This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# $OpenBSD: pf.conf,v 1.52 2013/02/13 23:11:14 halex Exp $ | |
# | |
# See pf.conf(5) for syntax and examples. | |
# | |
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1 | |
# in /etc/sysctl.conf if packets are to be forwarded between interfaces. | |
### Macros | |
# system |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vrrp_script chk_redis_master { | |
script "redis-cli info replication | grep -q 'role:master'" | |
interval 2 | |
weight 2 | |
rise 2 | |
fall 2 | |
} | |
vrrp_instance redis_vip { | |
interface eth0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
assumes centos 7 host, typical configuration | |
- disable selinux: SELINUX=permissive in /etc/sysconfig/selinux | |
- disable auditd: systemctl disable auditd.service | |
- enable journald persistence: `Storage=persistent` in /etc/systemd/journald.conf | |
- mkdir /var/lib/container | |
- yum -y --nogpg --releasever=7 --installroot=/var/lib/container/centos install systemd passwd yum vim-minimal openssh-server | |
- systemd-nspawn -D /var/lib/container/centos | |
- set root passwd, set ssh port (e.g. 2222) | |
- set up systemd-nspawn service: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--[[ | |
Inspired by: https://github.com/mozilla-services/lua_sandbox/pull/22 | |
*Haproxy log-format Directive* | |
log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ %{+Q}r | |
*Example Config* | |
[haproxy_udp_input] | |
type = "UdpInput" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: extensions/v1beta1 | |
kind: Ingress | |
metadata: | |
name: kibana-doorman | |
annotations: | |
kubernetes.io/ingress.class: "nginx" | |
nginx.ingress.kubernetes.io/use-regex: "true" | |
nginx.ingress.kubernetes.io/server-snippet: | | |
location = / { return 308 https://$best_http_host/_plugin/kibana; } | |
spec: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
class Rundganger | |
attr_accessor :coordinates, :path | |
def initialize | |
@coordinates = [0,0,0] | |
@path = [] << @coordinates.clone | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Set up audit logging for connections outbound from the bastion | |
default['openssh']['client'].tap do |client| | |
client['permit_local_command'] = 'yes' | |
client['local_command'] = '/usr/bin/logger -p INFO -t AUTH %u signed into %h:%p as %r' | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# heka.toml | |
[hekad] | |
base_dir = '/tmp/heka' | |
[boot] | |
type = "LogstreamerInput" | |
log_directory = '/var/log' | |
file_match = 'boot\.log' | |
[pulse] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
kind: Endpoints | |
apiVersion: v1 | |
metadata: | |
name: glusterfs-cluster | |
subsets: | |
- addresses: | |
- ip: 10.138.0.8 | |
ports: | |
- port: 49152 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/opt/chef/embedded/bin/ruby | |
# | |
# Create/manage Cinder volume snapshots | |
# | |
require 'mixlib/shellout' | |
require 'fog/openstack' | |
# |
NewerOlder