Jaeyson Anthony Y. ⚗️ jaeyson

Process multiple Git repos from top-level script (pull_push_all.sh).

The pull_push_all.sh will perform git pull & push only on main/master branch. And will list any untracked files. Last but not least, the script will give a warning when the current checked-out branch is NOT main or master. That project will be skipped in this case.

The goal of this script is to sync your Git projects with the remote Git server, especially once you got a lot of Git projects.

NOTE 1: This script will NEVER automatically commit changes.

NOTE 2: Processing each repo will take less than 1 second. Efficiently: O(n)

Fail2ban configs, your main configuration file that you should create and use is called jail.local within your /etc/fail2ban directory. We do use ipset (iptables-ipset-proto6-allports) instead of iptable for better performance.
We also use custom Fail2ban filters (should be put inside the filter.d folder), see examples below...

Custom Action per Jail

Moreover, you can configure another action for each jail separately, like: action = %(action_)s, which will stop sending emails to you.

Also add abuseipdb action per Jail

You can also set the abuseipdb[abuseipdb_apikey=.., abuseipdb_category=...] action for each jail, which is actually advised to report better stats to the abuse ip DB (assuming you report the correct category IDs, comma separated)!

An example of my Postfix setup under Ubuntu 22.04 server. Allowing you to sent mails from various services, cronjobs and sendmail via Postfix.

I'm using Postfix as a relay to sent mails via Gmail SMTP.

Below you can find a diff (== MOST IMPORTANT) changes of the main.cf configuration file for Postfix, located at: /etc/postfix directory.
Ps. ubuntu-server is the hostname.

SASL Authenication

Next to the main.cf file, you need to add a sasl paswd file, see Gmail example below as well. I personally store the sasl_passwd file in a new sasl directory. Do NOT forget to run: sudo postmap /etc/postfix/sasl/sasl_passwd. On your sasl_passwd file, so the content will get hashed (*.db file). Ideally, remove the un-hashed file now.

UNIX/Linux operating systems have the ability to limit the amount of various system resources available to a user process. These limitations include how many files a process can have open, how large of a file the user can create, and how much memory can be used by the different components of the process. The ulimit command can help to discover the current settings.

And to make permanent changes you can edit the /etc/security/limits.conf file, see below. In this example we increase the MariaDB (mysql user) as well as the Nginx (www-data user). This will resolve issues under Linux like "Too many open files", nofile stands for number of open files.

You need to change ulimit (in this gist) for the www-data user, else you can't just increase worker_rlimit_nofile. Enabled HTTP2 as well as QUIC.

etc/security/limits.conf: OS resource limit settings.
location /etc/nginx
snippets in /etc/nginx/snippets.
ssl-options.conf: can also be included in server blocks running TLS.
nginx.conf: root config file
security.conf: contains security-specific config which can be added in server blocks
quic.conf
default: default fallback config.

description

Generate a problem-focused summary of the current implementation work

argument-hint

optional_plan_reference

allowed-tools

Read(./**), Write(./.strategic-claude-basic/summary/**), Bash(git:*, date:*, grep:*), Glob

model

claude-opus-4-1

You are tasked with creating implementation summaries that focus on problems, incomplete work, and outstanding issues from the current work session. You should be problem-focused, session-scoped, and work only with uncommitted changes and current context.

Plan reference (optional): $1

	server:
	# Increase number of threads
	num-threads: 4

	# Enable PID file
	pidfile: /var/run/unbound.pid


	# Increase privacy
	hide-identity: yes

	# mariadb.conf.d/50-server.cnf
	#
	# mariadb.com/kb/en/query-cache/, set `innodb_io_capacity` to high value and you might flush cache quick.
	# Whereas on MySQL this is a bit diff, also its configs are going weird.

	[server]
	skip_name_resolve = 1
	innodb_buffer_pool_size = 8G
	innodb_flush_log_at_trx_commit = 2
	innodb_log_file_size = 2G

	# etc/postgresql/14/main/postgresql.conf

	# Increase max connections
	max_connections = 300

	# Increase shared buffers
	shared_buffers = 8GB
	# Enable huge pages (Be sure to check the note down below in order to enable huge pages!)
	# This will fail if you didn't configure huge pages under Linux (if you do NOT want to use huge pages, set it to: try instead of: on)
	huge_pages = on

	{
	"dns": ["192.168.1.20", "1.0.0.1", "1.1.1.1"]
	}