Skip to content

Instantly share code, notes, and snippets.

View gblok's full-sized avatar

gblok gblok

6 followers · 29 following
View GitHub Profile
@lcrilly
lcrilly / README.md
Last active May 19, 2024 13:50
NGINX OAuth 2.0 Token Introspection

OAuth 2.0 Token Introspection with NGINX and njs

This configuration enables NGINX to validate an authentication token against an authorization server by using OAuth 2.0 Token Introspection (RFC 7662). This solution uses the auth_request module and the NGINX JavaScript module to require authentication and perform the token introspection request.

By default, the client's authentication token is expected as a bearer token supplied in the Authorization header. If supplied elsewhere in the HTTP request, the $access_token variable must be configured to specify where to obtain the token.

Token introspection requests are authenticated. By default, the $oauth_client_id and $oauth_client_secret variables are used to perform HTTP Basic authentication with the Authorization Server. If only the $oauth_client_secret variable is specified then that value is used

@cecilemuller
cecilemuller / 2019-https-localhost.md
Last active May 19, 2024 11:58
How to create an HTTPS certificate for localhost domains

How to create an HTTPS certificate for localhost domains

This focuses on generating the certificates for loading local virtual hosts hosted on your computer, for development only.

Do not use self-signed certificates in production ! For online certificates, use Let's Encrypt instead (tutorial).

@bowin
bowin / node.js PassThrough stream.md
Last active November 15, 2022 00:02
Node.js Stream PassThrough Usage 
const {PassThrough} = require('stream')
const fs = require('fs')

const d = new PassThrough()  

fs.createReadStream('tt2.js').pipe(d)  // can be piped from reaable stream

d.pipe(process.stdout)                 // can pipe to writable stream 
d.on('data', console.log) // also like readable
@paruljain
paruljain / vagrantfile
Created February 13, 2017 22:43
Vagrantfile for Alpine Linux with docker
Vagrant.configure("2") do |config|
config.vm.box = "maier/alpine-3.3.1-x86_64"
config.vm.network "public_network", ip: "192.168.1.31", auto_config: true
config.vm.synced_folder ".", "/vagrant", disabled: true
config.vm.provider "virtualbox" do |vb|
vb.name = 'Alpine1'
vb.cpus = 1
vb.memory = 1024
#vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
# Display the VirtualBox GUI when booting the machine
@yannhowe
yannhowe / .gitlab.ci.yml
Created September 26, 2016 18:06
.gitlab.ci.yml for SSH with private key.
# Image neeeds to have ssh-client
image: docker:git
services:
- docker:dind
stages:
- staging
before_script:
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY
@subfuzion
subfuzion / empty-example.md
Last active February 26, 2024 20:39
Protocol Buffer example of importing and using empty

How to import and indicate empty request or reply messages:

import "google/protobuf/empty.proto";

service SomeService {
    rpc SomeOperation (google.protobuf.Empty) returns (google.protobuf.Empty) {}
}
@denji
denji / nginx-tuning.md
Last active May 21, 2024 00:30
NGINX tuning for best performance

Moved to git repository: https://github.com/denji/nginx-tuning

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.