Skip to content

Instantly share code, notes, and snippets.

View TGion's full-sized avatar

Tobias Gion TGion

View GitHub Profile
# Create pull request for public repo (already forked)
git checkout -b new_branch
git remote add upstream URL_OF_FORK
# Make changes to FILE
git add FILE
git commit -S -m "Adding a FILE to new_branch"
git push -u origin new_branch
# Create a new repository on the command line
touch README.md
git init
git add README.md
git commit -m "Inital commit"
git remote add origin URL
git push -u -f origin master / main
@TGion
TGion / pf.conf
Last active August 10, 2023 04:47
Different BSD packet filter (pf) rule snippets - IPv4 only
ext_if = "vtnet0" # Our external interface.
vpn_if = "wg0" # Wireguard interface
gsd_if = "wg-gsd" # Wireguard GSD interface
# TCP ports allowed for external / public interface.
TCP_EXT_OK = "{ domain-s, http, https, docsrv }"
UDP_EXT_OK = "{ domain-s, wireguard }"
# Stateful TCP options.
TCP_STATE = "flags S/FSRA keep state"
@TGion
TGion / nginx.conf
Created June 12, 2023 15:14
Newsyslog logrotation for nginx services
# Nextcloud
# [logfile name] [owner-group] [mode] [count] [size] [when] [flags] [path to pid file] [signal]
/var/log/nextcloud/nextcloud.log www:www 640 9 * $D00 BCEJN
# Modsecurity
# Workaround for logrotation on modsecurity to restart nginx - otherwise new logs are not written
# https://github.com/SpiderLabs/ModSecurity-nginx/issues/121
#
# [logfile name] [owner-group] [mode] [count] [size] [when] [flags] [path to pid file] [signal]
/var/log/modsecurity/modsec_audit.json www:www 640 9 * $D00 BCEJR /usr/local/sbin/nginx.restart
@TGion
TGion / gist:f6d16d070a665bafd9ecc3e75c1d9f8e
Created June 12, 2023 15:12
FreeBSD kernel config for pf's ALTQ
device pf
device pflog
device pfsync
options ALTQ
options ALTQ_CBQ # Class Bases Queuing (CBQ)
options ALTQ_RED # Random Early Detection (RED)
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC)
options ALTQ_PRIQ # Priority Queuing (PRIQ)
@TGion
TGion / rc.conf
Last active June 12, 2023 15:10
FreeBSD 13 RC config file for my VPS with SSH, Wireguard and several services
# Misc
dumpdev="NO"
cloudinit_enable="YES"
swapfile="/usr/swap0"
dbus_enable="YES"
# Network Stuff
hostname=HOSTNAME.DOMAIN.TLD
defaultrouter=X.X.X.X
ifconfig_vtnet0=X.X.X.X
@TGion
TGion / gist:f3b7b429e1c5f52585c4cd7d723477a7
Last active June 12, 2023 15:08
Check if Wireguard to Fritz!Box is active and set rclone server accordingly
#!/bin/sh
# Check if Wireguard to Fritz!Box is active
if ping -c 1 fritzbox.local > /dev/null
then export RCLONE_SERVER=fritz.wireguard # Access via Wireguard
else export RCLONE_SERVER=fritz.extern # Access via FTP/S externaly
fi
@TGion
TGion / etc - profile
Created June 12, 2023 10:14
System-wide shell profile for sh-based shells (e.g. sh, bash, zsh, tcsh)
# Colorize terminal for micro editor
TERM=xterm-256color
export TERM
# Some generic alias
alias su="su -l"
alias show.top="top -I -z -t -a -o cpu"
alias gh="history|grep"
# even more generic
@TGion
TGion / gist:caf442def7f5bd871c3b971044c759a9
Created June 11, 2023 21:15
Redirect stdout and stderr to /dev/null - Silent restart for nginx
#!/bin/sh
/usr/sbin/service nginx restart>/dev/null 2>&1
@TGion
TGion / 420.backup-system
Created April 24, 2023 11:30
Sample custom periodic script
#!/bin/sh -
#
# $FreeBSD$
#
# Put into /usr/local/etc/periodic/daily
# If there is a global system configuration file, suck it in.
#
if [ -r /etc/defaults/periodic.conf ]
then