Skip to content

Instantly share code, notes, and snippets.

@probonopd
probonopd / Wayland.md
Last active March 28, 2024 16:46
Think twice about Wayland. It breaks everything!

Think twice before abandoning Xorg. Wayland breaks everything!

Hence, if you are interested in existing applications to "just work" without the need for adjustments, then you may be better off avoiding Wayland.

Wayland solves no issues I have but breaks almost everything I need. Even the most basic, most simple things (like xkill) - in this case with no obvious replacement. And usually it stays broken, because the Wayland folks mostly seem to care about Automotive, Gnome, maybe KDE - and alienating everyone else (e.g., people using just an X11 window manager or something like GNUstep) in the process.

Wayland proponents make it seem like Wayland is "the successor" of Xorg, when in fact it is not. It is merely an incompatible alternative, and not even one that has (nor wants to have) feature parity (missing features). And unlike X11 (the X Window System), Wayland protocol designers actively avoid the concept of "windows" (making up incompr

#!/usr/bin/env python3
import sys
import os
import smtplib
from email.mime.text import MIMEText
mail_host = 'email-smtp.eu-west-1.amazonaws.com'
mail_port = 465
@sirsquidness
sirsquidness / proxy.conf
Created September 22, 2016 12:42
How to have nginx proxy_pass follow upstream 302 redirects (eg, when you're running a steam cache and you're behind Cox's layer 7 interception stuff)
# This config came around after a friend had problems with a Steam cache on his
# Cox internet connection. Cox would intercept any requests to Steam content
# servers and return a 302 to Cox's servers. The cache would return the 302
# to the Steam client, and the Steam client would go directly to Cox, bypassing
# the cache.
# This config makes nginx follow the 302 itself, and caches the result of the
# redirect as if it was the response to the original request. So subsequent
# requests to the URL that returned a 302 will get the file instead of a 302.
@belgattitude
belgattitude / install_phpexcel_php7.sh
Last active February 17, 2019 17:24
Install libxl, php_excel extension on PHP7.1 (ondrej/ppa)
#!/bin/bash
#
# ilia/php_excel extension example install script for PHP7+
#
# usage:
# > sudo ./install_phpexcel_php7.sh
# > (optionally) sudo service php7.1-fpm restart)
#
# requirements:
# - Ubuntu 64bits (trusty/xenial)
@sakalajuraj
sakalajuraj / auditd.conf
Last active May 24, 2022 17:26
Logstash configuration for auditd messages received via syslog
# Content of the file /etc/logstash/conf.d/auditd.conf
# Tested on the CentOS 7 auditspd logs forwarded to logstash via rsyslog
input {
syslog {
type => AUDITD
port => xxxx
host => "xxx.xxx.xxx.xxx"
}
}
@Schnouki
Schnouki / popcorntime-vpn.sh
Last active January 20, 2024 12:07
OpenVPN for a single application using network namespaces -- helper scripts
#!/usr/bin/env zsh
# Initialize VPN
sudo vpnns up
sudo vpnns start_vpn
# Popcorn time!
sudo ip netns exec frootvpn sudo -u $USER popcorntime
# Cleanup
@yusufhm
yusufhm / logstash-ossec-alerts.conf
Last active May 22, 2017 16:54
Logstash configuration for reading OSSEC alerts files and send to Elasticsearch (credits to https://mig5.net)
input {
file {
type => "ossec"
path => "/var/ossec/logs/alerts/alerts.log"
sincedb_path => "/opt/logstash/"
codec => multiline {
pattern => "^\*\*"
negate => true
what => "previous"
}
@denji
denji / OCSP-generate.sh
Last active February 23, 2018 06:12
Priming the OCSP cache in Nginx
#!/bin/sh
ISSUER_CER=$1
SERVER_CER=$2
URL=$(openssl x509 -noout -ocsp_uri -in "$SERVER_CER")
openssl ocsp -noverify -no_nonce -respout ocsp.resp -issuer "$ISSUER_CER" -cert "$SERVER_CER" -url "$URL"
# Where "ocsp.resp" is whatever file you have configured in Nginx for the "ssl_stapling_file".
@chrisboulton
chrisboulton / ip_blacklist.lua
Last active March 20, 2024 19:16
Redis based IP blacklist for Nginx (LUA)
-- a quick LUA access script for nginx to check IP addresses against an
-- `ip_blacklist` set in Redis, and if a match is found send a HTTP 403.
--
-- allows for a common blacklist to be shared between a bunch of nginx
-- web servers using a remote redis instance. lookups are cached for a
-- configurable period of time.
--
-- block an ip:
-- redis-cli SADD ip_blacklist 10.1.1.1
-- remove an ip:
@jayjanssen
jayjanssen / gist:5697813
Created June 3, 2013 12:33
Testing multicast with iperf
this is a sample of output:
root@percona-db-2:~# iperf -s -u -B 226.94.1.1 -i 1
------------------------------------------------------------
Server listening on UDP port 5001
Binding to local address 226.94.1.1
Joining multicast group 226.94.1.1
Receiving 1470 byte datagrams
UDP buffer size: 122 KByte (default)
------------------------------------------------------------