drmalex07

#!/bin/bash

#
# Example using getopt (vs builtin getopts) that can also handle long options.
# Another clean example can be found at:
# http://www.bahmanm.com/blogs/command-line-options-how-to-parse-in-bash-using-getopt
#

aflag=n
bflag=n

drmalex07

README

Configure OpenSSL

The creation of a certificate has a request phase and a signing phase. Both phases need to refer to an SSL configuration file which will include the required extensions. The supported extensions are documented at man x509v3_config.

The system-wide openssl configuration usually lies at /etc/ssl/openssl.cnf. Suppose we need to request some X509 extensions (like keyUsage, extendedKeyUsage and subjectAltName), so we need to add/override some parts and we create a configuration fragment in request.conf:

drmalex07

package com.example.scratch_java;

import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Date;
import java.util.List;
import java.util.function.Function;

drmalex07

README

Let Tomcat is download and installed under /opt/tomcat. Also, let tomcat be a non-provileged user under which the server will be running.

We assume that we keep server's binaries under /opt/tomcat and we will create a server instance named foo under /var/tomcat/ (carrying its own conf, logs, webapps, work, lib directories). See also https://dzone.com/articles/running-multiple-tomcat.

Create a template service unit file at /etc/systemd/system/tomcat@.service:

drmalex07

README

Suppose we want to wrap a container running a Redis instance as a service.

Override unit file for docker daemon

We must override the service unit file that ships with docker (under /lib/systemd/system) in order to pass some cgroup-related options to the docker daemon. So, following the usual method to override parts of a unit file, we create the file /etc/systemd/system/docker.service.d/10-service.conf with contents:

drmalex07

README

Create a template service file at /etc/systemd/system/secure-tunnel@.service. The template parameter will correspond to the name of target host:

[Unit]
Description=Setup a secure tunnel to %I
After=network.target

drmalex07

import json
import geojson
from shapely.geometry import shape

o = {
   "coordinates": [[[23.314208, 37.768469], [24.039306, 37.768469], [24.039306, 38.214372], [23.314208, 38.214372], [23.314208, 37.768469]]], 
   "type": "Polygon"
}

s = json.dumps(o)

drmalex07

Add regular-expression filter under /etc/fail2ban/filter.d/keycloak.conf:

[INCLUDES]

before = common.conf

[Definition]

_threadName = [a-z][-_0-9a-z]*(\s[a-z][-_0-9a-z]*)*
_userId = (null|[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})

drmalex07

import numpy
import Gnuplot

def rainfall_intensity_t10(t): 
    return 11.23 * (t**(-0.713))

def rainfall_intensity_t50(t): 
    return 18.06 * (t**(-0.713))

g = Gnuplot.Gnuplot()

drmalex07

Block unauthorized requests to OpenVPN using fail2ban.

The following is based on https://stefan.angrick.me/block-unauthorized-openvpn-logins-using-fail2ban.

1. Create filter confifuration

Add a filter configuration under /etc/fail2ban/filter.d/openvpn.conf. The contents would be something like (regular expressions may need adjustments):

[INCLUDES]
before = common.conf