Paweł Krawczyk kravietz

## nftables-docker.conf
# Docker networking is messy and undocumented. Docker will create IP addresses and iptables at random times.
# This can be limited by using totally static IP addresses for network interfaces and avoiding the default network bridge.

# /etc/default/docker
# DOCKER_OPTS="--iptables=false --ipv6 --bip 172.16.0.1/16 --fixed-cidr 172.16.0.0/16 --fixed-cidr-v6 2a01:9000::/68"
# --bip is the host IP address of the docker0 interface
# --fixed-cidr is the CIDR subnet allocated to the docker0 interface (default network bridge)
# --fixed-cidr-v6 is the IPv6 CIDR allocated to docker0

# for IPv6 split your /64 delegated subnet into /68 subnets and allocate them to each docker-compose.yml subnet:

## nftables-host.conf
#!/usr/sbin/nft -f

flush ruleset

table inet filter {
        chain input {
                type filter hook input priority 0; policy drop
                iifname lo accept
                ct state established,related accept
                # allow any incoming ICMP and ICMPv6

## sitemap-split.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from __future__ import print_function

from gzip import GzipFile
import gzip
import sys

__author__ = 'Paweł Krawczyk'

## preload.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from urllib.parse import urlparse

import codecs
from django.conf import settings
from django.utils.html_parser import HTMLParser

__author__ = 'Paweł Krawczyk'

## server-checks.py
#!/usr/bin/python3

# monitor a group of websites and email alerts

# cron task:
#
# */5 * * * * t=$(mktemp); if ! python3 /home/user/server-checks.py >$t; then mail email@example.com -s "Web check $(date)" <$t; fi; rm $t
# https://ipsec.pl/ True 0.7856874465942383

# sample output (only if errors detected, otherwise stays silent)

## luks-upgrade.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              4 stars
            
          
                kravietz
                / luks-upgrade.md
            
            
              Last active
              July 15, 2020 13:01
            
              
                Ubuntu LUKS cryptsetup upgrade
              
          
    Moved to https://krvtz.net/posts/upgrading-and-backing-up-your-luks-header.html

  
## minecraft.service
[Unit]
Description=Minecraft
Requires=local-fs.target network-online.target
After=local-fs.target network-online.target

[Service]
Type=simple
ExecStart=/usr/bin/java -Xmx768M -Xms500M -jar minecraft_server.jar nogui
WorkingDirectory=/home/minecraft
User=minecraft

## scram-sha-256.txt
postgres@tyler:~$ psql
psql (10.5 (Ubuntu 10.5-1.pgdg16.04+1))
Type "help" for help.

postgres=# show password_encryption;
 password_encryption
---------------------
 md5
(1 row)

## docker-ce.yml
# taken from https://get.docker.com/
---
- apt_key:
    url: https://download.docker.com/linux/ubuntu/gpg

- apt_repository:
    repo: 'deb https://apt.dockerproject.org/repo ubuntu-{{ansible_distribution_release}} main'
    state: absent

- apt_repository:

## django-dnt.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from django.views.generic import TemplateView

__author__ = 'Paweł Krawczyk'

DNT_HEADER = 'HTTP_DNT'


class DoNotTrackMiddleware(object):
	# Docker networking is messy and undocumented. Docker will create IP addresses and iptables at random times.
	# This can be limited by using totally static IP addresses for network interfaces and avoiding the default network bridge.

	# /etc/default/docker
	# DOCKER_OPTS="--iptables=false --ipv6 --bip 172.16.0.1/16 --fixed-cidr 172.16.0.0/16 --fixed-cidr-v6 2a01:9000::/68"
	# --bip is the host IP address of the docker0 interface
	# --fixed-cidr is the CIDR subnet allocated to the docker0 interface (default network bridge)
	# --fixed-cidr-v6 is the IPv6 CIDR allocated to docker0

	# for IPv6 split your /64 delegated subnet into /68 subnets and allocate them to each docker-compose.yml subnet:
	#!/usr/sbin/nft -f

	flush ruleset

	table inet filter {
	chain input {
	type filter hook input priority 0; policy drop
	iifname lo accept
	ct state established,related accept
	# allow any incoming ICMP and ICMPv6
	#!/usr/bin/python
	# -- coding: utf-8 --
	from __future__ import print_function

	from gzip import GzipFile
	import gzip
	import sys

	__author__ = 'Paweł Krawczyk'
	#!/usr/bin/python
	# -- coding: utf-8 --
	from urllib.parse import urlparse

	import codecs
	from django.conf import settings
	from django.utils.html_parser import HTMLParser

	__author__ = 'Paweł Krawczyk'
	#!/usr/bin/python3

	# monitor a group of websites and email alerts

	# cron task:
	#
	# /5 * * * t=$(mktemp); if ! python3 /home/user/server-checks.py >$t; then mail email@example.com -s "Web check $(date)" <$t; fi; rm $t
	# https://ipsec.pl/ True 0.7856874465942383

	# sample output (only if errors detected, otherwise stays silent)
	[Unit]
	Description=Minecraft
	Requires=local-fs.target network-online.target
	After=local-fs.target network-online.target

	[Service]
	Type=simple
	ExecStart=/usr/bin/java -Xmx768M -Xms500M -jar minecraft_server.jar nogui
	WorkingDirectory=/home/minecraft
	User=minecraft
	postgres@tyler:~$ psql
	psql (10.5 (Ubuntu 10.5-1.pgdg16.04+1))
	Type "help" for help.

	postgres=# show password_encryption;
	password_encryption
	---------------------
	md5
	(1 row)
	# taken from https://get.docker.com/
	---
	- apt_key:
	url: https://download.docker.com/linux/ubuntu/gpg

	- apt_repository:
	repo: 'deb https://apt.dockerproject.org/repo ubuntu-{{ansible_distribution_release}} main'
	state: absent

	- apt_repository:
	#!/usr/bin/python
	# -- coding: utf-8 --
	from django.views.generic import TemplateView

	__author__ = 'Paweł Krawczyk'

	DNT_HEADER = 'HTTP_DNT'


	class DoNotTrackMiddleware(object):