Skip to content

Instantly share code, notes, and snippets.

View fcoury's full-sized avatar

Felipe Coury fcoury

176 followers · 54 following
View GitHub Profile
@fcoury
fcoury / gist:8611534
Created January 25, 2014 03:46 — forked from garethrees/gist:5591027
- name: Group by Distribution
hosts: all
tasks:
- group_by: key=${ansible_distribution}
- name: Set Time Zone
hosts: Ubuntu
gather_facts: False
tasks:
- name: Set timezone variables
@fcoury
fcoury / rails_json_session.rb
Created November 25, 2013 04:38 — forked from mattetti/rails_json_session.rb
# Hack to change the Rails cookie serializer from Marshal to JSON and therefore allow the session
# to be shared between different languages but also avoid that someone knowing the
# cookie secret key could execute arbitrary code on the server by unmarshalling
# modified Ruby code added to the session/permanent cookie.
#
# Note that all users will beed to login again since both the remember me cookie and the session cookies
# won't be valid. Note also that the remember me cookie is tested multiple times per request even when it fails.
# for performance reasons you might want to delete it if these extra cycles are too costly for you.
#
# Rails 4 (not tested on Rails 3).
@fcoury
fcoury / puma.rb
Created October 17, 2013 23:04 — forked from catsby/puma.rb
preload_app!
min_threads = Integer(ENV['MIN_THREADS'] || 0)
max_threads = Integer(ENV['MAX_THREADS'] || 5)
threads min_threads, max_threads
workers Integer(ENV['WORKER_COUNT'] || 3 )
on_worker_boot do
ActiveSupport.on_load(:active_record) do
@fcoury
fcoury / build_frontend.sh
Created October 9, 2013 16:02 — forked from xaviershay/build_frontend.sh
#!/bin/bash
set -exo pipefail
BUILD_ENV=$1
if [ `uname` == 'Darwin' ]; then
OSX=1
JSCOMPRESSOR="yuicompressor --type js"
else
OSX=
@fcoury
fcoury / how-to-set-up-stress-free-ssl-on-os-x.md
Created August 6, 2013 05:34 — forked from jed/how-to-set-up-stress-free-ssl-on-os-x.md

How to set up stress-free SSL on an OS X development machine

One of the best ways to reduce complexity (read: stress) in web development is to minimize the differences between your development and production environments. After being frustrated by attempts to unify the approach to SSL on my local machine and in production, I searched for a workflow that would make the protocol invisible to me between all environments.

Most workflows make the following compromises:

  • Use HTTPS in production but HTTP locally. This is annoying because it makes the environments inconsistent, and the protocol choices leak up into the stack. For example, your web application needs to understand the underlying protocol when using the secure flag for cookies. If you don't get this right, your HTTP development server won't be able to read the cookies it writes, or worse, your HTTPS production server could pass sensitive cookies over an insecure connection.

  • Use production SSL certificates locally. This is annoying

@fcoury
fcoury / batsignal.sh
Created March 25, 2013 16:44 — forked from srcoley/batsignal.sh
#!/usr/bin/bash
# Author: Stephen Coley @coleydotco
#
# This script automates a Github deploy.
# I use it with Alfred to deploy http://coley.co.
#
# Change the stuff surrounded in [..]
#
# You must run git pull in the terminal and
# copy the line that asks you for your password.
@fcoury
fcoury / ubuntu-configure-sendmail-with-gmail
Created March 22, 2013 02:57 — forked from sshtmc/ubuntu-configure-sendmail-with-gmail
#!/bin/bash
HOST=$(hostname)
function install_postfix() {
echo | sudo debconf-set-selections <<__EOF
postfix postfix/root_address string
postfix postfix/rfc1035_violation boolean false
postfix postfix/mydomain_warning boolean
postfix postfix/mynetworks string 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
@fcoury
fcoury / gist:4664567
Created January 29, 2013 14:19 — forked from parndt/gist:4660837
# config/initializers/devise_patch.rb
require 'devise/version'
if !defined?(Devise::VERSION) || (Devise::VERSION < "1.4.0" && %w[1.2 1.3].all? {|v| !Devise::VERSION.start_with?(v)})
raise "I don't know how to patch your devise version. See http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/"
end
if Devise::VERSION < "1.5.0"
warn "Patching devise #{Devise::VERSION} with < 1.5.0 patch"
Devise::Models::Authenticatable::ClassMethods.class_eval do
def auth_param_requires_string_conversion?(value); true; end
@fcoury
fcoury / rails_jsonq.rb
Created January 10, 2013 16:33 — forked from postmodern/rails_jsonq.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Unsafe Query Generation (CVE-2013-0155)
#
# ## Advisory
#
# https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/t1WFuuQyavI
#
# ## Synopsis
#
@fcoury
fcoury / rails_dos.rb
Created January 10, 2013 16:31 — forked from postmodern/rails_dos.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails DoS (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Synopsis
#