Paweł Krawczyk kravietz

## minecraft.service
[Unit]
Description=Minecraft
Requires=local-fs.target network-online.target
After=local-fs.target network-online.target

[Service]
Type=simple
ExecStart=/usr/bin/java -Xmx768M -Xms500M -jar minecraft_server.jar nogui
WorkingDirectory=/home/minecraft
User=minecraft

## luks-upgrade.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              4 stars
            
          
                kravietz
                / luks-upgrade.md
            
            
              Created Jul 9, 2019
            
              
                Ubuntu LUKS cryptsetup upgrade
              
          
      View luks-upgrade.md
  
    
    If you installed your #ubuntu with full-disk #encryption a while, you may want to upgrade your #luks header version to enjoy improved #security and stronger password hashing algorithms.
Boot from USB
You can't change LUKS header from a live system - you need to boot a live Ubuntu USB to be able to access the encrypted partition. First, create a bootable USB stick using a regular Ubuntu installer image.

Just get the latest installer ISO available
You need the full installer, the mini network installer won't work
You may need to disable Secure Boot in BIOS temporarily to boot from USB


## nftables-docker.conf
# Docker networking is messy and undocumented. Docker will create IP addresses and iptables at random times.
# This can be limited by using totally static IP addresses for network interfaces and avoiding the default network bridge.

# /etc/default/docker
# DOCKER_OPTS="--iptables=false --ipv6 --bip 172.16.0.1/16 --fixed-cidr 172.16.0.0/16 --fixed-cidr-v6 2a01:9000::/68"
# --bip is the host IP address of the docker0 interface
# --fixed-cidr is the CIDR subnet allocated to the docker0 interface (default network bridge)
# --fixed-cidr-v6 is the IPv6 CIDR allocated to docker0

# for IPv6 split your /64 delegated subnet into /68 subnets and allocate them to each docker-compose.yml subnet:

## scram-sha-256.txt
postgres@tyler:~$ psql
psql (10.5 (Ubuntu 10.5-1.pgdg16.04+1))
Type "help" for help.

postgres=# show password_encryption;
 password_encryption
---------------------
 md5
(1 row)

## docker-ce.yml
# taken from https://get.docker.com/
---
- apt_key:
    url: https://download.docker.com/linux/ubuntu/gpg

- apt_repository:
    repo: 'deb https://apt.dockerproject.org/repo ubuntu-{{ansible_distribution_release}} main'
    state: absent

- apt_repository:

## nftables-host.conf
#!/usr/sbin/nft -f

flush ruleset

table inet filter {
        chain input {
                type filter hook input priority 0; policy drop
                iifname lo accept
                ct state established,related accept
                # allow any incoming ICMP and ICMPv6

## break.py
#!/usr/bin/env python3

import collections
import statistics

line = 'F96DE8C227A259C87EE1DA2AED57C93FE5DA36ED4EC87EF2C63AAE5B9A7EFFD673BE4ACF7BE8923CAB1ECE7AF2DA3DA44FCF7AE29235A24C963FF0DF3CA3599A70E5DA36BF1ECE77F8DC34BE129A6CF4D126BF5B9A7CFEDF3EB850D37CF0C63AA2509A76FF9227A55B9A6FE3D720A850D97AB1DD35ED5FCE6BF0D138A84CC931B1F121B44ECE70F6C032BD56C33FF9D320ED5CDF7AFF9226BE5BDE3FF7DD21ED56CF71F5C036A94D963FF8D473A351CE3FE5DA3CB84DDB71F5C17FED51DC3FE8D732BF4D963FF3C727ED4AC87EF5DB27A451D47EFD9230BF47CA6BFEC12ABE4ADF72E29224A84CDF3FF5D720A459D47AF59232A35A9A7AE7D33FB85FCE7AF5923AA31EDB3FF7D33ABF52C33FF0D673A551D93FFCD33DA35BC831B1F43CBF1EDF67F0DF23A15B963FE5DA36ED68D378F4DC36BF5B9A7AFFD121B44ECE76FEDC73BE5DD27AFCD773BA5FC93FE5DA3CB859D26BB1C63CED5CDF3FE2D730B84CDF3FF7DD21ED5ADF7CF0D636BE1EDB79E5D721ED57CE3FE6D320ED57D469F4DC27A85A963FF3C727ED49DF3FFFDD24ED55D470E69E73AC50DE3FE5DA3ABE1EDF67F4C030A44DDF3FF5D73EA250C96BE3D327A84D963FE5DA32B91ED36BB1D132A31ED87AB1D021A255DF71B1C436BF479A7AF0C13AA14794'

ciphertext

## vigenere.py
#!/usr/bin/env python3

from itertools import cycle

A = [chr(x) for x in range(ord('a'), ord('z')+1)]

def encrypt(a,b):
    return A[(A.index(a) + A.index(b)) % len(A)]

def decrypt(a,b):

## server-checks.py
#!/usr/bin/python3

# monitor a group of websites and email alerts

# cron task:
#
# */5 * * * * t=$(mktemp); if ! python3 /home/user/server-checks.py >$t; then mail email@example.com -s "Web check $(date)" <$t; fi; rm $t
# https://ipsec.pl/ True 0.7856874465942383

