Skip to content

Instantly share code, notes, and snippets.

View TommyStarK's full-sized avatar
🎯
Focusing

Thomas Milox TommyStarK

🎯
Focusing
65 followers · 124 following
  • S3NS (Thales x Google)
View GitHub Profile
@TommyStarK
TommyStarK / git-repo-demo.yaml
Created January 21, 2021 13:30 — forked from tallclair/git-repo-demo.yaml
More secure GitRepo volumes
# Example of using an InitContainer in place of a GitRepo volume.
# Unilke GitRepo volumes, this approach runs the git command in a container,
# with the associated hardening.
apiVersion: v1
kind: Pod
metadata:
name: git-repo-demo
annotations:
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
spec:
@TommyStarK
TommyStarK / delete_git_submodule.md
Created January 18, 2021 18:18 — forked from myusuf3/delete_git_submodule.md
How effectively delete a git submodule.

To remove a submodule you need to:

  • Delete the relevant section from the .gitmodules file.
  • Stage the .gitmodules changes git add .gitmodules
  • Delete the relevant section from .git/config.
  • Run git rm --cached path_to_submodule (no trailing slash).
  • Run rm -rf .git/modules/path_to_submodule (no trailing slash).
  • Commit git commit -m "Removed submodule "
  • Delete the now untracked submodule files rm -rf path_to_submodule
@TommyStarK
TommyStarK / readme.md
Last active July 26, 2020 15:01
Git - fork migratory (upstream changed, new fork = new origin) 
$ git remote rename upstream old-upstream
$ git remote add upstream <repo_URL>
$ git remote rename origin old-origin
$ git remote add origin <fork_URL>
$ git push -u origin --all
$ git remote remove old-upstream
$ git remote remove old-origin
@TommyStarK
TommyStarK / readme.md
Created August 11, 2019 17:04
Linux firewall (docker swarm example with 3 vms)
  • on VM1 (node manager)
# communication between the nodes of a Docker Swarm or cluster. It only needs to be opened on manager nodes.
$ sudo ufw allow proto tcp from <VM2 IP> to <VM1 IP> port 2377    
$ sudo ufw allow proto tcp from <VM3 IP> to <VM1 IP> port 2377
# communication among nodes (container network discovery).
$ sudo ufw allow proto tcp to <VM1 IP> port 7946                                
$ sudo ufw allow proto udp to <VM1 IP> port 7946
@TommyStarK
TommyStarK / docker_container_iptables.md
Last active August 11, 2019 16:53
Docker container_iptables 
# drop all inbound/outbound packet for this specific interface#
$ iptables -I DOCKER-USER -i $interface -j DROP
# allow outbound packet for this specific interface
$ iptables -I DOCKER-USER -o $interface -j ACCEPT
@TommyStarK
TommyStarK / new_linux_user_with_ssh_access_and_docker_permissions_granted.md
Last active July 26, 2020 15:02
Create new user on linux with ssh access and grant docker permissions

Update words in capital letters with the proper values

$ ssh -p PORT ADMIN_USER@HOST
$ sudo groupadd USER
$ sudo useradd --home /home/USER --create-home --groups USER,docker --gid USER --shell /bin/bash USER
$ cd /home/USER
$ sudo mkdir .ssh
$ sudo cat USER_SSH_PUB_KEY >> .ssh/authorized_keys
$ sudo chown -R USER:USER .ssh