Skip to content

Instantly share code, notes, and snippets.

@congdonglinux
congdonglinux / ddos.conf
Created April 26, 2024 08:45 — forked from mattia-beta/ddos.conf
IPtables DDoS Protection for VPS
### 1: Drop invalid packets ###
/sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP
### 2: Drop TCP packets that are new and are not SYN ###
/sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP
### 3: Drop SYN packets with suspicious MSS value ###
/sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP
### 4: Block packets with bogus TCP flags ###
@congdonglinux
congdonglinux / README.md
Created April 25, 2024 10:18 — forked from gilangvperdana/README.md
Installation OpenStack Xena All-in-One on Cloud with Kolla Ansible

Installation OpenStack Xena on VM Cloud

Environment

1. Virtual Machine Ubuntu 20.04LTS (Azure, GCP, AWS, Aliyun, etc)
2. 16GB RAM
3. 512 GB Storage
4. One disk add for PV
@congdonglinux
congdonglinux / OpenStack-instances-monitoring-with-Prometheus-Grafana.md
Created April 25, 2024 09:16 — forked from sdmoko/OpenStack-instances-monitoring-with-Prometheus-Grafana.md
Step by step to Monitoring OpenStack Instances with Service Discovery Prometheus and Grafana

Create Instances for Prometheus Server and Grafana

Download Prometheus Server

cd /tmp
wget -c https://github.com/prometheus/prometheus/releases/download/v2.13.1/prometheus-2.13.1.linux-amd64.tar.gz

Extract Prometheus Server

@congdonglinux
congdonglinux / Graphite on CentOS
Last active April 29, 2017 07:56 — forked from inokappa/gist:2be2ad0af6527b6749df
Graphite Setup for CentOS
## Graphite Setup for CentOS
#### 参考
* [Install graphite on a CentOS/RHEL server](http://www.linuxsysadmintutorials.com/install-graphite-on-a-centosrhel-server/)
* [CentOSにRPMでGraphite+Diamondをインストールする](http://qiita.com/takakiku/items/4dbee4739801cb8f60a2)
***
#### epel リポジトリの追加
@congdonglinux
congdonglinux / run-multiple-redis-instances.md
Created February 28, 2017 10:11 — forked from jarvys/run-multiple-redis-instances.md
run multiple redis instances on the same server for centos
  • create a new redis .conf file
$ cp /etc/redis.conf /etc/redis-xxx.conf
  • edit /etc/redis-xxx.conf, illustrated as below
...
@congdonglinux
congdonglinux / ngx-lua.sh
Created February 8, 2017 01:41 — forked from hit9/ngx-lua.sh
Script to compile nginx on ubuntu with lua support.
#!/bin/sh
# Script to compile nginx on ubuntu with lua support.
NGX_VERSION='1.6.2'
LUAJIT_VERSION='2.0.3'
LUAJIT_MAJOR_VERSION='2.0'
NGX_DEVEL_KIT_VERSION='0.2.19'
LUA_NGINX_MODULE_VERSION='0.9.15'
@congdonglinux
congdonglinux / multiple domains.php
Created December 14, 2016 10:10 — forked from fliphess/multiple domains.php
byte flush varnish when on a varnish cluster
<?php
header("Cache-Control: no-cache, must-revalidate"); //HTTP 1.1
$domains = array('devguppie.com', 'wwww.devguppie.com', 'www.example.com', 'example.com');
foreach ($domains as $domain) {
$curl = curl_init("http://$domain/.*");
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PURGE");
curl_exec($curl);
curl_close($curl);
}
@congdonglinux
congdonglinux / proxycache.py
Created December 12, 2016 16:02 — forked from jkjuopperi/proxycache.py
nginx proxy cache listing and purging tool in python
#!/usr/bin/env python
from __future__ import print_function
import os
import sys
from collections import namedtuple
CacheFile = namedtuple('CacheFile', ['path', 'key'])
def read_cache_file(path):
with open(path, 'r') as f:
f.seek(0x28) # skip header
key_magic = f.read(6)
Stop Hotlinking: don’t let other websites steal your content (images, media files, etc),
that will cause additional load to your webserver and also more bandwidth consumption.
'''
location ~ .(gif|png|jpe?g)$ {
valid_referers none blocked mywebsite.com *.mywebsite.com;
if ($invalid_referer) {
return 403;
}
}
@congdonglinux
congdonglinux / purge.lua
Created December 5, 2016 03:32 — forked from titpetric/purge.lua
Delete NGINX cached items from a PURGE request
-- Tit Petric, Monotek d.o.o., Thu 27 Oct 2016 10:43:38 AM CEST
--
-- Delete nginx cached assets with a PURGE request against an endpoint
--
local md5 = require 'md5'
function file_exists(name)
local f = io.open(name, "r")
if f~=nil then io.close(f) return true else return false end