ESXi 6.5 | ESXi 6.7 | VMware Fusion 11 | Guest Description |
---|---|---|---|
CRXPod1-64 | VMware CRX Pod 1 | ||
CRXSys1-64 | VMware CRX Sys 1 | ||
amazonlinux2-64 | Amazon Linux 2 or higher, 64-Bit | ||
asianux3Guest | asianux3Guest | asianux3 | Asianux Server 3 |
asianux3_64Guest | asianux3_64Guest | asianux3-64 | Asianux Server 3, 64-Bit |
asianux4Guest | asianux4Guest | asianux4 | Asia Linux 4 |
asianux4_64Guest | asianux4_64Guest | as |
filter { | |
ruby { | |
path => 'flatten_nested_field.rb' | |
script_params => { | |
"source" => "observer" | |
"delimiter" => "." | |
} | |
} | |
} |
I've seen several posts on Reddit and other forums that say "oh you can use a grandstream phone with UniFi Talk and it's flawless". Unfortunately, I am not a VoIP engineer so it was not intuitive to me, but I got it to work. Here's how.
For this writeup, I'm using a Grandstream DP750 DECT base with a DP720 DECT wireless handset. I really wanted a wireless phone for general use in my house, but Ubiquiti doesn't make one, so I wanted to find a way. My goal is to setup UniFi Talk for my home phone solution and share a single phone number with a UniFi wired phone that sits on my office desk. As far as I know, you have to get a UniFi phone to do the initial Talk setup (though, in my tinkering, I noticed it's using a PostgreSQL database, you could probably bypass the initial setup if you knew what you were doing). I'm also using a UDM-Pro for my gateway.
Assuming your UDM-Pro management interface is on 192.168.1.1, your base station should be assigned an IP on a VL
export CERT_URL='https://dl.dod.cyber.mil/wp-content/uploads/pki-pke/zip/certificates_pkcs7_DoD.zip' | |
# Download & Extract DoD root certificates | |
cd ~/Downloads/ | |
/usr/bin/curl -LOJ ${CERT_URL} | |
/usr/bin/unzip -o $(basename ${CERT_URL}) | |
cd $(/usr/bin/zipinfo -1 $(basename ${CERT_URL}) | /usr/bin/awk -F/ '{ print $1 }' | head -1) |
The goal of this gist is to setup waypipe to automically run locally on user login and remotely when you connect to it. In both cases, this is managed by systemd user session and assumes that is running. This took way too long to figure out, so I hope it helps someone (or me) in the future.
Especially when developing new query logic, it's helpful to query elasticsearch from the command line.
If your Elasticsearch cluster uses SAML authentication or some other SSO, it's not simple or sometimes not even
possible to query using curl
directly. I wrote an auth plugin for HTTPie that should greatly simplify this process
if you have rights to create API keys via the Kibana dev console (talk to your administrator and see the link below).
This process is also super handy for shell scripting because you can provide fine-grained limits of what your API key can do, making their use much safer and easier to manage than embedding native realm username/passwords.
When trying to use newer versions of pip on a remote headless system, it requires keyring access, or will at least use it if present. When running poetry installed via pipx, it installs keyring and it all breaks. Here's how I fixed it today.
Install development headers (assumes build tools already installed).
sudo apt install -y libkeyutils-dev
Enter the bin dir for the poetry pipx environment and install the keyutils extension for keyring.
Podman now (well, for a while now) has support for secrets. RedHat has a blog about it. This is particularly useful to 1) maintain better compatibility with Kubernetes manifests and 2) keep your secrets out of your git commits!
So, what is not well documented (that I could find) is that you can use these secrets in a Kubernetes manifest to inject secrets into environment variables. To do this, you have to first base64 encode them as you would for an actual Kubernetes secret.
Here, I'm taking a YAML snippet, using yq
to make it to JSON, then using jq
to create a base64 encoded JSON. Finally, pass that to podman and tell it to create a secret called ec-creds
.
# Copyright 2014 Google Inc. All rights reserved. | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, |