Skip to content

Instantly share code, notes, and snippets.

View khash's full-sized avatar
😷
Having fun!

Khash Sajadi khash

😷
Having fun!
54 followers · 7 following
View GitHub Profile
@chrisboulton
chrisboulton / ip_blacklist.lua
Last active May 23, 2024 07:53
Redis based IP blacklist for Nginx (LUA)
-- a quick LUA access script for nginx to check IP addresses against an
-- `ip_blacklist` set in Redis, and if a match is found send a HTTP 403.
--
-- allows for a common blacklist to be shared between a bunch of nginx
-- web servers using a remote redis instance. lookups are cached for a
-- configurable period of time.
--
-- block an ip:
-- redis-cli SADD ip_blacklist 10.1.1.1
-- remove an ip:
@stevenhaddox
stevenhaddox / server_certificates_to_pem.md
Last active May 8, 2024 07:13
Convert .crt & .key files into .pem file for HTTParty

Two ways to do it, but only worked for me so I'll put it first and the second for reference:

$ openssl pkcs12 -export -in hostname.crt -inkey hostname.key -out hostname.p12
$ openssl pkcs12 -in hostname.p12 -nodes -out hostname.pem

Other options for this method in comments below:

# Note, the -certfile root.crt appends all CA certs to the export, I've never needed these so it's optional for my personal steps
$ openssl pkcs12 -export -in hostname.crt -inkey hostname.key -certfile root.crt -out hostname.p12

Note, I've always had my hostname.crt as part of my .pem, so I keep my certs but apparently you may not have to, hence the nocerts flag being an extra option in this sample