zOrg1331

Intro

This note describes how to connect two networks/devices/VMs over public network using Wireguard with Layer 2 support (ARP, IPv6 link-local, etc).

This can also be achieved using SSH and its "tap" tunnel, however, it does not provide the same level of latency and bandwidth as full-blown VPN such as Wireguard.

In addition, this note describes how to tunnel Wireguard over TCP connection. This may be of use if you encounter firewall in-between so, for instance, you can use TCP port 443 only.

Objective

mergwyn

#!/usr/bin/env bash

set -o errexit

echo $(date):Random read
fio --filename=test --sync=1 --rw=randread --bs=4k --numjobs=1 \
  --iodepth=4 --group_reporting --name=test --filesize=10G --runtime=300 && rm test

echo $(date):Random write
fio --filename=test --sync=1 --rw=randwrite --bs=4k --numjobs=1 \

dbrownidau

#
# Debain 10, postgresql, postfix
# This servers as a lose lazy refernce, not a turnkey runscript.
# See: https://wiki.policyd.org/installing

# requirements
apt install libnet-server-perl libnet-cidr-perl libnet-dns-perl libmail-spf-perl libtimedate-perl libdbi-perl libdbd-pg-perl

# Use 2.1.x snapshot
wget https://download.policyd.org/v2.1.x-201310261831/cluebringer-v2.1.x-201310261831.tar.gz

bcremer

upstream backend {
    server localhost:8080;
    #server backup1.example.com:8080   backup;
    #server backup2.example.com:8080   backup;
}

# Set cache dir
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=one:10m;

# Set cache key to include identifying components

alexhayes

Supervisord Installation on Ubutnu 12.04 LTS

There are a number of solutions for installing supervisord and automatically running it on Ubuntu - this is what worked for me (on multiple installations...).

Installation

Quick & Easy

sudo bash < <(curl https://gist.githubusercontent.com/alexhayes/814fd0d0f7020e918a95/raw/full-install.sh)

rnewson

# Bind SSL port with PFS-enabling cipher suite
bind :443 ssl crt path_to_certificate no-tls-tickets ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA384:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:!MD5:!aNULL:!DH:!RC4

# Distinguish between secure and insecure requests
acl secure dst_port eq 443

# Mark all cookies as secure if sent over SSL
rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure

# Add the HSTS header with a 1 year max-age

denji

Moved to git-repository: https://github.com/denji/awesome-http-benchmark

Tools

Located in alphabetical order (not prefer)

• ab – slow and single threaded, written in C
• apib – most of the features of ApacheBench (ab), also designed as a more modern replacement, written in C
• autocannon – fast HTTP/1.1 benchmarking tool written in Node.js
• baloo – Expressive end-to-end HTTP API testing made easy, written in Go (golang)

KartikTalwar

The fastest remote directory rsync over ssh archival I can muster (40MB/s over 1gb NICs)

This creates an archive that does the following:

rsync (Everyone seems to like -z, but it is much slower for me)

• a: archive mode - rescursive, preserves owner, preserves permissions, preserves modification times, preserves group, copies symlinks as symlinks, preserves device files.
• H: preserves hard-links
• A: preserves ACLs

cbmd

server {
	index index.php;
	set $basepath "/var/www";

	set $domain $host;

	# check one name domain for simple application
	if ($domain ~ "^(.[^.]*)\.dev$") {
		set $domain $1;
		set $rootpath "${domain}";

rgreenjr

-- show running queries (pre 9.2)
SELECT procpid, age(clock_timestamp(), query_start), usename, current_query 
FROM pg_stat_activity 
WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%' 
ORDER BY query_start desc;

-- show running queries (9.2)
SELECT pid, age(clock_timestamp(), query_start), usename, query 
FROM pg_stat_activity 
WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%'