Skip to content

Instantly share code, notes, and snippets.

View mlbiam's full-sized avatar

Marc Boorshtein mlbiam

42 followers · 0 following
View GitHub Profile
@mlbiam
mlbiam / argocd-ingress.yaml
Last active January 9, 2023 00:08
blog-k8s-auth-compare
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-server-http-ingress
namespace: argocd
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
spec:
@mlbiam
mlbiam / openunison-vcluster-values.yaml
Last active December 18, 2023 06:15
vcluster-blog
network:
openunison_host: "k8sou.apps.212.2.242.251.nip.io"
dashboard_host: "k8sdb.apps.212.2.242.251.nip.io"
api_server_host: "k8sapi.apps.212.2.242.251.nip.io"
session_inactivity_timeout_seconds: 900
k8s_url: https://0.0.0.0:6443
force_redirect_to_tls: true
createIngressCertificate: true
ingress_type: nginx
ingress_annotations:
@mlbiam
mlbiam / vcluster-creation.yaml
Created August 15, 2022 20:01
vcluster-openunison-blog
---
apiVersion: v1
kind: Namespace
metadata:
name: vcluster-blog
spec: {}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
@mlbiam
mlbiam / cert-2
Last active August 17, 2022 11:56
metadata
-----BEGIN CERTIFICATE-----
MIIG2zCCBcOgAwIBAgIQBM6JL/SX6DSAwk8ARvpB5zANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjA4MTcwMDAwMDBa
Fw0yMzA4MTcyMzU5NTlaMHQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJnaW5p
YTEQMA4GA1UEBxMHRmFpcmZheDEiMCAGA1UEChMZRmFpcmZheCBDb3VudHkgR292
ZXJubWVudDEcMBoGA1UEAxMTaWFtcy1zYW1sLm5jcm5ldC51czCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMBAzgwJLQ1JMs4IHogplzQFrVIx1ZjZ5aOO
SHaGx2ZQMpFpwrWuhYfWZ3YSlahRjif4NouRQMmd0KwZAtd1jJDj32Wk7lMDMvbT
5O8sN5xL10KxSc0DG+a2hkgyIjJwohykQ0HZ+ZyVFJkzBCIfhWZBv1VrdkC+k4RF
@mlbiam
mlbiam / ldap_check_alive.sh
Created February 20, 2022 15:47
ldap_check_alive.sh
#!/bin/bash
USER_DN="cn=ou_svc_account,ou=Users,DC=sub,DC=domain,DC=com"
USER_PASSWORD="start123"
PORT="10983"
if ! $(ldapsearch -x -D $USER_DN -w $USER_PASSWORD -b $USER_DN -s base -H ldap://127.0.0.1:$PORT/ -l 10 > /dev/null ) ; then
echo "failed"
# hard kill
kill -9 $(ps -A | grep java | awk '{print $1}')
@mlbiam
mlbiam / create-user-namespace.yaml
Last active October 20, 2021 00:16
Creates a namespace owned by the logged in user
---
apiVersion: openunison.tremolo.io/v1
kind: Workflow
metadata:
name: create-user-namespace
namespace: openunison
labels:
app.kubernetes.io/name: openunison
app.kubernetes.io/instance: openunison-orchestra
app.kubernetes.io/component: openunison-workflows
@mlbiam
mlbiam / gen_kube_config.py
Last active April 11, 2021 15:15
import jwt
import yaml
from uuid import uuid4
import datetime
import sys
import json
import tempfile
from os import system
# Generate a kubernetes configuration from a private key
@mlbiam
mlbiam / python-k8s-client.py
Created January 22, 2021 01:19
import requests
import logging
from urllib.parse import urlparse
from urllib.parse import parse_qs
import json
from os import system
from kubernetes import client, config
#logging.basicConfig(level=logging.DEBUG)
@mlbiam
mlbiam / orchestra-login-central-cluster.yaml
Last active August 23, 2020 18:09
Add Cluster to Centralized OpenUnison
apiVersion: openunison.tremolo.io/v1
kind: Org
metadata:
name: cluster2
namespace: openunison
spec:
description: "My second cluster"
uuid: 04901973-5f4c-46d9-9e22-55e88e168776
parent: B158BD40-0C1B-11E3-8FFD-0800200C9A66
showInPortal: true
@mlbiam
mlbiam / HeaderAuthenticate.php
Created January 4, 2020 20:38
<?php
if (!defined('sugarEntry') || !sugarEntry) {
die('Not A Valid Entry Point');
}
require_once('modules/Users/authentication/SugarAuthenticate/SugarAuthenticate.php');
class HeaderAuthenticate extends SugarAuthenticate
{