Skip to content

Instantly share code, notes, and snippets.

View prasetiyohadi's full-sized avatar

Prasetiyo Hadi Purwoko prasetiyohadi

14 followers · 12 following
View GitHub Profile
@prasetiyohadi
prasetiyohadi / main.go
Created April 3, 2021 02:04
Go snippet for traversing file path
package main
import (
"fmt"
"os"
"path/filepath"
"regexp"
)
func main() {
@prasetiyohadi
prasetiyohadi / resume.json
Last active August 20, 2019 05:04
{
"basics": {
"name": "Prasetiyo Hadi Purwoko",
"label": "System Engineer",
"summary": "Master in Computational Science and bachelor in Engineering Physics graduate from Institut Teknologi Bandung, and was member of Himpunan Mahasiswa Fisika Teknik and Amateur Radio Club ITB. Worked as Network Administrator at USDI ITB and FMIPA ITB when studying in bachelor degree and while pursuing master degree, continued to work as Mail Administrator at DitSTI ITB and now currently work as System Engineer at PT. Bukalapak.com.",
"website": "https://deuterion.net",
"email": "prasetiyohadi92@gmail.com",
"location": {
"city": "Jakarta Selatan",
"countryCode": "ID"
@prasetiyohadi
prasetiyohadi / vsphere_info.py
Last active October 26, 2017 03:28 — forked from deviantony/vsphere_info.py
VMWare Vsphere info in Python using pyvmomi
#!/usr/bin/env python
import pyVmomi
import argparse
import atexit
import itertools
from pyVmomi import vim, vmodl
from pyVim.connect import SmartConnectNoSSL, Disconnect
import humanize
@prasetiyohadi
prasetiyohadi / Ansible bootstrap BSD
Created July 15, 2016 04:14
Ansible command to initialize operation for BSD servers
ansible -i ./hosts server -bkK -m raw -a 'env ASSUME_ALWAYS_YES\=YES pkg install python' foobar
@prasetiyohadi
prasetiyohadi / logstash-grok-pattern
Last active January 28, 2019 20:04
Logstash grok patterns for many types of logs
# Nginx access log
# log_format main '$http_host $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time $upstream_response_time [for $host via $upstream_addr] "$http_x_forwarded_for"';
NGINXACCESS %{IPORHOST:http_host} %{IPORHOST:clientip} - %{USER:clientuser} \[%{HTTPDATE:timestamp}\] \"(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})\" %{NUMBER:response} (?:%{NUMBER:bytes}|-) %{QS:referrer} %{QS:agent} %{NUMBER:request_time:float} (?:%{NUMBER:upstream_time:float}|-) \[for %{IPORHOST:host} via (?<upstream_group>%{NOTSPACE:upstream_addr}.*)\] %{QS:http_x_forwarded_for}
# Squid HTTP Proxy
# http://wiki.squid-cache.org/Features/LogFormat
# time elapsed remotehost code/status bytes method URL rfc931 peerstatus/peerhost type
SQUIDACCESS %{NUMBER:timestamp}\s+%{NUMBER:response_time} %{IPORHOST:src_ip} %{WORD:squid_request_status}/%{NUMBER:response_status} %{NUMBER:response_size:byte} %{WORD:http_metho
@prasetiyohadi
prasetiyohadi / nginx.conf
Created December 23, 2015 08:17
Mitigating DDOS Attack with Nginx
# Source: https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
# DDOS characteristics:
# - traffic originates from a fixed set of IP addresses, much higher than requests from forward proxies
# - traffic is much higher than a human user can generate
# - The User-Agent header is sometimes set to a non-standard value
# - The Referer header is sometimes set to a value you can associate with the attack
# Limiting the rate of requests (example: 30 connection per minute per IP or allow request only every 2 seconds)
limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;
@prasetiyohadi
prasetiyohadi / nginx.conf
Created December 23, 2015 08:17
Tuning Nginx for performance
# Source https://www.nginx.com/blog/tuning-nginx/
# A good rule to follow when tuning is to change one setting at a time, and set it back to the default value if the change does not improve performance
# Tuning your Linux configuration
#
# The backlog queue: settings relate to connections and how they are queued
# If you have a high rate of incoming connections and you are getting uneven levels of performance (for example some connections appear to be stalling), then changing these settings can help
#
# net.core.somaxconn – The maximum number of connections that can be queued for acceptance by Nginx
# Note: if you set this to a value greater than 512, change the backlog parameter to the Nginx listen directive to match
@prasetiyohadi
prasetiyohadi / nginx.conf
Created December 23, 2015 07:23
Using Nginx to protect against CVE-2015-1635
# See https://www.nginx.com/blog/nginx-protect-cve-2015-1635/
# Using Nginx to protect against CVE-2015-1635
# Exploit: https://ma.ttias.be/remote-code-execution-via-http-request-in-iis-on-windows/
# Identifying and handling reconnaisance traffic
# HTTP requests with a large byte range in the **Range** header trigger the crash:
#
# GET / HTTP/1.1\r\n
# Host: stuff\r\n
# Range: bytes=0-18446744073709551615\r\n
@prasetiyohadi
prasetiyohadi / openstack.sh
Last active April 12, 2017 11:48
Openstack commands example
#!/bin/bash
# load authentication key
cd $HOME
source keystonerc_admin
# list neutron routers
neutron router-list --max-width 50
# remove router gateway
@prasetiyohadi
prasetiyohadi / openvpn-fw.sh
Last active December 23, 2015 09:56
Firewall-cmd configuration for OpenVPN service
#!/bin/bash
echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
sudo systemctl start firewalld.service
sudo firewall-cmd --zone=public --add-service openvpn --permanent
sudo firewall-cmd --zone=public --add-masquerade --permanent
# confirm
sudo firewall-cmd --zone=public --query-masquerade