Skip to content

Instantly share code, notes, and snippets.

View maxim's full-sized avatar
🛠️

Max Chernyak maxim

🛠️
218 followers · 20 following
View GitHub Profile
@maxim
maxim / custom_plugins.py
Created July 7, 2014 19:50
from jinja2 import contextfilter
class FilterModule(object):
''' Extra filters '''
def filters(self):
return {
'percent_of': self.percent_of,
'of_ram': self.of_ram
}
@maxim
maxim / deps.rb
Created July 7, 2014 14:59
Show role hierarchy for Ansible
#!/usr/bin/env ruby
require 'yaml'
PLAYS_DIR = '.'
ROLES_DIR = './roles'
def deps_of(role)
dep_path = File.join(ROLES_DIR, "#{role}/meta/main.yml")
File.exists?(dep_path) ? (YAML.load_file(dep_path)['dependencies'] || []) : []
@maxim
maxim / tasks.yml
Created June 26, 2014 21:02
How to recursilvely chmod dirs and files (separately) with Ansible, without always seeing "changed" status.
- name: ensure all dir permissions are set correctly
shell: find /my/dir -type d -print0 | xargs -0 chmod -c 2755
register: chmod_result
changed_when: "chmod_result.stdout != \"\""
- name: ensure all file permissions are set correctly
shell: find /my/dir -type f -print0 | xargs -0 chmod -c 0650
register: chmod_result
changed_when: "chmod_result.stdout != \"\""
@maxim
maxim / tasks.yml
Last active June 15, 2016 03:41
Copy file on remote machine in ansible
- name: ensure file exists at path
shell: rsync -ci /source/path /destination/path
register: rsync_result
changed_when: "rsync_result.stdout != ''"
@maxim
maxim / permissions_cheatsheet.txt
Created June 15, 2014 20:53
# Permissions cheatsheet
`chmod [a]bcd`
* bit a — sticky:1/setgid:2/setuid:4 (optional, default: 0)
* bit b — owner | x:1/w:2/r:4 - xw:3/xr:5/wr:6/xwr:7
* bit c — group | x:1/w:2/r:4 - xw:3/xr:5/wr:6/xwr:7
* bit d — everyone | x:1/w:2/r:4 - xw:3/xr:5/wr:6/xwr:7
note: only file/dir owner can chmod it
@maxim
maxim / key_authorization.rb
Created June 13, 2014 01:36
def authorize_key_for_root(config, *key_paths)
[*key_paths, nil].each do |key_path|
if key_path.nil?
fail "Public key not found at following paths: #{key_paths.join(', ')}"
end
full_key_path = File.expand_path(key_path)
if File.exists?(full_key_path)
config.vm.provision 'file',
@maxim
maxim / task.yml
Created June 12, 2014 11:09
Adding github to known_hosts with ansible
- name: ensure github.com is a known host
lineinfile:
dest: /root/.ssh/known_hosts
create: yes
state: present
line: "{{ lookup('pipe', 'ssh-keyscan -t rsa github.com') }}"
regexp: "^github\\.com"
@maxim
maxim / task.yml
Created June 10, 2014 18:11
ansible task for ensuring postgresql extension exists without skipping or perpetual "changed"
- name: ensure postgresql hstore extension is created
sudo: yes
sudo_user: postgres
shell: "psql {{ postgresql_database }} -c 'CREATE EXTENSION hstore;'"
register: psql_result
failed_when: >
psql_result.rc != 0 and ("already exists" not in psql_result.stderr)
changed_when: "psql_result.rc == 0"
@maxim
maxim / node-init.md
Created March 29, 2014 20:57

Upon launch of custom base box intended as app behind load balancer:

  1. [serf] join cluster, update lists
  2. update local iptables
  3. [serf] announce presence (already part of step 1?)
  4. provision self (chef/ansible/docker/etc)
  5. pull app (deploy to self from git, deb, docker, could be part of step 4?)
  6. [serf] announce online
@maxim
maxim / cloud-provider-solutions.md
Last active August 29, 2015 13:57
Problem AWS DigitalOcean
Network isolation Private Cloud/Security Groups tinc / n2n / freelan
Node initialization CloudInit/User Data ?
Node discovery EC2 API Serf
Pull app on scale More Like This Serf
Distributed config etcd etcd