I hereby claim:
- I am neilstuartcraig on github.
- I am neilcraig (https://keybase.io/neilcraig) on keybase.
- I have a public key whose fingerprint is EE2E 497F 287E AC9F 07F7 D387 FD97 7DDA E85E 0A1C
To claim this, I am signing this object:
Neil Craig neilstuartcraig
neilstuartcraig
/ etc-init.d-nginx
Last active
August 29, 2015 14:16
— forked from sairam/etc-init.d-nginx
NGINX init script for my project - forked from https://gist.github.com/sairam/5892520
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # nginx - this script starts and stops the nginx daemin | |
| # | |
| # chkconfig: - 85 15 | |
| # description: Nginx iwe/IMAP/proxy server | |
| # processname: nginx | |
| # config: /etc/nginx/current/nginx.conf | |
| # pidfile: /var/run/nginx.pid | |
| # user: gtmdaemon |
neilstuartcraig
/ nsc-sublimetext-3-user-key-bindings
Created
May 22, 2014 10:05
My preferred Sublimetext (3) user key bindings/shortcuts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { "keys": ["super+u"], "command": "upper_case" }, | |
| { "keys": ["super+l"], "command": "lower_case" }, | |
| { "keys": ["ctrl+k"], "command": "run_macro_file", "args": {"file": "res://Packages/Default/Delete Line.sublime-macro"} }, | |
| { "keys": ["super+k"], "command": "run_macro_file", "args": {"file": "res://Packages/Default/Delete Line.sublime-macro"} }, | |
| { "keys": ["super+shift+down"], "command": "duplicate_line" }, | |
| { "keys": ["super+alt+c"], "command": "git_commit_all" }, | |
| { "keys": ["super+alt+p"], "command": "git_push_origin_master" }, | |
| { "keys": ["tab"], "command": "indent"}, |
neilstuartcraig
/ splunk-count-hosts-24h
Created
May 21, 2014 08:06
Outputs a count of the number of hosts (servers, network appliances etc. including those whose hostname is just an IP address) which have at least 1 event logged into Splunk in the last 24 hours.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| index=* earliest_time=-24h host=* | eval h=lower(host) | stats distinct_count(h) |
neilstuartcraig
/ splunk-list-hosts-logged-last-24h
Last active
December 18, 2019 16:20
List all hosts (servers, network appliances etc. including those whose hostname is just an IP address) which have at least 1 event logged into Splunk in the last 24 hours.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| index=* earliest_time=-24h host=* | eval h=lower(host) | stats values(h) |
neilstuartcraig
/ Nginx http to https redirect
Created
April 4, 2014 11:37
Nginx http to https redirect (maintaining hostname, path and query string - using an HTTP 301)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| # Listen on port 80 for any IPv4 address on this server | |
| # listen docs: http://wiki.nginx.org/HttpCoreModule#listen | |
| listen 80; | |
| # Listen on only the selected hostname... | |
| server_name <HOSTNAME>; | |
| # ...or use the catchall character if you want to handle multiple hostnames | |
| # server_name _; |
neilstuartcraig
/ Secure SSL certificate configuration for Nginx (Grade A on GlobalSign SSL certificate checker)
Last active
December 30, 2015 11:29
A secure SSL certificate configuration for Nginx (Dec 2013) which mitigates most known vulnerabilities whilst providing good browser coverage and a grade A rating on the GlobalSign SSL cert checker (https://sslcheck.globalsign.com/en_GB)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ssl on; | |
| ssl_certificate /path/to/certs/thedotproduct.org.pem; | |
| ssl_certificate_key /path/to/certs/thedotproduct.org.key.unsigned; | |
| # References used along with my own work: | |
| # https://raymii.org/s/tutorials/Pass_the_SSL_Labs_Test_on_NGINX_(Mitigate_the_CRIME_and_BEAST_attack_-_Disable_SSLv2_-_Enable_PFS).html | |
| # https://coderwall.com/p/ebl2qa | |
| # http://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ | |
| # http://code-bear.com/bearlog/2013/06/26/nginx-ssl-config-for-forward-secrecy/ | |
| # https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet#Rule_-_Only_Support_Strong_Cryptographic_Ciphers |
neilstuartcraig
/ newrelic monit conf file
Created
November 18, 2013 20:41
A really, really basic monit (http://mmonit.com/) config script for newrelic sysmond process.
This is written for Debian 7 but probably will work on other *nix's
You simply need to place a file containing the below (suggest filename newrelic.conf) in your monit conf file include dir (/etc/monit/conf.d on Debian 7)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| check process newrelic with pidfile /var/run/nrsysmond.pid | |
| start program "/etc/init.d/newrelic-sysmond start" | |
| start program "/etc/init.d/newrelic-sysmond stop" | |
| if 10 restarts within 10 cycles then timeout |
neilstuartcraig
/ splunk-search-server-logging-excessive-data
Created
October 18, 2013 08:00
A splunk search which you can schedule and alert on (e.g. if number of events > 0) to let you know if any of your servers are generating large volumes of log data.
We use this at work in a suite of alerts which help us identify problems or potential security violations quickly and easily.
To this end, you'll probably want to add to this search t…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| index="_internal" source="*metrics.log" per_host_thruput | chart sum(kb) by series | rename sum(kb) to KBLogged | eval MBLogged=round(KBLogged/1024,1) | fields series MBLogged | search MBLogged>3 | sort -MBLogged |
neilstuartcraig
/ ghost-ses-smtp-config
Created
October 17, 2013 14:08
An extract of config.js for ghost (http://ghost.org) blog app (nodejs) to allow sending email via SES (over SSL).
Note that this will fail if your website is not return-connectable by SES on your defined ghost URL i.e. your blog must be publicily available, not just runnnig on e.g. a private VM. If you're running under HTTPS then your SSL cert m…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mail: { | |
| transport: 'SMTP', | |
| host: 'ssl://email-smtp.us-east-1.amazonaws.com', | |
| options: { | |
| port: 465, | |
| service: 'SES', | |
| auth: { | |
| user: 'YOUR-SES-ACCESS-KEY-ID', | |
| pass: 'YOUR-SES-SECRET-ACCESS-KEY' | |
| } |