BadgerOps

Latest — Jan 7, 2025

Decoding Kubernetes Secrets with jq

It's been a while since I've posted, and I generally post about things I've learned / have helped me in my day to day role. This is a quick blog post about easily decoding base64 encoded secrets in kubernetes, using Kubectl and jq. Before diving into decoding Kubernetes secrets, let's set

More issues

CVE's

CVE's. Gamified? Maybe. Useful? Maybe. Fast-becoming-too-complex to manage? I think so. But. This is currently one of the best ways of unified reporting & alerting of vulnerabilities to a wide audience. There's certainly room for improvement. Recently, I got an inside view on the process. My current ${DAY_JOB} is heavily

Dachau

Last weekend, we traveled to the Alpine town of Garmisch, explored the beautiful Neuschwanstein Castle, and on our return trip to Stuttgart, visited the Dachau memorial. Words cannot express what we experienced while walking through the memorial site. The utter disregard for humanity. The engineered, optimized methodology for corralling, oppressing,

Keycloak & Open Shift

Hi there! So. You're running Open Shift Container Platform 4.12+ and you're wanting to deploy that shiny new Red Hat Keycloak Operator (v22) and set up Oauth from Keycloak into Open Shift. How do you deploy Keycloak as an IDP for Open Shift? The magic words being "Configure Keycloak

smtp socket: malformed response on a FIPS 140-2 system

Ok, this is a very highly specific post - but I hope it is useful for that sysadmin who's tearing their hair out trying to figure out wtf is going on with smtp failing with a vague error message. Recently, I was configuring a Postfix SMTP relay on a FIPS140-2

Germany

Those of you who've been following my sporadic social media postings will know that the BadgerFam moved to Germany last summer. I'm doing some work for some people that involves a lot of yaml, stiggin', bare metal -> openshift, fips, fapolicyd, selinux and much more fun. I'll let you draw

Wigle wardrive from Idaho -> D3F C0N

Long time, no post! Driving down from Idaho to Las Vegas for Black Hat, BSidesLV and D3F C0N. Figured, hey, what the heck, let's war drive! I grabbed my trusty old Alfa USB WiFi card, Garmin eTrex Legend & serial adaptor and a unused Raspberry Pi from the box-o-parts, installed Kismet

Export/Clone Linode VPS to AWS EC2

Today we're looking at two methods of migrating a Linode Linux instance to an AWS EC2 instance. We can use the official Linode disk copy guide as a starting point, but that doesn't really get us all the way there, as we still need to import that image. This guide

Debugging a PHP app in Kubernetes using Telepresence.io

Hello folks, Today we're going to talk about using telepresence.io to debug PHP code running in Kubernetes using Telepresence. I'll refer you to the Telepresence Introduction page for an overview of what Telepresence can do for you, but if you're reading this you probably are already aware and just

Forcing initramfs to load udev 70-persistent-net.rules

Hello fine readers, Chances are you're scouring the googles much like I was all morning trying to figure out how to get update-initramfs to pull in the 70-persistent-net.rules udev rule. You may have stumbled on this debian bug or this ubuntu bug which coincidently ties in with my remote