alvarow

# Generate a new key
openssl genrsa -out server.key 2048

# Generate a new CSR
openssl req -sha256 -new -key server.key -out server.csr

# Check certificate against CA
openssl verify -verbose -CApath ./CA/ -CAfile ./CA/cacert.pem cert.pem

# Self Signed

alvarow

# Has XFF header with a value
acl has-xff req_header X-Forwarded-For ^(([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)|(\[([0-9a-f]+)?:([0-9a-f:]+)?:([0-9a-f]+|0-9\.]+)?\]))

# default logformat
logformat squid      %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<a %mt

# default logformat using XFF instead of client IP address
logformat squid-xff  %ts.%03tu %6tr %{X-Forwarded-For}>h %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<a %mt

alvarow

# Get number of running containers of a service
aws --profile saml --output json ecs describe-services --cluster DIT-DMZ --service adp-e-bot-kafka  | jq '.services[]|.desiredCount'

# Get a list of all task definitions
aws --profile saml --output text ecs list-task-definition-families

# Get the JSONs of a task definition
aws --profile saml --output json ecs describe-task-definition --task-def DIT-adp-e-bot | jq '.taskDefinition|if .networkMode then {family: .family, volumes: .volumes, containerDefinitions: .containerDefinitions, networkMode: .networkMode} else {family: .family, volumes: .volumes, containerDefinitions: .containerDefinitions} end'

# Get all task definition and save each as a JSON

alvarow

Using Let's Encrypt SSL with Subsonic

Let's Encrypt Docs

Subsonic getting started Docs

Link from where most of this info came from

Here is a simple tutorial to use Letsencrypt SSL Certs with Subsonic. This is on a Debian Server

alvarow

<%@ page import="java.util.*" %>
    <html>

    <head>
        <title>Http Request Headers Example in JSP</title>
    </head>

    <body>
        <h2>HTTP Request Headers Received</h2>
        <table>

alvarow

# Source it on .bash_profile
# run with "encrypt a.file" or "decrypt a.file.aes-128-cbc"
# You can adjust encryption cipher (say aes-256-cbc) to your needs
function encrypt() {
   if [ $# -eq 0 ]; then
     echo "Provide a filename to encrypt"
     exit 1
   fi
   # SHA256 the given file
   openssl dgst -sha256 "$1" > "$1.sha256"

alvarow

#!/usr/bin/python2
# -*- coding: utf-8 -*-

import json 
import sys
import urllib2

proxy = urllib2.ProxyHandler({ "http": "127.0.0.1:3128", "https": "127.0.0.1:3128" })
jenkinsUrl = "http://labs-jenkins/jenkins/job/"
rocketUrl ="https://your-rocket.chat/hooks/sasdfafsa"

alvarow

# Log the X-Forwarded-For client IP address or the real client ip address if the X-Forwarded-For header does not exist.

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog "logs/access_log" combined env=!forwarded
CustomLog "logs/access_log" proxy env=forwarded

alvarow

*/15 *	* * *	alvaro /usr/bin/curl -q https://USERNAME:PASSWORD@ipv4.tunnelbroker.net/nic/update?hostname=TUNNELID -o /dev/null

alvarow

# creates an LVM under a single device
dd if=/dev/zero of=/dev/sdb bs=512 count=64
pvcreate /dev/sdb
pvs
vgcreate timeline /dev/sdb
lvcreate -n app -l 100%FREE timeline
mkfs.xfs -L APP /dev/timeline/app
echo '/dev/timeline/app /app xfs noatime 1 2' >> /etc/fstab 
mkdir -p /app && mount /app