Skip to content

Instantly share code, notes, and snippets.

View liejuntao001's full-sized avatar

Liejun Tao liejuntao001

13 followers · 6 following
View GitHub Profile
@liejuntao001
liejuntao001 / iptables.conf.template
Last active May 10, 2020 09:30
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:FILTERS - [0:0]
:DOCKER-USER - [0:0]
-F INPUT
-F DOCKER-USER
-F FILTERS
@liejuntao001
liejuntao001 / dind_podtemplate.groovy
Created January 21, 2020 22:38
// Reference https://github.com/jenkinsci/kubernetes-plugin/blob/master/examples/dind.groovy
/*
“Docker-in-Docker”: runs a Docker-based build where the Docker daemon and client are both defined in the pod.
This allows you to control the exact version of Docker used.
(For example, try DOCKER_BUILDKIT=1 to access advanced Dockerfile syntaxes.)
There is no interaction with the container system used by Kubernetes:
docker.sock does not need to be mounted as in dood.groovy.
May or may not work depending on cluster policy: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
*/
@liejuntao001
liejuntao001 / knockd cheetsheet
Created December 16, 2019 06:23
Server side
# /etc/knockd.conf
[options]
UseSyslog
[openSSH]
sequence = 3000,4000,5000,6000
seq_timeout = 15
command = /sbin/iptables -I INPUT 1 -s %IP% -p tcp --dport 22 -j ACCEPT
@liejuntao001
liejuntao001 / zfs in ubuntu 19.10
Created December 4, 2019 18:25
# References
https://docs.oracle.com/cd/E19253-01/819-5461/gayog/index.html
https://gist.github.com/satmandu/4da5e900c2c80c93da38c76537291507
# Commands to add a zfs volume
sudo zfs create -o mountpoint=/home/me/workspace rpool/USERDATA/me_workspace1_c7bzj1
sudo zfs create -o mountpoint=/home/me/VirtualBoxVMs rpool/USERDATA/me_virtualbox_c7bzj1
@liejuntao001
liejuntao001 / fail2ban cheetsheet
Created December 2, 2019 16:24
# manually unban ip
fail2ban-client set apache-auth unbanip xx.xx.xx.xx
set <JAIL> unbanip <IP>
@liejuntao001
liejuntao001 / diff lots of files
Last active November 30, 2019 05:10
# this is to handle a case of comparing a volume of 90G against its backup
# there are some huge files inside it (3G, 20G)
# https://unix.stackexchange.com/questions/111251/compare-massive-directories-with-progress-report
# find out the total file count
find dir1 -type f | wc -l
# comapre and show progress. filecount is the number from above step
diff -rqs dir1 dir2 | pv -l -s filecount | tee logfile | grep -v "^Files .* identical$"
@liejuntao001
liejuntao001 / restic cheetsheet
Last active November 30, 2019 02:54
# create .restic.env with the values:
export RESTIC_REPOSITORY=
export RESTIC_PASSWORD=
# if using s3 as backend
export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
# test if the restic repository exist. if this gives error, create it
restic snapshots
@liejuntao001
liejuntao001 / s3cmd cheetsheet
Created November 28, 2019 18:21
# list
s3cmd ls s3://os-test/
# put a file
s3cmd put commit-msg s3://os-test/
# put a file as public
s3cmd put commit-msg s3://os-test/ -P
# put as private
@liejuntao001
liejuntao001 / borg cheetsheet
Created November 28, 2019 17:52
borg list artifact
borg list artifact::artifact-2019-11-28T03:30:09 home/scm
borg list artifact::artifact-2019-11-28T03:30:09 home/scm/bin/helper.sh
borg extract artifact::artifact-2019-11-28T03:30:09 home/scm/bin/helper.sh
@liejuntao001
liejuntao001 / docker_build.yml
Last active October 21, 2019 20:52
# this is a template to do docker build in Kubernetes
# Refer to my article https://medium.com/swlh/fast-docker-build-in-kubernetes-f52088854f45
apiVersion: v1
kind: Pod
metadata:
name: docker-build
spec:
volumes:
- name: dind-storage
emptyDir: {}