content
Packer
Our great sponsors
content | Packer | |
---|---|---|
7 | 65 | |
2,076 | 14,890 | |
2.7% | 0.6% | |
10.0 | 9.4 | |
7 days ago | 2 days ago | |
Shell | Go | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
content
- Oracle linux CIS benchmark
-
FIPS 140 and MacOS
For starters there's an entire NIST project for macOS Security Compliance - https://github.com/usnistgov/macos_security this will make your life a million times easier to meet a lot of the technical controls required for compliance. Nothing like this really exists for Windows or Linux(closest is Compliance As Code https://github.com/ComplianceAsCode/content)
- Ansible for automation/ hardening.
- I wrote a Script to bring firefox into dISA STIG compliance on RHEL 7 & 8 systems.
- hardening a RHEL8 VM using OpenSCAP and DISA STIG
-
CIS Benchmarking Git Community
I haven't used this in a while but take a look at ComplianceAsCode it is attempting to apply controls for each of the different benchmarks on different OSes. It might have what you are looking for, plus you can always contribute back any changes you make to help others.
- ComplianceAsCode/content: Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Packer
-
The 2024 Web Hosting Report
To manage a VM, you can use something as simple as just manual actions over SSH, or can use tools like Ansible, Hashicorp's Packer and Terraform or other automations. For an app where there is minimal load and security/reliability concern, VMs are still a great option that provide a lot of value for the buck
-
Avoiding DevOps tool hell
Server templating: Using Packer has never been easier to create reusable server configurations in a platform-independent and documented manner.
-
How to create an iso image of a finished system
I'll give you hard, but rewarding and easy to modify(once you know what you're doing) way. Packer may be a thing you're looking for.
-
13.2 ZFS root AMIs in AWS
It is straightforward to build them with packer (I have built AMIs for 13.0 and 13.1, but 13.2 should be exactly the same). I've been meaning to write a blog post about it for a while, but have not gotten to it yet... In any case, what I am doing is using the EBS Surrogate Builder to start an instance running the official FreeBSD 13.2 image with an extra volume attached and run a script to create a zpool on the extra volume and bootstrap and configure FreeBSD 13.2-RELEASE on it. After that packer takes care of creating an AMI out of that extra volume, so you can use it... If you have any issues, let me know, and maybe I will finally get to writing that blog post...
-
DevOps Tooling Landscape
HashiCorp Packer is a tool for creating machine images for a variety of platforms, including AWS, Azure, and VMware. It allows you to define machine images as code and supports a wide range of configuration options.
-
auto-provisioning multiple raspberry pi's
Packer is a tool that can be used to build machine images. Basically, it takes a base image, runs a series of steps to provision that image, and then burns a new image. In my workplace we use it heavily to build AWS AMIs. But it has an ARM plugin that looks to be very very suitable for building customised Raspberry Pi images (my quick read of the doco there says it can go ahead and write the final image to an SD card for you too).
- How do hosting companies immediately create vm right after purchasing one?
-
Packer preseed file seems to not be read
Seems related to https://github.com/hashicorp/packer/issues/12118 But the workaround discribed in the comments doesn’t seems to work anymore
-
How to create AMI which also copies the user data?
I'd suggest using a tool like Packer to build a gold image based on your base AMI and all your changes. Then you'll have your own AMI you can launch new instances with.
-
Is migrate for compute engine M4CE suitable for migrating VMs (to GCP) which are part of auto scaling groups in AWS ?
Your assumption sounds correct. It sounds like you shouldn't focus on migrating specific instances, but instead migrating the template image used for autoscaling into GCP. I tend to prefer Packer for this job, or otherwise recreating the golden image directly on GCP.
What are some alternatives?
flake8-bandit - Automated security testing using bandit and flake8.
Vagrant - Vagrant is a tool for building and distributing development environments.
hardening - Hardening Ubuntu. Systemd edition.
helm - The Kubernetes Package Manager
AMDH - Android Mobile Device Hardening
oVirt - oVirt website
ansible-role-rhel8-stig - DISA STIG for Red Hat Enterprise Linux 8 - Ansible role generated from ComplianceAsCode Project
cloud-init-vmware-guestinfo - A cloud-init datasource for VMware vSphere's GuestInfo interface
ansible-role-hardening - Ansible role to apply a security baseline. Systemd edition.
kubernetes - Production-Grade Container Scheduling and Management
lunasec - LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
QEMU - Official QEMU mirror. Please see https://www.qemu.org/contribute/ for how to submit changes to QEMU. Pull Requests are ignored. Please only use release tarballs from the QEMU website.