Skip to content

Instantly share code, notes, and snippets.

Avatar

Tristor Tristor

View GitHub Profile
@Tristor
Tristor / 06-kids.conf
Created Dec 15, 2020
Force Pi-Hole SafeSearch
View 06-kids.conf
# This DNSMasq configuration forces restrictions to be enabled for YouTube, Bing, and Google Search
# for more information see: https://learn.akamai.com/en-us/webhelp/enterprise-threat-protector/enterprise-threat-protector/GUID-0FCB1221-60DC-4A01-9B09-0C25B16BF3D0.html
# or see: https://support.google.com/youtube/answer/6214622?hl=en
# Put this file in /etc/dnsmasq.d/
## YouTube
cname=www.youtube.com,restrictmoderate.youtube.com
cname=m.youtube.com,restrictmoderate.youtube.com
cname=youtube.googleapis.com,restrictmoderate.youtube.com
cname=youtubei.googleapis.com,restrictmoderate.youtube.com
@Tristor
Tristor / matrix-synapse.conf
Created Feb 23, 2017
Nginx reverse-proxy config for Matrix Synapse server
View matrix-synapse.conf
server {
listen 80;
listen [::]:80;
server_name matrix.tristor.ro;
location '/.well-known/acme-challenge' {
default_type "text/plain";
allow all;
root /var/www/matrix.tristor.ro/public/;
}
@Tristor
Tristor / certbot.conf
Created Feb 23, 2017
Nginx temporary configuration for CertBot webroot verification
View certbot.conf
server {
listen 80;
server_name localhost;
location / {
root /var/www/matrix.tristor.ro/public/;
index index.html index.htm;
}
location '/.well-known/acme-challenge' {
@Tristor
Tristor / pf.conf
Created Feb 21, 2017
PF configuration for TURN server on DO
View pf.conf
# vim: set ft=pf
# /etc/pf.conf
ext_if = "vtnet0"
# These macros define the ports we let in and out.
webports = "{http, https}"
needout = "{ssh, domain, ntp, www, https, git, ftp}"
turn = "{3478}"
turns = "{5349}"
@Tristor
Tristor / client.ovpn
Last active May 6, 2016
A stub client configuration for OpenVPN
View client.ovpn
# This configuration is for $CN
#viscosity dns full
#viscosity usepeerdns true
#viscosity dhcp true
tls-client
pull
client
dev tun
proto udp
remote 123.123.123.123 1194
@Tristor
Tristor / server.conf
Last active Sep 14, 2018
OpenVPN server.conf
View server.conf
# Basic Connection Config
dev tun
proto udp
port 1194
keepalive 10 120
max-clients 5
# Certs
ca ca.crt
cert server.crt
@Tristor
Tristor / iptables.sh
Last active May 6, 2021
Simple IPtables script for an OpenVPN server
View iptables.sh
#!/bin/bash
# Flushing all rules
iptables -F FORWARD
iptables -F INPUT
iptables -F OUTPUT
iptables -X
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
@Tristor
Tristor / tweaks
Last active Dec 7, 2017
OSX Dev Tweaks
View tweaks
sudo nvram SystemAudioVolume=" "
defaults write com.apple.universalaccess reduceTransparency -bool true
for domain in ~/Library/Preferences/ByHost/com.apple.systemuiserver.*; do
defaults write "${domain}" dontAutoLoad -array \
"/System/Library/CoreServices/Menu Extras/TimeMachine.menu" \
"/System/Library/CoreServices/Menu Extras/Volume.menu" \
"/System/Library/CoreServices/Menu Extras/User.menu"
done
defaults write com.apple.systemuiserver menuExtras -array \
"/System/Library/CoreServices/Menu Extras/Bluetooth.menu" \
@Tristor
Tristor / sshd_config
Last active Aug 23, 2020
Hardened SSH Server Config 03/2016
View sshd_config
# TCP port to bind to
# Change to a high/odd port if this server is exposed to the internet directly
Port 22
# Bind to all interfaces (change to specific interface if needed)
ListenAddress 0.0.0.0
# Force SSHv2 Protocol
Protocol 2
View keybase.md

Keybase proof

I hereby claim:

  • I am tristor on github.
  • I am tristor (https://keybase.io/tristor) on keybase.
  • I have a public key whose fingerprint is 26B4 1281 A0AA 61EE 2CFD 47FA 1915 97E1 CB67 6F29

To claim this, I am signing this object: