Skip to content

Instantly share code, notes, and snippets.

Paweł Krawczyk kravietz

Block or report user

Report or block kravietz

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@kravietz
kravietz / luks-upgrade.md
Created Jul 9, 2019
Ubuntu LUKS cryptsetup upgrade
View luks-upgrade.md

If you installed your #ubuntu with full-disk #encryption a while, you may want to upgrade your #luks header version to enjoy improved #security and stronger password hashing algorithms.

Boot from USB

You can't change LUKS header from a live system - you need to boot a live Ubuntu USB to be able to access the encrypted partition. First, create a bootable USB stick using a regular Ubuntu installer image.

  • Just get the latest installer ISO available
  • You need the full installer, the mini network installer won't work
  • You may need to disable Secure Boot in BIOS temporarily to boot from USB
View nftables-docker.conf
# Docker networking is messy and undocumented. Docker will create IP addresses and iptables at random times.
# This can be limited by using totally static IP addresses for network interfaces and avoiding the default network bridge.
# /etc/default/docker
# DOCKER_OPTS="--iptables=false --ipv6 --bip 172.16.0.1/16 --fixed-cidr 172.16.0.0/16 --fixed-cidr-v6 2a01:9000::/68"
# --bip is the host IP address of the docker0 interface
# --fixed-cidr is the CIDR subnet allocated to the docker0 interface (default network bridge)
# --fixed-cidr-v6 is the IPv6 CIDR allocated to docker0
# for IPv6 split your /64 delegated subnet into /68 subnets and allocate them to each docker-compose.yml subnet:
@kravietz
kravietz / scram-sha-256.txt
Last active Jan 21, 2020
Switch PostgreSQL 10 to new strong SCRAM-SHA-256 password authentication
View scram-sha-256.txt
postgres@tyler:~$ psql
psql (10.5 (Ubuntu 10.5-1.pgdg16.04+1))
Type "help" for help.
postgres=# show password_encryption;
password_encryption
---------------------
md5
(1 row)
@kravietz
kravietz / docker-ce.yml
Last active Sep 24, 2018
Installing Docker 18 using Ansible on Ubuntu
View docker-ce.yml
# taken from https://get.docker.com/
---
- apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
- apt_repository:
repo: 'deb https://apt.dockerproject.org/repo ubuntu-{{ansible_distribution_release}} main'
state: absent
- apt_repository:
@kravietz
kravietz / nftables-host.conf
Last active Sep 24, 2018
Simple workstation nftables
View nftables-host.conf
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0; policy drop
iifname lo accept
ct state established,related accept
# allow any incoming ICMP and ICMPv6
@kravietz
kravietz / break.py
Created Nov 7, 2017
Vigenere over bytes (XOR) statistical solver
View break.py
#!/usr/bin/env python3
import collections
import statistics
line = 'F96DE8C227A259C87EE1DA2AED57C93FE5DA36ED4EC87EF2C63AAE5B9A7EFFD673BE4ACF7BE8923CAB1ECE7AF2DA3DA44FCF7AE29235A24C963FF0DF3CA3599A70E5DA36BF1ECE77F8DC34BE129A6CF4D126BF5B9A7CFEDF3EB850D37CF0C63AA2509A76FF9227A55B9A6FE3D720A850D97AB1DD35ED5FCE6BF0D138A84CC931B1F121B44ECE70F6C032BD56C33FF9D320ED5CDF7AFF9226BE5BDE3FF7DD21ED56CF71F5C036A94D963FF8D473A351CE3FE5DA3CB84DDB71F5C17FED51DC3FE8D732BF4D963FF3C727ED4AC87EF5DB27A451D47EFD9230BF47CA6BFEC12ABE4ADF72E29224A84CDF3FF5D720A459D47AF59232A35A9A7AE7D33FB85FCE7AF5923AA31EDB3FF7D33ABF52C33FF0D673A551D93FFCD33DA35BC831B1F43CBF1EDF67F0DF23A15B963FE5DA36ED68D378F4DC36BF5B9A7AFFD121B44ECE76FEDC73BE5DD27AFCD773BA5FC93FE5DA3CB859D26BB1C63CED5CDF3FE2D730B84CDF3FF7DD21ED5ADF7CF0D636BE1EDB79E5D721ED57CE3FE6D320ED57D469F4DC27A85A963FF3C727ED49DF3FFFDD24ED55D470E69E73AC50DE3FE5DA3ABE1EDF67F4C030A44DDF3FF5D73EA250C96BE3D327A84D963FE5DA32B91ED36BB1D132A31ED87AB1D021A255DF71B1C436BF479A7AF0C13AA14794'
ciphertext
@kravietz
kravietz / vigenere.py
Last active Nov 7, 2017
Vigenere cipher over Latin alphabet in Python3
View vigenere.py
#!/usr/bin/env python3
from itertools import cycle
A = [chr(x) for x in range(ord('a'), ord('z')+1)]
def encrypt(a,b):
return A[(A.index(a) + A.index(b)) % len(A)]
def decrypt(a,b):
View server-checks.py
#!/usr/bin/python3
# monitor a group of websites and email alerts
# cron task:
#
# */5 * * * * t=$(mktemp); if ! python3 /home/user/server-checks.py >$t; then mail email@example.com -s "Web check $(date)" <$t; fi; rm $t
# https://ipsec.pl/ True 0.7856874465942383
# sample output (only if errors detected, otherwise stays silent)
@kravietz
kravietz / django-dnt.py
Last active Jan 12, 2018
DoNotTrack middleware for Django.
View django-dnt.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from django.views.generic import TemplateView
__author__ = 'Paweł Krawczyk'
DNT_HEADER = 'HTTP_DNT'
class DoNotTrackMiddleware(object):
@kravietz
kravietz / preload.py
Last active Jun 26, 2019
Resource hints (dns-prefetch, preload, prerender etc) middleware for Django. Includes automated resource discovery.
View preload.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from urllib.parse import urlparse
import codecs
from django.conf import settings
from django.utils.html_parser import HTMLParser
__author__ = 'Paweł Krawczyk'
You can’t perform that action at this time.