DNS Resolution Everywhere
Posted on 2021-08-10
(Last modified on 2021-08-11)
Usually at leas one of those is present on any system
dig nslookup host But sometimes the usual suspects don’t work, especially in container-land. After trying them you may try some more involved/unknown things:
getent Part of glibc, this will probably work on nearly every system.
getent hosts example.org Or, if you specifically want to query A or AAAA records.
getent ahostsv4 example.org getent ahostsv6 example.org Using Python2 Or Python3 Given this depends on glibc it is more of a alternative than another real solution
[Read More]
Publish Parts Of Obsidian To My Personal Site
Posted on 2021-08-09
(Last modified on 2023-10-18)
The idea at the start was simple. Do something like Obsidian Publish , so read frontmatter and if it contains published: True put it up on a website to view.
Info
I have since rewritten and updated this tool: New version
The Basics I started with taking a look at different static site generators but after a bit of testing I ended up back at Hugo, which I already use for ps1.
[Read More]
curl: Modify DNS Resolution
Posted on 2021-08-08
(Last modified on 2021-08-12)
You can intercept normal name resolution in curl with the --resolve parameter allowing you to do things like talk to a specific site of a DNS load-balanced setup or talk to a new deployment not yet made productive.
You can specify the resolve option multiple times so you can even catch redirects and move them to where you want as well.
It’s important to note that this intercept does only work on the ports you specify in the entries.
[Read More]
How SELinux screws with scripts when run over VMware Tools
Posted on 2021-08-08
(Last modified on 2021-08-11)
SELinux by default prohibits certain things from working through VMware tools (Ansible connection or plain API).
This can be solved two ways:
- Disabling SELinux: BAD, but easy
- Writing a custom SELinux policy: complicated but more secure
Note: Adding/Changing this policy through a VMware tools connection is thankfully possible
Example policy
This policy is the base for a VMware tools policy and allows entering the rpm context (yum).
module custom-vmtools 1.0;
require {
type rpm_script_t;
type vmtools_unconfined_t;
class process transition;
}
#============= vmtools_unconfined_t ==============
allow vmtools_unconfined_t rpm_script_t:process transition
Replace Line In YAML While Keeping Indentation Using Ansible
Posted on 2021-08-08
(Last modified on 2024-07-01)
In theory Ansible should be declarative and have full control over the systems we touch with it.
In practice, this is unfortunately not always the case.
With this nifty task we can replace the value of a key (given as yaml_key) to a new value (given as new_value) while preserving it’s indentation.
- name: Replace values in YAML file while keeping their indentation lineinfile: backup: true backrefs: true state: present path: foo.
[Read More]
Looping Dates macOS
Posted on 2021-08-07
(Last modified on 2021-08-09)
date on MacOS does not support --date, so a workaround is needed. Converting Date to unix epoch, adding one day in epoch and converting back.
The Scripty Way Taken from a blog post
#!/bin/zsh start=$year-01-01 end=$year-12-31 currentDateTs=$(date -j -f "%Y-%m-%d" $start "+%s") endDateTs=$(date -j -f "%Y-%m-%d" $end "+%s") offset=86400 while [ "$currentDateTs" -le "$endDateTs" ] do date=$(date -j -f "%s" $currentDateTs "+%Y-%m-%d") echo $date currentDateTs=$(($currentDateTs+$offset)) done The Brew Way As I found out long after writing the above you can simply brew install coreutils and get a date command with the --date option.
[Read More]
Download Full Website Copy
Posted on 2021-04-01
Sometimes it’s nice to download a best effort version of a website,
for example before completely redesigning it.
domain=WEB.SITE
wget $domain --recursive --no-clobber --page-requisites --html-extension --convert-links --restrict-file-names=windows --domains $domain
Renovate Bot
Posted on 2021-02-12
(Last modified on 2024-06-10)
My tool of choice for doing dependency maintenance/update type of stuff for both [[infrastructure-as-code]] and [[software-projects]]
Vmware Tools Copy Files
Posted on 2020-09-17
(Last modified on 2022-07-01)
Docs
Copy To Guest
$vm = Get-VM -Name TEST
Get-Item "X:\yourfile.txt" | Copy-VMGuestFile -Destination "c:\temp" -VM $vm -LocalToGuest -GuestUser "Administrator" -GuestPassword "Pa$$w0rd"
Copy From Guest
$vm = Get-VM -Name TEST
Copy-VMGuestFile -Source c:\yourfile.txt -Destination c:\temp\ -VM $vm -GuestToLocal -GuestUser "Administrator" -GuestPassword "Pa$$w0rd"
Ansible VMware Connection Plugin & Become
Posted on 2020-07-02
(Last modified on 2021-08-09)
When using VMware as the connection plugin to connect to remote hosts you commonly set two facts for username and password:
ansible_vmware_tools_user: "mkamner" ansible_vmare_tools_password: "Super Secret PW" This will work just fine for windows and with many tasks on linux.
However, if you want to use become: true on linux it will fail with the strangest error messages.
For example: apt will fail, because it can’t acquire the lock file
[Read More]
IANA To openSSL Ciphers
Posted on 2020-03-07
Handy table to map IANA IDs of ciphers to their openSSL IDs used in web server configurations,
for example [[nginx]] ssl_ciphers
or proxy_ssl_ciphers
https://testssl.sh/openssl-iana.mapping.html
Ansible
Posted on 2020-01-01
(Last modified on 2024-06-10)
Need to automate a VM?
you need Ansible!
ArgoCD
Posted on 2020-01-01
(Last modified on 2024-06-10)
Django
Posted on 2020-01-01
(Last modified on 2024-06-10)
My preferred framework for building web apps
GitLab
Posted on 2020-01-01
(Last modified on 2024-06-10)
My preferred git server and CI/CD system, either gitlab.com or self-hosted.
Helm
Posted on 2020-01-01
(Last modified on 2024-06-10)
A good way to pull in external dependencies into Kubernetes
For writing my own manifests I prefer to use Kustomize.
Hugo
Posted on 2020-01-01
(Last modified on 2024-06-10)
My static site generator of choice, used to build my blog among other things.
JQ
Posted on 2020-01-01
(Last modified on 2024-06-10)
A incredibly powerful tool for manipulating the heaps of JSON files and responses I interact with daily.
A lot of times I also use ijq
instead, which is a interactive version of jq
.
Kubernetes
Posted on 2020-01-01
(Last modified on 2024-06-10)
I have run and am still running loads of Kubernetes clusters, mostly on-premise.
Kustomize
Posted on 2020-01-01
(Last modified on 2024-06-10)
My prefered tool for writing and provisioning home-built manifests to [[kubernetes]]