Skip to content

Instantly share code, notes, and snippets.

View grvgr's full-sized avatar

Gaurav G grvgr

31 followers · 6 following
View GitHub Profile
@grvgr
grvgr / WireGuard-site-to-site.md
Created June 27, 2020 03:32 — forked from insdavm/WireGuard-site-to-site.md
Accessing a subnet that is behind a WireGuard client using a site-to-site setup

WireGuard Site-to-Site

Accessing a subnet that is behind a WireGuard client using a site-to-site setup

Problem Summary

We want to access a local subnet remotely, but it is behind a NAT firewall and we can't setup port forwarding. Outgoing connections work, but all incoming connections get DROPPED by the ISP's routing policy.

Solution Summary

@grvgr
grvgr / links.txt
Created January 8, 2020 22:12 — forked from tavisrudd/links.txt
some links related to my voice coding talk at #pycon
@grvgr
grvgr / ssh-tunnel@.service
Created October 2, 2019 16:24 — forked from guettli/ssh-tunnel@.service
Reliable persistent SSH-Tunnel via systemd (not autossh)
# Reliable persistent SSH-Tunnel via systemd (not autossh)
# https://gist.github.com/guettli/31242c61f00e365bbf5ed08d09cdc006#file-ssh-tunnel-service
[Unit]
Description=Tunnel for %i
After=network.target
[Service]
User=tunnel
ExecStart=/usr/bin/ssh -o "ExitOnForwardFailure yes" -o "ServerAliveInterval 60" -N tunnel@%i
@grvgr
grvgr / gist:aea855e85b0a6230e282
Created January 19, 2016 02:18 — forked from saetia/gist:1623487
Clean Install – OS X 10.11 El Capitan

OS X Preferences

most of these require logout/restart to take effect

# Enable character repeat on keydown
defaults write -g ApplePressAndHoldEnabled -bool false

# Set a shorter Delay until key repeat
@grvgr
grvgr / latency.markdown
Created January 18, 2016 16:31 — forked from hellerbarde/latency.markdown
Latency numbers every programmer should know

Latency numbers every programmer should know

L1 cache reference ......................... 0.5 ns
Branch mispredict ............................ 5 ns
L2 cache reference ........................... 7 ns
Mutex lock/unlock ........................... 25 ns
Main memory reference ...................... 100 ns             
Compress 1K bytes with Zippy ............. 3,000 ns  =   3 µs
Send 2K bytes over 1 Gbps network ....... 20,000 ns  =  20 µs
SSD random read ........................ 150,000 ns  = 150 µs

Read 1 MB sequentially from memory ..... 250,000 ns = 250 µs

@grvgr
grvgr / git-recover-branch.md
Last active August 29, 2015 14:18 — forked from jbgo/git-recover-branch.md

Oops! I accidentally deleted a local git branch, and I haven't pushed it to a remote server yet. The branch has several important commits, and it hasn't been merged with any other branches yet. How do I find the missing branch?

1. Create a list of all dangling or unreachable commits.

$ git fsck --full --no-reflogs --unreachable --lost-found
unreachable tree 4a407b1b09e0d8a16be70aa1547332432a698e18
unreachable tree 5040d8cf08c78119e66b9a3f8c4b61a240229259
unreachable tree 60c0ce61b040f5e604850f747f525e88043dae12
unreachable tree f080522d06b9853a2f18eeeb898724da4af7aed9
@grvgr
grvgr / how-to-set-up-stress-free-ssl-on-os-x.md
Last active August 29, 2015 14:12 — forked from jed/how-to-set-up-stress-free-ssl-on-os-x.md

How to set up stress-free SSL on an OS X development machine

One of the best ways to reduce complexity (read: stress) in web development is to minimize the differences between your development and production environments. After being frustrated by attempts to unify the approach to SSL on my local machine and in production, I searched for a workflow that would make the protocol invisible to me between all environments.

Most workflows make the following compromises:

  • Use HTTPS in production but HTTP locally. This is annoying because it makes the environments inconsistent, and the protocol choices leak up into the stack. For example, your web application needs to understand the underlying protocol when using the secure flag for cookies. If you don't get this right, your HTTP development server won't be able to read the cookies it writes, or worse, your HTTPS production server could pass sensitive cookies over an insecure connection.

  • Use production SSL certificates locally. This is annoying

@grvgr
grvgr / haproxy.cfg
Created April 4, 2014 22:56 — forked from rnewson/haproxy.cfg
# Bind SSL port with PFS-enabling cipher suite
bind :443 ssl crt path_to_certificate no-tls-tickets ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-RC4-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:RC4-SHA
# Distinguish between secure and insecure requests
acl secure dst_port eq 443
# Mark all cookies as secure if sent over SSL
rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
@grvgr
grvgr / bubbleberry-theme.el
Created December 21, 2013 22:45 — forked from jasonm23/bubbleberry-theme.el
(deftheme bubbleberry "bubbleberry")
;; Based on the theme used for LightTable (see: http://www.chris-granger.com/images/lightable/main.png )
(custom-theme-set-variables
'bubbleberry
'(linum-format " %7i ")
'(fringe-mode 5 nil (fringe))
'(powerline-color1 "#3d3d68")
'(powerline-color2 "#292945")
@grvgr
grvgr / ec2_hostname.rb
Created December 16, 2013 22:07 — forked from kirtfitzpatrick/ec2_hostname.rb
#!/usr/bin/env ruby
# This script is intended to preprocess a knife ec2 server create command and
# generate a user_data script in the /tmp folder that will rename the host
# to match whatever the node name is before the chef bootstrapping process
# begins. It then splits the knife command in front of the --node-name or -N
# options and inserts "--user-data /tmp/server-01.userdata" (in the example
# below) and execs the command.
#
# Usage: