Skip to content

Instantly share code, notes, and snippets.

View KostyaEsmukov's full-sized avatar
🔥
Maybe we just wanna watch the world burn

Kostya Esmukov KostyaEsmukov

🔥
Maybe we just wanna watch the world burn
71 followers · 0 following
View GitHub Profile
@KostyaEsmukov
KostyaEsmukov / _ nginx_ssl_A+.md
Last active December 10, 2017 07:27
Nginx configuration manual to get an A+ score on Qualys SSL Labs

Nginx A+ score on Qualys SSL Labs

Test your current score here: https://www.ssllabs.com/ssltest/

Certificate

You must have a certificate issued by a trusted certification authority.

These authorities issue certificates for free and I tested them by myself:

  • Let's Encrypt I strongly encourage you to go with them, unless you need a higher-grade certificate;
  • Wosign - their certificates are no longer trusted by browsers.
@KostyaEsmukov
KostyaEsmukov / _ nginx_performance_optimizations.md
Last active August 20, 2016 11:06
Nginx performance tunings - minimal configuration

Nginx performance optimizations

The configs below are for Linux.

These are the most competent tunings I've found.

@KostyaEsmukov
KostyaEsmukov / _ nginx_proxy_gzipped_response.md
Created August 20, 2016 09:40
Setup of two nginx servers, where traffic between upstream and balancer is gzipped.

Nginx proxy gzipped response

+-------+ +---------> +-----+ +---------> +--------+
|browser|             |proxy|             |upstream|
+-------+ <---------+ +-----+ <---------+ +--------+
            gzipped            !gzipped!
@KostyaEsmukov
KostyaEsmukov / _nginx_docker_config.md
Last active April 1, 2024 08:40
Nginx configuration sample for docker

Nginx production configuration sample

This config assumes that nginx is run from docker image _/nginx.

docker commands

docker network create nginx

mkdir -p /etc/myproject/nginx

cd /etc/myproject/nginx

@KostyaEsmukov
KostyaEsmukov / _ letsencrypt_in_docker_with_nginx.md
Last active December 10, 2017 07:29
A recipe to get letsencrypt running in docker in couple with nginx

Let's Encrypt in docker with nginx

Replace myproject and domain.com in the commands below to your needs.

# This folder will contain actual certificates and account data
mkdir -p /etc/myproject/letsencrypt/

# This folder will contain authentication files created by webroot plugin of the certbot

mkdir -p /var/myproject/letsencrypt/

@KostyaEsmukov
KostyaEsmukov / zext_ssl_cert.sh
Last active August 23, 2016 16:24
SSL certificate validation script for Zabbix https://www.zabbix.org/wiki/Docs/howto/ssl_certificate_check
#! /bin/sh
#
# Modified script from https://www.zabbix.org/wiki/Docs/howto/ssl_certificate_check
# which is able to check multiple hosts at once.
#
# Define a host macros like {$SNI} => 'domain1.com,domain2.com'
#
# Kostya Esmukov <kostya@esmukov.ru>
#
@KostyaEsmukov
KostyaEsmukov / _ zabbix_telegram_notifications.md
Last active November 26, 2021 09:02
Zabbix alerts via Telegram

Zabbix alerts via Telegram

⚠️ Deprecated: Zabbix now includes official support for Telegram media, see https://www.zabbix.com/integrations/telegram.

Replace my_zabbix_bot and My Zabbix Bot below with your own names.

Create and test telegram bot

Add @BotFather contact in Telegram and press 'start',
then type:

@KostyaEsmukov
KostyaEsmukov / swapfile_linux.md
Last active October 20, 2016 07:28

Create a swapfile on Linux

dd if=/dev/zero of=/var/swapfile bs=1M count=2048
chmod 0600 /var/swapfile
mkswap /var/swapfile

swapon /var/swapfile

echo >> /etc/fstab

echo "/var/swapfile none swap sw 0 0" >> /etc/fstab

@KostyaEsmukov
KostyaEsmukov / _ squid3_in_docker_as_caching_proxy.md
Last active August 17, 2017 15:01

Squid3 in docker as caching proxy

Handy to speedup your CI builds.

Configuration

# create a directory for files cache
mkdir -p /var/yourproject/squid/spool

mkdir -p /etc/yourproject/squid/

@KostyaEsmukov
KostyaEsmukov / Matplotlib + OS X + virtualenv + python3.md
Last active January 8, 2017 11:40