Keybase proof
I hereby claim:
- I am valeriansaliou on github.
- I am valerian (https://keybase.io/valerian) on keybase.
- I have a public key ASAoeFcGq8cTxJMg6NVKnrqOa8YafbxlxNmDmA00RyqURwo
To claim this, I am signing this object:
#!/bin/bash | |
BACKUP_DATE=$(date +"%Y-%m-%d_%H-%M-%S") | |
AWS_CONTAINER="s3://xxx-backup/xxx_backup" | |
AWS_DESTINATION="$AWS_CONTAINER/$BACKUP_DATE" | |
GPG_RECIPIENT=xxx@xxx.xxx | |
ADMIN_EMAIL=xxx@xxx.xxx |
# jan/13/2020 08:34:56 by RouterOS 6.46.1 | |
# | |
# notes: \ | |
# - wan to orange ont on ether1; \ | |
# - lan to ap/switch on ether2; \ | |
# - ipv4 + ipv6 w/ fw rules; \ | |
# - using routeros dns cache for lan, proxying to the dns servers advertised by orange's dhcpv4 server; \ | |
# - direct plug your computer w/ wireshark to your livebox 4 fiber ethernet port and reboot it, inspect the dhcpv4 packat in wireshark and extract the value of 'authsend'; \ | |
# - the cos tag needs to be set to 6 to be accepted by the ont dhcpv4/v6 server (from default 0), this may not be required depending on your ont, check for the cos flag sent by your livebox 4 when sniffing its traffic | |
# |
** File Read Latency Histogram By Level [default] ** | |
2019/03/31-08:53:54.017088 7fc4977f6700 [WARN] [db/db_impl.cc:669] ------- DUMPING STATS ------- | |
2019/03/31-08:53:54.017165 7fc4977f6700 [WARN] [db/db_impl.cc:670] | |
** DB Stats ** | |
Uptime(secs): 41400.5 total, 600.0 interval | |
Cumulative writes: 17M writes, 17M keys, 17M commit groups, 1.0 writes per commit group, ingest: 13.88 GB, 0.34 MB/s | |
Cumulative WAL: 17M writes, 0 syncs, 17597384.00 writes per sync, written: 13.88 GB, 0.34 MB/s | |
Cumulative stall: 00:00:0.000 H:M:S, 0.0 percent | |
Interval writes: 0 writes, 0 keys, 0 commit groups, 0.0 writes per commit group, ingest: 0.00 MB, 0.00 MB/s | |
Interval WAL: 0 writes, 0 syncs, 0.00 writes per sync, written: 0.00 MB, 0.00 MB/s |
var mongoose = require("mongoose"); | |
var SonicChannelSearch = require("sonic-channel").Search; | |
var MessageModel = mongoose.model("message", new mongoose.Schema({ | |
website_id : String, | |
type : String, | |
content : Object | |
})); | |
var query_count = 0; |
var mongoose = require("mongoose"); | |
var SonicChannelIngest = require("sonic-channel").Ingest; | |
var MessageModel = mongoose.model("message", new mongoose.Schema({ | |
session_id : String, | |
website_id : String, | |
type : String, | |
content : Object | |
})); |
{ | |
"dependencies": { | |
"request-promise": "4.2.2", | |
"request": "2.83.0", | |
"promise-seq": "2.0.1" | |
} | |
} |
# Those rules protect HTTP/HTTPS services for both IPv4 and IPv6 sources as such: | |
# 1. Prevent a /32 IPv4 or /64 IPv6 to open more than 10 HTTPS?/TCP connections per second (the limit is high, but this still shield against some attacks) — DROP TCP packets in this case, to avoid generating egress traffic sending a RST | |
# 2. Limit ingress bandwidth to HTTPS? services to 32KB/sec (adjust to your needs, in my case it is used to shield a WebSocket backend against incoming WebSocket message floods) | |
# 3. Limit the number of simultaneous ongoing connections to HTTPS? to 40 (also, high limit, adjust to your needs) | |
# The protections those rules offer: | |
# 1. Prevent crypto-DOS (ie. a client that proceed too many key exchanges and thus exhaust server CPU) | |
# 2. Prevent WebSocket floodings (eg. I use this for Socket.IO, which has no efficient way to rate-limit received messages before they get parsed) | |
# 3. Prevent ephemeral TCP port exhaustion due to a client holding too many TCP connections | |
# 4. Prevent IPv6 rotation attac |
I hereby claim:
To claim this, I am signing this object:
#!/bin/bash | |
# Cron wrapper, call this directly from your cron. Depends on renew script (letsencrypt_manual_renew.sh). | |
ADMIN_EMAIL=hostmaster@server.tld | |
RENEWLOG=`/srv/data_server/certs/tools/letsencrypt_manual_renew.sh 2>&1` | |
rc=$? | |
if [[ $rc -ne 0 ]]; then |
defaults delete com.apple.dock expose-animation-duration; killall Dock |