| Instance | Branch |
|---|
Eddie Carswell AfroThundr3007730
🔧
MawKKe
/ cryptsetup-with-luks2-and-integrity-demo.sh
Last active
April 29, 2024 21:19
dm-crypt + dm-integrity + dm-raid = awesome!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # Author: Markus (MawKKe) ekkwam@gmail.com | |
| # Date: 2018-03-19 | |
| # | |
| # | |
| # What? | |
| # | |
| # Linux dm-crypt + dm-integrity + dm-raid (RAID1) | |
| # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Referenced and tweaked from http://stackoverflow.com/questions/6174220/parse-url-in-shell-script#6174447 | |
| proto="$(echo $1 | grep :// | sed -e's,^\(.*://\).*,\1,g')" | |
| # remove the protocol | |
| url="$(echo ${1/$proto/})" | |
| # extract the user (if any) | |
| userpass="$(echo $url | grep @ | cut -d@ -f1)" | |
| pass="$(echo $userpass | grep : | cut -d: -f2)" | |
| if [ -n "$pass" ]; then |
digitaljhelms
/ gist:4287848
Last active
April 26, 2024 10:44
Git/GitHub branching standards & conventions
kelvie
/ 0001-Add-a-lockdown_hibernate-parameter.patch
Created
October 2, 2022 23:39
Enable hibernate during lockdown
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From e4db4f07e77feb1c126e7afbf441e9eae34b4e57 Mon Sep 17 00:00:00 2001 | |
| From: Kelvie Wong <kelvie@kelvie.ca> | |
| Date: Sun, 2 Oct 2022 13:23:25 -0700 | |
| Subject: [PATCH] Add a lockdown_hibernate parameter | |
| This allows the user to tell the kernel that they know better (namely, | |
| they secured their swap properly), and that it can enable hibernation. | |
| Signed-off-by: Kelvie Wong <kelvie@kelvie.ca> | |
| --- |
dojoe
/ dkms-module-signing.md
Last active
April 24, 2024 18:50
Make DKMS sign kernel modules on installation, with full script support and somewhat distro independent
On systems with UEFI Secure Boot enabled, recent Linux kernels will only load signed modules, so it's about time DKMS grew the capability to sign modules it's building.
These scripts are extended and scriptified variants of https://computerlinguist.org/make-dkms-sign-kernel-modules-for-secure-boot-on-ubuntu-1604.html and https://askubuntu.com/questions/760671/could-not-load-vboxdrv-after-upgrade-to-ubuntu-16-04-and-i-want-to-keep-secur/768310#768310 and add some error checking, a passphrase around your signing key, and support for compressed modules.
dkms-sign-module is a wrapper for the more generic sign-modules which can also be used outside of DKMS.
- Create a directory under
/root, say/root/module-signing, put the three scripts below in there and make them executable:chmod u+x one-time-setup sign-modules dkms-sign-module
plentz
/ nginx.conf
Last active
April 24, 2024 11:15
Best nginx configuration for improved security(and performance)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
GitHub supports several lightweight markup languages for documentation; the most popular ones (generally, not just at GitHub) are Markdown and reStructuredText. Markdown is sometimes considered easier to use, and is often preferred when the purpose is simply to generate HTML. On the other hand, reStructuredText is more extensible and powerful, with native support (not just embedded HTML) for tables, as well as things like automatic generation of tables of contents.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for d in $(find /sys/kernel/iommu_groups/ -type l | sort -n -k5 -t/); do | |
| n=${d#*/iommu_groups/*}; n=${n%%/*} | |
| printf 'IOMMU Group %s ' "$n" | |
| lspci -nns "${d##*/}" | |
| done; |
Rich-Harris
/ service-workers.md
Last active
April 21, 2024 16:24
Stuff I wish I'd known sooner about service workers
I recently had several days of extremely frustrating experiences with service workers. Here are a few things I've since learned which would have made my life much easier but which isn't particularly obvious from most of the blog posts and videos I've seen.
I'll add to this list over time – suggested additions welcome in the comments or via twitter.com/rich_harris.
Chrome 51 has some pretty wild behaviour related to console.log in service workers. Canary doesn't, and it has a load of really good service worker related stuff in devtools.
Asher256
/ bash-traceback.sh
Created
December 16, 2019 00:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # Bash traceback | |
| # | |
| # Because the option “set -o errexit” / "set -e" does not show any message when | |
| # it stops your Bash script in some cases (for example var=$(yourcommand) will | |
| # exit without any message, even when yourcommand returns an exit code | |
| # different from zero), I recommend you to add the code below to your bash scripts | |
| # to show a traceback each time “errexit” forces your Bash script to stop. | |
| # |