Skip to content

Instantly share code, notes, and snippets.

View hvanderlaan's full-sized avatar

Harald van der Laan hvanderlaan

View GitHub Profile
@hvanderlaan
hvanderlaan / youve got root.md
Last active October 20, 2020 09:57
From security scan to rooting a box

From security scan to rooting a box

A friend of my created a php website / application, and ask me to check the website / application. so if started som simple test to if i could find some nice vulnerablity's. But what i found shocked me.

The information i've got

To annonimize this the fqdn is changed to domain.tld

information gathering: website directories

@hvanderlaan
hvanderlaan / user-data
Created October 16, 2018 16:16
Cloud init headless install rpi wifi
#cloud-config
# vim: syntax=yaml
#
# The current version of cloud-init in the Hypriot rpi-64 is 0.7.9
# When dealing with cloud-init, it is SUPER important to know the version
# I have wasted many hours creating servers to find out the module I was trying to use wasn't in the cloud-init version I had
# Documentation: http://cloudinit.readthedocs.io/en/0.7.9/index.html
# Set your hostname here, the manage_etc_hosts will update the hosts file entries as well
@hvanderlaan
hvanderlaan / docker-rpi.md
Last active May 16, 2021 22:57
Docker swarm cluster on raspberry pi's

Docker swarm cluster on raspberry pi's

The goal is to create a very cheap docker cluster for the home environment, but still is capable of running multiple docker services. The idea is to use raspberry pi 3 B+ units. These small computers have a 1,4 GHz quadcore ARM cortex A53 soc and 1GB of memory. This should be sufficient to run pi-hole, home-assistant and wordpress websites.

Requirements

@hvanderlaan
hvanderlaan / dynamic-inv-local-network.py
Last active July 20, 2021 03:32
ansible dynamic inventory script for local network
#!/usr/bin/env python
"""
dynamic-inv-local-network.py - dynamic ansible inventory file for use a local network
usage: ansible --ask-vault-password -i dynamic-inv-local-network.py all -m ping
"""
from __future__ import (print_function, absolute_import, division, unicode_literals)
@hvanderlaan
hvanderlaan / smartlight.cfg
Last active September 2, 2017 16:05
getting Ikea tardfri lightbulb status
[tardfri]
hubip = x.x.x.x
securityid = AABBCCDDEEFFGGHH
@hvanderlaan
hvanderlaan / nagiosTelegram.py
Last active November 30, 2021 11:34
Nagios notifications via Telegrambot
#!/usr/bin/env python
# file : nagiosTelegram.py
# purpose : send nagion notifications via Telegram bot
#
# author : harald van der laan
# date : 2017/04/01
# version : v1.0.1
#
# changelog:
@hvanderlaan
hvanderlaan / ansible-vault.md
Last active August 31, 2021 12:57
Ansible-vault example

Ansible vault example

New in Ansible 1.5, “Vault” is a feature of ansible that allows keeping sensitive data such as passwords or keys in encrypted files, rather than as plaintext in your playbooks or roles. These vault files can then be distributed or placed in source control. To enable this feature, a command line tool, ansible-vault is used to edit files, and a command line flag –ask-vault-pass or –vault-password-file is used. Alternately, you may specify the location of a password file or command Ansible to always prompt for the password in your ansible.cfg file. These options require no command line flag usage.

Requirements

@hvanderlaan
hvanderlaan / ansible-rundeck.md
Last active August 2, 2021 20:43
ansible - rundeck, the poorman's ansible tower

Poor man's Ansible Tower

After a while of messing around with the free / demo version of Ansible Tower I thought that this could also be done with free tools. With some help from the internet and as an IT consultant I found the way forward.

As we all known Ansible is for free and is a package in the Ubuntu repository. Ansible Tower is a frontend for Ansible that will provide scheduler and a fancy webfrontend.

Rundeck is a job scheduler and runbook administration that is for free and also has a fancy webfrontend.

So for the poor man's solution we are going to use the best of both worlds.

POC

@hvanderlaan
hvanderlaan / wp in lxc.md
Last active January 4, 2017 06:22
wp in lxc
user@host ~ $ lxc launch ubutnu wp-server
user@host ~ $ lxc exec wp-server -- bash
root@wp-server ~ # apt-get update
root@wp-server ~ # apt-get --yes dist-upgrade
root@wp-server ~ # apt-get --yes install wget apache2 libapache2-mod-php7.0 mysql-server php7.0-mysql
root@wp-server ~ # msyql -u root -p
@hvanderlaan
hvanderlaan / create-lxc-alpine-ansible-node.sh
Created April 19, 2016 13:26
create ansible alpine linux container
#!/bin/bash
# file : create-lxc-alpine-ansible-node.sh
# purpose: deploy a new alpine container that is the ansible server
#
# author : harald van der laan
# date : 2016/04/19
# version: v1.0
lxcName="ansible01"