Skip to content

Instantly share code, notes, and snippets.

Avatar

Abhyudaya Sharma AbhyudayaSharma

View GitHub Profile
@AbhyudayaSharma
AbhyudayaSharma / gen-csr.md
Last active Jun 3, 2022
Generate a certificate signing request in one line
View gen-csr.md

Generate a CSR using OpenSSL

openssl req -new -newkey rsa:4096 -keyout key.pem -noenc -out csr.pem -sha512 \
  -addext 'subjectAltName = DNS:foo.example.com, DNS:bar.example.com, IP:192.0.2.35' \
  -subj '/C=IN/ST=State/L=Location/O=Organization/OU=OrgUnit/CN=foo.example.com/emailAddress=foo@example.com'

This creates a new RSA4096 key in key.pem and the corresponding CSR in csr.pem. The CSR can then be verified:

@AbhyudayaSharma
AbhyudayaSharma / README.md
Last active Jul 25, 2020
HTTPS for Pi-hole using Nginx reverse proxy
View README.md

This Nginx Configuration sets up Pi-hole behind HTTPS using an Nginx reverse proxy for secure credential transmission when accessing the UI.

Using the NXDOMAIN blocking mode makes sure that Pi-hole is not serving empty HTML pages for every ad.

Since I use ufw on my Raspberry Pi, the following rules are needed for the setup to work (SSH is optional):

sudo ufw status
Status: active
@AbhyudayaSharma
AbhyudayaSharma / block.list
Last active Mar 12, 2022
Pi-hole block list
View block.list
use-application-dns.net
apollo-apps.playcannonball.net.domain.name
apollo-apps.playcannonball.net
mobile.pipe.aria.microsoft.com.domain.name
ssl.google-analytics.com.domain.name
vortex.data.microsoft.com.domain.name
app-measurement.com.domain.name
ae.gsecondscreen.com.domain.name
reports.crashlytics.com.domain.name
apollo-games.playcannonball.net