| #!/usr/bin/env bash | |
| # /!\ warning vibeslop /!\ | |
| # bootstrap-devops-mac.sh | |
| # Purpose: | |
| # Install a comprehensive macOS DevOps workstation stack for enterprise engineers: | |
| # - Kubernetes / Istio / AWS / Linux / Windows hybrid administration | |
| # - Corporate SSO environments |
| { | |
| "meta": { | |
| "description": "Comprehensive 529, ABLE, and State-Sponsored Retirement Programs (All 50 States + DC + Territories)", | |
| "structure": "hierarchical", | |
| "roles": [ | |
| "recordkeeper", | |
| "program_manager", | |
| "asset_manager", | |
| "distribution", | |
| "operator" |
Marketing Portal Direct-Sold plan (where you manage the account yourself) Advisor-Sold plan (managed through a financial professional)
This is a classic project management challenge: fixed constraints (Time, Cost) with an undefined Scope. Since you cannot add more money or people, and the deadline is set, Scope is your only lever.
To maximize ROI, you must shift from "finishing a project" to "delivering the highest value increments" within the timebox. Since you cannot plan before Jan 1st, you must treat the planning as the first phase of the work itself.
Here are the specific strategies to manage this effectively:
Do not start "improving" anything on Day 1. Because no research has been done, you risk solving the wrong problems. Dedicate the first 5-7 days strictly to Discovery & Baselining.
| #!/usr/bin/env bash | |
| # Copyright (c) 2021 Shane Robinson | |
| # | |
| # Permission is hereby granted, free of charge, to any person obtaining a copy | |
| # of this software and associated documentation files (the "Software"), to deal | |
| # in the Software without restriction, including without limitation the rights | |
| # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| # copies of the Software, and to permit persons to whom the Software is | |
| # furnished to do so, subject to the following conditions: | |
| # |
| :: Windows 10 Hardening Script | |
| :: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering. | |
| :: Obligatory 'views are my own'. :) | |
| :: Thank you @jaredhaight for the Win Firewall config recommendations! | |
| :: Thank you @ricardojba for the DLL Safe Order Search reg key! | |
| :: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings! | |
| :: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater | |
| : |
Sometimes a programming language has a "strict mode" to restrict unsafe constructs. E.g., Perl has use strict, Javascript has "use strict", and Visual Basic has Option Strict. But what about bash? Well, bash doesn't have a strict mode as such, but it does have an unofficial strict mode:
set -euo pipefail
set -e
| #!/bin/bash | |
| function test { | |
| MESSAGE=$1 | |
| RECEIVED=$2 | |
| EXPECTED=$3 | |
| if [ "$RECEIVED" = "$EXPECTED" ]; then | |
| echo -e "\033[32m✔︎ Tested $MESSAGE" | |
| else |
| #!/bin/bash | |
| tmp=$(python -c "import os, sys; print(os.path.realpath('/tmp'))") | |
| function test { | |
| MESSAGE=$1 | |
| RECEIVED=$2 | |
| EXPECTED=$3 | |
| if [ "$RECEIVED" = "$EXPECTED" ]; then |