aduzsardi

#!/bin/bash

down_url=$(curl -s https://checkpoint-api.hashicorp.com/v1/check/$1 | jq -r .current_download_url)
product=$(curl -s https://checkpoint-api.hashicorp.com/v1/check/$1 | jq -r .product)
version=$(curl -s https://checkpoint-api.hashicorp.com/v1/check/$1 | jq -r .current_version)
os="linux_amd64"

wget ${down_url}${product}_${version}_${os}.zip

# There are a lot of inconsistencies in the resulting json answer between their products , so this will not work

aduzsardi

awk -v memt=$(grep -E 'MemTotal:' /proc/meminfo | awk '{print $2}') -v mema=$(grep -E 'MemAvailable:' /proc/meminfo | awk '{print $2}') "BEGIN {printf \"%.2f\n\", (mema/memt)*100}"

aduzsardi

#!/bin/bash
# Usage: `./ca-init test` - this will create a CA cert with CN = My TEST CA
# server,client certs will be generated with ansible, but i needed the CA to be manually generated for each environment.

PKI_BASE="$1"
PKI_HOME="${PKI_HOME:="/keybase/private/${USER}/pki"}"
PKI_PATH="${PKI_HOME}/${PKI_BASE}"
# validity days
PKI_CA_VALIDITY="7300"
# key settings

aduzsardi

# NB this depends on devcon. you must install it from chocolatey with choco install -y devcon.portable

$devcon = "$ENV:ProgramData\Chocolatey\Lib\devcon.portable\Devcon$(if ($ENV:PROCESSOR_ARCHITECTURE -like '*64') {'64'} else {'32'}).exe"

Get-NetAdapter `
    | Where-Object {$_.Virtual} `
    | Where-Object {$_.DriverFileName -like 'VBox*.sys'} `
    | ForEach-Object {
        Write-Host "Removing the $($_.InterfaceAlias) interface..."
        $result = &$devcon remove "@$($_.PnPDeviceID)"

aduzsardi

# Disable Gnome Keyring SSH agent in Ubuntu
# To allow using ssh-agent from OpenSSH, mainly because
# gnome-keyring does not like EC-type SSH keys

# as regular user (for which to disable):
systemctl --user mask gnome-keyring-ssh.service

pam-auth-update
# and disable "GNOME Keyring Daemon..."
# which probably also disables automatic keyring unlocking on login

aduzsardi

Vagrant.configure(2) do |config|
  config.ssh.insert_key = false
  config.vm.provider :virtualbox do |vb|
    vb.customize ["modifyvm", :id, "--memory", "1024"]
  end

  config.vm.define "myapp1" do |app|
    app.vm.hostname = "myapp1.dev"
    app.vm.box = "ubuntu/xenial64"
    app.vm.network :private_network, ip: "192.168.99.10"

aduzsardi

## Install necessary packages
$ sudo apt-get install virtualbox-ose qemu-utils genisoimage cloud-utils

## get kvm unloaded so virtualbox can load
$ sudo modprobe -r kvm_amd kvm_intel
$ sudo service virtualbox stop
$ sudo service virtualbox start

## URL to most recent cloud image of 12.04
$ img_url="http://cloud-images.ubuntu.com/server/releases/12.04/release"

aduzsardi

      location /events {
         if ($request_method = POST) {
            access_log  /dev/stdout post_body if=$loggable;
            proxy_pass $scheme://127.0.0.1/logsink;
            break;
         }
         return 200 "ok";
      }

      location /logsink {

aduzsardi

Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers

By default Microsoft active directory servers will offer LDAP connections over unencrypted connections (boo!).

The steps below will create a new self signed certificate appropriate for use with and thus enabling LDAPS for an AD server. Of course the "self-signed" portion of this guide can be swapped out with a real vendor purchased certificate if required.

Steps have been tested successfully with Windows Server 2012R2, but should work with Windows Server 2008 without modification. Will require both a system with OpenSSL (ideally Linux/OSX) and (obviously) a Windows Active Directory server.

• Create root certificate
• Import root certificate into trusted store of domain controller
• Create client certificate

aduzsardi

sed -i -ne '/<!-- BEGIN realm -->/ {p; r realm.xml' -e ':a; n; /<!-- END realm -->/ {p; b}; ba}; p' server.xml