This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo dpkg-reconfigure tzdata |
kenjij
/ gist:9015956
Created
February 15, 2014 08:05
Configure time zone in Ubuntu (non-interactive)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo sh -c 'echo "America/Los_Angeles" > /etc/timezone' | |
| sudo dpkg-reconfigure --frontend noninteractive tzdata |
kenjij
/ gist:9016204
Last active
December 6, 2022 23:00
Create GeoIP database for iptables in Ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install necessary packages | |
| sudo apt-get unzip | |
| sudo apt-get install libtext-csv-xs-perl | |
| # Create database location | |
| sudo mkdir /usr/share/xt_geoip | |
| # Download the database file and convert | |
| /usr/lib/xtables-addons/xt_geoip_dl | |
| sudo /usr/lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip *.csv |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 127.0.0.1 localhost | |
| 127.0.1.1 myhostname | |
| # The following lines are desirable for IPv6 capable hosts | |
| ::1 ip6-localhost ip6-loopback | |
| fe00::0 ip6-localnet | |
| ff00::0 ip6-mcastprefix | |
| ff02::1 ip6-allnodes | |
| ff02::2 ip6-allrouters |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generate private key with passphrase | |
| openssl genrsa -des3 -out server.key 2048 | |
| # Private key without passpharase; UNDERSTAND THE RISK! | |
| openssl rsa -in server.key -out server.key-nopass | |
| # Generate CSR to submit to CA | |
| openssl req -new -sha256 -key server.key -out server.csr | |
| # Check/view CSR |
kenjij
/ gist:4e6e3eaa602c47722ce7
Last active
August 29, 2015 14:05
Self signing an SSL Certificate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt |
kenjij
/ gist:cc93165babf1f3b4b040
Last active
August 6, 2018 16:57
Secure and optimized NGINX SSL configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http { | |
| # Shared cache size; 1MB = 4000 sessions | |
| ssl_session_cache shared:SSL:10m; | |
| # Decrease timeout if resources are low | |
| ssl_session_timeout 10m; | |
| # Good-bye SSL | |
| ssl_protocols TLSv1.1 TLSv1.2; | |
| ssl_prefer_server_ciphers on; | |
| ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!ADH:!AECDH:!MD5; | |
| # OCSP stapling |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Download the legacy format for NGINX compatibility | |
| wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz | |
| wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz | |
| # Unzip | |
| gunzip Geo*.gz | |
| # Copy to /usr/share/GeoIP/ | |
| cp Geo*.dat /usr/share/GeoIP/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install Homebrew; this will prompt you to install Xcode Command Line Developer Tools | |
| $ ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" | |
| # Agree to Xcode license; necessary for fresh install | |
| $ sudo xcodebuild -license | |
| # Install RVM | |
| $ \curl -sSL https://get.rvm.io | bash -s stable |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This example will make Adobe Source Code Pro font look snug in TextMate. | |
| # Adjust space above the line | |
| defaults write com.macromates.TextMate.preview fontAscentDelta -float -2 | |
| # Adjust space below the line | |
| defaults write com.macromates.TextMate.preview fontLeadingDelta -float 0 | |
| # Reset to default | |
| defaults delete com.macromates.TextMate.preview fontAscentDelta |
OlderNewer