Skip to content

Instantly share code, notes, and snippets.

View FlorianHeigl's full-sized avatar

Florian Heigl FlorianHeigl

42 followers · 13 following
View GitHub Profile
@FlorianHeigl
FlorianHeigl / intel-no-ht
Created November 30, 2018 00:53
intel server disable hyperthreading
# display
syscfg /d biossettings "Intel(R) Hyper-Threading Tech"
# change
syscfg /bcs "" "Intel(R) Hyper-Threading Tech" 0
@FlorianHeigl
FlorianHeigl / check-mail-loop
Created December 3, 2018 11:23
cmk
#!/usr/bin/python
import time
import os
import sys
import smtplib
import poplib
import re
import random
@FlorianHeigl
FlorianHeigl / bacula-jobs
Created April 23, 2019 01:13
update fuer bastis plugin
#!/bin/sh
echo "<<<bacula_jobs:sep(9)>>>"
echo "Select JobId, Name, JobStatus, EndTime FROM Job WHERE EndTime BETWEEN NOW() - interval '30 days' AND NOW();" | sudo -u postgres psql --tuples-only bacula bacula
@FlorianHeigl
FlorianHeigl / inputrc
Created May 22, 2019 09:04
vi mode for bconsole etc
## enable vi mode on all readline programs
set editing-mode vi
#set keymap vi-command
set input-meta on
set output-meta on
set bell-style none
@FlorianHeigl
FlorianHeigl / pgist.sh
Created May 23, 2019 09:21 — forked from rubo77/create-gist.sh
Post GIST
#!/bin/bash
GITHUB_USERNAME=rubo77
if [[ "$1" == "" ]]; then
echo 'usage: gistfile-post.sh filename [gistname]'
exit 0
fi
# 0. file name for the Gist
@FlorianHeigl
FlorianHeigl / icinga.sh
Last active June 25, 2019 20:27 — forked from jpmens/icinga.sh
#!/bin/sh
OK=0
CRIT=2
tics=$(date +%s)
if [ "$tics" -gt 1561741200 -a "$tics" -lt 1561914000 ]; then
# From Friday 17:00Z to Sunday: STFU
echo "OK - Please do not disturb; party in progress"
exit $OK
@FlorianHeigl
FlorianHeigl / tplink_lldp.py
Last active August 26, 2019 13:02
cleanup
@FlorianHeigl
FlorianHeigl / omd-tuning.sh
Last active February 29, 2024 10:46
omd tuning script
#!/usr/bin/env bash
# License: BSD
# Author: Florian Heigl
set -eu
# variablen ziehen falls nicht da
SITECFG=~/etc/omd/site.conf
test -r $SITECFG && bash -eun $SITECFG && source $SITECFG
@FlorianHeigl
FlorianHeigl / bash-leap15.sh
Created November 24, 2019 17:58
refactored base.sh for https://github.com/mrlesmithjr/packer-templates/issues
#!/bin/bash
set -e
set -x
linux_identify_osfam() {
# The below is only specific to Fedora 22 as of right now. All other later
# versions do not have issues with facter.
if [[ ! -f /etc/os-release || -f /etc/redhat-release ]];then
os_name="$(awk '{ print $1 }' /etc/redhat-release | sed 's/"//g')"
@FlorianHeigl
FlorianHeigl / gist:55591d832328049950ac3b2cce816984
Last active December 3, 2019 12:30

We have created a Rudder policy that covers all OS that we support at our customers, or that will be coming around (i.e. beta of a new version).
For our managed systems, it covers distro-/OS-specific settings with a generic rule that “what makes sense everywhere, will be applied everywhere”. For human eyes, it needs to have a clear design that eases understanding and maintenance.

experiences

A rough description how to approach building a hardening policy, anyway.