fortigate-terraform-deploy
images
fortigate-terraform-deploy | images | |
---|---|---|
5 | 6 | |
95 | 492 | |
- | 3.5% | |
8.2 | 9.9 | |
7 days ago | 6 days ago | |
HCL | HCL | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
fortigate-terraform-deploy
- Second WAN on standalone FG in Azure
-
AWS HA Active-Passive VDOM exceptions and VIPs
Hello, I got to play around a bit with a pair of Fortigates in Active-Passive mode in AWS, multi-az. The whole setup is terraformed as per Fortigate's code.
- Disable your management interface access from the WAN and ‘untrusted’ LAN segments if you have it enabled. Now. (FortiOS 7.0/7.2)
-
GCP HA Deployment - Questions around proper subnet masks
I found the Terraform examples, made some minor modifications, and did a successful deployment for the VMs. Everything works great on the external interface (Port1). But the Fortigate fails to pass traffic to internal web servers off Port2, despite the Virtual IP, Firewall policy and GCP firewall rules all being configured correctly. Checking Forward Traffic logs, I saw this unusual message:
- Fortigate Aws Gateway Load Balancer
images
- Suas imagens de container não estão seguras!
- Chainguard Images
-
Musl 1.2.4 adds TCP DNS fallback
I'm very sorry that we broke things for you.
To be clear, nothing has changed with Wolfi. Wolfi is an open source community project and everything is still available there: https://github.com/wolfi-dev/.
We have made changes to Chainguard Images - our commercial product built on top of Wolfi - which mean you can no longer pull images by tag (other than latest). Chainguard images are rebuilt everyday and have a not inconsiderable maintenance cost.
The easiest way to avoid this is to build the images yourself. You can rebuild identical images to ours using apko and the source files in the images repo e.g: https://github.com/chainguard-images/images/blob/main/images... (note you can replace package names with versioned versions). You can also just use a Dockerfile with the wolfi-base image to "apk add" packages. Full details are here: https://www.chainguard.dev/unchained/a-guide-on-how-to-use-c...
I agree that pinning is a best practice. The above blog explains that you can still do it using a digest, but I accept this isn't the simplest solution.
If I can help any more, please feel free to get in touch - you can find me most places including twitter https://twitter.com/adrianmouat
-
Wolfi: A community Linux OS designed for the container and cloud-native era
We needed Wolfi to be able to create minimal (distroless if you like) container images based on glibc with 0 vulnerabilities. Turns out a lot of other people are interested in Wolfi for various reasons, and we're more than happy to work with them.
You definitely don't need to use Wolfi! But I would say, if you run containers you might want to check out Chainguard Images: https://github.com/chainguard-images/images
-
Creating Safer Containerized PHP Runtimes with Wolfi
In this article, we'll see how to leverage Wolfi to create safer PHP application environments based on containers. To demonstrate Wolfi usage in a Dockerfile workflow (using a Dockerfile to build your image), we'll create an image based on the wolfi-base image maintained by Chainguard. The goal is to have a final runtime image able to execute a PHP command-line script. By definition, this image won't be completely distroless, because it will require APK to be present in order to install system dependencies described in the Dockerfile. For building pure distroless images, you should have a look at apko.
What are some alternatives?
terraform_repo - Terraform samples for Major Cloud Providers and Custom Provider Development
rocker-versioned2 - Run current & prior versions of R using docker. rocker/r-ver, rocker/rstudio, rocker/shiny, rocker/tidyverse, and so on.
terraform - The place to storing Terraform modules of many providers
NuGet - NuGet Gallery is a package repository that powers https://www.nuget.org. Use this repo for reporting NuGet.org issues.
fortinet-azure-solutions - A set of Azure Templates for getting you started in Azure with Fortinet solutions. This repository is a place for beta releases and work on the latest templates to be published on github.com/fortinet or custom templates.
horus - Free cloud native platform for service hosting
terraform-databricks-examples - Examples of using Terraform to deploy Databricks resources
os - Main package repository for production Wolfi images
fortinet-zabbix - Zabbix Templates for Fortinet devices
sbomnix - A suite of utilities to help with software supply chain challenges on nix targets
cloudblock - Cloudblock deploys secure ad-blocking and VPN for all devices. Text and video guides included! 6 supported cloud providers, plus Ubuntu and Raspberry Pi. Cloudblock deploys Wireguard VPN, Pi-Hole DNS Ad-blocking, and DNS over HTTPS in a cloud provider - or locally - using Terraform and Ansible.
phoenix_container_example - Production-quality example for Elixir/Phoenix building, testing, and running in containers