Skip to content

Instantly share code, notes, and snippets.

View tippexs's full-sized avatar

Timo Stark tippexs

55 followers · 34 following
View GitHub Profile
@tippexs
tippexs / curl.md
Created February 2, 2024 13:20
Random Stuff 
curl -H "X-Padding: $(jot -ns '' -b X 1400)" 'http://localhost:9000/#[0-9]'
@tippexs
tippexs / Readme.md
Last active January 19, 2022 08:26
njs 0.7.0

NGINX JavaScript Module (njs) 0.7.0 just arrived!

I am super excited about this new release! On October 19th 2021 NGINX launched the latest version of NGINX njs 0.7.0.

This represents a significant step forward for njs and introduces highly anticipated features and functionality including support for the ECMAScript6 (ES6) feature async/await and the implementation of the webcrypto API. In this post, we’ll explore these aspects in more detail, starting with async/await and Promises. Once these concepts are understood, we’ll then dig into the webcrypto functionality.

Let’s get started!

JavaScript 101 - Promises

@tippexs
tippexs / nginxdirectives.txt
Created August 3, 2021 11:35
absolute_redirect
accept_mutex
accept_mutex_delay
access_log
access_log
add_after_body
add_before_body
add_header
add_trailer
addition_types
@tippexs
tippexs / README.md
Created March 31, 2021 15:33 — forked from lcrilly/README.md
Adding cookie security with NGINX and NGINX Plus

Cookie Security with NGINX and NGINX Plus

This is a complete demo of 2 different cookie security techniques:

  1. Cookie jar - NGINX Plus stores new cookies in the key-value store and issues the client an opaque reference to access them
  2. Signed cookies - NGINX creates signatures for all new cookies and validates that presented cookies match the signature

Requires NGINX Plus with JavaScript module (njs 0.5.1+)

@tippexs
tippexs / auth_jwe_demo.pl
Created March 4, 2021 10:03
Auth JWE demo
#!/usr/bin/perl
use Crypt::JWT;
use Crypt::Misc;
use Data::Dumper;
$Data::Dumper::Terse = 1;
# specify the key to encrypt payload and produce tag - it should match enc algorithm used
# In our case for a A128CBC-HS256 key we need 256bit base64u encoded key-string.
@tippexs
tippexs / ngx_file_load.t
Created February 9, 2021 19:40
sub copy_file($) {
my ($name) = @_;
my $srcdir;
if (defined $ENV{TEST_NGINX_SRC}) {
$srcdir = $ENV{TEST_NGINX_SRC};
} else {
$srcdir = ".";
}
@tippexs
tippexs / README.md
Created January 14, 2021 09:28 — forked from ogarrett/README.md
NGINX Plus Health Check - mark node as unhealthy if bandwidth utilisation exceeds threshhold

Overview

Requirement is for NGINX Plus to back off and stop sending new connections to an upstream node if the network utilization for that node exceeds a given threshhold.

Strategy

Create a simple HTTP-accessible script that runs on each upstream node. Script returns 200 OK (HTTP status code) if node is not overloaded, and 503 Too Busy if node is overloaded.

@tippexs
tippexs / dummy_digest.js
Last active March 4, 2021 10:05
function auth(r) {
r.subrequest("/auth2", {}, reply => {
var header = reply.headersOut['WWW-Authenticate'];
r.log(header);
var nonce = header.match(/(nonce=")(.*?)(?=")/i);
@tippexs
tippexs / nginx.conf
Created October 14, 2019 06:51
Nginx Config
server {
listen 80;
server_name lev-fos-bayern.de www.lev-fos-bayern.de;
location / {
rewrite ^ https://www.lev-fos-bayern.de$request_uri? permanent;
}
@tippexs
tippexs / nginx.conf
Created September 23, 2019 22:57
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=fcgicache:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
server {
listen 443 ssl http2;
server_name www.lev-fos-bayern.de;
******
gzip on;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css;