cecilemuller

language: node_js
node_js:
  - '6.9.1'
  - '7.0.0'
sudo: false

addons:
  apt:
    packages:
      - xvfb

chalfant

#!/usr/bin/env ruby

# Implement CIS Benchmarks for AWS Section 3.x

# Details on each benchmark from https://benchmarks.cisecurity.org/downloads/show-single/?file=awsfoundations.100

# name should be in camelcase since we'll use it for filter and alarm names
filters = [
  {
    benchmark: '3.1',

maxvt

Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.

This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.

There is a companion feature matrix of various tools. Comments are welcome in the same manner.

abeyt

echo "ttyS0" >> /etc/securetty

vi /etc/default/grub
# Add console=ttyS0 to the end of kernel line(s) "GRUB_CMDLINE_LINUX"
grub2-mkconfig -o /boot/grub2/grub.cfg
reboot
#vi /etc/sysconfig/init
# Edit ACTIVE_CONSOLES to look like:
#ACTIVE_CONSOLES="/dev/tty[1-6] /dev/ttyS0"

rutger1140

# /etc/httpd/modsecurity.d/wordpress.conf

# This has to be global, cannot exist within a directory or location clause
SecAction phase:1,log,pass,initcol:ip=%{REMOTE_ADDR},initcol:user=%{REMOTE_ADDR},id:1

<Location /wp-login.php>
    # Setup brute force detection.

    # React if block flag has been set.
    SecRule user:bf_block "@gt 0" "deny,status:401,log,msg:'ip address blocked for 60 minutes, more than 15 login attempts in 3 minutes.',id:2"

markharwood

//This function was used in my test rig to convert elasticsearch results to a KML structure which is
// later fed to an iFrame wrapping the GoogleEarth plugin

var data=[];
var buckets=inData.aggregations.map.buckets;

function addCommas(nStr)
{
    nStr += '';

marcusphi

---
# This has been tested with ansible 1.3 with these commands:
#   ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts isFirstRun=false"
#   ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts isFirstRun=true"
#   ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts"
# NB: The type of the variable is crucial!

- name: Ansible Conditionals Examples
  hosts: $hosts
  vars_files:

shevron

Copyright (c) 2015, Shahar Evron
All rights reserved.

Redistribution and use in source and binary forms, with or without modification, 
are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this 
list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, 

marktheunissen

This playbook has been removed as it is now very outdated.

lavoiesl

#!/bin/bash
# Export some ENV variables so you don’t have to type anything
export AWS_ACCESS_KEY_ID='my-key-id'
export AWS_SECRET_ACCESS_KEY='my-secret'
export PASSPHRASE='my-gpg-key-passphrase'

GPG_KEY='my-gpg-pub-id'

# The source of your backup
SOURCE=/