Skip to content

Instantly share code, notes, and snippets.

View jeffscrum's full-sized avatar

Jeff Scrum jeffscrum

3 followers · 0 following
View GitHub Profile
@jeduardo
jeduardo / nginx-mtls.md
Last active September 21, 2025 20:08
mTLS with self-signed certificates in nginx

mTLS with self-signed certificates in nginx

First step is to generate the certificate and keys:

mkdir nginx-certs
cd nginx-certs
# Using the -nodes flag here so it does not ask for any password when exporting the key
openssl req -subj '/CN=ssl.test.local' -x509 -new -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes -addext "keyUsage = digitalSignature,keyAgreement" -addext "extendedKeyUsage = serverAuth, clientAuth" -addext "subjectAltName = DNS:ssl.test.local, DNS:localhost, IP:127.0.0.1"
# The PCKS12 export will ask for a password. I will use 'test' again and will refer it in the final curl test command
@aadimator
aadimator / Notes Publish GH Action.yml
Created September 4, 2022 04:15
GH Action configuration file to automatically publish my Obsidian Vault using Quartz
name: Publish
on:
push:
branches: [master]
jobs:
deploy:
runs-on: ubuntu-latest
concurrency:
@mattfoster
mattfoster / SofleKeyboard.kbd.json
Last active October 13, 2025 09:25 — forked from josefadamcik/SofleKeyboard.kbd.json
SofleKeyboard
[
{
"name": "SofleKeyboard",
"author": "Josef Adamcik",
"switchMount": "cherry"
},
[
{
"y": 0.2,
"x": 3,
@mdtanrikulu
mdtanrikulu / gpg_info.md
Created March 14, 2021 23:42
Import GPG Key from External Backup Drive to new machine (MacOS)
  • To be able to import gpg key from external drive, first copy ~/.gnupg file from external drive to the host machine (do with finder)
  • via terminal, go into copied gnupg folder and try running gpg --homedir . --list-secret-keys
  • if you able to see "key found" information with your email address you are close to import your keys
  • in case you see such warning "gpg: conversion utf-8' us-ascii' failed: illegal byte sequence gpg:" you can ignore it
  • due to change from gpg to gpg2, you may not be able to export your keys with "gpg" command so try doing the rest with "gpg2" command
  • export your private key with gpg2 --homedir . --export-secret-key YOUR_MAIL_ADDRESS > private.key (it will ask your gpg password)
  • then go to your gpg suite, press import, find "private.key" file and import it (it will ask your gpg password)
  • and you are done!
@ismailyenigul
ismailyenigul / nextcloud-pgsql-redis-traefikv2-docker-compose.yml
Last active October 11, 2023 13:11
Docker-compose file for nextcloud with pgsql,redis and traefik deployment
# docker network create nextcloud
NOTES:
1. certificatesresolvers.myresolver.acme.email=myemail@gmail.com
2. TRUSTED_PROXIES values based on your 'nexcloud network'
3. remove traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy and
traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue if you don't want to allow iframe your domain
3
# cat docker-compose.yml
@ravecat
ravecat / debootstrap.md
Last active July 3, 2025 08:03
debootstrap, livecd

A live CD or live DVD is a complete bootable Linux operating system loaded from a CD or DVD. Although there are a lots of live Linux CDs, for seemingly every taste and purpose, it might still be useful on occasion to build your own. This guide details the steps to build a bootable live CD/DVD based on Debian “wheezy”.

Step 1 – Installing the necessary software

These are the software packages you need to install on your Debian system:

apt-get install xorriso live-build syslinux squashfs-tools

Step 2 – Create a basic filesystem

@G-UK
G-UK / Debootstrap Debian Arm64 OS for Raspberry Pi 3 & 4.md
Last active October 26, 2025 11:22
Build a 64bit Debian OS for the Raspberry Pi using Debootstrap

Introduction

The objective of these instructions is to create a complete Arm64 OS (Userland and Kernel) using Debian Debootstrap and RPI-Update for use on the Raspberry Pi 3 and 4.

Prerequisites:

  • An existing Debian/Raspbian system (any architecture will do)
  • An empty SD card formatted as per a standard Raspbian installation mounted to /mnt/sd on the build system
    • 1st Partition 0-256MB = FAT32 (Mount to /mnt/sd/boot)
    • 2nd Partition 256MB+ = EXT4 (Mount to /mnt/sd)

Set-up basic Debian system

@basoro
basoro / proxmox-proxy
Created May 25, 2019 20:45
Running Proxmox behind a single IP address
I ran into the battle of running all of my VMs and the host node under a single public IP address. Luckily, the host is just pure Debian, and ships with iptables.
What needs to be done is essentially to run all the VMs on a private internal network. Outbound internet access is done via NAT. Inbound access is via port forwarding.
Network configuration
Here’s how it’s done:
Create a virtual interface that serves as the gateway for your VMs:
@newsworthy39
newsworthy39 / wg-quick.service
Last active March 24, 2024 19:40
wq-quick systemd unit files
# This file is largely based on the tinc@ service-idea.
# Both files belong in /lib/systemd/system/
# Enable it, systemctl enable wg-quick, then enable configurations (ie, /etc/wireguard/wg0.conf)
# systemctl enable wg-quick@wg0
[Unit]
Description=Wireguard VPN
After=network-online.target
Wants=network-online.target
@marta-krzyk-dev
marta-krzyk-dev / Create ECDSA certificate.txt
Last active April 2, 2025 18:32
Create self-signed ECDSA (ECC) certificate with private key inside in openssl
--- CREATE SELF-SIGNED ECDSA CERTIFICATE WITH PRIVATE KEY INSIDE ----
1. Open openssl.exe.
2. If you haven't chosen a curve, you can list them with this command:
ecparam -list_curves
I picked sect571r1 for this example. Use this to generate an EC private key if you don't have one already: