Skip to content

Instantly share code, notes, and snippets.

View rooty's full-sized avatar
🏠
Working from home

Vitalii Mikhnevych rooty

🏠
Working from home
21 followers · 12 following
View GitHub Profile
@rooty
rooty / LetsEncrypt+certbot+UFW+postfix+dovecot.md
Created December 23, 2018 08:13 — forked from mrothNET/LetsEncrypt+certbot+UFW+postfix+dovecot.md
Let's Encrypt / Dovecot / Postfix / UFW firewall / Certbot

Let's Encrypt / Dovecot / Postfix / UFW firewall / Certbot

This tutorial describes how to install TLS to a mail server consisting of Postfix and/or Dovecot by using Let's Encrypt certificates with automatic renewing and firewall management.

The system used for this tutorial was:

$ lsb_release -idrc
Distributor ID: Ubuntu
@rooty
rooty / nginx.conf
Created December 11, 2018 03:43 — forked from plentz/nginx.conf
Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/
# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
@rooty
rooty / j.py
Created September 13, 2018 06:25
Определяем разрешение JPEG изображения
def jpeg_res(filename):
# open image for reading in binary mode
with open(filename,'rb') as img_file:
# height of img (in 2 bytes), 164th position
img_file.seek(163)
# read the 2 bytes
a = img_file.read(2)
@rooty
rooty / act.sh
Created June 11, 2018 17:32
Активация LVM груп
vgchange -ay
mount /dev/vg0/root /mnt
@rooty
rooty / unbound_ext.conf
Created May 30, 2018 12:02
unbound версии 1.7.1
server:
tls-cert-bundle: "/etc/pki/tls/certs/ca-bundle.crt"
forward-zone:
name: "."
forward-addr: 1.1.1.1#cloudflare-dns.com
forward-addr: 1.0.0.1#cloudflare-dns.com
forward-addr: 2606:4700:4700::1111#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001#cloudflare-dns.com
forward-tls-upstream: yes
@rooty
rooty / paramiko-using-ssh-config.py
Created May 1, 2018 22:22 — forked from acdha/paramiko-using-ssh-config.py
Connecting with paramiko using the user's OpenSSH config
client = paramiko.SSHClient()
client._policy = paramiko.WarningPolicy()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh_config = paramiko.SSHConfig()
user_config_file = os.path.expanduser("~/.ssh/config")
if os.path.exists(user_config_file):
with open(user_config_file) as f:
ssh_config.parse(f)
@rooty
rooty / cpu_thro
Created April 15, 2018 13:18
https://wiki.archlinux.org/index.php/CPU_frequency_scaling_(Русский)
for CPUFREQ in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor;
do
[ -f $CPUFREQ ] || continue
echo -n performance > $CPUFREQ
done
https://www.kernel.org/doc/Documentation/cpu-freq/governors.txt
@rooty
rooty / logrotate
Created March 23, 2018 09:21
Manipulate date
/var/log/myproject/celery.log {
size 1
su myuser myuser
copytruncate
create
rotate 10
missingok
postrotate
timeext=`date -d '1 day ago' "+%Y-%m-%d"` # daily
# timeext=$(date +%Y-%m-%d_%H) # hourly
@rooty
rooty / find-https-debian-archives.py
Last active February 22, 2018 23:17 — forked from eighthave/find-https-debian-archives.py
Script to find official Debian mirrors that support HTTPS
#!/usr/bin/env python3
import urllib.request
import re
import ssl
import sys
# # find generic mirrors
mirrors = urllib.request.urlopen('http://www.debian.org/mirror/list')
https = []
@rooty
rooty / nginx.conf
Created February 15, 2018 22:44 — forked from nrollr/nginx.conf
NGINX config for SSL with Let's Encrypt certs
# Advanced config for NGINX
server_tokens off;
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
# Redirect all HTTP traffic to HTTPS
server {
listen 80;
server_name www.domain.com domain.com;
return 301 https://$host$request_uri;