Skip to content

Instantly share code, notes, and snippets.

View voiprodrigo's full-sized avatar

Rodrigo Pereira voiprodrigo

3 followers · 10 following
  • Lisbon, Portugal
View GitHub Profile
@voiprodrigo
voiprodrigo / hashicorp-vault-auth-cert-and-token-role-creation.md
Created December 15, 2020 17:15 — forked from davidmintz/hashicorp-vault-auth-cert-and-token-role-creation.md
notes on setting up and using Vault TLS authentication, policies, and tokens with named roles

Our goal is to save sensitive data in a MySQL database in a responsible way, and be able to read/write it programmatically in a PHP web application. Asymmetric encryption would be best, but is not practical here. Symmetric encryption with a strong algorithm and hard-to-guess cipher is acceptable, but not if we store the cipher in plain text on the same server where the database credentials also live in plain text!

This work-in-progress is subject to change if/when I come up with a better scheme, but for now, the plan is to:

  • store the cipher as a vault secret;
  • configure TLS authentication so that our PHP application can log in, and then
  • create a token that allows its bearer to read the secret (our cipher);
  • use a PHP component and our cipher to encrypt/decrypt our sensitive data.
@voiprodrigo
voiprodrigo / README
Created November 25, 2020 15:10 — forked from dnozay/README
syslog (port 10514) firewall configuration for vSphere
goal
----
The goal is send syslog traffic to a remote host and use unpriviledged ports;
so that I can have my logstash (http://logstash.net/) server not need to
run as root. On vSphere 5.1, tcp 1514 is covered by the syslog rule, but
in my case udp is preferred.
installation
------------
@voiprodrigo
voiprodrigo / postgres_queries_and_commands.sql
Created May 14, 2018 23:57 — forked from rgreenjr/postgres_queries_and_commands.sql
Useful PostgreSQL Queries and Commands
-- show running queries (pre 9.2)
SELECT procpid, age(query_start, clock_timestamp()), usename, current_query
FROM pg_stat_activity
WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%'
ORDER BY query_start desc;
-- show running queries (9.2)
SELECT pid, age(query_start, clock_timestamp()), usename, query
FROM pg_stat_activity
WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%'
@voiprodrigo
voiprodrigo / apache-qliksense-proxy.md
Created March 20, 2018 17:50 — forked from DevoKun/apache-qliksense-proxy.md
Apache2 Proxy Server Recipe for QlikSense to accomodate https and Secure WebSocket (wss) connections

Scenario

-------------       ----------------       ---------
| Browser   |<----->| Apache httpd |<----->| Qlik  |
|           |  SSL  |     2.4.9    |  SSL  | Sense |
-------------       ----------------       ---------