Skip to content

Instantly share code, notes, and snippets.

View medined's full-sized avatar

David Medinets medined

View GitHub Profile
medined / rbac-for-pod-security-policies.yaml
Created August 1, 2020 17:50
Initial Pod Security Policy Resources For Kubernetes
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
name: privileged
annotations: "*"
labels: EnsureExists
medined / ingress-controller-manifest.yaml
Last active August 1, 2020 15:21
Ingress Controller Installation For Kubernetes
apiVersion: v1
kind: Namespace
name: ingress-nginx
name: ingress-nginx
apiVersion: v1
kind: ServiceAccount
You can use `kubectl` as a reverse proxy so that it handles locating the API server and
authentication. It can run in the background but I like to use the foreground to make it easy
to stop.
kubectl proxy --port=8080
Now you can open another terminal to explore the API.
medined / lynis-report-after-stig.txt
Created June 26, 2020 15:23
Results of Running Lynis Audit on Centos7 After Running MindPoint Group RHEL7 STIG
2020-06-26 15:02:05 Starting Lynis 3.0.0 with PID 11125, build date 2020-03-20
2020-06-26 15:02:05 ====
2020-06-26 15:02:05 ### 2007-2020, CISOfy - ###
2020-06-26 15:02:05 Checking permissions of /usr/share/lynis/include/profiles
2020-06-26 15:02:05 File permissions are OK
2020-06-26 15:02:05 Reading profile/configuration /etc/lynis/default.prf
2020-06-26 15:02:05 Action: created temporary file /tmp/lynis.PsCgQxJx67
2020-06-26 15:02:05 Language set via profile to ''
2020-06-26 15:02:05 Plugin 'authentication' enabled according profile (/etc/lynis/default.prf)
2020-06-26 15:02:05 Plugin 'compliance' enabled according profile (/etc/lynis/default.prf)
medined / stig-results.txt
Created June 26, 2020 15:19
Results Of Running MindPoint Group RHEL7 STIG Against Latest Centos7 (ami-0affd4508a5d2481b)
PLAY [Apply STIG] *****************************************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************************
ok: []
TASK [/data/projects/RHEL7-STIG : Gather distribution info] ***********************************************************************************************************************************************
skipping: []
TASK [/data/projects/RHEL7-STIG : Check OS version and family] ********************************************************************************************************************************************
ok: [] => {
medined / gist:1dbbcdbbef555f71f7c1b714f1a70643
Created June 19, 2020 15:25
HTTP Code 404 When Generating Report
2020-06-19 15:23:50.0718|1|INFO|Microsoft.AspNetCore.Hosting.Internal.WebHost|Request starting HTTP/1.0 GET |url:|action:
2020-06-19 15:23:50.0718|2|INFO|Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler|Successfully validated the token. |url:|action:
2020-06-19 15:23:50.0727|0|INFO|Microsoft.AspNetCore.Routing.EndpointMiddleware|Executing endpoint 'openrmf_api_compliance.Controllers.ComplianceController.GetCompliancBySystem (openrmf-api-compliance)' |url:|action: GetCompliancBySystem
2020-06-19 15:23:50.0727|3|INFO|Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker|Route matched with {action = "GetCompliancBySystem", controller = "Compliance"}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResu
medined /
Created February 18, 2019 13:47
Attempt to Install Multi-User Eclipse Che On OpenShift

Eclipse Che


I am working to install multi-user Eclipse Che on a three node OKD cluser on AWS. There is one master and two worker nodes on a common security group. Each runs Centos. Single-user Che intalled flawlessly.

$ oc version
medined / accumulo_notes
Created December 29, 2011 19:04
Accumulo Installation and Configuration Steps on a Ubuntu VirtualBox Instance
Oct 17, 2012 - See for an even better script. Really ignore the stuff below. Go. Scoot.
Aug 28, 2012 - See for a more concise method is configuring accumulo. I'll leave this gist unchanged for fans of history.
My goal was to get Accumulo running on a VirtualBox Ubuntu instance. I was successful using the following steps. If a line starts with $ then it is a command-line to execute. Note that you'll need to have sudo privilege. My username was 'ubuntu'. If you are using a different username, you'll need to change the process a little bit. I'll try to point out where.
# Start a new VirtualBox instance using the Ubuntu 11.10

I hereby claim:

  • I am medined on github.
  • I am medined ( on keybase.
  • I have a public key ASAisVKwZNRmz62jhQXJAawUhJEHd5Oo3yHwZX29yQj7Tgo

To claim this, I am signing this object:

medined /
Created April 24, 2013 03:05
how to install accumulo (and everything else) to your home directory
export HADOOP_VERSION=hadoop-1.0.4
export CDIR=`pwd`
export LOGFILE=~/build.log
export PASSWORD=`openssl passwd -1 password`
# enable logging. Logs both to file and screen.
exec 2>&1