If this codebase is production, handles money, or touches sensitive data: treat this audit loop as a high-risk operation. Run with least privilege, avoid exporting long-lived credentials in your shell, and keep the agent in read-only mode.
Jan exocode
🏠
DMontgomery40
/ CODEX.md
Last active
May 4, 2026 20:14
Ralph audit loop: Codex CLI read-only code audit runner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import NextAuth, { type NextAuthOptions } from "next-auth"; | |
| import { JWT } from "next-auth/jwt"; | |
| import * as jwt from "jose"; | |
| export const authOptions: NextAuthOptions = { | |
| // the rest is just like in tutorials. Session, callbacks etc. | |
| jwt: { | |
| encode: async ({ secret, token }) => { | |
| if (!token) { | |
| console.warn("encode: No token provided"); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create a k8s cluster | |
| git clone https://github.com/vfarcic/devops-toolkit-crossplane | |
| cd devops-toolkit-crossplane | |
| helm repo add crossplane-stable \ | |
| https://charts.crossplane.io/stable | |
| helm repo update |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| volumes: | |
| wordpress: | |
| db: | |
| services: | |
| wordpress: | |
| image: wordpress:5.7.1-fpm-alpine | |
| container_name: ${WP_CONTAINER_NAME} |
grigorkh
/ nginx-ingress-diff-table.md
Created
May 18, 2021 14:25
| Aspect or Feature | kubernetes/ingress-nginx | nginxinc/kubernetes-ingress with NGINX | nginxinc/kubernetes-ingress with NGINX Plus |
|---|---|---|---|
| Fundamental | |||
| Authors | Kubernetes community | NGINX Inc and community | NGINX Inc and community |
| NGINX version | Custom NGINX build that includes several third-party modules | NGINX official mainline build | NGINX Plus |
| Commercial support | N/A | N/A | Included |
| Implemented in | Go/Lua (while Nginx is written in C) | Go/Python | Go/Python |
| Load balancing configuration via the Ingress resource |
janeczku
/ rancher-argocd.md
Created
June 10, 2020 14:10
How to register Rancher managed Kubernetes clusters in Argo CD
Registering Rancher managed clusters in Argo CD doesn't work out of the box unless the Authorized Cluster Endpoint is used. Many users will prefer an integration of Argo CD via the central Rancher authentication proxy (which shares the network endpoint of the Rancher API/GUI). So let's find out why registering clusters via Rancher auth proxy fails and how to make it work.
Hint: If you are just looking for the solution scroll to the bottom of this page.
rampfox
/ Chromium-at-startup.md
Last active
May 29, 2025 14:05
How to open Chromium in full screen at startup on the Raspberry Pi
The Mainflux domain model is based around 3 entities: users, things and channels
user represents the real (human) user of the system
things represents devices and applications connected to Mainflux. There are two types of "things" supported at the moment: device and app. Device is used to represent any physical device connected to the platform. App represents any 3rd party service that uses the platform for message exchange with things.
channel represents a communication channel and serves as message topic that can be consumed by things connected to it
superseb
/ get_kubeconfig_custom_cluster_rancher2.sh
Last active
October 13, 2023 05:51
Get kubeconfig for custom cluster in Rancher 2.x
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Usage: ./get_kubeconfig_custom_cluster_rancher2.sh cluster_name | |
| # Needs to be run on the server running `rancher/rancher` container | |
| # Check if jq exists | |
| command -v jq >/dev/null 2>&1 || { echo "jq is not installed. Exiting." >&2; exit 1; } | |
| # Check if clustername is given | |
| if [ -z "$1" ]; then | |
| echo "Usage: $0 [clustername]" |
mjrider
/ user-config.yml
Created
March 10, 2018 19:21
user-config for hetzner cloud, to get a smaller root partition
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cloud-config | |
| # do not reisze, we are going to do that our self. Because the resizefs will run before the disk setup | |
| resize_rootfs: false | |
| # setup disk, overwriting our live partition scheme | |
| # results in a 4G/16GB split on a cx11 | |
| # overwrite needs to be true because we are going to change the layout of an existing drive | |
| disk_setup: | |
| /dev/sda: |
NewerOlder