Skip to content

Instantly share code, notes, and snippets.

View rdccosmo's full-sized avatar

Rodrigo Cosme rdccosmo

45 followers · 46 following
View GitHub Profile
@anavdesign
anavdesign / Drupal Bootstrap Theme.md
Last active September 27, 2019 15:33
Drupal: Bootstrap Theme
@superbrothers
superbrothers / kubectl-delete_all
Last active October 1, 2024 05:27
Kubernetes: Delete all objects in the namespace
kubectl delete "$(kubectl api-resources --namespaced=true --verbs=delete -o name | tr "\n" "," | sed -e 's/,$//')" --all
@mattmc3
mattmc3 / modern_sql_style_guide.md
Last active April 10, 2025 22:36
Modern SQL Style Guide
layout author title revision version description
default
mattmc3
Modern SQL Style Guide
2019-01-17
1.0.1
A guide to writing clean, clear, and consistent SQL.

Modern SQL Style Guide

@okkez
okkez / README.md
Created November 27, 2018 03:25
Fluentd Mutual authentication sample

Prepare files and directories

mkdir -p fluentdCA/{private,newcerts,certs,crl}
touch fluentdCA/index.txt
echo 00 > fluentdCA/serial

Setup private CA

@mohanpedala
mohanpedala / bash_strict_mode.md
Last active May 12, 2025 11:33
set -e, -u, -o, -x pipefail explanation
@moolen
moolen / Dockerfile
Last active November 10, 2024 02:12
cfssl: multiple CA w/ nginx mutual tls
FROM ubuntu:14.04
# install nginx
RUN apt-get update && \
apt-get install software-properties-common -y && \
add-apt-repository ppa:nginx/stable -y && \
apt-get update && \
apt-get install -y nginx=1.12.2-0+trusty0
RUN rm -rf /etc/nginx/sites-enabled/default
@jjo
jjo / kubectl-root-in-host-nopriv.sh
Last active February 5, 2024 23:07
Yeah. Get a root shell at any Kubernetes *node* via `privileged: true` + `nsenter` sauce. PodSecurityPolicy will save us. DenyExecOnPrivileged didn't (kubectl-root-in-host-nopriv.sh exploits it)
#!/bin/sh
# Launch a Pod ab-using a hostPath mount to land on a Kubernetes node cluster as root
# without requiring `privileged: true`, in particular can abuse `DenyExecOnPrivileged`
# admission controller.
# Pod command in turn runs a privileged container using node's /var/run/docker.sock.
node=${1}
case "${node}" in
"")
nodeSelector=''
podName=${USER+${USER}-}docker-any
@janeczku
janeczku / 00-cloud-config.yml
Last active December 2, 2024 01:28
Annotated RancherOS Cloud-init configuration snippets
#cloud-config
# Set the hostname for this machine (takes precedence over hostname assigned by DHCP lease).
hostname: myhost
# Authorize SSH keys for the `rancher` sudoer user
ssh_authorized_keys:
- ssh-rsa AAA...ZZZ example1@rancher
@lynt-smitka
lynt-smitka / .htaccess
Last active August 12, 2024 09:18
Block hidden files except .well-known - Apache .htaccess + Nginx
RewriteRule "(^|/)\.(?!well-known\/)" - [F]
@hmm01i
hmm01i / .gitlab-ci.yml
Created June 7, 2018 01:17
Example gitlab-ci script for ansible automation deployment
---
image: 'williamyeh/ansible:centos7'
variables:
ANSIBLE_ROLES_PATH: './roles/'
ANSIBLE_VAULT_PASSWORD_FILE: '/root/.ssh/vault.sh'
ANSIBLE_TIMEOUT: 60 # some systems are very slow to establish ssh connection
before_script:
- "ansible --version" # for verbosity