Skip to content

Instantly share code, notes, and snippets.

Julian Lam julianlam

Block or report user

Report or block julianlam

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gist:5110542203d04da69ba4e862827796da
/* Generic arrow styles for all updoot and downdoot buttons */
.arrow {
width: 0px;
height: 0px;
}
/* Rectangle below updoot */
.commentarea .arrow.upmod::after, .arrow.up::after {
position: relative;
top: 0.7rem;
@julianlam
julianlam / dbdive.js
Created Mar 8, 2016
One-off db diving script
View dbdive.js
'use strict';
/*globals require, console, process */
var nconf = require('nconf');
var async = require('async');
var fs = require('fs');
nconf.file({
file: 'config.json'
});
@julianlam
julianlam / chinese_convert.js
Last active Jan 20, 2016
Converting Simplified Chinese to Traditional Chinese in NodeBB
View chinese_convert.js
var defaultEncoding = 1; // é è¨­èªžè¨€ï¼š1-繁體中文 | 2-简体中文
var translateDelay = 0;
var cookieDomain = "http://yoursite"; // ä¿®æ”¹çˆ²ä½ çš„éƒ¨è½æ ¼åœ°å€
var msgToTraditionalChinese = "轉換爲繁體"; // 簡轉繁時所顯示的文字
var msgToSimplifiedChinese = "转换为简体"; // 繁转简时所显示的文字
var translateButtonId = "translateLink"; // 「轉換」<A>鏈接標籤ID
var currentEncoding = defaultEncoding;
var targetEncodingCookie = "targetEncoding" + cookieDomain.replace(/\./g,"");
var targetEncoding = ( getCookie(targetEncodingCookie) == null ? defaultEncoding : getCookie(targetEncodingCookie) );
View gist:ee7c1084a6faba5fa398
### Create and Store a CSR
cd /etc/ssl
mkdir -p localcerts/sitename
cd localcerts/sitename
openssl req -new -newkey rsa:2048 -nodes -sha256 -days 365 -keyout sitename.key -out sitename.csr
chmod 400 sitename.csr sitename.key
@julianlam
julianlam / gist:07abef272136ea14a627
Last active Jul 3, 2019
Exposing a directory on the host machine to an LXC container
View gist:07abef272136ea14a627

Exposing a directory on the host machine to an LXC container

  1. Log into the container and create an empty directory, this will be the mount point
  2. Log out and stop the container.
  3. Open to your container's config file
    • For regular LXC containers: /var/lib/lxc/mycontainer/config
    • For unprivileged LXC containers: $HOME/.local/share/lxc/mycontainer/config
  4. Add a new line above the lxc.mount directive, that follows the format below. Substitute proper paths as necessary:
    • lxc.mount.entry = /path/to/folder/on/host /path/to/mount/point none bind 0 0
    • Both of these paths are relative to the host machine.
@julianlam
julianlam / gist:4e2bd91d8dedee21ca6f
Last active Mar 5, 2019
Provisioning and usage of unprivileged LXC containers via indirect login or script
View gist:4e2bd91d8dedee21ca6f

Provisioning and usage of unprivileged LXC containers via indirect login or script

As I've discovered, managing LXC containers is fairly straightforward, but when building out a system for provisioning out user maintained instances of NodeBB, it was imperative that unprivileged LXC containers were used, so that in the event of shell breakout from NodeBB followed by privilege escalation of the saas user, the root user in the LXC container would only be an unprivileged user on the host machine.

During the course of development, I ran into numerous blockers when it came to managing LXC containers in unexpected circumstances. Namely:

  • Using LXC in a subshell is not directly supported. This usually happens under one of the following two circumstances:
    • After switching users via su or executing lxc-* commands as another user via sudo
    • Executing lxc-* commands via a program, application, or script. In my case, a Node.js application.
@julianlam
julianlam / library.js
Last active Apr 15, 2019
How to create a login override plugin
View library.js
var passport = module.parent.require('passport'),
passportLocal = module.parent.require('passport-local').Strategy,
plugin = {};
plugin.login = function() {
winston.info('[login] Registering new local login strategy');
passport.use(new passportLocal({passReqToCallback: true}, plugin.continueLogin));
};
plugin.continueLogin = function(req, username, password, next) {
View gist:8590652772bb3ae66ed9
diff --git a/src/upgrade.js b/src/upgrade.js
index 117b798..4001ffe 100644
--- a/src/upgrade.js
+++ b/src/upgrade.js
@@ -593,6 +593,7 @@ Upgrade.upgrade = function(callback) {
}
},
function(next) {
+ return next();
thisSchemaDate = Date.UTC(2015, 0, 14);
@julianlam
julianlam / gist:a4e9c4c9458e0ccdd459
Created Oct 20, 2014
[nodebb-script-ajaxify-disable] Disable the Single Page Application aspect of NodeBB
View gist:a4e9c4c9458e0ccdd459
<script>
ajaxify.go = function(url) {
window.location.href = RELATIVE_PATH + '/' + url;
};
</script>
@julianlam
julianlam / gist:3a2d0bd6720ac2f45bef
Created Sep 3, 2014
Allowing NodeBB to serve all static assets
View gist:3a2d0bd6720ac2f45bef
server {
listen 80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
# Socket.IO Support
You can’t perform that action at this time.