matthiassb

#! /bin/bash
### BEGIN INIT INFO
# Provides:          dns-sync
# Required-Start:
# Required-Stop:
# Default-Start:     S
# Default-Stop:
# Short-Description: Synchronizes /etc/resolv.conf in WLS with Windows DNS - Matthias Brooks
### END INIT INFO

ageis

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict

LeCoupa

# Redis Cheatsheet
# All the commands you need to know


redis-server /path/redis.conf  # start redis with the related configuration file
redis-cli                      # opens a redis prompt


# Strings.

fntlnz

Create Root CA (Done once)

Last update: Nov 2025.

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!

openssl ecparam -genkey -name secp384r1 | openssl ec -aes256 -out rootCA.key

onjin

postgres:
  image: postgres:9.4
  volumes:
    - ./init.sql:/docker-entrypoint-initdb.d/init.sql

singingwolfboy

# Want to run your Flask tests with CSRF protections turned on, to make sure
# that CSRF works properly in production as well? Here's an excellent way
# to do it!

# First some imports. I'm assuming you're using Flask-WTF for CSRF protection.
import flask
from flask.testing import FlaskClient as BaseFlaskClient
from flask_wtf.csrf import generate_csrf

# Flask's assumptions about an incoming request don't quite match up with

vasanthk

System Design Cheatsheet

Picking the right architecture = Picking the right battles + Managing trade-offs

Basic Steps

1. Clarify and agree on the scope of the system

• User cases (description of sequences of events that, taken together, lead to a system doing something useful)
  • Who is going to use it?
  • How are they going to use it?

evantoli

Configure Git to use a proxy

In Brief

You may need to configure a proxy server if you're having trouble cloning or fetching from a remote repository or getting an error like unable to access '...' Couldn't resolve host '...'.

Consider something like:

joepie91

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

• A Russian translation of this article can be found here, contributed by Timur Demin.
• A Turkish translation can be found here, contributed by agyild.
• There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

carlbennett

# Fix user and directory permissions:
find . -type f -print0 | sudo xargs -0 chmod 664
find . -type d -print0 | sudo xargs -0 chmod 775

# Copy user permissions to group permissions:
chmod -R g=u .

# Make new files inherit the group of the container directory
chmod g+s <directory>