#!/bin/bash
set -euo pipefail
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
#!/bin/bash
# Helm commands
# Add repositories
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
# S3 bucket for static assets
resource "aws_s3_bucket" "assets" {
bucket = "${var.project_name}-assets-${var.environment}"
}
resource "aws_s3_bucket_versioning" "assets" {
#!/bin/bash
# Docker Compose commands
# Start all services
docker compose up -d
# Optimized production Dockerfile
# Stage 1: Dependencies
FROM node:20-alpine AS deps
WORKDIR /app
# Backend configuration with S3 + DynamoDB locking
terraform {
backend "s3" {
bucket = "company-terraform-state"
key = "services/web-app/terraform.tfstate"
region = "us-east-1"
#!/usr/bin/env bash
set -euo pipefail
cosign sign --key env://COSIGN_PRIVATE_KEY ghcr.io/example/codesnips:${GITHUB_SHA}
cosign verify --key env://COSIGN_PUBLIC_KEY ghcr.io/example/codesnips:${GITHUB_SHA}
#!/usr/bin/env bash
set -euo pipefail
certbot renew --quiet --deploy-hook "systemctl reload nginx"
openssl x509 -enddate -noout -in /etc/letsencrypt/live/example.com/fullchain.pem
apiVersion: apps/v1
kind: Deployment
metadata:
name: web-app
namespace: production
labels:
#!/usr/bin/env bash
tcpdump -i eth0 host 10.10.20.15 -w suspect-host.pcap
tcpdump -i eth0 port 443 and host api.example.com
tcpdump -i eth0 'tcp[tcpflags] & (tcp-syn|tcp-fin|tcp-rst) != 0'
# ConfigMap from literal values
apiVersion: v1
kind: ConfigMap
metadata:
name: web-app-config
namespace: production
#!/bin/bash
# Linux system administration commands
# === Process Management ===
ps aux # All processes
ps aux | grep nginx # Find specific process