Skip to content

Instantly share code, notes, and snippets.

View joaosa's full-sized avatar
🕺

João Sousa Andrade joaosa

🕺
36 followers · 20 following
View GitHub Profile
@mowings
mowings / masq.sh
Last active September 25, 2023 20:00
script to get xet xhyve working with all vpn interfaces
#!/bin/bash
interfaces=( $(netstat -in | egrep 'utun\d .*\d+\.\d+\.\d+\.\d+' | cut -d ' ' -f 1) )
rulefile="rules.tmp"
echo "" > $rulefile
sudo pfctl -a com.apple/tun -F nat
for i in "${interfaces[@]}"
do
RULE="nat on ${i} proto {tcp, udp, icmp} from 192.168.64.0/24 to any -> ${i}"
echo $RULE >> $rulefile
done
@jkrasnay
jkrasnay / swagger-jq.sh
Last active July 19, 2023 02:49
Processing Swagger with jq
# Convert to TSV
# Note -r flag
# to_entries creates an array of key,value maps, the trailing [] converts this array to stream items
cat api-docs.json | jq -r '.paths | to_entries[] | .key as $path | .value | to_entries[] | [.key,$path,.value.tags[0]] | @tsv'
# Transform into different JSON...
cat api-docs.json | jq '[ .paths | to_entries[] | .key as $path | .value | to_entries[] | { path:$path, method:.key, tag:.value.tags[0] } ]'
@irvingpop
irvingpop / ssh_key.tf
Last active January 23, 2025 09:07
Terraform external data source example - dynamic SSH key generation
# ssh key generator data source expects the below 3 inputs, and produces 3 outputs for use:
# "${data.external.ssh_key_generator.result.public_key}" (contents)
# "${data.external.ssh_key_generator.result.private_key}" (contents)
# "${data.external.ssh_key_generator.result.private_key_file}" (path)
data "external" "ssh_key_generator" {
program = ["bash", "${path.root}/../ssh_key_generator.sh"]
query = {
customer_name = "${var.customer_name}"
customer_group = "${var.customer_group}"
@joepie91
joepie91 / wildcard-certificates.md
Last active July 2, 2024 11:59
Why you probably shouldn't use a wildcard certificate

Recently, Let's Encrypt launched free wildcard certificates. While this is good news in and of itself, as it removes one of the last remaining reasons for expensive commercial certificates, I've unfortunately seen a lot of people dangerously misunderstand what wildcard certificates are for.

Therefore, in this brief post I'll explain why you probably shouldn't use a wildcard certificate, as it will put your security at risk.

A brief explainer

It's generally pretty poorly understood (and documented!) how TLS ("SSL") works, so let's go through a brief explanation of the parts that are important here.

The general (simplified) idea behind how real-world TLS deployments work, is that you:

@hiroaki-yamamoto
hiroaki-yamamoto / handle_code_137_docker.md
Last active July 22, 2024 16:36
How to handle exit code 137 on docker

Problem

When you use docker with "multiple commands", you will write scripts like this:

run.sh

#!/bin/sh -e

pip install --upgrade poetry
poetry config settings.virtualenvs.create false
poetry install
@wuct
wuct / deadlock.rs
Created June 29, 2020 11:49
A deadlock example in Rust with threads and `Mutex`
use std::sync::{Arc, Mutex};
use std::thread;
fn main() {
let a = Arc::new(Mutex::new(0));
let b = Arc::new(Mutex::new(0));
let mut handles = vec![];
{
let a = Arc::clone(&a);