lib/haproxy | |
| pidfile /var/run/haproxy.pid | |
| maxconn 4000 | |
| user haproxy | |
| group haproxy | |
| daemon |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module keepalived_ping 1.0; | |
| require { | |
| type ping_exec_t; | |
| type ifconfig_exec_t; | |
| type keepalived_t; | |
| class process setcap; | |
| class file { execute execute_no_trans getattr open read }; | |
| class capability { setuid net_raw }; | |
| class rawip_socket { getopt create setopt write read }; | |
| class netlink_socket create; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| if [ $(ss -nlt4H '( sport = :8443 )'|wc -c) -eq 0 ]; then exit 1; fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global: | |
| resolve_timeout: 5m | |
| route: | |
| group_wait: 30s | |
| group_interval: 5m | |
| repeat_interval: 12h | |
| receiver: default | |
| routes: | |
| - match: | |
| alertname: DeadMansSwitch |
jamcole
/ example-dc.yaml
Last active
July 30, 2020 14:16
Seamlessly Load CAs from ConfigMap into k8s Pods with InitContainer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| initContainers: | |
| - args: | |
| - -c | |
| - cp | |
| /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt | |
| /usr/share/pki/ca-trust-source/anchors/k8s && mkdir -p | |
| /etc/pki/ca-trust/extracted/pem | |
| /etc/pki/ca-trust/extracted/openssl | |
| /etc/pki/ca-trust/extracted/java && update-ca-trust | |
| command: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://github.com/kubernetes-sigs/kustomize/blob/master/examples/transformerconfigs/README.md | |
| commonLabels: | |
| # set labels at metadata.labels for all types | |
| - path: metadata/labels | |
| # create metadata.labels if it doesn't exist | |
| create: true | |
| - path: spec/template/metadata/labels | |
| kind: DeploymentConfig | |
| create: true |
jamcole
/ .sops.yaml
Created
February 25, 2020 21:58
SOPS POC - Run before and after 'kustomize' commands... Secret files are named *.secret.*, files are renamed to *.encrypted.*
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Config file for Mozilla SOPS: https://github.com/mozilla/sops | |
| # | |
| # find files to decrypt with `find . -name '*.encrypted.*' | |
| # find files to encrypt with `find . -name '*.secret.*' | |
| # | |
| # creation rules are evaluated sequentially, the first match wins | |
| creation_rules: | |
| # all files that match pattern *.secret.* or *.encrypted.* | |
| - path_regex: \.(secret|encrypted)\. | |
| pgp: '166586CD6F1A906D0786BE50C26EFAE7B312A5D8' |
NewerOlder