puppet – jtheo

Bookmarks for 8 Mar 2016 through 14 Mar 2016

These are my links for 8 Mar 2016 through 14 Mar 2016:

Zsoldier’s Tech Blog: Add Portgroups/VLANs to vmware standard switches via PowerCLI – Wrote a simple little script to insert a portgroup into a targeted vSwitch of all VM hosts in a targeted cluster. This is not an issue if you use distributed vSwitches.
siph0n – exploits : leaks : dumps : papers : hashes – Hello and welcome to "siph0n", we are a group of security enthusiasts that want to make people
more aware of security risks and the risks behind compromised(stolen) data.
By using this Site, you signify your assent to these Terms of Service if you do not agree to any of these conditions,
do not use this website.
Hardening Framework – […] Server hardening is a well-known topic with many guides out in the wild. Why this project? At Deutsche Telekom we need to manage thousands of servers for customers and ourselves. All servers need to be configured properly and maintained, which is difficult and time-consuming to get right. To answer these needs for security, compliance, and maintainability, we decided to launch this project as a common ground for requirements and their fulfillment.[…]
Node-RED – Node-RED is a tool for wiring together hardware devices, APIs and online services in new and interesting ways.
zachlatta/sshtron: Play Tron over SSH – SSHTron is a multiplayer lightcycle game that runs through SSH

Bookmarks for 18 nov 2015 through 24 nov 2015

These are my links for 18 nov 2015 through 24 nov 2015:

Come suddividere il log di WordPress in file separati tramite Apache – Otherplus Tech – Quando usiamo WordPress su un server Apache siamo quasi sempre abituati ad avere un solo file di log per gli accessi del nostro sito e alcune volte due file per dividere gli accessi normali da quelli in errore. Ultimamente ho avuto un’esperienza da un cliente proprio su questo argomento specifico e abbiamo dovuto generare i file in maniera tale da dividere le informazioni che riguardavano la sezione classica da quella admin, ajax, wp-content etc.
Using AWS Virtual Tape Library as Storage for Bacula – CAPSIDE – In this article, we will set up a Storage Gateway virtual machine on-premises that will cache and buffer backup data from Bacula.
Tiny Puppet – Yet Another Puppet Abstraction Layer – Tiny Puppet is a Puppet module that allows management of virtually any application on any Operating System: It’s based on the assumption that its user knows and wants to control how to shape the managed application’s configuration file: It’s not a joke, it just works like that, as long as our application can be installed via a native package (Tiny Puppet can manage also additional repos) and we know how to configure it.

Bookmarks for 12 mar 2015 through 18 mar 2015

These are my links for 12 mar 2015 through 18 mar 2015:

OpenSSL Essentials: Working with SSL Certificates, Private Keys and CSRs | DigitalOcean – OpenSSL is a versatile command line tool that can be used for a large variety of tasks related to Public Key Infrastructure (PKI) and HTTPS (HTTP over TLS). This cheat sheet style guide provides a quick reference to OpenSSL commands that are useful in common, everyday scenarios. This includes OpenSSL examples of generating private keys, certificate signing requests, and certificate format conversion. It does not cover all of the uses of OpenSSL.
Change password The Foreman – Erwan Gallen –
OpenDJ Directory Services Project – The open source LDAP directory services in Java – The OpenDJ community actively develops open source directory services, including a high performance, highly available, secure directory server, built-in data replication, client tools, and an LDAP SDK. OpenDJ offers extensive LDAPv3 support, as well as RESTful access to directory data over HTTP. OpenDJ DSML gateway enables applications accessing directory data through DSMLv2. All modules are 100% Java based and require at least Java 6.

Bookmarks for 5 nov 2014 from 10:48 to 13:51

These are my links for 5 nov 2014 from 10:48 to 13:51:

Configuring OpenLDAP pass-through authentication to Active Directory – Alex Tcherniakhovski – Security – Site Home – MSDN Blogs – This particular functionality of OpenLDAP should be of special interest for environments where long term co-existence between OpenLDAP and Active Directory is required. By establishing pass-through authentication the following advantages could be achieved: Great end-user experience. No need to remember multiple passwords Increased security, due to the reduction of the attack surface (one less password store in the environment) Single password policy The rest of the post will expand on the instructions provided by the OpenLDAP 2.4 Administration guide on establishing pass-through authentication from OpenLDAP to Active Directory. Specifically, will will leverage the capability of SASL to use LDAP as an authentication back-end. In our case, Active Directory will play a role of such authentication back-end.
Books – UNIX Systems Programming (BSD) – BitsInTheWind.com – ISBN 10: 0-937175-23-4 / ISBN 13: 9780937175231 O'Reilly & Associates January 1989 The following are made available for your personal, non-commercial use only. You may cite this document as a bibliographic reference in any works that you are writing. Any commercial use of this document, including printing and distribution to groups of people (such as a classroom) is prohibited without my prior written permission.
osquery – With osquery, you can use SQL to query low-level operating system information. Under the hood, instead of querying static tables, these queries dynamically execute high-performance native code. The results of the SQL query are transparently returned to you quickly and easily.
Boxupp – GUI tool to manage Puppet & Vagrant based project environments | Paxcel – Boxupp makes it easy for integrated management of development stacks over Vagrant and Puppet. Initially built over these two softwares, we plan to add support for more providers and provisioners * Integrated management environment for Vagrant and Puppet * Intelligence at its core * Simple Web GUI * Easy provisioning * Inbuilt console and editors * Start right from level zero ! * Share your configurations with team members.

