Skip to content

Instantly share code, notes, and snippets.

View gilangvperdana's full-sized avatar
🎓
Still Learning

Gilang Virga Perdana gilangvperdana

🎓
Still Learning
14 followers · 8 following
View GitHub Profile
@gilangvperdana
gilangvperdana / Securing a Proxmox exposed host.md
Created March 16, 2024 07:58 — forked from opentaq/Securing a Proxmox exposed host.md

How to secure a Proxmox exposed host

When you look for tutorials on how to install Proxmox, it always stops after the initial installation - which is quite dangerous, since it leaves a Proxmox host being exposed to the internet while listening to Ports 22 and 8006.

Heck, there is not even any SSH-hardening covered - your SSH is typically set to default values, which means: Password-authentication with the root account is perfectly possible. While you can mitigate some of these things by harding SSH or by installing fail2ban (which we will do anyhow), the host still exposes ports 22 and 8006.

For a secure system, these ports (and actually, apart from one single port ANY ports) have to be disabled. The only acceptable management access to the system should either happen via a Jumpserver or - if not available - via a direct VPN-connection.

In this gist, you find all the required steps to secure your Proxmox exposed host. This gist should work for any Proxmox host with - say - Hetzner, OVH or other vendor

@gilangvperdana
gilangvperdana / ubuntu-hardening.md
Created October 10, 2022 03:13 — forked from dfedorov-ciena/ubuntu-hardening.md
List of things for hardening Ubuntu

System Updates

http://bookofzeus.com/harden-ubuntu/initial-setup/system-updates/

Keeping the system updated is vital before starting anything on your system. This will prevent people to use known vulnerabilities to enter in your system.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get autoremove
sudo apt-get autoclean
@gilangvperdana
gilangvperdana / install-tmux.sh
Created February 8, 2024 07:22 — forked from pokev25/install-tmux.sh
Install tmux 2.8 on centos 7
# Install tmux 2.8 on Centos
# install deps
yum install gcc kernel-devel make ncurses-devel
# cd src
cd /usr/local/src
# DOWNLOAD SOURCES FOR LIBEVENT AND MAKE AND INSTALL
curl -LO https://github.com/libevent/libevent/releases/download/release-2.1.8-stable/libevent-2.1.8-stable.tar.gz
@gilangvperdana
gilangvperdana / nginx-minio-static.md
Last active December 19, 2023 00:58 — forked from harshavardhana/nginx-minio-static.md
How to configure static website using Nginx with MinIO ?

How to configure static website using Nginx with MinIO ?

1. Install nginx

2. Install minio

3. Install mc client

  • Add Minio
mc config host add <ALIAS> <YOUR-S3-ENDPOINT> <YOUR-ACCESS-KEY> <YOUR-SECRET-KEY>
mc config host list
@gilangvperdana
gilangvperdana / Service KMS
Created December 18, 2023 01:07 — forked from judero01col/Service KMS
Volume License Activation Key Service - KMS
## Find Available Target Editions
DISM.exe /Online /Get-TargetEditions
## Convert Server Standard 2019 Evaluation to Server Standard 2019
DISM /online /Set-Edition:ServerStandard /ProductKey:N69G4-B89J2-4G8F4-WWYCC-J464C /AcceptEula
## How To Activate
slmgr /ipk XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
slmgr /skms [server]:[port]
slmgr /ato
@gilangvperdana
gilangvperdana / WSL-ssh-server.md
Created October 22, 2023 03:50 — forked from dentechy/WSL-ssh-server.md
A step by step tutorial on how to automatically start ssh server on boot on the Windows Subsystem for Linux

How to automatically start ssh server on boot on Windows Subsystem for Linux

Microsoft partnered with Canonical to create Bash on Ubuntu on Windows, running through a technology called the Windows Subsystem for Linux. Below are instructions on how to set up the ssh server to run automatically at boot.

  1. Edit the /etc/ssh/sshd_config file by running the command sudo vi /etc/ssh/sshd_config and do the following
    1. Change Port to 2222 (or any other port above 1000)
    2. Change PasswordAuthentication to yes. This can be changed back to no if ssh keys are setup.
  2. Restart the ssh server:
    • sudo service ssh --full-restart
  3. With this setup, the ssh server must be turned on every time you run Bash on Ubuntu on Windows, as by default it is off. Use this command to turn it on:
@gilangvperdana
gilangvperdana / python_telegram_bot_guide.md
Created September 5, 2023 09:27 — forked from tjtanjin/python_telegram_bot_guide.md
A short guide for hosting telegram bot on Ubuntu!

How to host a telegram bot on Ubuntu (18.04/20.04)

Introduction

This short guide will walk you through hosting your very own telegram bot on Ubuntu (tested on Ubuntu 18.04 and 20.04)!

Prerequisites

This guide assumes knowledge of the following:

1) Provisioning a VPS
2) Familiarity with SSH
3) Familiarity with linux command line
@gilangvperdana
gilangvperdana / echo-server.yaml
Created August 3, 2023 05:05 — forked from chanjarster/echo-server.yaml
istio gateway behind nginx with SSL termination
apiVersion: v1
kind: Namespace
metadata:
name: istio-test
labels:
istio-injection: enabled
---
apiVersion: v1
kind: Service
metadata:
@gilangvperdana
gilangvperdana / manifests.yaml
Created July 3, 2023 11:22 — forked from alexeldeib/manifests.yaml
CRICTL IMAGE CLEANUP on K8S
apiVersion: v1
kind: ConfigMap
metadata:
name: imagecleanupconfig
namespace: default
labels:
component: imagecleanup
data:
# removes all images unused by a running container
cronjobs: 0 0 * * * crictl rmi --prune 2>&1
@gilangvperdana
gilangvperdana / how-to-add-image-to-gist.md
Created June 21, 2023 04:43 — forked from mroderick/how-to-add-image-to-gist.md
How to add an image to a gist

How to add an image to a gist

  1. Create a gist if you haven't already.
  2. Clone your gist: 
    # make sure to replace `<hash>` with your gist's hash
git clone https://gist.github.com/<hash>.git # with https
git clone git@gist.github.com:<hash>.git     # or with ssh