# sample output (only if errors detected, otherwise stays silent)

## django-dnt.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from django.views.generic import TemplateView

__author__ = 'Paweł Krawczyk'

DNT_HEADER = 'HTTP_DNT'


class DoNotTrackMiddleware(object):
	[Unit]
	Description=Minecraft
	Requires=local-fs.target network-online.target
	After=local-fs.target network-online.target

	[Service]
	Type=simple
	ExecStart=/usr/bin/java -Xmx768M -Xms500M -jar minecraft_server.jar nogui
	WorkingDirectory=/home/minecraft
	User=minecraft
	# Docker networking is messy and undocumented. Docker will create IP addresses and iptables at random times.
	# This can be limited by using totally static IP addresses for network interfaces and avoiding the default network bridge.

	# /etc/default/docker
	# DOCKER_OPTS="--iptables=false --ipv6 --bip 172.16.0.1/16 --fixed-cidr 172.16.0.0/16 --fixed-cidr-v6 2a01:9000::/68"
	# --bip is the host IP address of the docker0 interface
	# --fixed-cidr is the CIDR subnet allocated to the docker0 interface (default network bridge)
	# --fixed-cidr-v6 is the IPv6 CIDR allocated to docker0

	# for IPv6 split your /64 delegated subnet into /68 subnets and allocate them to each docker-compose.yml subnet:
	postgres@tyler:~$ psql
	psql (10.5 (Ubuntu 10.5-1.pgdg16.04+1))
	Type "help" for help.

	postgres=# show password_encryption;
	password_encryption
	---------------------
	md5
	(1 row)
	# taken from https://get.docker.com/
	---
	- apt_key:
	url: https://download.docker.com/linux/ubuntu/gpg

	- apt_repository:
	repo: 'deb https://apt.dockerproject.org/repo ubuntu-{{ansible_distribution_release}} main'
	state: absent

	- apt_repository:
	#!/usr/sbin/nft -f

	flush ruleset

	table inet filter {
	chain input {
	type filter hook input priority 0; policy drop
	iifname lo accept
	ct state established,related accept
	# allow any incoming ICMP and ICMPv6
	#!/usr/bin/env python3

	import collections
	import statistics

	line = 'F96DE8C227A259C87EE1DA2AED57C93FE5DA36ED4EC87EF2C63AAE5B9A7EFFD673BE4ACF7BE8923CAB1ECE7AF2DA3DA44FCF7AE29235A24C963FF0DF3CA3599A70E5DA36BF1ECE77F8DC34BE129A6CF4D126BF5B9A7CFEDF3EB850D37CF0C63AA2509A76FF9227A55B9A6FE3D720A850D97AB1DD35ED5FCE6BF0D138A84CC931B1F121B44ECE70F6C032BD56C33FF9D320ED5CDF7AFF9226BE5BDE3FF7DD21ED56CF71F5C036A94D963FF8D473A351CE3FE5DA3CB84DDB71F5C17FED51DC3FE8D732BF4D963FF3C727ED4AC87EF5DB27A451D47EFD9230BF47CA6BFEC12ABE4ADF72E29224A84CDF3FF5D720A459D47AF59232A35A9A7AE7D33FB85FCE7AF5923AA31EDB3FF7D33ABF52C33FF0D673A551D93FFCD33DA35BC831B1F43CBF1EDF67F0DF23A15B963FE5DA36ED68D378F4DC36BF5B9A7AFFD121B44ECE76FEDC73BE5DD27AFCD773BA5FC93FE5DA3CB859D26BB1C63CED5CDF3FE2D730B84CDF3FF7DD21ED5ADF7CF0D636BE1EDB79E5D721ED57CE3FE6D320ED57D469F4DC27A85A963FF3C727ED49DF3FFFDD24ED55D470E69E73AC50DE3FE5DA3ABE1EDF67F4C030A44DDF3FF5D73EA250C96BE3D327A84D963FE5DA32B91ED36BB1D132A31ED87AB1D021A255DF71B1C436BF479A7AF0C13AA14794'

	ciphertext
	#!/usr/bin/env python3

	from itertools import cycle

	A = [chr(x) for x in range(ord('a'), ord('z')+1)]

	def encrypt(a,b):
	return A[(A.index(a) + A.index(b)) % len(A)]

	def decrypt(a,b):
	#!/usr/bin/python3

	# monitor a group of websites and email alerts

	# cron task:
	#
	# /5 * * * t=$(mktemp); if ! python3 /home/user/server-checks.py >$t; then mail email@example.com -s "Web check $(date)" <$t; fi; rm $t
	# https://ipsec.pl/ True 0.7856874465942383

	# sample output (only if errors detected, otherwise stays silent)
	#!/usr/bin/python
	# -- coding: utf-8 --
	from django.views.generic import TemplateView

	__author__ = 'Paweł Krawczyk'

	DNT_HEADER = 'HTTP_DNT'


	class DoNotTrackMiddleware(object):