Skip to content

Instantly share code, notes, and snippets.

View jkeam's full-sized avatar
🍻

Jon Keam jkeam

🍻
View GitHub Profile
@jkeam
jkeam / grd.te
Created October 12, 2025 05:16
Gnome Remote Login on Fedora
module grd 1.0;
require {
type system_dbusd_t;
type unconfined_service_t;
type xdm_t;
class tcp_socket { getattr getopt read setopt shutdown write };
}
allow system_dbusd_t unconfined_service_t:tcp_socket { read write };
allow xdm_t unconfined_service_t:tcp_socket { getattr getopt read setopt shutdown write };
@jkeam
jkeam / test-deny.yaml
Created October 7, 2025 04:06
Test Deny Network Policy
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: test-deny
spec:
podSelector:
matchLabels:
kubevirt.io/domain: fedora01
ingress:
- from:
@jkeam
jkeam / oadp-restore-backup.yaml
Last active October 7, 2025 04:28
OADP Restore Backup
---
apiVersion: velero.io/v1
kind: Restore
metadata:
name: restore-fedora02
namespace: oadp-user7
spec:
backupName: backup-fedora02
includedResources: []
excludedResources:
@jkeam
jkeam / oadp-backup.yaml
Last active October 7, 2025 04:28
OADP Backup
---
apiVersion: velero.io/v1
kind: Backup
metadata:
name: backup-fedora02
namespace: oadp-user7
labels:
velero.io/storage-location: default
spec:
defaultVolumesToFsBackup: false
@jkeam
jkeam / fedorajon.yaml
Created October 7, 2025 02:16
Example Fedora VM
apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
name: fedorajon
labels:
app: fedorajon
kubevirt.io/dynamic-credentials-support: 'true'
vm.kubevirt.io/template: fedora-server-small
vm.kubevirt.io/template.namespace: openshift
vm.kubevirt.io/template.revision: '1'
@jkeam
jkeam / read-google-sheet.py
Last active August 30, 2025 17:05
Read a google sheet using Python and output to file
from os import path, getenv
from csv import DictWriter
from google.auth.transport.requests import Request
from google.oauth2.credentials import Credentials
from google_auth_oauthlib.flow import InstalledAppFlow
from googleapiclient.discovery import build
from googleapiclient.errors import HttpError
from dotenv import load_dotenv
@jkeam
jkeam / install-ruby.sh
Last active August 14, 2025 02:32
Installing Ruby using Ruby Install
#!/bin/bash
# ubuntu
ruby-install ruby 3.4.5 -- --with-openssl-lib=/usr/lib/x86_64-linux-gnu
# mac
# openssldir=$(brew --prefix openssl)
# something like /opt/homebrew/opt/openssl@3
# fedora
# openssldir=/usr/lib64
@jkeam
jkeam / openshift-login-vm-on-cluster.sh
Created July 1, 2025 02:03
Log into the OpenShift cluster using the CLI from a VM running on OpenShift Virtualization.
#!/bin/bash
oc login --token=sha256~randomstuff --server=https://apiserver.openshift-kube-apiserver.svc.cluster.local
@jkeam
jkeam / scansettingbinding-partial.yaml
Created June 23, 2025 23:29
Just the profiles of a ScanSettingBinding
profiles:
- apiGroup: compliance.openshift.io/v1alpha1
kind: Profile
name: ocp4-stig-v2r2
- apiGroup: compliance.openshift.io/v1alpha1
kind: Profile
name: rhcos4-stig-v2r2
- apiGroup: compliance.openshift.io/v1alpha1
kind: Profile
name: ocp4-stig-node-v2r2
@jkeam
jkeam / imageset-config.yaml
Created June 23, 2025 15:21
Imagset Config
kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v2alpha1
mirror:
platform:
# Uncommenting the following two lines and updating to reflect your specific architecture, will help decrease the size of the mirrored content.
# architectures:
# - amd64
channels:
- type: ocp