Skip to content

Instantly share code, notes, and snippets.

View tsungtwu's full-sized avatar

Tsung Wu tsungtwu

7 followers · 16 following
View GitHub Profile
@tsungtwu
tsungtwu / nginxproxy.md
Created December 9, 2017 16:27 — forked from soheilhy/nginxproxy.md
How to proxy web apps using nginx?

Virtual Hosts on nginx (CSC309)

When hosting our web applications, we often have one public IP address (i.e., an IP address visible to the outside world) using which we want to host multiple web apps. For example, one may wants to host three different web apps respectively for example1.com, example2.com, and example1.com/images on the same machine using a single IP address.

How can we do that? Well, the good news is Internet browsers

@tsungtwu
tsungtwu / angularjs-providers-explained.md
Created May 1, 2018 16:53 — forked from demisx/angularjs-providers-explained.md
AngularJS Providers: Constant/Value/Service/Factory/Decorator/Provider
Provider Singleton Instantiable Configurable
Constant Yes No No
Value Yes No No
Service Yes No No
Factory Yes Yes No
Decorator Yes No? No
Provider Yes Yes Yes

Constant

@tsungtwu
tsungtwu / docker.yml
Created September 13, 2018 08:38 — forked from rbq/docker.yaml
Install Docker CE on Ubuntu using Ansible
---
- hosts: all
tasks:
- name: Install prerequisites
apt: name={{item}} update_cache=yes
with_items:
- apt-transport-https
- ca-certificates
- curl
- software-properties-common
@tsungtwu
tsungtwu / yara_performance_guidelines.md
Created October 3, 2018 07:51 — forked from Neo23x0/yara_performance_guidelines.md
YARA Performance Guidelines

YARA Performance Guidelines

When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them. This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.

  • Revision 1.1, February 2016, applies to all YARA version 3.3+

Global Rules

Global rules are evaluated first. Only if they are satisfied non-global rules are evaluated. This may be useful if all samples exhibit the same characteristics. Use them combined with the "private" statement to suppress a match notification on the global rules.

@tsungtwu
tsungtwu / Ubuntu1604py36Dockerfile
Created December 18, 2018 06:52 — forked from monkut/Ubuntu1604py36Dockerfile
Base Docker image for ubuntu-16.04 & Python3.6
# docker build -t ubuntu1604py36
FROM ubuntu:16.04
RUN apt-get update
RUN apt-get install -y software-properties-common vim
RUN add-apt-repository ppa:jonathonf/python-3.6
RUN apt-get update
RUN apt-get install -y build-essential python3.6 python3.6-dev python3-pip python3.6-venv
RUN apt-get install -y git
@tsungtwu
tsungtwu / scroll.py
Created January 31, 2019 07:11 — forked from hmldd/scroll.py
Example of Elasticsearch scrolling using Python client
# coding:utf-8
from elasticsearch import Elasticsearch
import json
# Define config
host = "127.0.0.1"
port = 9200
timeout = 1000
index = "index"
@tsungtwu
tsungtwu / gist:682cc2072a821aedf841538d3b47f0ca
Created May 24, 2019 06:13 — forked from yurishkuro/gist:10cb2dc42f42a007a8ce0e055ed0d171
etcd vs consul vs ???
  • What do Etcd, Consul, and Zookeeper do?
    • Service Registration:
      • Host, port number, and sometimes authentication credentials, protocols, versions numbers, and/or environment details.
    • Service Discovery:
      • Ability for client application to query the central registry to learn of service location.
    • Consistent and durable general-purpose K/V store across distributed system.
      • Some solutions support this better than others.
      • Based on Paxos or some derivative (i.e. Raft) algorithm to quickly converge to a consistent state.
  • Centralized locking can be based on this K/V store.
@tsungtwu
tsungtwu / node_exporter-as-systemd-service.md
Created October 25, 2019 04:34 — forked from jarek-przygodzki/node_exporter-as-systemd-service.md
Installing node_exporter as systemd serivice 
sudo useradd --no-create-home --shell /bin/false node_exporter

curl -fsSL https://github.com/prometheus/node_exporter/releases/download/v0.17.0/node_exporter-0.17.0.linux-amd64.tar.gz \
  | sudo tar -zxvf - -C /usr/local/bin --strip-components=1 node_exporter-0.17.0.linux-amd64/node_exporter \
  && sudo chown node_exporter:node_exporter /usr/local/bin/node_exporter
@tsungtwu
tsungtwu / nginx_reverse_proxy.md
Created November 27, 2019 04:51 — forked from KavenTheriault/nginx_reverse_proxy.md
Configure Nginx Reverse Proxy as failover

Configure Nginx Reverse Proxy as failover

In this exemple of configuration, if the first server fail (proxy_connect_timeout) one time (max_fails), the second server will be used for 60s (fail_timeout).

The SSL certificate need to be configure on the ReverseProxy server AND the proxyied servers. You can use the same certificate and configurations on all servers.

To test the configuration you can change your host file to simulate the correct domain name.

Use the following tool to configure SSL with optimal configuration.

@tsungtwu
tsungtwu / nginx_secure_url.go
Created December 11, 2019 09:22 — forked from chocolatkey/nginx_secure_url.go
Generate signed URIs for a client to access links secured with ngx_http_secure_link_module
/**
Example of how to configure Nginx for signed urls. Make sure to replace YOUR_URL_SECRET_KEY_HERE with your url signing key
location /secrets/ {
# Headers for debugging
add_header X-Secure-Uri "$uri";
add_header X-Secure-Ip "$remote_addr";
add_header X-Secure-Expires "$arg_expires";