Create file /etc/systemd/system/[email protected]. SystemD calling binaries using an absolute path. In my case is prefixed by /usr/local/bin, you should use paths specific for your environment.
[Unit]
Description=%i service with docker compose
PartOf=docker.service
After=docker.service
Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault is primarily used in production environments to manage secrets. Vault is a complex system that has many different pieces. There is a clear separation of components that are inside or outside of the security barrier. Only the storage backend and the HTTP API are outside, all other components are inside the barrier.
Figure 1: Architecture of Vault and Spring App (Click to enlarge)
The storage backend is untrusted and is used to durably store encrypted data. When the Vault server is started, it must be provided with a storage backend so that data is available across restarts. The HTTP API similarly must be started by the Vault server on start so that clients can interact with it.
| # Install K3S | |
| curl -sfL https://get.k3s.io | sh - | |
| # Copy k3s config | |
| mkdir $HOME/.kube | |
| sudo cp /etc/rancher/k3s/k3s.yaml $HOME/.kube/config | |
| sudo chmod 644 $HOME/.kube/config | |
| # Check K3S | |
| kubectl get pods -n kube-system |
| curl --include \ | |
| --no-buffer \ | |
| --header "Connection: Upgrade" \ | |
| --header "Upgrade: websocket" \ | |
| --header "Host: example.com:80" \ | |
| --header "Origin: http://example.com:80" \ | |
| --header "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" \ | |
| --header "Sec-WebSocket-Version: 13" \ | |
| http://example.com:80/ |
| /* eslint-disable @typescript-eslint/no-unsafe-assignment */ | |
| import { reactive, toRefs } from 'vue'; | |
| import axios,{ AxiosRequestConfig, AxiosError, AxiosResponse } from 'axios'; | |
| export enum Status { | |
| IDLE = 'idle', | |
| LOADING = 'loading', | |
| SUCCESS = 'success', | |
| ERROR = 'error', |
I have a heterogenous set of hosts and a mix of different roles that I want to apply to each host. Using groups would mean creating a group for nearly every role, which felt like overkill.
This combination of a playbook and two task scripts runs the roles specified in the host's required_roles
variable, in order. It supports a tag named after the role, to run the specific role, and a tag role-partial to activate the role but to require other tags to activate specific tasks in the role (helpful when debugging roles).
Following the documentation on online.net would get IPv6 to work only in a simple system installation but won't get IPv6 to work with virtualization environment (Exp. Proxmox) as It's missing some IPv6 forwards and proxies on sysctl.conf.
| --- | |
| - hosts: demo | |
| tags: wait | |
| gather_facts: no | |
| tasks: | |
| - name: Wait for SSH | |
| local_action: wait_for port=22 host={% if ansible_ssh_host is defined %}{{ ansible_ssh_host }}{% else %}{{ inventory_hostname }}{% endif %} |