Skip to content

Instantly share code, notes, and snippets.

View double-p's full-sized avatar

Philipp Buehler double-p

View GitHub Profile
@double-p
double-p / haproxy.confs
Last active February 13, 2024 09:29
haproxy (splitted files, named defaults and more)
00-global.cfg:
global
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
unix-bind user haproxy group haproxy
daemon
nbthread 4
ufw_rules:
- rule: allow
to_port: 22
protocol: tcp
comment: 'allow incoming connection on standard ssh port'
Uncurated to read/watch list from kubecon2022 slack:
https://kubernetes.io/docs/home/
https://helm.sh/docs/
https://docs.docker.com/engine/reference/builder/
https://learning.kasten.io/
kubernetes the hardway - https://github.com/kelseyhightower/kubernetes-the-hard-way
This is against:
commit 10331dd8603d1113188c24c16ff2a7d7f8163f28 (HEAD -> main, origin/main, origin/HEAD)
diff --git deploy/compose/.env deploy/compose/.env
index 3ee4f7c..1b6c262 100644
--- deploy/compose/.env
+++ deploy/compose/.env
@@ -1,9 +1,9 @@
OSIE_DOWNLOAD_URLS=https://github.com/tinkerbell/hook/releases/download/5.10.57/hook_x86_64.tar.gz,https://github.com/tinkerbell/hook/releases/download/5.10.57/hook_aarch64.tar.gz
acl or_combined path_beg /foo
acl or_combined path_beg /bar
# above is an OR
acl something_else hdr(host) example.com
use_backend thingy if or_combined something_else
# above is AND'ing the two ACLs
frontend stats
mode http
bind-process 1
bind :8686
default_backend backend-stats
backend backend-stats
bind-process 1
mode http
stats enable
stats hide-version
# filter pattern against DPD: 'host <peer-name> and ! (udp[26]=0x05 and udp[70:2]&0x8d20>7)'
# filter proposal/SA exchange only: 'host <peer-name> and ((udp[26]=0x02 and udp[24]=0x01) or udp[26]=0x20)'
# filterby src-Peer: tail -fc+0 /var/run/isakmpd09.pcap | tcpdump -netttvvvr - 'host 195.179.132.65 and host 194.25.170.42 and ((udp[26]=0x02 and udp[24]=0x01) or udp[26]=0x20)'
jo -p -- -s jsonrpc=2.0 id=1 method=user.login auth= params[user]=Admin params[password]=zabbix | curl -H "Content-Type: application/json" -X POST -s -d @- -o- http://10.211.55.101:9595/api_jsonrpc.php |jq .result | tr -d \" > token
jo -p -- -s jsonrpc=2.0 id=1 method=user.get params[output]=extend auth=`cat token` | curl -H "Content-Type: application/json" -X POST -s -d @- -o- http://10.211.55.101:9595/api_jsonrpc.php | jq .
# jo: https://github.com/jpmens/jo
frontend zammad
acl ssfn_path_zammad path_beg /zammad /assets /api
acl ssfn_path_zammadws path_beg /zammad/ws /ws
acl ssfn_type_websocket hdr(Upgrade) -i WebSocket
use_backend ssfn_zammad if ssfn_path_zammad !ssfn_path_zammadws
use_backend ssfn_zammad_websocket if ssfn_path_zammadws
use_backend ssfn_zammad_websocket if ssfn_type_websocket
backend ssfn_zammad
http-request set-header X-Real-IP %ci