Skip to content

Instantly share code, notes, and snippets.

View ycyr's full-sized avatar

ycyr

1 follower · 0 following
  • Montreal
View GitHub Profile
@ycyr
ycyr / pkitest.sh
Created July 15, 2016 05:41 — forked from jefferai/pkitest.sh
PKI test script
#!/bin/bash
vault mount -path=rootpki pki
vault mount-tune -max-lease-ttl="175200h" rootpki
vault write rootpki/root/generate/exported common_name=example.com ttl="175200h"
vault write rootpki/root/generate/internal common_name=example.com ttl="175200h"
vault write rootpki/intermediate/generate/exported common_name=example.com ttl="175200h"
vault write rootpki/intermediate/generate/internal common_name=example.com ttl="175200h"
vault mount -path=intermediatepki pki
vault mount-tune -max-lease-ttl="8760h" intermediatepki
@ycyr
ycyr / nginx.conf
Created October 18, 2016 02:45 — forked from plentz/nginx.conf
Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/
# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
@ycyr
ycyr / swarm-digitalocean.sh
Last active October 26, 2016 21:35
#!/usr/bin/env bash
set -e
# export DOTOKEN=XXXXXXXXX
DOREGION=nyc1
#export DOSSHKEY=XXXXXXXX
DOPRIVATE=true
DOOPTIONS=" --digitalocean-region=$DOREGION --digitalocean-private-networking=$DOPRIVATE --digitalocean-ssh-key-fingerprint=$DOSSHKEY"
@ycyr
ycyr / script-1
Created July 22, 2017 02:18
1 yum -y update
2 yum -y install epel-release
3 yum -y install vim htop screen
4 rpm -Uvh https://yum.puppetlabs.com/puppet5/puppet5-release-el-7.noarch.rpm
5 exit
6 yum install puppet-agent
7 puexport PATH=/opt/puppetlabs/bin:$PATH
8 export PATH=/opt/puppetlabs/bin:$PATH
9 puppet module search elasticsearch
10 puppet module install elastic-elasticsearch
@ycyr
ycyr / elastic.pp
Created July 22, 2017 02:19
class { 'elasticsearch':
java_install => true,
manage_repo => true,
repo_version => '5.x',
restart_on_change => true,
security_plugin => 'x-pack',
jvm_options => [
'-Xms1g',
'-Xmx1g'
],
@ycyr
ycyr / lxd.sh
Last active September 12, 2017 01:46
#!/bin/bash
add-apt-repository -y ppa:ubuntu-lxc/lxd-stable
apt update -y
apt install -y lxd zfsutils-linux vim htop screen
apt update -y
DEBIAN_FRONTEND=noninteractive apt upgrade -y
service lxd restart
lxc network create lxdbr0 ipv6.address=none ipv4.address=172.22.3.1/24 ipv4.nat=true
lxc network attach-profile lxdbr0 default eth0
lxd init --auto --storage-backend zfs --storage-pool lxd --storage-create-loop 15
@ycyr
ycyr / gist:a40b9a21c35a183dcdcb27cf5480900f
Last active August 29, 2017 02:36
logstash.conf
input {
stdin { }
}
filter {
grok {
match => [ "message", "<(?<ruleID>.*)>(?<msg>.*)" ]
add_tag => "grok"
}
kv { source => "msg" }
@ycyr
ycyr / filebeat script centos 5
Last active September 8, 2017 14:52
filebeat script centos 5
#!/bin/bash
#
# filebeat: Startup script for Filebeat Log Shipper.
#
# chkconfig: 3 80 05
# description: Startup script for Filebeat Log Shipper standalone
FILEBEAT_HOME=/usr/local/filebeat;
export FILEBEAT_HOME
@ycyr
ycyr / filebeat.sh
Created September 8, 2017 14:36
filebeat.sh custom centos5
#!/bin/bash
# Script to run {.beat_name} in foreground with the same path settings that
# the init script / systemd unit file would do.
/usr/local/filebeat/filebeat \
-path.home /usr/local/filebeat \
-path.config /etc/filebeat \
-path.data /var/lib/filebeat \
-path.logs /var/log/filebeat \
@ycyr
ycyr / useful elasticsearch commands
Last active April 9, 2023 14:07
useful elasticsearch command
curl -XGET --user elastic:changeme http://localhost:9200/_cluster/health | jq .
curl -XGET --user elastic:changeme http://localhost:9200/_cluster/allocation/explain | jq .
curl -XGET --user elastic:changeme http://localhost:9200/_cluster/health?level=indices | jq .
curl -XGET 'localhost:9200/_cat/shards/logstash*?v&bytes=m&h=index,store.size&s=store.size:desc'
curl -XGET 'localhost:9200/_cat/indices/logstash*?s=store.size:desc&h=index,pri.store.size'