stokito

DNSSEC Keys and Signing Process Simplified

This article describes what happens when a zone is signed with DNSSEC. This document helps to understand the concept of zone signing and does not detail the actual steps for signing a zone.

stokito

# https://www.cloudflare.com/ips replace the ips-v4 with ips-v6 if needed
# https://blog.cloudflare.com/cloudflare-now-supporting-more-ports/
for ip in `wget -qO- http://www.cloudflare.com/ips-v4`; do
  iptables -I INPUT -p tcp -m multiport --dports 80,443,8080,8443,2052,2053,2082,2083,2086,2087,2095,2096,8880 -s $ip -j ACCEPT
done

stokito

# some more ls aliases
alias ll='ls -alF'
alias la='ls -A'
alias l='ls -CF'
alias dirs="ls -al | grep '^d'"

# Add an "alert" alias for long running commands.  Use like so:
#   sleep 10; alert
alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"'

stokito

#!/bin/sh +ux
# We set the sh +ux flags so that we error on undefined variables and error on bad commands

help() {
  echo >&2 "$0 [-f] [-p] [-q] [<priv_key_file>] [<key_type>] [<key_comment>]"
  echo >&2
  echo >&2 "-q / --quiet to silent all output (except -p if passed)"
  echo >&2 "-p / --pubkey to output public key after generation"
  echo >&2 "-f / --force to force replacing existing key"
  echo >&2

stokito

export function parseDnsApiInfoFile(infoFileText) {
    let infoTexts = infoFileText.split('\n\n')
    let infos = []
    for (let infoText of infoTexts) {
        let info = parseDnsApiInfo(infoText)
        if (info) {
            infos.push(info)
        }
    }
    return infos

stokito

# You can use smaller curve prime256v1
openssl req -x509 -new -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -days 3650 -noenc -keyout example.com.privkey.p8 -out example.com.cer -subj "/CN=example.com" -addext "subjectAltName=DNS:example.com,DNS:*.example.com"

stokito

My laptop batery discharged while I slept and look like my file system was broken. Or maybe I run an update and forgot. Anyway, after reboot I still had a problem: no any website was opening with some weird error that DNS can't be resolved.

And yes, the ping doesn't worked for any domain. Dig was failed too. It turned out that systemd-resolvd DNS daemon didn't started. I checked logs with

journalctl -u systemd-resolved

In logs I found that the resolved fails with an error "cannot allocate memory".and after that the servive crashed.

stokito

For a TurrisOS Omnia see WebDAV with Lighttpd on Turris Omnia. Those instructions are slightly different.

This instruction moved to OpenWrt Wiki WebDAV Share

stokito

https://github.com/youribonnaffe/jsr223-nativeshell https://github.com/thevpc/jshell

https://stackoverflow.com/questions/8140458/bash-script-interpreter-that-runs-in-jvm-jbash https://code.google.com/archive/p/jbash/ https://www.reddit.com/r/java/comments/5ked6p/looking_for_a_java_based_command_line_interpreter/ https://github.com/crashub/bash

https://www.baeldung.com/linux/debug-bash-script https://www.cyberciti.biz/tips/debugging-shell-script.html

stokito

import spock.lang.Specification
import spock.lang.Unroll

/**
A programmer drinks exactly goalPints of beer every evening. 
One evening, the programmer opens his fridge and sees a number of smallBottles of beer (1 pint each) and  a number of bigBottles of beer (3 pints each). 
The programmer needs to decide whether he can pick some bottles and start drinking, or has to run to the store to buy some more bottles. 
The programmer is "greedy" and never consumes a bottle partially. 
Write a Java-method which returns true if it is possible to make the goal by choosing from the given (whole) bottles, or false otherwise. 
Note that it is not necessary to "take" all bottles — some may remain unused.