Skip to content

Instantly share code, notes, and snippets.

View freedomfury's full-sized avatar

afigs freedomfury

View GitHub Profile
@freedomfury
freedomfury / gist:adc5dbe3f3d49e16be4555b46a941ca1
Created September 15, 2025 13:16
=====./__init__.py====
import os
import sys
import importlib
from invoke import Collection
ns = Collection()
mod_list = []
path = os.path.dirname(os.path.realpath(__file__))
bin = f"{os.path.dirname(path)}/bin"
@freedomfury
freedomfury / gist:a7fb3ab54ec5ce3d3e1e26f88312953b
Created September 10, 2025 17:44
Makefile
BASH:=$(shell which bash)
SHELL:=$(BASH)
MAKEFLAGS+= --warn-undefined-variables
MAKEFLAGS+= --no-builtin-rules
PWD:=$(shell pwd)
DOTENV:=$(PWD)/.env
.SHELLFLAGS:= -O inherit_errexit -eu -o pipefail -c
@freedomfury
freedomfury / certs.sh
Created July 28, 2025 09:00
certs
#!/bin/bash
set -e
CERTDIR="./certs"
mkdir -p "$CERTDIR/ca" "$CERTDIR/server" "$CERTDIR/client"
# Generate CA key and certificate
openssl genrsa -out "$CERTDIR/ca/key.pem" 4096
openssl req -new -x509 -days 825 -key "$CERTDIR/ca/key.pem" -out "$CERTDIR/ca/cert.pem" -subj "/CN=Custom Docker CA"
@freedomfury
freedomfury / docker-entrypoint.sh
Created July 28, 2025 08:58
docker-entrypoint.sh
#!/bin/sh
set -eu
_tls_ensure_private() {
local f="$1"; shift
[ -s "$f" ] || openssl genrsa -out "$f" 4096
}
_tls_san() {
{
ip -oneline address | awk '{ gsub(/\/.+$/, "", $4); print "IP:" $4 }'
@freedomfury
freedomfury / gist:3e4e9414da6cd2673a6647d091a868ec
Created February 7, 2023 12:56
---
stages:
- setup
- build
variables:
PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
PY_VENV_DIR: "$CI_PROJECT_DIR/.venv"
cache:
@freedomfury
freedomfury / molecule.yml
Created February 3, 2023 14:04
molecule podman systemd
---
dependency:
name: galaxy
driver:
name: podman
platforms:
- name: c01-alma8
image: almalinux/8-init
pre_build_image: true
@freedomfury
freedomfury / gist:c87929337a7c4bbcad0dd79d0b39ff30
Created June 15, 2021 02:41
{
"name": "updateOSSoftware",
"action": "aws:runCommand",
"maxAttempts": 3,
"timeoutSeconds": 3600,
@freedomfury
freedomfury / moleculle.yml
Created May 10, 2020 11:04
# Example molecule-vagrant configuration
---
dependency:
name: galaxy
driver:
name: vagrant
provider:
name: virtualbox
platforms:
- name: instance
@freedomfury
freedomfury / 0-puppet-node-purging-via-api.md
Created October 1, 2019 04:22 — forked from jessereynolds/0-puppet-node-purging-via-api.md
Puppet - Node Purging via APIs

Puppet Node Purging via API

When you're decomissioning a machine that has been managed by Puppet you may want to programatically clean up the node. There are two parts to this:

  • revoking and deleting the certificate of the node in Puppet's CA
  • deactivating the node in PuppetDB

The following should work for Puppet 4.x and Puppet DB 4.x (including Puppet Enterprise 2016.4.x, 2017.1.x, 2017.2.x).

I've used certificate based auth, and the examples are being run from the puppet master so make use of existing certificates for authentication. When run remotely the cacert, certificate and corresponding private key for authentication will need to be present.