Bookmarks for 22 ott 2014 from 11:37 to 15:55

These are my links for 22 ott 2014 from 11:37 to 15:55:

S3QL – nikratio – S3QL is a file system that stores all its data online using storage services like Google Storage, Amazon S3, or OpenStack. S3QL effectively provides a hard disk of dynamic, infinite capacity that can be accessed from any computer with internet access running Linux, FreeBSD or OS-X. S3QL is a standard conforming, full featured UNIX file system that is conceptually indistinguishable from any local file system. Furthermore, S3QL has additional features like compression, encryption, data de-duplication, immutable trees and snapshotting which make it especially suitable for online backup and archival. S3QL is designed to favor simplicity and elegance over performance and feature-creep. Care has been taken to make the source code as readable and serviceable as possible. Solid error detection and error handling have been included from the very first line, and S3QL comes with extensive automated test cases for all its components.
Using Foreman, an Opensource Frontend for Puppet – – The recent vulnerability in bash, got me running to update bash. It’s easy when you have maybe one or two Linux servers, but what do you do if you have 100’s or even thousands or servers? You need to use a server configuration and management tool like puppet. However, instead of using the command line, I wanted a GUI tool where I could select the servers or server group and select an action. That is where I found Foreman, A opensource tool which not only handles configuration of your servers but also does provisioning. Foreman is easy to install, opensource, has community based support and a good deal of documentation.
Power Up Your Authentication with Open LDAP and Puppet | DataCentred – When you’re busy automating your infrastructure, a recurring theme that causes questions and problems is this: how do you reliably integrate your data (which changes all the time) into your configuration? As a hosting company, we find ourselves needing to tend to an ever-increasing number of devices: servers, switches, routers, hypervisors, you name it. A staple mechanism for centralised authentication is the use of an LDAP server to manage a directory of users and groups and to perform authentication of credentials and privileges on behalf of other devices on the network.
Enterprise/Authentication/KerberosServices – Ubuntu Wiki – This article explains a little bit about the Kerberos protocol and how it can be used in Ubuntu. It's not a thorough manual, use more authoritative sources to get more accurate information and update if you see obvious mistakes.

Bookmarks for 14 ott 2014 through 15 ott 2014

These are my links for 14 ott 2014 through 15 ott 2014:

terminal.sexy – Terminal Color Scheme Designer – A web app to help you design a colour theme for your terminal, with support for Xresources, Termite and iTerm 2. [ via http://onethingwell.org/post/99402033490/terminal-color-scheme-designer ]
11 online Puppet resources you should know – Many people asks, what are the good places to learn puppet on-line. This post is for the people who are looking for good on-line resources free as well as paid stuff. There are many on-line resources available at the time of writing this post. With just Google we may not find all these stuff. We have categorized those resources as below.
Alt-F | SourceForge.net – Alt-F provides a free alternative firmware for the DLINK DNS-320/320L/321/323/325. Alt-F has Samba and NFS; supports ext2/3/4, VFAT, NTFS and ISO9660 filesystems; RAID 0, 1, 5 (with external USB disk) and JBOD; supports 2/3/4TB disks; rsync, ftp, sftp, ftps, ssh, lpd, DNS and DHCP servers, DDNS, fan and leds control, clean power up and down… and more. Alt-F also has a set of comprehensive administering web pages, you don't need to use the command line to configure it. Besides the built-in software, Alt-F also supports additional packages on disk, including ffp packages, that you can install, update and uninstall using the administering web pages

Bookmarks for 29 ago 2014 through 1 set 2014

These are my links for 29 ago 2014 through 1 set 2014:

