Skip to content

Instantly share code, notes, and snippets.

View ColOfAbRiX's full-sized avatar

Fabrizio Colonna ColOfAbRiX

12 followers · 8 following
View GitHub Profile
@ageis
ageis / systemd_service_hardening.md
Last active July 3, 2024 21:02
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@djspiewak
djspiewak / thread-pools.md
Last active June 29, 2024 13:55

Thread Pools

Thread pools on the JVM should usually be divided into the following three categories:

  1. CPU-bound
  2. Blocking IO
  3. Non-blocking IO polling

Each of these categories has a different optimal configuration and usage pattern.

@laughedelic
laughedelic / sbt-dependency-management-guide.md
Last active May 14, 2024 16:55
Explicit dependency management in sbt

Some of these practices might be based on wrong assumptions and I'm not aware of it, so I would appreciate any feedback.

  1. avoiding some dependency conflicts:

    • install sbt-explicit-dependencies globally in your ~/.sbt/{0.13,1.0}/plugins/plugins.sbt
    • run undeclaredCompileDependencies and make the obvious missing dependencies explicit by adding them to libraryDependencies of each sub-project
    • (optionally) run unusedCompileDependencies and remove some obvious unused libraries. This has false positives, so ; reload; Test/compile after each change and ultimately run all tests to see that it didn't break anything
    • (optionally) add undeclaredCompileDependenciesTest to the CI pipeline, so that it will fail if you have some undeclared dependencies

  2. keeping dependencies up to date and resolving conflicts:

    • install sbt-updates globally in your `~/.sbt/{0.13,1.0}/plugins/plugins.