Skip to content

Instantly share code, notes, and snippets.

View NicoWde's full-sized avatar

Nico Wunder NicoWde

38 followers · 151 following
View GitHub Profile
@gavinhungry
gavinhungry / nginx-tls.conf
Last active July 18, 2024 11:35
Nginx SSL/TLS configuration for "A+" Qualys SSL Labs rating
#
# Name: nginx-tls.conf
# Auth: Gavin Lloyd <gavinhungry@gmail.com>
# Desc: Nginx SSL/TLS configuration for "A+" Qualys SSL Labs rating
#
# Enables HTTP/2, PFS, HSTS and OCSP stapling. Configuration options not related
# to SSL/TLS are not included here.
#
# Additional tips:
#
@timlinux
timlinux / coreos-docker.md
Last active January 27, 2024 13:02
Setting up a hetzner machine with coreos

This gist describes how to set up a new machine running coreos.

Create an ssh key

ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa_kartoza99

Get the public key:

@rafaeltuelho
rafaeltuelho / openshift-cheatsheet.md
Last active July 17, 2024 08:33
My Openshift Cheatsheet

My Openshift Cheatsheet

Project Quotes, Limits and Templates

  • Cluster Quota
oc create clusterquota env-qa \
    --project-label-selector environment=qa \
    --hard pods=10,services=5
    
oc create clusterquota user-qa \
@OdinsPlasmaRifle
OdinsPlasmaRifle / arch_linux_installation.md
Last active July 14, 2024 19:55
LVM on LUKS Arch installation with systemd-boot
@Jamie-
Jamie- / .bash_aliases
Last active June 12, 2021 09:12
macOS Brew bashrc
# Shortcuts
alias ..='cd ..'
alias l='ls'
alias ll='ls -al'
alias la='ls -A'
@holmberd
holmberd / php-pools.md
Last active July 22, 2024 01:42
Adjusting child processes for PHP-FPM (Nginx)

Adjusting child processes for PHP-FPM (Nginx)

When setting these options consider the following:

  • How long is your average request?
  • What is the maximum number of simultaneous visitors the site(s) get?
  • How much memory on average does each child process consume?

Determine if the max_children limit has been reached.

  • sudo grep max_children /var/log/php?.?-fpm.log.1 /var/log/php?.?-fpm.log
@beminee
beminee / PretendYoureXyzzy Installation Guide.md
Last active March 29, 2021 03:45

Ubuntu 16.04 Installation:

Installing prerequisites

sudo su
apt-get update
apt-get install default-jdk
@andyeff
andyeff / postgres.py
Created June 28, 2019 09:58
Ansible Tower PSQL tuning
# Ansible Tower database settings.
'''
This is for a Tower instance using a remote postgresql database.
Lines from ATOMIC_REQUESTS to PORT are default settings
CONN_MAX_AGE and OPTIONS dict are added in
This change seemingly allows Tower to re-use its database connections,
which can MASSIVELY reduce CPU load if running very verbose playbooks.
Currently no real downsides noticed
'''
@alexanderkjeldaas
alexanderkjeldaas / setup-k3s-on-hetzner.sh
Last active January 10, 2024 19:07
Setup k3s on Hetzner with CSI drivers
#!/bin/bash
LOCATION=${HCLOUD_LOCATION:-nbg1-dc3}
if [ -z "$HCLOUD_TOKEN" ]; then
echo "You need to set HCLOUD_TOKEN to an Hetzner API token!";
exit 1
fi
if [ -z "$SSH_KEY" ]; then
@ifeulner
ifeulner / 01_longhorn_bestpractices.md
Last active May 13, 2024 19:13
Longhorn hcloud best practices

Longhorn best practices

The following settings are provided as an example how longhorn should be configured in a production cluster, especially if it is deployed on Hetzner Cloud infrastructure.

Hetzner server nodes provide local storage and allow up to five attached volumes (with a size of up to 10TiB each) Local storage is provided by NVMe storage and therefore is much faster than the attached volumes, but limited in size (max 300GiB usable).

It is assumed that the cluster creation is already done, e.g. via terraform scripts provided by the great kube-hetzner project.

Initial configuration