Skip to content

Instantly share code, notes, and snippets.

View amalc's full-sized avatar

amalc

11 followers · 17 following
  • New York, NY
View GitHub Profile
@amalc
amalc / gist:9587533
Created March 16, 2014 18:19 — forked from eladmeidar/gist:4554324
class Enum < Hash
def initialize(*members)
super()
@rev = {}
members.each_with_index {|m,i| self[i] = m }
end
def [](k)
super || @rev[k] # || raise ArgumentError, "#{k} is not a member of this enum"
end
def []=(k,v)
@amalc
amalc / gist:8940698
Created February 11, 2014 18:15 — forked from mcansky/gist:3434417
# encoding : utf-8
require 'openssl'
require 'digest/sha1'
require 'base64'
module Aws
extend self
def signed_url(path, expire_date)
digest = OpenSSL::Digest::Digest.new('sha1')
can_string = "GET\n\n\n#{expire_date}\n/#{S3_BUCKET}/#{path}"
@amalc
amalc / gist:6032427
Last active December 19, 2015 23:08
Apache stanza with JAVA_HOME and RailsEnv
<VirtualHost *:80>
ServerName sc-msg.khnum-3
DocumentRoot /s/sc-msg/current/public    
RailsEnv staging
SetEnv JAVA_HOME /usr/lib/jvm/java-1.7.0
ErrorLog logs/staging.errors.sc-msg.log
CustomLog logs/staging.access.sc-msg.log common
<Directory /s/sc-msg/current/public>
AllowOverride all
Options -MultiViews
@amalc
amalc / backup-joomla.sh
Created July 17, 2013 13:37
Joomla backup
cd ~
sudo tar cfz joomlabackup.tar.gz /var/www/cms/2
mysqldump -u cms-1 -p$CMSPW cms-1 > cms-1.out
tar cfz cms-1-combined-`date +'%Y%m%d%H%M'`.tar.gz joomlabackup.tar.gz cms-1.out
rm -f joomlabackup.tar.gz cms-1.out
chmod a-w ~/cms-1-combined-`date +'%Y%m%d%H%M'`.tar.gz
# FILES=~/cms-1-combined-*.tar.gz
#echo ${FILES[@]}
# echo $FILES
@amalc
amalc / firewall-ssh-openvpn-ntp-dns-icmp-postgres.sh
Last active December 19, 2015 15:19
Firewall rules with ssh , OpenVPN, ntp, dns, icmp for a specific host, and PostgresSQL.
# Flush all rules
sudo iptables -F
# If a pre-existing connection exists, allow it
sudo iptables -A INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT
# Setup bi-directional ping for this hosts internal address
SERVER_IP="192.168.130.189"
sudo iptables -A INPUT -p icmp --icmp-type 8 -s 0/0 -d $SERVER_IP -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
@amalc
amalc / firewall.sh
Last active December 18, 2015 15:08
config for iptables - dns-httpd-ntpd-openvpn-openvpnas-ssh
# config for iptables - dns-httpd-ntpd-openvpn-openvpnas-ssh
# Flush tables for a clean start
sudo iptables -F
# Accept connectons that were established
sudo iptables -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT
@amalc
amalc / firewall-ssh-http-openvpn-duosecurity.sh
Last active December 11, 2015 13:48
sudo iptables -F
sudo iptables -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -I INPUT -i lo -j ACCEPT
sudo iptables -I INPUT -i tun0 -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --dport 1194 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
@amalc
amalc / firewall-ssh-http-dns-openvpn.sh
Last active December 11, 2015 13:28
sudo iptables -F
sudo iptables -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -I INPUT -i lo -j ACCEPT
sudo iptables -I INPUT -i tun0 -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --dport 1194 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
@amalc
amalc / firewall-ssh-http.sh
Created January 22, 2013 16:30
sudo iptables -F
sudo iptables -I INPUT -i lo -j ACCEPT
sudo iptables -I INPUT -i tun0 -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport ssh -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --sport ssh -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -j DROP
@amalc
amalc / firewall-ssh-openvpn.sh
Last active December 9, 2015 21:48 — forked from anonymous/firewall-ssh-openvpn.sh
sudo iptables -F
sudo iptables -I INPUT -i lo -j ACCEPT
sudo iptables -I INPUT -i tun0 -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --dport 1194 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport ssh -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -j DROP
sudo iptables -A OUTPUT -j DROP
sudo iptables -A FORWARD -j DROP