ansible-paramikoz-demo
ziti
ansible-paramikoz-demo | ziti | |
---|---|---|
8 | 86 | |
7 | 2,175 | |
- | 4.8% | |
0.6 | 9.8 | |
over 1 year ago | 4 days ago | |
Python | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ansible-paramikoz-demo
-
Prisma Access / Zscaler - client vpn replacement
OpenZiti has tunnelers for all popular OS, allowing you to support many apps and services. Even better, a tunneler can support multiple identities and thus be part of different networks (which ZPA or a VPN cannot do). This is great for admin access for MSPs, for example. The SDKs are super powerful if you develop the app yourself and give more security (i.e., you no longer trust the host OS network). The SDKs also give us the ability to do cool app-embedded things, e.g., zero trust Ansible, Prometheus, SSH, Lambda/serverless, clientless for browzer.
-
What are some of the easiest areas of the organization to adapt Zero Trust?
Regarding Mattermost, we didn't do app embedded; we 'merely' use the OpenZiti tunnelers at source and destination (think better VPN client). We did do zitifications of the following (and more) - Prometheus, Ansible, SSH, Kubectl. For Mattermost, the interesting zitification is the client side. Most of our company uses BrowZer, which is a new (beta) OpenZiti capability which gives the user a public application experience, while the server stays completely private and unaddressable on the public internet - to understand how that is even possible, read this blog - https://openziti.io/introducing-openziti-browzer.
- Just starting out
-
Will Ansible serve my purpose of Fleet Management for my Use Case in Industrial PCs?
What are your thoughts on building the VPN into SSH Shadonovitch? I work for an open source project which built an overlay mesh network built on zero trust networking principles incl. outbound only connectivity, and a strong identity. This means you do not need any inbound ports, VPNs or private APNs. More important, at its route its a suite of SDKs, so we took our Python one and put it inside Paramiko SSH so we could put it in Ansible and not need the external VPN client, as the private overlay is in SSH - https://github.com/openziti-test-kitchen/ansible-paramikoz-demo
-
How we use and Secure SaltStack
- https://github.com/openziti-test-kitchen/ansible-paramikoz-demo
-
Using the OpenZiti Python SDK for zero trust Ansible
Check out the Ansible Collection for the code, and if you want, you can try the demo.
-
Securing Ansible with a Zero Trust Overlay
Zero Trust Ansible Demo
ziti
- Show HN: OpenZiti (Apache 2.0, P2P, E2E encrypted, full mesh overlay) is now 1.0
-
Has anyone tried OpenZiti?
If you are not aware of what OpenZiti is, this is the description available on their website:
-
zrok: open-source peer-to-peer sharing (release of 0.4.0)
fwiw, its back up. stars for zrok and ziti (i.e., the parent repo) are super appreciated!
-
Self-Hosted Mesh Network / VPN For User-Friendly LAN Gaming Network?
https://github.com/openziti/ziti (1.2k stars)
-
K3S, Authentik, And Practical Use
Create an AUR package for the ziti binaries
-
Docker-Compose Woes
I ask because I'm going to start with the simplified-docker-compose.yml file instead of the more complicated one for starters
-
Upgrading VPN solutions in a remote working Environment
OpenZiti is the most sophisticated and simple-to-use ZTNA platform on the planet. Allows you to create micro-segmented ZTNA networks by desktop application, web application, device, containers, API, and servers. All data is distributed dynamically across an overlay mesh network focused on routing performance, self-healing, and latency. It has desktop clients on all operating systems, pre-built SSH consoles, and SDKs in different languages to integrate OpenZiti into any product natively. And best of all, it's Open-Source. Seriously, try it, you'll be mind-blowing...
-
An SDK for embedding zero trust networking into Node.JS applications and web servers to improve security.
This repo hosts the OpenZiti SDK for NodeJS, and is designed to help you deliver secure applications over a OpenZiti Network - https://github.com/openziti/ziti-sdk-nodejs.
- Ziti
-
Looking for a "file-ingress"/"file upload" service for arbitary person w/ one time link/email
zrok.io seems fit for this purpose though you'd have to do a little work like combining it with FileGator or similar. Future releases would add this functionality directly, you could just watch the project. It is fundamentally designed for web app & webhook testing. It's built on top of a zero-trust networking overlay technology called openziti.io. There are developer discourse channels to help.
What are some alternatives?
ziti-doc - Documentation describing the usage of the Ziti platform.
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
ansible-collection - Ansible Galaxy Collection of Playbooks, Roles, Plugins, and Modules
tailscale - The easiest, most secure way to use WireGuard and 2FA.
zssh - Ziti SSH
ZeroTier - A Smart Ethernet Switch for Earth
OPAL - Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
devtron - Tool integration platform for Kubernetes
gdg - Grafana Dashboard Manager
authentik - The authentication glue you need.
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module