pezhore

@pezhore@infosec.exchange

Middle aged (hopefully) tinkerer./ Focusing on infrastructure, software, and infosec automation and efficiencies. Constantly on the look out for the next thing that captures my attention.

Can sometimes be found in a van roaming National Parks.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

pezhore, to terraform

Anyone have a good write up/how-to for standing up server? Looking at the documentation, I'm a bit lost on how to point it to rego files, and how to have my clients call OPA to evaluate their JSON.

My use case is kind of fun - have all my team's Terraform repos do a pre-merge OPA evaluation on the Terraform plan. I'd like to get away from bundling the rego with the repos - the developers could just change the accept criteria and hope nobody notices in the pull request.

So success looks like having a rego file on a remote opa server that will allow a user to POST a url with their terraform plan, and get back the results.

Any ideas?

(ping @anderseknert)

pezhore,

@anderseknert Sounds good to me!

geerlingguy, to random
@geerlingguy@mastodon.social avatar

I have a feeling Proxmox will get an uptick in use from anyone not completely locked into the VMware ecosystem: https://www.thestack.technology/vmware-is-killing-off-56-products-including-vsphere-hypervisor-and-nsx/

pezhore,

@pauliehedron @geerlingguy My understanding from talking to some former co-workers at VMware is that Brocade is pushing everyone to a subscription model - it's financially more beneficial to Brocade. When combined with dropping smaller partners, the strategy seems to be leaning heavily into milking large companies.

pezhore, to homelab

My Orbi setup is showing its age, I need recommendations for a replacement.

Must Haves:

Mesh Wifi: The router is in the basement of the two story townhome, I need wifi on all three floors.

Access Point/non-router mode: I already have a decent router/FW, I just need WiFi

Nice to Haves:

Different SSIDs: Guest/IOT/Primary for various clients

Support VLAN tagging for SSIDs: Keep those clients Layer 3 Isolated

pezhore,

@shellsharks I put in an Amazon order for the Orbi 6 Pro, but I think it was lost in the mail. I hope it makes it through, I don't have a need for Wifi 7 yet, and the brand new Orbis are pushing $1k USD

anderseknert, to devops
@anderseknert@hachyderm.io avatar

What better way to spend the weekend than with a new version of ? Everyone's favorite linter now have 2 more new rules, and some other nice improvements added. Check it out!

https://github.com/StyraInc/regal/releases/tag/v0.15.0

pezhore,

@anderseknert This looks really cool - I need to carve out some time at work to dive back into Open Policy Agent. We have a decent little workflow for validating Terraform plans, but I'd love to get it further refined.

Plus, getting a OPA server rather than trusting the engineers/pipeline to validate their own policy would be nice.

pezhore, to homelab

Anyone have a good k3s cluster setup guide? I'm ready to convert my docker host with about 10 containers to a 2 or 3 node cluster.

eric_capuano, to random

Displate having a cyber monday sale... Someone talk me out of this pls

pezhore,

@eric_capuano No! Be the change you want to see in the world.

(Also, link so I can get it as a gag gift for my wife)

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • rosin
  • mdbf
  • tacticalgear
  • osvaldo12
  • InstantRegret
  • DreamBathrooms
  • modclub
  • magazineikmin
  • thenastyranch
  • khanakhh
  • Youngstown
  • slotface
  • kavyap
  • JUstTest
  • ethstaker
  • tester
  • GTA5RPClips
  • Durango
  • normalnudes
  • cubers
  • ngwrru68w68
  • everett
  • provamag3
  • cisconetworking
  • anitta
  • Leos
  • lostlight
  • All magazines
    •