cpursley

PostgreSQL is Enough

• Simplify: move code into database functions
• Just Use Postgres for Everything
• Just use Postgres
• PostgreSQL is the worlds’ best database
• Postgres is eating the database world
• Hacker News discussion

Background and Cron Jobs

gnat

🐘 Postgres Standalone

Why?

• Localize your database into one single folder of your choosing.
• No sudo / root requirement.
• Run multiple Postgres at the same time on the same machine- Full bare metal performance.
• Postgres is a great starter before moving to "slow single machine but horizontal scale": CockroachDB, ScyllaDB, etc.

Compile

turing85

ARG MICRODIR=/microdir
ARG PACKAGES_TO_INSTALL="java-17-openjdk-devel"

FROM registry.access.redhat.com/ubi8-micro@sha256:eb4245271537034f69ee336a4a2b31d3fbae4048ec1db53ff89de749c35cf537 AS BASE

FROM registry.access.redhat.com/ubi8@sha256:83c0e63f5efb64cba26be647e93bf036b8d88b774f0726936c1b956424b1abf6 AS BUILD
ARG MICRODIR
ARG PACKAGES_TO_INSTALL
RUN mkdir ${MICRODIR}
COPY --from=BASE / ${MICRODIR}

abraithwaite

#!/usr/bin/bash -xe

cat <<EOF > "${HOME}/.config/systemd/user/zoom.slice"
[Slice]
AllowedCPUs=0-4
MemoryHigh=6G
EOF

cat /usr/share/applications/Zoom.desktop | sed -E 's#^(Exec=).*$#Exec=/usr/bin/systemd-run --user --slice=zoom.slice /opt/zoom/ZoomLauncher#' > "${HOME}/.local/share/applications/Zoom.desktop"

nahun

NetBox with AzureAD SSO using OAuth

This is an example setup with NetBox using AzureAD for authentication. It uses the Python Social Auth library.

Most of this was taken from this gist: https://gist.github.com/leoluk/16d91ec22d833945c7ac7ed2b3b05a27

This is written to support NetBox v2.10 to v3.0. I'll try to note differences for 2.9 or earlier.

NOTE: NetBox v3.1 added basic support for using social_auth so most of this is no longer required and can be placed in the configuration.py file.

AzureAD Setup

williamcaban

OCP4 Explicit Manual Upgrades with CLI

• Identify the pull image for the release. For example, for the latest OCP 4.4.x the release.txt for the corresponding release. For example here: https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest-4.4/release.txt

In this example, the latest 4.4.x it is 4.4.3 and it has this entry:

Pull From: quay.io/openshift-release-dev/ocp-release@sha256:039a4ef7c128a049ccf916a1d68ce93e8f5494b44d5a75df60c85e9e7191dacc

Validate your current version is in the list of upgrade path for the desired release. For 4.4.3 these are the possible upgrade paths:

williamcaban

Enabling externalIPs on OCP4.2

Edit the config for the network Custom Resource (CR) instance spec.externalIP.policy.allowedCIDRs with the CIDRs to use.

1. Edit the Cluster network configuration:

oc edit network.config.openshift.io cluster

2. Edit the spec.externalIP.policy.allowedCIDRs. The following enable 192.168.18.64/26 as an externalIP CIDR:

MaxXor

Encrypted Btrfs storage setup and maintenance guide

Initial setup with LUKS/dm-crypt

This exemplary initial setup uses two devices /dev/sdb and /dev/sdc but can be applied to any amount of devices by following the steps with additional devices.

Create keyfile:

dd bs=64 count=1 if=/dev/urandom of=/etc/cryptkey iflag=fullblock
chmod 600 /etc/cryptkey

abbra

# Assuming that HOSTNAME is enrolled to IPA realm already,
# run the following on HOSTNAME where RADIUS server will be deployed
# In FreeIPA 4.6+ host principal has permissions to create own services
kinit -k
ipa service-add 'radius/HOSTNAME'
# create keytab for radius user
ipa-getkeytab -p 'radius/HOSTNAME' -k /etc/raddb/radius.keytab
chown root:radiusd /etc/raddb/radius.keytab
chmod 640 /etc/raddb/radius.keytab

leoluk

"""
Custom LOGIN_REQUIRED middleware which allows OAuth URLs.
"""

import utilities.middleware
from django.conf import settings


class CustomLoginRequiredMiddleware(utilities.middleware.LoginRequiredMiddleware):
    def __call__(self, request):