Skip to content

Instantly share code, notes, and snippets.

View Tombar's full-sized avatar

Martin Loy Tombar

50 followers · 88 following
View GitHub Profile
@ageis
ageis / systemd_service_hardening.md
Last active May 12, 2025 13:13
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@AV4TAr
AV4TAr / lead_growth_multiplier.md
Last active December 23, 2016 15:42
@imbriaco
imbriaco / 00-README.md
Last active May 26, 2018 08:02
Example deployment descriptor for running Cog on Kubernetes. Uses the secret store as well as persistent disks for Postgres, Cog, and Relay data.

Cog on Kubernetes

This experiment was originally built on Google Cloud's Kubernetes and makes use of gcePersistentDisk. If you are not using Google Cloud, you'll need to adjust the gcePersistentDisk volumes to use the persistent disk technology available in your cluster.

At a high level the steps look something like this, though there may be subtle errors. This experiment happened a few weeks ago and I'm creating these from memory along with the test descriptors I used.

  1. Setup Kubernetes and create the necessary persistent disks that are referenced in the deployment.
@Tombar
Tombar / gist:3f9bcb7d0253f9c7cf2a
Created December 29, 2014 17:38
Ultimate Puppet Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
node_defaults = {
:domain => 'dev',
:memory => 384,
}
single = {:ip => '172.16.11.30', :memory => 1024, :cpus => 2}
@Tombar
Tombar / gist:252d7722b852dc5d3abf
Created December 18, 2014 15:57
Vagrantfile for puppet and puppetmaster
# -*- mode: ruby -*-
# vi: set ft=ruby :
puppetmaster = {:node_name => 'pm', :ip => '172.16.0.250', :memory => 1024, :cpus => 2}
nodes = {
'node10' => {:ip => '172.16.11.10'},
'node11' => {:ip => '172.16.11.11'},
'node12' => {:ip => '172.16.11.12', :memory => 1024, :cpus => 2},
}
@regit
regit / ssh-analysis-kibana
Last active August 7, 2019 21:27
SSH analysis dashboard
{
"title": "SSH analysis",
"services": {
"query": {
"list": {
"0": {
"query": "message:\"Invalid user\" AND sshd",
"alias": "Failed login",
"color": "#BF1B00",
"id": 0,
@okunishinishi
okunishinishi / Remove all git tags
Created March 8, 2014 03:12
Delete all git remote tags
#Delete local tags.
git tag -l | xargs git tag -d
#Fetch remote tags.
git fetch
#Delete remote tags.
git tag -l | xargs -n 1 git push --delete origin
#Delete local tasg.
git tag -l | xargs git tag -d
@guenter
guenter / Main.scala
Last active September 17, 2020 11:25
A simple Mesos "Hello World": downloads and starts a Python web server on every node in the cluster.
import mesosphere.mesos.util.FrameworkInfo
import org.apache.mesos.MesosSchedulerDriver
/**
* @author Tobi Knaup
*/
object Main extends App {
@tnolet
tnolet / puppetdb_postgres_hacks.md
Last active June 27, 2024 22:28
PuppetDB is awesome. Here's some tips on accessing the data in the Postgresql database...most of 'm just reminders for myself.

NB: The following examples where done on Puppet Enterprise 3.0 running on Centos 6. Should be similar for open source versions, except for some file locations.

1. Logging into the PuppetDB PostgresQL database on Linux

The easiest way to snoop around in de actual PuppetDB postgres database is using the command prompt. You have to be the peadmin user though. Couldn't get it working just under root.

[root@master bin]# sudo su - pe-postgres -s /bin/bash
-bash-4.1$ /opt/puppet/bin/psql
psql (9.2.4)

Type "help" for help.

@shlomibabluki
shlomibabluki / hashtagify.py
Last active September 19, 2024 23:54
# coding=UTF-8
from __future__ import division
import nltk
from collections import Counter
# This is a simple tool for adding automatic hashtags into an article title
# Created by Shlomi Babluki
# Sep, 2013