Peter Tonoli PeterTonoli

## FromThePage.pp
  # Puppet recipe to to install dependencies for FromThePage https://github.com/benwbrum/fromthepage under Debian 8
  # By Peter Tonoli (peter+fromthepage@metaverse.org)
  package { 'apt-transport-https':  ensure => 'installed' }
  package { 'ca-certificates':  ensure => 'installed'}
  package { 'nginx-extras':  ensure => 'installed'}
  package { 'passenger':  ensure => 'installed'}
  package { 'zlib1g':  ensure => 'installed'}
  package { 'zlib1g-dev':  ensure => 'installed'}
  package { 'ruby2.1':  ensure => 'installed'}
  package { 'rubygems':  ensure => 'installed'}

## paranoidSSHmoduli.sh
#!/bin/sh
# For the totally paranoid. Create new 8192 bit OpenSSH moduli file! Inspired by http://entropux.net/article/openssh-moduli
# This will take hours, possibly days
ssh-keygen -G /etc/ssh/moduli.all -b 8192
ssh-keygen -T /etc/ssh/moduli.safe -f /etc/ssh/moduli.all
mv /etc/ssh/moduli.safe /etc/ssh/moduli
rm /etc/ssh/moduli.all

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                PeterTonoli
                / keybase.md
            
            
              Created
              September 28, 2015 03:29
            
          
    Keybase proof

I hereby claim:

I am petertonoli on github.
I am petertonoli (https://keybase.io/petertonoli) on keybase.
I have a public key whose fingerprint is 3EFC 12A4 88B9 4B45 68B9  20C9 F0D1 3A64 74E7 C66F

To claim this, I am signing this object:

  
## gist:6155887
# Select the ciphers to enable Forward Secrecy
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES256-CGM-SHA256:ECDHE-RSA-AES256-SHA256:RC4:HIGH:!aNULL:!MD5:-LOW:-SSLv2:-EXP;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 30m;
# Browsers will go directly to the SSL site - cache this setting for a year
add_header "Strict-Transport-Security" "max-age=86400";
# Enable OSCP stapling - For a faster certificate revokation check
resolver <ip_address_of_your_dns_server>;
	# Puppet recipe to to install dependencies for FromThePage https://github.com/benwbrum/fromthepage under Debian 8
	# By Peter Tonoli (peter+fromthepage@metaverse.org)
	package { 'apt-transport-https': ensure => 'installed' }
	package { 'ca-certificates': ensure => 'installed'}
	package { 'nginx-extras': ensure => 'installed'}
	package { 'passenger': ensure => 'installed'}
	package { 'zlib1g': ensure => 'installed'}
	package { 'zlib1g-dev': ensure => 'installed'}
	package { 'ruby2.1': ensure => 'installed'}
	package { 'rubygems': ensure => 'installed'}
	#!/bin/sh
	# For the totally paranoid. Create new 8192 bit OpenSSH moduli file! Inspired by http://entropux.net/article/openssh-moduli
	# This will take hours, possibly days
	ssh-keygen -G /etc/ssh/moduli.all -b 8192
	ssh-keygen -T /etc/ssh/moduli.safe -f /etc/ssh/moduli.all
	mv /etc/ssh/moduli.safe /etc/ssh/moduli
	rm /etc/ssh/moduli.all
	# Select the ciphers to enable Forward Secrecy
	ssl_prefer_server_ciphers on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES256-CGM-SHA256:ECDHE-RSA-AES256-SHA256:RC4:HIGH:!aNULL:!MD5:-LOW:-SSLv2:-EXP;
	ssl_session_cache shared:SSL:10m;
	ssl_session_timeout 30m;
	# Browsers will go directly to the SSL site - cache this setting for a year
	add_header "Strict-Transport-Security" "max-age=86400";
	# Enable OSCP stapling - For a faster certificate revokation check
	resolver <ip_address_of_your_dns_server>;