Skip to content

Instantly share code, notes, and snippets.

View nitrocode's full-sized avatar
🚀
Thinking and typing

RB nitrocode

🚀
Thinking and typing
103 followers · 94 following
View GitHub Profile
@nitrocode
nitrocode / battery.sh
Last active October 29, 2024 16:44
#!/bin/bash
# Thanks to Andrew Zhang in hangops on 2024-10-18
# Get the battery percentage
battery_info=$(pmset -g batt)
battery_discharging=$(echo "$battery_info" | grep discharging -c)
battery_percentage=$(echo "$battery_info" | grep -o "[0-9]*%" | tr -d '%')
# Check if the battery percentage is less than threshold
@nitrocode
nitrocode / save-money-aws.md
Last active October 29, 2024 16:22
Saving money in aws
  • Cell based architecture to reduce traffic over azs
  • Ipv6 to remove nats
  • Nat instances using alternat
  • S3 bucket key enablement for encrypted buckets to reduce kms
  • Savings plans instead of reserved instances
  • Restricting services and regions by scps
  • Aws budgets on cost and usage
  • Using nlbs instead of albs
  • Rightsizing
  • Spot instances
@nitrocode
nitrocode / kandji-local-homebrew-xz-check.md
Last active May 10, 2024 21:32
kandji-local-homebrew-xz-check.sh

Use Kandji to run local homebrew commands

The current script simply uses kandji to run local homebrew to upgrade xz if it's vulnerable.

This is very useful if kandji was not used to provision homebrew and was installed by the user.

The way it works is

  1. Get the prefix of homebrew which is different if on arm or x86
  2. Determine the user that installed homebrew
@nitrocode
nitrocode / renovatebot_cheat_sheet.md
Created November 2, 2023 23:18
Renovatebot cheat sheet

Renovatebot Cheat Sheet

Run locally

docker run --rm -ti \
  -e LOG_LEVEL=debug \
  -e GITHUB_COM_TOKEN="$GITHUB_COM_TOKEN" \
  -v /tmp:/tmp \
 -v $(pwd):/usr/src/app \
@nitrocode
nitrocode / aws-cheat-sheet.md
Last active February 29, 2024 00:15
AWS (awscli) Cheat Sheet

AWS Cheat Sheet

Just some quick cli commands to help in specific situations

Get max asg desired capacity over a period

This grabs the max desired capacity in the last 30 days then uses jmespath max to get the max of the returned time series.

aws cloudwatch get-metric-statistics \
@nitrocode
nitrocode / iam-policy-to-modify-ec2s-own-tags.md
Created February 27, 2023 18:49
IAM policy to describe and create tags on its own instance 
data "aws_iam_policy_document" "hello" {
  statement {
    sid       = "VisualEditor0"
    effect    = "Allow"
    resources = ["arn:<PARTITION>:ec2:<REGION>:<ACCOUNT_ID>:instance/${ec2:InstanceID}"]
    actions   = ["ec2:CreateTags"]
@nitrocode
nitrocode / multi-account-role-assumption.md
Last active February 16, 2023 05:48
Multi account role assumption

multi account role assumption

Here are the steps

  1. Identify an ingress aws account for your primary aws role (where atlantis first assumes a role)
  2. Create standard iam roles across each aws account that allows the role from 1 (primary aws role) to assume these new roles
  3. Stand up atlantis and have it assume role 1 (primary aws role) by default
  4. Use the terraform block in each terraform root dir to assume the appropriate role. If you do not have an internal account map module, you can hard code the role_arn in the aws provider block.



  


  




    


          
    

      

        
        

          

              @nitrocode
          

          

            
                nitrocode
                / 1password-cli-op-cheatsheet.md
            
            

              Created
              February 2, 2023 23:51
            

              
                1password-cli (op) cheatsheet
              
          

        

      

        

  

      

    
1password-cli (op) cheatsheet


This came in handy when rummaging, managing, deduplicating, and improving the health of a company 1password


List all vault names


op vault list | cut -d' ' -f4- | sed 's,^ ,,g'




  


  




    


          
    

      

        
        

          

              @nitrocode
          

          

            
                nitrocode
                / use-opa-on-terraform-code.md
            
            

              Last active
              November 22, 2022 05:07
            

              
                Use OPA on Terraform HCL code
              
          

        

      

        

  

      

    
Use OPA on Terraform HCL code


Sample terraform with a resource that we'd like to catch


# main.tf
resource "null_resource" "default" {
  provisioner "local-exec" {
    command = "sh -c 'echo hi'"
  }



  


  




    


          
    

      

        
        

          

              @nitrocode
          

          

            
                nitrocode
                / Atlantis-with-awscli-v2.md
            
            

              Last active
              March 29, 2023 15:39
            

              
                Atlantis with awscli v2
              
          

        

      

        

  

      

    
Atlantis with awscli v2


Commands


Download the Dockerfile


wget https://gist.githubusercontent.com/nitrocode/62505b0623cd9bf27e4b39a3f98412f5/raw/Dockerfile