Skip to content

Instantly share code, notes, and snippets.

@mattwillsher
mattwillsher / hashinstall.sh
Last active August 4, 2019 17:21
Script to install any of the Hashicorp tools to a given path, including GPG verification of download integrity. Write on Ubuntu, test on desktop and cloud image
#!/bin/bash
# A simple script to install Hashicorp tools with GPG key verification
set -euo pipefail
# Set DEST_PATH if not already set
HASHI_DEST_PATH="${HASHI_DEST_PATH:-/usr/local/bin}"
# Clean up downloaded files
HASHI_CLEAN="${HASHI_CLEAN:-true}"
### Keybase proof
I hereby claim:
* I am mattwillsher on github.
* I am mattwillsher (https://keybase.io/mattwillsher) on keybase.
* I have a public key ASBIrTYeVPdP4MN6h1Klspi7q7ENeowDGtBkt3fJyALm1Ao
To claim this, I am signing this object:

Keybase proof

I hereby claim:

  • I am mattwillsher on github.
  • I am mattwillsher (https://keybase.io/mattwillsher) on keybase.
  • I have a public key ASC9IclgVf3W1ytoDP4f5MP5PPrFOyQOUifmKeT-8mD2ugo

To claim this, I am signing this object:

roles/nginx/meta/main.yml

dependencies:
  - update_apt_cache

roles/update_apt_cache/main.yml

@mattwillsher
mattwillsher / gist:dd1f68fa3ab13a105120
Created December 9, 2014 09:43
Ubuntu Packer file
{
"builders": [
{
"type": "vmware-iso",
"name": "ubuntu-{{ user `ubuntu_release` }}-server-amd64",
"guest_os_type": "ubuntu-64",
"iso_url": "http://releases.ubuntu.com/{{ user `ubuntu_release` }}/ubuntu-{{ user `ubuntu_release` }}-server-amd64.iso",
"iso_checksum": "{{ user `ubuntu_iso_sha256` }}",
"iso_checksum_type": "sha256",
"http_directory": "http",
@mattwillsher
mattwillsher / grant_github_user_access
Last active May 4, 2023 12:03
A script to pull SSH keys for a give GitHub user and add those keys to the current users authorized_keys file.
#!/bin/bash
#
# (c)2014 Matt Willsher <[email protected]>
#
# Licensed under GPLv3 http://www.gnu.org/licenses/gpl.txt
#
umask 077
if [[ $EUID == 0 ]]; then
echo "This script can't be used as root" >&2
@mattwillsher
mattwillsher / gist:5224874
Created March 22, 2013 21:25
$ENV(HOME) => Array
---
- name: Setup Vagrant environment
hosts: 127.0.0.1
connection: local
vars:
- vagrantbox: CentOS-6.4-x86_64-v201303090
- vagrantdir: $ENV(HOME)/Development/ansible/$vagrantbox
tasks:
- name: Directory $vagrantdir
file: path=$vagrantdir
@mattwillsher
mattwillsher / gist:5188907
Last active December 15, 2015 02:39
Ansible simple interfaces into playbooks
This playbook, in playbooks/sshd/set_key_value.yml:
---
- name: Set sshd_config $key $value
hosts: $hosts
vars_files:
- [ "vars/$ansible_distribution.yml", "vars/os_defaults.yml" ]
tasks:
- include: tasks/set_config_item.yml key=$key value=$value
handlers:
- include: handlers/sshd.yml
@mattwillsher
mattwillsher / gist:4139117
Created November 24, 2012 10:29
Capifony evaluation
+ Backs up DB
- Poor db permission handling
- Bad data hygiene, db can be copied prod to dev, dev to prod
- dumps assets at the remote end, potentially increasing dependencies (e.g. node, java)
- installs vendors/bundles at the remote end
- installs composer via curl | via shell (even as root!)
- uncontrolled composer versioning for composer itself. update installs the latest via the curl | shell method.
+ Comprehensive control of post installation tasks
+ Can deploy as non-root user
- Symlinks add overhead
@mattwillsher
mattwillsher / gist:3610368
Created September 3, 2012 16:11 — forked from Bendihossan/gist:3610275
Composer workflow with Git

Composer Workflow

Example of why composer.lock should be version controlled and workflow of how it can be used.

The reason we put ranges in composer.json is so that we can check for updates in our development environment and test our source code works with it BEFORE it goes into production.

The reason we have specific versions of vendors in composer.lock is so that we can version it and install the application into production environments with the versions we have tested while in development. Because of this we never run composer update on a production environment.

Creating an Application