Below is a sample technical how-to guide that can be used to help structure your content.
This document is primarily intended as a reference or example. Your article does not need to follow this exactly. Please use this as a basic guideline as you plan your writing process.
| freebsd ~ # bastille zfs ALL df | |
| [11-3-jail]: | |
| NAME USED AVAIL REFER MOUNTPOINT COMPRESS RATIO | |
| storage/bastille/jails/11-3-jail 142M 3.81G 24.5K /usr/local/bastille/jails/11-3-jail lz4 1.59x | |
| storage/bastille/jails/11-3-jail/root 142M 3.81G 142M /usr/local/bastille/jails/11-3-jail/root lz4 1.59x | |
| [12-0-jail]: | |
| NAME USED AVAIL REFER MOUNTPOINT COMPRESS RATIO | |
| storage/bastille/jails/12-0-jail 148M 3.81G 24.5K /usr/local/bastille/jails/12-0-jail lz4 1.61x | |
| storage/bastille/jails/12-0-jail/root 148M 3.81G 148M /usr/local/bastille/jails/12-0-jail/root lz4 1.61x |
I hereby claim:
To claim this, I am signing this object:
| ishmael ~ # time bastille create bastille 11.2-RELEASE 10.0.0.1 | |
| Valid: (10.0.0.1). | |
| RELEASE: 11.2-RELEASE. | |
| NAME: bastille. | |
| IP: 10.0.0.1. | |
| bastille create bastille 11.2-RELEASE 10.0.0.1 0.02s user 0.25s system 99% cpu 0.265 total | |
| ishmael ~ # time bastille start bastille | |
| Targeting specified containers. |
| input { | |
| http { | |
| port => '8080' | |
| host => '10.0.0.8' | |
| type => 'hubble' | |
| user => 'username' | |
| password => 'made-up-password' | |
| } | |
| http { | |
| port => '8081' |
| ## You must also have either python-gitpython or | |
| ## python-pygit2 installed. (python-pygit2 is recommended) | |
| gitfs_remotes: | |
| - https://github.com/cedwards/hubblestack_data: | |
| - base: master | |
| fileserver_backend: | |
| - roots | |
| - git |
| interface = "lo1"; | |
| host.hostname = "$name"; | |
| ip4.addr = "172.16.0.$n"; | |
| path = "/jail/run/$name"; | |
| exec.prestart = "/sbin/zfs clone zroot/jail/template/10.2-RELEASE/root@10.2-RELEASE-p8 zroot/jail/run/$name && | |
| /usr/sbin/sysrc -f /jail/run/$name/etc/rc.conf hostname=$name && | |
| /usr/sbin/sysrc -f /jail/run/$name/etc/rc.conf sshd_enable=YES && | |
| /usr/sbin/sysrc -f /jail/run/$name/etc/rc.conf sshd_flags=\"-o ListenAddress=172.16.0.$n\" && | |
| /usr/sbin/pw -R /jail/run/$name useradd -n u01 -m -w random && | |
| /usr/sbin/pw -R /jail/run/$name lock root && |
| ################################################################################### | |
| ## Hubble is compliance automation. ## | |
| ## [https://hubblestack.io] ## | |
| ## ## | |
| ## visit https://github.com/hubblestack/hubble/releases to find your platform ## | |
| ## [as of 2018-02-01 `security.meltdown_spectre` is only in develop branch] ## | |
| ## [append to config to support cloning from develop ] ## | |
| ## [use args `verbose=True` and/or `-v` for super verbose output ] ## | |
| ##################################### DEMO ######################################## |
| # -*- coding: utf-8 -*- | |
| ''' | |
| Returns state event data for state.sls and state.highstate execution only using a tcp socket, this method of | |
| returning data can be used for Splunk or ELK. | |
| Each event sent represents a single state executed. | |
| It is strongly recommended to use the ``event_return_whitelist`` so not all | |
| events call this returner, for example: |
| [ERROR ] An un-handled exception was caught by salt's global exception handler: | |
| NameError: global name '__version__' is not defined | |
| Traceback (most recent call last): | |
| File "/usr/local/bin/hubble", line 11, in <module> | |
| load_entry_point('hubblestack==2.1.7', 'console_scripts', 'hubble')() | |
| File "/usr/local/lib/python2.7/site-packages/hubblestack/daemon.py", line 56, in run | |
| main() | |
| File "/usr/local/lib/python2.7/site-packages/hubblestack/daemon.py", line 79, in main | |
| run_function() | |
| File "/usr/local/lib/python2.7/site-packages/hubblestack/daemon.py", line 241, in run_function |