Skip to content

Instantly share code, notes, and snippets.

View gilangvperdana's full-sized avatar
🎓
Still Learning

Gilang Virga Perdana gilangvperdana

🎓
Still Learning
15 followers · 8 following
View GitHub Profile
@gilangvperdana
gilangvperdana / Securing a Proxmox exposed host.md
Created March 16, 2024 07:58 — forked from opentaq/Securing a Proxmox exposed host.md

How to secure a Proxmox exposed host

When you look for tutorials on how to install Proxmox, it always stops after the initial installation - which is quite dangerous, since it leaves a Proxmox host being exposed to the internet while listening to Ports 22 and 8006.

Heck, there is not even any SSH-hardening covered - your SSH is typically set to default values, which means: Password-authentication with the root account is perfectly possible. While you can mitigate some of these things by harding SSH or by installing fail2ban (which we will do anyhow), the host still exposes ports 22 and 8006.

For a secure system, these ports (and actually, apart from one single port ANY ports) have to be disabled. The only acceptable management access to the system should either happen via a Jumpserver or - if not available - via a direct VPN-connection.

In this gist, you find all the required steps to secure your Proxmox exposed host. This gist should work for any Proxmox host with - say - Hetzner, OVH or other vendor

@gilangvperdana
gilangvperdana / install-tmux.sh
Created February 8, 2024 07:22 — forked from pokev25/install-tmux.sh
Install tmux 2.8 on centos 7
# Install tmux 2.8 on Centos
# install deps
yum install gcc kernel-devel make ncurses-devel
# cd src
cd /usr/local/src
# DOWNLOAD SOURCES FOR LIBEVENT AND MAKE AND INSTALL
curl -LO https://github.com/libevent/libevent/releases/download/release-2.1.8-stable/libevent-2.1.8-stable.tar.gz
@gilangvperdana
gilangvperdana / Service KMS
Created December 18, 2023 01:07 — forked from judero01col/Service KMS
Volume License Activation Key Service - KMS
## Find Available Target Editions
DISM.exe /Online /Get-TargetEditions
## Convert Server Standard 2019 Evaluation to Server Standard 2019
DISM /online /Set-Edition:ServerStandard /ProductKey:N69G4-B89J2-4G8F4-WWYCC-J464C /AcceptEula
## How To Activate
slmgr /ipk XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
slmgr /skms [server]:[port]
slmgr /ato
@gilangvperdana
gilangvperdana / WSL-ssh-server.md
Created October 22, 2023 03:50 — forked from dentechy/WSL-ssh-server.md
A step by step tutorial on how to automatically start ssh server on boot on the Windows Subsystem for Linux

How to automatically start ssh server on boot on Windows Subsystem for Linux

Microsoft partnered with Canonical to create Bash on Ubuntu on Windows, running through a technology called the Windows Subsystem for Linux. Below are instructions on how to set up the ssh server to run automatically at boot.

  1. Edit the /etc/ssh/sshd_config file by running the command sudo vi /etc/ssh/sshd_config and do the following
    1. Change Port to 2222 (or any other port above 1000)
    2. Change PasswordAuthentication to yes. This can be changed back to no if ssh keys are setup.
  2. Restart the ssh server:
    • sudo service ssh --full-restart
  3. With this setup, the ssh server must be turned on every time you run Bash on Ubuntu on Windows, as by default it is off. Use this command to turn it on:
@gilangvperdana
gilangvperdana / python_telegram_bot_guide.md
Created September 5, 2023 09:27 — forked from tjtanjin/python_telegram_bot_guide.md
A short guide for hosting telegram bot on Ubuntu!

How to host a telegram bot on Ubuntu (18.04/20.04)

Introduction

This short guide will walk you through hosting your very own telegram bot on Ubuntu (tested on Ubuntu 18.04 and 20.04)!

Prerequisites

This guide assumes knowledge of the following:

1) Provisioning a VPS
2) Familiarity with SSH
3) Familiarity with linux command line
@gilangvperdana
gilangvperdana / echo-server.yaml
Created August 3, 2023 05:05 — forked from chanjarster/echo-server.yaml
istio gateway behind nginx with SSL termination
apiVersion: v1
kind: Namespace
metadata:
name: istio-test
labels:
istio-injection: enabled
---
apiVersion: v1
kind: Service
metadata:
@gilangvperdana
gilangvperdana / manifests.yaml
Created July 3, 2023 11:22 — forked from alexeldeib/manifests.yaml
CRICTL IMAGE CLEANUP on K8S
apiVersion: v1
kind: ConfigMap
metadata:
name: imagecleanupconfig
namespace: default
labels:
component: imagecleanup
data:
# removes all images unused by a running container
cronjobs: 0 0 * * * crictl rmi --prune 2>&1
@gilangvperdana
gilangvperdana / how-to-add-image-to-gist.md
Created June 21, 2023 04:43 — forked from mroderick/how-to-add-image-to-gist.md
How to add an image to a gist

How to add an image to a gist

  1. Create a gist if you haven't already.
  2. Clone your gist: 
    # make sure to replace `<hash>` with your gist's hash
git clone https://gist.github.com/<hash>.git # with https
git clone git@gist.github.com:<hash>.git     # or with ssh
@gilangvperdana
gilangvperdana / harbor.sh
Created June 15, 2023 02:23 — forked from kacole2/harbor.sh
Quick Start Harbor Installation Script on Ubuntu 18.04
#!/bin/bash
#Harbor on Ubuntu 18.04
#Prompt for the user to ask if the install should use the IP Address or Fully Qualified Domain Name of the Harbor Server
PS3='Would you like to install Harbor based on IP or FQDN? '
select option in IP FQDN
do
case $option in
IP)
@gilangvperdana
gilangvperdana / registry-minio.md
Created March 26, 2023 14:05 — forked from leanderjanssen/registry-minio.md
Docker Registry with Minio storage example

Running a docker registry with Minio S3 backend

Run minio in a container

docker run -d -p 9000:9000 --name minio minio/minio server /export

Use docker logs to retrieve access key and secret key from minio container

docker logs minio

Create config.yml for Docker Registry

This file will have to be mounted to /etc/docker/registry/config.yml