Datadog Dashboard [Ex/Im]port Script

I had a need recently to copy a developed dashboard between orgs within Datadog and ran across this Github Gist post that I’ve wrapped into a shell utility:

 

#!/bin/bash

api_key='REPLACEME'
app_key='REPLACEME'
dash_id=$2

if [[ $1 == "import" ]]; then

    curl -X POST -H "Content-type: application/json" -d @${dash_id}.json "https://app.datadoghq.com/api/v1/dash?api_key=${api_key}&application_key=${app_key}"

else

    curl -X GET "https://app.datadoghq.com/api/v1/dash/${dash_id}?api_key=${api_key}&application_key=${app_key}" | jq '.dash' > ${dash_id}.json

fi

Archival Policies With CloudFormation

Draft of this has been untouched for 6 months, posting in case anyone needs a snippet for a CF template.

"S3BackupBucket": {
    "Type" : "AWS::S3::Bucket",
    "Properties" : {
        "BucketName" : "my-unique-s3-bucket"},
        "LifecycleConfiguration": {
            "Rules": [
                {
                "Id": "GlacierRuleDBData",
                "Status": "Enabled",
                "ExpirationInDays": "460",
                "Prefix" : "backup/database",
                "Transitions": [
                    {
                    "TransitionInDays": "35",
                    "StorageClass": "GLACIER"
                    }
                ]
                },
                {
                    "Id": "IARuleAppData",
                    "Status": "Enabled",
                    "Prefix" : "backup/appdata",
                    "Transitions": [
                        {
                            "TransitionInDays": "30",
                            "StorageClass": "STANDARD_IA"
                        }
                    ]
                }
            ]
        }
    }
}

Well that explains the low cost

A co-worker recommended Vizio as a top notch TV a while back and the price was ridiculously cheap when I shopped around to price one out. It was only for an occasionally used room and I figured even if it went bad after a couple of years it was worth the cost. Now I understand why the price tag is so low despite appearing to be a quality TV and I’ve turned as much of the default settings as I could find off since it’s used with an external device.

Its watching you (ArsTechnica) http://arstechnica.com/security/2015/11/own-a-vizio-smart-tv-its-watching-you/

Shell Script for Apt-Get Security Based Updates

I’ve been slowly working this script into a cheap method of notifying me of updates available for Linux instances (Ubuntu specific) instead of purchased product or managed solution. It’s not fancy, flashy, API driven, cloud hosted, OAuth authenticating, or any other buzzwords. It does work though…

#!/bin/bash

#-------------------------------------------------------------------------------------------------#
#- Name....: checkSecurityupdates.sh
#- Notes...:
#-------------------------------------------------------------------------------------------------#

# create fresh securities file each run
grep "-security" /etc/apt/sources.list | sudo grep -v "#" > /etc/apt/security.sources.list
echo "created security specific source list"


# Create the security file list
echo 'n' | apt-get upgrade -o Dir::Etc::SourceList=/etc/apt/security.sources.list >> /root/securities-to-update.txt
echo "created list of security updates"



# What's the mimetype
get_mimetype(){
  # warning: assumes that the passed file exists
  file --mime-type "$1" | sed 's/.*: //'
}


# some variables

from="SecUpdates-Report@example.com"
to="monitor-this-mailbox@example.com"
subject=`hostname`
boundary="ZZ_/afg6432dfgkl.94531q"
body="Please see attached"
declare -a attachments
attachments=( "securities-to-update.txt" )

# Build headers
{

printf '%s\n' "From: $from
To: $to
Subject: $subject
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=\"$boundary\"

--${boundary}
Content-Type: text/plain; charset=\"US-ASCII\"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

$body
"

# now loop over the attachments, guess the type
# and produce the corresponding part, encoded base64
for file in "${attachments[@]}"; do

  [ ! -f "$file" ] && echo "Warning: attachment $file not found, skipping" >&2 && continue

  mimetype=$(get_mimetype "$file")

  printf '%s\n' "--${boundary}
Content-Type: $mimetype
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=\"$file\"
"

  base64 "$file"
  echo
done

# print last boundary with closing --
printf '%s\n' "--${boundary}--"

} | sendmail -t -oi   
echo "sent security updates list"



# cleanup security files
rm /etc/apt/security.sources.list
rm /root/securities-to-update.txt

Oracle Java Chef Recipe

There are a number of Java recipes out there that are quite good but I really had a need for a lightweight one with minimal fuss and for Ubuntu only. I would wrap this up as a solo cookbook but there really isn’t a point since it’s a grand total of 45 lines and requires 1 attribute defined. Check it out and see what you think.

#
# Cookbook Name:: opsworks
# Recipe:: jdk-install
#
# Author:: John Lawson
# Email:: jlawson@scriobha.im
#
#

log "...::: opsworks::jdk-install :::..."

# Install JDK repo
execute "apt-get install -y software-properties-common; add-apt-repository -y ppa:webupd8team/java;" do
    user "root"
    action :run
    not_if { ::File.exists?("/tmp/configured.jdk") }
end

# Update apt-get now that we have the JDK repo added
execute "apt-get update;" do
    user "root"
    action :run
    not_if { ::File.exists?("/tmp/configured.jdk") }
end

# Set our debconf settings for oracle license
execute "echo debconf shared/accepted-oracle-license-v1-1 select true | debconf-set-selections; echo debconf shared/accepted-oracle-license-v1-1 seen true | debconf-set-selections;" do
    user "root"
    action :run
    not_if { ::File.exists?("/tmp/configured.jdk") }
end

#- Install JDK version based on the jdk_version attribute from attributes/default.rb
if ! node['java']['jdk_version'].nil?
    execute "apt-get install -y oracle-java#{node['java']['jdk_version']}-installer;" do
        user "root"
        action :run
        not_if { ::File.exists?("/tmp/configured.jdk") }
    end
else
    log "!!!! No JDK Version set in attributes !!!!";
end

#- A Guard to ensure we only execute this once
file '/tmp/configured.jdk'

Backup for One day old files

This should be verified as I may have inadvertently introduced a bug while I was ‘scrubbing’ this. I’m recycling some of my tricks/scripts/configs in the off chance that they are of use to someone besides me. For this one I needed a quick shell script to create a tar.gz backup file of anything modified or added since 1 day ago and cobbled this together to address the concept of ‘incremental’ backup capability.

#!/bin/bash
#-- ---------------------------------------------------- --#
#-- Desc..: backup script for any file 1 day old (assumes
#--         this is run in a scheduled job such as cron)
#-- Author: john.lawson@scriobha.im
#-- Date..: 03.18.2015
#-- Notes.: 
#-- ---------------------------------------------------- --#
#-- Configuration and initialization of values ------------#

DATEFORMAT=`date "+%F_%H-%M-%S"`
BACKUPFILENAME=data_${DATEFORMAT}-${ACTION}.tar.gz
SOURCEDIR=/var/logs
#-- -------------------------------------------------------#

echo '#---- Begin SiteDataBackup -------'

`find ${SOURCEDIR}/ -path ${SOURCEDIR}/[do not include] -prune -o -path ${SOURCEDIR}/[do not include2] -prune -o -newerct '1 day ago' -type f -print | xargs tar --null -zcpf $BACKUPFILENAME`

Google Failures

I know it’s childish and petty but I derive a lot of pleasure from the very few and far between occurrences of Google errors. The latest happened this morning when I received this for my searching efforts. I think it must be the perverse pleasure of seeing the mighty giant of perfect propriety and “200 OK” statuses throw a failure that rings my bell. Like I said, childish and petty, but still I chuckle quietly…

GoogleFail_20151006