Skip to content

Instantly share code, notes, and snippets.

Looking for a job

Sergey Ponomarev stokito

Looking for a job
View GitHub Profile
stokito /
Last active Aug 13, 2022 — forked from jayluxferro/
How to run OpenWrt in VirtualBox

The official doc seems too complicated OpenWrt on VirtualBox HowTo

  1. Download and install VirtualBox. On Windows add to PATH envs C:\Program Files\Oracle\VirtualBox
  2. Get an OpenWrt image openwrt-x86-64-combined-ext4.img.gz from targets/x86/64/ folder. Direct snapshot download
  3. Uncompress the image: gunzip openwrt.img.gz
  4. Convert it to native VirtualBox format:
VBoxManage convertfromraw --format VDI openwrt.img openwrt.vdi
stokito / somehost.conf
Last active Jul 7, 2022 — forked from tomkersten/somehost.conf
Nginx config with CORS headers added and Basic Auth
View somehost.conf
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/;
ssl_certificate_key /etc/letsencrypt/live/;
root /var/www/html;
access_log off;
location / {
if ($request_method = 'OPTIONS') {
stokito / onion-gen.js
Created Jun 28, 2022 — forked from ttaubert/onion-gen.js
Generating custom .onion names with the WebCrypto API
View onion-gen.js
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at */
"use strict";
* thirty-two
stokito /
Last active May 11, 2022 — forked from mtigas/
experiments with using v3 onions with client auth (as of tor 0.3.5.X)
# needs openssl 1.1+
# needs base64 and base32 utilities.
# On OpenWrt you may install coreutils-base64 and coreutils-base32.
# BusyBox can be compiled with them.
# On other systems try basenc or basez
##### generate a key
stokito /
Last active Jan 8, 2022 — forked from KevCui/
A shell (ash, dash, Bash) script to decode JWT token. Version ported to OpenWrt here
# Decode a JWT from stdin and verify it's signature with the JWT issuer public key
# Only RS256 keys are supported for signature check
# Put OAuth server public key in PEM format to /var/cache/oauth/$
# You must create the folder first
# $ sudo mkdir -p /var/cache/oauth/
# To converted key from JWK to PEM use or
# NOTE: For Google you can get the keys in PEM format via
# Decode the keys with decodeURIComponent()
stokito / firewall.user
Last active Aug 8, 2022 — forked from Manouchehri/
OpenWrt: Allow only CloudFlare to access HTTP 80 and HTTPS 443 ports. Use if your uhttpd is hidden behind CF. Put this file to /etc/firewall.user. NOTE: It uses HTTP to get the list of IPs because to wget via https we need to install ca-certs. This makes you vulnerable to MiTM attacks but that's ok to be protected from internet's hackers
View firewall.user
# replace the ips-v4 with ips-v6 if needed
for ip in `wget -qO-`; do
iptables -I INPUT -p tcp -m multiport --dports 80,443,8080,8443,2052,2053,2082,2083,2086,2087,2095,2096,8880 -s $ip -j ACCEPT
stokito / openssl.MD
Created Jan 15, 2018 — forked from jchandra74/openssl.MD
HOWTO: Create Your Own Self-Signed Certificate with Subject Alternative Names Using OpenSSL in Ubuntu Bash for Window
View openssl.MD

HOWTO: Create Your Own Self-Signed Certificate with Subject Alternative Names Using OpenSSL in Ubuntu Bash for Window


My main development workstation is a Windows 10 machine, so we'll approach this from that viewpoint.

Recently, Google Chrome started giving me a warning when I open a site that uses https and self-signed certificate on my local development machine due to some SSL certificate issues like the one below:

Self-Signed SSL Issue in Chrome