Skip to content

Instantly share code, notes, and snippets.

View pporada-gl's full-sized avatar

Phil Porada pporada-gl

4 followers · 3 following
View GitHub Profile
@benders
benders / cisco-asa-config.txt
Last active November 23, 2021 05:01
Getting Amazon VPC up and running with Cisco ASAs can be a pain. This is the config that we used to make it work.
! --------------------------------------------------------------------------------
! This example configuration shows what WE did to get Amazon VPC working with our
! ASAs. We use version 8.3(1). This config has not been reviewed or otherwise
! blessed in any way by anyone at Amazon. YMMV.
!
! It differs from Amazon's supplied config by using two different sets of
! crypto maps and ACLs, so it brings both tunnels up simultaneously.
!
! For the purposes of the example, the physical datacenter network is 172.16.1.0/24
! and the VPC is 10.0.0.0/16.
@MattSurabian
MattSurabian / PackerPolicy.json
Last active May 27, 2022 21:46
Minimum IAM policy required by AWS for Packer to do its thing. https://github.com/mitchellh/packer Permissions are broken out by API functionality and a resource array has been defined with a wild card for each group. For tighter security resource level permissions can be applied per this documentation: http://aws.typepad.com/aws/2013/07/resourc…
{
"Statement": [
{
"Sid": "PackerSecurityGroupAccess",
"Action": [
"ec2:CreateSecurityGroup",
"ec2:DeleteSecurityGroup",
"ec2:DescribeSecurityGroups",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:RevokeSecurityGroupIngress"
@lttlrck
lttlrck / gist:9628955
Created March 18, 2014 20:34
rename git branch locally and remotely
git branch -m old_branch new_branch # Rename branch locally
git push origin :old_branch # Delete the old branch
git push --set-upstream origin new_branch # Push the new branch, set local branch to track the new remote
@obolton
obolton / elb-nodejs-ws.md
Last active November 12, 2023 11:49
Configuring an AWS Elastic Load Balancer for a Node.js application using WebSockets on EC2

AWS ELB with Node.js and WebSockets

This assumes that:

  • You are using Nginx.
  • You want to accept incoming connections on port 80.
  • Your Node.js app is listening on port 3000.
  • You want to be able to connect to your Node.js instance directly as well as via the load balancer.

####1. Create load balancer

@mattgray
mattgray / .kitchen.local.yml
Created December 23, 2014 17:10
Test Kitchen .kitchen.local.yml to enable Virtualbox Vagrant backend to use Host DNS for VPN
driver:
name: vagrant
customize:
natdnshostresolver1: 'on'
@DavidWittman
DavidWittman / stunnel-chroot-reload.md
Created March 25, 2015 03:28
Reloading stunnel configurations when in a chroot

Reloading stunnel configurations when in a chroot

Example stunnel config

# /etc/stunnel/stunnel.conf
cert = /etc/stunnel/cert.pem
sslVersion = TLSv1 TLSv1.1 TLSv1.2

chroot = /var/run/stunnel/
@lusis
lusis / README.md
Last active September 14, 2020 17:47
terraform template to generate serverspec properties

This uses terraform's template_file resource to generate a yaml properties file for serverspec to use.

  • create the Rakefile in your terraform project root
  • create a spec directory and put spec_helper.rb in it
  • create the templates/properties.tmpl.yml file
  • create the serverspec.tf
  • terraform apply

tests

Tests will be matched based on roles defined for a given node.

@Nihisil
Nihisil / jail.local
Last active September 5, 2023 06:20
Send notifications to the Slack from fail2ban
...
action_with_slack_notification = %(banaction)s[name=%(__name__)s, port="%(port)$
slack[name=%(__name__)s]
action = %(action_with_slack_notification)s
...
@MattSurabian
MattSurabian / aws-tags-with-ansible-and-terraform.md
Created March 29, 2016 13:24

Setting Tags in Terraform

Determine some sensible tags to pass non-critical information to Ansible or other CM solutions:

resource "aws_instance" "main" {
...
  tags {
  ...
    "some_tag" = "waka"
@noelrappin
noelrappin / rubocop.yml
Created May 3, 2016 21:40
AllCops:
Exclude:
- "db/schema.rb" # You can't touch this
- ".bundle/**/*" # Auto-generated
- "bin/**/*" # Auto-generated
- "vendor/**/*" # We cannot solve the world's problems
TargetRubyVersion: 2.3
Rails:
Enabled: true