Skip to content

Instantly share code, notes, and snippets.

Avatar

Philip Schmid PhilipSchmid

View GitHub Profile
@PhilipSchmid
PhilipSchmid / RHEL_switch_RHN_to_Subscription.md
Created Apr 7, 2017
How to switch from RHN to Red Hat subscription-manager
View RHEL_switch_RHN_to_Subscription.md

How to switch from RHN to Red Hat subscription-manager

RHEL 6 Server

  1. Check if subscription-manager is installed. If not, install it via yum install subscription-manager.

  2. Delete host on the RHN site.

  3. "Unregister" host from RHN:

rm -rf /etc/sysconfig/rhn/systemid
@PhilipSchmid
PhilipSchmid / docker-compose.tmpl.yml
Created Aug 13, 2018
docker-compose.yml template which covers most of the configurations which are used from time to time
View docker-compose.tmpl.yml
version: "3.7"
services:
backend:
image: registry.example.com/my-example-docker-image:stable
restart: always
hostname: my-example-service.example.com
environment:
TZ: Europe/Zurich
env_file:
@PhilipSchmid
PhilipSchmid / nfs-server.md
Created Jun 18, 2018
How To Install A NFS Server
View nfs-server.md

How To Install A NFS Server

Based on CentOS 7.

Prerequisites

Disk

pvcreate /dev/sdb
vgcreate vg1-nfs /dev/sdb
lvcreate -l 100%FREE -n nfs vg1-nfs
@PhilipSchmid
PhilipSchmid / netflow.md
Created Dec 19, 2018
Cisco IPv4 and IPv6 Netflow Example Configuration (Nexus 5k)
View netflow.md
feature netflow

flow exporter elastic-exp
  description elasticsearch exporter
  destination 10.10.10.10 use-vrf XY
  transport udp 9995
  source Vlan123
  dscp 0
 version 9
View Firefox_CA_Truststore.md

Add CA certificates to the Firefox Truststore (via CLI)

Use the following commands to add CA certificates to the Firefox truststore via command line. Ensure Firefox is closed while running these commands! certutil comes with the installation of libnss3-tools.

certificateFileRoot="root.crt"
certificateNameRoot="Root CA"
certificateFileInter="intermediate.crt"
certificateNameInter="Intermediate CA"
# We use cert9.db and "sql:..." since cert8.db is in the legacy format
for certDB in $(find ~/.mozilla* -name "cert9.db")
View Firefox_Security_Device.md

Add Firefox Security Device (via CLI)

Use the following commands to add a security device module to Firefox. Ensure Firefox is closed while running these commands! modutil comes with the installation of libnss3-tools.

securityModuleDeviceName="My Awesome Module"
securityModulePath="/usr/lib/libBlaBla.so"
# We use cert9.db and "sql:..." since cert8.db is in the legacy format
for devicedDB in $(find  ~/.mozilla* -name "cert9.db")
do
 certDir=$(dirname ${devicedDB});
View traefik-docker-compose.tmpl.md

Let's Encrypt Traefik Docker Compose Example

version: "3.7"

services:
  lb:
    image: index.docker.io/traefik:v1.7.14-alpine
    hostname: traefik-webserver.example.com
 restart: unless-stopped
@PhilipSchmid
PhilipSchmid / nic-isolation-readme.md
Last active Apr 29, 2020
Automatically add Linux NIC to namespace at system boot (e.g. used for Ethernet USB dongles with dynamic identifier)
View nic-isolation-readme.md

Linux NIC to namespace (persisted via systemd service)

Save the file nic-isolation.service to /etc/systemd/system/nic-isolation.service.

Afterwards reload the systemd daemon and enable & start the "service":

sudo systemctl daemon-reload
sudo systemctl enable nic-isolation.service
sudo systemctl start nic-isolation.service
@PhilipSchmid
PhilipSchmid / k8s-rbac-example.yaml
Created Oct 23, 2020
A (more or less) complete RBAC example for Kubernetes
View k8s-rbac-example.yaml
---
# https://kubernetes.io/docs/concepts/policy/pod-security-policy/
# Attention: This PSP has quite some loose restrictions! Do not just copy & paste it!
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: example
spec:
allowPrivilegeEscalation: true
allowedCapabilities: