Skip to content

Instantly share code, notes, and snippets.

@genadipost
genadipost / nsupdate_GSS-TSIG.md
Last active October 10, 2024 16:00
nsupdate with active directory (GSS-TSIG)

kinit with a domain user:

kinit genadi@TEST.LOCAL

Ones you have a krbtgt you can run nsupdate in GSS-TSIG mode:

nsupdate -g
@genadipost
genadipost / psp.yaml
Last active October 14, 2021 13:32
aws_psp
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: ebs-csi-controller
spec:
privileged: true
allowPrivilegeEscalation: true
allowedCapabilities:
- '*'
volumes:
@genadipost
genadipost / release_tag_delete.sh
Created September 1, 2021 09:19
Delete tags and gh releases release
for i in $(seq 1 75)
do
gh release delete 0.0.$i --yes
git push --delete origin 0.0.$i
done
@genadipost
genadipost / foreman_ad_sso.md
Last active December 12, 2019 09:27
Foreman and Active Directory integration (Kerberos Single Sign-On)

This script installs and configures Foreman with Active Directory integration

What the script does:

  • Configures Active Directory as its name resolver
  • Using sssd and realmd the rhel server joins the AD domain (DNS record, computer account, host SPN created in the AD)
  • Using samba, HTTP spn is created in AD and a keytab that contains the HTTP principal
  • Foreman is installed with IPA/AD support, SSO is configured

Sources

@genadipost
genadipost / links.md
Last active December 21, 2018 22:57 — forked from g0t4/links.md
Starting Point Files for Jenkins2 Getting Started course
@genadipost
genadipost / Basic_Questions.md
Last active December 14, 2018 10:28
Basic_Questions.md
  • Say I open a web browser and enter an address. I hit enter. Describe how the connection the works in as much detail as possible. Create full workflow.
  • What’s a PTR in DNS?
  • What’s a MX record in DNS?
  • What is DNS split Horizon? When we will use it.
  • Show basic HTTP flow.
  • Describe how would you secure a web application
    • HTTP vs HTTPS
  • How SSL/TLS work. Show full workflow.
  • Explain PKI.
  • What is Server Name Indication (SNI), why its needed?

Vagrant - Single machine

  1. Run the default vagrant machine (vagrant init).
    Login into the machine.
    Destroy the machine.

  2. Update the vagrant file:
    Change box type to Centos 7.
    Run the machine.
    Login into the machine and check it out.

mkdir dependencies
mvn clean compile exec:java -Dmaven.repo.local=dependencies -U
mvn org.apache.maven.plugins:maven-dependency-plugin:go-offline -Dmaven.repo.local=dependencies
# version
mvn org.apache.maven.plugins:maven-dependency-plugin:2.8:go-offline -Dmaven.repo.local=dependencies
mvn org.apache.maven.plugins:maven-dependency-plugin:3.0.1:go-offline -Dmaven.repo.local=dependencies
mvn org.apache.maven.plugins:maven-dependency-plugin:3.0.2:go-offline -Dmaven.repo.local=dependencies
mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.1:go-offline -Dmaven.repo.local=dependencies
frontend https-in-7000
mode tcp
bind *:7000
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
acl cc req_ssl_sni -i foreman-client.localdomain
acl dd req_ssl_sni -i foreman-internal.localdomain
@genadipost
genadipost / foreman_proxy_install.md
Last active April 4, 2018 11:04
foreman proxy install
yum -y install https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm; \
yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm; \
yum -y install https://yum.theforeman.org/releases/1.15/el7/x86_64/foreman-release.rpm; \
yum -y install foreman-release-scl; \
yum -y install foreman-installer; \
echo "192.168.227.154 foreman1.test.local foreman1" >> /etc/hosts; \
echo "192.168.227.154 web-foreman.test.local" >> /etc/hosts; \
echo "192.168.227.156 proxy1.test.local proxy1" >> /etc/hosts; \