Asif Bacchus asifbacchus
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Modified Seafile-PRO container | |
| # Addresses TLS issue connecting to OpenLDAP | |
| # build args | |
| ARG SEAF_VERSION | |
| FROM docker.seadrive.org/seafileltd/seafile-pro-mc:${SEAF_VERSION} | |
| ARG SEAF_VERSION | |
| # add useful utilities and update certificates | |
| RUN apt-get update \ |
asifbacchus
/ skewed.html
Created
June 7, 2019 08:06
CSS only skewed page dividers with flexbox for responsiveness
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html lang="en"> | |
| <head> | |
| <meta charset="UTF-8"> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0"> | |
| <meta http-equiv="X-UA-Compatible" content="ie=edge"> | |
| <title>Skewed Dividers</title> | |
| <link href="https://fonts.googleapis.com/css?family=EB+Garamond|Oswald&display=swap" rel="stylesheet"> | |
| <link rel="stylesheet" href="/css/styles.css"> | |
| </head> |
asifbacchus
/ menu.html
Created
June 7, 2019 01:54
Pure CSS hamburger menu using target pseudo-class to avoid using java to close
asifbacchus
/ createSSHFP.sh
Last active
June 19, 2019 04:14
Query local or remote SSH server for fingerprint and generate SSHFP DNS records
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # Scan specified server and output BIND9 formatted SSHFP DNS records | |
| # for all supported algorithms (RSA, DSA, ECDSA, ED25519) with both | |
| # SHA-1 and SHA-2 hashes | |
| # | |
| ### text formatting codes |
asifbacchus
/ downloadEPG.sh
Last active
December 17, 2018 05:56
Starting around December 2018, Vader Streams' EPG cannot be read by TVHeadend. This is due to various <!ELEMENT xx> tags at the beginning of the file. Attached is a script to resolve this problem and an explanation of how it works.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| ####### | |
| ### Download Vader EPG XML file and remove the <!ELEMENT> tags that TVHeadend | |
| ### does not understand. | |
| ####### | |
| ### This script was written by Asif Bacchus (asif@bacchus.cloud) and comes with | |
| ### no warranty, guarantee or promise of suitability for any purpose whatsoever. | |
| ### Use this at your own risk and understand that doing so indemnifies the afore |
asifbacchus
/ borg
Last active
December 12, 2018 10:22
Running BorgBackup when /tmp is mounted with 'noexec' in fstab results in "error while loading shared libraries: libz.so.1: failed to map segment from shared object". Rename your borg binary to it's original name, (e.g borg-linux64), copy this script to /usr/bin/borg (or somewhere in your PATH) and make it executable (chmod +x or chmod 755).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This is a helper script for BorgBackup to redirect temp to an | |
| # executable-allowed location only while the program is running. | |
| # This is necessary on systems where /TMP is mounted with | |
| # the 'noexec' option for security in fstab. | |
| # On a standard debian system, the line below would resemble: | |
| # TEMP="/var/borgbackup/temp/" /usr/bin/borg-linux64 "$@" |
asifbacchus
/ msmtprc
Last active
September 18, 2019 07:02
Simple msmtp configuration to send out status emails, etc.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ####### | |
| ### mSMTP configuration | |
| ####### | |
| ## Set defaults for all accounts | |
| defaults | |
| auth on | |
| tls on | |
| tls_trust_file /etc/ssl/certs/ca-certificates.crt | |
| logfile /var/log/msmtp.log |
asifbacchus
/ mozModern_ssl.conf
Created
May 27, 2018 12:10
This is the general SSL settings template I use for my NGINX setups. I store this in /etc/nginx/conf.d and symlink it to conf.d/conf-enabled where it is read by my nginx.conf file and becomes active for all my sites.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ####### | |
| ### Generated with assistance from the Mozilla SSL Configuration Generator | |
| ### 'modern' NGINX profile | |
| ### current as May 21 2018 | |
| ####### | |
| ## SSL certificates are specified in the server block | |
asifbacchus
/ nginx.conf
Created
May 27, 2018 12:04
My default basic nginx.conf that I base most of my setups around. References external configs and site files. The idea is to keep it modularized and easy to read.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| error_log /var/log/nginx/error.log warn; | |
| pid /var/run/nginx.pid; | |
| events { | |
| worker_connections 1024; | |
| } |
asifbacchus
/ headersSecurity.conf
Last active
September 2, 2022 10:54
NGINX configuration where the machine hosting mailcow is acting as a reverse proxy. Includes section where certain domain names/CNAMEs can be redirected to webmail (SOGo) by default instead of the admin panel and said panel is accessed via the `/config` sub-uri instead.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # these are common security headers that you can easily add to locations or | |
| # entire server blocks by including this file | |
| # include /etc/nginx/headersSecurity.conf; | |
| add_header Feature-Policy "geolocation 'self'"; | |
| add_header Referrer-Policy "same-origin" always; | |
| add_header X-Content-Type-Options "nosniff" always; | |
| add_header X-Download-Options noopen; |