Skip to content

Instantly share code, notes, and snippets.

Avatar

Holger Just meineerde

View GitHub Profile
@meineerde
meineerde / ruby_1.8.7_on_catlina.md
Created Feb 24, 2021
Install Ruby 1.8.7 on macOS Catalina with ruby-install
View ruby_1.8.7_on_catlina.md
brew install rbenv/tap/openssl@1.0
brew install gcc-6
brew install ruby-install

"Patch" ruby-install:

$EDITOR /usr/local/Cellar/ruby-install/0.8.1/share/ruby-install/ruby/functions.sh
@meineerde
meineerde / my_array_flatten.rb
Created Jan 13, 2021
A mostly equivalent version of Array#flatten in Ruby, including checks for recursive arrays
View my_array_flatten.rb
require 'set'
class MyArray < Array
def my_flatten(level = -1)
level = Integer(level)
return self.dup if level == 0
flattened_array = self.class.new
recursively_flatten(self, flattened_array, level)
flattened_array
View haproxy.cfg
acl from_internal_network src 192.168.0.0/16
acl restricted_path path -m reg ^/+admin/
http-request deny if restricted_path ! from_internal_network
@meineerde
meineerde / haproxy.conf
Created Jun 22, 2020
HAPROXY: Delay but fullfil a request if it was made with an outdated (but supported) cipher
View haproxy.conf
frontend http
mode http
bind :443 ssl crt /etc/haproxy/ssl
acl outdated_cipher ssl_fc_cipher -i -m sub rc4
# define a maximum waiting period
tcp-request inspect-delay 10s
# accept the connection immediately if the client doesn't use an outdated cipher
View Use Let's Encrypt on Homematic | RaspberryMatic.md

For the used SSL certificate to be valid, we need to use the externally visible hostname when accessing the homematic GUI. Thus, we need to configure this external hostname as the server's hostname, even if the server is only available on our internal network.

Be careful when exposing your actual homematic instance to the outside world without further safe-guards. Usually, it should only be accessible on the internal network.

Create a self-signed certificate

Go to Einstellungen -> Systemsteuerung -> Netzwerkeinstellungen. There, you can create a self-signed certificate. Enter the hostname, your email address, and your country. The latter two values are ratehr unimportant here.

We need this certificate so that the webserevr is cionfigured correctly and we have a template file which we can later overwrite with our actual SSL certificate from Let's Encrypt.

@meineerde
meineerde / DynDNS.md
Last active Aug 1, 2018
dns.he.net DynDNS with Fritzbox
View DynDNS.md
Setting Value
DynDNS-Anbieter Benutzerdefiniert
Update-URL https://dyn.dns.he.net/nic/update?hostname=<domain>&password=<pass>&myip=<ipaddr> https://dyn.dns.he.net/nic/update?hostname=<domain>&password=<pass>&myip=<ip6addr>
Domainname (your desired hostname)
Benutzername (same as Domainname)
Kennwort (your DDNS Key configured with dns.he.net)

The Update-URL contains two URLs in a single line, one for IPv4 and one for IPv6. Both addresses can be updated at the same time.

View haproxy_with_intermediates.ascii
/- backend_1 -\
/ \
outer_frontend --- backend_2 --- inner_fontend --- actual_backend
\ /
\- backend_3 -/
@meineerde
meineerde / haproxy.cfg
Created Nov 23, 2017
HAProxy: Deny a request while keeping the client-connection alive
View haproxy.cfg
frontend main
bind :443 ssl crt /tmp/foo.pem
mode http
option http-keep-alive
# ...
use_backend bk_deny if { path_beg /you/didnt/say/the/magic/word }
@meineerde
meineerde / roman_numerals.rb
Created Sep 6, 2017
Use Roman numerals the same way you can use other numeric representations in Ruby
View roman_numerals.rb
class Module
ROMAN_NUMERALS = {
'M'=> 1000,
'CM'=> 900,
'D'=> 500,
'CD'=> 400,
'C'=> 100,
'XC'=> 90,
'L'=> 50,
'XL'=> 40,
View haproxy.cfg
defaults
mode http
frontent fe
bind :8080
use_backend be
backend be
# do whatever...