Skip to content

Instantly share code, notes, and snippets.

View nicholasjackson's full-sized avatar
📺
UToobin, Like and Subscribe

Nicholas Jackson nicholasjackson

📺
UToobin, Like and Subscribe
1.8k followers · 10 following
View GitHub Profile
@nicholasjackson
nicholasjackson / profile.json
Last active June 18, 2020 13:46
Windows Terminal Settings
// To view the default settings, hold "alt" while clicking on the "Settings" button.
// For documentation on these settings, see: https://aka.ms/terminal-documentation
{
"$schema": "https://aka.ms/terminal-profiles-schema",
"defaultProfile": "{2c4de342-38b7-51cf-b940-2309a097f518}",
"profiles":
[
@nicholasjackson
nicholasjackson / keymap.json
Created April 13, 2020 10:29
[
{
"title": "command + h/j/k/l/u/i to arrow keys and home end",
"rules": [
{
"description": "Change Command + h/j/k/l to Arrows",
"manipulators": [
{
"type": "basic",
"from": {
@nicholasjackson
nicholasjackson / deregister.sh
Last active August 24, 2023 17:38
Boundary Worker Registration
#!/bin/sh -e
echo "[$(date +%T)] Deregister boundary worker"
# Read the worker id from the file written on startup
worker_id=$(cat ./worker_id)
# Base url for the HCP cluster
base_url="https://${cluster_id}.boundary.hashicorp.cloud/v1"
auth_url="${base_url}/auth-methods/${auth_method_id}:authenticate"
dereg_url="${base_url}/workers/${worker_id}"
@nicholasjackson
nicholasjackson / readme.md
Last active March 10, 2023 11:28
Boundary HCP Demo

Boundary Demo

Providing remote access to applications and systems requires secure routing to the destination and credentials to authenticate the user. Traditionally, you achieve this using a Virtual Private Network (VPN) or a Bastion server to bridge into the private network. Credentials are generally provided individually, created as part of a manual process, and with password rotation on a best-intention basis. This is problematic as access is usually too broad, difficult to audit, and complex to maintain.

@nicholasjackson
nicholasjackson / readme.md
Last active April 5, 2023 15:26
Why Service Mesh

Security

Let's take a look at how the Service Mesh protects your applications,

We have an application deployed at present, by default the service mesh protects our application

Basic Example

Let's look at this example,

@nicholasjackson
nicholasjackson / codemotion.md
Last active May 10, 2023 12:18
Codemotion Madrid

Codemotion Madrid

Let's see how you can use Docker to create fake Virtual Machines

VMs with Docker

If you have ever used cloud computing you will know that most virtual machines give you the capability to install software using cloud init.

With Docker you can do something very similar

@nicholasjackson
nicholasjackson / readme.md
Last active June 29, 2023 12:41
Vault Honeypots

Vault Honeypots

I spoke at an event in Oslo where Vesselin gave a talk about how honey pots could be used to automate network security by automatically updating cloud armor rules to block the attacker.

At the time I was giving a talk on Terraform and Vault, but as I watched Vesselin's talk I wanted to build a system that could automate firewall rules using Terraform.

@nicholasjackson
nicholasjackson / readme.md
Last active December 3, 2023 02:06
folksam

Folksam Demo

Let's take a look at how we can configure TLS for our microservice using Vault

TLS

Configure core setup

The first thing we need to do is to create a mount point in Vault for our TLS certificates