| When setting up a Mastodon instance I had a very hard time working out the required S3 permissions. | |
| Wasted a day on it. None of the tutorials or even the official documentation gave me this information. | |
| In the end I gave up and just gave it blanket access to all permissions for the Mastodon bucket (S3Administrator). | |
| But this didn't set well with me - I don't like granting unnecessary permissions, especially not when S3 has about 100 of them. | |
| If the server were to become compromised or the keys were to otherwise fall into the wrong hands I'd want a potentially malicious actor to have as limited permissions as possible. | |
| Anyway I finally worked out the permissions required to for Mastodon to function with an S3 bucket as its media storage. | |
| See below for the IAM policy. |
| # Creates a 20-second video with a scrolling text overlay. | |
| # The image is named 'input.png', and the textfile it reads from is called 'yourfile.txt'. | |
| # Create a video of the image | |
| ffmpeg -loop 1 -t 20 -i input.png output.mp4 | |
| # Add scrolling text to the video | |
| ffmpeg -i output.mp4 -filter_complex \ | |
| "[0]split[txt][orig];[txt]drawtext=fontfile=tahoma.ttf:fontsize=55:fontcolor=white:x=(w-text_w)/2+20:y=h-20*t:textfile='yourfile.txt':bordercolor=black:line_spacing=20:borderw=3[txt];[orig]crop=iw:50:0:0[orig];[txt][orig]overlay" \ | |
| -c:v libx264 -y -preset ultrafast -t 20 output_scrolling.mp4 |
| #!/bin/bash | |
| # This script intend to mimic TimeMachine exclude list. | |
| # As the exclude list can evolve between backups it has to be rebuilt before every backup | |
| # Apple uses 5 types of excludes, four from the /System/Library/CoreServices/backupd.bundle/Contents/Resources/StdExclusions.plist file | |
| # and files from applications where metadata says to not backup, these can be found usinf | |
| # sudo mdfind "com_apple_backup_excludeItem = 'com.apple.backupd'" | |
| SYSLOG=/usr/bin/syslog; | |
| TEMPFILE=$1; |
sudo apt-get install apt-transport-https ca-certificates
curl -s https://syncthing.net/release-key.txt | sudo apt-key add -
echo "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
sudo apt-get update
sudo apt-get install syncthing
sudo apt-get install git
Due to the OSX limitations in ports below 1024, in order to use them without running as root the virtualbox headless you can do the following workaround, (remember the command ipfw is deprecated on El Capitan)
In the Vagrant file use ports over 1024, for instance change 80 and 443 to 8080 and 8043.
# Apache
config.vm.network "forwarded_port", guest: 80, host: 8080
| #!/bin/bash | |
| # --------------------------------------------------------- | |
| # Customizable Settings | |
| # --------------------------------------------------------- | |
| MOUNT_POINT="${CASE_SAFE_MOUNT_POINT:-${HOME}/casesafe}" | |
| VOLUME_PATH="${CASE_SAFE_VOLUME_PATH:-${HOME}/.casesafe.dmg.sparseimage}" | |
| VOLUME_NAME="${CASE_SAFE_VOLUME_NAME:-casesafe}" | |
| VOLUME_SIZE="${CASE_SAFE_VOLUME_SIZE:-60g}" |
| #!/bin/bash | |
| # You need: curl, jq, and ipcalc to run this. | |
| # You should already have cut, sort and uniq if you're on OS X or Linux. | |
| RANGES=$(curl -s https://ip-ranges.amazonaws.com/ip-ranges.json | jq .prefixes | jq '.[] | select(.region=="us-east-1")' | jq 'select(.service=="EC2")' | jq .ip_prefix | cut -d '"' -f 2 | sort | uniq) | |
| for range in $RANGES | |
| do | |
| MIN=$(ipcalc -bn $range | grep "HostMin" | cut -d ':' -f 2) |
| #!/bin/bash | |
| # A quick & dirty backup script for Cassandra running inside Docker. | |
| # Assumes /var/lib/cassandra is mounted in the container as /var/lib/cassandra because | |
| # docker inspect {{ .Volumes }} is not shell-friendly. (doable, but meh) | |
| # Also assumes Cassandra was started with 'docker run --name cassandra'. | |
| export PATH=$PATH:/home/atobey/bin:/usr/local/bin | |
| set -e |
This is a guide on how to email securely.
There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.