Create a template service file at /etc/systemd/system/secure-tunnel@.service
. The template parameter will correspond to the name
of target host:
[Unit]
Description=Setup a secure tunnel to %I
After=network.target
#!/usr/bin/env python3 | |
""" | |
License: MIT License | |
Copyright (c) 2023 Miel Donkers | |
Very simple HTTP server in python for logging requests | |
Usage:: | |
./server.py [<port>] | |
""" | |
from http.server import BaseHTTPRequestHandler, HTTPServer |
1) ==== Autossh using systemd ==== | |
Example from | |
https://gist.github.com/drmalex07/c0f9304deea566842490 | |
2) ============= | |
Install autossh |
# Nginx+Unicorn best-practices congifuration guide. Heartbleed fixed. | |
# We use latest stable nginx with fresh **openssl**, **zlib** and **pcre** dependencies. | |
# Some extra handy modules to use: --with-http_stub_status_module --with-http_gzip_static_module | |
# | |
# Deployment structure | |
# | |
# SERVER: | |
# /etc/init.d/nginx (1. nginx) | |
# /home/app/public_html/app_production/current (Capistrano directory) | |
# |
SSH into Root
$ ssh root@123.123.123.123
Change Root Password
https://wiki.archlinux.org/index.php/beginners'_guide
What I wanted:
###Connect to Wifi
wifi-menu -o
This document details how I setup LE on my server. Firstly, install the client as described on http://letsencrypt.readthedocs.org/en/latest/using.html and make sure you can execute it. I put it in /root/letsencrypt
.
As it is not possible to change the ports used for the standalone
authenticator and I already have a nginx running on port 80/443, I opted to use the webroot
method for each of my domains (note that LE does not issue wildcard certificates by design, so you probably want to get a cert for www.example.com
and example.com
).
For this, I placed config files into etc/letsencrypt/configs
, named after <domain>.conf
. The files are simple:
source :rubygems | |
gem 'sinatra' | |
gem 'json' | |
gem 'omniauth' | |
gem 'omniauth-oauth2' | |
gem 'omniauth-github' | |
# gem 'omniauth-att', :path => File.expand_path("./../../omniauth-att", __FILE__) | |
gem 'thin' |
# The only setting we feel strongly about is the fail_timeout=0 | |
# directive in the "upstream" block. max_fails=0 also has the same | |
# effect as fail_timeout=0 for current versions of nginx and may be | |
# used in its place. | |
# you generally only need one nginx worker unless you're serving | |
# large amounts of static files which require blocking disk reads | |
worker_processes 1; | |
# # drop privileges, root is needed on most systems for binding to port 80 |
upstream some_app_server { | |
server 127.0.0.1:9393; | |
} | |
server { | |
listen 80; | |
server_name my-upload-endpoint.com ; | |