Paco Hope pacohope

## make-periodic-delay.sh
#!/bin/sh
# make delay periodic
# Called interactively as non-root user who has permission to sudo(8)
#
# Invoke interactively this way: fetch -o - https://gist.githubusercontent.com/pacohope/599bb66594ed197c2a3e2d8bfafe3e56/raw/8853effe2a325abedfd95bdd02219238343ce966/make-periodic-delay.sh | sh
# then type sudo password once (if password is required)
#
# Inspired by this thread:
# https://forums.freebsd.org/threads/delay-or-stagger-running-of-periodic-scripts-randomly.69641/

## sort-photos.sh
#!/bin/bash
#
# Take a bunch of files, figure out the modification dates using stat(1), make a
# bunch of directories that correspond to YEAR/MONTH and then move all the files
# into those directories. E.g., FOO.JPG gets moved to 2018/05/FOO.JPG if its
# modification date is 2018-05-14
# This uses the MacOS syntax for stat(1)

# First, figure out and make all the necessary directories
stat -t "%Y/%m" *JPG | cut -d \" -f 8 | sort -u | xargs mkdir -p

## telegraf.conf
# Generic, basic /usr/local/etc/telegraf.conf file for FreeBSD
# Gathers some basic metrics and transmits them to cloudwatch
# Be sure to set the region below

[agent]
  interval = "10s"
  round_interval = true
  metric_batch_size = 1000
  metric_buffer_limit = 10000
  collection_jitter = "0s"

## FreeBSD-11-ec2-cloudwatch.md

      
              1 file
            
          
              1 fork
            
          
                0 comments
              
            
              5 stars
            
          
                pacohope
                / FreeBSD-11-ec2-cloudwatch.md
            
            
              Last active
              July 23, 2024 21:32
            
              
                FreeBSD 11 on AWS EC2, with CloudWatch Logs and EC2 Metrics
              
          
    Introduction

This is how you would create a livable FreeBSD instance on EC2 by hand. The smart thing to do is to automate most of these actions. But I do it this way so you can see and understand all the different techniques.
I want to create FreeBSD instances in EC2 and I want some of the management benefits that come from native AWS technologies like CloudWatch. It can be done, but it takes a bit of extra work because FreeBSD isn't Linux, and AWS doesn't directly support FreeBSD.
Prepping in AWS land

Before we go far, we will want some things setup in AWS IAM and VPC. I assume you have already created a VPC, decided what network numbers you're going to use, created a subnet and so on. If you haven't done those basic things, you need to go do them.
I also assume you've created an ssh key and uploaded it to your AWS account.

  
## reuse_agent.sh
# Reuse an existing ssh-agent on login, or create a new one. Append this to your .bashrc
# This version also handles the case where the agent exists but has no keys.


function agent() {
    GOT_AGENT=0
    DEFTEMP="/tmp"

    for FILE in $(find "${TMPDIR:-$DEFTEMP}/ssh-"* -type s -user ${LOGNAME} -name "agent.[0-9]*" 2>/dev/null)
    do

## fix-freebsd-update.sh
#!/bin/sh

# Fork of https://gist.github.com/thefloweringash/8729473
#
# freebsd-update is a clever script that downloads a lot of bsdiff
# patches and whole files when patches are not suitable. The result of
# this process is a collection of files in
# /var/db/freebsd-update/files. If the files already exist, it will
# not fetch them again.
#

## tight-bucket-policy.json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "DenyUnencryptedObjectUploads",
      "Effect": "Deny",
      "Principal": "*",
      "Action": "s3:PutObject",
      "Resource": [
        "arn:aws:s3:::BUCKETNAME/*",

## termcolours.sh
#!/bin/zsh
#
# I hate doing this. This is someone else's code. For a long time I didn't know who to credit. Now
# I do: https://stackoverflow.com/questions/27159322/rgb-values-of-the-colors-in-the-ansi-extended-colors-index-17-255
# It is by a user named adaephon (https://stackoverflow.com/users/2992551/adaephon)
#
function termcolors ()
{
    print TERM
    print -P "Foreground: >█<"

