Skip to content

Instantly share code, notes, and snippets.

View tonivdv's full-sized avatar

Toni Van de Voorde tonivdv

21 followers · 46 following
View GitHub Profile
@smoser
smoser / README.md
Last active September 24, 2024 19:38
set up a ssh tunnel only user for ssh proxy jump

Set up a ssh tunnel only user

In order to give someone access to hosts that are available only by ssh "bouncing" (ProxyJump), add a user for this specific purpose.

We have an internal openstack where instances get IPs on per-tenant networks. Each tenant has a 'bastion' host that has a "public" ip (floating ip). You can access other instances by bouncing through the bastion. From time to time I want to let someone else into an instance. This could be done either with:

a.) just give them shell access to the bastion and let them hop through. Sharing an unrestricted shell account on my bastion is less than ideal. b.) assign a floating/"public" IP to the instance so they could go directly in. Floating IPs are limited, so this is less than ideal.

So instead, I have set up a single user as described here that can only be used for ProxyJump. It allows others proxied access to my instances but without granting them full shell access.

@nrollr
nrollr / nginx.conf
Last active February 22, 2025 10:42
NGINX config for SSL with Let's Encrypt certs
# UPDATED 17 February 2019
# Redirect all HTTP traffic to HTTPS
server {
listen 80;
listen [::]:80;
server_name www.domain.com domain.com;
return 301 https://$host$request_uri;
}
# SSL configuration
@yefim
yefim / Dockerrun.aws.json
Last active April 7, 2023 16:11
Build a Docker image, push it to AWS EC2 Container Registry, then deploy it to AWS Elastic Beanstalk
{
"AWSEBDockerrunVersion": "1",
"Image": {
"Name": "<AWS_ACCOUNT_ID>.dkr.ecr.us-east-1.amazonaws.com/<NAME>:<TAG>",
"Update": "true"
},
"Ports": [
{
"ContainerPort": "443"
}
@cGuille
cGuille / post-commit
Last active May 10, 2016 11:48
Git post-commit hook to display the commit message in an enclosing sentence. The goal is to check whether the commit message wording feels right or not.
#!/usr/bin/env bash
LIGHT_GREEN='\e[1;32m'
NO_FORMAT='\e[0m'
UNDERLINE='\e[4m'
RESET_UNDERLINE='\e[24m'
COMMIT_MESSAGE="$(git show -s --format=%s HEAD)"
echo -e "${LIGHT_GREEN}When applied, this commit will ${UNDERLINE}${COMMIT_MESSAGE}${RESET_UNDERLINE}.${NO_FORMAT}"
@martinda
martinda / git-merge-before-build.dsl
Created April 6, 2016 23:40
Jenkins Pipeline DSL code to demonstrate git merge before build
// Jenkins Pipeline DSL to demonstrate git merge before build
node {
String path = '/tmp/jenkins/upstream-repo'
sh "rm -rf ${path}"
ws(path) {
sh 'git --version'
sh 'git init'
sh 'touch README.md; git add README.md; git commit -m "init"'
sh 'git checkout -b pull-requests/1/from'
sh 'touch file.txt; git add file.txt; git commit -m "Add file"'
@ceilfors
ceilfors / cleanupUnusedWorkspaceInSlaves.groovy
Last active January 17, 2025 06:44
When you delete jobs in Jenkins, the corresponding workspaces in the build slaves won't be deleted automatically. This Jenkins script will go to each slave and check if the jobs are already deleted in Jenkins master and delete the workspace.
import com.cloudbees.hudson.plugins.folder.Folder
import hudson.FilePath
import jenkins.model.Jenkins
def boolean isFolder(String name) {
def item = Jenkins.instance.getItemByFullName(name)
return item instanceof Folder
}
def deleteUnusedWorkspace(FilePath root, String path) {
@sighingnow
sighingnow / Makefile
Last active March 8, 2025 17:56
Detect operating system in Makefile.
# Detect operating system in Makefile.
# Author: He Tao
# Date: 2015-05-30
OSFLAG :=
ifeq ($(OS),Windows_NT)
OSFLAG += -D WIN32
ifeq ($(PROCESSOR_ARCHITECTURE),AMD64)
OSFLAG += -D AMD64
endif
@mattes
mattes / boot2docker-nfs.rb
Last active December 4, 2023 12:07
docker-machine/ boot2docker with NFS instead of vboxsf
#!/usr/bin/env ruby
# Usage
# $ docker-machine create my-machine123 -d virtualbox
# $ ruby <(curl -L https://git.io/vvvco) my-machine123
# https://gist.github.com/mattes/4d7f435d759ca2581347
require 'erb'
bootlocalsh = %Q(#/bin/bash
@gskielian
gskielian / git-specify-ssh-key
Created October 14, 2014 16:51
Specifying SSH Key within Git Clone
#how to specify an ssh key to use when cloning a repo in Mac
ssh-agent bash -c 'ssh-add /Users/UR_USERNAME/.ssh/UR_PRIVATE_KEY; git clone git@DAS_GIT_URL'
@michaelsauter
michaelsauter / Vagrantfile
Last active April 28, 2017 09:30
Vagrantfile for https://github.com/YungSang/boot2docker-vagrant-box
VAGRANTFILE_API_VERSION = "2"
Vagrant.require_version ">= 1.6.3"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.define "boot2docker"
config.vm.box = "yungsang/boot2docker"
config.vm.box_check_update = false