| #!/usr/bin/expect | |
| set timeout -1; | |
| spawn {{django_dir}}/venv/bin/python manage.py changepassword {{admin_user}}; | |
| expect { | |
| "Password:" { exp_send "{{admin_pass}}\r" ; exp_continue } | |
| "Password (again):" { exp_send "{{admin_pass}}\r" ; exp_continue } | |
| eof | |
| } |
| # Add this snippet to the top of your playbook. | |
| # It will install python2 if missing (but checks first so no expensive repeated apt updates) | |
| # gwillem@gmail.com | |
| - hosts: all | |
| gather_facts: False | |
| tasks: | |
| - name: install python 2 | |
| raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal) |
| # Install essential build tools | |
| sudo apt-get install build-essential zlib1g-dev libpcre3 libpcre3-dev unzip | |
| #Install libs to compile nginx modules | |
| sudo apt-get install libxslt1-dev libssl-dev libgd2-xpm-dev libgeoip-dev libpam-dev | |
| #Install nginx ppa | |
| sudo add-apt-repository ppa:nginx/stable | |
| sudo apt-get update | |
| sudo apt-get install nginx -y |
| install PostgreSQL 9 in Mac OSX via Homebrew | |
| Mac OS X Snow Leopard | |
| System Version: Mac OS X 10.6.5 | |
| Kernel Version: Darwin 10.5.0 | |
| Install notes for PostgreSQL 9.0.1 install using Homebrew: | |
| sh-3.2# brew install postgresql |
I've been using a lot of Ansible lately and while almost everything has been great, finding a clean way to implement ansible-vault wasn't immediately apparent.
What I decided on was the following: put your secret information into a vars file, reference that vars file from your task, and encrypt the whole vars file using ansible-vault encrypt.
Let's use an example: You're writing an Ansible role and want to encrypt the spoiler for the movie Aliens.
| sudo gitlab-runner register \ | |
| --non-interactive \ | |
| --url "https://gitlab.local/" \ | |
| --registration-token "xJWfniGqvSeVyKc3vaQx" \ | |
| --executor "docker" \ | |
| --docker-image ubuntu:16.04 \ | |
| --description "docker-runner" \ | |
| --tag-list "docker,aws" \ | |
| --run-untagged \ | |
| --docker-extra-hosts "gitlab.local:10.0.1.15" \ |
| #!/bin/bash | |
| sudo rm -rf django.nv/ && rm -rf django.nV | |
| git clone https://github.com/secfigo/django.nv.git && cd django.nv | |
| git checkout vault-5-secrets-in-vault | |
| # Change the IP address of LOCAL_IP Variable | |
| sed -i -e 's/LOCAL_IP=10.0.1.22/LOCAL_IP=10.0.1.10/g' .env | |
| # stop if the containers are already running. | |
| docker-compose -f docker-compose-vault.yml down |
| FROM owasp/zap2docker-weekly | |
| USER root | |
| ARG FIREFOX_VERSION=latest | |
| RUN FIREFOX_DOWNLOAD_URL=$(if [ $FIREFOX_VERSION = "latest" ] || [ $FIREFOX_VERSION = "nightly-latest" ] || [ $FIREFOX_VERSION = "devedition-latest" ]; then echo "https://download.mozilla.org/?product=firefox-$FIREFOX_VERSION-ssl&os=linux64&lang=en-US"; else echo "https://download-installer.cdn.mozilla.net/pub/firefox/releases/$FIREFOX_VERSION/linux-x86_64/en-US/firefox-$FIREFOX_VERSION.tar.bz2"; fi) \ | |
| && apt-get update -qqy \ | |
| && apt-get -qqy --no-install-recommends install firefox \ | |
| && rm -rf /var/lib/apt/lists/* /var/cache/apt/* \ | |
| && wget --no-verbose -O /tmp/firefox.tar.bz2 $FIREFOX_DOWNLOAD_URL \ | |
| && apt-get -y purge firefox \ | |
| && rm -rf /opt/firefox \ |
| #!/bin/bash | |
| #running the zap in the background | |
| bash -c "zap.sh -daemon -host 0.0.0.0 -port 8080 -config api.disablekey=true -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true 2>&1 &" && sleep 5 | |
| #running the zapscan in the backgroun | |
| echo "************** Running ZAP python script********************" | |
| python3 -u /zapcode/zap-scan.py |
| #!/usr/bin/env python3 | |
| import time | |
| from pprint import pprint | |
| from zapv2 import ZAPv2 as ZAP | |
| from selenium import webdriver | |
| from selenium.webdriver.common.keys import Keys | |
| from selenium.webdriver.firefox.options import Options | |
| from selenium.webdriver.common.proxy import Proxy, ProxyType |