Skip to content

Instantly share code, notes, and snippets.

View mhjacks's full-sized avatar

Martin Jackson mhjacks

15 followers · 6 following
  • Red Hat
View GitHub Profile
@jborean93
jborean93 / Get-ValidatedScriptBlock.ps1
Last active September 17, 2024 22:04
WDAC Investigations for Ansible
Function Get-ValidatedScriptBlock {
[OutputType([ScriptBlock])]
param (
[Parameter(Mandatory)]
[string]
$Name,
[Parameter(Mandatory)]
[string]
$ScriptAsBase64
@rechner
rechner / freeipa-openvpn.md
Last active May 7, 2024 18:27
FreeIPA setup for OpenVPN logins

This article proved to be a decent starting point, but I was particularly interested in allowing password-based logins to OpenVPN using a username/password backed by FreeIPA (opposed to client certificates) as the identity provider.

  • IPA join your VPN machine: ipa-client-install --mkhomedir
  • Get a kerberos ticket: kinit
  • Create a Kerberos service principle and HBAC rule for openvpn access:
ipa service-add openvpn/`hostname`
  • Create new hbacrule in console, mark host as the VPN host, and whatever group you want to restrict access to:
@troyharvey
troyharvey / deployment.yml
Last active September 13, 2024 19:00
Using Kubernetes envFrom for environment variables
# Use envFrom to load Secrets and ConfigMaps into environment variables
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: mans-not-hot
labels:
app: mans-not-hot
spec:
replicas: 1