Skip to content

Instantly share code, notes, and snippets.

View Yinchie's full-sized avatar
♥️

Yee Chie Yinchie

♥️
View GitHub Profile
@Yinchie
Yinchie / unbound.conf
Last active February 17, 2019 15:06
dnscrypt.nl unbound config
server:
verbosity: 0
use-syslog: no
log-queries: no
log-replies: no
val-log-level: 0
log-servfail: yes
do-daemonize: yes
@Yinchie
Yinchie / dnscrypt-wrapper.sh
Created August 8, 2018 21:01
dnscrypt-wrapper - start new process once new keys are generated.
#! /usr/bin/env bash
KEYS_DIR="/opt/dnscrypt-wrapper/etc/keys"
STKEYS_DIR="${KEYS_DIR}/short-term"
LISTS_DIR="/opt/dnscrypt-wrapper/etc/lists"
BLACKLIST="${LISTS_DIR}/blacklist.txt"
prune() {
/usr/bin/find "$STKEYS_DIR" -type f -cmin +1440 -exec rm -f {} \;
}
@Yinchie
Yinchie / key-rotation.sh
Last active August 14, 2018 11:22
dnscrypt-wrapper - check whether keys needs to be renewed.
#cd /opt/dnscrypt-wrapper/sbin
pids=`ps ax|egrep "dnscrypt-wrapper.*2.dnscrypt-cert.ns0.dnscrypt.nl" | grep -v grep | awk ' { print $1 }'`
echo Starting a new Wrapper
sudo bash /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper.sh
echo Sleeping
sleep 6
echo Killing
if [ "$pids" != "" ]; then
sudo kill -9 $pids
echo Done! Result: $?
@Yinchie
Yinchie / generate-site.sh
Created July 3, 2018 11:56
How I generate my Jekyll based website. Converting and compressing images and static files to WebP and Brotli after building the site.
#!/bin/bash
cd /home/ghost/WWW-ITCHY
echo "===== Checking for updates ====="
bundle update
echo "===== Build the website ====="
bundle exec jekyll build
# Does not work for directories that has a space in it.
@Yinchie
Yinchie / nginx_libressl.sh
Created July 1, 2018 10:57 — forked from nshtg/nginx_libressl.sh
Build nginx statically against modern OpenSSL/LibreSSL
#!/usr/bin/env bash
set -e
# names of latest versions of each package
export NGINX_VERSION=1.13.5
export VERSION_ZLIB=zlib-1.2.11
export VERSION_PCRE=pcre-8.41
export VERSION_LIBRESSL=libressl-2.6.1
export VERSION_NGINX=nginx-$NGINX_VERSION
@Yinchie
Yinchie / HowToOTGFast.md
Created May 9, 2017 09:52 — forked from gbaman/HowToOTGFast.md
Simple guide for setting up OTG modes on the Raspberry Pi Zero, the fast way!

###Setting up Pi Zero OTG - The quick way (No USB keyboard, mouse, HDMI monitor needed)
More details - http://blog.gbaman.info/?p=791

For this method, alongside your Pi Zero, MicroUSB cable and MicroSD card, only an additional computer is required, which can be running Windows (with Bonjour, iTunes or Quicktime installed), Mac OS or Linux (with Avahi Daemon installed, for example Ubuntu has it built in).
1. Flash Raspbian Jessie full or Raspbian Jessie Lite onto the SD card.
2. Once Raspbian is flashed, open up the boot partition (in Windows Explorer, Finder etc) and add to the bottom of the config.txt file dtoverlay=dwc2 on a new line, then save the file.
3. If using a recent release of Jessie (Dec 2016 onwards), then create a new file simply called ssh in the SD card as well. By default SSH is

@Yinchie
Yinchie / nginx.conf
Last active February 17, 2017 22:48
Server block for my Jekyll generated website.
# main server
server {
listen 443 default_server fastopen=256 ssl http2;
listen [::]:443 fastopen=256 ssl http2 ipv6only=on;
server_name itchy.nl www.itchy.nl;
charset utf-8;
# Modify certain headers for security.
more_set_headers "Server: itchy.nl";
more_set_headers "X-Server-Admin: Yee Chie Tu";
@Yinchie
Yinchie / nginx.conf
Last active January 6, 2017 22:43
nginx.conf (gist colors) = www.itchy.nl.conf - my optimized Nginx configuration for ghost blog
# main server
server {
listen 443 default_server fastopen=256 ssl http2;
listen [::]:443 fastopen=256 ssl http2 ipv6only=on;
charset utf-8;
server_name www.itchy.nl;
include /etc/nginx/includes/tls.conf;
# modify versions being displayed in http header.
more_set_headers "Server: www.itchy.nl";
@Yinchie
Yinchie / security_cors.conf
Created December 31, 2016 11:26
My Ghost blog, NGiNX CORS config.
if ($request_method = "OPTIONS") {
more_set_headers "Access-Control-Allow-Origin: www.itchy.nl";
more_set_headers "Access-Control-Allow-Methods: GET, POST, OPTIONS";
more_set_headers "Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type";
more_set_headers "Access-Control-Max-Age: 1728000";
more_set_headers "Content-Type: text/plain charset=UTF-8";
more_set_headers "Content-Length: 0";
return 204;
}
@Yinchie
Yinchie / build-nginx.sh
Last active November 3, 2021 10:55 — forked from Belphemur/build_nginx.sh
Compiling NGiNX with OpenSSL TLS1.3, Brotli, more_headers, NAXSI - Ubuntu 20.04.1 x64
#!/usr/bin/env bash
# Run as root or with sudo
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root or with sudo."
exit 1
fi
# Make script exit if a simple command fails and
# Make script print commands being executed
set -e -x