- Miri
- Test for error conditions
- Async/sync chaos Turmoil / shuttle
- Value checks: quickcheck / proptest
- Logic chaos: cargo-mutants
Jaeyson Anthony Y. ⚗️ jaeyson
🎯
jaeyson
/ towards_impeccable_rust.md
Created
October 12, 2025 14:56
— forked from bsodmike/towards_impeccable_rust.md
Towards Impeccable Rust by Jon Gjengset, session at Rust Nation UK (27th March 2024)
Redis/Valkey changes, difference from the default Redis configuration.
If no max. is set, Redis/Valkey can use all the RAM. We want to avoid this and limit the RAM usage of the Redis server. If you want to limit the Redis process and to what extend, that is up to you. Don't forget to change the max memory policy (the default policy is not what you want). More info: https://valkey.io/topics/lru-cache/
I also bind only to IPv4. And created a valkey socket file with 777 permissions. And use io-threads (default is also 4 in Valkey).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # conf.d/20-mysqli.ini | |
| extension=mysqli.so | |
| [mysql] | |
| mysql.allow_local_infile=On | |
| mysql.allow_persistent=On | |
| mysql.cache_size=2000 | |
| mysql.max_persistent=-1 | |
| mysql.max_links=-1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # etc/sysctl.d/99-sysctl.conf | |
| # This control is used to define how aggressive the kernel will swap memory pages. | |
| # We will lower the number to decrease the amount of swap. | |
| vm.swappiness = 10 | |
| # This variable controls the tendency of the kernel to reclaim the memory which is used for caching of directory and inode objects. | |
| vm.vfs_cache_pressure = 200 | |
| # This value in 100'ths of a second define when dirty data is old enough to e eligible for writeout by the kernel flush threads. | |
| vm.dirty_expire_centisecs = 500 |
Getting your custom font (once uploaded to the MapBox Studio interface), by downloading the actual pbf files. You need to fill-in your font name, username and the access token, see: https://www.mapbox.com/account/.
In this Nginx configuration Lumen is actually installed within /home/mydomainfolder/html/admin/api/, so this is the root folder of Lumen installation. The public folder within this api directory is created by Lumen.
Replace <your_domain> with your actual domainname in Nginx (or use localhost for development).
Change /var/www/mydomainfolder/html to your actual website location on disk.
Change /var/run/php-fpm/php-fpm.sock to the correct PHP fpm socket file (eg. it could also be /var/run/php/php7.3-fpm.sock for example)
jaeyson
/ daemon.json
Created
October 7, 2025 04:38
Example of changing DNS of Docker (using daemon.json). Place new file, called daemon.json in /etc/docker
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "dns": ["192.168.1.20", "1.0.0.1", "1.1.1.1"] | |
| } |
Process multiple Git repos from top-level script (pull_push_all.sh).
The pull_push_all.sh will perform git pull & push only on main/master branch. And will list any untracked files. Last but not least, the script will give a warning when the current checked-out branch is NOT main or master. That project will be skipped in this case.
The goal of this script is to sync your Git projects with the remote Git server, especially once you got a lot of Git projects.
NOTE 1: This script will NEVER automatically commit changes.
NOTE 2: Processing each repo will take less than 1 second. Efficiently: O(n)
Fail2ban configs, your main configuration file that you should create and use is called jail.local within your /etc/fail2ban directory. We do use ipset (iptables-ipset-proto6-allports) instead of iptable for better performance.
We also use custom Fail2ban filters (should be put inside the filter.d folder), see examples below...
Moreover, you can configure another action for each jail separately, like: action = %(action_)s, which will stop sending emails to you.
You can also set the abuseipdb[abuseipdb_apikey=.., abuseipdb_category=...] action for each jail, which is actually advised to report better stats to the abuse ip DB (assuming you report the correct category IDs, comma separated)!
An example of my Postfix setup under Ubuntu 22.04 server. Allowing you to sent mails from various services, cronjobs and sendmail via Postfix.
I'm using Postfix as a relay to sent mails via Gmail SMTP.
Below you can find a diff (== MOST IMPORTANT) changes of the main.cf configuration file for Postfix, located at: /etc/postfix directory.
Ps. ubuntu-server is the hostname.
Next to the main.cf file, you need to add a sasl paswd file, see Gmail example below as well. I personally store the sasl_passwd file in a new sasl directory. Do NOT forget to run: sudo postmap /etc/postfix/sasl/sasl_passwd. On your sasl_passwd file, so the content will get hashed (*.db file). Ideally, remove the un-hashed file now.
NewerOlder