A common and reliable pattern in service unit files is thus:
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "annotations": { | |
| "list": [ | |
| { | |
| "builtIn": 1, | |
| "datasource": { | |
| "type": "grafana", | |
| "uid": "-- Grafana --" | |
| }, | |
| "enable": true, |
monodot
/ values.yaml
Created
November 3, 2023 13:09
Example values.yaml for Grafana Agent to scrape Pod logs from Kubernetes and ship to Loki
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| agent: | |
| mounts: | |
| varlog: true | |
| configMap: | |
| content: | | |
| logging { | |
| level = "info" | |
| format = "logfmt" | |
| } |
monodot
/ gist:f63f2c478273d091c1cf56a42f9d6087
Created
September 8, 2023 14:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| all | |
| analytics | |
| cache-generation-loader | |
| compactor | |
| distributor | |
| ingester | |
| ingester-querier | |
| querier | |
| query-frontend | |
| query-scheduler |
monodot
/ transactions.json
Created
July 26, 2023 15:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "transactions": [ | |
| { | |
| "transaction_id": "a6fbc63d-27ae-4d8a-bd01-2e879c82c122", | |
| "timestamp": "2023-07-26 10:15:30", | |
| "sender": "0x3fC2b08dD64eFe84F4E98583F66fAa3105581D8a", | |
| "receiver": "0x1B74d2F8947A9c3b32a8C35F44E28e1395d18b98", | |
| "amount": 0.025, | |
| "currency": "ETH", | |
| "hash": "f3f57bf8b6a5f6c1a2dd55a276d679ccdf957ed234521e60784d1a18f3ea6c43" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # cat <<EOF | ./subst.sh zzzlucy | |
| # name=Lucy | |
| # weather="Good, how about you?!" | |
| # family=Smith | |
| # EOF | |
| set -a |
monodot
/ Application.java
Created
January 28, 2020 17:25
Fuse/Camel - Wiring up AMQ (ActiveMQ) and Oracle AQ with JTA XA transactions (Narayana) on Spring Boot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package xyz.tomd.demos.fuse.springboot.amqxa; | |
| import oracle.jdbc.xa.client.OracleXADataSource; | |
| import oracle.jms.AQjmsFactory; | |
| import org.apache.camel.component.jms.JmsComponent; | |
| import org.messaginghub.pooled.jms.JmsPoolXAConnectionFactory; | |
| import org.springframework.boot.SpringApplication; | |
| import org.springframework.boot.autoconfigure.SpringBootApplication; | |
| import org.springframework.boot.jta.XAConnectionFactoryWrapper; | |
| import org.springframework.context.annotation.Bean; |
monodot
/ systemd_service_hardening.md
Created
September 23, 2022 12:12
— forked from ageis/systemd_service_hardening.md
Options for hardening systemd service units
monodot
/ ssl-testing.md
Last active
April 21, 2022 13:00
Using openssl to test an SSL connection with a CA file, pulled out from a Java keystore
Using openssl to test an SSL connection to google.com, using a CA file that's been pulled out from a Java keystore. For those days when you want to verify that you've got the right certificate in the store:
- Download the Equifax root certificate (which is the root CA for Google)
- Import the certificate into a new Java keystore
- Export the certificate back out again
- Convert the certificate to PEM
- Use
opensslto test an SSL connection to Google with that cert
monodot
/ load-averages.csv
Created
June 26, 2021 19:54
Load averages over a 15 minute period - when running a stress-ng test
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Time | 1min | 5min | 15min | |
|---|---|---|---|---|
| 14:08:59 | 0.93 | 1.10 | 1.28 | |
| 14:09:09 | 0.86 | 1.08 | 1.27 | |
| 14:09:19 | 0.95 | 1.09 | 1.27 | |
| 14:09:29 | 0.95 | 1.09 | 1.27 | |
| 14:09:39 | 1.25 | 1.15 | 1.29 | |
| 14:09:49 | 1.21 | 1.14 | 1.28 | |
| 14:09:59 | 1.18 | 1.14 | 1.28 | |
| 14:10:09 | 1.15 | 1.13 | 1.27 | |
| 14:10:19 | 1.13 | 1.13 | 1.27 |
monodot
/ source-connector-debs.yaml
Created
February 17, 2021 11:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "kafka.strimzi.io/v1alpha1" | |
| kind: KafkaConnector | |
| metadata: | |
| name: bd6-mongo-connector | |
| labels: | |
| strimzi.io/cluster: my-connect-cluster | |
| spec: | |
| class: io.debezium.connector.mongodb.MongoDbConnector | |
| image: "quay.io/tdonohue/debenhams-mongo:latest" | |
| config: |
NewerOlder