Skip to content

Instantly share code, notes, and snippets.

View ryancnelson's full-sized avatar

Ryan Nelson ryancnelson

View GitHub Profile
@ryancnelson
ryancnelson / gist:5d1c4da952691e670b81b592a07dc19a
Created May 13, 2026 19:22
servers.d variable contracts for container hosts
# servers.d yml files: variable bags or contracts?
Came up while working on DEVOPS-2819 (west HLS pet replacement).
## What happened
Adding ECR-specific fields to `hls-w04.yml` and `hls-w14.yml` so `deploy-hls-app-via-ssm.yml` could read them instead of hardcoding account IDs and regions:
```yaml
ecr_account_id: "862214040873"
#!/usr/bin/env python3
# This script creates 'hello-flex.yml' with known-good content.
# Target cksum for hello-flex.yml: 3909784707 424
yaml_content_lines = [
"# File: /etc/newrelic-infra/integrations.d/hello-flex.yml",
"integrations:",
" - name: nri-flex",
" configs:",
@ryancnelson
ryancnelson / keybase.md
Created January 14, 2025 18:37
keybase.md

Keybase proof

I hereby claim:

  • I am ryancnelson on github.
  • I am ryancnelson (https://keybase.io/ryancnelson) on keybase.
  • I have a public key ASCs110QXWuSO7RKvXmuBK11Pk6EGumWvgGdK3d4NdXeVQo

To claim this, I am signing this object:

this is a slack thread, copied and pasted from the slack client.
Ryan Nelson
Yesterday at 12:31 PM
posting this in homelab mostly because it where i know "people who want to log in and noodle with the thing" lurk. Apologies if it's a tangent. I'll thread it. my topic: hey, $job_applicant, let's screenshare. We're logged into a bash shell. What can you tell me about this host? open-book/manpages/AI-helpers/phone-a-friend. I'll drill-down/give-hints as we go. :thread:
87 replies
Ryan Nelson
Yesterday at 12:32 PM
; <<>> DiG 9.10.6 <<>> ted.com TXT
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16981
;; flags: qr rd ra; QUERY: 1, ANSWER: 16, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
prompt:
I want to create a docker container that runs the caddy reverse proxy. The
container should be able to use an aws api key to request the container IP and
port information of other containers that are tagged with an aws tag of the
form "tedservice=webApp1' , and produce a load-balanced service composed of any
containers tagged like that, adding their IP address and port to a VIP for a
service called "webApp1".
--
To create a Docker container running the Caddy reverse proxy that dynamically
prompt: I want to create a docker container that runs the caddy
reverse proxy. The container should be able to use an aws api key
to request the container IP and port information of other containers
that are tagged with an aws tag of the form "tedservice=webApp1' ,
and produce a load-balanced service composed of any containers
tagged like that, adding their IP address and port to a VIP for a
service called "webApp1".
-- To create a Docker container running the Caddy reverse proxy
that dynamically discovers other containers tagged with a specific
prompt:
I want to create a docker container that runs the caddy reverse proxy. The container should be able to use an aws api key to request the container IP and port information of other containers that are tagged with an aws tag of the form "tedservice=webApp1' , and produce a load-balanced service composed of any containers tagged like that, adding their IP address and port to a VIP for a service called "webApp1".
--
To create a Docker container running the Caddy reverse proxy that dynamically discovers other containers tagged with a specific AWS tag, we'll follow these steps:
1. **Set up the Docker environment.**
2. **Create a Dockerfile for the Caddy container.**
3. **Write a script to interact with AWS API to discover container IPs and ports based on the specified tag.**
4. **Configure Caddy to use the discovered IPs and ports.**
$ sgpt 'i have a ssl certificate chain in file /tmp/chained-cert-3.pem
. That file contains 3 ssl certificates, concatenated into one
file. check each certificate for validity, and confirm that next
certificate in the chain is properly signed by the proceeding one.
Use /etc/ssl/cert.pem to validate the root certificate. Indicate
which certificates passed validation, and where in the chain
validation failed, if failure occurs. Describe each certificate
in the chain, its issuer, and its CN. '
▌ @FunctionCall execute_shell_command(shell_command="openssl crl2pkcs7