-
namespaces - overview of Linux namespaces http://man7.org/linux/man-pages/man7/namespaces.7.html
-
mount_namespaces - overview of Linux mount namespaces
jadkik
/ validate-nginx-config.sh
Created
August 24, 2017 07:06
Used to validate nginx templated config files before actually using them. For use with Ansible.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Example usage from an Ansible playbook: | |
| # - name: Copy the nginx validate script | |
| # copy: src=validate-nginx-config.sh dest=/opt/validate-nginx-config.sh mode=0744 | |
| # | |
| # - name: Update main nginx config file | |
| # template: | |
| # src: nginx.conf.j2 | |
| # dest: /etc/nginx/nginx.conf |
squito
/ _summary.md
Last active
February 5, 2020 14:15
spark sql timestamp semantics, and how they changed from 2.0.0 to 2.0.1 (see query_output_2_0_0.txt vs query_output_2_0_1.txt) changed by SPARK-16216
leanderjanssen
/ registry-minio.md
Last active
February 11, 2025 14:12
Docker Registry with Minio storage example
docker run -d -p 9000:9000 --name minio minio/minio server /export
docker logs minio
ageis
/ systemd_service_hardening.md
Last active
December 19, 2025 07:46
Options for hardening systemd service units
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Suspend process: | |
| Ctrl + z | |
| # Move process to foreground: | |
| fg | |
| # Generate random hex number where n is number of characters: | |
| openssl rand -hex n | |
| # Execute commands from a file in the current shell: |
In the following example, sddm will be used as a display manager. The process is however similar for other display managers in nixpkgs and a summary that applies to all nixpkgs display managers is given at the end.
-
Systemd unit "display-manager.service" starts
services.x11.displayManager.job.execCmd(the display manager)Code reference:
<nixpkgs>/nixos/modules/services/x11/xserver.nix -
services.x11.displayManager.job.execCmdis set to the path of thesddmbinary from thesddmpackage in the nix store. So SDDM will start and read its configuration from/etc/sddm.conf.
With autofs you can easily mount network volumes upon first access to the folder where you want to mount the volume. Autofs is available for many OS and is preinstalled on Mac OS X so I show you how I mounted my iTunes library folder using this method.
autofs needs to be configured so that it knows where to gets its configuration. Edit the file /etc/auto_master and add the last line:
#
# Automounter master map
#
+auto_master # Use directory service
thde
/ alpine-install.sh
Last active
July 26, 2025 21:42
A script to install alpine linux on a dedicated server. Tested on Hetzner, Kimsufi / OVH
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -ex | |
| PATH=/bin:/sbin:/usr/bin:/usr/sbin | |
| KEYMAP="us us" | |
| HOST=alpine | |
| USER=anon | |
| ROOT_FS=ext4 | |
| BOOT_FS=ext4 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| #IP addrees this VM will have | |
| IP = "192.168.50.4" | |
| # script that updates the system, downloads all prerequisities, installs docker, | |
| # zookeeper, marathon, clones actual mesos branch and compiles it. | |
| $setup = <<SCRIPT |