Skip to content

Instantly share code, notes, and snippets.

View abeyt's full-sized avatar
🌴
On vacation

abeyt

🌴
On vacation
View GitHub Profile
@cecilemuller
cecilemuller / .travis.yml
Last active September 1, 2019 18:27
Travis CI config to run headless Node tests via Xvfb
language: node_js
node_js:
- '6.9.1'
- '7.0.0'
sudo: false
addons:
apt:
packages:
- xvfb
@chalfant
chalfant / setup_monitoring.rb
Created June 7, 2016 12:57
Create monitoring metric filters and alarms for CIS Benchmarks for AWS
#!/usr/bin/env ruby
# Implement CIS Benchmarks for AWS Section 3.x
# Details on each benchmark from https://benchmarks.cisecurity.org/downloads/show-single/?file=awsfoundations.100
# name should be in camelcase since we'll use it for filter and alarm names
filters = [
{
benchmark: '3.1',
@maxvt
maxvt / infra-secret-management-overview.md
Last active February 28, 2024 20:53
Infrastructure Secret Management Software Overview

Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.

This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.

There is a companion feature matrix of various tools. Comments are welcome in the same manner.

@abeyt
abeyt / enable_serial_console.sh
Last active September 19, 2022 16:57 — forked from stefanozanella/enable_serial_console.sh
Enable serial console output in CentOS 7
echo "ttyS0" >> /etc/securetty
vi /etc/default/grub
# Add console=ttyS0 to the end of kernel line(s) "GRUB_CMDLINE_LINUX"
grub2-mkconfig -o /boot/grub2/grub.cfg
reboot
#vi /etc/sysconfig/init
# Edit ACTIVE_CONSOLES to look like:
#ACTIVE_CONSOLES="/dev/tty[1-6] /dev/ttyS0"
@rutger1140
rutger1140 / gist:a47d2aacab6cb5de68de
Created October 2, 2014 13:11
ModSecurity - block WordPress brute force hack attempts - Plesk 12
# /etc/httpd/modsecurity.d/wordpress.conf
# This has to be global, cannot exist within a directory or location clause
SecAction phase:1,log,pass,initcol:ip=%{REMOTE_ADDR},initcol:user=%{REMOTE_ADDR},id:1
<Location /wp-login.php>
# Setup brute force detection.
# React if block flag has been set.
SecRule user:bf_block "@gt 0" "deny,status:401,log,msg:'ip address blocked for 60 minutes, more than 15 login attempts in 3 minutes.',id:2"
@markharwood
markharwood / Convert aggs results to KML
Created February 26, 2014 11:33
Crime anomalies using significant terms aggregation (coming in 1.1)
//This function was used in my test rig to convert elasticsearch results to a KML structure which is
// later fed to an iFrame wrapping the GoogleEarth plugin
var data=[];
var buckets=inData.aggregations.map.buckets;
function addCommas(nStr)
{
nStr += '';
@marcusphi
marcusphi / ansible_conditionals_examples.yaml
Created October 2, 2013 09:48
Ansible 1.3 Conditional Execution -- Very complete example with comments -- I find the conditional expressions to be ridiculously hard to get right in Ansible. I don't have a good model of what's going on under the surface so I often get it wrong. What makes it even harder is that there has been at least three different variants over the course …
---
# This has been tested with ansible 1.3 with these commands:
# ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts isFirstRun=false"
# ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts isFirstRun=true"
# ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts"
# NB: The type of the variable is crucial!
- name: Ansible Conditionals Examples
hosts: $hosts
vars_files:
@shevron
shevron / LICENSE
Last active April 28, 2020 02:28
Send EC2 instance memory usage stats to CloudWatch using boto and IAM Roles
Copyright (c) 2015, Shahar Evron
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
@marktheunissen
marktheunissen / pedantically_commented_playbook.yml
Last active June 5, 2024 22:16 — forked from phred/pedantically_commented_playbook.yml
Insanely complete Ansible playbook, showing off all the options
This playbook has been removed as it is now very outdated.
@lavoiesl
lavoiesl / duplicity-backup.sh
Created May 3, 2012 00:44
Very low priority backup using duplicity
#!/bin/bash
# Export some ENV variables so you don’t have to type anything
export AWS_ACCESS_KEY_ID='my-key-id'
export AWS_SECRET_ACCESS_KEY='my-secret'
export PASSPHRASE='my-gpg-key-passphrase'
GPG_KEY='my-gpg-pub-id'
# The source of your backup
SOURCE=/