Bogdan Kondratov kondratovbr
mtigas
/ onion-svc-v3-client-auth.sh
Last active
April 22, 2024 07:31
experiments with using v3 onions with client auth (as of tor 0.3.5.X)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # needs openssl 1.1+ | |
| # needs `basez` https://manpages.debian.org/testing/basez/base32hex.1.en.html | |
| # (but something else that decodes the base64 and re-encodes the raw key bytes | |
| # to base32 is probably fine too) | |
| ##### generate a key | |
| openssl genpkey -algorithm x25519 -out /tmp/k1.prv.pem |
jumanjiman
/ harden.sh
Last active
February 1, 2024 14:27
hardening script for an alpine docker container
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Copyright 2020 Paul Morgan | |
| # License: GPLv2 (https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html) | |
| set -x | |
| set -e | |
| # | |
| # Docker build calls this script to harden the image during build. | |
| # | |
| # NOTE: To build on CircleCI, you must take care to keep the `find` | |
| # command out of the /proc filesystem to avoid errors like: |
plentz
/ nginx.conf
Last active
April 24, 2024 11:15
Best nginx configuration for improved security(and performance)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location /resize { | |
| alias /tmp/nginx/resize; | |
| set $width 150; | |
| set $height 100; | |
| set $dimens ""; | |
| if ($uri ~* "^/resize_(\d+)x(\d+)/(.*)" ) { | |
| set $width $1; | |
| set $height $2; | |
| set $image_path $3; |