zshrc | My zsh dotfiles - | Configuration Management library
kandi X-RAY | zshrc Summary
kandi X-RAY | zshrc Summary
My zsh dotfiles
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of zshrc
zshrc Key Features
zshrc Examples and Code Snippets
Community Discussions
Trending Discussions on zshrc
QUESTION
I am developing a simple blog engine in go using only the standard libraries (and the mysql driver 😁)
For the admin I am using Basic HTTP Auth
...ANSWER
Answered 2022-Apr-15 at 12:50When it comes down to storing credentials on a server or other runtime environment, you are somehow between the devil and the deep blue sea. There is no real good solution which is likewise usable.
Start asking yourself, what your threat model is.
- A: Secrets being persisted in version control, shared with others, or even worse, made public on GitHub etc.
- B: Secrets being exposed to unprivileged co-users of the runtime environment
- C: Secrets being exposed to privileged users of the runtime environment (including an attacker who compromised the system and was able to get privileged user rights).
Based on the threats defined, you can start assessing potential solutions to store and inject secrets. This will of course depend on your environment (e.g. OS, cloud provider, Kubernetes/Docker, etc.). In the following I will assume Linux as OS.
Pass in as parameter:
Would mitigate threat A, but not B and C. Command line arguments can be revealed even by unprivileged users e.g. by ps -eo args
Store in config file: Would mitigate threat B, given that file permissions are set correctly. With regard to A, there is still a risk that the config file is unintendedly added to the version control. Does not mitigate threat C.
If you would use e.g. json format for the config file, this could be implemented easily with the Golang standard lib.
Store in environment variables:
Would mitigate threats A and B, but not C. Privileged users can access the environment variables via /proc//environ. Also the question remains how you will set the environment variables in the runtime environment. If you are using a CI/CD pipeline to deploy your service, this pipeline could be used to inject the environment variables during deployment. Usually, the CI/CD engine come with some kind of variable store for secrets.
Drawback of this approach is that the environment variables will be ephemeral, so after a reboot of the runtime environment you would need to redeploy via the CI/CD pipeline or you need to ensure persistence of the secrets in the runtime environment, e.g. in a startup script.
Environment variables can be read easily with os.Getenv() or os.LookupEnv() from the standard lib.
Enter manually on start time: Would mitigate A and B, but privileged users would still be able to read the secrets from memory. Upon reboot of the runtime environment, the service will not be available until an operator enters the secrets manually. So this approach would probably be considered as impractical in many use cases.
Further considerations:
Storing secrets in a database as suggested by brianmac shifts the question to "Where to store my db credentials?"
Combining secret encryption with any of the solutions described above will require that the decryption key is made available to the service in the runtime environment. So you either need a TPM-based solution or you are faced with the question, where to store this key.
"Secrets as a Service" solutions like Hashicorp Vault, Azure Key Vault, AWS Secrets Manager etc. will probably be oversized in your scenarion. They provide centralized storage and management of secrets. Applications/services can retrieve secrets from this solution via a defined API.
This, however, requires authentication and authorization of the service requesting a secret. So we are back at the question how to store another secret for the service in there runtime environment.
Cloud providers try to overcome this by assigning the runtime environment an identity and authorizing this identity to access other cloud resources including the "Secret as a Service" solution. Usually only the designated runtime environment will be able to retrieve the credentials of the identity. However, nothing can prevent an privileged user who has access the runtime environment from using the identity to access the secrets.
Bottom line is that it is hard to impossible to store secrets in a way that a privileged user or someone who compromised the system will not be able to get access.
If you accept this as the residual risk, storing the secrets in environment variables is a good approach as it can avoid persisting secrets. It is also platform agnostic and thus can be used with any runtime environment, cloud provider etc. It can also be supported by a variety of automation and deployment tools.
QUESTION
My usual workflow for manually installing python modules doesn't work since I upgraded to python3.9 on my mac. Suppose I want to install a custom module called "myfiles" from the setup script, I do
...ANSWER
Answered 2022-Apr-01 at 13:55Use pip. pip install --user . will do the same thing. setup.py is deprecated.