## bucket-exclusive.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowAllBasics",
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets",
                "s3:HeadBucket",
                "s3:ListObjects"

## policy-role.jq
def mapper(f):
  if type == "array" then map(f)
  elif type == "object" then
  . as $in
  | reduce keys[] as $key
      ({};
       [$in[$key] | f ] as $value
       | if $value | length == 0 then . else . + {($key): $value[0]}
         end)
  else .
	#!/bin/sh
	# make delay periodic
	# Called interactively as non-root user who has permission to sudo(8)
	#
	# Invoke interactively this way: fetch -o - https://gist.githubusercontent.com/pacohope/599bb66594ed197c2a3e2d8bfafe3e56/raw/8853effe2a325abedfd95bdd02219238343ce966/make-periodic-delay.sh \| sh
	# then type sudo password once (if password is required)
	#
	# Inspired by this thread:
	# https://forums.freebsd.org/threads/delay-or-stagger-running-of-periodic-scripts-randomly.69641/
	#!/bin/bash
	#
	# Take a bunch of files, figure out the modification dates using stat(1), make a
	# bunch of directories that correspond to YEAR/MONTH and then move all the files
	# into those directories. E.g., FOO.JPG gets moved to 2018/05/FOO.JPG if its
	# modification date is 2018-05-14
	# This uses the MacOS syntax for stat(1)

	# First, figure out and make all the necessary directories
	stat -t "%Y/%m" *JPG \| cut -d \" -f 8 \| sort -u \| xargs mkdir -p
	# Generic, basic /usr/local/etc/telegraf.conf file for FreeBSD
	# Gathers some basic metrics and transmits them to cloudwatch
	# Be sure to set the region below

	[agent]
	interval = "10s"
	round_interval = true
	metric_batch_size = 1000
	metric_buffer_limit = 10000
	collection_jitter = "0s"
	# Reuse an existing ssh-agent on login, or create a new one. Append this to your .bashrc
	# This version also handles the case where the agent exists but has no keys.


	function agent() {
	GOT_AGENT=0
	DEFTEMP="/tmp"

	for FILE in $(find "${TMPDIR:-$DEFTEMP}/ssh-"* -type s -user ${LOGNAME} -name "agent.[0-9]*" 2>/dev/null)
	do
	#!/bin/sh

	# Fork of https://gist.github.com/thefloweringash/8729473
	#
	# freebsd-update is a clever script that downloads a lot of bsdiff
	# patches and whole files when patches are not suitable. The result of
	# this process is a collection of files in
	# /var/db/freebsd-update/files. If the files already exist, it will
	# not fetch them again.
	#
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Sid": "DenyUnencryptedObjectUploads",
	"Effect": "Deny",
	"Principal": "*",
	"Action": "s3:PutObject",
	"Resource": [
	"arn:aws:s3:::BUCKETNAME/*",
	#!/bin/zsh
	#
	# I hate doing this. This is someone else's code. For a long time I didn't know who to credit. Now
	# I do: https://stackoverflow.com/questions/27159322/rgb-values-of-the-colors-in-the-ansi-extended-colors-index-17-255
	# It is by a user named adaephon (https://stackoverflow.com/users/2992551/adaephon)
	#
	function termcolors ()
	{
	print TERM
	print -P "Foreground: >█<"
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Sid": "AllowAllBasics",
	"Effect": "Allow",
	"Action": [
	"s3:ListAllMyBuckets",
	"s3:HeadBucket",
	"s3:ListObjects"
	def mapper(f):
	if type == "array" then map(f)
	elif type == "object" then
	. as $in
	\| reduce keys[] as $key
	({};
	[$in[$key] \| f ] as $value
	\| if $value \| length == 0 then . else . + {($key): $value[0]}
	end)
	else .