John Fitzpatrick johnfitzpatrick
johnfitzpatrick
/ falco_Blacklisted_Containers.yaml
Created
October 7, 2019 13:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - rule: Blacklisted Containers | |
| desc: > | |
| Detect the initial process started by a container that is from a list of blacklisted containers. | |
| condition: container_started and container and blacklisted_containers | |
| output: Container started is blacklisted (user=%user.name command=%proc.cmdline %container.info image=%container.image.repository:%container.image.tag) | |
| priority: WARNING | |
| tags: [container, mitre_lateral_movement] | |
| - macro: blacklisted_containers | |
| condition: (container.name startswith 'k8s_actor_actor') |
johnfitzpatrick
/ plan.sh
Created
May 3, 2019 09:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pkg_name=sample_profile | |
| pkg_version=0.1.0 | |
| pkg_origin=originname | |
| pkg_deps=(chef/inspec) | |
| pkg_build_deps=(chef/inspec core/jq-static) | |
| pkg_svc_user=root | |
| pkg_license=Apache-2.0 | |
| do_before() { | |
| # Exit with error if not in the directory with 'inspec.yml'. |
johnfitzpatrick
/ habitat_plan_2.sh
Created
March 22, 2019 12:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pkg_name=national-parks | |
| pkg_origin=myorigin | |
| pkg_version="6.3.0" | |
| pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>" | |
| pkg_license=("Apache-2.0") | |
| pkg_deps=(core/tomcat8 core/jre8) | |
| pkg_build_deps=(core/jdk8/8u131 core/maven) | |
| pkg_svc_user="root" | |
| do_prepare(){ export JAVA_HOME=$(hab pkg path core/jdk8) ; } | |
| do_build() |
johnfitzpatrick
/ .bldr.toml
Created
March 22, 2019 12:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [nodejs_demo] | |
| plan_path = "nodejs_demo/habitat" |
johnfitzpatrick
/ haproxy_update.toml
Created
March 22, 2019 11:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [status] | |
| enabled = true |
johnfitzpatrick
/ nodjs_update.toml
Created
March 22, 2019 11:53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [css] | |
| background_color = 'green' |
johnfitzpatrick
/ nodejs_demo_0.2.0_plan.sh
Created
March 22, 2019 11:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pkg_name=nodejs_demo | |
| pkg_origin=myorigin | |
| pkg_version="0.2.0" | |
| pkg_scaffolding="core/scaffolding-node" | |
| pkg_exports=( | |
| [port]=app.port | |
| ) | |
| pkg_exposes=(port) |
johnfitzpatrick
/ docker-compose.yml
Last active
March 21, 2019 14:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| services: | |
| mongodb: | |
| image: core/mongodb | |
| command: --peer ${HOSTIP} | |
| environment: | |
| HAB_MONGODB: "[mongod.net]\nbind_ip = '0.0.0.0'\n[mongod.security]\ncluster_auth_mode = ''" | |
| national-parks01: | |
| image: MYORIGIN/national-parks:latest | |
| command: --peer mongodb --strategy at-once --bind database:mongodb.default |
johnfitzpatrick
/ install_hab
Created
March 5, 2019 11:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl https://raw.githubusercontent.com/habitat-sh/habitat/master/components/hab/install.sh | sudo bash |
johnfitzpatrick
/ default.toml
Created
March 4, 2019 18:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mongodb_database = "demo" | |
| [server] | |
| port = "8080" | |
| shutdown-port = "8005" | |
| redirect-port = "8443" | |