Johnny Schmidt thedude42
thedude42
/ bootstrap_vault_pki_trust_yubikey_piv.sh
Last active
February 14, 2024 05:53
Steps to establish the trust chain for Hashicorp's Vault, including storing the self-signed ROOT on a yubikey in a PIV slot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################################################### | |
| ############################################################################### | |
| ## | |
| ## Bootstrap a Vault PKI with an offline Root CA | |
| ## | |
| ## This document outlines the required steps to establish a PKI starting | |
| ## with an offline, self-signed root CA. After creating the root CA the next | |
| ## step establishes the Vault PKI back-end configuration and generates a | |
| ## signing request for an intermediate CA that is then signed by the root CA. | |
| ## Finally after the full-chain is uploaded to Vault, we create a Vault PKI |
thedude42
/ usefulHeaders.js
Created
June 11, 2015 18:19
Insert some OWASP useful headers in LineRate Precision
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| var vsm = require("lrs/virtualServerModule"), | |
| virtualServerName = "myVirtualServer"; | |
| vsm.on("exist", virtualServerName, function(vs) { | |
| vs.on("request", insertUsefulHeaders); | |
| }); | |
| function insertUsefulHeaders(servReq, servResp, cliReq) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| var vsm = require("lrs/virtualServerModule"), | |
| async = require("async"), | |
| CORS_PREFLIGHT_HEADERS = "Access-Control-Request-Headers"; | |
| function CorsService(vs, defaultOrigin, uriAccessList) { | |
| // Constructor, takes the name of a virtual server, default origin value and a configuration object | |
| var self = this; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| script corsService | |
| source inline "ENDWORD_corsService" | |
| "use strict"; | |
| var cors = require("./cors_server.js"), | |
| service = new cors.CorsService("MyVirtualServerName", "our-default-origin.com", | |
| {"/api/v1.0/json": | |
| {"origins":["our-default-origin.com", "another-allowed-origin.com"], | |
| "allowCreds":false, | |
| "allowHeaders":["X-special-header"], | |
| "methods":['GET','HEAD'] |
thedude42
/ appender_sample_config
Last active
August 29, 2015 14:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| virtual-server test-virtual | |
| service http | |
| attach virtual-ip test-vip default | |
| attach real-server some-server | |
| ! | |
| script appender | |
| source inline "ENDWORD_appender" | |
| "use strict"; | |
| var vsm = require('lrs/virtualServerModule'), | |
| Appender = require('./response_appender.js'), |
thedude42
/ response_appender.js
Last active
August 29, 2015 14:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| var vsm = require('lrs/virtualServerModule'), | |
| FIX_HEADER = true; | |
| function ResponseAppender(vsname, appendString, fixContentLength) { | |
| var self = this; | |
| self.virtualServer = vsname; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| var xml2js = require('xml2js'), | |
| vsm = require('lrs/virtualServerModule'); | |
| // callback function that implements the xml-to-json gateway | |
| function xml2json_converter(servReq, servRes, cliReq) { | |
| cliReq.on('response', function(response) { | |
| var body = [], | |
| body_len = 0; |