Skip to content

Instantly share code, notes, and snippets.

View meineerde's full-sized avatar

Holger Just meineerde

View GitHub Profile
curl 'https://t.co/9POr0MKZof' \
-H 'authority: t.co' \
-H 'pragma: no-cache' \
-H 'cache-control: no-cache' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'sec-ch-ua-platform: "macOS"' \
-H 'upgrade-insecure-requests: 1' \
-H 'dnt: 1' \
-H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36' \
@meineerde
meineerde / ruby_1.8.7_on_catlina.md
Last active October 6, 2021 11:16
Install Ruby 1.8.7 on macOS Catalina with ruby-install
brew install rbenv/tap/openssl@1.0
brew install gcc@6
brew install ruby-install

"Patch" ruby-install:

$EDITOR /usr/local/Cellar/ruby-install/0.8.1/share/ruby-install/ruby/functions.sh
@meineerde
meineerde / my_array_flatten.rb
Created January 13, 2021 22:37
A mostly equivalent version of Array#flatten in Ruby, including checks for recursive arrays
require 'set'
class MyArray < Array
def my_flatten(level = -1)
level = Integer(level)
return self.dup if level == 0
flattened_array = self.class.new
recursively_flatten(self, flattened_array, level)
flattened_array
acl from_internal_network src 192.168.0.0/16
acl restricted_path path -m reg ^/+admin/
http-request deny if restricted_path ! from_internal_network
@meineerde
meineerde / haproxy.conf
Created June 22, 2020 19:13
HAPROXY: Delay but fullfil a request if it was made with an outdated (but supported) cipher
frontend http
mode http
bind :443 ssl crt /etc/haproxy/ssl
acl outdated_cipher ssl_fc_cipher -i -m sub rc4
# define a maximum waiting period
tcp-request inspect-delay 10s
# accept the connection immediately if the client doesn't use an outdated cipher

For the used SSL certificate to be valid, we need to use the externally visible hostname when accessing the homematic GUI. Thus, we need to configure this external hostname as the server's hostname, even if the server is only available on our internal network.

Be careful when exposing your actual homematic instance to the outside world without further safe-guards. Usually, it should only be accessible on the internal network.

Create a self-signed certificate

Go to Einstellungen -> Systemsteuerung -> Netzwerkeinstellungen. There, you can create a self-signed certificate. Enter the hostname, your email address, and your country. The latter two values are ratehr unimportant here.

We need this certificate so that the webserevr is cionfigured correctly and we have a template file which we can later overwrite with our actual SSL certificate from Let's Encrypt.

@meineerde
meineerde / DynDNS.md
Last active August 1, 2018 17:23
dns.he.net DynDNS with Fritzbox
Setting Value
DynDNS-Anbieter Benutzerdefiniert
Update-URL https://dyn.dns.he.net/nic/update?hostname=<domain>&password=<pass>&myip=<ipaddr> https://dyn.dns.he.net/nic/update?hostname=<domain>&password=<pass>&myip=<ip6addr>
Domainname (your desired hostname)
Benutzername (same as Domainname)
Kennwort (your DDNS Key configured with dns.he.net)

The Update-URL contains two URLs in a single line, one for IPv4 and one for IPv6. Both addresses can be updated at the same time.

/- backend_1 -\
/ \
outer_frontend --- backend_2 --- inner_fontend --- actual_backend
\ /
\- backend_3 -/
@meineerde
meineerde / haproxy.cfg
Created November 23, 2017 16:58
HAProxy: Deny a request while keeping the client-connection alive
frontend main
bind :443 ssl crt /tmp/foo.pem
mode http
option http-keep-alive
# ...
use_backend bk_deny if { path_beg /you/didnt/say/the/magic/word }
@meineerde
meineerde / roman_numerals.rb
Created September 6, 2017 14:24
Use Roman numerals the same way you can use other numeric representations in Ruby
class Module
ROMAN_NUMERALS = {
'M'=> 1000,
'CM'=> 900,
'D'=> 500,
'CD'=> 400,
'C'=> 100,
'XC'=> 90,
'L'=> 50,
'XL'=> 40,