Ankit Charolia ankitcharolia
🏠
ankitcharolia
/ Dockerfile
Created
February 9, 2025 14:42
— forked from antonputra/gist:533fdd507f797cc30b082eed2c4f6fb4
Golang Dockerfile with upx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM golang:1.23.0-bookworm AS build | |
| ARG upx_version=4.2.4 | |
| RUN apt-get update && apt-get install -y --no-install-recommends xz-utils && \ | |
| curl -Ls https://github.com/upx/upx/releases/download/v${upx_version}/upx-${upx_version}-amd64_linux.tar.xz -o - | tar xvJf - -C /tmp && \ | |
| cp /tmp/upx-${upx_version}-amd64_linux/upx /usr/local/bin/ && \ | |
| chmod +x /usr/local/bin/upx && \ | |
| apt-get remove -y xz-utils && \ | |
| rm -rf /var/lib/apt/lists/* |
ankitcharolia
/ install-istio-ambient-mesh.sh
Last active
October 14, 2024 07:57
Install Istio Ambient Mesh using Helm Chart
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install Ambient Mesh with Helm Charts | |
| REPO="https://istio-release.storage.googleapis.com/charts" | |
| VERSION=1.19.0 | |
| helm_opts="upgrade -i --namespace istio-system --create-namespace --repo ${REPO} --version ${VERSION}" | |
| # base | |
| helm $(echo $helm_opts) istio-base base |
ankitcharolia
/ aws_acm.tf
Last active
March 24, 2023 15:24
— forked from nelg/ssl_cert.tf
https://github.com/nelg/terraform-aws-acmdemo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This data source looks up the public DNS zone | |
| data "aws_route53_zone" "public" { | |
| name = var.demo_dns_zone | |
| private_zone = false | |
| provider = aws.account_route53 | |
| } | |
| # This creates an SSL certificate | |
| resource "aws_acm_certificate" "myapp" { |
ankitcharolia
/ .gitlab-ci.yml
Created
February 20, 2023 21:44
— forked from tsoe77/.gitlab-ci.yml
Gitlab CI example for Gitlab + AWS OIDC integrated role
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # gitlab ci template for terraform with webidentity role | |
| # https://docs.gitlab.com/ee/ci/cloud_services/aws/ for how to setup gitlab oidc in aws. | |
| # | |
| # assuming it is a monorepo with vpc/dev and vpc/prod | |
| # assuming AWS_IAM_ROLE_DEV and AWS_IAM_ROLE_PROD with role arn as values configured in the CI/CD settings | |
| # | |
| # setup step is to setup working dir and pass role arn | |
| # validate step is to validate terraform | |
| # terraform plan step runs on any other branch except in main | |
| # terraform apply step runs only on main branch |
ankitcharolia
/ aws-kms.sh
Last active
February 18, 2023 18:36
— forked from madhusudangohil/kms
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aws kms encrypt --key-id xxxxxxxxxx-yyyy-xzzz-ssdd-ssssss \ | |
| --plaintext "Hello this is a test" \ | |
| --encryption-context Name=Department,Value=Derby \ | |
| --query CiphertextBlob \ | |
| --output text \ | |
| | openssl base64 -d > encrypted.txt | |
| decryptedbase64=$(aws kms decrypt --key-id xxxxxxxxxx-yyyy-xzzz-ssdd-ssssss \ |
ankitcharolia
/ setup-wireguard-vpn-client.sh
Last active
February 18, 2023 11:54
— forked from pR0Ps/make-wg-client.sh
Script to generate wireguard configs for clients to allow them to connect to the local wireguard server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ####### | |
| # Setup | |
| ####### | |
| ### Enable IPv4/6 forwarding: | |
| # # In /etc/sysctl.d/30-ipforward.conf : | |
| # net.ipv4.ip_forward=1 | |
| # net.ipv6.conf.default.forwarding=1 | |
| # net.ipv6.conf.all.forwarding=1 |