Skip to content

Instantly share code, notes, and snippets.

View jalogisch's full-sized avatar
🏠
Working from home

Jan Doberstein jalogisch

🏠
Working from home
View GitHub Profile
@jalogisch
jalogisch / disable-adminconsole-indexer.sh
Created November 23, 2022 07:14 — forked from octavioranieri/disable-adminconsole-indexer.sh
ECE found-shell script to disable indexer mode and migrations for the adminconsole container. Create this file, chmod +X it, run it with the bypass option (1), fix your env, run the script again with the cleanup option (2)
#!/bin/bash
set -e
echo "=================================================================================================="
echo "NOTE: The script will set the Adminconsole to api-only mode (no indexer), so that"
echo " migrations are bypassed and Adminconsole can boot for environment salvage operations."
echo " Please run the same script with the cleanup option afterwards."
echo ""
echo "IMPORTANT: Until the cleanup script is run, adminconsole will not be able to index "
echo " changes in the admin cluster, breaking the Deployments dashboard and "
@jalogisch
jalogisch / generate_ece_cert.sh
Last active May 30, 2022 14:53
create custom self signed ECE certificates
export ELASTICSEARCH_IMG=docker.elastic.co/elasticsearch/elasticsearch:7.8.0
export DOMAIN="ece.internal"
docker run --rm -v "$(pwd)":/tmp/certs -w /tmp/certs $ELASTICSEARCH_IMG /usr/share/elasticsearch/bin/elasticsearch-certutil ca \
--pem \
--out /tmp/certs/ca.zip
unzip ca.zip
docker run --rm -v "$(pwd)":/tmp/certs -w /tmp/certs $ELASTICSEARCH_IMG /usr/share/elasticsearch/bin/elasticsearch-certutil cert \
@jalogisch
jalogisch / fix_virtualenv
Created January 31, 2020 08:17 — forked from tevino/fix_virtualenv
Fix python virtualenv after python update
#!/usr/bin/env bash
ENV_PATH="$(dirname "$(dirname "$(which pip)")")"
SYSTEM_VIRTUALENV="$(which -a virtualenv|tail -1)"
BAD_ENV_PATHS="/usr/local"
echo "Ensure the root of the broken virtualenv:"
echo " $ENV_PATH"
@jalogisch
jalogisch / run.bash
Created August 31, 2018 08:42
The `tmp.json` contains the access rights that are needed to create tokens and the `run.bash` show how to add this via Graylog API and assing a user to this role.
http -a admin POST https://nuci3.local.lan/graylog/api/roles < tmp.json
http: password for [email protected]:
HTTP/1.1 201 Created
Connection: keep-alive
Content-Length: 206
Content-Type: application/json
Date: Tue, 15 May 2018 13:30:08 GMT
Location: http://10.10.10.100:9000/graylog/api/roles/User%20Token%20Mangement
Server: nginx/1.12.2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
@jalogisch
jalogisch / URLConnectionReader.java
Last active August 17, 2018 13:28
This little tool will help you to test if your Graylog server is able to reach the Graylog License API - the parameters of the trustStore and the proxy might be added and modified to fit your local needs.
// Based on java example: http://docs.oracle.com/javase/tutorial/networking/urls/readingWriting.html
// save as: URLConnectionReader.java
// compile using JDK: javac URLConnectionReader.java
// run: java -Djavax.net.ssl.trustStore=/path/to/cacerts.jks -Dhttp.proxyHost=10.0.0.100 -Dhttp.proxyPort=8800 URLConnectionReader
// if additional debugging is needed add -Djavax.net.debug=all to the above
// good path: returns HTML
// bad path: throws an exception
import java.net.*;
import java.io.*;
Elasticsearch HTTPS:
- X-Pack (Elastic Kostenpflichtig)
- Search Guard (OSS & Pay Plan) https://github.com/floragunncom/search-guard
- NGINX Proxy ( https://www.elastic.co/blog/playing-http-tricks-nginx )
MongoDB TLS:
- https://docs.mongodb.com/manual/tutorial/configure-ssl/
- Certificate based authentication is tricky but can be done
Graylog TLS:
@jalogisch
jalogisch / 10-cisco-elasticsearch.conf
Created February 2, 2018 10:25 — forked from justincjahn/10-cisco-elasticsearch.conf
Logstash: Processing Cisco Logs
#
# INPUT - Logstash listens on port 8514 for these logs.
#
input {
udp {
port => "8514"
type => "syslog-cisco"
}
@jalogisch
jalogisch / README.md
Created January 19, 2018 19:28 — forked from tboeghk/README.md
Deployments, Services and Ingresses to run a recent Graylog2 on Kubernetes in #yolo mode without any persistence.

These Kubernetes resources deploy a recent Graylog2 cluster on Kubernetes in #yolo mode without any persistence – The ideal way to quickly run, inspect and adapt a Graylog cluster in Kubernetes. The Deployment will install:

  • Graylog 2.4.0
  • Elasticsearch 5.6.3
  • Kibana 5.6.3

Deploy Graylog

@jalogisch
jalogisch / graylog2-docker-compose.yml
Created November 19, 2017 11:22 — forked from indigo423/graylog2-docker-compose.yml
Graylog2 Docker Compose file
version: '2'
networks:
graylog.net:
volumes:
graylog.data.elastic:
driver: "local"
graylog.data.mongo:
driver: "local"
@jalogisch
jalogisch / ca.md
Created September 4, 2017 11:22 — forked from soarez/ca.md
How to setup your own CA with OpenSSL

How to setup your own CA with OpenSSL

For educational reasons I've decided to create my own CA. Here is what I learned.

First things first

Lets get some context first.