curl -sL https://get.rke2.io | sh
systemctl daemon-reload
systemctl start rke2-server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global | |
chroot /var/lib/haproxy | |
crt-base /etc/pki/tls/certs | |
daemon | |
group haproxy | |
log 127.0.0.1 local0 | |
maxconn 2000 | |
pidfile /var/run/haproxy.pid | |
stats socket /var/lib/haproxy/stats | |
tune.ssl.default-dh-param 2048 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
input { | |
file { | |
path => "/root/mult.log" | |
start_position => "beginning" | |
sincedb_path => "/dev/null" | |
codec => multiline{ | |
pattern => "^ -%{SPACE}%{TIMESTAMP_ISO8601}" | |
negate => true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
require 'erb' | |
require 'json' | |
require 'optparse' | |
require 'ostruct' | |
class ERBContext | |
def initialize(hash) | |
raise ArgumentError, 'hash must be a Hash object' unless hash.is_a?(::Hash) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Autostart Libvirt VM's created with Foreman | |
# /usr/share/foreman/config/hooks/host/managed/create/10_autostart_libvirt.sh | |
# Source: http://www.uberobert.com/autostart-libvirt-vms-in-foreman/ | |
. $(dirname $0)/hook_functions.sh | |
username='admin' | |
password='changeme' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
in puppet.conf add (not needed in recent puppet versions, 3.5+ or something): | |
cadir = $ssldir/ca { mode = 775 } | |
cacert = $cadir/ca_crt.pem { mode = 664 } | |
csrdir = $cadir/requests { mode = 775 } | |
signeddir = $cadir/signed { mode = 775 } | |
in apache site add (change /etc/puppet/ssl to your ssldir path): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Bind SSL port with PFS-enabling cipher suite | |
bind :443 ssl crt path_to_certificate no-tls-tickets ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA384:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:!MD5:!aNULL:!DH:!RC4 | |
# Distinguish between secure and insecure requests | |
acl secure dst_port eq 443 | |
# Mark all cookies as secure if sent over SSL | |
rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure | |
# Add the HSTS header with a 1 year max-age |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# Aside from removing Ruby on Rails specific code this is taken verbatim from | |
# mislav's git-deploy (http://github.com/mislav/git-deploy) and it's awesome | |
# - Ryan Florence (http://ryanflorence.com) | |
# | |
# Install this hook to a remote repository with a working tree, when you push | |
# to it, this hook will reset the head so the files are updated | |
if ENV['GIT_DIR'] == '.' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
####################################################################################################################### | |
# This Gist is some crib notes/tests/practice/whatever for talking to Active Directory via LDAP. The (surprisingly | |
# helpful) documentation for Net::LDAP can be found here: http://net-ldap.rubyforge.org/Net/LDAP.html | |
####################################################################################################################### | |
require 'rubygems' | |
require 'net/ldap' | |
####################################################################################################################### | |
# HELPER/UTILITY METHOD |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
input { | |
file { | |
type => "rodslog" | |
start_position => beginning | |
debug => true | |
sincedb_path => "/root/logstash/.sincedb" | |
path => [ "/root/logstash/logs/eu/var/log/irods/rodsLog.*" ] | |
} | |
} |
NewerOlder