Scaling PHP apps via PHP-FPM clustering | Jamie Alquiza – PHP-FPM is a way to move your busted PHP handling from one place to another. It's essentially a pool of processes ready for PHP interpretation through FastCGI. While Apache will service client connections and static content, PHP requests are pushed into PHP-FPM. PHP-FPM allows the creation of process pools, each pool having it's own spawning model (e.g. static number of processes, dynamic with min/max, etc.) and other configurations (what UID/GID to run as, listening socket, etc.). A typical setup would be to create a PHP-FPM pool per tenant in a shared hosting environment.
KERMIT – KermIT is an opensource IT management solution. KermIT integrates best of breed opensource components with a Web user interface and dashboard to provide a central management solution for IT systems and applications. It provides a consistent, secure framework and a scalable architecture. It manages Linux, Unix and Windows systems. 'Small picture' KermIT relies in the backend on Puppet and MCollective. The license of the developments is the GPL v.3 for the generic part of the source code.
Random Start Times For Cron Jobs With Puppet : mycfg.net – Periodic scripts which use a common resource can end up being configured to run at the same time for multiple hosts. The result is that tasks like puppet runs or backups can take longer since they are trying to run all at once instead of being staggered. One way to do this is to give each cron task unique times manually. Another way is to add a random sleep before the task runs. My preferred way is to use the fqdn_rand function in puppet. Here's how it works.

Bookmarks for 28 ago 2014 from 12:10 to 13:11

These are my links for 28 ago 2014 from 12:10 to 13:11:

CloudInit – Community Help Wiki – cloud-init is the Ubuntu package that handles early initialization of a cloud instance. It is installed in the Ubuntu Cloud Images and also in the official Ubuntu images available on EC2. Some of the things it configures are: setting a default locale setting hostname generate ssh private keys adding ssh keys to user's .ssh/authorized_keys so they can log in setting up ephemeral mount points cloud-init's behavior can be configured via user-data. User-data can be given by the user at instance launch time. This is done via the –user-data or –user-data-file argument to ec2-run-instances
Tsunami UDP Protocol – Tsunami UDP Protocol: A fast user-space file transfer protocol that uses TCP control and UDP data for transfer over very high speed long distance networks (≥ 1 Gbps and even 10 GE), designed to provide more throughput than possible with TCP over the same networks. The project is based on original Indiana University 2002 Tsunami source code, but has been significantly improved and extended. As such, large portions of the program today are courtesy by Aalto University Metsähovi Radio Observatory. Includes FTP-like client and server command line applications for normal file transfers. It has additionally been extended for high rate real-time data streaming in eVLBI radio astronomy and geodesy (VSIB, PCEVN DAQ). Licensed under the original IU open source license.
Obama for America on AWS – Infrastructure Architecture – Obama for America on AWS – Infrastructure Architecture
holman/spark – sparklines for your shell

Bookmarks for 26 ago 2014 from 13:53 to 15:35

These are my links for 26 ago 2014 from 13:53 to 15:35:

Petr’s blog about Linux: Systemd Cheatsheet –
List of IXPs – Euro-IX – List of known IXPS around the globe
Cloud Orchestration & Cloud Automation the DevOps Way | Cloudify – Orchestrate Real Apps on the Cloud with Cloudify Achieve a smooth transition to the cloud and easy automation of even the most complex applications throughout their entire lifecycle with Cloudify. Orchestrate the creation of the whole cloud infrastructure required for your application, starting from compute resources all the way down to networks and block storage devices. Cloudify will then deploy your applications to the cloud (OpenStack, VMWare vSphere, or even bare metal like Softlayer), monitor their progress and scale them when needed. With Cloudify, you won’t be locked in to any one cloud provider or one type of cloud; deploy the same application in your own data center or on the cloud of your choice using your favorite automation and configuration management tools. Monitor, manage and scale your application with Cloudify, whatever the topology or technology stack.

Bookmarks for 18 ago 2014 through 25 ago 2014

These are my links for 18 ago 2014 through 25 ago 2014:

Spark | Open source IoT toolkit – You want your connected product to be smart, right? Give it an operating system designed for the Internet of Things. Spark OS is a distributed operating system, where servers in the Cloud do the heavy lifting. That way your product can handle complex, intelligent behaviors when it's online, even with only kilobytes of memory.
WRTnode | First & only open source hardware for OpenWrt, the world’s smallest Linux Wi-Fi dev board, Easy & completed IDE, NEW machines’ heart – Opensource hardware for OpenWrt, mini Linux+Wi-Fi board, easy and completed IDE, smart machines' heart
adrienthebo/r10k – Smarter Puppet deployment, powered by killer robots
Atraci/Atraci · GitHub – Atraci is an application for Windows, Mac and Linux that lets you listen instantly to more than 60 million songs (way more than iTunes's 26 million). It requires no sign up, displays no ads and is 100% safe.