I hereby claim:
- I am radikaled on github.
- I am nkim (https://keybase.io/nkim) on keybase.
- I have a public key whose fingerprint is 3591 1E48 935C F499 BAD3 B3E8 A1F5 CC29 F13F DF74
To claim this, I am signing this object:
radikaled
radikaled
/ 99-worker-load-nvme-tcp-modules.yaml
Created
May 23, 2025 01:29
MachineConfig to load in-tree nvme_tcp kernel module
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generated by Butane; do not edit | |
| apiVersion: machineconfiguration.openshift.io/v1 | |
| kind: MachineConfig | |
| metadata: | |
| labels: | |
| machineconfiguration.openshift.io/role: worker | |
| name: 99-worker-load-nvme-tcp-modules | |
| spec: | |
| config: | |
| ignition: |
radikaled
/ keybase.md
Created
November 11, 2024 08:32
radikaled
/ aap-ac-example.yaml
Created
February 13, 2024 19:40
AutomationController with custom rhsm.conf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: automationcontroller.ansible.com/v1beta1 | |
| kind: AutomationController | |
| metadata: | |
| name: example | |
| namespace: aap | |
| spec: | |
| postgres_keepalives_count: 5 | |
| postgres_keepalives_idle: 5 | |
| create_preload_data: true | |
| route_tls_termination_mechanism: Edge |
radikaled
/ kc.java.security
Last active
January 17, 2024 16:23
Sample custom java.security for strict FIPS Keycloak
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # BountyCastle will not start without this | |
| securerandom.strongAlgorithms=PKCS11:SunPKCS11-NSS-FIPS | |
| # https://www.keycloak.org/server/fips#_other_restrictions | |
| fips.provider.8=SunJGSS |
radikaled
/ keycloak.yaml
Created
January 17, 2024 15:40
Example Keycloak CR utilizing strict FIPS custom image
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: k8s.keycloak.org/v2alpha1 | |
| kind: Keycloak | |
| metadata: | |
| name: example-keycloak | |
| namespace: $(NAMESPACE) | |
| spec: | |
| additionalOptions: | |
| - name: spi-truststore-file-file | |
| value: /opt/keycloak/conf/server.keystore | |
| - name: spi-truststore-file-password |
radikaled
/ Containerfile
Last active
January 17, 2024 15:12
Containerfile for Keycloak server in strict FIPS mode (OCP4)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM registry.redhat.io/rhbk/keycloak-rhel9:22-6 as builder | |
| # What these environment variables mean: | |
| # https://www.keycloak.org/server/all-config?f=build | |
| # Set to appropriate database provider | |
| ENV KC_DB=postgres | |
| ENV KC_CACHE_STACK=kubernetes | |
| ENV KC_FEATURES=fips,kerberos |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: example | |
| labels: | |
| app: httpd | |
| namespace: nfs | |
| spec: | |
| volumes: | |
| - name: nfs |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: nfs-claim | |
| spec: | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: | |
| storage: 100Gi |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: PersistentVolume | |
| metadata: | |
| name: pv0001 | |
| spec: | |
| capacity: | |
| storage: 100Gi | |
| accessModes: | |
| - ReadWriteOnce | |
| nfs: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM registry.redhat.io/openshift4/ose-cli AS builder | |
| WORKDIR /tmp | |
| RUN wget -O azcopy_v10.tar.gz "https://aka.ms/downloadazcopy-v10-linux" && tar -xf azcopy_v10.tar.gz --strip-components=1 | |
| FROM registry.redhat.io/openshift4/ose-cli | |
| COPY --from=builder --chown=root:root --chmod=755 /tmp/azcopy /usr/bin |
NewerOlder