• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Search

default

AWS ELB SSL Listener

January 31, 2022

Here’s how to update SSL certificates to AWS ELB.

Import SSL certificate

aws acm import-certificate \
--certificate fileb://example.crt \
--private-key fileb://example.key \
--certificate-chain fileb://example-bundle.crt \
--tags Key=Name,Value=mydomain.com_20220107 \
--profile default

aws acm import-certificate \ --certificate fileb://example.crt \ --private-key fileb://example.key \ --certificate-chain fileb://example-bundle.crt \ --tags Key=Name,Value=mydomain.com_20220107 \ --profile default

Add SSL to a listener.

aws elbv2 add-listener-certificates \
--listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \
--certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \
--profile default

aws elbv2 add-listener-certificates \ --listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \ --certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \ --profile default

Modify listener. Set SSL certificate as default.

aws elbv2 modify-listener \
--listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \
--certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \
--profile default

aws elbv2 modify-listener \ --listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \ --certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \ --profile default

Remove SSL from a listener.

aws elbv2 remove-listener-certificates \
--listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \
--certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \
--profile default

aws elbv2 remove-listener-certificates \ --listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \ --certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \ --profile default

Filed Under: Linux Tagged With: add, aws, certificate, default, elb, listener, remove, ssl

AWS Set Profile

November 7, 2021

If you find yourself using a named profile for every awscli command, you can set it temporarily.

Listing a bucket with a named profile.

aws s3 ls --profile=yourprofile

aws s3 ls --profile=yourprofile

If you set AWS_PROFILE, you can then list a bucket without a named profile.

export AWS_PROFILE=yourprofile
aws s3 ls

export AWS_PROFILE=yourprofile aws s3 ls

After you are done, you can reset it back to default.

export AWS_PROFILE=default

export AWS_PROFILE=default

Filed Under: Cloud Tagged With: aws, AWS_PROFILE, default, export, profile, s3, set

SSSD Override Shell

July 25, 2021

If you have SSSD running and the default shell is ksh even with the default shell set to bash.

Here’s the fix to override the default shell in /etc/sssd/sssd.conf. Add override_shell.

default_shell = /bin/bash
override_shell = /bin/bash

default_shell = /bin/bash override_shell = /bin/bash

To check which shell you are using.

echo $SHELL
/bin/bash

echo $SHELL /bin/bash

Filed Under: Linux Tagged With: default, override, shell, sssd

GCP Add New Route

March 2, 2021

Here’s how to add a new route in Google Cloud Platform.

gcloud compute routes create name-of-new-route \
  --destination-range=200.20.0.0/15 \
  --next-hop-gateway=default-internet-gateway \
  --project=host-project \
  --network="default" \
  --priority=900

gcloud compute routes create name-of-new-route \ --destination-range=200.20.0.0/15 \ --next-hop-gateway=default-internet-gateway \ --project=host-project \ --network="default" \ --priority=900

Filed Under: Cloud Tagged With: add, default, gateway, gcp, network, new, route

Change Default Editor

July 28, 2020

Ubuntu and Linux Mint use nano as their default editor. You’ll see it if you try to edit crontab or visudo. Now, there’s nothing wrong with nano, but I prefer using vim instead. Here’s how to change the default editor.

sudo update-alternatives --config editor

sudo update-alternatives --config editor

You’ll be prompted to change the default editor.

There are 4 choices for the alternative editor (providing /usr/bin/editor).
 
  Selection    Path                Priority   Status
------------------------------------------------------------
  0            /bin/nano            40        auto mode
  1            /bin/ed             -100       manual mode
  2            /bin/nano            40        manual mode
* 3            /usr/bin/vim.basic   30        manual mode
  4            /usr/bin/vim.tiny    15        manual mode
 
Press <enter> to keep the current choice[*], or type selection number:

There are 4 choices for the alternative editor (providing /usr/bin/editor). Selection Path Priority Status ------------------------------------------------------------ 0 /bin/nano 40 auto mode 1 /bin/ed -100 manual mode 2 /bin/nano 40 manual mode * 3 /usr/bin/vim.basic 30 manual mode 4 /usr/bin/vim.tiny 15 manual mode Press <enter> to keep the current choice[*], or type selection number:

Type 3 to choose vim basic.

Filed Under: Linux Tagged With: change, default, editor, set

  • Home
  • About
  • Search

Copyright © 2023