chadgeary

# create proxy dir and files
sudo mkdir -p /opt/duckdnsswag/proxy-confs

# create nginx.conf with pointer to proxy-confs/duckdnsswag.conf at the end
sudo tee /opt/duckdnsswag/nginx.conf << EOM
## Version 2021/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx.conf

user abc;

# Set number of worker processes automatically based on number of CPU cores.

chadgeary

sudo sed -i '/%sudo/a%sudo ALL=(ALL) NOPASSWD:ALL' /etc/sudoers
sudo chmod -x /etc/update-motd.d/*
sudo add-apt-repository universe
sudo add-apt-repository restricted
sudo add-apt-repository multiverse

# utils
sudo apt install -y curl git htop mlocate net-tools nmap screen tcpdump telnet traceroute util-linux vim wget gnome-tweak-tool remmina compizconfig-settings-manager compiz-plugins vlc

# set editor to vim

chadgeary

sudo tee /opt/open-to-container.yml << EOM
---
- name: open-to-container
  hosts: localhost
  gather_facts: true
  become: true
  tasks:
  
    - name: iptables accept myservice
      iptables:

chadgeary

sudo tee /opt/open-a-port.yml << EOM
---
- name: open-a-port
  hosts: localhost
  gather_facts: true
  become: true
  tasks:
  
    - name: iptables accept myservice
      iptables:

chadgeary

resource "oci_core_vcn" "ph-vcn" {
  compartment_id               = oci_identity_compartment.ph-compartment.id
  cidr_block                   = var.vcn_cidr
  display_name                 = "${var.ph_prefix}-network"
  dns_label                    = var.ph_prefix
}

resource "oci_core_internet_gateway" "ph-internet-gateway" {
  compartment_id               = oci_identity_compartment.ph-compartment.id
  vcn_id                       = oci_core_vcn.ph-vcn.id

chadgeary

    - name: check ca exists
      stat:
        path: /opt/nifi-certificates/ca/ca.pem
      register: ca_cert

    - name: get ca from s3
      aws_s3:
        region: "{{ aws_region }}"
        mode: get
        bucket: "{{ s3_bucket }}"

chadgeary

import boto3
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives.serialization import pkcs12
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat import backends
from cryptography import x509
from cryptography.x509.oid import NameOID
import datetime
import io
import json

chadgeary

import boto3
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat import backends
from cryptography import x509
from cryptography.x509.oid import NameOID
import datetime
import json
import os

chadgeary

    - name: wireguard2 container
      docker_container:
        name: wireguard2
        capabilities:
          - NET_ADMIN
          - SYS_MODULE
        env:
          PUID: "1000"
          PGID: "1000"
          TZ: "Etc/UTC"

chadgeary

tee ~/open5335.yml << EOM

---
- name: open 5335
  hosts: localhost
  gather_facts: true
  become: true
  tasks:

    - name: iptables accept unbound 5335 TCP