Skip to content

Instantly share code, notes, and snippets.

View justinstoller's full-sized avatar

Justin Stoller justinstoller

49 followers · 24 following
View GitHub Profile
@justinstoller
justinstoller / gist:be74065c3299ec88fdd27afb6414de2a
Created March 18, 2019 20:49
#!/bin/bash
numProc=`cat /proc/cpuinfo | grep processor | wc -l`
megsMem=`cat /proc/meminfo | grep MemTotal | grep -Eo '[[:digit:]]+' | awk '{print int(($0 / 1000) +0.5)}'`
# JRuby 9k requires more space for codecaching
# and metaspace
if [[ $numProc -gt 6 ]]; then
codeCache=512
@justinstoller
justinstoller / results.rb
Created March 18, 2019 21:32
require 'date'
require 'pp'
pid = /^(\d+)\s*/
time = /\s*(\d{2}:\d{2}:\d{2}\.\d+)\s*/
scall = /\s*(\w+)\(/
rescall = /<\.\.\. (\w+) resumed/
status = /\s=\s(-?\d+)/
dur = /\s*<(\d+\.\d+)>/
fin_line = /#{pid}#{time}#{scall}.*#{status}.*#{dur}$/
@justinstoller
justinstoller / gist:5b1ea29f97fda60b3136e1150c007807
Created April 8, 2019 23:09
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/r10k-3.1.1/lib/r10k/util/symbolize_keys.rb:14:in `symbolize_keys!'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/r10k-3.1.1/lib/r10k/settings/collection.rb:51:in `assign'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/r10k-3.1.1/lib/r10k/settings/collection.rb:36:in `evaluate'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/r10k-3.1.1/lib/r10k/action/runner.rb:66:in `setup_settings'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/r10k-3.1.1/lib/r10k/action/runner.rb:30:in `call'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/r10k-3.1.1/lib/r10k/action/cri_runner.rb:67:in `call'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/cri-2.15.1/lib/cri/command_dsl.rb:303:in `block in runner'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/cri-2.15.1/lib/cri/command.rb:359:in `run_this'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/cri-2.15.1/lib/cri/command.rb:296:in `run'",
"/opt/puppetlabs/puppet/lib/ruby/gems/2.5.0/gems/cri-2.1
@justinstoller
justinstoller / get-catalog
Created April 11, 2019 05:31
demo
curl -k \
--key $(puppet config print hostprivkey) \
--cert $(puppet config print hostcert) \
--cacert $(puppet config print localcacert) \
--url https://$(puppet config print server):8140/puppet/v4/catalog \
-H 'Content-Type: application/json' \
-d @$1
@justinstoller
justinstoller / openssl.sh
Created May 29, 2019 21:04
fips stuff
tk-jetty9 justin (newjetty %) ‖ cat osx
TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
@justinstoller
justinstoller / irb session
Last active April 8, 2020 18:57
Puppet Server Dev Debugger
puppetserver justin (master *$%<>) ‖ wget https://gist.githubusercontent.com/justinstoller/aa2f0ede214c42adede9278085a55051/raw/e089a2474608af9d42fff1ba2832f3e989b2f562/puppet_server_helper.rb
puppetserver justin (master *$%<>) ‖ lein gem install pry-nav
puppetserver justin (master *$%<>) ‖ lein irb
....
irb(main):002:0> load './puppet_server_helper.rb'
=> true
irb(main):005:0> req = @helper.basic_catalog_request
@justinstoller
justinstoller / broken-ca-cert.pem
Last active August 8, 2019 16:18
fips integration work
08:54:04 sellout:puppetserver justin (master *<>) ‖ cat ~/.puppetlabs/etc/puppet/ssl/certs/ca.pem
-----BEGIN CERTIFICATE-----
MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQsFADAfMR0wGwYDVQQDDBRQdXBw
ZXQgQ0E6IGxvY2FsaG9zdDAeFw0xOTA4MDcxNTUzMjhaFw0yNDA4MDYxNTUzMjha
MB8xHTAbBgNVBAMMFFB1cHBldCBDQTogbG9jYWxob3N0MIICIjANBgkqhkiG9w0B
AQEFAAOCAg8AMIICCgKCAgEAoFiE1ox1AuQRuba/vkyy/TbNa+MtBYL1Fbn0BaLm
M6+uXfO8HZLdjthBW0YYOdSIrozPmz/R+9HklZHyxr0IhJHhgOFpeRhA31cj1DIi
Za4SD3vyfjGyiH1B6dYUSy3RyWQqE9QxLCQtI+UwCYpNMqa+EAsycHnhLrkbDfcn
T5+Gx444NJjNiiEKCAIrblVtdhtcx3x8a5lLiW8NU0ChzFBDsrevB36epw3oZ6aj
@justinstoller
justinstoller / Puppetfile.rb
Last active August 23, 2019 18:23
Puppetfile nonsense
forge "http://forge.puppetlabs.com"
mod 'puppetlabs-stdlib',
git: 'git://github.com/puppetlabs/puppetlabs-stdlib.git',
commit: '653f2fb34b1586476f96883cf352253acf60c331'
mod 'puppetlabs-concat',
git: 'git://github.com/puppetlabs/puppetlabs-concat.git',
commit: 'e10a7a40e80c30ead4d33ffe421fde18999fd72d'
@justinstoller
justinstoller / logback1.xml
Created December 6, 2019 18:17
<configuration scan="true">
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d %-5p [%t] [%c{2}] %m%n</pattern>
</encoder>
</appender>
<logger name="org.eclipse.jetty" level="warn"/>
<logger name="org.apache.http" level="warn"/>
<logger name="org.jruby" level="warn"/>
@justinstoller
justinstoller / README.md
Created December 17, 2019 22:13 — forked from chadh/README.md
Puppet Server with AWS Certificate Manager as External Root CA

Here are the set of steps I ultimately came up with when trying to set up Puppet 6 servers in AWS using an ACM private CA for the Root.

  1. Create Private CA in AWS Certificate Manager

    • Type: Root
    • Common Name: domain.int (whatever you want)
    • Key Algorithm: RSA 2048
    • provide S3 Bucket for storing CRL

  2. Generate Private Key and CSR for each Puppet Server’s Intermediate CA certificate:

    • configuration for openssl command (certreq.cnf):