#Heading 1
##Heading 2
###Heading 3
####Heading 4
#####Heading 5
Guy Barros GuyBarros
GuyBarros
/ vault4pfx.hcl
Created
December 18, 2019 15:43
A TFScript to connect to Vault , generate a PKI cert and use that cert as the seed for a pfx file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| variable "vault_host" { | |
| description = "Vault hostname" | |
| default = "vault.ric-lnd-stack.ric.aws.hashidemos.io" | |
| } | |
| terraform { | |
| backend "remote" { | |
| organization = "hc-emea-sentinel-demo" | |
| workspaces { | |
| name = "vault-integration" | |
| } |
GuyBarros
/ readme.md
Last active
October 22, 2019 08:30
— forked from benstr/readme.md
Gist Markdown Cheatsheet
GuyBarros
/ gist:3a9901a22bd52ae0f4f5e1f7154468a1
Created
July 26, 2019 14:53
startigng of vault notifier
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Steps to make a Control Group Notifier | |
| 1) list all Tokens | |
| curl -X LIST \ | |
| http://eu-guystack-vault-561637873.eu-west-2.elb.amazonaws.com:8200/v1/auth/token/accessors \ | |
| -H 'Accept: */*' \ | |
| -H 'Accept-Encoding: gzip, deflate' \ | |
| -H 'Cache-Control: no-cache' \ | |
| -H 'Connection: keep-alive' \ |
GuyBarros
/ Ansible - Vault SSH-CA
Created
March 18, 2019 08:45
Ansible playbook that uses Vault Approlle to generate a SSH -CA
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - | |
| hosts: localhost | |
| gather_facts: false | |
| vars: | |
| secret_token: '${option.vault_token}' | |
| role_id: '${option.approle_id}' | |
| tasks: | |
| - | |
| name: 'Get secret id from role_id' | |
| uri: {url: 'http://active.vault.service.consul:8200/v1/auth/approle/role/my-role/secret-id', method: POST, headers: {X-Vault-Token: '{{ secret_token }}'}, body_format: json, status_code: 200} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "variables": { | |
| "version": "", | |
| "memory" : "8196", | |
| "cpucorecount": "4" | |
| }, | |
| "provisioners": [ | |
| { | |
| "type": "file", | |
| "source": "bootcamp.rli", |
GuyBarros
/ gist:c0e7f618ff7c0434b11f8ad3ac627926
Last active
December 8, 2022 14:15
Jenkins pipeline config for TFE Demos
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pipeline { | |
| agent any | |
| environment { | |
| GIT_REPO = "https://github.com/GuyBarros/terraform-azurerm-demostack" | |
| TFE_NAME = "app.terraform.io" | |
| TFE_URL = "https://app.terraform.io" | |
| TFE_ORGANIZATION = "emea-se-playground-2019" | |
| TFE_API_URL = "${TFE_URL}/api/v2" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for pid in $(docker ps -a --format="{{.Names}}") | |
| do | |
| docker logs -f $pid > /tmp/$pid.log 2> /tmp/$pid.err & | |
| done | |
| tail -f /tmp/*.{log,err} |
GuyBarros
/ Consul_config
Created
January 31, 2019 09:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "acl_datacenter": "dc1", | |
| "acl_master_token": "${consul_master_token}", | |
| "acl_token": "${consul_master_token}", | |
| "acl_default_policy": "allow", | |
| "advertise_addr": "$(private_ip)", | |
| "advertise_addr_wan": "$(public_ip)", | |
| "bootstrap_expect": ${consul_servers}, | |
| "bind_addr": "$(private_ip)", | |
| "data_dir": "/mnt/consul", |
GuyBarros
/ jenkins.txt
Last active
December 17, 2018 16:31
Jenkins TFE integration via remote backend example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pipeline { | |
| agent any | |
| environment { | |
| GIT_REPO = "https://github.com/GuyBarros/terraform-aws-demostack/" | |
| TFE_URL = "https://app.terraform.io" | |
| TFE_ORGANIZATION = "emea-se-playground" | |
| TFE_API_URL = "${TFE_URL}/api/v2" | |
| TFE_API_TOKEN = credentials("tfe_api_token") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| What you'll need: | |
| <recovery key of the primary> | |
| <root token of primary> | |
| Step 1 - begin process | |
| vault operator generate-root -dr-token -init -tls-skip-verify | |
| Step 2 - Generate DR Token (repeat one per key shard) | |
| vault operator generate-root -tls-skip-verify -dr-token -nonce=<nonce value from step 1> <recovery key of the primary> |
NewerOlder