kinit with a domain user:
kinit genadi@TEST.LOCAL
Ones you have a krbtgt you can run nsupdate in GSS-TSIG mode:
nsupdate -g
genadipost
genadipost
/ nsupdate_GSS-TSIG.md
Last active
January 7, 2024 21:22
nsupdate with active directory (GSS-TSIG)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: policy/v1beta1 | |
| kind: PodSecurityPolicy | |
| metadata: | |
| name: ebs-csi-controller | |
| spec: | |
| privileged: true | |
| allowPrivilegeEscalation: true | |
| allowedCapabilities: | |
| - '*' | |
| volumes: |
genadipost
/ release_tag_delete.sh
Created
September 1, 2021 09:19
Delete tags and gh releases release
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for i in $(seq 1 75) | |
| do | |
| gh release delete 0.0.$i --yes | |
| git push --delete origin 0.0.$i | |
| done |
genadipost
/ foreman_ad_sso.md
Last active
December 12, 2019 09:27
Foreman and Active Directory integration (Kerberos Single Sign-On)
- Configures Active Directory as its name resolver
- Using sssd and realmd the rhel server joins the AD domain (DNS record, computer account, host SPN created in the AD)
- Using samba, HTTP spn is created in AD and a keytab that contains the HTTP principal
- Foreman is installed with IPA/AD support, SSO is configured
genadipost
/ links.md
Last active
December 21, 2018 22:57
— forked from g0t4/links.md
Starting Point Files for Jenkins2 Getting Started course
Link to these links: https://git.io/vKSVZ
Module 1:
- Run jenkins from war file:
jenkins -jar jenkins.war - Run jenkins from docker:
docker run -d \
--restart unless-stopped \
--name jenkins \
- Say I open a web browser and enter an address. I hit enter. Describe how the connection the works in as much detail as possible. Create full workflow.
- What’s a PTR in DNS?
- What’s a MX record in DNS?
- What is DNS split Horizon? When we will use it.
- Show basic HTTP flow.
- Describe how would you secure a web application
- HTTP vs HTTPS
- How SSL/TLS work. Show full workflow.
- Explain PKI.
- What is Server Name Indication (SNI), why its needed?
genadipost
/ Basic_Training.md
Last active
October 13, 2018 15:51
genadipost
/ maven_offline.txt
Created
June 2, 2018 16:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mkdir dependencies | |
| mvn clean compile exec:java -Dmaven.repo.local=dependencies -U | |
| mvn org.apache.maven.plugins:maven-dependency-plugin:go-offline -Dmaven.repo.local=dependencies | |
| # version | |
| mvn org.apache.maven.plugins:maven-dependency-plugin:2.8:go-offline -Dmaven.repo.local=dependencies | |
| mvn org.apache.maven.plugins:maven-dependency-plugin:3.0.1:go-offline -Dmaven.repo.local=dependencies | |
| mvn org.apache.maven.plugins:maven-dependency-plugin:3.0.2:go-offline -Dmaven.repo.local=dependencies | |
| mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.1:go-offline -Dmaven.repo.local=dependencies |
genadipost
/ foreman_haproxy
Created
April 10, 2018 23:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend https-in-7000 | |
| mode tcp | |
| bind *:7000 | |
| tcp-request inspect-delay 5s | |
| tcp-request content accept if { req_ssl_hello_type 1 } | |
| acl cc req_ssl_sni -i foreman-client.localdomain | |
| acl dd req_ssl_sni -i foreman-internal.localdomain |
yum -y install https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm; \
yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm; \
yum -y install https://yum.theforeman.org/releases/1.15/el7/x86_64/foreman-release.rpm; \
yum -y install foreman-release-scl; \
yum -y install foreman-installer; \
echo "192.168.227.154 foreman1.test.local foreman1" >> /etc/hosts; \
echo "192.168.227.154 web-foreman.test.local" >> /etc/hosts; \
echo "192.168.227.156 proxy1.test.local proxy1" >> /etc/hosts; \
NewerOlder