Skip to content

Instantly share code, notes, and snippets.

View ulexxander's full-sized avatar
💪
Workin hard

Alexander Ustyugov ulexxander

💪
Workin hard
8 followers · 6 following
  • Limitlex d.o.o.
  • Slovenia
View GitHub Profile
@ulexxander
ulexxander / Dockerfile
Created May 27, 2024 09:03
Cache and secret mounts in Dockerfile for Go projects
FROM golang:1.20-bookworm AS builder
WORKDIR /build
ENV \
GOOS=linux \
GOARCH=amd64 \
CGO_ENABLED=0 \
GOCACHE=/go-build-cache \
GOMODCACHE=/go-mod-cache
COPY . .
ARG VERSION
@ulexxander
ulexxander / docker-layers-diff.sh
Created May 17, 2024 10:04
Simple shell script to diff Docker image layers, see which layers was changed between two images.
#!/bin/sh
# Usage:
# docker-layers-diff image-1 image-2
set -e
if [ -z "$1" ] || [ -z "$2" ]; then
echo "Missing 1 / 2 args"
exit 1
@ulexxander
ulexxander / docker-friendly-iptables.sh
Created April 24, 2024 18:06
Docker friendly iptables rules when cloud firewall rules can't be used, e.g. on baremetal hosts. Can protect both regular services as well as Docker containers forwarded ports.
# 1. Set IPTABLES_RESTORE_NOFLUSH=yes in /etc/default/netfilter-persistent
# 2. Put contents of that file in /etc/iptables/rules.v4
# 3. Apply this file now and after each reboot by running: systemctl enable --now iptables.service
# 4. You can also apply this file directlry using: iptables-restore --noflush < /etc/iptables/rules.v4
*filter
#################################################
############# INPUT chain #############
#################################################
@ulexxander
ulexxander / grafana-discord-notification-template.tpl
Created November 17, 2023 14:12
Grafana better Discord notification template than default one (ugly).
{{ define "__discord_subject" }}[{{ .Status | toUpper }}{{ if eq .Status "firing" }}:{{ .Alerts.Firing | len }}{{ if gt (.Alerts.Resolved | len) 0 }}, RESOLVED:{{ .Alerts.Resolved | len }}{{ end }}{{ end }}] {{ .GroupLabels.SortedPairs.Values | join " " }} {{ if gt (len .CommonLabels) (len .GroupLabels) }}({{ with .CommonLabels.Remove .GroupLabels.Names }}{{ .Values | join " " }}{{ end }}){{ end }}{{ end }}
{{ define "__discord_values_list" }}{{ if len .Values }}{{ $first := true }}{{ range $refID, $value := .Values -}}
{{ if $first }}{{ $first = false }}{{ else }}, {{ end }}{{ $refID }}={{ $value }}{{ end -}}
{{ else }}[no value]{{ end }}{{ end }}
{{ define "__discord_alert_list" }}
{{ range . -}}
Value: {{ template "__discord_values_list" . }}
{{ if len .Labels -}}
@ulexxander
ulexxander / ngrok-docker-compose.yml
Last active October 12, 2023 09:40
Ngrok in Docker for projects development
version: "3.8"
services:
my-app:
image: nginx:1.25.2
ngrok:
image: ngrok/ngrok:3.3.5-alpine
command:
- http
@ulexxander
ulexxander / oauth2-proxy-gitlab-docker-compose.yml
Created September 21, 2023 20:10
OIDC Proxying Docker container using oauth2-proxy.
services:
prometheus-proxy:
image: quay.io/oauth2-proxy/oauth2-proxy:v7.5.0
command:
- --http-address=:4180
- --upstream=http://prometheus:9090
- --email-domain=*
- --oidc-issuer-url=https://gitlab.com
- --provider=gitlab
- --redirect-url=http://prometheus-oauth.localhost/oauth2/callback
@ulexxander
ulexxander / prometheus-docker-sd.yml
Last active September 17, 2023 20:13
Prometheus docker_sd relabel configs to be able to use prometheus.io scrape, path and port container labels, just like we do in Kubernetes!
global:
scrape_interval: 10s
scrape_configs:
- job_name: docker_sd
docker_sd_configs:
- host: unix:///var/run/docker.sock
refresh_interval: 10s
@ulexxander
ulexxander / docker-compose.yml
Last active July 20, 2023 07:35
Prometheus / Grafana / Node Exporter and Docker SD
version: "3.8"
services:
prometheus:
image: prom/prometheus:v2.45.0
command:
- "--web.enable-admin-api"
ports:
- "9090:9090"
volumes:
@ulexxander
ulexxander / cloud-init.yaml
Last active July 5, 2023 05:08
Basic Kubernetes installation snippets
#cloud-config
users:
- name: alex
groups: sudo, docker
shell: /bin/bash
lock_passwd: false
# mkpasswd --method=SHA-512 --rounds=4096
passwd: "$6$rounds=4096$liX9KRchDIBKuoXt$LqW34rkz2k3yB/MmSPL4SbvGmO0xg7sQKgnwkTAhTV6RjvZAOJS9G4iURlkJS63TRt.ThpE9Thy9G/1.JwXDC0"
ssh_authorized_keys:
@ulexxander
ulexxander / _table-of-contents.md
Last active July 4, 2023 10:31
Notes written down while researching Kubernetes, AWS and Terraform.