Rick Osowski osowski
osowski
/ confluent-external-config.properties
Last active
June 4, 2021 15:02
Kafka Security Article #2 Snippets - TLS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bootstrap.servers=kafka.{kubernetes-cluster-fully-qualified-domain-name}:443 | |
| security.protocol=SSL | |
| ssl.truststore.location={/provided/to/you/by/kafka/administrator} | |
| ssl.truststore.password={__provided_to_you_by_kafka_administrator__} | |
| ssl.keystore.location={/generated/in/coordination/with/kafka/adminstrator} | |
| ssl.keystore.password={__generated_in_coordination_with_kafka_administrator__} | |
| ssl.key.password={__generated_in_coordination_with_kafka_administrator__} |
osowski
/ generate-ssl-certs-for-confluent-platform.sh
Last active
June 3, 2021 18:02
Streamlined version of confluent-platform-security-tools script to generate SSL certificates from a pre-existing CA crt/key.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Customized version of https://github.com/confluentinc/confluent-platform-security-tools | |
| # Starting with confluentCA.pem & confluentCA.key provided by Administrator (which is created prior to Confluent Platform install) | |
| DNAME="C=UK, ST=LON,L=LON,O=IBMTest,OU=Cloud,CN=confluent-platform-security" | |
| # Create truststore from provided CA certificate | |
| keytool -keystore kafka.cps1.truststore.jks -alias CARoot -import -file confluentCA.pem -noprompt -dname "${DNAME}" -keypass cps-password1 -storepass cps-password1 | |
| # Create client keystore containing a key pair and a self-signed certificate |
osowski
/ confluent-external-config.properties
Last active
June 3, 2021 18:10
Kafka Security Article #1 Snippets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bootstrap.servers=kafka.{kubernetes-cluster-fully-qualified-domain-name}:443 | |
| sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="{USERNAME}" password="{PASSWORD}"; | |
| security.protocol=SASL_SSL | |
| sasl.mechanism=PLAIN | |
| ssl.truststore.location={/provided/to/you/by/the/kafka/administrator} | |
| ssl.truststore.password={__provided_to_you_by_the_kafka_administrator__} |
osowski
/ Dockerfile
Last active
July 24, 2020 16:37
— forked from csantanapr/Dockerfile
dind on Kubernetes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM docker:dind | |
| RUN set -eux; \ | |
| apk add --no-cache \ | |
| git \ | |
| iptables \ | |
| jq \ | |
| bash \ | |
| vim \ | |
| curl \ |
osowski
/ incept-minikube.sh
Last active
April 16, 2020 23:28
Install Minikube, Kubectl, and Virtualbox on Ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Installing VirtualBox | |
| echo "Installing VirtualBox........................" | |
| sudo apt-get install virtualbox | |
| #Installing kubectl https://kubernetes.io/docs/getting-started-guides/kubectl/ | |
| echo "Installing kubectl..........................." | |
| wget https://storage.googleapis.com/kubernetes-release/release/v1.4.4/bin/linux/amd64/kubectl | |
| chmod +x kubectl | |
| sudo mv kubectl /usr/local/bin/kubectl |
osowski
/ push-it-flow.js
Created
October 23, 2015 13:09
Node-RED flow to use GitHub web hooks to play audio when code is pushed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [{"id":"d014cd72.2feb3","type":"websocket-listener","path":"/ws/audio","wholemsg":"false"},{"id":"ed3b7433.12c488","type":"watson-text-to-speech","name":"","lang":"english","voice":"en-US_MichaelVoice","x":460,"y":263.9999933242798,"z":"2df11d26.d20ee2","wires":[["1c671986.e398e6"]]},{"id":"4a98cccf.b56734","type":"inject","name":"","topic":"","payload":"Hello my name is James","payloadType":"string","repeat":"","crontab":"","once":false,"x":149.09091186523438,"y":140.72726440429688,"z":"2df11d26.d20ee2","wires":[["9cc01711.633fe8"]]},{"id":"de94b273.216b5","type":"websocket out","name":"","server":"d014cd72.2feb3","client":"","x":811.0908813476562,"y":325.72725772857666,"z":"2df11d26.d20ee2","wires":[]},{"id":"301d54b3.cfe2ac","type":"http in","name":"","url":"/audio","method":"get","swaggerDoc":"","x":190.81817626953125,"y":383.36363220214844,"z":"2df11d26.d20ee2","wires":[["67b82a64.9847d4"]]},{"id":"d7b2d215.284d3","type":"http response","name":"","x":613.3636646270752,"y":391.63634872436523,"z":"2df11d26 |
osowski
/ lets-chat-build.sh
Last active
September 23, 2015 18:59
IBM Bluemix DevOps Services build scripts for Let's Chat Docker images. Based off the default scripts provided by the service, these have had most comments removed for clarity.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| log_and_echo "$LABEL" "Starting build script" | |
| cd ${WORKSPACE}/lets-chat | |
| if [ -f Dockerfile ]; then | |
| log_and_echo "$LABEL" "Building ${FULL_REPOSITORY_NAME}" | |
| ${EXT_DIR}/utilities/sendMessage.sh -l info -m "New container build requested for ${FULL_REPOSITORY_NAME}" | |
| # build image | |
| BUILD_COMMAND="" |
osowski
/ gist:cff7fbfc60fe65ed0bd8
Created
September 10, 2015 06:42
Node-RED flow to query Fitbit for your current daily steps, using Nodes from https://github.com/node-red/node-red-web-nodes/tree/master/fitbit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [{"id":"606bf65c.701848","type":"inject","name":"","topic":"","payload":"","payloadType":"date","repeat":"","crontab":"","once":false,"x":135,"y":196,"z":"2adfbdc6.dede72","wires":[["b2e08b61.b5e3c"]]},{"id":"b2e08b61.b5e3c","type":"fitbit","fitbit":"","name":"Query Activities","dataType":"activities","x":384,"y":189,"z":"2adfbdc6.dede72","wires":[["25995aa.974bf26","e848c7de.acfee8"]]},{"id":"5c30a6c1.8de82","type":"debug","name":"","active":true,"console":"false","complete":"false","x":667,"y":167,"z":"2adfbdc6.dede72","wires":[]},{"id":"25995aa.974bf26","type":"function","name":"Filter Summary","func":"msg.payload = msg.payload.summary.steps;\nreturn msg;","outputs":1,"noerr":0,"x":534,"y":246,"z":"2adfbdc6.dede72","wires":[["5c30a6c1.8de82"]]},{"id":"592febbd.0f489c","type":"http in","name":"GET Current Steps","url":"/steps","method":"get","swaggerDoc":"","x":147,"y":270,"z":"2adfbdc6.dede72","wires":[["b2e08b61.b5e3c"]]},{"id":"a3898ac2.ca1558","type":"http response","name":"GET Current Steps Response"," |
osowski
/ Dockerfile
Created
July 2, 2015 13:12
WebSphere Liberty Dockerfile & custom scripts (executing prior to server start) updating server configuration files with IBM Bluemix service credential information dynamically
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM registry-ice.ng.bluemix.net/ibmliberty:latest | |
| RUN apt-get update && apt-get install -y \ | |
| git \ | |
| python-lxml | |
| # Add a SSH key, this will allow to perform SSH into containers | |
| COPY id_rsa.pub /root/.ssh/ | |
| RUN chmod 600 /root/.ssh/id_rsa.pub \ |