Skip to content

Instantly share code, notes, and snippets.

View neilstuartcraig's full-sized avatar

Neil Craig neilstuartcraig

34 followers · 0 following
View GitHub Profile
@neilstuartcraig
neilstuartcraig / nginx-boringssl-build-script-debian.sh
Last active April 4, 2024 23:39
This builds NGINX from source with BoringSSL for Debian (alike?) systems with systemd (e.g. Debian Jessie)
#!/bin/bash
LATESTNGINX="1.11.10"
BUILDROOT="/tmp/boring-nginx"
# Pre-req
sudo apt-get update
sudo apt-get upgrade -y
# Install deps
@neilstuartcraig
neilstuartcraig / perc-no-sni.md
Created July 19, 2023 09:59
Approximate percentage of requests to www.bbc.co.uk & www.bbc.com (July 17th 2023) which did not include a TLS SNI header. Comparison of all clients/user agents with those which are likely to be humans
Country All non-SNI % Humans-only (ish) non-SNI %
Afghanistan 0.01 0.01
Åland Islands 0.00 0.00
Albania 0.00 0.00
Algeria 0.20 0.17
American Samoa 0.00 0.00
Andorra 0.00 0.00
Angola 2.05 4.39
Anguilla 0.00 0.00
@neilstuartcraig
neilstuartcraig / Nginx http to https redirect
Created April 4, 2014 11:37
Nginx http to https redirect (maintaining hostname, path and query string - using an HTTP 301)
server {
# Listen on port 80 for any IPv4 address on this server
# listen docs: http://wiki.nginx.org/HttpCoreModule#listen
listen 80;
# Listen on only the selected hostname...
server_name <HOSTNAME>;
# ...or use the catchall character if you want to handle multiple hostnames
# server_name _;
@neilstuartcraig
neilstuartcraig / insert-to-bq-in-cloud-build.md
Created December 10, 2021 11:05
Inserting a row into a BigQuery table in a Cloud Build step

Notes:

  • Make sure the Service Account running your Cloud Build job has sufficient permissions on BigQuery
  • The table in the example has 2 columns, datetime (timestamp) and deploy_sha (string)
  • The dataset and table must exist already and in this example, they're both named app_deploy_log
...
- id: app-version
  name: 'gcr.io/google.com/cloudsdktool/cloud-sdk:alpine'
 entrypoint: 'bash'
@neilstuartcraig
neilstuartcraig / gist:6965605
Last active May 25, 2021 10:14
A system V init script for a node JS app (ghost in this case) which uses forever. This script was adapted from a blog post entry by arrow http://ghost.org/forum/installation/295-need-init-script Make sure you amend paths, usernames, descriptions etc. to your app. Also ensure you have installed forever (global installation is simplest via npm ins…
#!/bin/bash
#
# An example init script for running a Node.js process as a service
# using Forever as the process monitor. For more configuration options
# associated with Forever, see: https://github.com/nodejitsu/forever
#
# You will need to set the environment variables noted below to conform to
# your use case, and change the init info comment block.
#
# This was written for Debian distributions such as Ubuntu, but should still
@neilstuartcraig
neilstuartcraig / splunk-iis-app-pool-recycle
Last active December 14, 2020 16:16
Simple Splunk search to list IIS application pool recycles by application pool name, reason for recycle, host and time. Updated to give more comprehensive app pool recycle Eventcode coverage (ref: http://technet.microsoft.com/en-us/library/cc735206(v=ws.10).aspx)
SourceName="Microsoft-Windows-WAS" host="*" |
search recycle |
rex field=Message "application pool '(?<appPool>\S*)'" |
eval host=upper(host) |
eval reason=case(EventCode=5074, "Worker process reached processing time limit", EventCode=5075, "Worker process reached processing request limit", EventCode=5076, "Scheduled recycle", EventCode=5077, "Worker process reached processing virtual memory limit", EventCode=5078, "ISAPI reported a problem so app pool was recycled", EventCode=5079, "Manual recycle", EventCode=5080, "Config changes forced recycle", EventCode=5080, "Config changes forced recycle due to invalidated meta data", EventCode=5117, "Worker process reached processing private vytes (RAM) limit", EventCode=5186, "Worker process was shut down due to inactivity") |
table _time host EventCode appPool reason Message
@neilstuartcraig
neilstuartcraig / caddy-debian-9-sysd-service-file
Created July 20, 2017 21:27
A basic Caddy / Debian 9 (Stretch) System D service file
[Unit]
Description=Caddy HTTP/2 web server
Documentation=https://caddyserver.com/docs
After=network-online.target
Wants=network-online.target
[Service]
Restart=on-failure
StartLimitInterval=0
StartLimitBurst=0
@neilstuartcraig
neilstuartcraig / wpt-preconnect-preload-script.js
Created April 14, 2020 20:16
WebPageTest preconnect/preload/... script
// Stolen from: https://andydavies.me/blog/2019/08/07/experimenting-with-link-rel-equals-preconnect-using-custom-script-injection-in-webpagetest/
(function () {
var entries = [
{'href': 'https://nav.files.bbci.co.uk', 'rel': 'preconnect'},
{'href': 'https://nav.files.bbci.co.uk', 'rel': 'preconnect', 'crossOrigin': 'anonymous'}
];
var fragment = document.createDocumentFragment();
for(entry of entries) {
var link = document.createElement('link');
@neilstuartcraig
neilstuartcraig / tls1-blog-pt2-global-gtm.md
Last active March 2, 2020 13:58
TLS usage on www.bbc.co.uk and www.bbc.com, 24-27th Feb 2020 (GTM only)
TLS Version Number of requests Percentage
TLSv1.3 1,163,496,361 69.07%
TLSv1.2 506,655,701 30.08%
TLSv1.1 500,971 0.03%
TLSv1.0 13,879,940 0.82%
@neilstuartcraig
neilstuartcraig / tls1-blog-pt2-tls1-uas.md
Created March 2, 2020 12:00
User agents (parsed) which used TLS1.0 Feb 2020
Operating system User Agent Percentage of TLS 1.0 usage
Unknown Unknown 38.02%
Android 4.2.2 Android Browser 4 2.54%
Windows 7 IE 7 2.30%
Android 4.4.4 Unknown 2.03%
Windows 7 IE 9 2.02%
Android 4.4.2 Android Browser 4 1.97%
Android 2.3.6 Android Browser 4 1.93%
Mac OS 10.11.6 Chrome 53 1.85%