Skip to content

Instantly share code, notes, and snippets.

View gslav's full-sized avatar

gslav

0 followers · 1 following
View GitHub Profile
@joshuaboniface
joshuaboniface / steam-headless-systemd.md
Last active February 22, 2025 18:24
Running Steam headless under Systemd

Initial setup guide:

https://steamcommunity.com/sharedfiles/filedetails/?id=680514371

Follow this first to get the basic manual session working.

I decided to take it one step further, and execute the whole thing from Systemd automatically on my server. This did require a bit of tweaking.

NOTE: In my usage, I named the user steam (not steamuser), it's in the group users, and its home directory is /var/home/steam; adjust any paths, etc. below to suit your actual details.

@zenofile
zenofile / systemd_service_hardening.md
Created May 14, 2021 21:32 — forked from ageis/systemd_service_hardening.md
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@zenofile
zenofile / wg-netns
Last active May 3, 2024 16:55
wg-quick like script with namespace support
#!/usr/bin/bash
# configuration matches the wg-quick specifications
# manual invocation:
# $ sudo wg-netns vpn-1
# via systemd:
# $ sudo systemctl start [email protected]
# examples:
@stvhay
stvhay / wg-setup-namespace.md
Last active December 4, 2022 07:09
Set up wireguard with a network namespace such that you can specify what processes tunnel.

Synology/wg

To avoid some bugs in wg-quick and/or iptables on my Synology:

  1. I set up the wireguard device manually.
  2. I used network namespaces to create an explicit tunnel namespace. I then specified DNS for this namespace only.

Credit where credit is due. I got this idea from the Wireguard website. https://www.wireguard.com/netns/#the-new-namespace-solution

@jigpu
jigpu / crypt-squashfs.sh
Created October 29, 2019 18:03
LUKS encrypt a squashfs disk image
#!/bin/sh
# https://martin.elwin.com/blog/2008/05/backups-with-squashfs-and-luks/
set -e
SQUASHFS_IMG="$1"
LUKS_IMG="$2"
CRYPTNAME=mkcrypt-$RANDOM
CRYPTDEV="/dev/mapper/$CRYPTNAME"
@andersevenrud
andersevenrud / alacritty-tmux-vim_truecolor.md
Last active April 23, 2025 08:47
True Color (24-bit) and italics with alacritty + tmux + vim (neovim)

True Color (24-bit) and italics with alacritty + tmux + vim (neovim)

This should make True Color (24-bit) and italics work in your tmux session and vim/neovim when using Alacritty (and should be compatible with any other terminal emulator, including Kitty).

Testing colors

Running this script should look the same in tmux as without.

curl -s https://gist.githubusercontent.com/lifepillar/09a44b8cf0f9397465614e622979107f/raw/24-bit-color.sh >24-bit-color.sh
@fevangelou
fevangelou / install_sis_graphics_on_linux.sh
Last active April 28, 2025 07:24
Bash script to install SiS Mirage 3+ graphics drivers on Linux
#!/bin/bash
# Bash script to install SiS Mirage 3+ graphics drivers on Linux
# Supports 671/672MX graphics cards
#
# Created in March 2019
#
# Tested on:
# - Lubuntu 18.04 (32-bit) with X.Org v1.19
# - Xubuntu 18.04 (64-bit) with X.Org v1.20
@gea0
gea0 / arch-rpi-64-full-disk-encryption-ssh-unlock.md
Last active March 24, 2024 14:36
Tutorial for installing a 64-bit Arch Linux ARM system on the Raspberry Pi 3B+, with an encrypted root filesystem, and the option to remotely unlock it via a pre-boot SSH daemon.

Arch Linux ARM 64 on Raspberry Pi 3 B+ With Full Disk Encryption And SSH Unlock: 2018 Edition

There are multiple ways to get a full disk encrypted arch linux system on raspberry. In this tutorial, we will install a 64-bit arch linux armv8 system, using dropbear as ssh server for remote pre-boot unlocking of the root filesystem. However, it will still be possible to unlock and use the pi as usual, with a keyboard and monitor. We will also create an unencrypted partition in the installation process, usable as a rescue system.

Differences to the 32-bit arch linux arm version:

  • probably better performance
  • can run 64-bit software
  • comes without the proprietary video-driver blobs
@dmnsgn
dmnsgn / WebGL-WebGPU-frameworks-libraries.md
Last active May 3, 2025 05:43
A collection of WebGL and WebGPU frameworks and libraries

A non-exhaustive list of WebGL and WebGPU frameworks and libraries. It is mostly for learning purposes as some of the libraries listed are wip/outdated/not maintained anymore.

Engines and libraries ⚙️

Name Stars Last Commit Description
three.js ![GitHub
@austinjp
austinjp / Wordpress-inside-LXC.md
Last active December 7, 2024 18:37
An *unprivileged* LXC container dedicated to running Wordpress

What and why

Create an unprivileged Linux container (LXC) dedicated to running Wordpress websites.

If you install Wordpress regularly on Linux you can instead simply clone this container.

The Wordpress installation is nothing fancy. It's not multi-site, it's not SSL enabled by default, or anything like that. Just a plain bog-standard Wordpress installation serving a single domain.

Warning!