Skip to content

Instantly share code, notes, and snippets.

@floudet
floudet / duckdns-letsencrypt-cherrypy.md
Last active Apr 29, 2020
Setup Letsencrypt and DuckDNS for a CherryPy web application
View duckdns-letsencrypt-cherrypy.md

Setup DuckDNS and Letsencrypt for a CherryPy web application

Disclaimer: only tested on Ubuntu 18.04, with a single domain.

Set the DUCKDNS_TOKEN environment variable. For example create a /etc/profile.d/duckdns.sh file like :

export DUCKDNS_TOKEN='ab0cd123-4567-8ef9-012g-h345ij6k78lm'
@floudet
floudet / ss_addconfig.sh
Created Nov 23, 2018
Interactive helper script to build a new config file for Shadowsocks
View ss_addconfig.sh
#!/bin/bash
#
# Interactive helper script to build a new config file for Shadowsocks
# Modifiable vars/defaults
SERVER="0.0.0.0"
LOCAL_PORT=1080
TIMEOUT=600
METHOD="chacha20"
PORTMIN=8000
View ss_process_manager.sh
#!/bin/bash
#ls -1 /etc/shadowsocks/
#config_8082.json
#config_8083.json
#ss_process_manager.sh
#
#cat /etc/cron.d/shadowsocks
#* * * * * root /etc/shadowsocks/ss_process_manager.sh >/dev/null 2>&1
@floudet
floudet / ss-deploy.sh
Created Sep 4, 2018
Deploys ShadowSocks on an Amazon EC2 instance
View ss-deploy.sh
#!/bin/bash
#
# Deploys ShadowSocks on an Amazon EC2 instance
# Probably works on other cloud providers (not tested)
#
# Only tested on Ubuntu 16.04 LTS
#
## Note : To allow multiple clients, duplicate the configuration,
# specify different server_port (and password if required),
# and launch the new processes in the background
@floudet
floudet / box-token-requester.sh
Created Sep 28, 2017
Request OAuth2.0 Access tokens for Box.com using JWT
View box-token-requester.sh
#!/bin/bash
#
# Request OAuth2.0 Access tokens for Box.com using JWT
#
# Thanks:
# https://developer.box.com/v2.0/docs/construct-jwt-claim-manually
# https://developer.box.com/v2.0/blog/box-tokener-a-nodejs-command-line-tool-to-generate-box-api-tokens
# http://willhaley.com/blog/generate-jwt-with-bash/
PRIVATE_KEY=""
@floudet
floudet / kitchen-docker-install-debian.sh
Created Sep 1, 2017
Installs kitchen with the docker provider on Debian
View kitchen-docker-install-debian.sh
#!/bin/bash
#
# This script installs kitchen with the docker provider
# Using the docker provider allows to run this in a VM or an EC2 instance, which is not possible with Vagrant.
#
# Only tested on Debian GNU/Linux 8.8 (jessie)
#
# Resources:
# https://github.com/test-kitchen/test-kitchen
# https://github.com/test-kitchen/kitchen-docker
@floudet
floudet / ssh-security-best-practices.md
Last active Apr 3, 2022
SSH Security Best Practices
View ssh-security-best-practices.md

SSH Security Best Practices

On /etc/ssh/sshd_config:

  1. Disable Root Logins

Best: PermitRootLogin no
Good: PermitRootLogin without-password (requires PubkeyAuthentication yes)

  1. Limit user Logins
@floudet
floudet / telnet-rfc-5322-email.sh
Created Jul 17, 2016
Send a RFC 5322 compliant email using telnet
View telnet-rfc-5322-email.sh
$ telnet mail.example.org 25
Trying XXX.XXX.XXX.XXX...
Connected to XXX.XXX.XXX.XXX.
Escape character is '^]'.
220 *********************************
ehlo server.example.org
250-mail.example.com
250-PIPELINING
250-SIZE 20480000
250-ETRN
@floudet
floudet / ssh-chroot-jail.sh
Created Jun 19, 2016
Chroot Jail for SSH Access
View ssh-chroot-jail.sh
# Chroot Jail for SSH Access
# Tested on Ubuntu 14.04.2 LTS and Debian GNU/Linux 8 (jessie)
# Reference : http://allanfeid.com/content/creating-chroot-jail-ssh-access
#
# Had to add/change several things to make it work, including:
# - create lib64 folder
# - copy whoami dependencies that ldd doesn't show to fix 'I have no name!'
# in the customized prompt + create passwd file
#