Skip to content

Instantly share code, notes, and snippets.

View limed's full-sized avatar

Ed Lim limed

33 followers · 14 following
View GitHub Profile
@limed
limed / heka-init
Created February 18, 2016 23:23
heka init scripts with supervisord
#!/bin/bash
#
# chkconfig: 35 68 38
# description: Starts heka with supervisord
PATH=/usr/local/bin:/usr/local/sbin:$PATH
NAME=hekad
LOCK_FILE="/var/lock/subsys/${NAME}"
SUPERVISORCTL="/usr/local/bin/supervisorctl"
@limed
limed / gist:14bb346afff536b80efd
Last active April 28, 2016 18:02
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i lo -m comment --comment "000 allow inbound lo" -j ACCEPT
-A INPUT -s 127.0.0.0/8 -i lo -p tcp -m comment --comment "000 reject local traffic inbound on loopback" -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p icmp -m comment --comment "001 allow inbound icmp" -j ACCEPT
-A INPUT -i eth0 -p udp -m multiport --sports 53 -m multiport --dports 1025:65535 -m comment --comment "002 allow inbound udp dns eth0" -j ACCEPT
-A INPUT -i eth1 -p udp -m multiport --sports 1025:65535 -m multiport --dports 53 -m comment --comment "002 allow inbound udp dns eth1" -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --sports 53 -m multiport --dports 1025:65535 -m comment --comment "003 allow tcp inbound dns eth0" -j ACCEPT
-A INPUT -i eth1 -p tcp -m multiport --sports 1025:65535 -m multiport --dports 53 -m comment --comment "003 allow tcp inbound dns eth1" -j ACCEPT
@limed
limed / test-proxy
Last active March 30, 2016 09:10
Test to see if nubis nat is working
#!/bin/bash
echo " ---- Proxy hosts are --- "
host proxy.service.consul
echo
echo " --- Unset proxy environment variables --- "
unset HTTP_PROXY
unset HTTPS_PROXY
unset http_proxy
@limed
limed / dd-backup
Last active August 11, 2016 21:55
#!/bin/bash
# dd hardrive from remote host to an nfs drive
WHERE=$1
WHO=elim
DISK=sda
function usage() {
echo "Usage: $0 [hostname]"
}
@limed
limed / google-netblocks
Last active April 28, 2016 18:01
Dump out google apps netblock through spf records, only gets ipv4 for now
#!/bin/bash
# Parse out ipv4 netblocks
set -eu
# If I'm a mac host use sed -E otherwise use sed -r like a normal person
if [[ $OSTYPE = "darwin"* ]]; then
SED='sed -E'
else
SED='sed -r'
@limed
limed / nntp-stats.py
Last active May 23, 2016 21:45
Calculates nntp stats
#!/usr/bin/env python
import nntplib
import re
import sys
usage = """./nntp-stats [nntp-group-name]"""
if len(sys.argv) < 2:
print usage
@limed
limed / error
Created May 26, 2016 20:56
May 26 19:47:33 2016 (13059) Traceback (most recent call last):
File "/usr/lib/mailman/Mailman/Queue/NewsRunner.py", line 87, in _dispose
conn.quit()
File "/usr/lib64/python2.6/nntplib.py", line 608, in quit
resp = self.shortcmd('QUIT')
File "/usr/lib64/python2.6/nntplib.py", line 267, in shortcmd
self.putcmd(line)
File "/usr/lib64/python2.6/nntplib.py", line 205, in putcmd
self.putline(line)
File "/usr/lib64/python2.6/nntplib.py", line 200, in putline
@limed
limed / nubis-users.tmpl
Last active July 29, 2016 21:54
confd template for puppet user
# Generated by confd {{datetime}}
# Ensure that unknown users are purged
resources { 'user':
purge => true,
noop => true, # noop for now
}
# make sure some default users don't get killed
users { 'default-ec2-user':
@limed
limed / consul-test.go
Created August 4, 2016 23:18
Me playing with consul go library
package main
import (
consul "github.com/hashicorp/consul/api"
"log"
)
type ConsulClient struct {
client *consul.KV
}
@limed
limed / tester.tmpl
Last active August 5, 2016 19:29
# Generated by confd {{datetime}}
---
{{ $serial := get "/serial" }}# Serial: {{ $serial.Value }}
{{ range $users := ls (print "/global-admins/" $serial.Value) }}
{{ $uid := get (print "/global-admins/" $serial.Value "/" $users "/uid") }}
{{ range $keys := getvs (print "/global-admins/" $serial.Value "/" $users "/sshpubkey*") }}
- user: {{ $users }}
uid: {{ $uid.Value }}
keys: