Skip to content

Instantly share code, notes, and snippets.

Avatar

Paweł Krawczyk kravietz

View GitHub Profile
@kravietz
kravietz / sitemap-split.py
Created Feb 19, 2015
XML sitemap split into 50k chunks
View sitemap-split.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from __future__ import print_function
from gzip import GzipFile
import gzip
import sys
__author__ = 'Paweł Krawczyk'
View server-checks.py
#!/usr/bin/python3
# monitor a group of websites and email alerts
# cron task:
#
# */5 * * * * t=$(mktemp); if ! python3 /home/user/server-checks.py >$t; then mail email@example.com -s "Web check $(date)" <$t; fi; rm $t
# https://ipsec.pl/ True 0.7856874465942383
# sample output (only if errors detected, otherwise stays silent)
View nftables-docker.conf
# Docker networking is messy and undocumented. Docker will create IP addresses and iptables at random times.
# This can be limited by using totally static IP addresses for network interfaces and avoiding the default network bridge.
# /etc/default/docker
# DOCKER_OPTS="--iptables=false --ipv6 --bip 172.16.0.1/16 --fixed-cidr 172.16.0.0/16 --fixed-cidr-v6 2a01:9000::/68"
# --bip is the host IP address of the docker0 interface
# --fixed-cidr is the CIDR subnet allocated to the docker0 interface (default network bridge)
# --fixed-cidr-v6 is the IPv6 CIDR allocated to docker0
# for IPv6 split your /64 delegated subnet into /68 subnets and allocate them to each docker-compose.yml subnet:
@kravietz
kravietz / minecraft.service
Created Mar 13, 2020
Hardened Minecraft systemd service
View minecraft.service
[Unit]
Description=Minecraft
Requires=local-fs.target network-online.target
After=local-fs.target network-online.target
[Service]
Type=simple
ExecStart=/usr/bin/java -Xmx768M -Xms500M -jar minecraft_server.jar nogui
WorkingDirectory=/home/minecraft
User=minecraft
@kravietz
kravietz / scram-sha-256.txt
Last active Jan 21, 2020
Switch PostgreSQL 10 to new strong SCRAM-SHA-256 password authentication
View scram-sha-256.txt
postgres@tyler:~$ psql
psql (10.5 (Ubuntu 10.5-1.pgdg16.04+1))
Type "help" for help.
postgres=# show password_encryption;
password_encryption
---------------------
md5
(1 row)
@kravietz
kravietz / preload.py
Last active Jun 26, 2019
Resource hints (dns-prefetch, preload, prerender etc) middleware for Django. Includes automated resource discovery.
View preload.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from urllib.parse import urlparse
import codecs
from django.conf import settings
from django.utils.html_parser import HTMLParser
__author__ = 'Paweł Krawczyk'
@kravietz
kravietz / nftables-host.conf
Last active Sep 24, 2018
Simple workstation nftables
View nftables-host.conf
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0; policy drop
iifname lo accept
ct state established,related accept
# allow any incoming ICMP and ICMPv6
@kravietz
kravietz / docker-ce.yml
Last active Sep 24, 2018
Installing Docker 18 using Ansible on Ubuntu
View docker-ce.yml
# taken from https://get.docker.com/
---
- apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
- apt_repository:
repo: 'deb https://apt.dockerproject.org/repo ubuntu-{{ansible_distribution_release}} main'
state: absent
- apt_repository:
@kravietz
kravietz / django-dnt.py
Last active Jan 12, 2018
DoNotTrack middleware for Django.
View django-dnt.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
from django.views.generic import TemplateView
__author__ = 'Paweł Krawczyk'
DNT_HEADER = 'HTTP_DNT'
class DoNotTrackMiddleware(object):