QUESTION
I am trying to uninstall a zsh plugin (macos), I have modified the .zshrc file and removed macos from the plugin list, and deleted the macos file in path ~/.oh-my-zsh/plugins, but now when ever I initialize zsh, the following error always come out. How do I fix this?
error: you need to resolve your current index first plugins/macos/spotify: needs merge
ANSWER
Answered 2022-Mar-31 at 14:54Just reset it:
QUESTION
mac bigSur 11.6.4, zsh
Issue: I am trying to start postgres server via command "postgres". I am getting the following error "zsh command not found postres"
I installed postgres@12 via homebrew. I see postgresql@12 in /usr/local/var/
The only things in /usr/local/var are: homebrew, log, and postgresql@12
My .zshrc file looks like this as it stands
...ANSWER
Answered 2022-Mar-29 at 22:14You need to use homebrew's services command.
This will list available services (in case you have multiple postgres versions installed) and their statuses:
QUESTION
I just found that my zsh don't alert me when there's a runtime error. Can anyone help me?
...ANSWER
Answered 2022-Mar-20 at 17:00The error message you see is specific to the interactive shell, which detects that your program exit with a floating-point exception and reports it. It's not clear how to make a non-interactive shell report the error similarly, but it would be better to do such error-checking yourself. For example,
QUESTION
After installing nvm, it has been working normally until I need to use nvm to remotely connect to the server with python. There is no error or success in switching the node version, so I wrote a script on the server for testing:
test.py:
...ANSWER
Answered 2022-Mar-18 at 08:53The error is pretty clear: the system cannot find the nvm command. This is probably because the search path in the subprocess is different the the one in your shell.
The documentation gives the following recommendation about this:
Warning: For maximum reliability, use a fully-qualified path for the executable. To search for an unqualified name on
PATH, useshutil.which(). On all platforms, passingsys.executableis the recommended way to launch the current Python interpreter again, and use the-mcommand-line format to launch an installed module.Resolving the path of executable (or the first item of args) is platform dependent. (...)
You could also just change the command to include the full path. So something like:
QUESTION
I have extended_glob set in .zshrc.
This works as expected:
...ANSWER
Answered 2022-Mar-17 at 09:11You can use
QUESTION
I'm trying to get started with pyspark, but having some trouble. I have python 3.10 installed and an M1 MacBook Pro. I installed pyspark using the command:
...ANSWER
Answered 2021-Dec-02 at 17:46You need to setup JAVA_HOME and SPARK_DIST_CLASSPATH as well. You can download Hadoop from the main website https://hadoop.apache.org/releases.html
QUESTION
I ran the following commands in my foo project:
ANSWER
Answered 2021-Oct-17 at 23:00Upgrade by running flutter upgrade [check it out here] (update dart sdk for flutter)
QUESTION
I updated my macOS from Catalina to Monterey 12.2 a few days ago, and am no longer able to access Heroku from the command line (using zsh). Normally, running heroku login from the terminal will open Heroku in a web browser, and after logging in, I am able to run subsequent Heroku commands from the CLI.
Here's the input and error message I get:
...ANSWER
Answered 2022-Feb-02 at 16:25I solved the issue, though I'm still unclear on why that particular error message was showing up. Here's what I did:
I thought I might find answers in Heroku error logs on my computer. I couldn't use the heroku logs command, but I could search manually. Heroku's website says that these are located here ~/Library/Caches/heroku/error.log on macOS. But this directory didn't exist. There was no heroku folder in ~/Library/Caches/. I still had Heroku - which heroku correctly returned the path /usr/local/bin/heroku.
At this point I wondered whether the CleanMyMac X software I had used to clear storage space before updating my OS might have deleted the Heroku folder along with old error logs, and this might have prevented the program from opening?
Solution: I uninstalled the Heroku CLI based on instructions from Heroku's website:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install zshrc
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
