toe
Diving into Qubes OS
a project by thardeck
What is Qubes OS
Qubes OS is an operating system based on Linux with security in mind.
Performance profile and possibly improve Jitsi web client
an invention by mkoutny
Project Description
I run openSUSE TW and FF with i7-5600U Intel CPU. Calls with ~4 (video) participants work but my CPU load is approaching number of cores. In slightly bigger calls (>=6 participants) the CPU load was insufficient and audio packets were being dropped. I'd like learn more about webrtc video streams in order to reduce the client's CPU work or make it more adaptive when running with limited resources.
Zero Trust vSphere Provisioning from Rancher
an idea by wjimenez
Currently, when Rancher tries to provision a Kubernetes cluster on vSphere, it needs to initiate API calls to the vSphere endpoint. In a hybrid cloud environment this often means that the Rancher server is not in the same network as the vSphere endpoint. Therefore inbound access is required to be added to a firewall so Rancher can reach the vSphere system. This naturally poses a security concern and creates administrative burden on our users who have to go through a security review to get this approved. If instead of requiring direct API access, an agent could exist inside the network where the vSphere API lived, then this agent could broker the communication between the Rancher server and the downstream API. The agent would simply initiate an outbound API connection to the Rancher server (much like any node agent or cluster agent currently) and simultaneously proxy any API calls that Rancher needs to make to vSphere. This would also have the benefit of being able to be run through a HTTP proxy, which many security teams will appreciate as a less risky connectivity model.
Kanidm - A modern opensource IDM
a project by firstyear
Project Description
Kanidm is a modern, fast, opensource IDM aiming to be an alternative to projects like 389-ds, freeipa, samba 4 and others. Inspired by many identity as a services, many features of this project aim to advance the state of what is possible with opensource security and IDM today.
Create ansible roles for generic server stuff
a project by ph03nix
The situation of maintained ansible roles for boring server stuff like setting up a LEMP stack (Linux, nginx, mariadb, php) is dire and I would like to improve that. This project is about creating a handful of ansible roles with focus on * Fully supported in openSUSE (Leap and Tumbleweed)
Send to Hell
an idea by pagarcia
Have you ever received an e-mail that made you furious? Did you answer it? If you did, chances are you regretted later.
Rust Bootcamp
an invention by SMorlan
Project Description
Join an instructor-led bootcamp to explore the Rust programming language in two-hour sessions each day throughout Hackweek.
Loganalyzer/LIDS with OSSEC
a project by rwawrig
Project Description
Creating an alarm system in case of a rogue app filling up disk space with logs, system error or break-in attempt.
openSUSE build supported by SUSE IT
a project by vgrinco
Project Description
SUSE IT needs help from fellow geekos with release engineering skills to define the requirements, process, infrastructure, and tools for building an openSUSE-based distribution bundled with SUSE IT-supported application stack. The resulting OS build will be offered as a standard distribution for new SUSE employees in addition to the existing Operating System library.
Kanidm - Modern Opensource Identity Management
an invention by firstyear
Project Description
Kanidm is a identity management system (a store of accounts, groups and more) that supports authentication to opensuse, web sites, networks, and more. The project has a focus on respect of humans, correctness, simplicity and performance. In previous hackweeks we have implemented cryptographic authentication (webauthn), wasm based web UI and more.
FIDO2 emulation
a project by mkoutny
Project Description
FIDO2 is set of specifications for multi-factor authentication. It is based on asymmetric cryptography with secrets stored in a HW token. The token must support the protocol to be usable.
Salt formula for Certhub
an idea by crameleon
Project Description
Deploying individual ACME clients on many clients makes maintenance and troubleshooting of individual certificate renewal failures troublesome and error prone. As an idea for a solution, I would like to combine parts of Certhub (https://certhub.io/) and SaltStack to make for a central solution which can be deployed in an organization. The solution should allow for domains to use different ACME servers if needed.
High Available NFS Cluster Concept
a project by roseswe
Project Description
Overall: Existing NFS-HA Consulting solution exists (for SLES15 SP1 and SP2+) and is in production at customers. Goal is to improve this solution, enhance the documentation and make it more robust.
Rust based mini webserver with all the modern bells and whistles
a project by darix
Project Description
Just hook up a webserver framework for rust with things like opentelemetry for tracing, prometheus endpoint for monitoring, structured logging (to systemd) instead of line based logging.
Kanidm - Account Policy
a project by firstyear
Project Description
Kanidm is a identity management system (a store of accounts, groups and more) that supports authentication to opensuse, web sites, networks, and more. The project has a focus on respect of humans, correctness, simplicity and performance. In previous hackweeks we have implemented cryptographic authentication (webauthn), wasm based web UI, replication foundations and more.
The 5 days of Hackweek
an invention by bear454
5 small projects in one hack week
I always try to take on something bigger than I can complete in Hackweek, and then wallow in my frustrations for weeks after. This time I'm doing something different: one small project every day; 5 accomplishments; 5 successes. I invite you to join me. Post your mini-projects in the comments.
Looking for projects around:
securityActivity