SHIFT-WIKI - Sjoerd Hooft's InFormation Technology
This WIKI is my personal documentation blog. Please enjoy it and feel free to reach out through blue sky if you have a question, remark, improvement or observation. See below for the latest additions, or use the search or tags to browse for content.
Terraform AWS WebServer
Summary: This is a terraform deployment for an EC2 instance with a security group and the loading of user data.
Date: Around 2021
Refactor: 26 January 2025: Checked links and formatting.
- Create a EC2 web server and output the public IP
- Create a security group for the webserver opening port 80 and 443
- Run a script (user data) on the webserver
Terraform and AWS IAM
Summary: IAM policies can be troublesome to configure with terrafom, but luckily you can use the AWS web console to configure the policy with all the permissions you need. Read on to find out how to deploy them with terraform.
Date: Around 2019
Refactor: 13 January 2025: Checked links and formatting.
When working with policies it's best to create the JSON policy file using the console. You can go to IAM, go to policies, create a policy, configure it, and when you've added all the permissions you need, go to the JSON tab.
We'll use this one as an example, a policy that allows all EC2 actions:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "ec2:*",
"Resource": "*"
}
]
}
Terraform - How to get started
Summary: In this post I'll show you how to prepare your Windows desktop to work with terraform for both Azure and AWS. I will also explain the most common terraform commands and terminology and show you how to apply these.
Date: Around 2019
Refactor: 11 January 2025: Checked links, formatting and split up some content to different files.
Refactor: 24 February 2025: Added another terraform import example
Script: Bash: TDS LDAP Restore
Summary: How to restore data into Tivoli Directory Server.
Date: Around 2010
Refactor: 29 April 2025: Checked links and formatting.
Below you'll find a script I've used to restore LDAP data which was backup with this script: Script: Bash: TDS LDAP Backup.
#!/bin/bash #set -x ### Export HOME and APP Settings export LDAP_INSTANCE=idsfop export LDAP_HOME=/opt/IBM/ldap/V6.0 export LDAPSEARCH="${LDAP_HOME}/bin/ldapsearch" export APPDIR=$LDAP_HOME ### Read LDAP Restore Instance Settings LDAPUSER1="cn=Directory Manager" LDAPBASE1="o=organization.nl" echo echo "Please provide Directory Admin DN [$LDAPUSER1]:" read LDAPUSER echo echo "Directory Admin password:" read LDAPPASS echo echo "Please provide application base DN [$LDAPBASE1]:" read LDAPBASE echo echo "Please provide password of db2 user account (UNIX):" read DB2PASS ### If LDAPUSER is empty then use default setting if [ -z "$LDAPUSER" ]; then LDAPUSER="$LDAPUSER1" echo "LDAP user being used = $LDAPUSER1" fi ### If LDAPBASE is empty then use default setting if [ -z "$LDAPBASE" ]; then LDAPBASE="$LDAPBASE1" echo "LDAP base being used = $LDAPBASE1" fi ### Get live DB2 Settings getConfigValueFromLdap() { $LDAPSEARCH -D "$LDAPUSER" -w $LDAPPASS -h localhost -s base -b "cn=Directory,cn=RDBM Backends,cn=IBM Directory,cn=Schemas,cn=Configuration" '(objectclass=*)' $1 | grep $1 | awk -F= '{ print $2 }' } echo DB2USER=`getConfigValueFromLdap ibm-slapdDbUserID` echo "DB2 User being used = $DB2USER" DB2INSTANCE=`getConfigValueFromLdap ibm-slapdDbInstance` echo "DB2 Instance being used = $DB2INSTANCE" LDAPDB=`getConfigValueFromLdap ibm-slapdDbName` echo "LDAP DB being used = $LDAPDB" DBLOCATION=`getConfigValueFromLdap ibm-slapdDbLocation` echo "DB Location = $DBLOCATION" ### Check for empty variables if [ -z "$DB2USER" -o -z "$DB2INSTANCE" -o -z "$LDAPDB" -o -z "$DBLOCATION" ]; then echo echo "`tput bold``tput smul`ERROR - Could not retreive configuration setting from LDAP, ABORTING!`tput sgr0`" echo echo "Possible causes: " echo " - incorrect credentials (Directory Admin)" echo " - incorrect application DN provided" echo " - Directory server not running or reachable" echo exit 1 fi restoreLdap() { echo "INFO - Stopping LDAP" echo ${APPDIR}/sbin/idsslapd -I $LDAP_INSTANCE -k echo "INFO -Removing suffix $LDAPBASE" echo ${APPDIR}/sbin/idsucfgsuf -I $LDAP_INSTANCE -n -s $LDAPBASE echo "INFO - Dropping instance $LDAP_INSTANCE" echo ${APPDIR}/sbin/idsucfgdb -I $LDAP_INSTANCE -n -r echo "INFO - Creating instance $LDAP_INSTANCE" echo ${APPDIR}/sbin/idscfgdb -I $LDAP_INSTANCE -n -a $DB2USER -l $DBLOCATION -t $LDAPDB -w $DB2PASS echo "INFO -Adding suffix $LDAPBASE" echo ${APPDIR}/sbin/idscfgsuf -I $LDAP_INSTANCE -n -s $LDAPBASE echo "INFO - Importing LDAP data..." echo ${APPDIR}/sbin/bulkload -I $LDAP_INSTANCE -i $LDIFFILE -a parse_and_load echo "INFO - Starting LDAP" echo ${APPDIR}/sbin/idsslapd -I $LDAP_INSTANCE } usageCommand() { echo echo "Usage $0 COMMAND:" echo "--------------------------------------" echo "`tput bold``tput smul`$0 restore "restorefile"`tput sgr0`" echo "--------------------------------------" echo } case "$1" in restore ) if [ ! -z "$2" ]; then if [ -f "$2" ]; then LDIFFILE=$2 echo "LDAP file being used = $LDIFFILE" restoreLdap else echo echo "The restorefile provided does not exist" echo "Please provide the full path to the restore file" echo usageCommand exit 1 fi else echo echo "Please provide the full path to the restore file" echo usageCommand exit 1 fi ;; * ) usageCommand exit 1 ;; esac echo echo "INFO - LDAP restore finished" echo
This wiki has been made possible by: