Philip Schmid PhilipSchmid
PhilipSchmid
/ RHEL_switch_RHN_to_Subscription.md
Created Apr 7, 2017
How to switch from RHN to Red Hat subscription-manager
View RHEL_switch_RHN_to_Subscription.md
How to switch from RHN to Red Hat subscription-manager
RHEL 6 Server
-
Check if
subscription-manageris installed. If not, install it viayum install subscription-manager. -
Delete host on the RHN site.
-
"Unregister" host from RHN:
rm -rf /etc/sysconfig/rhn/systemid
PhilipSchmid
/ docker-compose.tmpl.yml
Created Aug 13, 2018
docker-compose.yml template which covers most of the configurations which are used from time to time
View docker-compose.tmpl.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: "3.7" | |
| services: | |
| backend: | |
| image: registry.example.com/my-example-docker-image:stable | |
| restart: always | |
| hostname: my-example-service.example.com | |
| environment: | |
| TZ: Europe/Zurich | |
| env_file: |
View nfs-server.md
How To Install A NFS Server
Based on CentOS 7.
Prerequisites
Disk
pvcreate /dev/sdb
vgcreate vg1-nfs /dev/sdb
lvcreate -l 100%FREE -n nfs vg1-nfs
PhilipSchmid
/ netflow.md
Created Dec 19, 2018
Cisco IPv4 and IPv6 Netflow Example Configuration (Nexus 5k)
View netflow.md
feature netflow
flow exporter elastic-exp
description elasticsearch exporter
destination 10.10.10.10 use-vrf XY
transport udp 9995
source Vlan123
dscp 0
version 9
PhilipSchmid
/ Firefox_CA_Truststore.md
Last active Dec 20, 2018
View Firefox_CA_Truststore.md
Add CA certificates to the Firefox Truststore (via CLI)
Use the following commands to add CA certificates to the Firefox truststore via command line. Ensure Firefox is closed while running these commands! certutil comes with the installation of libnss3-tools.
certificateFileRoot="root.crt"
certificateNameRoot="Root CA"
certificateFileInter="intermediate.crt"
certificateNameInter="Intermediate CA"
# We use cert9.db and "sql:..." since cert8.db is in the legacy format
for certDB in $(find ~/.mozilla* -name "cert9.db")
PhilipSchmid
/ Firefox_Security_Device.md
Created Dec 20, 2018
View Firefox_Security_Device.md
Add Firefox Security Device (via CLI)
Use the following commands to add a security device module to Firefox. Ensure Firefox is closed while running these commands! modutil comes with the installation of libnss3-tools.
securityModuleDeviceName="My Awesome Module"
securityModulePath="/usr/lib/libBlaBla.so"
# We use cert9.db and "sql:..." since cert8.db is in the legacy format
for devicedDB in $(find ~/.mozilla* -name "cert9.db")
do
certDir=$(dirname ${devicedDB});
PhilipSchmid
/ traefik-docker-compose.tmpl.md
Last active Aug 27, 2019
View traefik-docker-compose.tmpl.md
Let's Encrypt Traefik Docker Compose Example
version: "3.7"
services:
lb:
image: index.docker.io/traefik:v1.7.14-alpine
hostname: traefik-webserver.example.com
restart: unless-stopped
PhilipSchmid
/ nic-isolation-readme.md
Last active Apr 29, 2020
Automatically add Linux NIC to namespace at system boot (e.g. used for Ethernet USB dongles with dynamic identifier)
View nic-isolation-readme.md
Linux NIC to namespace (persisted via systemd service)
Save the file nic-isolation.service to /etc/systemd/system/nic-isolation.service.
Afterwards reload the systemd daemon and enable & start the "service":
sudo systemctl daemon-reload
sudo systemctl enable nic-isolation.service
sudo systemctl start nic-isolation.service
PhilipSchmid
/ k8s-rbac-example.yaml
Created Oct 23, 2020
A (more or less) complete RBAC example for Kubernetes
View k8s-rbac-example.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # https://kubernetes.io/docs/concepts/policy/pod-security-policy/ | |
| # Attention: This PSP has quite some loose restrictions! Do not just copy & paste it! | |
| apiVersion: policy/v1beta1 | |
| kind: PodSecurityPolicy | |
| metadata: | |
| name: example | |
| spec: | |
| allowPrivilegeEscalation: true | |
| allowedCapabilities: |
OlderNewer