Skip to content

Instantly share code, notes, and snippets.

🏠
Working from home

Julius Thyssen jult

🏠
Working from home
Block or report user

Report or block jult

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@jult
jult / https_only
Last active Mar 6, 2019
[NGINX] Redirect all hostnames and requests from http to https serverwide
View https_only
# To have port 80 requests go to their 443 equivalents for an entire webserver, put this file in /etc/nginx/conf.d/
# Note that to specify the catch-all name or default server you
# need to use the *listen* directive, not the server_name directive!
# See also https://nginx.org/en/docs/http/request_processing.html
#
# - $host catches subdomain names.
# - 307 and 308 include both POST and GET request URIs.
# - 307 is Temporary, change to the Permanent 308 after thorough testing: # return 308 https://$host$request_uri;
server {
@jult
jult / jult.ini
Last active Jun 20, 2019
Dark Forest skin for Midnight Commander ( dark mc colors theme )
View jult.ini
# Being unsatisfied with the look of mc in console/mobaxterm, I made this for my own use.
# Version 3.6, subject to change over the years.. <j@jult.nl>
# I N S T A L L
# Put this file (jult.ini) in either of these skin-directories:
# ~/.local/share/mc/skins/
# /etc/mc/skins/
# /usr/share/mc/skins/
@jult
jult / %userprofile%\AppData\Roaming\youtube-dl\config.txt
Last active Jul 18, 2018
[ youtube-dl ] My most succesful config for all-round best codecs and quality
View %userprofile%\AppData\Roaming\youtube-dl\config.txt
--no-mtime
--no-call-home
--ignore-errors
-f "bestvideo[height>=1080]+251/bestvideo[height>=1080]+bestaudio/bestvideo[height>=720]+251/bestvideo[height>=720]+bestaudio/137+bestaudio/136+bestaudio/bestvideo+bestaudio"
# Note that I output to an MKV container, despite the fact that shitty devices will not play some files
# or still don't support Opus, it *is* the highest quality available: http://opus-codec.org/comparison/
#
# I use Daum Potplayer, which plays them all perfectly fine: https://www.videohelp.com/software/PotPlayer
#
@jult
jult / jbt-rules.cf
Last active Nov 21, 2018
SpamAssassin rules
View jbt-rules.cf
# Put this file under /etc/spamassassin/ and run an sa-update or reload amavis etc.
#
# I used https://github.com/ercpe/ercpe-sa-rules/blob/master/ercpe-rules.cf as an example;
#--------------------------------------------------
# top level domain matching
#--------------------------------------------------
header SPAMMY_TLD_IN_RCVD Received =~ /(\.net\.ae|\.net\.id|\.ro|\.ru|\.co\.jp|\.co\.ke|\.AC\.ZA|\.co\.in|\.com\.vn|\.vn|\.cc|\.cu\.ua|\.com\.br|\.gr|\.hr|\.dk|\.win|\.bid|\.tw|\.br|\.pk|\.top|\.club|\.date|\.stream|\.xyz)\s/i
score SPAMMY_TLD_IN_RCVD 0.5
describe SPAMMY_TLD_IN_RCVD Spammy TLD used in Received line
@jult
jult / certbot_cloudflare_dns.sh
Last active Oct 8, 2018
script to install latest certbot with cloudflare dns-01 challenge plugin (for debian 9/stretch)
View certbot_cloudflare_dns.sh
#!/bin/sh
# Check if user has root privileges
if [[ $EUID -ne 0 ]]; then
echo "You must run the script as root or using sudo"
exit 1
fi
## Reconfigure Dash
echo "dash dash/sh boolean false" | debconf-set-selections
@jult
jult / sysctl.conf
Last active Aug 7, 2019
sysctl config for linux server(s) with 8 GB DDR4 RAM or more, SSD and 1Gbps (or faster) NIC
View sysctl.conf
kernel.domainname = your-rdns-FQDN.here
fs.file-max = 2097152
fs.inotify.max_user_instances = 4096
fs.inotify.max_user_watches = 4096
# high gains for use with kernel 4.9.*+.
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.core.netdev_budget = 8000
@jult
jult / bestweleenbeetje
Last active Mar 26, 2018
best wel een beetje heel erg cool, die gasten van letsencrypt
View bestweleenbeetje
root@bestweleenbeetje:~/certbot# certbot certonly --server https://acme-v02.api.letsencrypt.org/directory --rsa-key-size 4096 --dns-cloudflare --dns-cloudflare-credentials ~/.ssh/certapi --dns-cloudflare-propagation-seconds 90 -d *.bestweleenbeetje.org,bestweleenbeetje.org
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-cloudflare, Installer None
-------------------------------------------------------------------------------
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/bestweleenbeetje.org.conf)
It contains these names: bestweleenbeetje.org
@jult
jult / dovecot.conf
Last active Mar 24, 2018
dovecot.conf for debian 9 with CLucene FTS
View dovecot.conf
protocols = imap pop3
auth_mechanisms = plain login
auth_cache_size = 24 M
auth_cache_ttl = 18 hours
disable_plaintext_auth = no
listen = *,[::]
log_timestamp = "%Y-%m-%d %H:%M:%S "
log_path = /var/log/dovecot.log
login_greeting = encrypted ready.
postmaster_address = julius@encrypted.net
@jult
jult / install_core_for_deb9.sh
Last active Mar 31, 2018
Base install over debian 9 x64 minimal server, with certbot, webmin, csf&lfd and fail2ban
View install_core_for_deb9.sh
#!/bin/bash
## Filesystem ext4
## Run as root
# Check if user has root privileges
if [[ $EUID -ne 0 ]]; then
echo "You must run the script as root or using sudo"
exit 1
fi
@jult
jult / install_ispcfg_for_deb9.sh
Last active Aug 14, 2018 — forked from jniltinho/install_ispconfig_nginx_debian.sh
ISPconfig 3.x install with NGINX 1.13.x + PHP 7.1 on Debian 9 x64 (Stretch) server
View install_ispcfg_for_deb9.sh
#!/bin/bash
## Install ISPConfig + NGINX + PHP 7.1 on Debian 9 x64 (Stretch)
## Filesystem ext4
## Run as root
## Based on: https://www.howtoforge.com/tutorial/perfect-server-debian-jessie-nginx-bind-dovecot-ispconfig-3.1/
## and: https://www.howtoforge.com/tutorial/perfect-server-debian-9-stretch-apache-bind-dovecot-ispconfig-3-1/
## ! For Postfix config see https://www.howtoforge.com/tutorial/perfect-server-debian-9-stretch-apache-bind-dovecot-ispconfig-3-1/
# Check if user has root privileges
You can’t perform that action at this time.