Skip to content

Instantly share code, notes, and snippets.

View davidalger's full-sized avatar

David Alger davidalger

228 followers · 5 following
View GitHub Profile
@davidalger
davidalger / fips-cli.sh
Last active March 1, 2025 17:36 — forked from arhea/fips-cli.sh
FIPS 140-2 Endpoint Tester
#!/bin/bash -e
usage() {
cat << EOF
usage: $0 <url> <path>
URL: <hostname>:<port>
Path: /
EOF
@davidalger
davidalger / socat-pty-shell-over-tcp.md
Last active February 20, 2023 20:55
Remote Linux Console Access

Where SSH is available, this is probably the more simple and definitely more secure option

  • Create admin user on the server-side (root is typically dissallowed by default)

    useradd -G wheel davidalger
passwd davidalger

  • Connect from the client-side via SSH

@davidalger
davidalger / postgres-cheatsheet.md
Created May 14, 2021 20:53 — forked from Kartones/postgres-cheatsheet.md
PostgreSQL command line cheatsheet

PSQL

Magic words:

psql -U postgres

Some interesting flags (to see all, use -h or --help depending on your psql version):

  • -E: will describe the underlaying queries of the \ commands (cool for learning!)
  • -l: psql will list all databases and then exit (useful if the user you connect with doesn't has a default database, like at AWS RDS)
@davidalger
davidalger / kubectl-list_images
Last active April 8, 2021 07:14
List all non-Google/GKE/k8s/Stackdriver images in a cluster using fully qualified names and without tags.
#!/usr/bin/env bash
kubectl get all --all-namespaces -o yaml \
| grep \ image: \
| egrep -iv 'image:\ sha256|(gke|k8s)\.gcr\.io|gcr\.io/(gke|google|stackdriver|kubernetes)-.*' \
| perl -pe 's#^[\W-]+image:\W+([^\@:]+)([:@].+)?$#$1#i' \
| perl -pe 's#^([a-z0-9-_]+)$#docker.io/library/$1#i' \
| perl -pe 's#^([a-z0-9-_/]+)$#docker.io/$1#i' \
| sort -n | uniq
@davidalger
davidalger / gcloud-asset-search.sh
Created February 2, 2021 23:13
GCP Asset Inventory
PS1='$ ' && clear
GCP_PROJECT=my-first-project \
&& gcloud services enable cloudasset.googleapis.com --project "${GCP_PROJECT}" \
&& echo Waiting for API enablement to propagate \
&& utimer -c 2m \
&& gcloud asset search-all-resources --scope "projects/${GCP_PROJECT}" --sort-by 'assetType' \
--format='table(assetType.basename(), name.basename(), name.scope(projects).segment(0):label=PROJECT_ID, labels)'
@davidalger
davidalger / kubectl-cheats.md
Last active November 24, 2021 20:15
kubectl cheats

List evicted pods

kubectl get pods --all-namespaces -o json \
  | jq -r '.items[] | select(.status.reason == "Evicted") | "pod/\(.metadata.name) -n \(.metadata.namespace)"'

Delete evicted pods

@davidalger
davidalger / delete-default-vpc-networks.sh
Created November 17, 2020 22:39
Removes internet gateways and subnets from and then deletes all default VPCs in an AWS account.
#!/usr/bin/env bash
set -euo pipefail
function error {
>&2 printf "\033[31mERROR\033[0m: $@\n"
}
INIT_ERROR=
for DEP_NAME in aws-vault jq aws; do
if ! which "${DEP_NAME}" 2>/dev/null >/dev/null; then
@davidalger
davidalger / redis-cli-flushall-with-auth.sh
Last active August 4, 2020 23:22
Pulls password for Redis authentication from Magento 2 configuration file to run `redis-cli flushall`
REDISCLI_AUTH=$(php -r '
$env = require_once "app/etc/env.php";
echo @$env["cache"]["frontend"]["default"]["backend_options"]["password"];
') redis-cli flushall
@davidalger
davidalger / warmer-cron.sh
Last active April 29, 2021 08:31
Script to crawl and warm the cache two levels deep on Magento demo Pods via CronJob spec
#!/bin/bash
set -euo pipefail
FRONT_URL="${FRONT_URL:-https://app.exampleproject.test/}"
echo "==> [$(date +%H:%M:%S)] waiting on readiness"
ELAPSED_SECONDS=0
while : ; do
ELAPSED_SECONDS=$(echo ${ELAPSED_SECONDS}+2 | bc)
RESPONSE_CODE=$(curl -sI "${FRONT_URL}" 2>/dev/null | head -n1 | awk '{print $2}')
@davidalger
davidalger / user-data.yaml
Last active July 21, 2020 14:37
Cloud config user data for creating VM with davidalger administrative user rather than 'centos' or 'ubuntu' user
#cloud-config
users:
- groups: adm, systemd-journal
name: davidalger
shell: /bin/bash
ssh_authorized_keys:
- |
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4UTV2t+5Ze6JDiU7Ws9SLKUrh8oq+3lkAIXsx54w8bW8huk4TViqALb4PgYTWwH9eRFUjBzx/9dxTZMrkUPCeHRWxoKmUONTYaH8xz5vGcCbSw/qC/BVXZ6TofRB7vkFWOMDgq8Y57pN/kq7k8cvMUNWqZ+My/k1HPpZLBTHiSDaGb3AU1lXEyPzu0rCHbPeuJcRhIbixhbxTL9RgiKYDcz1UXoklqCnFVC2wP0Hd9LjxASZGJQYdjqHm2bnnEL9ztHDxnY2/9/kRDzXw3wEALDhJQq8/M5xiB9Ul3FVpm2qCqu7NKxZxzM8iH0fyKUz0CZ0pmqkfXSqaYhyH65FdQ== [email protected]
sudo: ALL=(ALL) NOPASSWD:ALL