Skip to content

Instantly share code, notes, and snippets.

View drconopoima's full-sized avatar

Luis Jesús Díaz drconopoima

View GitHub Profile
@drconopoima
drconopoima / signing-vbox-kernel-modules.md
Created October 25, 2023 21:50 — forked from reillysiemens/signing-vbox-kernel-modules.md
Signing VirtualBox Kernel Modules

Signing VirtualBox Kernel Modules

These are the steps I followed enable VirtualBox on my laptop without disabling UEFI Secure Boot. They're nearly identical to the process described on [Øyvind Stegard's blog][blog], save for a few key details. The images here are borrowed from the [Systemtap UEFI Secure Boot Wiki][systemtap].

  1. Install the VirtualBox package (this might be different for your platform).
    src='https://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo'
@drconopoima
drconopoima / Arch Secure Laptop Install.md
Created April 30, 2023 19:09 — forked from Th3Whit3Wolf/Arch Secure Laptop Install.md
My install instruction for a secure Arch Linux (sway) laptop workstation

What's Cool

  • Encrypted root partition
    • AES-256 bit cipher
    • Argon2id variant for PBKDF
    • Sha3-512 bit hash
  • rEFInd bootloader
    • With dreary theme
    • Optimal Settings (optimized for aesthetics, and boot time)
  • Boot into backups thanks to refind-btrfs
#!/usr/bin/env bash
wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && ./bbr.sh
## Add sysctl config
echo 'fs.file-max = 51200
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.core.netdev_max_backlog = 250000
@drconopoima
drconopoima / corefonts.sha512
Created April 24, 2023 22:04
fetchmsttfonts
7099c389126d2af146ff082a840c77787f28e59cc8b5fd4147b9a45a34c649bc69ba6ec7c338703950389fce3ac3a7f118f503b7434c7ceb54c89d6210508bd4 *andale32.exe
299cb200f72f146fedfb2bb1895c36f5234aa5abd084e7c962ec7b14f087c1f582b51f5fdcb72e48b806ee02661c34766ca8a03bb0f2fadf662aaf46cc5f0e48 *arial32.exe
8a947764f2c725f2c506c12ca6f77142402174a0fadeeb72b211931136d82b541bb279b415d74032bc51b00efac9516e5cf68d8d4f172ff8549398ca28722c3a *arialb32.exe
6ad11015d568d58f6e4375e04411dd702b5c4e454b82998b5044cd8352dae27fea1df6469a05067ccc8c14f4ba87ec99e8329c104551dde1eb48be8ce2b78708 *comic32.exe
7e2425d578dd626cc2b418efec72c53e35392c60610cf5e4a99c614fa86cb673167fbcc1691fe59b99bcd19e8f261321be9ea7e30fb84c80ce0a312fd47045c5 *courie32.exe
33e623179af8a418845fed64f7b176a1e721ee4e0ece29d3135d01b81be4238454dd4eb3d2166e8587bb7cced0c258a294eb55e637855f818deb28853f006ef4 *georgi32.exe
6f9318806efbd3b3727e71170cc3ab378d6151887abcb7fad01bd4cb45c2e127f8aea81a3a99bc77c2ce2424fb1acbc230ffc6c23e390c8800710b45b1367c3b *impact32.exe
6035b971290cd0795389c2e8a
@drconopoima
drconopoima / pyenv-common-build-problems-useful.md
Last active October 25, 2024 07:57
Pyenv Wiki Common Build Problems when it was useful

Prerequisites

Make sure to follow this guidance for your platform before any troubleshooting.

  • Ubuntu/Debian:
sudo apt-get install -y build-essential libssl-dev zlib1g-dev libbz2-dev \
libreadline-dev libsqlite3-dev wget curl llvm libncurses5-dev libncursesw5-dev \
xz-utils tk-dev libffi-dev liblzma-dev python3-openssl git cmake
@drconopoima
drconopoima / bashrc
Last active April 10, 2023 21:24
basrc color prompt chroot extract
#!/usr/bin/env bash
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
case $- in
*i*) ;;
*) return;;
esac
fs.file-max = 9223372036854775807
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 128
fs.inotify.max_user_watches = 524288
fs.protected_fifos = 1
fs.protected_hardlinks = 1
fs.protected_regular = 1
fs.protected_symlinks = 1
fs.suid_dumpable = 2
fs.xfs.xfssyncd_centisecs = 3000
fs.file-max = 9223372036854775807
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 8192
fs.inotify.max_user_watches = 195047
fs.protected_fifos = 2
fs.protected_hardlinks = 1
fs.protected_regular = 2
fs.protected_symlinks = 1
fs.suid_dumpable = 2
fs.xfs.xfssyncd_centisecs = 3000
fs.file-max = 2097152
fs.inotify.max_user_watches = 524288
fs.xfs.xfssyncd_centisecs = 10000
kernel.core_pattern = /dev/null
kernel.dmesg_restrict = 1
kernel.kexec_load_disabled = 1
kernel.kptr_restrict = 2
kernel.nmi_watchdog = 0
kernel.printk = 3 3 3 3
kernel.sched_pelt_multiplier = 2

Mounting storage

fork of mounting-storage.md

Container Linux Configs can be used to format and attach additional filesystems to Container Linux nodes, whether such storage is provided by an underlying cloud platform, physical disk, SAN, or NAS system. This is done by specifying how partitions should be mounted in the config, and then using a systemd mount unit to mount the partition. By systemd convention, mount unit names derive from the target mount point, with interior slashes replaced by dashes, and the .mount extension appended. A unit mounting onto /var/www is thus named var-www.mount.

Mount units name the source filesystem and target mount point, and optionally the filesystem type. Systemd mounts filesystems defined in such units at boot time. The following example formats an EC2 ephemeral disk and then