Expires: [When does the signed cert expire?]
Keystore password: OMITTED
Copied from: http://www.entrust.net/knowledge-base/technote.cfm?tn=8898
This presumes your signing authority provided a .crt and .key file.
David Norman deekayen
🏡
deekayen
/ saml-list-all.sh
Last active
November 9, 2020 17:22
List all services used in AWS with aws-list-all python pip package.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/zsh | |
| saml2aws exec 'aws-list-all query --parallel 1 --region us-east-1 | grep "+++" | cut -d" " -f2 | sort | uniq' |
deekayen
/ .gitlab-ci.yml
Created
October 22, 2020 02:34
Lint Ansible using GitLab Runners in kubernetes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| default: | |
| image: | |
| name: cytopia/ansible:latest-tools | |
| entrypoint: ["/bin/sh", "-c"] | |
| tags: | |
| - kubernetes | |
| ansible-lint: |
deekayen
/ .gitlab-ci.yml
Created
August 3, 2020 21:22
Build a Docker container and then scan it with Aquasec Trivy in GitLab CI. Fail for HIGH and CRITICAL findings.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trivy: | |
| tags: | |
| - kubernetes | |
| stage: test | |
| image: docker:stable | |
| services: | |
| - name: docker:dind | |
| entrypoint: ["env", "-u", "DOCKER_HOST"] | |
| command: ["dockerd-entrypoint.sh"] | |
| variables: |
deekayen
/ Preferences.sublime-settings
Created
August 3, 2020 15:07
Sublime Text settings for dnorman-macbook
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Show hidden characters
| { | |
| "color_scheme": "Packages/Theme - Monokai Pro/Monokai Pro (Filter Spectrum).sublime-color-scheme", | |
| "default_line_ending": "unix", | |
| "ensure_newline_at_eof_on_save": true, | |
| "fallback_encoding": "UTF-8", | |
| "font_face": "Source Code Pro", | |
| "font_size": 16, | |
| "ignored_packages": | |
| [ | |
| "Vintage" |
deekayen
/ blacklist.txt
Last active
May 12, 2020 14:38
pihole list backup. doesn't include youtube filtering from https://discourse.pi-hole.net/t/use-dns-to-force-youtube-into-restricted-mode-and-pi-hole/1996/10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| googleads.g.doubleclick.net | |
| fw.adsafeprotected.com | |
| pagead2.googlesyndication.com | |
| tpc.googlesyndication.com | |
| s0.2mdn.net | |
| cooper.logs.roku.com | |
| austin.logs.roku.com | |
| giga.logs.roku.com | |
| scribe.logs.roku.com | |
| adclick.g.doubleclick.net |
deekayen
/ prisma_alerts.sh
Last active
March 3, 2020 18:25
Curl the Redlock Prism Cloud API to get alerts from last week then POST them into a Splunk HTTP event collector for alternate archival and analysis. Note the date calculation appends 3 digits of milliseconds from microtime for a total 13 digital epoch value.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # For Mac, date is BSD based. We like GNU date parsing, | |
| # which comes with sideloading date as a renamed gdate util. | |
| # Use Homebrew to install some utilities: https://brew.sh | |
| # brew install coreutils jq | |
| ###################### | |
| # SET VALUES FOR THESE |
deekayen
/ prisma_alerts_jenkins.sh
Last active
March 3, 2020 18:20
Jenkins/EL7 version of the Prisma Alerts to Splunk bridge bash script.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # For EL7: | |
| # yum install curl jq | |
| ###################### | |
| # SET VALUES FOR THESE | |
| # Prisma Cloud config | |
| API="api2.prismacloud.io" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| ## Buffalo | |
| ## | |
| $the_cow = <<EOC; | |
| $thoughts | |
| $thoughts _.-````'-,_ | |
| _,.,_ ,-'` `'-.,_ | |
| /) ( '``-. | |
| (( ) ) `\\ | |
| \\) (_/ )\\ |
deekayen
/ .gitlab-ci.yml
Created
December 16, 2019 21:25
Example Gitlab runner CI configuration file that would do Ansible linting and secret discovery.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| ansible-lint: | |
| tags: | |
| - ansible | |
| script: | |
| - ansible-lint --version | |
| - git ls-files | grep yml | xargs ansible-lint --exclude=/home/gitlab-runner/.ansible/roles | |
| ansible-review: |