vchatela

Overview

This guide demonstrates how to migrate from storing Vault tokens in terraform.tfvars to using GitHub OIDC (OpenID Connect) for secure, secretless authentication in CI/CD pipelines.

Benefits:

• 🔐 Secretless Authentication: No more storing long-lived tokens in files or secrets
• 🎯 Least Privilege: Granular policies scoped to specific paths and operations
• 🔄 Automatic Rotation: Short-lived tokens (1 hour TTL) generated per workflow run
• 🎭 Role-Based Access: Different permissions for PRs vs production deployments
• 📊 Better Audit Trail: GitHub actor tied to Vault authentication

vchatela

#!/bin/bash

declare -A docker_array

# Customize your own list... hereunder are some of mines
docker_array[linuxserver/radarr]=linuxserver-radarr1
docker_array[linuxserver/jackett]=linuxserver-jackett1
docker_array[linuxserver/sonarr]=linuxserver-sonarr1
docker_array[linuxserver/tautulli]=linuxserver-tautulli1

vchatela

#!/bin/sh

# CONFIGURATION
# Please modify SERVERNAME and AAAAAAAAAAAA password in $p12_file_path and $p12cert_password

script_folder=/volume1/tools/plex/
plex_folder="/var/packages/Plex Media Server"
# p12 file
p12_file_path="${plex_folder}"/SERVERNAME.p12
echo $p12_file_path

vchatela

#!/bin/bash

# Script to automagically update Plex Media Server on Synology NAS
	#
	# Must be run as root.
	#
	# @author @martinorob https://github.com/martinorob
# https://github.com/martinorob/plexupdate/
# @vchatela: I have added the renew of the plex certificate for HTTPS after upgrade

vchatela

serverURL=monserveur.com
resp=$(curl --write-out %{http_code} --silent --output /dev/null https://$serverURL:32400/plex)
if [ $resp -ne "401" ]; then
#error
	echo "Output code is : $resp"
	echo "Trying to restart..."
	synopkg stop "Plex Media Server"
	sleep 5
	synopkg start "Plex Media Server"
	sleep 10

vchatela

#$ sudo docker ps
#CONTAINER ID        IMAGE                                 COMMAND                  CREATED             STATUS                  PORTS                                                                    NAMES
#XXXXX        haugene/transmission-openvpn:latest   "dumb-init /etc/open…"   44 hours ago        Up 41 hours (healthy)   0.0.0.0:8888->8888/tcp, 0.0.0.0:9091->9091/tcp                           haugene-transmission-openvpn1
function notify {
	echo "ERROR"
	exit -1
}

error=0
nas_ip=$(curl -s http://whatismyip.akamai.com/)

vchatela

#!/bin/bash

# Gitolite [https://github.com/sitaramc/gitolite]
# Jenkins Git Plugin [https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin] 

# GL_REPO will contain the short relative path of the repository being pushed to, e.g. "projects/component-1", so transform it into the Git URL format that your Jenkins build jobs follow:
[email protected]:$GL_REPO

# Jenkins Git plugin notification URL -- update host as appropriate:
TRIGGER_URL=http://jenkins.example.com:8080/git/notifyCommit?url=$REPOSITORY_URL

vchatela

begin	

	-- Instantiations --
	AL : ALU port map (out_di_ex_b, out_di_ex_c ,out_di_ex_op(2 downto 0), out_alu, out_N, out_O, out_Z, out_C);
		
	-- DATA <= out_mem_re_b; W <= 1; -- AFC on écrit (W <= 1)  - ADD_W <= out_mem_re_a;
	BR : Banc_registres port map (out_li_di_b(addr_size_BR-1 downto 0), out_li_di_c(addr_size_BR-1 downto 0) , 
	out_mem_re_a(addr_size_BR-1 downto 0), w,out_mem_re_b, RST, CK, out_QA,out_QB); 

	-- TODO : check

vchatela

import sys, math
 
class Node(object):
    '''Class representing a node of the network, each node as :
    a unique id, constant
    a list of neighbour nodes'''
    def __init__(self, n =0):
        self.n = n
        self.neighb = []
    

vchatela

import java.util.*;
import java.io.*;
import java.math.*;

/**
 * Auto-generated code below aims at helping you parse
 * the standard input according to the problem statement.
 **/
class Player {