- Table of Contents
- System Overview
- Service Overview
- Contributing Applications, Daemons, and Windows Services
- Hours of Operation
- Execution Design
- Infrastructure and Network Design
- Resilience, Fault Tolerance and High-Availability
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is an example resource file for rTorrent. Copy to | |
# ~/.rtorrent.rc and enable/modify the options as needed. Remember to | |
# uncomment the options you wish to enable. | |
# Maximum and minimum number of peers to connect to per torrent. | |
min_peers = 1 | |
max_peers = 100 | |
# Same as above but for seeding completed torrents (-1 = same as downloading) |
This is quick howto for installing vault on AWS Linux, mostly to remind myself. At the end of this tutorial, you'll have a working vault server, using s3 for the backend, self signed certificates for tls, and supervisord to ensure that the vault server is always running, and starts on reboot.
First things first, let's set up an s3 bucket to use as the storage backend for our s3 instance.
-
From the AWS Mangement Console, go to the S3 console.
-
Click on the
Create Bucket
button
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openssl pkcs7 -inform DER -print_certs -in azwus-prd-hashi-vault001_prod_azwus_nathantech_com.p7b -out azwus-prd-hashi-vault001_prod_azwus_nathantech_com_stacked.cer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Please see the following blog post for more information: | |
# | |
# https://www.hashicorp.com/blog/using-hashicorp-vault-with-chef.html | |
# | |
resource_name :vault_secret | |
property :path, String, name_property: true | |
property :destination, String |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# values from https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Welcome%20to%20High%20Performance%20Computing%20%28HPC%29%20Central/page/Linux%20System%20Tuning%20Recommendations | |
# install (root): curl -s https://gist.githubusercontent.com/polonskiy/00a71bab32360ffcb79f/raw/10-custom.conf > /etc/sysctl.d/10-custom.conf | |
# apply (root): sysctl -p /etc/sysctl.d/10-custom.conf | |
net.ipv4.neigh.default.gc_thresh1 = 30000 | |
net.ipv4.neigh.default.gc_thresh2 = 32000 | |
net.ipv4.neigh.default.gc_thresh3 = 32768 | |
net.ipv6.neigh.default.gc_thresh1 = 30000 | |
net.ipv6.neigh.default.gc_thresh2 = 32000 |
NOTE - An updated and more complete example can be found here.
Here's acl.json
:
{
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Command to run: | |
ssh -L 2222:localhost:8501 user@remoteserver.com | |
where 2222 is the local port mapping it can be any number above 1000 | |
where localhost must be set to localhost and refers to your current connection | |
where 8501 is the port you will be opening up on the remote machine | |
where user@remoteserver.com is the first hop in your quest for internal access |