Providing remote access to applications and systems requires secure routing to the destination and credentials to authenticate the user. Traditionally, you achieve this using a Virtual Private Network (VPN) or a Bastion server to bridge into the private network. Credentials are generally provided individually, created as part of a manual process, and with password rotation on a best-intention basis. This is problematic as access is usually too broad, difficult to audit, and complex to maintain.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh -e | |
| echo "[$(date +%T)] Deregister boundary worker" | |
| # Read the worker id from the file written on startup | |
| worker_id=$(cat ./worker_id) | |
| # Base url for the HCP cluster | |
| base_url="https://${cluster_id}.boundary.hashicorp.cloud/v1" | |
| auth_url="${base_url}/auth-methods/${auth_method_id}:authenticate" | |
| dereg_url="${base_url}/workers/${worker_id}" |
kawsark
/ vault-agent-pki
Last active
December 20, 2023 12:50
Vault Agent with PKI certificate rendering
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Configure variables | |
| These variables will be used for this snippet. Please substitute accordingly. | |
| ```bash | |
| export RootCAName="root_ca" | |
| export InterCAName="inter_ca" | |
| export CommonName="hashidemos.io" | |
| export InterCommonName="inter.hashidemos.io" | |
| export Root_CA_ttl="730h" | |
| export Inter_CA_ttl="350h" | |
| export Cert_ttl="8h" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| locals { | |
| app_services = [ | |
| { | |
| kind = "Linux" | |
| sku = { | |
| tier = "Standard" | |
| size = "S1" | |
| } | |
| }, | |
| { |
mimoo
/ compress_tar_gzip.go
Last active
March 5, 2024 03:53
How to compress a folder in Golang using tar and gzip (works with nested folders)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "archive/tar" | |
| "bytes" | |
| "compress/gzip" | |
| "fmt" | |
| "io" | |
| "os" | |
| "path/filepath" |
michaljemala
/ tls-client.go
Last active
April 10, 2024 01:57
SSL Client Authentication Golang sample
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "crypto/tls" | |
| "crypto/x509" | |
| "flag" | |
| "io/ioutil" | |
| "log" | |
| "net/http" | |
| ) |
ryanfitz
/ golang-nuts.go
Created
December 2, 2012 22:45
two ways to call a function every 2 seconds
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "time" | |
| ) | |
| // Suggestions from golang-nuts | |
| // http://play.golang.org/p/Ctg3_AQisl |