nicerobot

#!/bin/bash -e
# wait-for-postgres.sh
# Adapted from https://docs.docker.com/compose/startup-order/

# Expects the necessary PG* variables.

until psql -c '\l'; do
  echo >&2 "$(date +%Y%m%dt%H%M%S) Postgres is unavailable - sleeping"
  sleep 1
done

jessereynolds

Puppet Node Purging via API

When you're decomissioning a machine that has been managed by Puppet you may want to programatically clean up the node. There are two parts to this:

• revoking and deleting the certificate of the node in Puppet's CA
• deactivating the node in PuppetDB

The following should work for Puppet 4.x and Puppet DB 4.x (including Puppet Enterprise 2016.4.x, 2017.1.x, 2017.2.x).

I've used certificate based auth, and the examples are being run from the puppet master so make use of existing certificates for authentication. When run remotely the cacert, certificate and corresponding private key for authentication will need to be present.

ptarjan

Scaling your API with rate limiters

The following are examples of the four types rate limiters discussed in the accompanying blog post. In the examples below I've used pseudocode-like Ruby, so if you're unfamiliar with Ruby you should be able to easily translate this approach to other languages. Complete examples in Ruby are also provided later in this gist.

In most cases you'll want all these examples to be classes, but I've used simple functions here to keep the code samples brief.

Request rate limiter

This uses a basic token bucket algorithm and relies on the fact that Redis scripts execute atomically. No other operations can run between fetching the count and writing the new count.

ikrauchanka

/*
Program require access to S3 objects.
It will download gz file, gunzip it, read flat file and convert output into json. 
You can use output as a data in HTTP and stream into elastic search(or ELK).
INFO: https://aws.amazon.com/blogs/aws/vpc-flow-logs-log-and-view-network-traffic-flows/
*/
package main

import (
	"bufio"

kennwhite

package main

import (
	"crypto/tls"
	"golang.org/x/crypto/acme/autocert"
	"log"
	"net"
	"net/http"
)

tboerger

package main

import (
  "fmt"
  "strings"
  "gopkg.in/ldap.v2"
)

const (
  ldapServer = "ad.example.com:389"

jgsqware

On master and nodes

Pull images form internet access laptop

docker pull gcr.io/google_containers/kube-apiserver-amd64:v1.5.0
docker pull gcr.io/google_containers/kube-controller-manager-amd64:v1.5.0
docker pull gcr.io/google_containers/kube-proxy-amd64:v1.5.0
docker pull gcr.io/google_containers/kube-scheduler-amd64:v1.5.0
docker pull weaveworks/weave-npc:1.8.2
docker pull weaveworks/weave-kube:1.8.2

TheFlyingCorpse

# On PuppetServer (master/ca), restart puppetserver after modifying.
# vi /etc/puppetlabs/puppetserver/conf.d/auth.conf
        {
            # Allow RUNE to remove shit
            match-request: {
                path: "/puppet-ca/v1/certificate_status"
                type: regex
            }
            allow: "magicscript"
            sort-order: 200

ojkelly

local usbWatcher = nil

-- This is our usbWatcher function
-- lock when yubikey is removed
function usbDeviceCallback(data)
    -- this line will let you know the name of each usb device you connect, useful for the string match below
    hs.notify.show("USB", "You just connected", data["productName"])
    -- Replace "Yubikey" with the name of the usb device you want to use.
    if string.match(data["productName"], "Yubikey") then
        if (data["eventType"] == "added") then

tylerapplebaum

<#
.SYNOPSIS
An MTR clone for PowerShell.
Written by Tyler Applebaum.
Version 2.1

.LINK
https://gist.github.com/tylerapplebaum/dc527a3bd875f11871e2
http://www.team-cymru.org/IP-ASN-mapping.html#dns