-
namespaces - overview of Linux namespaces http://man7.org/linux/man-pages/man7/namespaces.7.html
-
mount_namespaces - overview of Linux mount namespaces
Michael Schubert schu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Replace these variables with your own values | |
| # sender | |
| # - Consider not using no-reply@, and instead use SES Inbound to receive replies | |
| # - Consider a descriptive username@; some mobile clients will display it prominently, so it should make sense to the recipient. | |
| # - Consider using a subdomain for bulk and transactional mail. Don't use the domain used by your users. | |
| # - Consider using a verified domain identity. Don't use an email address identity within a domain that has a DMARC policy. | |
| sender="hello@example.com" | |
| subject="My great email" |
johananl
/ kvm_nested_virtualization.txt
Last active
October 22, 2021 12:49
KVM nested virtualization
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| L0 = bare metal machine | |
| L1 = VM on bare metal | |
| L2 = VM on VM | |
| First, ensure virtualization is enabled on L0 as described here: https://docs.fedoraproject.org/en-US/quick-docs/using-nested-virtualization-in-kvm/#proc_enabling-nested-virtualization-in-kvm | |
| Next, launch L1 with the following Vagrant config (or an equivalent directly on the hypervisor): | |
| Vagrant.configure("2") do |config| | |
| config.vm.box = "generic/ubuntu1604" |
This is a guide that I wrote to improve the default security of my website https://fortran.io , which has a certificate from LetsEncrypt. I'm choosing to improve HTTPS security and transparency without consideration for legacy browser support.
WARNING: if you mess up settings, lose your certificates, or decide to no longer maintain HTTPS certs, these steps can and will make your domain inaccessible.
I would recommend these steps only if you have a specific need for information security, privacy, and trust with your users, and/or maintain a separate secure.example.com domain which won't mess up your main site. If you've been thinking about hosting a site on Tor, then this might be a good option, too.
The best resources that I've found for explaining these steps are https://https.cio.gov , https://certificate-transparency.org , and https://twitter.com/konklone
kachayev
/ concurrency-in-go.md
Last active
March 11, 2024 11:27
Channels Are Not Enough or Why Pipelining Is Not That Easy
... or Why Pipelining Is Not That Easy
Golang Concurrency Patterns for brave and smart.
By @kachayev