Skip to content

Instantly share code, notes, and snippets.

Avatar

Ingo D. rooftop90

View GitHub Profile
@rooftop90
rooftop90 / values.yaml
Created Nov 24, 2020
values.yaml for installing a standalone Vault instance with Raft enabled.
View values.yaml
# Available parameters and their default values for the Vault chart.
global:
# enabled is the master enabled switch. Setting this to true or false
# will enable or disable all the components within this chart by default.
enabled: true
# Image pull secret to use for registry authentication.
imagePullSecrets: []
# imagePullSecrets:
# - name: image-pull-secret
View sigImgLinux.json
{
"type": "Microsoft.VirtualMachineImages",
"apiVersion": "2019-05-01-preview",
"location": "<location>",
"dependsOn": [],
"tags": {
"imagebuilderTemplate": "AzureImageBuilderSIG",
"userIdentity": "enabled"
},
"identity": {
View setup-docker.sh
############################################
# Shell script for basic docker setup
# sets up v. 18.09.2-3.el7
############################################
# add repo
sudo curl -SsL https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
# install specific docker version
yum install -y docker-ce-18.09.2-3.el7
View aibSigRole.json
{
"Name": "AIB Custom Role",
"IsCustom": true,
"Description": "Azure Image Builder access to create resources for the image build",
"Actions": [
"Microsoft.Compute/galleries/read",
"Microsoft.Compute/galleries/images/read",
"Microsoft.Compute/galleries/images/versions/read",
"Microsoft.Compute/galleries/images/versions/write",
"Microsoft.Compute/images/write",
@rooftop90
rooftop90 / basis-network-security.sh
Last active Aug 25, 2020
Shell script for basic network security enhancement
View basis-network-security.sh
############################################
# Shell script to enhance basic network
# security
############################################
# Enable TCP SYN cookie protection
echo "" >> /etc/sysctl.conf
echo "# Enable TCP SYN cookie protection" >> /etc/sysctl.conf
echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
@rooftop90
rooftop90 / mngImgLinux.json
Last active Aug 6, 2020
mngImgLinux.json
View mngImgLinux.json
{
"type": "Microsoft.VirtualMachineImages/imageTemplates",
"apiVersion": "2019-05-01-preview",
"location": "<location>",
"dependsOn": [],
"tags": {
"imagebuilderTemplate": "ubuntu1804",
"userIdentity": "enabled"
},
View aibRoleBasic.json
{
"Name": "AIB Custom Role",
"IsCustom": true,
"Description": "Azure Image Builder access to create resources for the image build",
"Actions": [
"Microsoft.Compute/images/write",
"Microsoft.Compute/images/read",
"Microsoft.Compute/images/delete"
],
"NotActions": [
View haproxy.cfg
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy